From 0ad762641070c2a7325c959eb63f1a7d72a5dc30 Mon Sep 17 00:00:00 2001
From: sdolgin <sdolgin@users.noreply.github.com>
Date: Wed, 15 Nov 2023 02:14:38 +0000
Subject: [PATCH] [create-pull-request] automated change

---
 checklists/azurespringapps_checklist.en.json  |  169 +-
 checklists/azurespringapps_checklist.es.json  |  150 ++
 checklists/azurespringapps_checklist.ja.json  |  150 ++
 checklists/azurespringapps_checklist.ko.json  |  150 ++
 checklists/azurespringapps_checklist.pt.json  |  150 ++
 checklists/checklist.en.master.json           | 2294 +++++++++--------
 .../azurespringapps_checklist.en.xlsx         |  Bin 0 -> 19803 bytes
 .../azurespringapps_checklist.es.xlsx         |  Bin 0 -> 19995 bytes
 .../azurespringapps_checklist.ja.xlsx         |  Bin 0 -> 20383 bytes
 .../azurespringapps_checklist.ko.xlsx         |  Bin 0 -> 20393 bytes
 .../azurespringapps_checklist.pt.xlsx         |  Bin 0 -> 20016 bytes
 .../macrofree/checklist.en.master.xlsx        |  Bin 283698 -> 284940 bytes
 .../alz_checklist.en_network_counters.json    |  444 ++--
 ...hecklist.en_network_counters_template.json |    2 +-
 .../alz_checklist.en_network_tabcounters.json | 1340 +++++-----
 ...klist.en_network_tabcounters_template.json |    2 +-
 .../alz_checklist.en_network_workbook.json    |  484 ++--
 ...hecklist.en_network_workbook_template.json |    2 +-
 18 files changed, 3020 insertions(+), 2317 deletions(-)
 create mode 100644 checklists/azurespringapps_checklist.es.json
 create mode 100644 checklists/azurespringapps_checklist.ja.json
 create mode 100644 checklists/azurespringapps_checklist.ko.json
 create mode 100644 checklists/azurespringapps_checklist.pt.json
 create mode 100644 spreadsheet/macrofree/azurespringapps_checklist.en.xlsx
 create mode 100644 spreadsheet/macrofree/azurespringapps_checklist.es.xlsx
 create mode 100644 spreadsheet/macrofree/azurespringapps_checklist.ja.xlsx
 create mode 100644 spreadsheet/macrofree/azurespringapps_checklist.ko.xlsx
 create mode 100644 spreadsheet/macrofree/azurespringapps_checklist.pt.xlsx

diff --git a/checklists/azurespringapps_checklist.en.json b/checklists/azurespringapps_checklist.en.json
index e1ac9943b..23802d409 100644
--- a/checklists/azurespringapps_checklist.en.json
+++ b/checklists/azurespringapps_checklist.en.json
@@ -1,86 +1,86 @@
 {
-  "items": [
-    {
-      "category": "BC and DR",
-      "subcategory": "High Availability",
-      "text": "In supported region, Azure Spring Apps can be deployed as zone redundant, which means that instances are automatically distributed across availability zones. This feature is only available in Standard and Enterprise tiers.",
-      "waf": "Reliability",
-      "guid": "ff1ae6a7-9301-4feb-9d11-56cd72f1d4ef",
-      "cost": 1,
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/reliability/reliability-spring-apps"
-    },
-    {
-      "category": "Application Deployment",
-      "subcategory": "DevOps",
-      "text": "Azure Spring Apps permits two deployments for every app, only one of which receives production traffic. You can achieve zero downtime with blue green deployment strategies. Blue green deployment is only available in Standard and Enterprise tiers. You could automate deployment using CI/CD with ADO/GitHub actions",
-      "waf": "Reliability",
-      "guid": "6d8e32a8-3892-479d-a40b-10f6b4f6f298",
-      "cost": 1,
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/spring-apps/concepts-blue-green-deployment-strategies"
-    },
-    {
-      "category": "Operations",
-      "subcategory": "Monitoring",
-      "text": "Monitor Azure Spring Apps with logs, metrics and tracing. Integrate ASA with application insights and track failures and create workbooks.",
-      "waf": "Reliability",
-      "guid": "7504c230-6035-4183-95a5-85762acc6075",
-      "cost": 1,
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/spring-apps/diagnostic-services"
-    },
-    {
-      "category": "BC and DR",
-      "subcategory": "Disaster Recovery",
-      "text": "Azure Spring Apps instances could be created in multiple regions for your applications and traffic could be routed by Traffic Manager/Front Door.",
-      "waf": "Reliability",
-      "guid": "fbcb40ac-9480-4a6d-bcf4-8081252a6716",
-      "cost": 1,
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region"
-    },
-    {
-      "category": "Operations",
-      "subcategory": "Scalability",
-      "text": "Set up autoscaling in Spring Cloud Gateway",
-      "waf": "Reliability",
-      "guid": "1eb48d58-3eec-4ef5-80b0-d2b0dde3f0c6",
-      "cost": 1,
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/spring-apps/how-to-configure-enterprise-spring-cloud-gateway"
-    },
-    {
-      "category": "Operations",
-      "subcategory": "Support",
-      "text": "Use Enterprise plan for commercial support of spring boot for mission critical apps. With other tiers you get OSS support.",
-      "waf": "Reliability",
-      "guid": "dfcaffd1-d27c-4ef2-998d-64c1df3a7ac3",
-      "cost": 1,
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/spring-apps/overview"
-    },
-    {
-      "category": "Operations",
-      "subcategory": "Scalability",
-      "text": "Enable autoscale for the apps with Standard consumption & dedicated plan.",
-      "waf": "Reliability",
-      "guid": "97411607-b6fd-4335-99d1-9885faf4e392",
-      "cost": 1,
-      "severity": "Low",
-      "link": "https://learn.microsoft.com/azure/spring-apps/how-to-setup-autoscale"
-    },
-    {
-      "category": "BC and DR",
-      "subcategory": "High Availability",
-      "text": "Use more than 1 app instance for your apps",
-      "waf": "Reliability",
-      "guid": "ffc735ad-fbb1-4802-b43f-ad6387c4c066",
-      "cost": 1,
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/spring-apps/concept-understand-app-and-deployment"
-    }
-  ],
+    "items": [
+        {
+            "category": "Application Deployment",
+            "subcategory": "DevOps",
+            "text": "Azure Spring Apps permits two deployments for every app, only one of which receives production traffic. You can achieve zero downtime with blue green deployment strategies. Blue green deployment is only available in Standard and Enterprise tiers. You could automate deployment using CI/CD with ADO/GitHub actions",
+            "waf": "Reliability",
+            "guid": "6d8e32a8-3892-479d-a40b-10f6b4f6f298",
+            "cost": 1,
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concepts-blue-green-deployment-strategies"
+        },
+        {
+            "category": "BC and DR",
+            "subcategory": "Disaster Recovery",
+            "text": "Azure Spring Apps instances could be created in multiple regions for your applications and traffic could be routed by Traffic Manager/Front Door.",
+            "waf": "Reliability",
+            "guid": "fbcb40ac-9480-4a6d-bcf4-8081252a6716",
+            "cost": 1,
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region"
+        },
+        {
+            "category": "BC and DR",
+            "subcategory": "High Availability",
+            "text": "In supported region, Azure Spring Apps can be deployed as zone redundant, which means that instances are automatically distributed across availability zones. This feature is only available in Standard and Enterprise tiers.",
+            "waf": "Reliability",
+            "guid": "ff1ae6a7-9301-4feb-9d11-56cd72f1d4ef",
+            "cost": 1,
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-spring-apps"
+        },
+        {
+            "category": "BC and DR",
+            "subcategory": "High Availability",
+            "text": "Use more than 1 app instance for your apps",
+            "waf": "Reliability",
+            "guid": "ffc735ad-fbb1-4802-b43f-ad6387c4c066",
+            "cost": 1,
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concept-understand-app-and-deployment"
+        },
+        {
+            "category": "Operations",
+            "subcategory": "Monitoring",
+            "text": "Monitor Azure Spring Apps with logs, metrics and tracing. Integrate ASA with application insights and track failures and create workbooks.",
+            "waf": "Reliability",
+            "guid": "7504c230-6035-4183-95a5-85762acc6075",
+            "cost": 1,
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/spring-apps/diagnostic-services"
+        },
+        {
+            "category": "Operations",
+            "subcategory": "Scalability",
+            "text": "Set up autoscaling in Spring Cloud Gateway",
+            "waf": "Reliability",
+            "guid": "1eb48d58-3eec-4ef5-80b0-d2b0dde3f0c6",
+            "cost": 1,
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-configure-enterprise-spring-cloud-gateway"
+        },
+        {
+            "category": "Operations",
+            "subcategory": "Scalability",
+            "text": "Enable autoscale for the apps with Standard consumption & dedicated plan.",
+            "waf": "Reliability",
+            "guid": "97411607-b6fd-4335-99d1-9885faf4e392",
+            "cost": 1,
+            "severity": "Low",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-setup-autoscale"
+        },
+        {
+            "category": "Operations",
+            "subcategory": "Support",
+            "text": "Use Enterprise plan for commercial support of spring boot for mission critical apps. With other tiers you get OSS support.",
+            "waf": "Reliability",
+            "guid": "dfcaffd1-d27c-4ef2-998d-64c1df3a7ac3",
+            "cost": 1,
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/spring-apps/overview"
+        }
+    ],
     "categories": [
         {
             "name": "BC and DR"
@@ -145,7 +145,6 @@
     "metadata": {
         "name": "Azure Spring Apps Review",
         "state": "Preview",
-        "timestamp": "November 14, 2023"
+        "timestamp": "November 15, 2023"
     }
-  
-}
+}
\ No newline at end of file
diff --git a/checklists/azurespringapps_checklist.es.json b/checklists/azurespringapps_checklist.es.json
new file mode 100644
index 000000000..dd2c44112
--- /dev/null
+++ b/checklists/azurespringapps_checklist.es.json
@@ -0,0 +1,150 @@
+{
+    "categories": [
+        {
+            "name": "BC y DR"
+        },
+        {
+            "name": "Operaciones"
+        },
+        {
+            "name": "Implementación de aplicaciones"
+        }
+    ],
+    "items": [
+        {
+            "category": "Implementación de aplicaciones",
+            "cost": 1,
+            "guid": "6d8e32a8-3892-479d-a40b-10f6b4f6f298",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concepts-blue-green-deployment-strategies",
+            "severity": "Medio",
+            "subcategory": "DevOps (Operaciones de desarrollo)",
+            "text": "Azure Spring Apps permite dos implementaciones para cada aplicación, de las cuales solo una recibe tráfico de producción. Puede lograr cero tiempo de inactividad con estrategias de implementación azul verde. La implementación azul verde solo está disponible en los niveles Estándar y Enterprise. Puede automatizar la implementación mediante CI/CD con acciones de ADO/GitHub",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "BC y DR",
+            "cost": 1,
+            "guid": "fbcb40ac-9480-4a6d-bcf4-8081252a6716",
+            "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region",
+            "severity": "Medio",
+            "subcategory": "Recuperación ante desastres",
+            "text": "Las instancias de Azure Spring Apps se pueden crear en varias regiones para las aplicaciones y el tráfico se puede enrutar mediante Traffic Manager o Front Door.",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "BC y DR",
+            "cost": 1,
+            "guid": "ff1ae6a7-9301-4feb-9d11-56cd72f1d4ef",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-spring-apps",
+            "severity": "Medio",
+            "subcategory": "Alta disponibilidad",
+            "text": "En la región admitida, Azure Spring Apps se puede implementar como zona redundante, lo que significa que las instancias se distribuyen automáticamente entre las zonas de disponibilidad. Esta función solo está disponible en los niveles Standard y Enterprise.",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "BC y DR",
+            "cost": 1,
+            "guid": "ffc735ad-fbb1-4802-b43f-ad6387c4c066",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concept-understand-app-and-deployment",
+            "severity": "Medio",
+            "subcategory": "Alta disponibilidad",
+            "text": "Usar más de 1 instancia de aplicación para las aplicaciones",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "Operaciones",
+            "cost": 1,
+            "guid": "7504c230-6035-4183-95a5-85762acc6075",
+            "link": "https://learn.microsoft.com/azure/spring-apps/diagnostic-services",
+            "severity": "Medio",
+            "subcategory": "Monitorización",
+            "text": "Supervise Azure Spring Apps con registros, métricas y seguimiento. Integre ASA con la información de las aplicaciones, realice un seguimiento de los errores y cree libros de trabajo.",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "Operaciones",
+            "cost": 1,
+            "guid": "1eb48d58-3eec-4ef5-80b0-d2b0dde3f0c6",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-configure-enterprise-spring-cloud-gateway",
+            "severity": "Medio",
+            "subcategory": "Escalabilidad",
+            "text": "Configuración del escalado automático en Spring Cloud Gateway",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "Operaciones",
+            "cost": 1,
+            "guid": "97411607-b6fd-4335-99d1-9885faf4e392",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-setup-autoscale",
+            "severity": "Bajo",
+            "subcategory": "Escalabilidad",
+            "text": "Habilite el escalado automático para las aplicaciones con el consumo estándar y el plan dedicado.",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "Operaciones",
+            "cost": 1,
+            "guid": "dfcaffd1-d27c-4ef2-998d-64c1df3a7ac3",
+            "link": "https://learn.microsoft.com/azure/spring-apps/overview",
+            "severity": "Medio",
+            "subcategory": "Apoyo",
+            "text": "Use el plan Enterprise para obtener soporte comercial de Spring Boot para aplicaciones de misión crítica. Con otros niveles, obtienes soporte OSS.",
+            "waf": "Fiabilidad"
+        }
+    ],
+    "metadata": {
+        "name": "Azure Spring Apps Review",
+        "state": "Preview",
+        "timestamp": "November 15, 2023"
+    },
+    "severities": [
+        {
+            "name": "Alto"
+        },
+        {
+            "name": "Medio"
+        },
+        {
+            "name": "Bajo"
+        }
+    ],
+    "status": [
+        {
+            "description": "Esta comprobación aún no se ha examinado",
+            "name": "No verificado"
+        },
+        {
+            "description": "Hay un elemento de acción asociado a esta comprobación",
+            "name": "Abrir"
+        },
+        {
+            "description": "Esta comprobación se ha verificado y no hay más elementos de acción asociados a ella",
+            "name": "Cumplido"
+        },
+        {
+            "description": "Recomendación entendida, pero no necesaria por los requisitos actuales",
+            "name": "No es necesario"
+        },
+        {
+            "description": "No aplicable para el diseño actual",
+            "name": "N/A"
+        }
+    ],
+    "waf": [
+        {
+            "name": "Fiabilidad"
+        },
+        {
+            "name": "Seguridad"
+        },
+        {
+            "name": "Costar"
+        },
+        {
+            "name": "Operaciones"
+        },
+        {
+            "name": "Rendimiento"
+        }
+    ]
+}
\ No newline at end of file
diff --git a/checklists/azurespringapps_checklist.ja.json b/checklists/azurespringapps_checklist.ja.json
new file mode 100644
index 000000000..7afe18fef
--- /dev/null
+++ b/checklists/azurespringapps_checklist.ja.json
@@ -0,0 +1,150 @@
+{
+    "categories": [
+        {
+            "name": "BCとDR"
+        },
+        {
+            "name": "オペレーションズ"
+        },
+        {
+            "name": "アプリケーションの展開"
+        }
+    ],
+    "items": [
+        {
+            "category": "アプリケーションの展開",
+            "cost": 1,
+            "guid": "6d8e32a8-3892-479d-a40b-10f6b4f6f298",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concepts-blue-green-deployment-strategies",
+            "severity": "中程度",
+            "subcategory": "DevOpsの",
+            "text": "Azure Spring Apps では、アプリごとに 2 つのデプロイが許可され、そのうちの 1 つだけが運用トラフィックを受信します。ブルーグリーンデプロイ戦略により、ダウンタイムをゼロにすることができます。ブルー グリーン デプロイは、Standard レベルと Enterprise レベルでのみ使用できます。CI/CD と ADO/GitHub Actions を使用してデプロイを自動化できます",
+            "waf": "確実"
+        },
+        {
+            "category": "BCとDR",
+            "cost": 1,
+            "guid": "fbcb40ac-9480-4a6d-bcf4-8081252a6716",
+            "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region",
+            "severity": "中程度",
+            "subcategory": "災害復旧",
+            "text": "Azure Spring Apps インスタンスは、アプリケーション用に複数のリージョンに作成でき、トラフィックは Traffic Manager/Front Door によってルーティングできます。",
+            "waf": "確実"
+        },
+        {
+            "category": "BCとDR",
+            "cost": 1,
+            "guid": "ff1ae6a7-9301-4feb-9d11-56cd72f1d4ef",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-spring-apps",
+            "severity": "中程度",
+            "subcategory": "高可用性",
+            "text": "サポートされているリージョンでは、Azure Spring Apps をゾーン冗長としてデプロイできるため、インスタンスは可用性ゾーン間で自動的に分散されます。この機能は、Standard レベルと Enterprise レベルでのみ使用できます。",
+            "waf": "確実"
+        },
+        {
+            "category": "BCとDR",
+            "cost": 1,
+            "guid": "ffc735ad-fbb1-4802-b43f-ad6387c4c066",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concept-understand-app-and-deployment",
+            "severity": "中程度",
+            "subcategory": "高可用性",
+            "text": "アプリに複数のアプリ インスタンスを使用する",
+            "waf": "確実"
+        },
+        {
+            "category": "オペレーションズ",
+            "cost": 1,
+            "guid": "7504c230-6035-4183-95a5-85762acc6075",
+            "link": "https://learn.microsoft.com/azure/spring-apps/diagnostic-services",
+            "severity": "中程度",
+            "subcategory": "モニタリング",
+            "text": "Azure Spring Apps をログ、メトリック、トレースで監視します。ASA を Application Insights と統合し、障害を追跡し、ブックを作成します。",
+            "waf": "確実"
+        },
+        {
+            "category": "オペレーションズ",
+            "cost": 1,
+            "guid": "1eb48d58-3eec-4ef5-80b0-d2b0dde3f0c6",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-configure-enterprise-spring-cloud-gateway",
+            "severity": "中程度",
+            "subcategory": "拡張性",
+            "text": "Spring Cloud Gateway で自動スケーリングを設定する",
+            "waf": "確実"
+        },
+        {
+            "category": "オペレーションズ",
+            "cost": 1,
+            "guid": "97411607-b6fd-4335-99d1-9885faf4e392",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-setup-autoscale",
+            "severity": "低い",
+            "subcategory": "拡張性",
+            "text": "Standard 従量課金プランと専用プランのアプリの自動スケーリングを有効にします。",
+            "waf": "確実"
+        },
+        {
+            "category": "オペレーションズ",
+            "cost": 1,
+            "guid": "dfcaffd1-d27c-4ef2-998d-64c1df3a7ac3",
+            "link": "https://learn.microsoft.com/azure/spring-apps/overview",
+            "severity": "中程度",
+            "subcategory": "支える",
+            "text": "ミッション クリティカルなアプリの Spring Boot の商用サポートには、Enterprise プランを使用します。他のレベルでは、OSS のサポートを受けることができます。",
+            "waf": "確実"
+        }
+    ],
+    "metadata": {
+        "name": "Azure Spring Apps Review",
+        "state": "Preview",
+        "timestamp": "November 15, 2023"
+    },
+    "severities": [
+        {
+            "name": "高い"
+        },
+        {
+            "name": "中程度"
+        },
+        {
+            "name": "低い"
+        }
+    ],
+    "status": [
+        {
+            "description": "このチェックはまだ検討されていません",
+            "name": "未確認"
+        },
+        {
+            "description": "このチェックにはアクションアイテムが関連付けられています",
+            "name": "開ける"
+        },
+        {
+            "description": "このチェックは検証済みで、これ以上のアクションアイテムは関連付けられていません",
+            "name": "達成"
+        },
+        {
+            "description": "推奨事項は理解されているが、現在の要件では不要",
+            "name": "必要なし"
+        },
+        {
+            "description": "現在のデザインには適用されません",
+            "name": "該当なし"
+        }
+    ],
+    "waf": [
+        {
+            "name": "確実"
+        },
+        {
+            "name": "安全"
+        },
+        {
+            "name": "費用"
+        },
+        {
+            "name": "オペレーションズ"
+        },
+        {
+            "name": "パフォーマンス"
+        }
+    ]
+}
\ No newline at end of file
diff --git a/checklists/azurespringapps_checklist.ko.json b/checklists/azurespringapps_checklist.ko.json
new file mode 100644
index 000000000..031cffca9
--- /dev/null
+++ b/checklists/azurespringapps_checklist.ko.json
@@ -0,0 +1,150 @@
+{
+    "categories": [
+        {
+            "name": "BC 및 DR"
+        },
+        {
+            "name": "작업"
+        },
+        {
+            "name": "응용 프로그램 배포"
+        }
+    ],
+    "items": [
+        {
+            "category": "응용 프로그램 배포",
+            "cost": 1,
+            "guid": "6d8e32a8-3892-479d-a40b-10f6b4f6f298",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concepts-blue-green-deployment-strategies",
+            "severity": "보통",
+            "subcategory": "데브옵스",
+            "text": "Azure Spring Apps는 모든 앱에 대해 두 개의 배포를 허용하며, 그 중 하나만 프로덕션 트래픽을 수신합니다. 블루-그린 배포 전략을 통해 가동 중지 시간 제로를 달성할 수 있습니다. 파란색 녹색 배포는 표준 및 엔터프라이즈 계층에서만 사용할 수 있습니다. ADO/GitHub 작업과 함께 CI/CD를 사용하여 배포를 자동화할 수 있습니다.",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "BC 및 DR",
+            "cost": 1,
+            "guid": "fbcb40ac-9480-4a6d-bcf4-8081252a6716",
+            "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region",
+            "severity": "보통",
+            "subcategory": "재해 복구",
+            "text": "Azure Spring Apps 인스턴스는 애플리케이션에 대해 여러 지역에서 만들 수 있으며 Traffic Manager/Front Door에서 트래픽을 라우팅할 수 있습니다.",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "BC 및 DR",
+            "cost": 1,
+            "guid": "ff1ae6a7-9301-4feb-9d11-56cd72f1d4ef",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-spring-apps",
+            "severity": "보통",
+            "subcategory": "고가용성",
+            "text": "지원되는 지역에서 Azure Spring Apps는 영역 중복으로 배포할 수 있으며, 이는 인스턴스가 가용성 영역에 자동으로 분산됨을 의미합니다. 이 기능은 Standard 및 Enterprise 계층에서만 사용할 수 있습니다.",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "BC 및 DR",
+            "cost": 1,
+            "guid": "ffc735ad-fbb1-4802-b43f-ad6387c4c066",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concept-understand-app-and-deployment",
+            "severity": "보통",
+            "subcategory": "고가용성",
+            "text": "앱에 1개 이상의 앱 인스턴스 사용",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "작업",
+            "cost": 1,
+            "guid": "7504c230-6035-4183-95a5-85762acc6075",
+            "link": "https://learn.microsoft.com/azure/spring-apps/diagnostic-services",
+            "severity": "보통",
+            "subcategory": "모니터링",
+            "text": "로그, 메트릭 및 추적을 사용하여 Azure Spring Apps를 모니터링합니다. ASA를 Application Insights와 통합하고, 오류를 추적하고, 통합 문서를 만듭니다.",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "작업",
+            "cost": 1,
+            "guid": "1eb48d58-3eec-4ef5-80b0-d2b0dde3f0c6",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-configure-enterprise-spring-cloud-gateway",
+            "severity": "보통",
+            "subcategory": "확장성",
+            "text": "Spring Cloud Gateway에서 자동 크기 조정 설정",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "작업",
+            "cost": 1,
+            "guid": "97411607-b6fd-4335-99d1-9885faf4e392",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-setup-autoscale",
+            "severity": "낮다",
+            "subcategory": "확장성",
+            "text": "표준 소비 및 전용 플랜이 있는 앱에 대해 자동 크기 조정을 사용하도록 설정합니다.",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "작업",
+            "cost": 1,
+            "guid": "dfcaffd1-d27c-4ef2-998d-64c1df3a7ac3",
+            "link": "https://learn.microsoft.com/azure/spring-apps/overview",
+            "severity": "보통",
+            "subcategory": "지원",
+            "text": "중요 업무용 앱에 대한 Spring Boot의 상업적 지원을 위해 Enterprise 플랜을 사용합니다. 다른 계층에서는 OSS 지원을 받을 수 있습니다.",
+            "waf": "신뢰도"
+        }
+    ],
+    "metadata": {
+        "name": "Azure Spring Apps Review",
+        "state": "Preview",
+        "timestamp": "November 15, 2023"
+    },
+    "severities": [
+        {
+            "name": "높다"
+        },
+        {
+            "name": "보통"
+        },
+        {
+            "name": "낮다"
+        }
+    ],
+    "status": [
+        {
+            "description": "이 검사는 아직 검토되지 않았습니다",
+            "name": "확인되지 않음"
+        },
+        {
+            "description": "이 검사와 연관된 작업 항목이 있습니다",
+            "name": "열다"
+        },
+        {
+            "description": "이 검사는 확인되었으며 이와 관련된 추가 작업 항목이 없습니다",
+            "name": "성취"
+        },
+        {
+            "description": "권장 사항은 이해되었지만 현재 요구 사항에 필요하지 않음",
+            "name": "필요 없음"
+        },
+        {
+            "description": "현재 설계에는 적용되지 않습니다.",
+            "name": "해당 없음"
+        }
+    ],
+    "waf": [
+        {
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
+        },
+        {
+            "name": "비용"
+        },
+        {
+            "name": "작업"
+        },
+        {
+            "name": "공연"
+        }
+    ]
+}
\ No newline at end of file
diff --git a/checklists/azurespringapps_checklist.pt.json b/checklists/azurespringapps_checklist.pt.json
new file mode 100644
index 000000000..e40b6e6fc
--- /dev/null
+++ b/checklists/azurespringapps_checklist.pt.json
@@ -0,0 +1,150 @@
+{
+    "categories": [
+        {
+            "name": "BC e DR"
+        },
+        {
+            "name": "Operações"
+        },
+        {
+            "name": "Implantação de aplicativos"
+        }
+    ],
+    "items": [
+        {
+            "category": "Implantação de aplicativos",
+            "cost": 1,
+            "guid": "6d8e32a8-3892-479d-a40b-10f6b4f6f298",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concepts-blue-green-deployment-strategies",
+            "severity": "Média",
+            "subcategory": "DevOps",
+            "text": "Os Aplicativos Spring do Azure permitem duas implantações para cada aplicativo, apenas um dos quais recebe tráfego de produção. Você pode obter tempo de inatividade zero com estratégias de implantação em verde azul. A implantação verde azul só está disponível nas camadas Standard e Enterprise. Você pode automatizar a implantação usando CI/CD com ações do ADO/GitHub",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "BC e DR",
+            "cost": 1,
+            "guid": "fbcb40ac-9480-4a6d-bcf4-8081252a6716",
+            "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region",
+            "severity": "Média",
+            "subcategory": "Recuperação de desastres",
+            "text": "As instâncias do Azure Spring Apps podem ser criadas em várias regiões para seus aplicativos e o tráfego pode ser roteado pelo Gerenciador de Tráfego/Front Door.",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "BC e DR",
+            "cost": 1,
+            "guid": "ff1ae6a7-9301-4feb-9d11-56cd72f1d4ef",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-spring-apps",
+            "severity": "Média",
+            "subcategory": "Alta Disponibilidade",
+            "text": "Na região com suporte, os Aplicativos Spring do Azure podem ser implantados como zona redundante, o que significa que as instâncias são distribuídas automaticamente entre zonas de disponibilidade. Esse recurso só está disponível nas camadas Standard e Enterprise.",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "BC e DR",
+            "cost": 1,
+            "guid": "ffc735ad-fbb1-4802-b43f-ad6387c4c066",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concept-understand-app-and-deployment",
+            "severity": "Média",
+            "subcategory": "Alta Disponibilidade",
+            "text": "Usar mais de 1 instância de aplicativo para seus aplicativos",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "Operações",
+            "cost": 1,
+            "guid": "7504c230-6035-4183-95a5-85762acc6075",
+            "link": "https://learn.microsoft.com/azure/spring-apps/diagnostic-services",
+            "severity": "Média",
+            "subcategory": "Monitorização",
+            "text": "Monitore os Aplicativos Spring do Azure com logs, métricas e rastreamento. Integre o ASA com insights de aplicativos e rastreie falhas e crie pastas de trabalho.",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "Operações",
+            "cost": 1,
+            "guid": "1eb48d58-3eec-4ef5-80b0-d2b0dde3f0c6",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-configure-enterprise-spring-cloud-gateway",
+            "severity": "Média",
+            "subcategory": "Escalabilidade",
+            "text": "Configurar o dimensionamento automático no Spring Cloud Gateway",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "Operações",
+            "cost": 1,
+            "guid": "97411607-b6fd-4335-99d1-9885faf4e392",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-setup-autoscale",
+            "severity": "Baixo",
+            "subcategory": "Escalabilidade",
+            "text": "Habilite o dimensionamento automático para os aplicativos com o plano de consumo padrão e dedicado.",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "Operações",
+            "cost": 1,
+            "guid": "dfcaffd1-d27c-4ef2-998d-64c1df3a7ac3",
+            "link": "https://learn.microsoft.com/azure/spring-apps/overview",
+            "severity": "Média",
+            "subcategory": "Apoio",
+            "text": "Use o plano Enterprise para suporte comercial de inicialização spring para aplicativos de missão crítica. Com outras camadas, você obtém suporte a OSS.",
+            "waf": "Fiabilidade"
+        }
+    ],
+    "metadata": {
+        "name": "Azure Spring Apps Review",
+        "state": "Preview",
+        "timestamp": "November 15, 2023"
+    },
+    "severities": [
+        {
+            "name": "Alto"
+        },
+        {
+            "name": "Média"
+        },
+        {
+            "name": "Baixo"
+        }
+    ],
+    "status": [
+        {
+            "description": "Esta verificação ainda não foi analisada",
+            "name": "Não verificado"
+        },
+        {
+            "description": "Há um item de ação associado a essa verificação",
+            "name": "Abrir"
+        },
+        {
+            "description": "Essa verificação foi verificada e não há outros itens de ação associados a ela",
+            "name": "Cumprido"
+        },
+        {
+            "description": "Recomendação compreendida, mas não necessária pelos requisitos atuais",
+            "name": "Não é necessário"
+        },
+        {
+            "description": "Não aplicável ao projeto atual",
+            "name": "N/A"
+        }
+    ],
+    "waf": [
+        {
+            "name": "Fiabilidade"
+        },
+        {
+            "name": "Segurança"
+        },
+        {
+            "name": "Custar"
+        },
+        {
+            "name": "Operações"
+        },
+        {
+            "name": "Desempenho"
+        }
+    ]
+}
\ No newline at end of file
diff --git a/checklists/checklist.en.master.json b/checklists/checklist.en.master.json
index 110231c97..045225d6d 100644
--- a/checklists/checklist.en.master.json
+++ b/checklists/checklist.en.master.json
@@ -168,8 +168,8 @@
             "id": "A03.06",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
             "services": [
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Enterprise Agreement",
@@ -228,8 +228,8 @@
             "id": "A04.04",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
             "services": [
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Microsoft Customer Agreement",
@@ -259,8 +259,8 @@
             "id": "B02.01",
             "link": "https://learn.microsoft.com/azure/active-directory/hybrid/how-to-connect-sync-staging-server",
             "services": [
-                "Entra",
-                "ASR"
+                "ASR",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Microsoft Entra ID",
@@ -290,8 +290,8 @@
             "id": "B03.02",
             "link": "https://learn.microsoft.com/azure/active-directory/reports-monitoring/concept-activity-logs-azure-monitor",
             "services": [
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -306,10 +306,10 @@
             "id": "B03.03",
             "link": "https://learn.microsoft.com/azure/role-based-access-control/overview",
             "services": [
-                "ACR",
-                "Entra",
+                "Subscriptions",
                 "RBAC",
-                "Subscriptions"
+                "ACR",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -324,8 +324,8 @@
             "id": "B03.04",
             "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/overview",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "Low",
             "subcategory": "Identity",
@@ -356,8 +356,8 @@
             "id": "B03.06",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/manage/centralize-operations",
             "services": [
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -418,9 +418,9 @@
             "id": "B03.10",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access#prerequisites-for-a-landing-zone---design-recommendations",
             "services": [
-                "Entra",
+                "Subscriptions",
                 "RBAC",
-                "Subscriptions"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -435,8 +435,8 @@
             "id": "B03.11",
             "link": "https://learn.microsoft.com/azure/active-directory-domain-services/overview",
             "services": [
-                "Entra",
-                "Subscriptions"
+                "Subscriptions",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -497,8 +497,8 @@
             "id": "B03.15",
             "link": "https://learn.microsoft.com/azure/active-directory/roles/best-practices",
             "services": [
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -530,10 +530,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access-landing-zones#rbac-recommendations",
             "services": [
                 "RBAC",
-                "AKV",
-                "ACR",
+                "Storage",
                 "Entra",
-                "Storage"
+                "AKV",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Landing zones",
@@ -606,9 +606,9 @@
             "id": "C02.03",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-group-recommendations",
             "services": [
-                "AzurePolicy",
+                "Subscriptions",
                 "RBAC",
-                "Subscriptions"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -623,10 +623,10 @@
             "id": "C02.04",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-group-recommendations",
             "services": [
+                "Subscriptions",
                 "ExpressRoute",
                 "DNS",
-                "VWAN",
-                "Subscriptions"
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -656,8 +656,8 @@
             "id": "C02.06",
             "link": "https://learn.microsoft.com/azure/governance/management-groups/how-to/protect-resource-hierarchy#setting---require-authorization",
             "services": [
-                "RBAC",
-                "Subscriptions"
+                "Subscriptions",
+                "RBAC"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -686,9 +686,9 @@
             "id": "C02.08",
             "link": "https://learn.microsoft.com/azure/governance/management-groups/overview",
             "services": [
-                "AzurePolicy",
                 "Subscriptions",
                 "RBAC",
+                "AzurePolicy",
                 "Cost"
             ],
             "severity": "High",
@@ -718,9 +718,9 @@
             "id": "C02.10",
             "link": "https://learn.microsoft.com/azure/cost-management-billing/reservations/save-compute-costs-reservations",
             "services": [
-                "AzurePolicy",
                 "VM",
                 "Subscriptions",
+                "AzurePolicy",
                 "Cost"
             ],
             "severity": "High",
@@ -737,8 +737,8 @@
             "id": "C02.11",
             "link": "https://learn.microsoft.com/azure/architecture/framework/scalability/design-capacity",
             "services": [
-                "Monitor",
-                "Subscriptions"
+                "Subscriptions",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -770,8 +770,8 @@
             "id": "C02.13",
             "link": "https://learn.microsoft.com/azure/governance/management-groups/overview",
             "services": [
-                "Entra",
-                "Subscriptions"
+                "Subscriptions",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -903,8 +903,8 @@
             "id": "D02.02",
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-erdirect-about",
             "services": [
-                "VPN",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "Low",
             "subcategory": "Encryption",
@@ -935,13 +935,13 @@
             "id": "D03.02",
             "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/expressroute",
             "services": [
-                "VPN",
-                "DNS",
                 "NVA",
+                "VPN",
                 "VNet",
-                "Entra",
                 "Firewall",
-                "ExpressRoute"
+                "ExpressRoute",
+                "Entra",
+                "DNS"
             ],
             "severity": "High",
             "subcategory": "Hub and spoke",
@@ -969,9 +969,9 @@
             "id": "D03.04",
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-coexist-resource-manager#to-enable-transit-routing-between-expressroute-and-azure-vpn",
             "services": [
-                "VPN",
                 "ARS",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "Low",
             "subcategory": "Hub and spoke",
@@ -986,8 +986,8 @@
             "id": "D03.05",
             "link": "https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1",
             "services": [
-                "ARS",
-                "VNet"
+                "VNet",
+                "ARS"
             ],
             "severity": "Low",
             "subcategory": "Hub and spoke",
@@ -1001,8 +1001,8 @@
             "id": "D03.06",
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-faq#can-i-create-a-peering-connection-to-a-vnet-in-a-different-region",
             "services": [
-                "ACR",
-                "VNet"
+                "VNet",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Hub and spoke",
@@ -1034,8 +1034,8 @@
             "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits",
             "services": [
                 "VNet",
-                "Entra",
-                "ExpressRoute"
+                "ExpressRoute",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Hub and spoke",
@@ -1112,8 +1112,8 @@
             "id": "D04.03",
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-routing",
             "services": [
-                "VPN",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -1256,8 +1256,8 @@
             "id": "D04.12",
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-monitoring-metrics-alerts",
             "services": [
-                "Monitor",
-                "ExpressRoute"
+                "ExpressRoute",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -1273,8 +1273,8 @@
             "link": "https://learn.microsoft.com/azure/expressroute/how-to-configure-connection-monitor",
             "services": [
                 "ACR",
-                "Monitor",
-                "NetworkWatcher"
+                "NetworkWatcher",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -1320,8 +1320,8 @@
             "id": "D05.01",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
             "services": [
-                "ACR",
-                "VNet"
+                "VNet",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "IP plan",
@@ -1401,8 +1401,8 @@
             "id": "D05.06",
             "link": "https://learn.microsoft.com/azure/dns/dns-private-resolver-overview",
             "services": [
-                "ACR",
                 "VNet",
+                "ACR",
                 "DNS"
             ],
             "severity": "Medium",
@@ -1434,9 +1434,9 @@
             "id": "D05.08",
             "link": "https://learn.microsoft.com/azure/dns/private-dns-autoregistration",
             "services": [
+                "VM",
                 "VNet",
-                "DNS",
-                "VM"
+                "DNS"
             ],
             "severity": "High",
             "subcategory": "IP plan",
@@ -1466,8 +1466,8 @@
             "id": "D06.02",
             "link": "https://learn.microsoft.com/azure/bastion/bastion-faq#subnet",
             "services": [
-                "Bastion",
-                "VNet"
+                "VNet",
+                "Bastion"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -1497,10 +1497,10 @@
             "id": "D06.04",
             "link": "https://learn.microsoft.com/azure/firewall/",
             "services": [
-                "ACR",
-                "AzurePolicy",
                 "Firewall",
-                "RBAC"
+                "RBAC",
+                "ACR",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -1530,8 +1530,8 @@
             "id": "D06.06",
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/afds-overview",
             "services": [
-                "ACR",
                 "FrontDoor",
+                "ACR",
                 "AzurePolicy",
                 "WAF"
             ],
@@ -1550,8 +1550,8 @@
             "services": [
                 "FrontDoor",
                 "AzurePolicy",
-                "WAF",
-                "AppGW"
+                "AppGW",
+                "WAF"
             ],
             "severity": "Low",
             "subcategory": "Internet",
@@ -1584,8 +1584,8 @@
             "id": "D06.09",
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-reference-architectures",
             "services": [
-                "DDoS",
-                "VNet"
+                "VNet",
+                "DDoS"
             ],
             "severity": "High",
             "subcategory": "Internet",
@@ -1668,9 +1668,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview",
             "services": [
                 "NVA",
+                "Storage",
                 "VNet",
                 "Firewall",
-                "Storage",
                 "VWAN"
             ],
             "severity": "High",
@@ -1761,9 +1761,9 @@
             "id": "D07.05",
             "link": "https://learn.microsoft.com/azure/app-service/networking-features",
             "services": [
-                "NVA",
                 "PrivateLink",
                 "Firewall",
+                "NVA",
                 "DNS"
             ],
             "severity": "Medium",
@@ -1798,9 +1798,9 @@
             "id": "D08.02",
             "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway",
             "services": [
-                "VPN",
                 "VNet",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "High",
             "subcategory": "Segmentation",
@@ -1844,8 +1844,8 @@
             "id": "D08.05",
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "services": [
-                "ACR",
-                "VNet"
+                "VNet",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Segmentation",
@@ -1860,8 +1860,8 @@
             "guid": "9c2299c4-d7b5-47d0-a655-562f2b3e4563",
             "id": "D08.06",
             "services": [
-                "VNet",
-                "VM"
+                "VM",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Segmentation",
@@ -1876,8 +1876,8 @@
             "id": "D08.07",
             "link": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
             "services": [
-                "NVA",
                 "VNet",
+                "NVA",
                 "Entra"
             ],
             "severity": "Medium",
@@ -1985,8 +1985,8 @@
             "id": "D09.06",
             "link": "https://learn.microsoft.com/azure/virtual-wan/azure-monitor-insights",
             "services": [
-                "Monitor",
-                "VWAN"
+                "VWAN",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Virtual WAN",
@@ -2014,9 +2014,9 @@
             "id": "D09.08",
             "link": "https://learn.microsoft.com/azure/virtual-wan/about-virtual-hub-routing-preference",
             "services": [
+                "ExpressRoute",
                 "VPN",
-                "VWAN",
-                "ExpressRoute"
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Virtual WAN",
@@ -2088,8 +2088,8 @@
             "id": "E01.03",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "AzurePolicy",
-                "RBAC"
+                "RBAC",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Governance",
@@ -2103,8 +2103,8 @@
             "id": "E01.04",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "AzurePolicy",
-                "Subscriptions"
+                "Subscriptions",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Governance",
@@ -2132,8 +2132,8 @@
             "id": "E01.06",
             "link": "https://learn.microsoft.com/security/benchmark/azure/mcsb-asset-management#am-2-use-only-approved-services",
             "services": [
-                "AzurePolicy",
-                "Subscriptions"
+                "Subscriptions",
+                "AzurePolicy"
             ],
             "severity": "Low",
             "subcategory": "Governance",
@@ -2162,10 +2162,10 @@
             "id": "E01.08",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview#azure-rbac-permissions-in-azure-policy",
             "services": [
-                "Entra",
-                "AzurePolicy",
+                "Subscriptions",
                 "RBAC",
-                "Subscriptions"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Governance",
@@ -2179,8 +2179,8 @@
             "id": "E01.09",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "AzurePolicy",
-                "Subscriptions"
+                "Subscriptions",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Governance",
@@ -2257,8 +2257,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
             "services": [
                 "FrontDoor",
-                "WAF",
-                "AppGW"
+                "AppGW",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "App delivery",
@@ -2273,9 +2273,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
             "services": [
                 "FrontDoor",
-                "WAF",
+                "Sentinel",
                 "AppGW",
-                "Sentinel"
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "App delivery",
@@ -2315,10 +2315,10 @@
             "id": "F03.01",
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "services": [
-                "Monitor",
-                "AzurePolicy",
+                "RBAC",
                 "Entra",
-                "RBAC"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -2362,8 +2362,8 @@
             "id": "F03.04",
             "link": "https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/govern/policy-compliance/regulatory-compliance",
             "services": [
-                "Monitor",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -2378,9 +2378,9 @@
             "id": "F03.05",
             "link": "https://learn.microsoft.com/azure/governance/policy/how-to/guest-configuration-create",
             "services": [
-                "Monitor",
+                "VM",
                 "AzurePolicy",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -2395,8 +2395,8 @@
             "id": "F03.06",
             "link": "https://learn.microsoft.com/azure/automation/update-management/overview",
             "services": [
-                "Monitor",
-                "VM"
+                "VM",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -2411,8 +2411,8 @@
             "id": "F03.07",
             "link": "https://learn.microsoft.com/azure/network-watcher/network-watcher-monitoring-overview",
             "services": [
-                "Monitor",
-                "NetworkWatcher"
+                "NetworkWatcher",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -2442,9 +2442,9 @@
             "id": "F03.09",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "Monitor",
+                "RBAC",
                 "AzurePolicy",
-                "RBAC"
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Monitoring",
@@ -2500,9 +2500,9 @@
             "id": "F03.13",
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "services": [
-                "Monitor",
+                "RBAC",
                 "Entra",
-                "RBAC"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -2530,8 +2530,8 @@
             "id": "F03.15",
             "link": "https://learn.microsoft.com/azure/azure-monitor/agents/diagnostics-extension-overview",
             "services": [
-                "Monitor",
-                "Storage"
+                "Storage",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -2587,8 +2587,8 @@
             "id": "F04.01",
             "link": "https://learn.microsoft.com/azure/governance/policy/concepts/guest-configuration",
             "services": [
-                "AzurePolicy",
-                "VM"
+                "VM",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Operational compliance",
@@ -2603,9 +2603,9 @@
             "id": "F04.02",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#monitoring-for-configuration-drift",
             "services": [
-                "Monitor",
+                "VM",
                 "AzurePolicy",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operational compliance",
@@ -2619,9 +2619,9 @@
             "id": "F05.01",
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
             "services": [
-                "ACR",
                 "VM",
-                "ASR"
+                "ASR",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Protect and Recover",
@@ -2693,8 +2693,8 @@
             "id": "F06.03",
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
             "services": [
-                "ACR",
                 "LoadBalancer",
+                "ACR",
                 "AppGW"
             ],
             "severity": "Medium",
@@ -2763,8 +2763,8 @@
             "id": "G02.03",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
-                "AKV",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Encryption and keys",
@@ -2778,9 +2778,9 @@
             "id": "G02.04",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
-                "AKV",
+                "RBAC",
                 "Entra",
-                "RBAC"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Encryption and keys",
@@ -2822,9 +2822,9 @@
             "id": "G02.07",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
+                "VNet",
                 "AKV",
-                "PrivateLink",
-                "VNet"
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Encryption and keys",
@@ -2838,9 +2838,9 @@
             "id": "G02.08",
             "link": "https://learn.microsoft.com/azure/key-vault/general/monitor-key-vault",
             "services": [
-                "Monitor",
+                "Entra",
                 "AKV",
-                "Entra"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Encryption and keys",
@@ -2854,8 +2854,8 @@
             "id": "G02.09",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
-                "AKV",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Encryption and keys",
@@ -2897,9 +2897,9 @@
             "id": "G02.12",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
+                "ASR",
                 "ACR",
-                "AKV",
-                "ASR"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Encryption and keys",
@@ -2928,8 +2928,8 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/logs-data-export?tabs=portal",
             "services": [
                 "ARS",
-                "Monitor",
-                "Storage"
+                "Storage",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -2944,8 +2944,8 @@
             "id": "G03.03",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/concept-cloud-security-posture-management",
             "services": [
-                "Defender",
-                "Subscriptions"
+                "Subscriptions",
+                "Defender"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -2960,8 +2960,8 @@
             "id": "G03.04",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/plan-defender-for-servers-select-plan",
             "services": [
-                "Defender",
-                "Subscriptions"
+                "Subscriptions",
+                "Defender"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -2976,8 +2976,8 @@
             "id": "G03.05",
             "link": "https://www.microsoft.com/en-gb/security/business/solutions/cloud-workload-protection",
             "services": [
-                "Defender",
-                "Subscriptions"
+                "Subscriptions",
+                "Defender"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -3004,8 +3004,8 @@
             "id": "G03.07",
             "link": "https://learn.microsoft.com/azure/security-center/",
             "services": [
-                "Monitor",
-                "Defender"
+                "Defender",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -3019,8 +3019,8 @@
             "id": "G03.08",
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "services": [
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -3168,8 +3168,8 @@
             "id": "H01.06",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/development-strategy-development-lifecycle#automated-builds",
             "services": [
-                "AKV",
-                "VM"
+                "VM",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "DevOps Team Topologies",
@@ -3262,8 +3262,8 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/sql-database-security-baseline#br-2-encrypt-backup-data",
             "services": [
                 "SQL",
-                "AKV",
-                "Backup"
+                "Backup",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Azure Key Vault",
@@ -3279,8 +3279,8 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/sql-database-security-baseline#br-1-ensure-regular-automated-backups",
             "services": [
                 "SQL",
-                "Storage",
-                "Backup"
+                "Backup",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -3296,8 +3296,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/automated-backups-overview?tabs=single-database&view=azuresql#backup-storage-redundancy",
             "services": [
                 "SQL",
-                "Storage",
-                "Backup"
+                "Backup",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Backup",
@@ -3357,8 +3357,8 @@
             "id": "E01.01",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/threat-detection-configure",
             "services": [
-                "EventHubs",
                 "SQL",
+                "EventHubs",
                 "Defender"
             ],
             "severity": "High",
@@ -3392,8 +3392,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/threat-detection-configure",
             "services": [
                 "SQL",
-                "Monitor",
-                "Defender"
+                "Defender",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Defender for Azure SQL",
@@ -3409,8 +3409,8 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/sql-azure-vulnerability-assessment-overview",
             "services": [
                 "SQL",
-                "Monitor",
-                "Defender"
+                "Defender",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Vulnerability Assessment",
@@ -3457,8 +3457,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/security-best-practice?view=azuresql#control-access-of-application-users-to-sensitive-data-through-encryption",
             "services": [
                 "SQL",
-                "AKV",
-                "Storage"
+                "Storage",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Column Encryption",
@@ -3474,8 +3474,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/transparent-data-encryption-byok-create-server",
             "services": [
                 "SQL",
-                "Storage",
-                "Backup"
+                "Backup",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Transparent Data Encryption",
@@ -3538,8 +3538,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/security-best-practice?view=azuresql#central-management-for-identities",
             "services": [
                 "SQL",
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Azure Active Directory",
@@ -3570,11 +3570,11 @@
             "id": "G02.01",
             "link": "https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview",
             "services": [
-                "SQL",
-                "AKV",
-                "ACR",
+                "RBAC",
                 "Entra",
-                "RBAC"
+                "AKV",
+                "SQL",
+                "ACR"
             ],
             "severity": "Low",
             "subcategory": "Managed Identities",
@@ -3622,8 +3622,8 @@
             "link": "https://learn.microsoft.com/sql/relational-databases/security/ledger/ledger-digest-management",
             "services": [
                 "SQL",
-                "AzurePolicy",
-                "Storage"
+                "Storage",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Database Digest",
@@ -3685,8 +3685,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/auditing-overview",
             "services": [
                 "SQL",
-                "AzurePolicy",
-                "Storage"
+                "Storage",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Auditing",
@@ -3701,12 +3701,12 @@
             "id": "I01.02",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/auditing-overview",
             "services": [
-                "SQL",
+                "EventHubs",
+                "Storage",
                 "Monitor",
                 "Backup",
-                "EventHubs",
                 "Entra",
-                "Storage"
+                "SQL"
             ],
             "severity": "Low",
             "subcategory": "Auditing",
@@ -3721,11 +3721,11 @@
             "id": "I01.03",
             "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
             "services": [
-                "SQL",
-                "Monitor",
-                "Subscriptions",
                 "EventHubs",
-                "Storage"
+                "Storage",
+                "Monitor",
+                "SQL",
+                "Subscriptions"
             ],
             "severity": "Medium",
             "subcategory": "Auditing",
@@ -3772,8 +3772,8 @@
             "id": "I02.03",
             "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
             "services": [
-                "EventHubs",
-                "SQL"
+                "SQL",
+                "EventHubs"
             ],
             "severity": "Medium",
             "subcategory": "SIEM/SOAR",
@@ -3837,9 +3837,9 @@
             "id": "J02.01",
             "link": "https://learn.microsoft.com/sql/relational-databases/system-stored-procedures/sp-invoke-external-rest-endpoint-transact-sql",
             "services": [
-                "APIM",
+                "SQL",
                 "EventHubs",
-                "SQL"
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Outbound Control",
@@ -3870,11 +3870,11 @@
             "id": "J03.01",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/private-endpoint-overview?view=azuresql#disable-public-access-to-your-logical-server",
             "services": [
-                "SQL",
                 "Monitor",
                 "VNet",
+                "Firewall",
                 "PrivateLink",
-                "Firewall"
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "Private Access",
@@ -3941,8 +3941,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/database/network-access-controls-overview?view=azuresql#ip-vs-virtual-network-firewall-rules",
             "services": [
                 "SQL",
-                "AzurePolicy",
-                "VNet"
+                "VNet",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Public Access",
@@ -3990,8 +3990,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/public-endpoint-overview",
             "services": [
                 "SQL",
-                "AzurePolicy",
-                "VNet"
+                "VNet",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Public Access",
@@ -4147,9 +4147,9 @@
                 "NVA",
                 "VNet",
                 "AppGW",
-                "Subscriptions",
                 "Entra",
-                "WAF"
+                "WAF",
+                "Subscriptions"
             ],
             "severity": "Medium",
             "subcategory": "App delivery",
@@ -4198,8 +4198,8 @@
             "services": [
                 "FrontDoor",
                 "AzurePolicy",
-                "WAF",
-                "AppGW"
+                "AppGW",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "App delivery",
@@ -4264,8 +4264,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
             "services": [
                 "FrontDoor",
-                "WAF",
-                "Storage"
+                "Storage",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "App delivery",
@@ -4613,8 +4613,8 @@
             "id": "01.02.01",
             "link": "https://learn.microsoft.com/azure-stack/hci/concepts/fault-tolerance#parity",
             "services": [
-                "Storage",
-                "Backup"
+                "Backup",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "S2D",
@@ -5008,9 +5008,9 @@
             "id": "05.01.01",
             "link": "https://learn.microsoft.com/azure/backup/back-up-azure-stack-hyperconverged-infrastructure-virtual-machines",
             "services": [
-                "ASR",
                 "VM",
-                "Backup"
+                "Backup",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "VM",
@@ -5280,9 +5280,9 @@
             "id": "A01.01",
             "link": "https://learn.microsoft.com/azure/azure-vmware/set-up-backup-server-for-azure-vmware-solution",
             "services": [
-                "Storage",
+                "Backup",
                 "AVS",
-                "Backup"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -5297,8 +5297,8 @@
             "id": "A02.01",
             "link": "https://docs.microsoft.com/azure/azure-vmware/set-up-backup-server-for-azure-vmware-solution",
             "services": [
-                "AVS",
-                "Backup"
+                "Backup",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Business Continuity",
@@ -5313,9 +5313,9 @@
             "id": "A02.02",
             "link": "Best practice to deploy backup in the same region as your AVS deployment",
             "services": [
-                "ASR",
+                "Backup",
                 "AVS",
-                "Backup"
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Business Continuity",
@@ -5440,9 +5440,9 @@
             "id": "A03.06",
             "link": "This depends if you have multiple AVS Private Clouds. If so and they are in the same region then use AVS Interconnect. If they are in separate regions then use ExpressRoute Global Reach.",
             "services": [
-                "ExpressRoute",
                 "NVA",
                 "AVS",
+                "ExpressRoute",
                 "ASR"
             ],
             "severity": "Medium",
@@ -5458,8 +5458,8 @@
             "id": "B01.01",
             "link": "https://learn.microsoft.com/azure/azure-vmware/tutorial-expressroute-global-reach-private-cloud",
             "services": [
-                "VWAN",
-                "AVS"
+                "AVS",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Direct (no vWAN, no H&S)",
@@ -5554,10 +5554,10 @@
             "id": "B03.02",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
             "services": [
-                "VPN",
                 "VNet",
                 "AVS",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -5572,9 +5572,9 @@
             "id": "B03.03",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
             "services": [
-                "VPN",
                 "VNet",
                 "AVS",
+                "VPN",
                 "ExpressRoute"
             ],
             "severity": "Medium",
@@ -5590,10 +5590,10 @@
             "id": "B03.04",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
             "services": [
-                "VPN",
                 "VNet",
                 "AVS",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -5624,8 +5624,8 @@
             "id": "B05.01",
             "link": "https://learn.microsoft.com/answers/questions/171195/how-to-create-jump-server-in-azure-not-bastion-paa.html",
             "services": [
-                "Bastion",
-                "AVS"
+                "AVS",
+                "Bastion"
             ],
             "severity": "Medium",
             "subcategory": "Jumpbox & Bastion",
@@ -5640,9 +5640,9 @@
             "id": "B05.02",
             "link": "https://learn.microsoft.com/azure/bastion/tutorial-create-host-portal",
             "services": [
-                "Bastion",
                 "VNet",
-                "AVS"
+                "AVS",
+                "Bastion"
             ],
             "severity": "Medium",
             "subcategory": "Jumpbox & Bastion",
@@ -5657,9 +5657,9 @@
             "id": "B05.03",
             "link": "https://learn.microsoft.com/azure/virtual-network/network-security-groups-overview",
             "services": [
-                "Bastion",
+                "VM",
                 "AVS",
-                "VM"
+                "Bastion"
             ],
             "severity": "Medium",
             "subcategory": "Jumpbox & Bastion",
@@ -5674,8 +5674,8 @@
             "id": "B06.01",
             "link": "https://learn.microsoft.com/azure/azure-vmware/configure-site-to-site-vpn-gateway",
             "services": [
-                "VPN",
-                "AVS"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "VPN",
@@ -5690,8 +5690,8 @@
             "id": "B06.02",
             "link": "https://www.omnicalculator.com/other/data-transfer#:~:text=To%20calculate%20the%20data%20transfer%20speed%3A%201%20Download,measured%20time%20to%20find%20the%20data%20transfer%20speed.",
             "services": [
-                "VPN",
-                "AVS"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "VPN",
@@ -5706,8 +5706,8 @@
             "id": "B06.03",
             "link": "https://learn.microsoft.com/azure/architecture/solution-ideas/articles/azure-vmware-solution-foundation-networking",
             "services": [
-                "VPN",
-                "AVS"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "VPN",
@@ -5722,8 +5722,8 @@
             "id": "B07.01",
             "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-site-to-site-portal#openvwan",
             "services": [
-                "VWAN",
-                "AVS"
+                "AVS",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "vWAN hub",
@@ -5738,8 +5738,8 @@
             "id": "B07.02",
             "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-point-to-site-portal",
             "services": [
-                "VPN",
                 "AVS",
+                "VPN",
                 "VWAN"
             ],
             "severity": "Medium",
@@ -5755,9 +5755,9 @@
             "id": "B07.03",
             "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-expressroute-portal",
             "services": [
-                "VWAN",
                 "Firewall",
-                "AVS"
+                "AVS",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "vWAN hub",
@@ -5772,8 +5772,8 @@
             "id": "C01.01",
             "link": "https://learn.microsoft.com/azure/azure-vmware/configure-identity-source-vcenter",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Access",
@@ -5788,8 +5788,8 @@
             "id": "C01.02",
             "link": "https://learn.microsoft.com/windows-server/identity/ad-ds/plan/understanding-active-directory-site-topology",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Access",
@@ -5804,8 +5804,8 @@
             "id": "C01.03",
             "link": "https://learn.microsoft.com/azure/azure-vmware/configure-identity-source-vcenter",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Access",
@@ -5820,8 +5820,8 @@
             "id": "C01.04",
             "link": "https://learn.microsoft.com/azure/azure-vmware/configure-external-identity-source-nsx-t",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Access",
@@ -5836,8 +5836,8 @@
             "id": "C02.01",
             "link": "https://youtu.be/4jvfbsrhnEs",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -5852,9 +5852,9 @@
             "id": "C02.02",
             "link": "https://learn.microsoft.com/azure/azure-vmware/concepts-identity",
             "services": [
-                "Entra",
+                "AVS",
                 "RBAC",
-                "AVS"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -5869,9 +5869,9 @@
             "id": "C02.03",
             "link": "https://learn.microsoft.com/azure/azure-vmware/concepts-identity#view-the-vcenter-server-privileges",
             "services": [
-                "Entra",
+                "AVS",
                 "RBAC",
-                "AVS"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -5886,9 +5886,9 @@
             "id": "C02.04",
             "link": "Best practice",
             "services": [
-                "Entra",
+                "AVS",
                 "RBAC",
-                "AVS"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -5903,9 +5903,9 @@
             "id": "C03.01",
             "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
             "services": [
-                "RBAC",
+                "AVS",
                 "Entra",
-                "AVS"
+                "RBAC"
             ],
             "severity": "Medium",
             "subcategory": "Security ",
@@ -5920,9 +5920,9 @@
             "id": "C03.02",
             "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
             "services": [
-                "RBAC",
+                "AVS",
                 "Entra",
-                "AVS"
+                "RBAC"
             ],
             "severity": "Medium",
             "subcategory": "Security ",
@@ -5937,9 +5937,9 @@
             "id": "C03.03",
             "link": "Best practice",
             "services": [
-                "Monitor",
+                "AVS",
                 "Entra",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Security ",
@@ -5954,8 +5954,8 @@
             "id": "C03.04",
             "link": "https://learn.microsoft.com/azure/azure-vmware/rotate-cloudadmin-credentials?tabs=azure-portal",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security ",
@@ -5970,9 +5970,9 @@
             "id": "D01.01",
             "link": "https://learn.microsoft.com/azure/azure-arc/vmware-vsphere/overview",
             "services": [
-                "Arc",
+                "VM",
                 "AVS",
-                "VM"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -5987,9 +5987,9 @@
             "id": "D01.02",
             "link": "https://docs.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "Monitor",
+                "AVS",
                 "AzurePolicy",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -6034,8 +6034,8 @@
             "id": "D01.05",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations",
             "services": [
-                "AKV",
-                "AVS"
+                "AVS",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -6050,8 +6050,8 @@
             "id": "E01.01",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-alerts-for-azure-vmware-solution",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Alerts",
@@ -6066,8 +6066,8 @@
             "id": "E01.02",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-alerts-for-azure-vmware-solution",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Alerts",
@@ -6082,8 +6082,8 @@
             "id": "E01.03",
             "link": "https://www.virtualworkloads.com/2021/04/azure-vmware-solution-azure-service-health/",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Alerts",
@@ -6100,9 +6100,9 @@
             "services": [
                 "VM",
                 "Monitor",
-                "AzurePolicy",
+                "Backup",
                 "AVS",
-                "Backup"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -6117,9 +6117,9 @@
             "id": "E03.01",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-alerts-for-azure-vmware-solution",
             "services": [
-                "Monitor",
+                "AVS",
                 "AzurePolicy",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Capacity",
@@ -6134,8 +6134,8 @@
             "id": "E04.01",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/govern",
             "services": [
-                "Monitor",
                 "Subscriptions",
+                "Monitor",
                 "AVS",
                 "Cost"
             ],
@@ -6152,9 +6152,9 @@
             "id": "E05.01",
             "link": "https://docs.microsoft.com/azure/azure-portal/azure-portal-dashboards",
             "services": [
-                "Monitor",
+                "AVS",
                 "NetworkWatcher",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Dashboard",
@@ -6169,9 +6169,9 @@
             "id": "E06.01",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-vmware-syslogs",
             "services": [
-                "Monitor",
+                "AVS",
                 "Storage",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Logs & Metrics",
@@ -6186,8 +6186,8 @@
             "id": "E06.02",
             "link": "Is vROPS or vRealize Network Insight going to be used? ",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Logs & Metrics",
@@ -6202,9 +6202,9 @@
             "id": "E06.03",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-vmware-syslogs",
             "services": [
-                "Monitor",
+                "VM",
                 "AVS",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Logs & Metrics",
@@ -6220,10 +6220,10 @@
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-create-using-portal",
             "services": [
                 "VPN",
-                "Monitor",
-                "AVS",
                 "NetworkWatcher",
-                "ExpressRoute"
+                "Monitor",
+                "ExpressRoute",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Network",
@@ -6238,9 +6238,9 @@
             "id": "E07.02",
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-create-using-portal",
             "services": [
-                "Monitor",
                 "AVS",
-                "ExpressRoute"
+                "ExpressRoute",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Network",
@@ -6255,8 +6255,8 @@
             "id": "E07.03",
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-create-using-portal",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Network",
@@ -6271,8 +6271,8 @@
             "id": "E08.01",
             "link": "Firewall logging and alerting rules are configured (Azure Firewall or 3rd party)",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -6287,8 +6287,8 @@
             "id": "E08.02",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-network-topology-connectivity",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -6303,8 +6303,8 @@
             "id": "E09.01",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-vmware-syslogs",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "VMWare",
@@ -6319,9 +6319,9 @@
             "id": "E10.01",
             "link": "https://docs.microsoft.com/azure/azure-monitor/agents/agent-windows?tabs=setup-wizard",
             "services": [
-                "Monitor",
+                "VM",
                 "AVS",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "VMware",
@@ -6366,9 +6366,9 @@
             "id": "F01.03",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-network-topology-connectivity",
             "services": [
-                "ARS",
                 "NVA",
-                "AVS"
+                "AVS",
+                "ARS"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -6383,8 +6383,8 @@
             "id": "F01.04",
             "link": "https://learn.microsoft.com/azure/route-server/route-server-faq",
             "services": [
-                "ARS",
-                "AVS"
+                "AVS",
+                "ARS"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -6415,9 +6415,9 @@
             "link": "Research and choose optimal solution for each application",
             "services": [
                 "FrontDoor",
+                "AVS",
                 "NVA",
-                "AppGW",
-                "AVS"
+                "AppGW"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -6432,8 +6432,8 @@
             "id": "F03.01",
             "link": "https://docs.microsoft.com/azure/route-server/route-server-faq#route-server-limits",
             "services": [
-                "ARS",
-                "AVS"
+                "AVS",
+                "ARS"
             ],
             "severity": "Medium",
             "subcategory": "Routing",
@@ -6448,15 +6448,15 @@
             "id": "F04.01",
             "link": "https://docs.microsoft.com/azure/ddos-protection/manage-ddos-protection",
             "services": [
-                "VPN",
-                "DDoS",
                 "VM",
-                "LoadBalancer",
+                "VPN",
                 "VNet",
+                "FrontDoor",
+                "ExpressRoute",
                 "AppGW",
                 "AVS",
-                "ExpressRoute",
-                "FrontDoor"
+                "DDoS",
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -6501,9 +6501,9 @@
             "id": "F06.01",
             "link": "https://learn.microsoft.com/azure/architecture/networking/hub-spoke-vwan-architecture",
             "services": [
-                "VWAN",
                 "Firewall",
-                "AVS"
+                "AVS",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Virtual WAN",
@@ -6518,8 +6518,8 @@
             "id": "F06.02",
             "link": "https://learn.microsoft.com/azure/firewall-manager/secure-cloud-network",
             "services": [
-                "VWAN",
-                "AVS"
+                "AVS",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Virtual WAN",
@@ -6534,8 +6534,8 @@
             "id": "G01.01",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-nsx-network-components-azure-portal",
             "services": [
-                "AVS",
-                "Subscriptions"
+                "Subscriptions",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -6550,9 +6550,9 @@
             "id": "G01.02",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-platform-automation-and-devops#automated-scale",
             "services": [
-                "AzurePolicy",
+                "AVS",
                 "Storage",
-                "AVS"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -6612,8 +6612,8 @@
             "id": "G01.06",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-management-and-monitoring",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -6674,8 +6674,8 @@
             "id": "H01.02",
             "link": "Internal policy or regulatory compliance",
             "services": [
-                "AzurePolicy",
-                "AVS"
+                "AVS",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -6720,8 +6720,8 @@
             "id": "H01.05",
             "link": "Done through the subscription/resource providers/ AVS  register in the portal",
             "services": [
-                "AVS",
-                "Subscriptions"
+                "Subscriptions",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -6736,8 +6736,8 @@
             "id": "H01.06",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/enterprise-scale-landing-zone",
             "services": [
-                "AVS",
-                "Subscriptions"
+                "Subscriptions",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -6905,8 +6905,8 @@
             "id": "I01.01",
             "link": "General recommendation for storing encryption keys.",
             "services": [
-                "AKV",
-                "AVS"
+                "AVS",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Encryption",
@@ -6937,9 +6937,9 @@
             "id": "I01.03",
             "link": "https://docs.microsoft.com/azure/key-vault/general/authentication",
             "services": [
-                "AKV",
                 "AVS",
-                "ExpressRoute"
+                "ExpressRoute",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Encryption",
@@ -6969,8 +6969,8 @@
             "id": "I03.01",
             "link": "https://learn.microsoft.com/azure/sentinel/overview",
             "services": [
-                "Sentinel",
-                "AVS"
+                "AVS",
+                "Sentinel"
             ],
             "severity": "Medium",
             "subcategory": "Investigation",
@@ -7001,8 +7001,8 @@
             "id": "I04.02",
             "link": "https://docs.microsoft.com/azure/azure-vmware/azure-security-integration",
             "services": [
-                "AzurePolicy",
-                "AVS"
+                "AVS",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -7167,8 +7167,8 @@
             "id": "J04.01",
             "link": "https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.storage.doc/GUID-01D3CF47-A84A-4988-8103-A0487D6441AA.html",
             "services": [
-                "Storage",
-                "AVS"
+                "AVS",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -7183,9 +7183,9 @@
             "id": "J04.02",
             "link": "3rd-Party tools",
             "services": [
-                "Storage",
+                "VM",
                 "AVS",
-                "VM"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -7200,9 +7200,9 @@
             "id": "J04.03",
             "link": "Contact VMware",
             "services": [
-                "Storage",
+                "VM",
                 "AVS",
-                "VM"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -7217,8 +7217,8 @@
             "id": "J04.04",
             "link": "Contact VMware",
             "services": [
-                "Storage",
-                "AVS"
+                "AVS",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -7233,8 +7233,8 @@
             "id": "J04.05",
             "link": "Contact VMware",
             "services": [
-                "Storage",
-                "AVS"
+                "AVS",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -7249,10 +7249,10 @@
             "id": "J04.06",
             "link": "https://learn.microsoft.com/azure/azure-vmware/concepts-storage#storage-policies-and-fault-tolerance",
             "services": [
-                "AzurePolicy",
-                "Storage",
+                "VM",
                 "AVS",
-                "VM"
+                "Storage",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -7267,10 +7267,10 @@
             "id": "J04.07",
             "link": "https://learn.microsoft.com/azure/azure-vmware/configure-storage-policy",
             "services": [
-                "AzurePolicy",
-                "Storage",
+                "VM",
                 "AVS",
-                "VM"
+                "Storage",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -7285,9 +7285,9 @@
             "id": "J04.08",
             "link": "https://learn.microsoft.com/azure/azure-vmware/concepts-storage#storage-policies-and-fault-tolerance",
             "services": [
-                "AzurePolicy",
+                "AVS",
                 "Storage",
-                "AVS"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -7302,8 +7302,8 @@
             "id": "J04.09",
             "link": "https://learn.microsoft.com/azure/azure-vmware/netapp-files-with-azure-vmware-solution",
             "services": [
-                "Storage",
-                "AVS"
+                "AVS",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -7381,9 +7381,9 @@
             "id": "A02.01",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity",
             "services": [
+                "RBAC",
                 "ACR",
-                "Entra",
-                "RBAC"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -7398,9 +7398,9 @@
             "id": "A02.02",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity",
             "services": [
+                "RBAC",
                 "ACR",
-                "Entra",
-                "RBAC"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -7415,9 +7415,9 @@
             "id": "A02.03",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-roles?tabs=azure-cli",
             "services": [
+                "RBAC",
                 "ACR",
-                "Entra",
-                "RBAC"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -7463,9 +7463,9 @@
             "guid": "b3bec3d4-f343-47c1-936d-b55f27a71eee",
             "id": "A02.06",
             "services": [
-                "ACR",
-                "EventHubs",
                 "PrivateLink",
+                "EventHubs",
+                "ACR",
                 "Entra"
             ],
             "severity": "High",
@@ -7499,8 +7499,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/monitor-service",
             "services": [
                 "ACR",
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Logging and Monitoring",
@@ -7515,10 +7515,10 @@
             "id": "A04.01",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-private-link",
             "services": [
-                "ACR",
-                "VNet",
                 "PrivateLink",
-                "Firewall"
+                "Firewall",
+                "VNet",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -7533,8 +7533,8 @@
             "id": "A04.02",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-access-selected-networks#disable-public-network-access",
             "services": [
-                "ACR",
-                "PrivateLink"
+                "PrivateLink",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -7549,8 +7549,8 @@
             "id": "A04.03",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-skus",
             "services": [
-                "ACR",
-                "PrivateLink"
+                "PrivateLink",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -7636,11 +7636,11 @@
             "guid": "13b0f566-4b1e-4944-a459-837ee79d6c6d",
             "link": "https://learn.microsoft.com/azure/event-hubs/authorize-access-shared-access-signature#shared-access-authorization-policies",
             "services": [
-                "AzurePolicy",
                 "EventHubs",
-                "Entra",
                 "RBAC",
-                "TrafficManager"
+                "Entra",
+                "TrafficManager",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -7655,10 +7655,10 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/authenticate-managed-identity?tabs=latest",
             "services": [
                 "VM",
-                "AKV",
                 "EventHubs",
+                "Storage",
                 "Entra",
-                "Storage"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -7673,8 +7673,8 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/authorize-access-azure-active-directory#azure-built-in-roles-for-azure-event-hubs",
             "services": [
                 "EventHubs",
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
@@ -7688,9 +7688,9 @@
             "guid": "b38b875b-a1cf-4104-a900-3a4d3ce474db",
             "link": "https://learn.microsoft.com/azure/event-hubs/monitor-event-hubs-reference",
             "services": [
+                "VNet",
                 "EventHubs",
-                "Monitor",
-                "VNet"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -7704,9 +7704,9 @@
             "guid": "5abca2a4-eda1-4dae-8cc9-5d48c6b791dc",
             "link": "https://learn.microsoft.com/azure/event-hubs/private-link-service",
             "services": [
+                "PrivateLink",
                 "EventHubs",
-                "VNet",
-                "PrivateLink"
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -7734,8 +7734,8 @@
             "id": "A01.01",
             "link": "https://learn.microsoft.com/azure/openshift/howto-create-service-principal?pivots=aro-azurecli",
             "services": [
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -7763,8 +7763,8 @@
             "id": "A01.03",
             "link": "https://docs.openshift.com/container-platform/4.13/applications/projects/working-with-projects.html",
             "services": [
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -7778,8 +7778,8 @@
             "id": "A01.04",
             "link": "https://docs.openshift.com/container-platform/4.13/authentication/using-rbac.html",
             "services": [
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -7793,9 +7793,9 @@
             "id": "A01.05",
             "link": "https://learn.microsoft.com/azure/cost-management-billing/manage/direct-ea-administration#manage-notification-contacts",
             "services": [
-                "AKV",
-                "Entra"
-            ],
+                "Entra",
+                "AKV"
+            ],
             "severity": "Medium",
             "subcategory": "Identity",
             "text": "Minimize the number of users who have administrator rights and secrets access.",
@@ -7808,8 +7808,8 @@
             "id": "A01.06",
             "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
             "services": [
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -7823,12 +7823,12 @@
             "id": "B01.01",
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
             "services": [
-                "DDoS",
                 "VNet",
-                "Subscriptions",
                 "Firewall",
                 "Entra",
-                "WAF"
+                "DDoS",
+                "WAF",
+                "Subscriptions"
             ],
             "severity": "Low",
             "subcategory": "DDoS",
@@ -7869,8 +7869,8 @@
             "id": "B03.02",
             "link": "https://learn.microsoft.com/azure/openshift/howto-secure-openshift-with-front-door",
             "services": [
-                "FrontDoor",
-                "PrivateLink"
+                "PrivateLink",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -7884,9 +7884,9 @@
             "id": "B03.03",
             "link": "https://learn.microsoft.com/azure/openshift/howto-restrict-egress",
             "services": [
+                "Firewall",
                 "NVA",
-                "AzurePolicy",
-                "Firewall"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -7914,8 +7914,8 @@
             "id": "B04.02",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-private-link",
             "services": [
-                "ACR",
-                "PrivateLink"
+                "PrivateLink",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Private access",
@@ -8237,8 +8237,8 @@
             "id": "E01.02",
             "link": "https://learn.microsoft.com/azure/azure-arc/kubernetes/quickstart-connect-cluster",
             "services": [
-                "Arc",
-                "AKS"
+                "AKS",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Control plane",
@@ -8264,8 +8264,8 @@
             "id": "E03.01",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-containers-introduction",
             "services": [
-                "Arc",
                 "AKS",
+                "Arc",
                 "Defender"
             ],
             "severity": "Medium",
@@ -8280,9 +8280,9 @@
             "id": "E04.01",
             "link": "https://learn.microsoft.com/azure/azure-arc/kubernetes/tutorial-akv-secrets-provider",
             "services": [
+                "AKS",
                 "Arc",
-                "AKV",
-                "AKS"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -8308,8 +8308,8 @@
             "id": "E05.02",
             "link": "https://learn.microsoft.com/azure/governance/policy/concepts/policy-for-kubernetes#install-azure-policy-extension-for-azure-arc-enabled-kubernetes",
             "services": [
-                "Monitor",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Workload",
@@ -8337,8 +8337,8 @@
             "id": "E05.04",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-private-link",
             "services": [
-                "ACR",
-                "Subscriptions"
+                "Subscriptions",
+                "ACR"
             ],
             "severity": "Low",
             "subcategory": "Workload",
@@ -8409,9 +8409,9 @@
             "guid": "e0d5973c-d4ce-432c-8881-37f6f7c4c0d4",
             "link": "https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview#temporary-disk",
             "services": [
-                "SQL",
+                "VM",
                 "Storage",
-                "VM"
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "Virtual Machines",
@@ -8425,9 +8425,9 @@
             "guid": "e514548d-2447-4ec6-9138-b8200f1ce16e",
             "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
             "services": [
+                "VM",
                 "ACR",
-                "Storage",
-                "VM"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Virtual Machines",
@@ -8455,8 +8455,8 @@
             "guid": "6ba2c021-4991-414a-9d3c-e574dccbd979",
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
             "services": [
-                "ASR",
-                "VM"
+                "VM",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Virtual Machines",
@@ -8613,8 +8613,8 @@
             "guid": "2cc88147-0607-4c1c-aa0e-614658dd458e",
             "link": "https://learn.microsoft.com/azure/backup/backup-azure-immutable-vault-concept?source=recommendations&tabs=recovery-services-vault",
             "services": [
-                "Storage",
-                "Backup"
+                "Backup",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Backup",
@@ -8697,8 +8697,8 @@
             "guid": "ced126cd-032a-4f5b-8fc6-998a535e3378",
             "link": "https://learn.microsoft.com/azure/application-gateway/overview-v2",
             "services": [
-                "AppGW",
-                "Storage"
+                "Storage",
+                "AppGW"
             ],
             "severity": "High",
             "subcategory": "Application Gateways",
@@ -8726,10 +8726,10 @@
             "guid": "8df03a82-2cd4-463c-abbc-8ac299ebc92a",
             "link": "https://learn.microsoft.com/azure/networking/disaster-recovery-dns-traffic-manager",
             "services": [
-                "Monitor",
                 "ASR",
+                "TrafficManager",
                 "DNS",
-                "TrafficManager"
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "DNS",
@@ -8743,9 +8743,9 @@
             "guid": "43da1dae-2cc8-4814-9060-7c1cca0e6146",
             "link": "https://learn.microsoft.com/azure/dns/tutorial-dns-private-resolver-failover",
             "services": [
+                "ASR",
                 "ACR",
-                "DNS",
-                "ASR"
+                "DNS"
             ],
             "severity": "Low",
             "subcategory": "DNS",
@@ -8787,8 +8787,8 @@
             "guid": "a359c373-e7dd-4616-83a3-64a907ebae48",
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
             "services": [
-                "ExpressRoute",
-                "Backup"
+                "Backup",
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "ExpressRoute",
@@ -8802,10 +8802,10 @@
             "guid": "ead53cc7-de2e-48aa-ab35-71549ab9153d",
             "link": "https://learn.microsoft.com/azure/expressroute/use-s2s-vpn-as-backup-for-expressroute-privatepeering",
             "services": [
+                "Backup",
                 "ExpressRoute",
                 "VPN",
-                "Cost",
-                "Backup"
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "ExpressRoute",
@@ -8833,8 +8833,8 @@
             "guid": "b2b38c88-6ba2-4c02-8499-114a5d3ce574",
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-standard-availability-zones",
             "services": [
-                "LoadBalancer",
-                "VM"
+                "VM",
+                "LoadBalancer"
             ],
             "severity": "Low",
             "subcategory": "Load Balancers",
@@ -8938,9 +8938,9 @@
             "id": "A03.01",
             "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
             "services": [
-                "Storage",
+                "Subscriptions",
                 "RBAC",
-                "Subscriptions"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Governance",
@@ -9046,9 +9046,9 @@
             "id": "A09.01",
             "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
             "services": [
-                "AzurePolicy",
+                "Subscriptions",
                 "Storage",
-                "Subscriptions"
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Data Availability, Compliance",
@@ -9123,9 +9123,9 @@
             "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
             "id": "A11.02",
             "services": [
+                "RBAC",
                 "Entra",
-                "Storage",
-                "RBAC"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -9156,10 +9156,10 @@
             "id": "A11.04",
             "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
             "services": [
+                "Monitor",
                 "Entra",
-                "AKV",
                 "Storage",
-                "Monitor"
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
@@ -9174,10 +9174,10 @@
             "id": "A12.01",
             "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
             "services": [
-                "Monitor",
                 "AKV",
+                "Storage",
                 "AzurePolicy",
-                "Storage"
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -9193,9 +9193,9 @@
             "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
             "services": [
                 "Entra",
-                "AKV",
+                "Storage",
                 "AzurePolicy",
-                "Storage"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -9211,8 +9211,8 @@
             "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
             "services": [
                 "Entra",
-                "AzurePolicy",
-                "Storage"
+                "Storage",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -9227,10 +9227,10 @@
             "id": "A13.03",
             "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
             "services": [
-                "AKV",
                 "Entra",
+                "Storage",
                 "AzurePolicy",
-                "Storage"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -9244,8 +9244,8 @@
             "id": "A14.01",
             "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
             "services": [
-                "AKV",
-                "Storage"
+                "Storage",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "CI/CD",
@@ -9277,8 +9277,8 @@
             "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
             "services": [
                 "Entra",
-                "AzurePolicy",
-                "Storage"
+                "Storage",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
@@ -9340,9 +9340,9 @@
             "id": "A15.06",
             "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
             "services": [
+                "RBAC",
                 "Entra",
-                "Storage",
-                "RBAC"
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
@@ -9372,8 +9372,8 @@
             "id": "A16.01",
             "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
             "services": [
-                "AzurePolicy",
-                "Storage"
+                "Storage",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Networking",
@@ -9540,8 +9540,8 @@
             "id": "A05.01",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
             "services": [
-                "AzurePolicy",
                 "Storage",
+                "AzurePolicy",
                 "Cost"
             ],
             "subcategory": "Policy",
@@ -9581,8 +9581,8 @@
             "id": "A08.01",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
             "services": [
-                "Backup",
                 "VM",
+                "Backup",
                 "Storage",
                 "Cost"
             ],
@@ -9597,8 +9597,8 @@
             "id": "A09.01",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
             "services": [
-                "AzurePolicy",
                 "Storage",
+                "AzurePolicy",
                 "Cost"
             ],
             "subcategory": "storage accounts lifecycle policy",
@@ -9885,9 +9885,9 @@
             "id": "D02.01",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/manage/centralize-operations",
             "services": [
+                "VM",
                 "SQL",
                 "AzurePolicy",
-                "VM",
                 "Cost"
             ],
             "subcategory": "check AHUB is applied to all Windows VMs, RHEL and SQL",
@@ -9940,8 +9940,8 @@
             "id": "D06.01",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access#prerequisites-for-a-landing-zone---design-recommendations",
             "services": [
-                "ARS",
                 "VM",
+                "ARS",
                 "Cost"
             ],
             "subcategory": "reservations/savings plans",
@@ -10018,8 +10018,8 @@
             "id": "D10.01",
             "link": "https://learn.microsoft.com/azure/active-directory/roles/best-practices",
             "services": [
-                "SQL",
                 "VM",
+                "SQL",
                 "Cost"
             ],
             "subcategory": "SQL Database Reservations",
@@ -10159,8 +10159,8 @@
             "id": "E04.01",
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "services": [
-                "LoadBalancer",
                 "VM",
+                "LoadBalancer",
                 "Cost"
             ],
             "subcategory": "databricks",
@@ -10275,8 +10275,8 @@
             "id": "E06.02",
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "services": [
-                "EventHubs",
                 "FrontDoor",
+                "EventHubs",
                 "Cost"
             ],
             "subcategory": "Networking",
@@ -10419,8 +10419,8 @@
             "id": "E11.01",
             "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
             "services": [
-                "EventHubs",
                 "Monitor",
+                "EventHubs",
                 "Cost"
             ],
             "subcategory": "Synapse",
@@ -10537,8 +10537,8 @@
             "id": "E12.04",
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "services": [
-                "Monitor",
                 "VM",
+                "Monitor",
                 "Cost"
             ],
             "subcategory": "VM",
@@ -10559,15 +10559,119 @@
             "text": "containerizing an application can improve VM density and save money on scaling it",
             "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/"
         },
+        {
+            "category": "Application Deployment",
+            "checklist": "Azure Spring Apps Review",
+            "cost": 1,
+            "guid": "6d8e32a8-3892-479d-a40b-10f6b4f6f298",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concepts-blue-green-deployment-strategies",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "DevOps",
+            "text": "Azure Spring Apps permits two deployments for every app, only one of which receives production traffic. You can achieve zero downtime with blue green deployment strategies. Blue green deployment is only available in Standard and Enterprise tiers. You could automate deployment using CI/CD with ADO/GitHub actions",
+            "waf": "Reliability"
+        },
+        {
+            "category": "BC and DR",
+            "checklist": "Azure Spring Apps Review",
+            "cost": 1,
+            "guid": "fbcb40ac-9480-4a6d-bcf4-8081252a6716",
+            "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region",
+            "services": [
+                "FrontDoor",
+                "ASR",
+                "TrafficManager"
+            ],
+            "severity": "Medium",
+            "subcategory": "Disaster Recovery",
+            "text": "Azure Spring Apps instances could be created in multiple regions for your applications and traffic could be routed by Traffic Manager/Front Door.",
+            "waf": "Reliability"
+        },
+        {
+            "category": "BC and DR",
+            "checklist": "Azure Spring Apps Review",
+            "cost": 1,
+            "guid": "ff1ae6a7-9301-4feb-9d11-56cd72f1d4ef",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-spring-apps",
+            "services": [
+                "ACR"
+            ],
+            "severity": "Medium",
+            "subcategory": "High Availability",
+            "text": "In supported region, Azure Spring Apps can be deployed as zone redundant, which means that instances are automatically distributed across availability zones. This feature is only available in Standard and Enterprise tiers.",
+            "waf": "Reliability"
+        },
+        {
+            "category": "BC and DR",
+            "checklist": "Azure Spring Apps Review",
+            "cost": 1,
+            "guid": "ffc735ad-fbb1-4802-b43f-ad6387c4c066",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concept-understand-app-and-deployment",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "High Availability",
+            "text": "Use more than 1 app instance for your apps",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Operations",
+            "checklist": "Azure Spring Apps Review",
+            "cost": 1,
+            "guid": "7504c230-6035-4183-95a5-85762acc6075",
+            "link": "https://learn.microsoft.com/azure/spring-apps/diagnostic-services",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Monitor Azure Spring Apps with logs, metrics and tracing. Integrate ASA with application insights and track failures and create workbooks.",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Operations",
+            "checklist": "Azure Spring Apps Review",
+            "cost": 1,
+            "guid": "1eb48d58-3eec-4ef5-80b0-d2b0dde3f0c6",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-configure-enterprise-spring-cloud-gateway",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Scalability",
+            "text": "Set up autoscaling in Spring Cloud Gateway",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Operations",
+            "checklist": "Azure Spring Apps Review",
+            "cost": 1,
+            "guid": "97411607-b6fd-4335-99d1-9885faf4e392",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-setup-autoscale",
+            "services": [],
+            "severity": "Low",
+            "subcategory": "Scalability",
+            "text": "Enable autoscale for the apps with Standard consumption & dedicated plan.",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Operations",
+            "checklist": "Azure Spring Apps Review",
+            "cost": 1,
+            "guid": "dfcaffd1-d27c-4ef2-998d-64c1df3a7ac3",
+            "link": "https://learn.microsoft.com/azure/spring-apps/overview",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Support",
+            "text": "Use Enterprise plan for commercial support of spring boot for mission critical apps. With other tiers you get OSS support.",
+            "waf": "Reliability"
+        },
         {
             "category": "Identity",
             "checklist": "Azure VMware Solution Design Review",
             "guid": "32e42e36-11c8-418b-8a0b-c510e43a18a9",
             "id": "A01.01",
             "services": [
-                "Entra",
+                "Subscriptions",
                 "AVS",
-                "Subscriptions"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -10580,8 +10684,8 @@
             "guid": "43f63047-22d9-429c-8b1c-d622f54b29ba",
             "id": "A01.02",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -10594,8 +10698,8 @@
             "guid": "de3aad1e-7c28-4ec9-9666-b7570449aa80",
             "id": "A01.03",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -10608,8 +10712,8 @@
             "guid": "cd289ced-6b17-4db8-8554-61e2aee3553a",
             "id": "A01.04",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -10622,8 +10726,8 @@
             "guid": "b9d37dac-43bc-46cd-8d79-a9b24604489a",
             "id": "A01.05",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -10636,8 +10740,8 @@
             "guid": "53d88e89-d17b-473b-82a5-a67e7a9ed5b3",
             "id": "A01.06",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -10650,9 +10754,9 @@
             "guid": "ae0e37ce-e297-411b-b352-caaab79b198d",
             "id": "A01.07",
             "services": [
-                "Entra",
+                "AVS",
                 "RBAC",
-                "AVS"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -10665,9 +10769,9 @@
             "guid": "ab81932c-9fc9-4d1b-a780-36f5e6bfbb9e",
             "id": "A01.08",
             "services": [
-                "Entra",
+                "AVS",
                 "RBAC",
-                "AVS"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -10680,9 +10784,9 @@
             "guid": "d503547c-c447-4e82-9128-a71f0f1cac6d",
             "id": "A01.09",
             "services": [
-                "Entra",
+                "AVS",
                 "RBAC",
-                "AVS"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -10710,10 +10814,10 @@
             "id": "B02.01",
             "services": [
                 "VPN",
-                "Monitor",
-                "AVS",
                 "NetworkWatcher",
-                "ExpressRoute"
+                "Monitor",
+                "ExpressRoute",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -10727,10 +10831,10 @@
             "id": "B02.02",
             "services": [
                 "VM",
-                "Monitor",
-                "AVS",
                 "NetworkWatcher",
-                "ExpressRoute"
+                "Monitor",
+                "ExpressRoute",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -10743,10 +10847,10 @@
             "guid": "25659d35-58fd-4772-99c9-31112d027fe4",
             "id": "B02.03",
             "services": [
-                "Monitor",
-                "NetworkWatcher",
+                "VM",
                 "AVS",
-                "VM"
+                "NetworkWatcher",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -10759,8 +10863,8 @@
             "guid": "563b4dc7-4a74-48b6-933a-d1a0916a6649",
             "id": "B03.01",
             "services": [
-                "ARS",
-                "AVS"
+                "AVS",
+                "ARS"
             ],
             "severity": "High",
             "subcategory": "Routing",
@@ -10773,9 +10877,9 @@
             "guid": "6128a71f-0f1c-4ac6-b9ef-1d5e832e42e3",
             "id": "C01.01",
             "services": [
+                "AVS",
                 "Entra",
-                "RBAC",
-                "AVS"
+                "RBAC"
             ],
             "severity": "High",
             "subcategory": "Security (identity)",
@@ -10788,9 +10892,9 @@
             "guid": "c4e2436b-b336-4d71-9f17-960eee0b9b5c",
             "id": "C01.02",
             "services": [
+                "AVS",
                 "Entra",
-                "RBAC",
-                "AVS"
+                "RBAC"
             ],
             "severity": "High",
             "subcategory": "Security (identity)",
@@ -10803,8 +10907,8 @@
             "guid": "8defc4d7-21d3-41d2-90fb-707ae9eab40e",
             "id": "C01.03",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Security (identity)",
@@ -10817,9 +10921,9 @@
             "guid": "d329f798-bc17-48bd-a5a0-6ca7144351d1",
             "id": "C01.04",
             "services": [
-                "Entra",
+                "AVS",
                 "RBAC",
-                "AVS"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security (identity)",
@@ -10832,8 +10936,8 @@
             "guid": "9dd24429-eb72-4281-97a1-51c5bb4e4f18",
             "id": "C01.05",
             "services": [
-                "Entra",
-                "AVS"
+                "AVS",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Security (identity)",
@@ -10846,9 +10950,9 @@
             "guid": "586cb291-ec16-4a1d-876e-f9f141acdce5",
             "id": "C01.06",
             "services": [
-                "Entra",
+                "VM",
                 "AVS",
-                "VM"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Security (identity)",
@@ -10902,8 +11006,8 @@
             "guid": "29e3eec2-1836-487a-8077-a2b5945bda43",
             "id": "C02.04",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Security (network)",
@@ -10917,10 +11021,10 @@
             "id": "C02.05",
             "services": [
                 "VPN",
-                "DDoS",
                 "VNet",
+                "ExpressRoute",
                 "AVS",
-                "ExpressRoute"
+                "DDoS"
             ],
             "severity": "Medium",
             "subcategory": "Security (network)",
@@ -10960,8 +11064,8 @@
             "guid": "44c7c891-9ca1-4f6d-9315-ae524ba34d45",
             "id": "C03.02",
             "services": [
-                "Arc",
-                "AVS"
+                "AVS",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security (guest/VM)",
@@ -10988,8 +11092,8 @@
             "guid": "a3592718-e6e2-4051-9267-6ae46691e883",
             "id": "C03.04",
             "services": [
-                "AKV",
-                "AVS"
+                "AVS",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Security (guest/VM)",
@@ -11015,10 +11119,10 @@
             "guid": "3ef7ad7c-6d37-4331-95c7-acbe44bbe609",
             "id": "C04.01",
             "services": [
-                "AzurePolicy",
-                "Storage",
+                "VM",
                 "AVS",
-                "VM"
+                "Storage",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Governance (platform)",
@@ -11045,9 +11149,9 @@
             "guid": "d88408f3-7273-44c8-96ba-280214590146",
             "id": "C04.03",
             "services": [
-                "AzurePolicy",
+                "AVS",
                 "Storage",
-                "AVS"
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Governance (platform)",
@@ -11073,8 +11177,8 @@
             "guid": "bf39d95d-44c7-4c89-89ca-1f6d5315ae52",
             "id": "C04.05",
             "services": [
-                "AzurePolicy",
-                "AVS"
+                "AVS",
+                "AzurePolicy"
             ],
             "severity": "Low",
             "subcategory": "Governance (platform)",
@@ -11143,9 +11247,9 @@
             "guid": "41741583-3ef7-4ad7-a6d3-733165c7acbe",
             "id": "C05.02",
             "services": [
-                "Arc",
+                "VM",
                 "AVS",
-                "VM"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Governance (guest/VM)",
@@ -11171,9 +11275,9 @@
             "guid": "4ed90dae-2cc8-44c4-9b6b-781cbafe6c46",
             "id": "C05.04",
             "services": [
-                "Monitor",
+                "VM",
                 "AVS",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Governance (guest/VM)",
@@ -11186,10 +11290,10 @@
             "guid": "589d457a-927c-4397-9d11-02cad6aae11e",
             "id": "C05.05",
             "services": [
-                "AzurePolicy",
                 "VM",
+                "Backup",
                 "AVS",
-                "Backup"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Governance (guest/VM)",
@@ -11202,9 +11306,9 @@
             "guid": "ee29711b-d352-4caa-ab79-b198dab81932",
             "id": "C06.01",
             "services": [
-                "Monitor",
                 "AVS",
-                "Defender"
+                "Defender",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Compliance",
@@ -11257,8 +11361,8 @@
             "guid": "e43a18a9-cd28-49ce-b6b1-7db8255461e2",
             "id": "D01.01",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -11271,8 +11375,8 @@
             "guid": "6b84ee5d-f47d-42d9-8881-b1cd5d1e54a2",
             "id": "D01.02",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -11285,8 +11389,8 @@
             "guid": "9659e396-80e7-4828-ac93-5657d02bff45",
             "id": "D01.03",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -11299,8 +11403,8 @@
             "guid": "64b0d934-a348-4726-be79-d6b5c3a36495",
             "id": "D01.04",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -11313,9 +11417,9 @@
             "guid": "b6abad38-aad5-43cc-99e1-d86667357c54",
             "id": "D01.05",
             "services": [
-                "Monitor",
+                "AVS",
                 "Storage",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -11328,8 +11432,8 @@
             "guid": "9674c5ed-85b8-459c-9733-be2b1a27b775",
             "id": "D01.06",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Monitoring",
@@ -11342,10 +11446,10 @@
             "guid": "a91be1f3-88f0-43a4-b2cd-463cbbbc8682",
             "id": "D02.01",
             "services": [
-                "AzurePolicy",
-                "Storage",
+                "VM",
                 "AVS",
-                "VM"
+                "Storage",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -11371,9 +11475,9 @@
             "guid": "0e43a18a-9cd2-489b-bd6b-17db8255461e",
             "id": "D02.03",
             "services": [
-                "Storage",
+                "Backup",
                 "AVS",
-                "Backup"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -11386,8 +11490,8 @@
             "guid": "2aee3453-aec8-4339-848b-262d6cc5f512",
             "id": "D02.04",
             "services": [
-                "Arc",
-                "AVS"
+                "AVS",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -11400,8 +11504,8 @@
             "guid": "925398e6-da9d-437d-ac43-bc6cd1d79a9b",
             "id": "D02.05",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -11427,9 +11531,9 @@
             "guid": "17e7a8d9-0ae0-4e27-aee2-9711bd352caa",
             "id": "D02.07",
             "services": [
-                "Monitor",
+                "AVS",
                 "AzurePolicy",
-                "AVS"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -11442,9 +11546,9 @@
             "guid": "ab79b188-dab8-4193-8c9f-c9d1bb77036f",
             "id": "D02.08",
             "services": [
-                "Storage",
+                "VM",
                 "AVS",
-                "VM"
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -11471,8 +11575,8 @@
             "guid": "25398e6d-b9d3-47da-a43b-c6cd1d79a9b2",
             "id": "E01.01",
             "services": [
-                "AVS",
-                "Backup"
+                "Backup",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -11555,10 +11659,10 @@
             "guid": "d1d79a9b-2460-4448-aa8f-42d78e78cb6a",
             "id": "E02.06",
             "services": [
-                "ASR",
                 "NVA",
                 "AVS",
-                "ExpressRoute"
+                "ExpressRoute",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -11571,8 +11675,8 @@
             "guid": "33bd2a09-17e7-4a8d-a0ae-0e27cee29711",
             "id": "E03.01",
             "services": [
-                "AVS",
-                "Backup"
+                "Backup",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Business Continuity",
@@ -11585,8 +11689,8 @@
             "guid": "bd352caa-ab79-4b18-adab-81932c9fc9d1",
             "id": "E03.02",
             "services": [
-                "AVS",
-                "Backup"
+                "Backup",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Business Continuity",
@@ -11677,8 +11781,8 @@
             "guid": "0f1cac6d-9ef1-4d5e-a32e-42e3611c818b",
             "id": "F02.03",
             "services": [
-                "AzurePolicy",
-                "AVS"
+                "AVS",
+                "AzurePolicy"
             ],
             "severity": "Low",
             "subcategory": "Automated Deployment",
@@ -11691,8 +11795,8 @@
             "guid": "e2cc95d4-8c6b-4791-bca0-f6c56589e558",
             "id": "F03.01",
             "services": [
-                "AKV",
-                "AVS"
+                "AVS",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Automated Connectivity",
@@ -11705,9 +11809,9 @@
             "guid": "255461e2-aee3-4553-afc8-339248b262d6",
             "id": "F03.02",
             "services": [
-                "AKV",
                 "AVS",
-                "ExpressRoute"
+                "ExpressRoute",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Automated Connectivity",
@@ -11745,9 +11849,9 @@
             "checklist": "Azure VMware Solution Design Review",
             "guid": "3bd2a0a1-7e7a-48d9-8ae0-e37cee29711b",
             "id": "F04.01",
-            "services": [
-                "AVS",
-                "Subscriptions"
+            "services": [
+                "Subscriptions",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -11760,9 +11864,9 @@
             "guid": "d352caaa-b79b-4198-bab8-1932c9fc9d1b",
             "id": "F04.02",
             "services": [
-                "AzurePolicy",
+                "AVS",
                 "Storage",
-                "AVS"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -11814,8 +11918,8 @@
             "guid": "1dc15a1c-075e-4e9f-841a-cccd579376bc",
             "id": "F04.06",
             "services": [
-                "Monitor",
-                "AVS"
+                "AVS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -11840,8 +11944,8 @@
             "guid": "03b125d5-b69b-4739-b7fd-84b86da4933e",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-properties?tabs=azure-portal",
             "services": [
-                "APIM",
-                "AzurePolicy"
+                "AzurePolicy",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Best practices",
@@ -11853,8 +11957,8 @@
             "guid": "beae759e-4ddb-4326-bf26-47f87d3454b6",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-deploy-multi-region",
             "services": [
-                "APIM",
-                "ASR"
+                "ASR",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Business continuity and disaster recovery",
@@ -11866,8 +11970,8 @@
             "guid": "9c8d1664-dd9a-49d4-bd83-950af0af4044",
             "link": "https://learn.microsoft.com/azure/api-management/high-availability",
             "services": [
-                "APIM",
-                "ASR"
+                "ASR",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Business continuity and disaster recovery",
@@ -11879,9 +11983,9 @@
             "guid": "8d2db6e8-85c6-4118-a52c-ae76a4f27934",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#service-native-backup-capability",
             "services": [
-                "APIM",
+                "Backup",
                 "ASR",
-                "Backup"
+                "APIM"
             ],
             "severity": "High",
             "subcategory": "Business continuity and disaster recovery",
@@ -11893,8 +11997,8 @@
             "guid": "f96ddac5-77ec-4fa9-8833-4327f052059e",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-cache-external",
             "services": [
-                "APIM",
-                "AzurePolicy"
+                "AzurePolicy",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Performance and scalability",
@@ -11907,9 +12011,9 @@
             "guid": "8210699f-8d43-45c2-8f19-57e54134bd8f",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-log-event-hubs",
             "services": [
-                "APIM",
                 "EventHubs",
-                "AzurePolicy"
+                "AzurePolicy",
+                "APIM"
             ],
             "severity": "Low",
             "subcategory": "Performance and scalability",
@@ -11921,8 +12025,8 @@
             "guid": "121bfc39-fa7b-4096-b93b-ab56c1bc0bed",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-sample-flexible-throttling",
             "services": [
-                "APIM",
-                "AzurePolicy"
+                "AzurePolicy",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Performance and scalability",
@@ -11959,8 +12063,8 @@
             "guid": "d7941d4a-7b6f-458f-8714-2f8f8c059ad4",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-error-handling-policies",
             "services": [
-                "APIM",
-                "AzurePolicy"
+                "AzurePolicy",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Development best practices",
@@ -11972,8 +12076,8 @@
             "guid": "0b0c0765-ff37-4369-90bd-3eb23ce71b08",
             "link": "https://learn.microsoft.com/azure/api-management/set-edit-policies?tabs=form#use-base-element-to-set-policy-evaluation-order",
             "services": [
-                "APIM",
-                "AzurePolicy"
+                "AzurePolicy",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Development best practices",
@@ -11985,9 +12089,9 @@
             "guid": "a5c45b03-93b6-42fe-b16b-8fccb6a79902",
             "link": "https://learn.microsoft.com/azure/api-management/policy-fragments",
             "services": [
-                "APIM",
                 "ACR",
-                "AzurePolicy"
+                "AzurePolicy",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Development best practices",
@@ -12011,8 +12115,8 @@
             "guid": "a7d0840a-c8c4-4e83-adec-5ca578eb4049",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-use-azure-monitor#resource-logs",
             "services": [
-                "APIM",
-                "Monitor"
+                "Monitor",
+                "APIM"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -12024,8 +12128,8 @@
             "guid": "8691fa38-45ed-4299-a247-fecd98d35deb",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-app-insights",
             "services": [
-                "APIM",
-                "Monitor"
+                "Monitor",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -12037,8 +12141,8 @@
             "guid": "55fd27bb-76ac-4a91-bc37-049e885be6b7",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-use-azure-monitor",
             "services": [
-                "APIM",
-                "Monitor"
+                "Monitor",
+                "APIM"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -12050,9 +12154,9 @@
             "guid": "39460bdb-156f-4dc2-a87f-1e8c11ab0998",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#certificate-management-in-azure-key-vault",
             "services": [
-                "APIM",
+                "Entra",
                 "AKV",
-                "Entra"
+                "APIM"
             ],
             "severity": "High",
             "subcategory": "Data protection",
@@ -12064,8 +12168,8 @@
             "guid": "e9217997-5f6c-479d-8576-8f2adf706ec8",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#azure-ad-authentication-required-for-data-plane-access",
             "services": [
-                "APIM",
-                "Entra"
+                "Entra",
+                "APIM"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -12077,8 +12181,8 @@
             "guid": "5e5f64ba-c90e-480e-8888-398d96cf0bfb",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-aad",
             "services": [
-                "APIM",
-                "Entra"
+                "Entra",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -12090,8 +12194,8 @@
             "guid": "f8e574ce-280f-49c8-b2ef-68279b081cf3",
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-create-groups",
             "services": [
-                "APIM",
-                "Entra"
+                "Entra",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Privileged access",
@@ -12103,8 +12207,8 @@
             "guid": "cd45c90e-7690-4753-930b-bf290c69c074",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#virtual-network-integration",
             "services": [
-                "APIM",
-                "VNet"
+                "VNet",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -12116,9 +12220,9 @@
             "guid": "02661582-b3d1-48d1-9d7b-c6a918a0ca33",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#network-security-group-support",
             "services": [
-                "APIM",
+                "VNet",
                 "Monitor",
-                "VNet"
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -12130,9 +12234,9 @@
             "guid": "67437a28-2721-4a2c-becd-caa54c8237a5",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#azure-private-link",
             "services": [
-                "APIM",
                 "VNet",
-                "PrivateLink"
+                "PrivateLink",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -12156,8 +12260,8 @@
             "guid": "7519e385-a88b-4d34-966b-6269d686e890",
             "link": "https://learn.microsoft.com/azure/api-management/front-door-api-management",
             "services": [
-                "APIM",
-                "FrontDoor"
+                "FrontDoor",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Connectivity",
@@ -12181,8 +12285,8 @@
             "guid": "c385bfcd-49fd-4786-81ba-cedbb4c57345",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/app-platform/api-management/platform-automation-and-devops#design-recommendations",
             "services": [
-                "APIM",
-                "Entra"
+                "Entra",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Best practices",
@@ -12194,8 +12298,8 @@
             "guid": "6c3a27c0-197f-426c-9ffa-86fed51d9ab6",
             "link": "https://learn.microsoft.com/azure/api-management/visual-studio-code-tutorial",
             "services": [
-                "APIM",
-                "Entra"
+                "Entra",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Best practices",
@@ -12279,8 +12383,8 @@
             "guid": "f8af3d94-1d2b-4070-846f-849197524258",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#im-8-restrict-the-exposure-of-credential-and-secrets",
             "services": [
-                "APIM",
-                "AKV"
+                "AKV",
+                "APIM"
             ],
             "severity": "High",
             "subcategory": "Data protection",
@@ -12292,8 +12396,8 @@
             "guid": "791abd8b-7706-4e31-9569-afefde724be3",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#managed-identities",
             "services": [
-                "APIM",
-                "Entra"
+                "Entra",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Identities",
@@ -12305,10 +12409,10 @@
             "guid": "220c4ca6-6688-476b-b2b5-425a78e6fb87",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#ns-6-deploy-web-application-firewall",
             "services": [
-                "APIM",
                 "WAF",
                 "Entra",
-                "AppGW"
+                "AppGW",
+                "APIM"
             ],
             "severity": "High",
             "subcategory": "Network",
@@ -12339,8 +12443,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/app-service-key-vault-references",
             "services": [
                 "AppSvc",
-                "AKV",
-                "Entra"
+                "Entra",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Data Protection",
@@ -12450,8 +12554,8 @@
             "id": "A02.04",
             "link": "https://learn.microsoft.com/azure/app-service/overview-managed-identity?tabs=portal%2Chttp",
             "services": [
-                "AKV",
-                "Entra"
+                "Entra",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -12466,8 +12570,8 @@
             "id": "A02.05",
             "link": "https://learn.microsoft.com/azure/app-service/configure-custom-container#use-managed-identity-to-pull-image-from-azure-container-registry",
             "services": [
-                "ACR",
-                "Entra"
+                "Entra",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -12483,8 +12587,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/troubleshoot-diagnostic-logs",
             "services": [
                 "AppSvc",
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Logging and Monitoring",
@@ -12500,8 +12604,8 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
             "services": [
                 "AppSvc",
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Logging and Monitoring",
@@ -12516,10 +12620,10 @@
             "id": "A04.01",
             "link": "https://learn.microsoft.com/azure/app-service/overview-vnet-integration",
             "services": [
-                "Monitor",
-                "NVA",
                 "VNet",
-                "Firewall"
+                "Firewall",
+                "NVA",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -12535,10 +12639,10 @@
             "link": "https://learn.microsoft.com/azure/app-service/networking/nat-gateway-integration",
             "services": [
                 "NVA",
-                "PrivateLink",
+                "Storage",
                 "VNet",
-                "Firewall",
-                "Storage"
+                "PrivateLink",
+                "Firewall"
             ],
             "severity": "Low",
             "subcategory": "Network Security",
@@ -12571,8 +12675,8 @@
             "services": [
                 "AppSvc",
                 "Monitor",
-                "AppGW",
                 "FrontDoor",
+                "AppGW",
                 "WAF"
             ],
             "severity": "High",
@@ -12683,11 +12787,11 @@
             "id": "A04.11",
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
             "services": [
-                "DDoS",
                 "NVA",
+                "EventHubs",
                 "VNet",
                 "AppGW",
-                "EventHubs",
+                "DDoS",
                 "WAF"
             ],
             "severity": "Medium",
@@ -12703,9 +12807,9 @@
             "id": "A04.12",
             "link": "https://learn.microsoft.com/azure/app-service/configure-custom-container#use-an-image-from-a-network-protected-registry",
             "services": [
+                "VNet",
                 "ACR",
-                "PrivateLink",
-                "VNet"
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -12852,10 +12956,10 @@
             "id": "02.02.01",
             "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-multi-region",
             "services": [
-                "LoadBalancer",
-                "FrontDoor",
                 "AKS",
-                "TrafficManager"
+                "LoadBalancer",
+                "TrafficManager",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "subcategory": "High Availability",
@@ -12921,8 +13025,8 @@
             "id": "02.02.05",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-geo-replication",
             "services": [
-                "ACR",
-                "AKS"
+                "AKS",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "High Availability",
@@ -13017,8 +13121,8 @@
             "link": "https://learn.microsoft.com/azure/governance/policy/concepts/policy-for-kubernetes",
             "security": 1,
             "services": [
-                "AzurePolicy",
-                "AKS"
+                "AKS",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "simple": -1,
@@ -13068,8 +13172,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/",
             "security": 1,
             "services": [
-                "ACR",
-                "AKS"
+                "AKS",
+                "ACR"
             ],
             "severity": "Medium",
             "simple": -1,
@@ -13149,8 +13253,8 @@
             "link": "https://github.com/Azure/secrets-store-csi-driver-provider-azure",
             "security": 1,
             "services": [
-                "AKV",
-                "AKS"
+                "AKS",
+                "AKV"
             ],
             "severity": "Medium",
             "simple": -1,
@@ -13166,8 +13270,8 @@
             "link": "https://learn.microsoft.com/azure/aks/update-credentials",
             "security": 1,
             "services": [
-                "AKV",
-                "AKS"
+                "AKS",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -13183,8 +13287,8 @@
             "link": "https://learn.microsoft.com/azure/aks/use-kms-etcd-encryption",
             "security": 1,
             "services": [
-                "AKV",
-                "AKS"
+                "AKS",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -13200,8 +13304,8 @@
             "link": "https://learn.microsoft.com/azure/confidential-computing/confidential-nodes-aks-overview",
             "security": 1,
             "services": [
-                "AKV",
-                "AKS"
+                "AKS",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Secrets",
@@ -13217,9 +13321,9 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-containers-enable",
             "security": 1,
             "services": [
-                "AKV",
                 "AKS",
-                "Defender"
+                "Defender",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -13286,8 +13390,8 @@
             "security": 1,
             "services": [
                 "AKS",
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "Medium",
             "simple": -1,
@@ -13304,9 +13408,9 @@
             "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-identity",
             "security": 1,
             "services": [
-                "Entra",
                 "AKS",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "simple": -1,
@@ -13442,8 +13546,8 @@
             "link": "https://azure.github.io/application-gateway-kubernetes-ingress/setup/install-existing/",
             "security": 1,
             "services": [
-                "ACR",
                 "AKS",
+                "ACR",
                 "AppGW"
             ],
             "severity": "Medium",
@@ -13495,8 +13599,8 @@
             "link": "https://learn.microsoft.com/azure/aks/load-balancer-standard",
             "scale": 1,
             "services": [
-                "LoadBalancer",
-                "AKS"
+                "AKS",
+                "LoadBalancer"
             ],
             "severity": "High",
             "subcategory": "Best practices",
@@ -13528,10 +13632,10 @@
             "link": "https://learn.microsoft.com/azure/private-link/private-link-overview",
             "security": 1,
             "services": [
-                "PrivateLink",
-                "AKS",
                 "VNet",
-                "Cost"
+                "AKS",
+                "Cost",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "simple": -1,
@@ -13548,8 +13652,8 @@
             "id": "06.03.01",
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
             "services": [
-                "VPN",
-                "AKS"
+                "AKS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "HA",
@@ -13726,8 +13830,8 @@
             "link": "https://learn.microsoft.com/azure/aks/limit-egress-traffic",
             "security": 2,
             "services": [
-                "NVA",
-                "AKS"
+                "AKS",
+                "NVA"
             ],
             "severity": "High",
             "simple": -2,
@@ -13778,8 +13882,8 @@
             "link": "https://learn.microsoft.com/azure/aks/use-network-policies",
             "security": 1,
             "services": [
-                "AzurePolicy",
-                "AKS"
+                "AKS",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "simple": -1,
@@ -13796,8 +13900,8 @@
             "link": "https://learn.microsoft.com/azure/aks/use-network-policies",
             "security": 1,
             "services": [
-                "AzurePolicy",
-                "AKS"
+                "AKS",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -13812,8 +13916,8 @@
             "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-network",
             "security": 1,
             "services": [
-                "AzurePolicy",
-                "AKS"
+                "AKS",
+                "AzurePolicy"
             ],
             "severity": "High",
             "simple": -1,
@@ -13849,9 +13953,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/ddos-protection-overview",
             "security": 2,
             "services": [
-                "DDoS",
                 "VNet",
-                "AKS"
+                "AKS",
+                "DDoS"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -13899,8 +14003,8 @@
             "id": "07.01.01",
             "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-metric-alerts",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "High",
             "simple": -1,
@@ -14117,8 +14221,8 @@
             "id": "07.02.15",
             "link": "https://learn.microsoft.com/azure/aks/monitor-aks",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Compliance",
@@ -14183,8 +14287,8 @@
             "id": "07.04.01",
             "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-overview",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "High",
             "simple": -1,
@@ -14201,8 +14305,8 @@
             "id": "07.04.02",
             "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-overview",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "High",
             "simple": -1,
@@ -14218,8 +14322,8 @@
             "id": "07.04.03",
             "link": "https://learn.microsoft.com/azure/azure-monitor/containers/container-insights-analyze",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "Medium",
             "simple": -1,
@@ -14235,8 +14339,8 @@
             "id": "07.04.04",
             "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "Medium",
             "simple": -1,
@@ -14254,10 +14358,10 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/premium-storage-performance",
             "services": [
                 "ServiceBus",
-                "Monitor",
                 "EventHubs",
-                "AKS",
-                "Storage"
+                "Storage",
+                "Monitor",
+                "AKS"
             ],
             "severity": "Medium",
             "simple": -1,
@@ -14274,9 +14378,9 @@
             "link": "https://learn.microsoft.com/azure/aks/load-balancer-standard",
             "services": [
                 "LoadBalancer",
-                "Monitor",
+                "AKS",
                 "NVA",
-                "AKS"
+                "Monitor"
             ],
             "severity": "Medium",
             "simple": -1,
@@ -14292,8 +14396,8 @@
             "id": "07.04.07",
             "link": "https://learn.microsoft.com/azure/aks/aks-resource-health",
             "services": [
-                "Monitor",
-                "AKS"
+                "AKS",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -14953,10 +15057,10 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-sas#shared-access-authorization-policies",
             "services": [
                 "ServiceBus",
-                "AzurePolicy",
-                "Entra",
                 "RBAC",
-                "TrafficManager"
+                "Entra",
+                "TrafficManager",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -14970,12 +15074,12 @@
             "guid": "786d60f9-6c96-4ad8-a55d-04c2b39c986b",
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-managed-service-identity",
             "services": [
-                "AppSvc",
                 "ServiceBus",
+                "AppSvc",
                 "VM",
-                "AKV",
+                "Storage",
                 "Entra",
-                "Storage"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -14990,10 +15094,10 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/authenticate-application#azure-built-in-roles-for-azure-service-bus",
             "services": [
                 "ServiceBus",
+                "RBAC",
                 "Storage",
-                "Subscriptions",
                 "Entra",
-                "RBAC"
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
@@ -15007,9 +15111,9 @@
             "guid": "af12e7f9-43f6-4304-922d-929c2b1cd622",
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/monitor-service-bus-reference",
             "services": [
-                "Monitor",
+                "ServiceBus",
                 "VNet",
-                "ServiceBus"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -15023,9 +15127,9 @@
             "guid": "9ae669ca-48e4-4a85-b222-3ece8bb12307",
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/private-link-service",
             "services": [
-                "PrivateLink",
                 "ServiceBus",
-                "VNet"
+                "VNet",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -15054,9 +15158,9 @@
             "id": "A01.01",
             "link": "https://azure.microsoft.com/support/legal/sla/virtual-desktop/v1_0/",
             "services": [
-                "AVD",
-                "Subscriptions",
                 "VM",
+                "Subscriptions",
+                "AVD",
                 "ASR"
             ],
             "severity": "High",
@@ -15072,8 +15176,8 @@
             "id": "A01.02",
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/wvd/azure-virtual-desktop-multi-region-bcdr",
             "services": [
-                "AVD",
                 "VM",
+                "AVD",
                 "Storage",
                 "ASR"
             ],
@@ -15106,8 +15210,8 @@
             "id": "A01.04",
             "link": "https://techcommunity.microsoft.com/t5/azure-virtual-desktop-blog/announcing-general-availability-of-support-for-azure/ba-p/3636262",
             "services": [
-                "ACR",
                 "AVD",
+                "ACR",
                 "ASR"
             ],
             "severity": "High",
@@ -15123,10 +15227,10 @@
             "id": "A01.05",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/disaster-recovery",
             "services": [
-                "AVD",
-                "ASR",
                 "VM",
-                "Backup"
+                "Backup",
+                "AVD",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Compute",
@@ -15141,10 +15245,10 @@
             "id": "A01.06",
             "link": "https://learn.microsoft.com/azure/site-recovery/azure-to-azure-how-to-enable-zone-to-zone-disaster-recovery",
             "services": [
-                "AVD",
                 "VM",
                 "Cost",
                 "Backup",
+                "AVD",
                 "ASR"
             ],
             "severity": "Medium",
@@ -15160,11 +15264,11 @@
             "id": "A02.01",
             "link": "https://learn.microsoft.com/azure/virtual-machines/azure-compute-gallery",
             "services": [
-                "AVD",
                 "VM",
-                "ACR",
+                "Storage",
+                "AVD",
                 "ASR",
-                "Storage"
+                "ACR"
             ],
             "severity": "Low",
             "subcategory": "Dependencies",
@@ -15212,11 +15316,11 @@
             "id": "A03.02",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/disaster-recovery",
             "services": [
-                "AVD",
-                "AzurePolicy",
+                "Storage",
                 "Backup",
+                "AVD",
                 "ASR",
-                "Storage"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -15283,11 +15387,11 @@
             "id": "A03.06",
             "link": "https://learn.microsoft.com/azure/azure-netapp-files/cross-region-replication-create-peering",
             "services": [
-                "AVD",
+                "Storage",
                 "Backup",
-                "ACR",
+                "AVD",
                 "ASR",
-                "Storage"
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -15347,9 +15451,9 @@
             "id": "B01.04",
             "link": "https://learn.microsoft.com/azure/virtual-machines/shared-image-galleries",
             "services": [
+                "VM",
                 "AVD",
-                "Storage",
-                "VM"
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Golden Images",
@@ -15503,10 +15607,10 @@
             "id": "B02.03",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/app-attach-file-share",
             "services": [
+                "VM",
                 "AVD",
-                "Storage",
                 "RBAC",
-                "VM"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "MSIX & AppAttach",
@@ -15566,8 +15670,8 @@
             "id": "B03.01",
             "link": "https://docs.microsoft.com/azure/virtual-machines/generation-2",
             "services": [
-                "AVD",
-                "VM"
+                "VM",
+                "AVD"
             ],
             "severity": "Medium",
             "subcategory": "Session Host",
@@ -15597,8 +15701,8 @@
             "id": "C01.01",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/terminology#host-pools",
             "services": [
-                "AVD",
-                "VM"
+                "VM",
+                "AVD"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -15613,8 +15717,8 @@
             "id": "C01.02",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/terminology?WT.mc_id=Portal-fx#host-pools",
             "services": [
-                "AVD",
-                "VM"
+                "VM",
+                "AVD"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -15659,8 +15763,8 @@
             "id": "C01.05",
             "link": "https://learn.microsoft.com/windows-server/remote/remote-desktop-services/virtual-machine-recs",
             "services": [
-                "AVD",
-                "VM"
+                "VM",
+                "AVD"
             ],
             "severity": "Medium",
             "subcategory": "Capacity Planning",
@@ -15691,8 +15795,8 @@
             "id": "C01.07",
             "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits#azure-virtual-desktop-service-limits",
             "services": [
-                "ACR",
                 "AVD",
+                "ACR",
                 "Entra"
             ],
             "severity": "Medium",
@@ -15723,9 +15827,9 @@
             "id": "C01.09",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/configure-host-pool-personal-desktop-assignment-type?tabs=azure#reassign-a-personal-desktop",
             "services": [
+                "VM",
                 "AVD",
-                "Storage",
-                "VM"
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Capacity Planning",
@@ -15740,8 +15844,8 @@
             "id": "C01.10",
             "link": "https://docs.microsoft.com/windows-server/remote/remote-desktop-services/virtual-machine-recs",
             "services": [
-                "AVD",
-                "VM"
+                "VM",
+                "AVD"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -15787,8 +15891,8 @@
             "id": "C01.13",
             "link": "https://learn.microsoft.com/azure/virtual-network/accelerated-networking-overview",
             "services": [
-                "AVD",
-                "VM"
+                "VM",
+                "AVD"
             ],
             "severity": "Low",
             "subcategory": "Capacity Planning",
@@ -15818,10 +15922,10 @@
             "id": "C02.02",
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/wvd/windows-virtual-desktop?toc=%2Fazure%2Fvirtual-desktop%2Ftoc.json&bc=%2Fazure%2Fvirtual-desktop%2Fbreadcrumb%2Ftoc.json",
             "services": [
-                "VPN",
                 "AVD",
-                "Storage",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Clients & Users",
@@ -15911,9 +16015,9 @@
             "id": "C03.03",
             "link": "https://docs.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
             "services": [
+                "VM",
                 "AVD",
-                "Storage",
-                "VM"
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "General",
@@ -15928,8 +16032,8 @@
             "id": "D01.01",
             "link": "https://docs.microsoft.com/azure/architecture/reference-architectures/identity/adds-extend-domain",
             "services": [
-                "AVD",
                 "VNet",
+                "AVD",
                 "Entra",
                 "Storage"
             ],
@@ -15994,9 +16098,9 @@
             "id": "D01.05",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#session-hosts",
             "services": [
+                "VM",
                 "AVD",
-                "Entra",
-                "VM"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Active Directory",
@@ -16028,9 +16132,9 @@
             "link": "https://docs.microsoft.com/azure/storage/files/storage-files-identity-ad-ds-enable",
             "services": [
                 "AVD",
-                "AzurePolicy",
+                "Entra",
                 "Storage",
-                "Entra"
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Active Directory",
@@ -16078,10 +16182,10 @@
             "id": "D03.01",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#identity",
             "services": [
-                "AVD",
                 "VNet",
-                "Entra",
-                "Subscriptions"
+                "Subscriptions",
+                "AVD",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Requirements",
@@ -16144,9 +16248,9 @@
             "id": "D03.05",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#supported-identity-scenarios",
             "services": [
+                "VM",
                 "AVD",
-                "Entra",
-                "VM"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Requirements",
@@ -16178,8 +16282,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-desktop/administrative-template",
             "services": [
                 "AVD",
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -16194,9 +16298,9 @@
             "id": "E01.02",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/management",
             "services": [
+                "VM",
                 "AVD",
-                "Monitor",
-                "VM"
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -16227,10 +16331,10 @@
             "id": "E01.04",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/autoscale-scenarios",
             "services": [
-                "AVD",
-                "Monitor",
                 "VM",
-                "Cost"
+                "AVD",
+                "Cost",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -16245,10 +16349,10 @@
             "id": "E01.05",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/start-virtual-machine-connect",
             "services": [
+                "VM",
                 "AVD",
-                "Monitor",
                 "Cost",
-                "VM"
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -16263,11 +16367,11 @@
             "id": "E01.06",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/start-virtual-machine-connect-faq#are-vms-automatically-deallocated-when-a-user-stops-using-them",
             "services": [
-                "AVD",
                 "VM",
+                "Cost",
                 "Monitor",
-                "AzurePolicy",
-                "Cost"
+                "AVD",
+                "AzurePolicy"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -16283,12 +16387,12 @@
             "link": "https://learn.microsoft.com/azure/virtual-desktop/tag-virtual-desktop-resources",
             "services": [
                 "VPN",
-                "AVD",
-                "DNS",
-                "Monitor",
+                "Storage",
                 "Cost",
+                "Monitor",
                 "ExpressRoute",
-                "Storage",
+                "AVD",
+                "DNS",
                 "VWAN"
             ],
             "severity": "Low",
@@ -16305,9 +16409,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-desktop/azure-advisor-recommendations",
             "services": [
                 "AVD",
-                "Monitor",
                 "Entra",
-                "Cost"
+                "Cost",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -16354,9 +16458,9 @@
             "id": "E01.11",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/create-validation-host-pool",
             "services": [
+                "VM",
                 "AVD",
-                "Monitor",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -16371,9 +16475,9 @@
             "id": "E01.12",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/wvd/eslz-platform-automation-and-devops",
             "services": [
+                "VM",
                 "AVD",
-                "Monitor",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -16388,9 +16492,9 @@
             "id": "E01.13",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/faq",
             "services": [
+                "VM",
                 "AVD",
-                "Monitor",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -16421,9 +16525,9 @@
             "id": "E02.02",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/diagnostics-log-analytics",
             "services": [
+                "VM",
                 "AVD",
-                "Monitor",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -16439,8 +16543,8 @@
             "link": "https://docs.microsoft.com/azure/storage/files/storage-files-monitoring?tabs=azure-portal",
             "services": [
                 "AVD",
-                "Monitor",
-                "Storage"
+                "Storage",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -16471,10 +16575,10 @@
             "id": "F01.01",
             "link": "https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/",
             "services": [
-                "VPN",
-                "AVD",
                 "NVA",
-                "ExpressRoute"
+                "AVD",
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -16489,8 +16593,8 @@
             "id": "F01.02",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/wvd/eslz-network-topology-and-connectivity",
             "services": [
-                "AVD",
                 "VNet",
+                "AVD",
                 "VWAN"
             ],
             "severity": "Medium",
@@ -16506,8 +16610,8 @@
             "id": "F01.03",
             "link": "https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/",
             "services": [
-                "VPN",
-                "AVD"
+                "AVD",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -16522,10 +16626,10 @@
             "id": "F01.04",
             "link": "https://docs.microsoft.com/azure/firewall/protect-windows-virtual-desktop",
             "services": [
-                "AVD",
-                "NVA",
                 "VNet",
-                "Firewall"
+                "Firewall",
+                "AVD",
+                "NVA"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -16571,10 +16675,10 @@
             "id": "F01.07",
             "link": "https://docs.microsoft.com/azure/firewall/protect-windows-virtual-desktop",
             "services": [
-                "AVD",
-                "NVA",
                 "VNet",
-                "Firewall"
+                "Firewall",
+                "AVD",
+                "NVA"
             ],
             "severity": "Low",
             "subcategory": "Networking",
@@ -16589,8 +16693,8 @@
             "id": "F01.08",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/proxy-server-support",
             "services": [
-                "AVD",
-                "VM"
+                "VM",
+                "AVD"
             ],
             "severity": "High",
             "subcategory": "Networking",
@@ -16605,8 +16709,8 @@
             "id": "F01.09",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/rdp-bandwidth",
             "services": [
-                "AVD",
-                "VM"
+                "VM",
+                "AVD"
             ],
             "severity": "Low",
             "subcategory": "Networking",
@@ -16621,11 +16725,11 @@
             "id": "F01.10",
             "link": "https://learn.microsoft.com/azure/storage/files/storage-files-networking-endpoints",
             "services": [
-                "AVD",
-                "VNet",
-                "PrivateLink",
+                "Storage",
                 "Cost",
-                "Storage"
+                "PrivateLink",
+                "VNet",
+                "AVD"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -16640,8 +16744,8 @@
             "id": "F01.11",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/shortpath",
             "services": [
-                "VPN",
-                "AVD"
+                "AVD",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -16687,10 +16791,10 @@
             "id": "G02.02",
             "link": "https://learn.microsoft.com/azure/virtual-machines/disk-encryption-overview",
             "services": [
+                "VM",
                 "AVD",
-                "AKV",
                 "Storage",
-                "VM"
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Host Configuration",
@@ -16705,9 +16809,9 @@
             "id": "G02.03",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/security-guide#azure-virtual-desktop-support-for-trusted-launch",
             "services": [
+                "VM",
                 "AVD",
-                "Monitor",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Host Configuration",
@@ -16722,8 +16826,8 @@
             "id": "G02.04",
             "link": "https://learn.microsoft.com/windows/whats-new/windows-11-requirements",
             "services": [
-                "AVD",
-                "VM"
+                "VM",
+                "AVD"
             ],
             "severity": "High",
             "subcategory": "Host Configuration",
@@ -16814,12 +16918,12 @@
             "id": "G03.04",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/security-guide#enable-microsoft-defender-for-cloud",
             "services": [
-                "AVD",
                 "VM",
-                "AKV",
-                "Subscriptions",
+                "Storage",
+                "AVD",
                 "Defender",
-                "Storage"
+                "AKV",
+                "Subscriptions"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -16835,8 +16939,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-desktop/security-guide#collect-audit-logs",
             "services": [
                 "AVD",
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -16931,8 +17035,8 @@
             "id": "H01.02",
             "link": "https://learn.microsoft.com/azure/storage/files/storage-files-smb-multichannel-performance",
             "services": [
-                "ACR",
                 "AVD",
+                "ACR",
                 "Storage",
                 "Cost"
             ],
@@ -16981,8 +17085,8 @@
             "id": "H02.03",
             "link": "https://docs.microsoft.com/azure/azure-netapp-files/create-active-directory-connections",
             "services": [
-                "AVD",
                 "VNet",
+                "AVD",
                 "Storage"
             ],
             "severity": "High",
@@ -17014,9 +17118,9 @@
             "id": "H03.02",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/store-fslogix-profile",
             "services": [
+                "VM",
                 "AVD",
-                "Storage",
-                "VM"
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -17129,10 +17233,10 @@
             "id": "H04.04",
             "link": "https://learn.microsoft.com/fslogix/concepts-configuration-examples",
             "services": [
-                "ACR",
                 "AVD",
-                "AKV",
-                "Storage"
+                "ACR",
+                "Storage",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "FSLogix",
@@ -17163,9 +17267,9 @@
             "id": "H04.06",
             "link": "https://docs.microsoft.com/fslogix/cloud-cache-configuration-reference",
             "services": [
+                "VM",
                 "AVD",
-                "Storage",
-                "VM"
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "FSLogix",
@@ -17207,8 +17311,8 @@
             "guid": "aa359271-8e6e-4205-8725-769e46691e88",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#azure-subscription-and-service-limits",
             "services": [
-                "Arc",
-                "Entra"
+                "Entra",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Capacity Planning",
@@ -17222,8 +17326,8 @@
             "guid": "deace4bb-1deb-44c6-9fc3-fc14eeaa3692",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#azure-resource-providers",
             "services": [
-                "Arc",
-                "Subscriptions"
+                "Subscriptions",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "General",
@@ -17292,8 +17396,8 @@
             "guid": "f9ccbd86-8266-4abc-a264-f9a19bf39d95",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/organize-inventory-servers#organize-resources-with-built-in-azure-hierarchies",
             "services": [
-                "Arc",
-                "Subscriptions"
+                "Subscriptions",
+                "Arc"
             ],
             "severity": "Low",
             "subcategory": "Organization",
@@ -17307,9 +17411,9 @@
             "guid": "9bf39d95-d44c-47c8-a19c-a1f6d5215ae5",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/security-overview#identity-and-access-control",
             "services": [
-                "Arc",
+                "RBAC",
                 "Entra",
-                "RBAC"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Access",
@@ -17322,9 +17426,9 @@
             "guid": "14ba34d4-585e-4111-89bd-7ba012f7b94e",
             "link": "https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-nonaad",
             "services": [
+                "Entra",
                 "Arc",
-                "AKV",
-                "Entra"
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Access",
@@ -17338,9 +17442,9 @@
             "guid": "35ac9322-23e1-4380-8523-081a94174158",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#azure-subscription-and-service-limits",
             "services": [
-                "Arc",
+                "Subscriptions",
                 "Entra",
-                "Subscriptions"
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Requirements",
@@ -17354,9 +17458,9 @@
             "guid": "33ee7ad6-c6d3-4733-865c-7acbe44bbe60",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#required-permissions",
             "services": [
-                "Arc",
+                "RBAC",
                 "Entra",
-                "RBAC"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Requirements",
@@ -17370,9 +17474,9 @@
             "guid": "9d79f2e8-7778-4424-a516-775c6fa95b96",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/onboard-service-principal#create-a-service-principal-for-onboarding-at-scale",
             "services": [
-                "Arc",
+                "RBAC",
                 "Entra",
-                "RBAC"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -17386,9 +17490,9 @@
             "guid": "ad88408e-3727-434b-a76b-a28f21459013",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/onboard-service-principal#create-a-service-principal-for-onboarding-at-scale",
             "services": [
-                "Arc",
+                "RBAC",
                 "Entra",
-                "RBAC"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -17402,9 +17506,9 @@
             "guid": "65d38e53-f9cc-4bd8-9826-6abca264f9a1",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/prerequisites#required-permissions",
             "services": [
-                "Arc",
+                "RBAC",
                 "Entra",
-                "RBAC"
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -17449,8 +17553,8 @@
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-vm-extensions",
             "services": [
                 "Arc",
-                "Monitor",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -17607,10 +17711,10 @@
             "guid": "94174158-33ee-47ad-9c6d-3733165c7acb",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/private-link-security",
             "services": [
-                "Arc",
-                "VPN",
                 "PrivateLink",
-                "ExpressRoute"
+                "ExpressRoute",
+                "Arc",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -17666,9 +17770,9 @@
             "guid": "a264f9a1-9bf3-49d9-9d44-c7c8919ca1f6",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/hybrid/arc-enabled-servers/eslz-arc-servers-connectivity#define-extensions-connectivity-method",
             "services": [
+                "PrivateLink",
                 "Arc",
-                "Monitor",
-                "PrivateLink"
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Networking",
@@ -17764,10 +17868,10 @@
             "guid": "6d02bfe4-564b-40d8-94a3-48726ee79d6b",
             "link": "https://learn.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret",
             "services": [
-                "Arc",
                 "Entra",
-                "AKV",
-                "Storage"
+                "Arc",
+                "Storage",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -17823,8 +17927,8 @@
             "guid": "4b69bad3-8aad-453c-a78e-1d76667357c4",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/managed-identity-authentication",
             "services": [
-                "Arc",
-                "Entra"
+                "Entra",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -17889,8 +17993,8 @@
             "guid": "1a541741-5833-4fb4-ae3c-2df743165c3a",
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/logs-data-export?tabs=portal",
             "services": [
-                "LoadBalancer",
-                "ASR"
+                "ASR",
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -17902,10 +18006,10 @@
             "guid": "cbe05bbe-209d-4490-ba47-778424d11678",
             "link": "https://learn.microsoft.com/azure/security-center/",
             "services": [
-                "ASR",
-                "Entra",
+                "VM",
                 "RBAC",
-                "VM"
+                "Entra",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -17917,9 +18021,9 @@
             "guid": "5d2fa56c-56ad-4484-88fe-72734c486ba2",
             "link": "https://learn.microsoft.com/azure/security-center/",
             "services": [
+                "ASR",
                 "ACR",
-                "SAP",
-                "ASR"
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -17931,9 +18035,9 @@
             "guid": "80dc0591-cf65-4de8-b130-9cccd579266b",
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "services": [
+                "VM",
                 "ASR",
-                "Entra",
-                "VM"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -17945,8 +18049,8 @@
             "guid": "cca275fa-a1ab-4fe9-b55d-04c3c4919cb1",
             "link": "https://learn.microsoft.com/security/benchmark/azure/security-control-incident-response",
             "services": [
-                "LoadBalancer",
-                "ASR"
+                "ASR",
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -17958,9 +18062,9 @@
             "guid": "b3d1325a-e124-4ba3-9df6-85eddce9bd3b",
             "link": "https://www.microsoft.com/itshowcase/implementing-a-zero-trust-security-model-at-microsoft",
             "services": [
+                "VM",
                 "ASR",
-                "Storage",
-                "VM"
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -17984,8 +18088,8 @@
             "guid": "b2173676-aff6-4691-a493-5ada42223ece",
             "link": "https://learn.microsoft.com/security/benchmark/azure/security-control-incident-response",
             "services": [
-                "SAP",
-                "ASR"
+                "ASR",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -18009,8 +18113,8 @@
             "guid": "43165c3a-cbe0-45bb-b209-d490da477784",
             "services": [
                 "VM",
-                "Entra",
-                "ASR"
+                "ASR",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -18044,9 +18148,9 @@
             "guid": "fda1dbf3-dc95-4d48-a7c7-91dca0f6c565",
             "link": "https://learn.microsoft.com/azure/well-architected/sap/design-areas/security",
             "services": [
-                "Entra",
+                "Subscriptions",
                 "RBAC",
-                "Subscriptions"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -18126,9 +18230,9 @@
             "checklist": "Azure Landing Zone Review",
             "guid": "23181aa4-1742-4694-9ff8-ae7d7d474317",
             "services": [
-                "AKV",
                 "Entra",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -18141,9 +18245,9 @@
             "guid": "6c8bcbf4-5bbe-4609-b8a0-3e97778424d6",
             "link": "https://blogs.sap.com/2017/07/12/sap-single-sign-on-protect-your-sap-landscape-with-x.509-certificates/",
             "services": [
-                "AKV",
                 "Entra",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -18246,9 +18350,9 @@
             "guid": "6ba28021-4591-4147-9e39-e5309cccd979",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups",
             "services": [
+                "Subscriptions",
                 "AzurePolicy",
-                "SAP",
-                "Subscriptions"
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -18261,8 +18365,8 @@
             "guid": "366bcda2-750a-4b1a-a039-d95d54c7c892",
             "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
             "services": [
-                "SAP",
-                "Subscriptions"
+                "Subscriptions",
+                "SAP"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -18355,8 +18459,8 @@
             "guid": "2f7c95f0-6e15-44e3-aa35-92829e6e2061",
             "link": "https://learn.microsoft.com/azure/backup/sap-hana-database-about",
             "services": [
-                "Monitor",
-                "Backup"
+                "Backup",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "BCDR",
@@ -18369,10 +18473,10 @@
             "guid": "302a2fbf-3745-4a5f-a365-c9d1a16ca22c",
             "link": "https://learn.microsoft.com/azure/azure-netapp-files/azacsnap-introduction",
             "services": [
-                "Monitor",
                 "VM",
                 "Entra",
-                "Storage"
+                "Storage",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "BCDR",
@@ -18384,8 +18488,8 @@
             "guid": "42d37218-a3a7-45df-bff6-1173e7f249ea",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-management-and-monitoring",
             "services": [
-                "Monitor",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Management",
@@ -18397,8 +18501,8 @@
             "guid": "c3c7abc0-716c-4486-893c-40e181d65539",
             "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-rhel-multi-sid",
             "services": [
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -18424,9 +18528,9 @@
             "guid": "b7056168-6199-4732-a514-cdbb2d5c9c54",
             "link": "https://learn.microsoft.com/azure/lighthouse/overview",
             "services": [
-                "Monitor",
                 "Entra",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -18438,8 +18542,8 @@
             "guid": "4d116785-d2fa-456c-96ad-48408fe72734",
             "link": "https://learn.microsoft.com/azure/update-manager/scheduled-patching?tabs=schedule-updates-single-machine%2Cschedule-updates-scale-overview",
             "services": [
-                "Monitor",
-                "VM"
+                "VM",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -18452,8 +18556,8 @@
             "guid": "76c8bcbf-45bb-4e60-ad8a-03e97778424d",
             "link": "https://learn.microsoft.com/azure/sap/workloads/lama-installation",
             "services": [
-                "Monitor",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -18467,8 +18571,8 @@
             "link": "https://learn.microsoft.com/azure/sap/monitor/about-azure-monitor-sap-solutions",
             "services": [
                 "SQL",
-                "Monitor",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18481,10 +18585,10 @@
             "guid": "2750ab1a-b039-4d95-b54c-7c8929cb107d",
             "link": "https://learn.microsoft.com/azure/sap/workloads/vm-extension-for-sap",
             "services": [
-                "Monitor",
+                "VM",
                 "Entra",
                 "SAP",
-                "VM"
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -18497,8 +18601,8 @@
             "guid": "5325ae52-5ba3-44d4-985e-2213ace7bb12",
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
             "services": [
-                "Monitor",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18511,9 +18615,9 @@
             "guid": "523181aa-4174-4269-93ff-8ae7d7d47431",
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-overview",
             "services": [
-                "Monitor",
+                "SAP",
                 "NetworkWatcher",
-                "SAP"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18526,9 +18630,9 @@
             "guid": "d89fd98d-23e4-4b40-a92e-32db9365522c",
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-monitor-and-troubleshoot",
             "services": [
-                "Monitor",
+                "ASR",
                 "SAP",
-                "ASR"
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -18541,9 +18645,9 @@
             "guid": "73686af4-6791-4f89-95ad-a43324e13811",
             "link": "https://github.com/Azure/SAP-on-Azure-Scripts-and-Utilities/tree/main/QualityCheck",
             "services": [
-                "Monitor",
+                "VM",
                 "SAP",
-                "VM"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18555,9 +18659,9 @@
             "guid": "616785d6-fa96-4c96-ad88-518f482734c8",
             "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-zones",
             "services": [
-                "Monitor",
+                "Subscriptions",
                 "SAP",
-                "Subscriptions"
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -18570,9 +18674,9 @@
             "guid": "410adcba-db46-424f-a6c4-05ecde75c52e",
             "link": "https://learn.microsoft.com/azure/advisor/advisor-how-to-improve-reliability",
             "services": [
-                "Monitor",
+                "ASR",
                 "Storage",
-                "ASR"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18585,9 +18689,9 @@
             "guid": "86ba2802-1459-4114-95e3-9e5309cccd97",
             "link": "https://learn.microsoft.com/azure/sentinel/sap/deployment-overview",
             "services": [
-                "Monitor",
                 "Sentinel",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18614,8 +18718,8 @@
             "guid": "04b8e5e5-13cb-4b22-af62-5a8ecfcf0337",
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-test-latency?tabs=windows",
             "services": [
-                "Monitor",
-                "VM"
+                "VM",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Performance",
@@ -18627,9 +18731,9 @@
             "guid": "07e5ed53-3d96-43d8-87ea-631b77da5aba",
             "link": "https://learn.microsoft.com/azure/sap/workloads/planning-guide-storage",
             "services": [
-                "Monitor",
+                "ASR",
                 "SAP",
-                "ASR"
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Performance",
@@ -18642,9 +18746,9 @@
             "guid": "abb6af9c-982c-4cf1-83fb-329fafd1ee56",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-management-and-monitoring",
             "services": [
-                "Monitor",
                 "Storage",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Performance",
@@ -18656,8 +18760,8 @@
             "guid": "c027f893-f404-41a9-b33d-39d625a14964",
             "link": "https://sapit-forme-prod.authentication.eu11.hana.ondemand.com/login",
             "services": [
-                "Monitor",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Performance",
@@ -18669,9 +18773,9 @@
             "guid": "fdafb1f5-3eee-4354-a8c9-deb8127ebc2e",
             "link": "https://learn.microsoft.com/azure/virtual-machines/workloads/oracle/configure-oracle-asm",
             "services": [
-                "Monitor",
                 "Storage",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Performance",
@@ -18685,8 +18789,8 @@
             "link": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/announcement-sap-on-azure-oracle-performance-efficiency-scripts/ba-p/3725178",
             "services": [
                 "SQL",
-                "Monitor",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Performance",
@@ -18700,8 +18804,8 @@
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
             "services": [
                 "AzurePolicy",
-                "WAF",
-                "AppGW"
+                "AppGW",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "App delivery",
@@ -18744,8 +18848,8 @@
             "guid": "a3592829-e6e2-4061-9368-6af46791f893",
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-peering-overview",
             "services": [
-                "ACR",
                 "VNet",
+                "ACR",
                 "SAP"
             ],
             "severity": "Medium",
@@ -18773,8 +18877,8 @@
             "guid": "7d4bc7d2-c34a-452e-8f1d-6ae3c8eafcc3",
             "link": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/?source=recommendations",
             "services": [
-                "ACR",
                 "SAP",
+                "ACR",
                 "VWAN"
             ],
             "severity": "Medium",
@@ -18788,8 +18892,8 @@
             "guid": "0cedb1f6-ae6c-492b-8b17-8061f50b16d3",
             "link": "https://learn.microsoft.com/azure/well-architected/services/networking/network-virtual-appliances/reliability",
             "services": [
-                "NVA",
-                "VNet"
+                "VNet",
+                "NVA"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -18802,10 +18906,10 @@
             "guid": "facc08c6-ea95-4641-91cd-fa09e573adbd",
             "link": "https://learn.microsoft.com/azure/architecture/networking/hub-spoke-vwan-architecture",
             "services": [
-                "NVA",
                 "VNet",
-                "VWAN",
-                "SAP"
+                "NVA",
+                "SAP",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -18818,9 +18922,9 @@
             "guid": "82734c88-6ba2-4802-8459-11475e39e530",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
             "services": [
+                "VM",
                 "VNet",
-                "SAP",
-                "VM"
+                "SAP"
             ],
             "severity": "High",
             "subcategory": "IP plan",
@@ -18899,8 +19003,8 @@
             "guid": "5e39e530-9ccc-4d97-a366-bcda2750ab1a",
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "services": [
-                "ACR",
                 "FrontDoor",
+                "ACR",
                 "AzurePolicy",
                 "WAF"
             ],
@@ -18917,8 +19021,8 @@
             "services": [
                 "FrontDoor",
                 "AzurePolicy",
-                "WAF",
-                "AppGW"
+                "AppGW",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -18932,8 +19036,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "services": [
                 "LoadBalancer",
-                "WAF",
-                "AppGW"
+                "AppGW",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -18946,8 +19050,8 @@
             "guid": "e73de7d5-6f36-4217-a526-e1a621ecddde",
             "link": "https://learn.microsoft.com/azure/frontdoor/front-door-overview",
             "services": [
-                "ACR",
                 "SAP",
+                "ACR",
                 "VWAN"
             ],
             "severity": "Medium",
@@ -18961,11 +19065,11 @@
             "guid": "3c536a3e-1b6b-4e87-95ca-15edb47251c0",
             "link": "https://learn.microsoft.com/azure/virtual-network/vnet-integration-for-azure-services",
             "services": [
+                "Storage",
                 "VNet",
-                "PrivateLink",
                 "Backup",
-                "ACR",
-                "Storage"
+                "PrivateLink",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -18978,8 +19082,8 @@
             "guid": "85e2213a-ce7b-4b12-8f7c-95f06e154e3a",
             "link": "https://learn.microsoft.com/azure/virtual-network/accelerated-networking-overview?tabs=redhat",
             "services": [
-                "SAP",
-                "VM"
+                "VM",
+                "SAP"
             ],
             "severity": "High",
             "subcategory": "Segmentation",
@@ -19005,9 +19109,9 @@
             "guid": "6791f893-5ada-4433-84e1-3811523181aa",
             "link": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
             "services": [
+                "VM",
                 "VNet",
-                "SAP",
-                "VM"
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Segmentation",
@@ -19075,8 +19179,8 @@
             "guid": "85e2213a-ce7b-4b12-8f7c-95f06e154e3a",
             "link": "https://learn.microsoft.com/azure/virtual-network/accelerated-networking-overview?tabs=redhat",
             "services": [
-                "SAP",
-                "VM"
+                "VM",
+                "SAP"
             ],
             "severity": "High",
             "subcategory": "Segmentation",
@@ -19115,9 +19219,9 @@
             "guid": "209d490d-a477-4784-84d1-16785d2fa56c",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
+                "Subscriptions",
                 "RBAC",
-                "SAP",
-                "Subscriptions"
+                "SAP"
             ],
             "severity": "High",
             "subcategory": "Governance",
@@ -19129,8 +19233,8 @@
             "guid": "56ad4840-8fe7-4273-9c48-6ba280dc0591",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "NVA",
                 "PrivateLink",
+                "NVA",
                 "SAP"
             ],
             "severity": "Medium",
@@ -19144,9 +19248,9 @@
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
                 "SQL",
+                "Backup",
                 "Storage",
-                "SAP",
-                "Backup"
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Governance",
@@ -19214,8 +19318,8 @@
             "guid": "2223ece8-1b12-4318-8a54-17415833fb4a",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
-                "AKV",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -19227,9 +19331,9 @@
             "guid": "e3c2df74-3165-4c3a-abe0-5bbe209d490d",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
-                "AKV",
+                "RBAC",
                 "AzurePolicy",
-                "RBAC"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -19256,9 +19360,9 @@
             "guid": "8fe72734-c486-4ba2-a0dc-0591cf65de8e",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
-                "AKV",
                 "RBAC",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -19270,8 +19374,8 @@
             "guid": "1309cccd-5792-466b-aca2-75faa1abfe9d",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
-                "AKV",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -19283,9 +19387,9 @@
             "guid": "55d04c3c-4919-4cb1-a3d1-325ae124ba34",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
-                "AKV",
                 "Entra",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -19297,8 +19401,8 @@
             "guid": "df685edd-ce9b-4d3b-a0cd-b3b55eb2ec14",
             "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
             "services": [
-                "AKV",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -19358,8 +19462,8 @@
             "guid": "54174158-33fb-43ae-9c2d-e743165c3acb",
             "link": "https://learn.microsoft.com/azure/security-center/security-center-get-started",
             "services": [
-                "Defender",
-                "Subscriptions"
+                "Subscriptions",
+                "Defender"
             ],
             "severity": "High",
             "subcategory": "Pricing & Settings",
@@ -19371,8 +19475,8 @@
             "guid": "349f0364-d28d-442e-abbb-c868255abc91",
             "link": "https://learn.microsoft.com/azure/security-center/enable-azure-defender",
             "services": [
-                "Monitor",
-                "Defender"
+                "Defender",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Pricing & Settings",
@@ -19471,9 +19575,9 @@
             "guid": "5a917e1f-349f-4036-9d28-d42e8bbbc868",
             "link": "https://learn.microsoft.com/azure/security-center/continuous-export?tabs=azure-portal",
             "services": [
-                "Monitor",
                 "Sentinel",
-                "Defender"
+                "Defender",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Pricing & Settings",
@@ -19509,9 +19613,9 @@
             "guid": "cce9bdf6-b483-45a0-85ec-c8232b230652",
             "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy-integrate-with-microsoft-cloud-application-security",
             "services": [
-                "Monitor",
                 "Entra",
-                "Defender"
+                "Defender",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Pricing & Settings",
@@ -19548,8 +19652,8 @@
             "guid": "50259226-4429-42bb-9285-37a55119bf8e",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/tutorial-security-incident",
             "services": [
-                "Monitor",
-                "Defender"
+                "Defender",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Security Alerts",
@@ -19586,8 +19690,8 @@
             "guid": "93846da9-7cc3-4923-856b-22586f4a1641",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/enable-enhanced-security",
             "services": [
-                "Defender",
-                "Subscriptions"
+                "Subscriptions",
+                "Defender"
             ],
             "severity": "High",
             "subcategory": "Secure Score",
@@ -19612,8 +19716,8 @@
             "guid": "65e8d9a3-aec2-418e-9436-b0736db55f57",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/remediate-vulnerability-findings-vm",
             "services": [
-                "Defender",
-                "VM"
+                "VM",
+                "Defender"
             ],
             "severity": "High",
             "subcategory": "Azure Defender",
@@ -19653,8 +19757,8 @@
             "guid": "6ceb5443-5025-4922-9442-92bb628537a5",
             "link": "https://azure.microsoft.com/blog/how-azure-security-center-detects-ddos-attack-using-cyber-threat-intelligence/",
             "services": [
-                "DDoS",
                 "Firewall",
+                "DDoS",
                 "Defender"
             ],
             "severity": "Medium",
@@ -19667,8 +19771,8 @@
             "guid": "5119bf8e-8f58-4542-a7d9-cdc166cd072a",
             "link": "https://learn.microsoft.com/azure/security-center/security-center-get-started?WT.mc_id=Portal-Microsoft_Azure_Security",
             "services": [
-                "Defender",
-                "Subscriptions"
+                "Subscriptions",
+                "Defender"
             ],
             "severity": "High",
             "subcategory": "Coverage",
@@ -19680,8 +19784,8 @@
             "guid": "4df585ec-dce9-4793-a7bc-db3b51eb2eb0",
             "link": "https://learn.microsoft.com/azure/virtual-network/ip-services/public-ip-addresses",
             "services": [
-                "VNet",
-                "VM"
+                "VM",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Public IPs",
@@ -19694,9 +19798,9 @@
             "guid": "3dda6e59-d7c8-4a2e-bb11-7d6769af669c",
             "link": "https://learn.microsoft.com/azure/virtual-network/ip-services/public-ip-addresses",
             "services": [
-                "EventHubs",
+                "VM",
                 "Firewall",
-                "VM"
+                "EventHubs"
             ],
             "severity": "High",
             "subcategory": "Public IPs",
@@ -19900,8 +20004,8 @@
             "guid": "fb012f70-943f-4630-9722-ea39d2b1ce63",
             "link": "https://learn.microsoft.com/azure/virtual-network/monitor-virtual-network",
             "services": [
-                "Monitor",
-                "VNet"
+                "VNet",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Virtual Networks",
@@ -19913,9 +20017,9 @@
             "guid": "2055b29b-ade4-4aad-8e8c-39ec94666731",
             "link": "https://learn.microsoft.com/azure/virtual-network/kubernetes-network-policies",
             "services": [
-                "AzurePolicy",
+                "VNet",
                 "AKS",
-                "VNet"
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Virtual Networks",
@@ -19927,8 +20031,8 @@
             "guid": "3c005674-c1e9-445b-959c-373e7ed71623",
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-scenario-udr-gw-nva",
             "services": [
-                "NVA",
-                "VNet"
+                "VNet",
+                "NVA"
             ],
             "severity": "High",
             "subcategory": "Virtual Networks",
@@ -19940,9 +20044,9 @@
             "guid": "b375a917-ecbe-448f-ae64-dd7df2e8bbbc",
             "link": "https://learn.microsoft.com/azure/virtual-network/monitor-virtual-network",
             "services": [
-                "Monitor",
                 "VNet",
-                "Sentinel"
+                "Sentinel",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Virtual Networks",
@@ -19954,8 +20058,8 @@
             "guid": "468155ab-c916-44e9-a09a-ed8c44cf3b2b",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/connectivity-to-azure",
             "services": [
-                "VPN",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "High",
             "subcategory": "Connectivity",
@@ -19980,8 +20084,8 @@
             "guid": "718d1dca-1f62-4565-aee5-580a38249c93",
             "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-global-transit-network-architecture",
             "services": [
-                "Monitor",
-                "VWAN"
+                "VWAN",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Virtual WAN",
@@ -19993,8 +20097,8 @@
             "guid": "1213dbd7-fb01-42f7-8943-f6304722ea39",
             "link": "https://learn.microsoft.com/azure/web-application-firewall/overview",
             "services": [
-                "AppGW",
-                "RBAC"
+                "RBAC",
+                "AppGW"
             ],
             "severity": "High",
             "subcategory": "Application Gateway",
@@ -20007,8 +20111,8 @@
             "link": "https://learn.microsoft.com/azure/application-gateway/configuration-front-end-ip",
             "services": [
                 "EventHubs",
-                "WAF",
-                "AppGW"
+                "AppGW",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Application Gateway",
@@ -20021,8 +20125,8 @@
             "link": "https://learn.microsoft.com/azure/application-gateway/configuration-front-end-ip",
             "services": [
                 "EventHubs",
-                "WAF",
-                "AppGW"
+                "AppGW",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Application Gateway",
@@ -20207,8 +20311,8 @@
             "guid": "e0d968d3-87f6-41fb-a4f9-d852f1673f4c",
             "link": "https://learn.microsoft.com/azure/active-directory/roles/best-practices#6-use-groups-for-azure-ad-role-assignments-and-delegate-the-role-assignment",
             "services": [
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Privileged administration",
@@ -20220,8 +20324,8 @@
             "guid": "00350863-4df6-4050-9cf1-cbaa6d58283e",
             "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-admins#managed-accounts-for-admins",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Privileged administration",
@@ -20245,8 +20349,8 @@
             "guid": "922ac19f-916d-4697-b8ea-ded26bdd186f",
             "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-admins#admin-workstation-security",
             "services": [
-                "Monitor",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Privileged administration",
@@ -20282,8 +20386,8 @@
             "guid": "be64dd7d-f2e8-4bbb-a468-155abc9164e9",
             "link": "https://learn.microsoft.com/azure/active-directory/external-identities/delegate-invitations",
             "services": [
-                "Entra",
-                "RBAC"
+                "RBAC",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "External Identities",
@@ -20367,8 +20471,8 @@
             "guid": "4c1e945b-459c-4373-b7ed-71623b375a91",
             "link": "https://learn.microsoft.com/azure/active-directory/authentication/tutorial-enable-sspr",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Password Reset",
@@ -20440,9 +20544,9 @@
             "guid": "7fb012f7-0943-4f63-8472-2ea39d2b1ce6",
             "link": "https://learn.microsoft.com/azure/active-directory/reports-monitoring/overview-monitoring",
             "services": [
-                "Monitor",
                 "Sentinel",
-                "Entra"
+                "Entra",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Diagnostic Settings",
@@ -20478,8 +20582,8 @@
             "guid": "6e6a8dc4-a20e-427b-9e29-711b1352beee",
             "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/concept-conditional-access-policy-common",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Conditional Access Policies",
@@ -20491,8 +20595,8 @@
             "guid": "079b588d-efc4-4972-ac3c-d21bf77036e5",
             "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/location-condition",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Conditional Access Policies",
@@ -20504,8 +20608,8 @@
             "guid": "e6b4bed3-d5f3-4547-a134-7dc56028a71f",
             "link": "https://learn.microsoft.com/azure/active-directory/authentication/tutorial-enable-azure-mfa",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Conditional Access Policies",
@@ -20517,8 +20621,8 @@
             "guid": "fe1bd15d-d2f0-4d5e-972d-41e3611cc57b",
             "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/howto-conditional-access-policy-admin-mfa",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Conditional Access Policies",
@@ -20530,8 +20634,8 @@
             "guid": "4a4b1410-d439-4589-ac22-89b3d6b57cfc",
             "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/howto-conditional-access-policy-azure-management",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Conditional Access Policies",
@@ -20543,8 +20647,8 @@
             "guid": "645461e1-a3e3-4453-a3c8-639637a552d6",
             "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/howto-conditional-access-policy-block-legacy",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Conditional Access Policies",
@@ -20556,8 +20660,8 @@
             "guid": "7ae9eab4-0fd3-4290-998b-c178bdc5a06c",
             "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/require-managed-devices",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Conditional Access Policies",
@@ -20570,8 +20674,8 @@
             "guid": "a7144351-e19d-4d34-929e-b7228137a151",
             "link": "https://devblogs.microsoft.com/premier-developer/azure-active-directory-automating-guest-user-management/",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Guest users",
@@ -20595,8 +20699,8 @@
             "guid": "bcfc6998-a135-4e33-9897-e31c67d68cb6",
             "link": "https://learn.microsoft.com/azure/active-directory/roles/security-emergency-access",
             "services": [
-                "AzurePolicy",
-                "Entra"
+                "Entra",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Break Glass Accounts",
@@ -20608,8 +20712,8 @@
             "guid": "0ac252b9-99a6-48af-a7c9-a8f821b8eb8c",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "AzurePolicy",
-                "VM"
+                "VM",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Access Control",
@@ -20792,8 +20896,8 @@
             "guid": "012f7b95-e06e-4154-b2aa-3592828e6e20",
             "link": "https://learn.microsoft.com/azure/virtual-machines/windows/snapshot-copy-managed-disk",
             "services": [
-                "LoadBalancer",
-                "VM"
+                "VM",
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "Encrypt your VHDs",
@@ -20805,8 +20909,8 @@
             "guid": "5173676a-e466-491e-a835-ad942223e138",
             "link": "https://learn.microsoft.com/azure/role-based-access-control/built-in-roles",
             "services": [
-                "Entra",
-                "VM"
+                "VM",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Restrict direct internet connection ",
@@ -20818,8 +20922,8 @@
             "guid": "10523081-a941-4741-9833-ff7ad7c6d373",
             "link": "https://learn.microsoft.com/azure/security-center/security-center-partner-integration",
             "services": [
-                "Entra",
-                "VM"
+                "VM",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Restrict direct internet connection ",
@@ -20855,8 +20959,8 @@
             "guid": "1cbafe6c-4658-49d4-98a9-27c3974d1102",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-forced-tunneling",
             "services": [
-                "VPN",
-                "VM"
+                "VM",
+                "VPN"
             ],
             "severity": "High",
             "subcategory": "Restrict direct internet connection ",
@@ -20868,8 +20972,8 @@
             "guid": "dad6aae1-1e6b-484e-b5df-47d2d92881b1",
             "link": "https://learn.microsoft.com/azure/bastion/bastion-overview",
             "services": [
-                "Bastion",
-                "VM"
+                "VM",
+                "Bastion"
             ],
             "severity": "High",
             "subcategory": "Restrict direct internet connection ",
@@ -20881,8 +20985,8 @@
             "guid": "cd5d1e54-a297-459e-9968-0e78289c9356",
             "link": "https://learn.microsoft.com/azure/sentinel/quickstart-onboard",
             "services": [
-                "Monitor",
-                "Sentinel"
+                "Sentinel",
+                "Monitor"
             ],
             "severity": "High",
             "subcategory": "Architecture ",
@@ -20907,8 +21011,8 @@
             "link": "https://learn.microsoft.com/azure/sentinel/multiple-workspace-view",
             "services": [
                 "ACR",
-                "Monitor",
-                "Sentinel"
+                "Sentinel",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Architecture ",
@@ -20956,8 +21060,8 @@
             "guid": "e69d8d9a-3eec-4218-b687-ab077adb49e5",
             "link": "https://learn.microsoft.com/azure/sentinel/connect-azure-active-directory",
             "services": [
-                "Sentinel",
-                "Entra"
+                "Entra",
+                "Sentinel"
             ],
             "severity": "High",
             "subcategory": "Data Connectors",
@@ -20969,8 +21073,8 @@
             "guid": "b9603334-fdf8-4cc2-9318-db61171269f4",
             "link": "https://learn.microsoft.com/azure/sentinel/data-connectors-reference#azure-active-directory-identity-protection",
             "services": [
-                "Sentinel",
-                "Entra"
+                "Entra",
+                "Sentinel"
             ],
             "severity": "High",
             "subcategory": "Data Connectors",
@@ -21007,8 +21111,8 @@
             "guid": "9d55d04c-3c49-419c-a1b2-d1215ae114b9",
             "link": "https://learn.microsoft.com/azure/sentinel/data-connectors-reference#azure-firewall",
             "services": [
-                "Sentinel",
-                "Firewall"
+                "Firewall",
+                "Sentinel"
             ],
             "severity": "High",
             "subcategory": "Data Connectors",
@@ -21153,8 +21257,8 @@
             "guid": "8093dc9f-c9d1-4bb7-9b36-a5a67fbb9ed5",
             "link": "https://learn.microsoft.com/azure/firewall/firewall-diagnostics",
             "services": [
-                "Monitor",
-                "Firewall"
+                "Firewall",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Diagnostic Settings",
@@ -21179,9 +21283,9 @@
             "guid": "f0d5a73d-d4de-436c-8c81-770afbc4c0e4",
             "link": "https://techcommunity.microsoft.com/t5/azure-network-security/role-based-access-control-for-azure-firewall/ba-p/2245598",
             "services": [
-                "AzurePolicy",
                 "Firewall",
-                "RBAC"
+                "RBAC",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Firewall Manager",
@@ -21193,8 +21297,8 @@
             "guid": "5c3a87af-4a79-41f8-a39b-da47768e14c1",
             "link": "https://learn.microsoft.com/azure/firewall-manager/policy-overview",
             "services": [
-                "AzurePolicy",
-                "Firewall"
+                "Firewall",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Firewall Manager",
@@ -21206,8 +21310,8 @@
             "guid": "15675c1e-a55b-446a-a48f-f8ae7d7e4b47",
             "link": "https://learn.microsoft.com/azure/firewall/rule-processing",
             "services": [
-                "AzurePolicy",
-                "Firewall"
+                "Firewall",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Firewall Manager",
@@ -21219,8 +21323,8 @@
             "guid": "5b6c8bcb-f59b-4ce6-9de8-a03f97879468",
             "link": "https://learn.microsoft.com/azure/firewall/rule-processing",
             "services": [
-                "AzurePolicy",
-                "Firewall"
+                "Firewall",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Firewall Manager",
@@ -21232,8 +21336,8 @@
             "guid": "d66a786d-60e9-46c9-9ad8-855d04c2b39c",
             "link": "https://learn.microsoft.com/azure/firewall/rule-processing",
             "services": [
-                "AzurePolicy",
-                "Firewall"
+                "Firewall",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Firewall Manager",
@@ -21245,8 +21349,8 @@
             "guid": "986bb2c1-2149-4a11-9b5e-3df574ecccd9",
             "link": "https://learn.microsoft.com/azure/firewall/features",
             "services": [
-                "AzurePolicy",
-                "Firewall"
+                "Firewall",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Firewall Manager",
@@ -21331,8 +21435,8 @@
             "guid": "dbcbd8ac-2aae-4bca-8a43-da1dae2cc992",
             "link": "https://learn.microsoft.com/azure/security/fundamentals/ddos-best-practices",
             "services": [
-                "DDoS",
-                "Firewall"
+                "Firewall",
+                "DDoS"
             ],
             "severity": "Medium",
             "subcategory": "DDOS Protection",
@@ -21341,7 +21445,7 @@
     ],
     "metadata": {
         "name": "Master checklist",
-        "timestamp": "November 09, 2023"
+        "timestamp": "November 15, 2023"
     },
     "severities": [
         {
diff --git a/spreadsheet/macrofree/azurespringapps_checklist.en.xlsx b/spreadsheet/macrofree/azurespringapps_checklist.en.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..c9450bdcacdcc2b95ba33ce38cc6db9f41e71b00
GIT binary patch
literal 19803
zcmdUX1ys~sw?2Z1gmj2fN=t`ySV*Tzi68<Z-Ccqp64KoYh=_EzNJ&dc4&6i7Py_cj
zL-W4h_x|s_-@0r46^C`s?6c3_&wloE&aCD9<Rp<U<0Bv-Tt)beW1{p}wF<)x7-a+h
zuz`QtCR%dlCZ-lFnx>}Awnm21e$wbaS+O4-NX&wapDk0cQFJAaG&qQHa|LKWwD#C@
zd{X5<ATY%0TSCyNTtjJd_kB%@GfsmjLIL{Y>W7`F#G=$U^pwf&wc7dM_3747W!<bt
zdPyL~(Hgx+I-k!sO;UDujD9w)&?6$oGF+dHZY$hi&CjE!jJ&{PTNAl5cn4YTT)f&y
z5hG}qfItxu5OB`Mt7T%Y0}I$AP(!ks6~DGpV%8z*i;Aav2G$*+56D$+W6#AF3tp{x
zQgtj0M0aOAHyhDv<%QVD7KLU>T}R1mRW|*E6i@OrQxMNOc=2Hth8D|aLQ&hR2ci}R
zF=MxcK$y>&E4DCA1E&qXQ<yd&)zebsaInP&C^U=hF6`h?AipQWpBZ6mxLTo&#4~Av
z>DwA3uw^WBtvcYEWpnN0%PyQOCR%n~dgMif0e?dArFcfFigx;J#iDu@qtP^GyYu#y
z5F%@+8A+H7J95`#$jJs$@|aiM5@HfQ8#Y9>2c<6x$$qchL;mVJUjTA><bCyilHr<L
zAVK1~x9yd#XJu+_PH$*N_lx#gH5|Ia>N8vr&I4CPgk2GI1p%Rs0s#RJ0M6Es#qy1g
zk<Q^O8w|Pyl@^l$F8oTY-UEu6MTr7xm&;aY&kJ@#Iq#2K&jg0)`LI#npbD*_L&I3m
z3%`U^q8Wavbb%FvAq$bgx{n+$q4p0H$04ZlQM7(A7ZV>N=F8x&CBglzq49Aa+l_v4
zv5%C^$eQxijOy9aNTNbF1KxD8E^U-}MCo1i`h4j#<Iigr-X3;FyK8M3pP7h9uy0b3
zdogvfBGJ=652JRx{&);6dgN-{HDatlcV==GBtO6VCSvJ9MoQnY1AlSe#&_#49}U>*
zouR(dvf#0b>5(bst^Ffq?}w~zvqVyFRZ+y=hty>{Za-|J2-dc@q>yDV&THQ8?kLwf
zWrV-vJ9Vp~$wyK~2ZF!E7Z0kvWMxh^ckI$Y<MRVQjgo{WNA63jrSzv--jQ^oN7xqn
zp7*s~g~_g!B>GZI)D6&reyQ5iWn$>$HOEfreSAkd4;!v!P)1>n<`qtZlAE@L&rI^4
zK^M_9`hF-aydFrsvxSc@hx?KHcfoUd2cK@{TMr+bycxCXnN^gu*h16M`D{Q#-cY8D
z-hONR1wvA*NYJDAF*3{8+i%yfshwneN!igTmTBl-A--P-0_8U?$L{g!F>KKF|D>Z7
zyt!IiC-<`+TZk5~kJZFgkpszYd#rYLd^*M7Mc8R|VtplZt(be#IN?o5r~|Z<`(ST5
zc?Du3T;aTvPR5e6rBvy-G3PHloTPpyufkz-ZaX)8*ah0tCVO|8Mik0eCi;NUmw&6b
zsOf=n!fV9A>FMAZ<PUVXbO=dTdIMb%%Q!@ydKzeUyF+-j(MXr=9lx3iUbSWPx?;<J
zm0*NfE3dZ5nzt~xIH$=gG0@qZOxMf?hp(e$A)U7fPnKfBOD37<rN@*IvPmM2UlwPO
zuAy)C<M~UsykFROwMD*ss3$=27#$~F+&+nA;{mtWRp-dLt8Qro1M@@Ns=jkwg)4#H
z?nbU(WvIV+6K5tWf0k>y?!oCZc%S`upg@GV23t|U$Sls6<{6AEY`#cAp=UEg?=cc>
zc9~<}-wBdr|8vU*TT4Yd`eQkQ2Og6yF0#tJG~0V@kvgGZRa`01EphU_x1ZH)hG~`K
zOr8(F!$`skm=JHadXC6pB`h<Gtr@#YgB3d8Kk?`$X}WEa`zB@`K562my1MdcK7nXf
z!P)1Rv_o$y>qb8p``DdCu6apEL80djiKIJj4vKA!`PRHl4{jU2$gMHEs3qU-fY~4P
zDbmRfUE~a@A<NpGbK>(}*s<bZ=eHqQ5<3sbGoO&f+W5ORkMjQ-v1q#YN;ucZ{=+M$
zAM4oo*GnwXZ)dAh^~t0ve-FL+E!ukWib47is`&b!G2QfeGhvy&wJNkY9~P@sg+_bV
zV9#Bwu)9Y1qPy2+f||Zf<$T)~R=jKHu$>cD{9T9HAkts4>3bs)!)_RDH||u$Dlx7E
z)<nn{X&|8x;^uw=`a3;Z0@Vu5sLQ`&WK%{SlO!9x<Jd+Hth)b}hE<v^R+DP#o9NF7
z)=SC3k!k!)<zuGd*Ip;qj*TVLT%{<!;n`uphUpO%^HK3zTA_{PhMoyk&gH?Uvwh;)
zG*84s?oxf5%nhXLC#wCNp()Q$;pGv!f<_{9MPkUawAB~K{igdm#Y(4?^C$=%Vj0KQ
ztrO1Kl*UgqrRVX8X7DL)BrC?qvNCzaON}0|y;67{=eK;UQ3C@G?%!ey#PwOzjm%$H
z+LJUfN8@SUyvO@Z8zkj1L#H265p#3r1$&b_df(&Q5mg<cxf`C3UKz{bKKQN+x|c{$
z_$pQ3rDS4mGewuz0Mua1Q&Z7QtYS6VC*`#{>);lQ>EpV7pOuGehjYpX=Xzs0As!Ou
zhX6?f%&TpeA&uS!v-%YTp-o}kgd&!>3EN&l(o-C^{puYJ-zjxUD(*<?{@nlSfRnN~
z;PEHub?YUCmX=rKivev}cfcye{c1{?eI`QGLkIVM$)(MvhHiANw)&wnUS;omW<Iaj
zxH07rcLgkOpflH)S7?^jvg3)pZS+-9>rU<bWG`yS@X(l$c^GO(yNES!;NxcTYR5OF
z()A3*>Qx!Vv2IVS=O45fg`rFLFcI+^w;LBq`2V0|zv{DSxX8ShE1R+=xohb-J|?6V
z(y!!5sLGiBF8wJ_c@az4D$C+E#4tN$dMogxeVW48@Mw@*r*Su$Rc6PXJO=fAkdcFN
z`jC_M4N>}Dy)eO)j#Pp>B5e#j1pJ>g(ulsvq;^?;Yf-J&6N(zRp;)o?B7%D|AIft6
z2)leO8*`Nd0ihpy3E}$T5oTjzZea07N5|5F1^x?uj+KK<ECwD&EskdX+=%S&PruQ3
z`|8_!T;ic1knvTdPrJSl+1T*BM}6M|A2Es425+yUB)M}T2nwh5h;O#kOo_NntYK3v
zJ#U<-XBhwuFA8V&?Dh?tWSA_u*l*ZXR_>0rMDO~vfup;j;04f5L2%l_;_LjS{gU1F
zseR)@^%rC&mKIPNUcr{(!S7s!na=wwwvodv%mv|KYpdM-*>2Bj>NURttX*)+LP_<m
zXLNM;Vvh|NybvC*-lDNVv}d(8yS8sz6&>$V_S{L;MS1C9JfrkJq=#Epbbq_PsikFS
z(>b?1cHxhbaJhZ--Uv}j!wOeDcyIbObkccwx(_<NKvX)Q#sw<3kzHEvHmuy)(sU}X
z=*?vDw}JRCY))0z&XqV6)y|G&E{yVO2&>y(@2p?gH1T{G_ks+w6I8!K;pv$(x4+V)
znx0u|Q2D~LZKjf(d~mG02gRjma=8uq&e0{t5W*>(vDl;U0M&?Yf=(~WXtXf*D5ZIV
zp*>BFrhOWP8s9cL%T{~(R*abodLZ=&u}*enJ7uN&wbf8(hc(OH>hF+BvN&BxN_5M@
zxUiDTlBZCSQBawTw_)6*_~zLCpp<u1o$o?s!G?Av5iaA`8#>ttW$Trt{IkV0+B!Q;
z1bz3hXFG3o%-$+N6(PIr!1ri#9=jGixtFKLs3G)t-_qC7-dAUT%qU#8@C6zqo~AG7
z1F_DEWx!b9{jnZ-A<{(0f({}RKH&w8Cn=pbQ`&tZJc*`qm8SOAtpauQ)E~{i8mi=+
zZc~p2X{tNAdRDJzwgQKt?zXTkD-_*we~(~C*p3zIW4S+1K$sn~Pr!BH*FvM2yZzbL
z5z~Zh*wW8L+df|dx;JjTt5d)~G_^bxGLcy+l)UWMU2daJlCfS;`Ug7xwA6>Y&=cze
z*6xe?=*5KH_~HF=&BD0UHn30S3zJ2Na7CXD#5RGONLJLAoA2ksxCP%^d$&pabv*nh
zte2NizayBGOq0LQx+-gFR`z;zzP*f64&8q5@=`pe)y}-85a@P_XQa@geg(<=+{%;L
ztveCSOQu<j0=b;8J;)cWqX%Sj3vFy5xs@3%vqI3M7eZuroVd`6)T$?^R#qqa-YVR{
zCi!aby#2;l!!v+1b8B8?3zJ#NKU{d2No`*!Q54fgPO#E({ny&^FALiV)8fX_!0Jgt
zzb93bE#s5oLLL@wVLxzeFFo#55h}OQ$<&hdTm<Ej&#c<s$4sfVg9zGf7VPdYmhV?O
zbz)(W&xXwn6k?bp<hD3FQ4XrR>~7jSxnvIvl2*>{H*IdUb#GLn)w8h(yxU*_gI*t`
znKnUK2F)w`g$L0Kb6Et|7No-old$~eJOqtOZPHs7x)qCN`wC5VmP(E5L8Y;#O*<=L
zYxu_cHfg18xd*#hL*g7eO_GKC{v1q$-|fm&9&qnwRm=>1_P7~WY5FjqKsab1d~pdo
z-F=`q+_<o~7|&!zqeyeZ+A*=cSY5zrb277X<!-WV**jjRIuPiE3A1AT+QZDHjKa#F
zK8ql9ln$`QVC*`(5{salZhVdn7}WCGMR>ra&pI;OMGBJ3T;GP7GMbs&4FbjM4h(=b
zN)J@p3Y2nL;<<_9OP@MrFXkB9xPvxVN7;rJZPL=xT57?42LnRQ%!;06yLO$VI-C9*
z8T@;jO$!y0lOUo7=yYE_*mGmP)405XbkGDMZC==)DQxrylBv5?V_>*QPTo8h-aTc%
zv9e>j(^9gwziFOd8e?@35jg<0?-8us-7u_FSz3%IYuy|zS@SeD0|{dIZ<)G8yytUB
zTpxevkOsP0+NT7%IXkyilOzvr|LUp1px#@xy<@&cQC?cXGD5guEzDm=sc!Tqyu;z9
zV9*>6=KXsDi=V2B4*=l=Z|K|X?!30h9vCvo+{|Pt;5Je8RBHTGHT&A4qx|w>smXF7
z5x5izZP2u!tuK#pj2&y}X%RQ^NEBta{jkxg<+4dV&vLm1?{{z`i_gYw6#`nH&r&iS
zI(BwB60*W^&9a%R{<F`VLqj~)X}I|2mmQE?DVGs_ha?*#AVI4GnV)Uuwp4puLWhLZ
zi_(V%GZ#xOl6JkFvY{gT*zznS<J<fVQ=1k1=qx2R?)6U=#_g@!ov!s|vS8`Xv{Y|6
zcb2o*EZvO9)a_ciHr2CGy|}#JQOPhw9^ctn`m3jUz5vTJ(Q(geb4k{+qU42>>e5iz
zuu&<VvPofSPY1nf2mQ{^;PEGUd#z7G$i$!R|9N7W4<6EjfPJ8&EE<2v$z}hHdhwUl
ziOKj$^4bl4u>2DS|H0*)ENtsf^Cu$j?Ch=;k0eZ?oxM{jux)D=8i$|ad51w|vdNA)
zHlI2+|FYi?bXGnCth?P!DGQ^j!%jmLmgC<_3;PD@u_{{f_pYgwTL$C~^g*jZAZr_*
z6f&EG>Atnj?d26{_Cd^iMsZ0zbbJ~4WnqQmjF5o|#Kn2%wrQ@q7472wn!d0ty0Vq1
z!_N1G)&=n5+D=XrL1|0<cw`x0neWoB|MEBoFIm~{*L_GE2xadXq`=HpV0cA^rTm&N
zExRMRt)AlEV^(2ks|}(fYj^P8dx#ro$9|2oZ8To?%5<4!l>d^gZ5#w^bK7gEX-#_w
zJ#J2Et(#ASNw%?ec8{ujZYZa*X?u^ViG?}5p?i=0g@$;_&Q?*i1!?UkTk*P-U4c2v
z_=B)csK?Fv*hLnS3E`3_<5K|&r5x+lT*8in@7FBXZ!tPIkdixD&Xt)~4)a*e(6Geu
zt-t(6yX{mt8)vy>0eapzx-ezB-7p#-KJ0CzJMPKG7dT~mJCL({*~>CpO*^eAIL)8D
z6fc!WT1M!LPg-!dP6b^U(QK_Av-4{|e}29|F%s`^ZO7Zx^0W%83*o_Fw>j^e-qLVm
zr;2jWd?A0ak$hkwp%9h7*^2${?0y@l{v~9^8mFR4-Ll6{kRL1*Cq!!AKEL2u=-)%;
z2oj9(^yGCcZy$cG1nP6%inA`8S=qJNiez^zp|<s|STEbcm#%=|C!;(OY*@1NRyS6R
zH!g&L!hM2wHx|QNJV^NKZTR?Z;R)Olk5ZqZXUy$fzpWAzH<98qPZdk#6U_cxhgPJZ
zIk>x4#JQxo29Lc8FQ^6vC+)=TId`?aFL<jS&&eChO`N`#Tdr+5Z<^Zdy|)`Coi!CA
zs~{GNi=4CHHRa6(MXu>klfLlx7vj@WFB&$9VOxKfPSkeY9#&`>-R5Zk3Fv0hu3>4v
z<J__~X$2o-7>fn-9sjobJN}!(pWA2iesp>z&3eQQJ3`r*m~+Rpv(+_XEQirbIcC?#
zXB%`@SJqd}%ZvER1B8bOZTSLu@L3wREF}_UQr5X+WmpDxk~?QTqN4}2isocf>X$rr
z+rZ;JKkNO|14>GWenYEU#<A@7?W`;yCNCb92{<NL6)!H@TQRsiPPVNpU;Z7HzD_v;
z*{c3XB+G421q5A@0!ZS)Zzqd+6o$B`^za`lX_j@yMjgI*8}diA<ZA#IEZd#rLSO9h
z(fiykReg~R7K!{o`^=k`!0X{kkgx1F#<`?M=T7mBpXtH^1yp0G8$YG7J{ibKleGGb
z^IDm0@s2OP$}L&skEq6aN~Xb`yT~xKZ<`+70$m{@VzG|aaxfRTrqQ+!HYGDI?KFq<
zT9E_|%s+vM&j>lrV9~}q5yv^P2>6>g4z;7t*Wv|`No`P7cB0zS6^s&zwbns6`6k%~
zCdGiln`x-O_@0qbVlmIILMB`vv>3v`EW5h?%GoYonMsKVeI=x6IfT-TPCaOaK3p``
zocH?@srQ3+x+}GxpUSQ}rt8vKxo~QZ0syr6S^IT-hM{k()ATiz$xMd|O(gL;zK?>S
zR~~y%iEvaFd(ammO&uyGZx{$lgd0AWEp`GI`SCqI%VT(pq)x5p4swLp`w35p=uNG!
zbz6iG!W)>uXUA?K#<>Q9De~zJ{<~N5-*}-EOBl&<<851VQM^#o1(IYDScvV7L0{v$
zsn-)DZ0L^mre5cW<Ot!bivN?qi3)X}II>)6{Omjw^xGd{=o20O$5(QU5}|UtF7Fi}
zqIin$g^6ZFl!>`^=`d?0+0|8^=EloW@15-JzB9@Z0?)?K5ARd3lPa-w<*_9sT8?)6
z)RONPY-?-WWbv;!0-}2IFaapb`RdH}NgaHGBI;c=07N$skwmZ@a5+4NP=4Xr1L<EU
z*x>4mwaU%yzxmmi#Xk!~S3rKe=WgK3UDwZYoZk1d>7KbQph(05;|{7`=Y+h!Hz5^u
zBSn!2ep&B&v=^H^eCoKYs9eOr51q7|^c4x8F}X6T@!Cgs;Zw($_9{{JDgk(I63`vi
z@&I|{YsD*9C*)%v=!VpUy%GtWz;8KKe9tjzViuZjp~^2Ajw9_xEcM*y`uQr$0l*r=
z8tX7rsi%;vAB&fc%Zv=n!|0{cE6C_BGolClPB<i(Jg6G66y=yWgur|k`aGGv-9E!Q
z@cU@XOvY~x$}b^rkH7)8L<zBX1tCe~0(%@X2H-)7Cv2Oe)R?jy?xpS~qB2x3egdfa
z5BteQ!ImD=xm%DCSS?R?qc%Y~MBla2&Q*aWEA*Zo42Y9bFl7HwL_EoFe+pTm{6__1
zvdT-1<7(*0JJllYqMhWn6-`99ff$Vu^4j&JAP4?gUuh_7X^@UR;k&FMCd*`x-_ui=
z=Q&M(Tnv~xis(+V-#A9{qCd@di~)aj_fXAUS9ozlMe@n%0XiKakPHx~3)&8QKTtu#
z><k}8y%$i9>kC_8<-Gt*!Df$W@^_wKhSLAW#B99~hwvS#C<{P^@q2KcdG(pk51$|N
z7ywv8bHF%+rq&PXq-y_d6GL_dLw30+d;rKpRq^rChfm>qKW3vNOqR&b6wA(p;m2@<
z-+_yT=mr5XK=LDKbO6$K!N$_>osds*{;LTbJ&kssEOx-xQO{T0uC6$#JH{^Bp@Pga
zu<KuMl|SqdfUcRpvNBKVRjqitS`jh10mh+2>4^9WpE@o&#&gsVz6&Nf7frn2T^0)K
zvI5-WE@KGPJn6(|??DgW15FXE33+=W2=J-nViR*=06#$1*N{#H0X}sC46Al8YXT?C
z>aZJ#@Vens$KtA49iUnLwgYB$*b4h5Z$$25@B#~td`$LIPV`bHaPn?mJ@o;fI`*OU
z{P*x<APeO3t3Fi)2=Jo;C?dMKA-ddA5gW7dW=tp<ukgFZDD3f`1Z#!JYmIoa(H1`j
zot2-_C5d3I=f@fA$Q#`Urj9e_EkOQ9lYHdEvrng&a{cyq42R2bnFER_`YT)Xq=@xo
zx9Z6*B{u+5Cq;x$9T$<r#q&~fYqsV+J#)kBr=6?$3z$0Y+<F&TB*4Z2usJ7gzksO=
zHUL-5Pc-+SFfCEliyEl=5y(s{5Hh(r>P>=jfdi`v;P<I`DKP@<KNc@>r&?kO5V<sP
z3KExJWvHe>Iy#8;*~5CZ6OJm9Uo(8HmVR2|={3iIhl*H{NCI7ZR20=$^?(w>v?;9D
z>{JQsvupfL^o!b>gl+>DX!6%yz}a+o>inG>*!dhb+JkjY<dlI8jx`?l;2LI#y%(TK
zxiy=oa?$TkeJXKG+0c8b;l0l5w_|k99h2F>lH<C->^E=+uz-lp37n*%@M&VZu*9IS
z#Ewr}RTZ3WXMA9IgwZqLFjgP}#+=B2!;_=pFDCGd#{wXOjakq`8EpLA?~gcubu5Eu
zz`k>Ce14Vdt9xM4`%bkdXm2ctZrX3B$7({4QF!LMfg<tZCDgS8U)kjd@gbF`P<deL
z_@?kTCcstaFD7sjh<5^7_Fec`%XSif?400)2*wI20mjMnS^LKn&-wa)W0IG{{%xNw
zd;gfX-)ew3n1QjL1Q6|ss{X|Ueh7l$hamL$5bP$W{&R8&h61p`55Z9umyiccD|u(K
z*8to>Pj>`J#tfr?1W=!o9ijgNlfOTi&(Jm$U{M!rEPbAl{}(2Sp)InBbN=Jq6Ul7!
zG%eZ@j8D3Qv-rO7kt}boMnv6f>#6Tz=cQrk(DsnG`n95;_ki(H1ZS{jj?^>RF|=$#
zRFn|K54B<xdLGIjS&!^C4(-Iw*wMi4M8sisp~rSs4RC)_XY9BR{lV>GkL@-N?c~nb
zJwEg&0rQu9Y-iO7_xJRSo#LTCxLx|O-NvDv@)^6=hyEmC{_>CQteW8d)XvyhANqsa
zl^@$}9NN7+WB2~hpA^hr?XjIzGu)r{8N0AUe{j1NxSg%XT9NhZ)&-29R~=IC8`z%-
ziZeX=R(;8X;PzctcY@pbQhp6SoGO}X{2bHPSH#)$XsWd%zs1!EnjydIx*W7wLx2&a
zwR&566JM#Sx!CQ#f>cxktIC&ev@1`?(Y^>L<UQC^vO*MRm_WPIz-AXn!{D3ta!Rd=
z;-vUR4>I5rcU_YR%#q(sM3jjI6VyFpwa9oGfFJytT`DYfPF(Gl5_}@+UI!YmiMf<|
zQUlufod{kfRxxjJ4q}?7ryEp@UJiswGy!?Eiz)#m!9;pFDMfKQt%B$$nRz*ku_LFV
zQZ0Bj;ZxO5h(yiPXGld_M7kxNKonQRc3&S+++nQlGCW)dZv&~R!HCmvx7uqzHpJY-
zgKhM{Sn6=2pG9@rtsha3HtKdw(lLdwO)ny)>cAphVGk-=q#RvDIzcaK4K)=L1z+()
z*JWJb<%sZRAkm*7l+$P#CRCGP0A`5T2Pyu_zY51$@w$=^m733KKmdLsJ4g}?6T?#C
z?%zIZ-0Hb4c2qK^AXBC@xuF#kiWd>W(gQpnrUz6*1UEzEEYLl-Q2`Iq0F!`S4m->&
zU+gEa{V_qj7$)lAff-A|0t51f5kT>JPXyIjq>5+(cz}YzAcYq!ZtO;|`%OHm+N4N~
zV4ZLFxR9EUs0w&u{dn9o@R0kSsA&b6YMlu=?l4}5v7>k$yf4H%2wMvTD+}xl3)WWF
z2dG8WNi6_6JE#IE06=fL9|0|EmjBDm0OxERAQX5UHsr@~K(a^9)C*vHl`EX>$SCk+
z0k)em7LD9HVY`{^;42D%!h&W#u5bzq*5+SFH)cCUb`VdA03NB@vqM;A&7Re|rJ<b-
z!|5_S3<%C~806U_LWn1{0m2|Z48!U2Q5Zd<j79$E!Vo<SgZwy*4IK1E%Clhr-r<0W
z9*5yn<F<SCUxzXD<VKHZ(xB)m<?>QOcCP{rkVTsmcGM+cN`-&g<xwLL^$CX@#)J^z
ztq5#=)QbLM#s8EFJrMkveuqZ^^gHEozYE=-{3pE5Wl{uN3+Jf+y(5n9d;pUB*JuD7
zB@Z+wcRec^{`cULA%yt<28OMy3g81M<%y4uICgj(KjQ*aX^zqO^^b)m{zo*%{|OE4
zvvvJjG<^RNjkB4I#Q{-YL<5%GiIflG{gr@^>i&ru{}zmK!AUcxN3Cakh&wbE`_G7P
z9S}4FoYIdxIu3+xPyZ7j6aNTE%s&ERai+9?3yAqY0&+GP;Mn?Wul)MQUg7;mcASDS
zcdvuJ$nsaQ<q=k8zB+2NSrZ+Xj<jd)-cNR*Pk@(0elk*Ks3@D~zCB{F6@?zL8u>aE
z(>pK{yqkgdg_O;m&b~j0!${u|&vA60c&sLxHQ|SF;vU%ks<JuG+arl4HWT>~<b!bB
zhDhQ~BYBk*dHyGF>$x=Ok)K)3(*Xf?rxb+CVi*q5Y&gkm;1TCAfp;u+gDm(Jn&8r`
zQ!}|qJ#Br~xoO3Oso#n7QOAZ+lC#cTS$JJ3Pa;RuFh>+UQhvUGJPer;NtqEbreNR{
z{1`4@L%r;V$8#if-LCFBfF1)cr>j|bTq%!kKcr%+S7?{xfa?OHC|rKn$8c?{P|xp8
zgdfosc?>(VD^bjkvx(us><{l54S%~DF#k7;Wjok`aNx&0u^DRF$YsAXC5`!kew>(e
z7*05Rbfms0L19&J^Aphi=ZkHLb<_}H2%n&$d<8fMftTZYQ7;FbffNSUk~n~z=@HkM
zUBfSeBJR2!a|V@$3z)*}Pf_{HYQX&8EQT=+2nTlQfuRB`{y9`8E}v2fwG0@YgY<+e
z|Et9x!vbR-Q!fLbqjXr0VVl`zhkb$yuR5-YJnEk9UDYczriUN2U~HpV20ES9mE*AD
z|6dq1Rn@S)<~UALEQ+UY{$2-c3ZBDQ?aQ%<<j9j&mnO-zq|k#+!8D(J#hld)qgm>t
zJ~V!=yaAlBDcBu3ZfkEHTr(ZxecDk{B*3i%c!A&C8){JEV=VkCPU}n4+FnSjH%8(V
zc<5f6)vUGf?AzPcGG^<?)T<$S=VkFh<U}ht%`meqFtZP}LYgKHlcrUi;8bX8cvD+>
zQ;$A!McQ&j@YKtnsubQdPk%6{nO~w9Ec8fQp$HybnX_*<^G-K=9o2s99ei}kys;SG
z=@{N4(n~o8z(=R3#c)i=aL^t#oEH{5Y;>YwNnRFHF&0yg4$o1673~0Cyw;eLtZ`}l
zfa^8za`-t0*gDd5>d~2`TVn*p@qpOi>I*p6{TYdOHfswSe4Jy6gN1h1c@Rx&B**C4
zy#C@GRafTd9*Re<-RgcJ@Okkl7*4QT)qmW#6pzJmwYDfMXaIcAA_`0MkVh*35t@rf
zn!Qfyp*aRz!hsj~sUb}x^eYDa45F~4a{-zG4i9N|e@g8lr0CusrltP%a*L|t%>fce
z!bay1XFeA>Y;>l<bX((KC4U4zlKuy)k<S$b7@cD&42M&yoI?ecG0`zgZ^#OeYPW`*
zDW|&^C2*E{9i7CH0OVgTLN41;!)tN-P#FLonqS}{y-1D4m&4C2Fs__+4$D{ySbKO-
z|E=@JvygI3o+&3Ra0gh`@ZcW-{^P!%0OUBWHT?xdVQC)sreOdt#~CL5O>dfAz~n-2
z)?HxA>+`*N);YX4$In(X@}hI%b5!s>Q%o4%7kcwQ>bv<I!(U${3XtY;Z?4^+Y6c2_
z(f|=W!0iKgIlO(q^a`l!x$fDdl7{Ic>;?d9UEYiJc=AX<_pl)BD;JytV$^z0Y5(GU
z>bL>mdS!8@n13S+=K}xV`sO%yenbKaa8AU5G!J#Q4o?G<eLCn&G5^|`%x4jW1$IGF
z8ZJP}On*D>=)(c5_x`e+`gn61SaSiR^O`bomW9Q@=tOD%rZxYYtHaL~1U5RW@-Q4u
zsd5e#7{%4j^yaGo-m@zI*WOgQDDoG2^P-9qp6|`G&f#1+r?h`@4hZv^bJOiiIsc|N
z|D(Pc&-EtZ1w?gEj;@uOru$QjXPNZZ-n>Yp3%z-<)+!3;dh?uf7){SrQ}?3tuya(9
z{P(^2zw+IbQbvWbS1g6eaaBRb%hQfIv6@k)^2@vG_{nN9cHU-3(+FO&Dd7EJ49wsW
z&A6s<&7naT^-Rd&e+i${taPd@9?G=I1?_y}A6fOx-5!OQV%7HzsT*%bFD%UMK&@?Z
z`<J*2<6lD#ptiMRC~I3Lyc*DrQG3CG1N%bYdjva6Hl-U-C!1)c+)~i%(t&vw=<Kt?
z`KC&Z*cbcjbF6h~i^^C%Y4Hb>vL-$*6+;ID!Y=&>1Mx#)2Rq}@>dua9w!go=BN`pC
z;Mq!38p|I3(6*GE5=$Cq!<GvYPOEpB-kS8Z-7;ZoK>GFb-JY<^-KB$B2i*Why{moX
zoF1zvYrT#Ydm|E#tCKw&(<#HdgVQNngH6H{#Y9cy^PMO^oBS7-$?;r!_E*8VEZ$2_
zn?9M*EHhh`)44ru>Z?RxFgSO&JuTZoX?Q5zCJkEPK&g5Fsh-;bdk0k|I!-SBDa=%N
zocbx4G+g9ayG+*4ZBhxwBpfb!XK9PFM4pkE$<@;XZdxjdpSTGL{uuYmT6kBdd_c{p
zVl8g!;GORJN7{9#%qXhu`@;K5jFnKj>B`PT$64e3o;sle4f|Uy2QwV6_6KC=mh5NC
zSe$Licg2IDfx{f;j)_ppA>Cn7mqNPznI%GM!4=`DQV%BQ<-VL<w`cn!T10K+IhEC8
z!3W(e5xO9vrjlK^K5b9lnu@DA+cqwjeEIffP3!`ldPu%48vN-S%Zum+kvpzK(tUI5
zmR6k@#*0=w9fx-$=Ornilo|*=2OAsQ+gSU34K95me{9k~Gl8T+_HoSdAeSNMZQ#GW
zSMRKtsjESAoJuBJrs!{AF{?tM^pol)rOUgsT97ZhLK<IdM+*%xRkmlp;<Qbewk$ex
zgM|4@<6jt(8$<kku6Hg!G;*ekEkXHiGr(UCHFvOWu19Y*ULxC^2H`5k{~3LdJ78o}
zjjq(wGr+Qxp;YL?UjY>qN&&Y(_rY#c!UvWybx>jGEGRyRyyT#v+IdP=b{VYYU|j`m
z6CSdHSXcBr^;^o$**kR$rgZjzPzweecLopaD$DuzQ+MZ~MWCfZZs@R3rcyW<G-?7$
zo7OJ{c~+L$2`qbV?2j7%Suk@d6&@Ou&0H)fg&ODg+1ymO8on!JxSuUFRo@26-_Ksi
zuufm%0vQO>cd~1cx!f@A?FwI5G^v*vpFY4k|2?5)Ql>8%NC*g4=m`JndqV86@4J3f
z)U+6&!-g{W3PEnyi#r<CZ~AI+PyaDms?%E(($b@Dr;yVmsE2?}?iY+TxW;06U0NZV
zA7A)so7R$;ju0T&qtGX=aEpt)v+FfM*P!~$6?`Z9yi{I=o{&@{jOD?1`jMC@@8nf2
zJ_XJ8`a^Y;zgTRw8bnY*jJ3t$EqxT|68sC&4UDY|DK@Nw)Mz|i^XVAYk!CFimvI*_
zk>5a+;|6ia))#-hukwk2LryBFZ?eAo7v-LBC9>gye01?Lm#T0{>$GDK#vt?k2k-sd
zI@|D??@PS8(IMk(l~g^UBkw6-Og^(zb~~^9S|MxCDtVyRUGX7WMo+gw+#dT<cPA<C
zIM&XNodd%G=?W4mLnOkbM?|)NRJ%6fyms>Cg59~Etmz(rxw-?lm>79hXM1OuIE?w^
zOY54&C7hyUzdzvZTWbHUd;ea{P&M9l*HSa@N7Hp3hFIl-C?bC8*AS+4-&**|>Eo$d
zm|ZD(kBIRV<2o<9L&(q1;W2{WE3eE5#eRBj=~*q8;Eu4rh_R2N9onG~j`-lgp4pZC
z(6k(C6VI$B?o`>$oJgFH9Ht*8o1P=}W<L;n8Pe=wi;0~+bX`JJYhcWUlU^kkGMxp{
z^)(f5z-6Dz8mQN~y!nFC!jJj##4Urmu+mtL4D$kIPbp%g;<-1e0yiqk>5vr{zU04T
zPsher*DjIKJt(-MfF%2r!5PeC;N&IczjJG;PSJ^?R12ALTaCM)A~-}Q<ci?UXMu!)
zXgBl~73gg&AQoc88cbGIJYee$H}pu>xoC-A%!WJ0k+-|K5xm8}Wdv~e8KT_!`OFu)
z3$;*f!?@V{N9BFye!huthNW-_&R~2C*n>a1=Fg|?_w_+W#1ElgzrJBp@U<z#h<$tS
zD{-NsuA3i?jjl)ems_K+28Fj#M>8BoGqmi|3U761l<Sk<PAFAWh-xx@U#l2(_alBJ
zkv~&HpuMP#&2LM#_ex*Z-t$lF@W)rocucLQa5AWl@6>w_C<XZ>h-!g_=kOGUNs=nc
zc~fH<<gPg9|GYf;eCUyh&^Ov7<stgsZ!zY?`Cop~gPgA1c^fm<KR+}3awcq^$ozpP
zMyWT`pAj!HQKzKD3_`3|pT6YExhLW^F1J$MEO|H+*jInQFoy1-SBZCEdBu~`s~w5q
zK@Lxy$G_k=vZEqrV=z0*M$D4wReUU2VG7bqOilXZsV*X`&YB^rr}E~b)AVG1KbO?a
z`=t;RE^)PVF142sQ?N#V=fQ=qvnvM7Je|3WfI!EJfN<^byMPv!c7{3@@Gr7If9{{g
zg}u-40YY{aoB0`T>P`B&!2U$a1;sfARGC-ZFVR}Lcq=O^Oq*yPW@yh^<1H}T3amMC
zkZEM~$+ucx7R<zX)z3vEF7&6zH(B`R;|k?Op61Hm_|$4SNh&1l&e7?<0xfdaCm+z$
zyw{1!!13g1r%lwxYkL)DfL<crtITcH65$)hnd)=JFGIq1lJ#-Ffmq!RCzWlS<}-d@
zw!Tzz$uLH`Pmy&zq%|8l^7{{;UB@qUGtgwHLv7Jc{q)lK5{LgMqplZz!36g~W5e_F
z9IEn3(3K7SJUr`sUHoxg>ULfPlh3n5_Z-!Gi&}g(zZ7AQf3q&8bME2%U0cDsOW{nU
z@+0dynlpPP&wcDIzv+lLjyyGR|DN*qYQ||wWu%-mxgiXl0val5bBUjOKQcgMqR}WF
zHcUNMf}OdZ`%v7;BAjj7=?%79-M`6ZzP)6ZcvvSF*1YvmAt>21XKY6&+}uS`rRb*e
zL#X35vO6TGzq_Aap?Tg?za!=R<%v$pCx_f;!7fjy>8W_UeiMplfvgrkzK)We%5umn
z$9F=I<IrV_%Z=m4CU3)<7nNToL)LzQNp-Mnd^bhKJ?ER2ioFUaF;1TL1L5kl{IZvv
zp*$gMH+<5rdNM@0f13`~cbGG8;r`R7n$bttQs$6Tqr`@9C7HnSOk1aRR_dC1{%w~p
z-ruhAsH!bfFk|0p`#BchbSH?bu=It#e&o*GAXNJI>}Cz=KFdVOjZ$V>KUCkP<=s$L
ze3EuuJGv{B@)|i~Wi2Y+m*6p_#yBnkYp=2chlj*Fai6G%8g~~~IZbYIk$<7@gFaZk
z;}xhj6YtMM?2#N-@P&B4s=X$L5?8KAUA}Jl!Qh%&d%jB!tJD4GipU0~^LK|KDYlXb
zo}^j1_AQI8E#NMEPr>A^Wefq4uWTRsNHJbrTaziA0vWeBkVe>)#@^d&tq(3(%o-t(
zv*x?>Zr`Rq%&NW{AI0WNZ_ahQd)J%lD&9O^*%4I{;1v^C^9`^GBqa45oIRi#3YHQQ
z&-IDi8+!L(yuE%2Pqfc!M`jf?^_3lY7t|k~g)s!CUul%9s82L(XrL>gxDkEF;rX3s
zsWh9R^*h{V%3?Pder{jEdmn7?w52%S^TM0mEx2;-vGJX4(a;LB_&Jf6xz4;we=KPe
z-wgDk;Kqsm%(s7sG3bWI?W@S4QoQ}NAdc=kQeh<l^`%ykRGVvQqzW8Y5$nk@_C6Wy
zy3QV8(FxG}iD%krS6w$36$TXt^P{9tZhWdAZSPyr^3U~MAWa*5Ilb(@V6Bzgw~k3>
zT{WLrYB&A8h~k;BGWULrv=AwDiT954TD~Cq^yLNN@MRg2PdY`n=96*#Hg<Mw@JFQ$
zpXFEh(0=)>=md@C`OQ4^D9Djl*(^ku$$0x$`}GISW0ZG?yt_*2-(KxfcyN!(oq|vd
zsY}70;*aQhlP6T+LBJ;$wTWs~q3_A-e%@bJ(O+FsEh9&H+jRfsKnD8zLR-7Jw{`fw
zpTOSaKPZ05&Ae4cT<G{!NOe!LKjzo9tkCD3S1gOEMec_`zs>UK9)^buHUcWbD^$`f
z`5(TxR0xcL`ftOGe5|h!yMf9?@GmEbQPBsKXP_fD5@;lp|B%rhxR3C`9XmmDAVJKs
zmk>wnA@(Ja0{iJ!TaI|*NdeuigPW||MCY$Pg`!~ZAAl4R0*^)kZaxSa<~oKJEX=Ui
z*dR$`L^h0jnYcO{QmHkFY~Opc9)3VC@|sSJtO?YrS>OEF`-9>Qj^sgH98)G1XM#0}
z#Xz!Q9cztRpW@wggd79<mvLsFmG9h@yvOv3GvN0|FE-=U8uc%xYU4kJQWksS>u7=C
z5{o<?8#MflOIsP$QIrx7Rr}1|a!4Mu47Q<lMa5=*pWjQlyZohjZG$4<v#5wE<9c9{
zl#g{trcfNHB55sI>s6lZ@XW#5@2~iR+m*4b$zB~jBB(SbS=$$$0Ymf@#XJdk1`I85
z$HO|*e%SZGUzwN~z^`>dCI$nn*mafOw1`gmd@BXk*RnP946pebeW$il(FT){wv$uF
zg7e~?gGhBTJ+hTLENG#Ni-C%<R=XYjPUgQGx00J8sr1A2fWsncS90JjYH>eb3%yvO
zq|pm4WSav0yVoUhxA*Q?CGdQ@tNv=d@7^wXm<fsLC^drK-2_h2YVYpeK9=yOia)S2
zZt42tLN_B`imQGfd;RYBb|ukgsknA6FSJ=|U8wpcNzNNxTWGg+Ey8T|N*%z<-8aVO
zKA9_~#xT9Fxk943L9>T_(`h1kiPDqlhGuC@xrX+oEpz5lbtCzJW)*9W16ywp(jpad
zO$yjHz;>HIDm)iU{?ClShQ|(<oyZo(r>O+h91VG#B7T|WmcD}fx!_V%<0L$Od)fNC
zY~@acxZlbj$eKlAtNUoOqkZ?1HTJqS`sY=G4C>7c)#YGtpKylm!zWs_i29rqW0G-c
zl)JMDz7>vqAL}I-k!1R|Fty4@Tp!)~QPb+<)A@*K>9xk|o~Azgf}))=3EK5BDUZfW
zO0^mUVU*d%p(WQ=Q?`wZd5U@Wzm8qFu&1e;Gv@(?{0K1j#$iDZ$$Pe}a3a?RNu#}E
z#eSTLYmOjlH2e8$n(-hZ3%2E6RgHUd$lL-$iQFe2<D|4@>0i5KQbDx(wXvjM7f8I?
zXIvHf*h~2lLYZ!exLWZvbLVe7ULkQpk_j!>#~x!Xa~<Z;4x5ks96_@GAkPXEx|KEA
zH1b2^$8teM3SnR}U5H7*6V$|^y30*C$Q&x(WfIA4X<}$wh4PN9-ff(><2XCM<W4<2
zm~3{A8y-`vtg*6HYqAP_TfNjIbiPZIM{g>V1LS=PTwY+$;d%bh#Mn~D*iz%EovDt+
z3mAcGpEk)<vtsXs{_447J?o03Z~sZ{6N>W>s^~gzja6gG9f%>WD(X|!Zxm);1WWVH
zw)Ly48`zg}TUGo$-h3E)r=ZL=!r6#jWs!{8pf@(0_e?%KeaKC<c^dK!Bkso&89`5F
zrXD$PZ1Q~SxDjU+(QQ|eKtaDB>S@?~j}0WG)s!4GoSrlY6HwV;UN@AgAx3)irBwnW
znVi7yBa4Gr!_xpG%g?$C*T3+k1z-}&sZa5Yvv=jwe?psVHS?*7xTn;M5Rhw575gHP
zhK${JxU}KQl_(!?3{Vnw;1fyH(jm663Vwg7%U;c)596pJ9ad34$(Fgz6^;pvLIV14
z;XSQpcWTzK5Ly}5*ItQ#JoMnr!Ol-enq~i1@TI!~jA;OOE+OJ0{p&|q0ieSFyoEg`
z>Mswpy14q{1EmhvA|SlIly!FX@#Cc~F2DF#rPJlJ!1jOhkfn<bE<V)a#DVMgt8fRf
z9{9^6E-rex_>uS2OP9dkdVzlczUbxRrTWCnrJ{RqFQ-@Ri%TyaKBr5YM9v*W7Z+X>
z^V5ZSk53{$miCK_FAB%$Vh=I+;(s9{7yVpp%2PjP;(yzsa+1ivv$PNp(15@0fNE7q
Hz()TC*jM2)

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/azurespringapps_checklist.es.xlsx b/spreadsheet/macrofree/azurespringapps_checklist.es.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..0673b1c4510dfa660a25d0794a74c51885e2532f
GIT binary patch
literal 19995
zcmdUX1yogA_b(wRAs~$sDo9H!4HlgSjdTb~cMB2%N_QhAAs|ReN{F-)5{FKSLvx73
zfw#}0x%azw{NMY=8}BI`Tx-uY*POrkn{%!`WN&#X)C+`2NJy8EeqJ$C5>@?%?E#EF
z1K)VSx1O1<yrr4B6|1(nIg7o?E13WptXej_NBfeqL#7JL*V(Ukr;Ii^iF4l#(tBv@
zwd?%!TOdeanC;zHqGsiKYP&n$^%<^Ln#7Qbu|(@0c4d-@-MVU|OnI-}!JnYtu%0IW
zS|h3!ku+y}>@LMZ5#J1X#hr16+3XUps5t9LV|Mzj$d_vYUcD7m#b(>uXw{)RX!2+5
z)kBRM#Y6@SML|Nka@t;9GfREA!Ct|dQgv*E4b_sfPBG~!KAyR_j6!eGzIlwRi7yuG
ztohJ%f<du8xoQ@py6wE1c5<cR`O>5p^V*folTj1NpXCV>*oH1X%*WPcg(Q`B=sXa!
zdKou<Lud#`jiqV}$2@rEWzKc;Ce%i{>jj+b@j*{o#i8JxE7#GyDGC3KvNv6-(nIB$
zGQ)Y-9w)G6Dtoyu=(2TdgXje}E><&Lhi)UPQsSWB;e^sWqu)w*`t8MI`V?a^HD`Oi
z>?t8d*WY3$zx}GSa7~tq5|r_UWz{1oF6qOorkGzLpB9DWavFBgKE7Kh9&&r+cj<oW
zt2K{cqLg(%d-QIF3iS?`7qnx0rMvB#PTdiWxo${jf%`^+R~3Seg!KJ75)uIboc$|S
z>lgYa`UjuvaOl7)ZDydmgw?ox``7<0N*3R8yI_N<Rtyd2x<6t2Cpf~$pZ(TVn(%sh
zOl+`GBr@t(?MUQuFdH^gJ_?g<KNUez!*AFXr;zGLvBsfyZ}TzZXoYq!3GQtTPfYmR
zZwyF?zo%|R(|%mXtnpa}RZQqw(2H)irH!v%F-DhsKOlc#uDxvK=jC7mUF*pGaGPut
z@7i@L-`m}6s0?&!5x1O4MaMB?M=vE@Cc_Q(WT8?)4G6ezCjKeJL@5U^_y^ZbLXUyU
zv7oKKKerg$z+S63UU}kvdNmolHFAcnlBs>)N~3n)W-iln2jH1Rv30zr*j)DIy6ora
zdGT_WtZ;gfOOGn%<7n#G;Q92#vO#q%HkLF?=Wb0*zJU2>F;cL!=sg+rjDbvRMkyBt
zq-~*`FCTxY+;(Uuk40{axjF<kE?0lHOa_~}?A#@@N9gR}Wp{UZD7U0Q8=dRr*K77A
z3T8zLutiMG{u(8)0VtDki;z$r|2_B5Vl@UQ{~neb4@J#hjM?<gDoR;xVe0FDcu7mu
zRH2OZ>&C=$q||nikVoEevdeheuh;NyxyZhw;K01TOiQnW;tdWNDr#Ad-{m!8+Mpk(
zrKc9Ww%YJrzP1rhh>oD2&CFeq6V+jRykT}?CL_>I*kyHceI;+LjC;y7=|xz$6ReAS
ze|I@;Wz$T!%5~=xC2PT!QnmBOT%hnsss`hiDksR?c46d*8?3iO?#?o;7>v0>>;dyT
z{;j^!mIum71}K9wGogRb-qPdKBc-DE1-qkEaEd(hd8yswxyh@CNwMtc{Lx(Sl0CC8
zx;_6TqEQyzFAb%(yd|M!1uecQ!LF8+h8A{L_&VFbpLk0N<gQQp%BGQMc})wUnWbC_
z$ma?%eD&_L=mPQ$zvp(o9no43jRdZXVqN(p;h4(0@qk<Wl56zbC68<((84gc>btq_
zl9gaTPZRf#vbWOx$nsK@KghR`dU5#=-skukED&X>$zB>XI(sF(^$&JF9$&Pekiwr~
zZ|oF1C`-IIV~7;T?;Cb_x+;3H?<<kK2yPqVqp2*&uzTZ)d>0B;#g`tsAwjkK`h&XN
z2%U0*ncB!3>{Q&KNr_e)H55)8VcA(c?f6w%-0+2g$w${HKG~;wLU6tlQlub%|6Uo(
zClJdfIID)N7k*9IFjh_ceNQTtHnRScC%rGor9ANqF51^yZY{|6;&%{=+!%L=S$fwK
zG+V=vA(Q6RO~sTMwyf7RC$Zp*7cVjI`Z_FMa_0e6-c!nWyFmBWG5#N;RxS5*gbPg^
z-|D#3tm6@qeznHB`B{UeUp7-YC;VDgtnC!~%TL1?66?Rm4L>bd2+Q`beZx%fXSG><
z((LFS>I21%xMM;n1|^jZX~~){$l4ZGyyM`sT@X>0qtEg(I#97Cr<sHa8bQ~CKV7v-
zhA)Xb88%K4Oe}-~*-OHDV?;-!TBRLx;b)v&#;7QHn#mi^ZM5KT_g~Yp$*{+3(@bZH
z)kd))r-epm^WUx<H;=q*kkT+do<@7=df8Q<&X?>sUNLd+6|=HS?4&k~%xDTO3_hFf
zm(ZhqDiL;vCTprNn0|ny;X|(WW2P!!ukaO2a#?iAVW0B$cUL^Gd9Ghy>5_IG8^YSO
zPGIlRkK}5}<|mmp@_Ix&_zXXq4SRH1nW{=lvv=N6De?<fRuS&l%a@$oKgGdhjrlXp
zEFV{XrE24hCDOj|CiqDgBJK5u-Z-i%?%K|Cjuua>e$ksz-#Wz#H+&xHn9Acn$T1wc
zmqJvclWFYsb#e}pVaWS(sL7tEzN(c>#b&Hu+7~kG<PnPF@4kMYjpyzT*R<Ug(&kUZ
z1gJP~gQQ;KT<W;6+3fdn*0_o&yd|QCSi~AXY1=nMW}4G}K%=uMhg$z@6{D14?cPVH
zD;bL*uiqgC?Z{8s+H|NEgF5mV=T*uE)Rpr3&4g|Z@8A0&pFNuyzR|tf9)QJsiK9!w
zazU|qW7;VJeg5%F{ki5ZB^KFjJ3e^ZCLa}b85<U+`Y^&qhR200BQQFDiP-W6i?&MC
zIlm~EX=EzX_?BB1@A1@j;X#{81eQ$iZ4!RdU#2CJfi?6Tm;4uBEwbzu%4MucL9Lx9
z#)Z_w29%tMRhd7%`SgsZvXnJqm38qlN`!+lgU$SuWA>Aek+DM_U8X&lHhG<lUzjwC
zhD@AHKMlL+T@_>KGl~$*=*%Qy6zO2%A>vQg%qGc_&Fr?$YEx}A5{dy`Rjk^29>qOX
z1Y<qh!dUL**T--nA-&#5Mj}0EVRmMgFRfna>swo~B7PwHSmltJ6-YE@aV)QPL)HYW
z`2N)uH*vPm)aFG~Zcq20F5{d|8c*@{*RXFH(=#SacCm_Mm>@a2D&~c@#!9sMUuc@S
zAwFC(*|eEhQeHjcruqpI>Nfn!bji(r!>GC%y4V&AZIR24or2AShvtgI=fR5xWoG-O
z(5>k`(-Kt;3N!0MhtRl$_TfS1-jY1m-97v05gC>erECL-!kw`mpSoLJ5yiOBwjJA^
zaadhjo8@Lpd5-~f+efKOX$VdDld$Um6|4Q)#HL+KU^Z?xY-DlZ+7~zHHS0;L>T1=I
z9Mh#<5U9!223D6{(qtzjC=*b^t1(mEo87Tl>6SR?HsD%ZzM(KQ>;zqx)s%s>_~T}`
z%~@7|<r^N#1A*IoTBg!nN*j!p0^7!T%_vy~-p%Ti!=Ph9hDttlUp6fSevBnEgWPs2
zo@C27flG{_@Ag)<Mmv=>DR;*rU~Ws4lh6r0P=>?j3e8OL^!}$jNa6s$%bhaS=d4tB
zp{$X&YxRXqgd?*v9NIKy8q3QDO&0_A`L}lg^qgQVK2R8BdKTiNvgF1q&;c1S{aq5c
zufA7!&2gz%VwI0!)ksKcl>|3LfP#jMN-wyweI{deovBegAs|?Yf|`Pgx=ll_uq#jS
z-6CFp*NuXe8v__3lsDb@9_=mQHOz0XTL-sm3VmOgB`sWGpDrXZ<9GWCRxjOWZkiEk
zrT5QxL)d|XUmeiU#ZKIzxHB%3kumgg4xlu%<CU)ET4zXeTtXGgsz5B!mGUTC*0$Ng
zUIV8n63x*uwxMjRorS5gElq)_MKnH_JxtgL@GlWQ7YL@mvg{^itZSV?Xnwzns(_FW
zcc2+xBR5CoAgkN1YY9xCpTf+_-b&ISuUa5&IiRP?PJ=Rcy}0r>Y~mTnzqiB(_bo2;
zdCNQ`2}(7xx0A0X)1A>XHNrg)g>9Naz=D*2+NQd$3||f~hi=8;BqeAGp~EgTkYayx
zLSd?jg>3uWNFDP{Z+uDHLD|NS65csMXTNX#vC9y5ZI+nRF{*zeH+^k5mr^)9AkSlE
z73X409cPP<;?|gHNfnI8!O6}}c-v^h3OY*%UR{yzFMM1xb(MuXFp{nVJ?z)((R)*C
zEf=kz9G<)O4Th|>cIIV{6}#J}W2>9If|jLkR=20#hzVf@I->`YvnX-ePnwr`O@x^{
z!0a73uGR70e>i%n0_n|cYvOSEYVYTahfvdj%hs+HTId;d4p2dd)neEVbLC#OYZopq
ziM7<mhMG6`&nCy}uUAa-s$HEbzg7=^S_&Ak-nVkvov~cgthH#x>d@L)GcFn4zd5)H
z!zvkM-NfCj1utNAI6HNvqs_iaan_atL7u;KajGOTb%boh?u|SzpMVU>mg;ZVw-}*w
z7nM&9Wi;(OD1%eUU>j*_`(SA-?rbWvh@WjjIV_-(7h~Qttb_6<4S|!>X;A)0Ok=i-
zX`oMLi}lxbNKBQhD288{=aR@Jx)k<mZpS<k82(1MIJ&T0gOgV{HMJwWC)m_kJy^_Z
zQcwZPVFmdYn=FROZjuCKDG8TDCRT-qhKx6@!|ERADQ>n5nU?pzO5>ETH2*n6)d>D&
zHc;Z#)B|xXSQHGNfDPTYYiXKVH6}}F?OKDbjU~T|*aZI=Fd3FxEQtkAj@kBmueNM7
z7#EBbDM_zZtLL$n_+$@*i<NLA$ENe>_OxwyY9SM*WwGkHwxA~0%CBYo8V)W_tzGlk
zQ$3RfE*&aEOLi@=xd}&yxEfW`&DCC?wp16pGS$k2?iP~V)vXtx6d|GSO+7n%rcUKm
zeL1w*APD=AoGFOQ&0aOVydA6nWpj&;0>O-Xah6<r1m8?Og!-v0_Er~H1utzG*c53L
zbH{xw<d&pL{I$B;@?gYx^Ly^*RGrs)yFj1ezEnGwzmVC|GsiVY&6>+GU~QgxTkRI6
zS?>r+iS0{1$~P&ue$oxOZBDlt6b%klRjFt$7H@*)Ve>8Ew%Dn$Df>U61CbL=1uneB
z4&x9@o04kbvOa+vS)oP6Y*1)+&yWGMMLUabi0QsSN;`UB>Ly-xM&sTB)0ig499<IK
zopMG+qXK5xPMzR5y|sp(CJz2ep6CRP4wi!XewzaN)ROLR+Rzc5OXTh(TFdRlZygNP
zoM8&<vPG<pu+a6zjoRC8#=;7eBc-+5c06b}OB!IDhK)=T9F>xc{T+yFbw#DKBc1)8
zsqIKr4|#hFs7W8HU}VRW=%%rVqcl>K7sI+_<WrKn2epE7DaDSJE82a8ke2(nIOUjA
zmLx9sf)!|IT0m2cJ*EZm6(c5Qn*^0ZiyBgND;~1rBnj*Z_5NmpzO%t${v(d~tag!!
z10BIFurb_3C6d4ltNrdpP2KBs+_<r@ok@#_oeq^rYmWD4?%c23+Hr7kv2X~EXJM5i
zR<UplxoxOKM-tiFFJa;MaX4h^l~BCI%!Wt%OBAtDG}5?UA64)a0o44HnLwfD*I7`T
zE13{yZ){!T7wfy#)}&TWTQvgAf)x+di$)#|)WNoy=xmn=Aj`Vm07ZMjD=!;+9zw~6
z65`!Vg=^^c?OzB__EMPz8rH7J#g4^_Ih8`l7VPHzeKZF)-%ey~O_WuenOX4cj#ZeA
zd<@_g7;Kn`%==d8>ayjUAEz!n=;{#Zzi0eQG^Q@nFMF&6b9P9V=f@tXQHuKeX5j2>
zNtOHP8-~P5?h3C3#n_EiHV}*z<|aH_sUW_DQ^&tpEohAk*@ix(>%e*|yG$|e_*K0v
zVl7m}kx#HG7i9Ofp~u=Wq=O}Ix@lvbQSG_Z5?<W|WaOqixnHE-77P1($H*vGXn8#r
z_j{K}`!P1Ra$)CHp#+)6r{+6TT#G(Ai@OBELk)$-euh0*xV{~XUmIEsi3FooC0s|$
zdg;JUQ^s~t<2_@mp>@L5&P~J}pBWN#p9(aJ&&h6)m&avnug*>GjDHYp^y`|OyeX9@
z7ok-6B}&sEGJ|vFslEN+H(t?k`3jmkD`sE5#*n<~ILB=bfeww*Z3ib;a7p>y*WRJ`
zfH6<2PhH7IA}H|sSmEaCRvjeJr=tZ7OAIvBjoC|sEmx>hR`HDF2?^zx{RT4`LLDuC
zyG9gcnyf<VKoek`=q<=r3+fwFJ!kK|vdTC5(8iw0v0}HH2^)}HTaRhU5Jh!*$;dp&
z|2GNvA+J{KMb?OYHzqf8T6@20u4e)bp=Lr2v){txR{7({O+>ft%PY;QzsC(y-F0LT
zn;MJ9k^OT)?nTH~0!PfXU9NKJ&aTjYqnJd!uA71?lP$ZcKV}N`92|K0<7dV(;zu!L
z5FQioz2{5r8nJy)ZEj`dRyN374GG?^Mec?`9APWk+&mL^!I7PH7J0=ftmU9OlCF%x
z=O)FtN(AMDc|xpd=&HC&j^?73%Sl`BJ|vP?Ig9>+v&4=sMaV=raiN4RQcm}Id`|7=
z#$xvDl(sn?m4&%sofsF-&=Y|nAUJ=vWt2!%EW%0XW{qteI$dv=bbRUZ?+VSH9ABR^
z4%bN3XiiLINHC?rX^`R&7%KSKbsK7u0m9;T+qQNZLz>c+R*|W)4QNX1`aC#HzGty-
z-sS&Z&csT}4ya=bm3#>oR(;gHGbXWccb`Mc7!rcl--JbWh&wV*h3-}vPQr}$f4VxD
zh`HbjKjphNyfj+TvRpx($)9ZaIm)oh2&!Uh$zEQ?*VG9qH2vjW7b^02vbSaaRX7X&
z3PRF?UL$18AyO>fZrhB137`w89L(D3FJ5U~S3Q(h8@-ao>mX29Oakoz8*`V944c@2
z8TzZ770d53nBr&>B??Uro0LEsU*fhmKrn%G$+EA5!$*&<?aw%lf=0qm=s<NPBe_-E
zYh$?sW*-}=Tm*+Bq09G$?pq1m*R)UHjh0}oiR_SfWCOgBHT(mask4(?>2+@R-sIw;
zvl5__006eoe6Goomj?=6W{jp1#tMbRG3Uw}^iQqN@jY*kjLfu`owk<^;UQ#gT8@ho
zi4Wye9^ohS`tTUrPXq|$wrYob*5ZrWT0m6-1(-bTKEmbZ>Bmg56V2j;exmI3#A(j>
zM*1`gc3j%}G&Xd#&Ei)Hea3H*<ucFp3Z}28EZWgyilmSd`ahAKH5@dg?;&*Ceg8ym
zcBXxX{<7c0l@M$t;ti_>2AI|wh2Mi;^ym#A!k+G|Op!_6X-Itaq5J7h@HnsJ8#r6v
zgx`8BoGkr^PGU*^aBt~9Vv>gR3Le6*9%K^iAa@)})`g3}O6ilSo>n}3On<c@NjZ!o
zIZ-|?`PtAf&+xGh7QQQr-oh^T4!rr`x)UT1-o+6~enI#~=W(+q-yhDfEdH2$j#n83
z$(t^!WRMnmI0MyHo>j-m=WU-zI<|6#F@EzVNR$1jARuOhsAr`G9|Jg&$LEi|!BEhG
zn>a-(883gsCZID34!61f;|;|JGCz*dCNLInM}Xa&&p-P}nXH)VXisRc7S#QNJeS}7
z&-D5p;ER&s!1xJWpKB7=--}R)c~D%GjMr*(KirG`F=FZnUW~hBz!$xZhYb1wuyqZO
z?jWWPBSqV%MAN5~)QtflI*ieNjO{bcU>(h4JN!O9^80i_GG2%2WD~^H(IyPGxI-qM
z4O*K&ee+2dC=Z~C`nY(bVG;QVX~Oc02S6`SK1n99S0%H>J@RNXNN4l)k<)%dsFLA2
zn?IY@s*&OI#}E!Z1TLN0kzN5V8voBCaHjSNTHnmUF28t4)hs9R&rbJ_r~+7+CJBr)
zp8|FtvH6_HNX5O(C$DbF&k?F&grPSi+e>&e`5WJYPaRQng_~7Aix7$##@A4Va+EqB
zcKm>;qZE6(+lCd!*g%V#Ci}VR-T{BM_9uyZ^z{1llIRKF>&P=pMvs|kBt0XuC8xLX
z2I7iH1%Ti-<nXD(h#7QS9I{&*`pXw!uJ92TA=Gsc)FZ&LLAZy^7Uq~^YJYs}9PCFv
z?AU)`L0WS@d<s5$%<8{rVuTB}|7Q{YfW^DDI{6cS9w}o3rXo^E`dMSJcH=RP;0}cY
z<0poF7AJK6AB)I{dIMaJ*A6`)BVy`^8e|Y6;0wUd1?>>O{fiqPt8O+{p&UU&4g`u3
z7^k&=&O7n>FCvJ#u)qW_ATDTr2j#0rX%fhmqiE@Bx<9cIBLJ?80RK^OQjj)?cmWd*
z<2BtUIoT(f)XiIrf0$t;1U-nUV>L|fPo~a_C=s6*`86b}j9rW$f64!wA_{_p{=UYy
zEKf+-`q}9RoXJ+lOlG0YLQEZzz0vzdqc<|(wf2$MQ6CXg$G}|kCclOr#s`-=sQ)@2
zuEM8|NNn|r)bbUn{2W~BAQSe}3O{;ldtW|IP0ocY27S~?-N4VogaXVEi_#7}O7SUd
zkOzV+x8Y<dMmr*l8e3g4(vc-(wkU{_LdTXu=yp^`*&oN(VDlp%8DqG`k4@i$4MGWX
z^fp00PL?7x&R1ARnHi_8_WDU%{_T62hJC~*tUJ3`5gJgm5v76}UMid}9F>Z*W;=P3
zK`zm60M`$F_xGJc_<9&e-ntR(dzl7(Y=H9sNXH4M9i?4&;{1LBy5yZYpzI`QpRR6o
z@CtR<jSaUpx#Y9R0KRNsAD5hcua%FAIsu<991-1WxAJ0`ae#{mU56WmL%=cJ!$mfT
ztQMG#5qPR;;eEhT8Bw5T=Qkbo!kBlwKx;T;Y5U41<zY{nh<eIoafG@4V~R#{ew-uI
zW`Nv%X0^a0KgSEC`B78vv1t7~aa2<*1As)o(-?r7mY{pwmi|r+yg^TGZJ_ew99Pvj
zo@ro%BRm_czqvnY`wY96Idi51vNxWTIbNW7_K<@DWjzbw74Nt_3r_<}juipLD@GUS
zq#b~=lOm@Z0KRyPCQwGR;L0}0kJO+uF?|>aL;>L*IgbUG0mflpYXF4@3DW#GBET^U
zsHp(EPj~jmr#ibk(AgE_8&`T|6Wn0*AM<#Q&l9<@ADSK2#hf|9NAY9M-@BKI35@4Z
z=8yd2_s<fBPaU?OzY}5l8<DRm7)-#K7pP|&7Z2;1f*YZ-+YwGGS}^w~M8LQk?KjnN
zaQ`ofC>FoX5+*(|rmSWMHBA+65i5YeanN>j-2vkd506*?2Jk~`bN(J2ZNTWmvm5L)
zu==Q$z@0&)_f`uPR&oSz_Ba;oW_4pe>4ui@xD>%-s{sV-_~Zd@JjDSLfL71oM3_S>
zKEbHR^}L!M3K@9#<1aA*o%86-AWVEh$};#qs_^3->zTHy3m9?iAFxjre4h<C>rS}+
zf360dDK<g0hpI8VNlN#LbW9VQN_qjcwvDs`&*<6|dyjiUUSOuSrL;!sFU*v=poyLr
zUdnITjA-lhqMHNiiF9t`<IsP?^AEn)iTU~Jv0N}hF6fk;%z<18T#oTrE(9SLbxO|U
zKrR$6$9F6jijYe>CHMY7E(|Uwc`O%(ko$N_?$d!>I9yKkSS}nPmw!sG?LaO9E@yl!
z7lDu~JtYS|kc))NIUdVJBIIgL$z3Ku;1UIw^E;M{Ldg9%C3pKkE*dTugOD4;%&-8r
zhJnav8d9UNL-iT?LloaW^FqaBdX$BV!Su*DiaeCW=u2&>twA#wJ4B~b+PjG(oWj>>
z91}eghX(A+L`u^*DRLFekn0g`iS{NniYrvRKw4jHJo7t|wB0=;uPr4T6bYtDO!Ovp
zhhR~rciCF$>ff$2(6;GCF+c4OE`5-TnCNj&B?8t@MpcNX5Per*dzz~iL>OwoAsvyq
zAg+Ex2{ADT7+&Ua|9~J9j8P0qY~p?roMf~u&unQHeVvF?`GUUCEvf_|jLs-c&~FyR
zI&Cxu8p7xn!Xu-lqb;L7PK-_{Wxt<=D&aK#{Q|;VC%>1{>4Q-x=5GCJc;6IujR3yU
z15@dPjcQB3>ovc}INV6VJyqX)lYMFt^?=G_93iEP)MJaN66}XePF=&u#Jord0DTc(
z@ohI7FD+~53onZyvD%@FC)P4es;2TMeR+^8!WW|Wqv%qI?&{6=ilj>ZH0u5*1_Ahq
zd_|RHnjDdq@XY$4cBA*EctDdsm#Vh<?GW?Zr+mXKBbF#7hPwx7K5!3+h6sMH$Z4Q^
zZ(;x%Y_1!50lOR;RwP~vY=0bkrpfOJ!%U^&h5>#b7}gs_a~i2qIshIZU~otg0ZSOa
z8tQqC;FxImoAvK8o=}Jn5OC8XOdfcut{Y;md&=a51ACpu5AAjGJ7@18d@W$C9I!Lo
zSaUfeK!@ci9i0hJ00-yp)g}a8r9EUSu|yg1{p0duAvfr99iX3}#il!geu51)R19`h
zr<sL?gJ2d5&k?gcsHZ$m0$ML<;qU(JVhE)EHaY?g2w|^I>Y&c4Fwx~Q9-xtR?+}eF
zzp!k~(`dL{K%lXC<p>R`U`s0Z)8q`ihajgA${{)Dsh=!TpG0qv09cDaL+l`QauzO+
znq4lOgwAPP2nCS=&`U=d5GY<2c<(eAVh3PQA;72;)CY8YKcz#$skszx2Zqyw!{U%p
zDs*!~2<4dG02)*WXaLLL+yKxJ(;E~!jRs&gf*XNHXzaXw2iSB}gaB^*4H|&je@27j
zU(q=22~foTipCGXx&MepieSUW6*2(iQ$+`Q>7eLPA5r6<!MMB`*0^zn_p}Z$!wkZX
z1&qVqmoUEbHtt{1u=+PNEdLda_ET~Fdo=!u8wfPcc(UmGH)sIP{WCQt|CJj52*zL+
zb8cYNX>N2T7z~P8)9mhJwgb^TVX4l)M*obO@dO0Xfo^ar;Q-D5!sCDC$Nzg~AX?Te
z+e9bwQOlaPNUMvJx_Fq7StuAS@RV;k0`py|fp&Wv%3)zaEO+@C`~^D~_aF=2mF{S@
zZy=w(F2<H2?$&<T?8q!AzQysQ9IKaT8NI31E`s!=4pD*i>xq!9SWu2C8z#-|H(h&i
zT|&o~(_p+AE~i(Ej{v&|tRpI?s;GKuqE)KcVHz_AeZg)ATeXA5FNeabQN)!<&`caC
z`0#WAS6;UrSI2v-+-r^3$Lh553qms&0*)=maBjySKV)>)y-p4u_YPin>O0c#uB$G3
zC9(!fcJ!z~py5XVl@RziSzR%DA>gozDO@)qi>u)eiTH*=j;QD@Z>2`j=*-XTts$=^
zWO&Hoccm9J%u!A|CJUEO_5RPR0r7uWOaTCYA>a`6Tgx5<Jf}m3!pd{x7=S5aba-wf
z5?4j1gNq-7_P@WlPM>)kf9v$tp87xw0zM8fg>S8S-s^LQp9iffsmA$)YZ%S|z-J<M
z*0H~6hez<3EHxx?HK)l!U@ry_IyK^OL}u|{Rt^W^6sUi33<%c&m$b;5jGmzgYshGz
zhaMcw6x<V7-(=#fJCjKt86RE~sFb3wg<^;}x5M*P3k8?vHYx$nVJiIpAi%yPL#})G
z*vV91-BuhL#1uT8X*Jeq15{#8!duTSbuk1!g-8klP2jS7^y$lN@XPMe@XOu=i3zUJ
zTVYSxk9qIuOAV0E_b{Pj?3Y5Vntzd;TF<*<OCuAP!Wx3uJz<@;eVh37<q=tifCSD1
z?#9>;#PawkpCmNF3?Ba!p8sJv7*{bHk9&4PE}6K{xv)^i!}$BoRQg(xiyW6RE{lK^
z3JHQ49zR6F`gS-H%(VKR)ROTy-i$cj;DckXOhqJObX?_R;y7o*IO&dbZ*ss#$6lxU
zT204UP9NUyajj?|MyIxJk9*o4caRj9=@QmC3~Qqaj=ip}4+c)y^{2Kb0E7<@NoXOo
z?a_tQMu2(2@cS~ja%mo`o5!UjhR3ko^X543(}UvgyLnc5XFabK?HRw$E9V?*^*utg
zvNhU#`q3G~;h44h9$@z0){S8(dsux5mh{^_&mjtT^MD9(_5&?(42H7DOu!%z0~#v9
zVR1%a!g~&r0C-RyA?_CHouWCX&c*tv-`knPM5i4-s~qld^qFW%pI3f{3Wm+6f(geP
z&TzmN1jGN^y3^0Z63(jAM1i|`5KHrM6;>+)K=_!#(&WIs3-F<RjLF0~O!(nkBREKW
zARh0|#iNz}=1FFrQw}(6_&u87ACz+*CBS<)-ejkO3CFuXn9BkXfS&?l?ElNUqb*Kn
zX6yOn0o*)D>pGxhv_=D@Ip#l`1#ou)d>ot*;2ed=^{8LK3AP{(<ew}J{MHy=Gpx?X
zBjc_8Q70WgryTAu@0kQRue=qY-BBfE1uD#`V8ZbhgLCaBqLKdBbpt#&70dI567D9V
zNnWNCn%8eX9n8OGW*h+jF`{s%&sLO~^E8Wl{7B&N$cCt-=a-))5`1(z1FX)l5I#Dt
zvwxGC|HIYo#}x@qQuydh83u4TMU~U2z$wlPq}x$$t^pn5pNR%A<G9-WO@g$auSmQi
z^;YR8JUzdh7YN}=k%y1YbiSE0RRumeE*pPk+W&C%3_$CH1WN&$6MS?ggWxzEoUswn
zK8*^TET^cZ0rbspr{ek7zKL~?4CneL^Z9^zob8*ZmBYzGd<K=jC?7oysmj0f&Ht)y
zv@=BWIEN_Q&BMOA^&yg%<a9Lu(gdu|8+NXFo%h=6{*{%ulhW{)<t)dW!&3x4I+G%2
zEeA&bMDqXP>asHdDYI{us;x<E`NLLuy-0afJE3KiZFV-&+I-7yn=RxW4kwtxz|Y5l
zC8dt0vW~_+YG&0wihDCrF}qS@F;dvI+PTkcB##>k{1U3#^OB2kZgzJCcPSUgctD`+
z4cE%b=cdDEcHAv6R~M*-<$hoz6Y)rNWA&6XtgFu8PXE4T3GmFrT%uih56s0WRw=Z6
z$gx~)$!&W~p?o3RO(XF+Y<Z6D`#eM$H+Cv;e><b3!R-~qZ96a!TD?099<Q!)>uTCG
zqr|;xvwV}>8S|pshNJ-G+RAq2`j@r3H5S@pnBn%8U4W+RTc3U6P=VJ10zcgLn=1B8
z%;N8JWZal^`$-5lXnJkxVo42M^;W@N|7?lS<}8EIW&_pgp#QcVWEOR7O3ZF6(6{EL
z+ul?^NkfScbiHL7i*Ijfdtsw6a(BwOkhh$w;ws2)13YA0GH3?k{?H>#84=6MB<UEq
z8eXn8ROPr5jkOu%GDX?BC&*<s?Ak?<s#*3X$L-=0)!o?n4THk3JLyn~Dof$*QQuda
zp@~Z68yh><mW+0)?L{>m9*jV;Btn+fC)^rV=L0Qw_ywCI7pFDvLT0P~cyYl}I^NEj
z31?Q%rma<NExIhw$?S=_c0`R`15>RCL4|h8MOMVzN|b*R?CVyk^^Nl<c7Rxw{g<2<
z#<w3r?3A5XSz#Uyzg<7)46sJoxJEr(@V}nux<*p-u`Y2hf~23jE%{ZoL3~<9L#pw9
zgP7Y$Gw;h?mXQ+6fNO3)Ha}H=uewkmyowgI*V3!mQMJ|~yO({pph|5KJ#b<9*P8YA
z<X#tK&5e~CH@mUX!2z}gnT_C{&v-Fd{$jf$Bdol?cx-b*1ey+YjmTPGR=ewyvuoY`
z*3h!lz^Qs3lK5#zj-><_`1L{&?9Bb-yMke|VAS8`;P_$JDnWti2{gkJJ6!0REe7y3
zjCpcDxVU`JtECNiUS`O^0lGN>8kw*f$XVLdB<6yx_)Ksu?t|r)_QITd_d1vt40qNq
zR0|Xvk__%|!Ja#r&9n?P+CWq9X3s--<Eu>N@`rXNG8RWRLFE(GMTwOpAegID7i_l6
z*r8~EVz0Z(F}DQdvQ-z`i0Y;crdp&0Q!14}Cn)xo=S<5%OA+%f<zxEL=M!~1y*=#0
zuEu#A^Tm||q9dO`y^aMxhzqw@GLU^_T!t6-To<@pcd5=k&xDJW1pAJPg!Byy=|4Ts
z!~uUU_q`&>5_A_2Mug4Zl~Et2CncjR!C64w>l^xox)IFzh()5ll&z+-U}xib5dJ44
zq$XB;BpqDaj)do0U)dqQ6p(%-gm;@pJbSwV<+4#h^DF0k`X-&#>$4xVj7jv@0hA6k
z>RVmEwAdtwNcf`VKt<KeEz&reWgaS)OG={aO<eR|=sSO|rj-t9xO2s-a7aV2m>w(k
zv81jUwMms;bpF`%I(-($L8#3O1?>5&^#QvSaowg}=<g3hD<!Yr^OJH?4G%<#32#Sr
zgt%|w)9C%V!2=WghM!84dc|Qi1(o6!tB+$#-3sMiy1wV2n$<-q>isLciiMNUYc1*R
zsV(&HmgM^z4Wbx`euYGud~K_{U;BG>S=8Fy@cqLSTX8O>2Oap9qAN3y5&j<cFD&X-
zlWUoGt{K2=Js@wqGQy_6B+7e1zKo=#b$DP~xZ=ubp_yhd;Kyl76~@o@Fg%^?D}6n-
z>Nyrd9roS3y+TO)s|O16A8b+v4yUkMZ7E(SWfz<p7anB0p<6!5_b`y5u>_Ej>)Bs|
z(+Tlzjt3G<Czi2X>$Lp=fha75R;U|@fYHbwY_AU>73bjLlM-3oNI<=3mxrD9#zJO=
zKw7eMVS{&WgA7$&oa@Hp06t;wD}{O94);lJPB{E<CF5T*ZYo}IB<j>_t>+dK8~U}{
zroxbK{QEs>EZO^{6=qJx=er<f@!JBAv+Y4lzl$h11fzUXukmlVcLxyVPo`wO7op9J
z`H1PrWqkAU%?(bjoK)Gx%|!?vr%53f+C<LUTmwt$w<ugHa?82-tYU*U&XsxA6#q4;
zxg;)9+!slgsacuYN28yDFf+zkym5BkTDCh)#fi06-(&IU<TXnJ%57;8(cRRjK3=!q
zS`79nbsN_>%cs<SzYy)k8G0U;LjGr(cl2kpG@f?YjY|dOIvlpY?OZ*Z{1ck|m1UNf
z?%!lpz3CQMv?<#2#50@K7T>6BV&a}m0x3#!fI0aa|38IYlTvO;espPyVR#~Hq7zcR
z84V4q<IXy%lgV85gAQC`oovGyW5&*5igT|<qr9=nOYXam1f-PES|IZYC!sipHjA{6
zu!VeH5m-p(O{uD-5iuSUqmEmC^>gCm7)O*>dEe(dlo(E(K7zA+JJ*TrzFunJ^X=-+
zGyvyunz|G#vygB7@QE}ak)RJCo!n1Z92dvcc)sVp;{|&1qLGHslY<9(Tf5k4xk#7G
zhW}>4Z||MLfeuDTp*I_xS>v^&3v{fkBk2a;F*PaoJ|y0%T2W)kce(({gKWE<&3(n7
zKhOSLKtiHtLqfWI@GPU1wZkiYE5w8NYHESmck%X^-fmJ}!eddu&%DMk7d((c4OX0E
z!jRSJ(ZX!M%UfMlW!^&jFjsHZmH^CRFR<pqNvWCN|G3@uf?(bioq@Zw5<<Uw-=zs(
z6RlEC;c2b@Nq9@WAXSB&!!`EPJApQN(y0dwwBGtLxmSF6e$l1q5p?K8yu|t{(WlI9
z(-!qEf-BP>Js?-oeu_<W;HCKY9WEOC1Z@TWckKO{mQoSS^vTiRc_`{P^dIj%R3IfR
z@p!4t^c|y3FEd%o6qz$H*`)h<Kq%4uq4AN01y0q+sj!s|<1YlZMTUeEytjVwBAI=d
z9lqzR(O25$4@ob@o5->)qj&A)`q@y$3%%}2qEeGjis{Nx&2t}bD_|xnf%A*{{J^eq
zP95_MwK8f!w)`-*elabLjHP7lZcXkGrC996PP^N^HiBJ+K6^0ysnRRkbTb?5H+p_j
z{>jqfkbL-EKB9H&{gaS1pMvon{YXnUMU~QP$`4`Amnj*^F@E+uL#I`1Yuu4`O@FGN
zk?d5c5bE}9hJl91_b0K4?vTymdxIFc>3pXzm4q%x@|=dZ6ABZ!@u)g*7sMVfQ=;iT
z$D!F@HocRf;#rWTtKz7_MRw(j-UH#f?4k-Su5g|(_N)HcmwcFFJhNuPjh*H!+qi%C
ztLF9-w^cY5)GM(Q+DIjFD(LAq%t~L@D7xvE?w56$M^%0KIt$*7j@t3W7RHdfCFReJ
zjiYz&gkUgub67Ne@?R!NYnHaqtx<iG{pG5%;?rzWz1Z$>>dREj)eRT~>7nCF%?Wn}
zY<(;CogR|yBqZM&Zia$axy-KJrAlY$hdo$k^bJ=3lNiWD=9QLEoKCj)?N@yqHNJeW
z#^dkH4+huNe-*hEu({k<Q$%}NzHnz`Gs9jA$%i7p(6Mc?y=}gm&_^(BYZ+TW<Rkmr
zehO@z%WJYF(?h0hP83mg<?;7++Z#iR7xPDn<Zbzo-|X29MA$U;5MH!P?<*j6xJTOZ
zz3PSN%8r<d0I#^f+PfgTU}6fN!P$M9;ZSKIi9-MA-QhP6CVn+85s3BM?8vSTO@HJ-
zgANTu=3@`fGpsbrS2d=*YHFe{zJ4{9(MgR_A(Ivo-nheUp)7utsdgKkz&q5@WlM3Q
z_qiX3M`-n&s43&NSa_91;+%+9p)0S_Z)>`g7ofh2_z7aQMUHQ<2R$&k-zjpclx;sN
zPN2_0EvY8Dh1@QZX?HoB;tA&^ltwD--DDG}`|Lh0y#Vd+#M?W+RM#!VgonyP`7dTr
zZzMO4{pw%Q4J>>IrpO-DnpyS)+v*nfuj5eKep^T>cbLg3y{;gv%)J*UBSZmP;$?JQ
zD-y(-xd0Z9T$UwI)-S!WkcJ<yv9n`GI41K-p{UBAF8za|3oMrBC(H1o5NBRxi!kBa
zrrSS$kv?c0r@k}n*Imx=`cn6k2lr?^uM>--c0X~v{#$Il#RvA}K~S=r`edD|P)^!<
zfM5D5mJYIN1=YpZE%&uRxmeyM_6~EezZ1Sop7*1wx&A}`&ue8AaOaN_ntM_MaX&8S
zhpTm=TbJDuxgV)^ll9R(Y%f_nBn%`S42t~6HSh3gkeGvwUq_hu+oF?s3{{8_UPuzB
zVF;?s#X@T)(oCwXk<|m;M|$gtm!u6!61VOnz9Rk*4_Tzxai-m#Gm&gcz_5G&8rwF>
z*^*cyHt$yhltN<Q)h@t^2uagY|CJRh3;Z)aM9LI}9s6D$zP_e(W<3gfPGA1Rw^*gV
zGbz#a!MgS9koSEx*I!(b+D}NhorlYnWJ_)ZN_+L4tzNxf@y;itf|m?h2^Jre8ShBl
zyPeDx^mC&Rk9m6S){onD!1Kq_R=X1Gn8EX3t-k2nVG?d2Z{^m-P)j~k?YDT%DYf4=
z*n!y{6Q7r}u$ysbIlXml<9g5sF%fg-_25)#f7`G;p@gBT)U`BSoiFwyfA-gYek2s!
zu8wC*^X=>v!JswE-#+&a8<J-iEmMJa*w6uIKiq@b4}Xqb$IR>{;<y)L_7cQ~_r2PW
z4#lO2Z>8Aw@@MTYuP(nc$+_jAqBl=Y@r#N&e*R0MYY2rQj@M_UPAfXt;$pC3ybZK-
zz{T=s^Hy3*G>vhD5zs7Rpi-dM7-a)|Z4BZiQYO!J(d>$i?~qCsZtpVMB=IEQ(a@Rb
zzXzp?Fe5h~yM<(QCy7g}&abDhpEdHCVhwKY4Z}cu7$izdLN#aH;LXqNYLXAq3BPoG
zF=uZX!ZeVjxUP0@Vcs;fim*2-cbZ@BxjH_VY^j(TciX!jom_i^b{FrO%VgRTwa@LV
z+U0STntI4vmMrBOCXa(!Rctx;?SY3N7HQDxGv@7s?6>)2A`5XJ|NbMe;k9$uL1YU%
zc{)k8K=bjHQhwRxw*KP#h4bYYrl|z{j&hB6*ehL1@Uto($XUeTY4~e%VCMMBnfl%s
z`>m5Ci*YSibvbmtUpUwB;Zt2Y6l1RI<5CIP)X>?acU8`O?;E8SQDytLaC9q2-5=ek
zsc-l9?|MYCWT0u#+tTk?T)I;sNw+>O?bVE|)SyWeLH*e@{Oje_jBV30o-*FOkK?#!
znVYR)$?^pV<a>a*R}TVuK;F|~MG(0mL<aK>8=hz$z9o{F$?S)Z*`|ZUta#SD-|9VE
z!{)$DU*(hiO;fX%Wqv>@r9<e98{#QGg2{b<{c(TN&r!~g6n^`vh`S9>D|gX`=nA<D
zs%&_rG2S>^h5HDnUc^H5hbZ#B2VZQ4!ng9LT1IO$YnF?vGKhoI=)=r{o?@g7f4|Uj
z1&ve1uR=1dBU>DEtK_jWn_mal%>=H_^up<f`%|s12_xf*)%7;^>Mb_Guj`gtgwFb!
zHg-*!3Lvi*aCm{gM@a3VnW?qDskP=a2XlR^=WqfyJZq7yW5e4G|Iy26JL`^W?3k>c
ze9^UrCic6Z=BlaG&gLt8Rg7n<S=TLmiIx^x?HgBDH}H@P+f@R+Uc4QD^F;aXC|5Jy
zH>)(9CZq9@FA9$%KMi}Rw$5y3VJFl)l@;_+zTGQ7AD_06Ibp)}jpU}gNU&f)jYc*e
zpXf_T8FeKmO_!%l!bCK7IHa$n>&Z|brMF9Br%@3Fyk~V1Z+aGFV*SAoOq$M@9fU(H
zuQAOt!O>mBkc>IiZsA`abx)}eDX7qrCjNOaEhWdhk@6;V^ca6X?4eY=;HOgN<-_a|
zRs4a{7kpd8A12U5JFQ|Q%T;*Hm5d9FZ3Ye8Ab3{C;nJ#UCA2bPthbUVI{e_p{!Z;?
zw)MbPDDoWv=4^mF$S8!U|M?YM0H}yRui>w``pXNs&aXcILac+ez)Lca^G~lndOg<p
z<>y}ub+UXG*#2)`5_Mj|`ImAWD{#-bgi!Feujn|h<@~Mii56$Uztw`cF+Q*5{Gs|-
z3$p!vgqD*d_W7mfo6pHof6+6o=={R-#r$NUwb-%cN2UGz;`4>$WU+_@V)1_{Bj@#;
gPs$TL?2><*qViH`z`MYZkT8M2o<P-dmx7P}7Y9{kbN~PV

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/azurespringapps_checklist.ja.xlsx b/spreadsheet/macrofree/azurespringapps_checklist.ja.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..733447231b0bd4cffcaa2cb76135e4c48b24b177
GIT binary patch
literal 20383
zcmdUX1yqz>*EWc#Akqj(DvfkVgQ7^6G}0kTcZZ;egrsx}h&0kUsFbvnNJ~o%T>}IE
zJwx+6@AIth```7i^(zePoY`leeXf1&Yv04-zU3s5F5@B~AY4QEfn}lcSp6%S7clw^
zd}9LN1{V5q))tmF%(|AAOpa!z(t*;~zp-FGI*^zhHdk6EXC?1R`Q79q#&s{);Gw<u
zo~y#wph5l-mVgSpX4N_h2hKNj>F!ufq6j6|AJ;zY&L9+}y7fYp^nSaOKTf|<9c4aI
zBa#lD6nlH@9?3#6?+kGj=Q!PLR;hPXoNc5rEA4iq$y%UyUlm!2#f~m=O&A1O?p(YE
zNKwC05rIH2As}F#jaT2o+7K47cZjxREemdajl`@=%ttk!*SQ$<f^U((dW}C71DEKn
z`A~K(4#xK8KDGL--_En;AX^rmFGX-QuU*wL87YxiF;4);J`DUYA5EWmGpVdYPgvB(
zByRk+;4u1ACeSvzWyp+4Ho0XJQX>s{0Xu7a@RL@t-9-o%Ir1A)+&{lro34QjkhrHT
z&;#1z__xhvZqx?fux+h>eA$D8*+So`=LK2W&ETKmxKiA|zm`Gz9mQgPDaWE}&-NDW
zs~|+zQ85rRnsybg$&ir_rWY}-dL_jreK2i`=?u*Q3(98K?;(E*SST6xc;t8OL8|GR
zR|sCpx}W2f9;GUc4!7sjWBX-$?b<Fq5skSX2<L(OijN5jy@G(yK#qWb0|4h}%53}G
z(9H1gl@$ivqFS59;62<Lj9&-jf4~wYR34Y@P@k6UhI2fau>TVh@xq^#>K0{q9W5%_
z;)_T`qzc_g#L7h$w7dD2?%Ma0;Uv}ngkrgb);x+e4!g(5%Yd#E*0UtAzdbTB;qSOH
zATIWfq7_+JzLr7jvow;ZAW`u19+stz3h$T~*L*)9eqi`^!^Y3s$!vG6BliO%;crYL
zax!1W9u_1znx_#|t^|+AQDc8!OSnOZ5%QXeObsb8@PUO`PN<nmHfG3ojyt$s1Jz@}
z+rR!$(YGynucCYBiTN3PN#FY-Yt$-{`s-_1)ZW{SWm>L4OtUDKj+Z1`%f1{p{9eDl
zdZSxL=wq>4uR5xHG(~L4{Kv%dAq^cCrZj8U9&J?Kz<I?ONoZR1zO+XAK!z>7q#GT=
zj$n4tr%p9Sr*`64#I~4Q!;8k18j8z=(5V})-O~HGu1?+#_m+oqOAB<baF|pOIhHC}
z6e~f&sM`HsR2H8NX3%fr;>uya<N8tZl+MM!m+AJy#}?1W?D}SvC2h7*4Glk-P?I%P
zsb25AJ)wz^+Ab3M=uMo=GUm?9HB2funE(<tRPtqNTD?ne7DI=NTbASZcwXGypdI)|
zOCdnCTHhe|tr1g@2B)9J!c&<Y$!TZ2es*FeJ;+1IZFO>eC2y^qYsx(7`TKAeXgAlv
z-g4T?mW2?=9g;)JT(GTD<GL{yBs7|;MPCGR*__)cj2!iV_I1c|E>nv_8LC8u83OpW
zf0eZet0q0WG&D04_6PYbEjBGe>Xlz1o|mfFMHGEZbbDWK@fe_zEIYe?vJ|-H$l!a$
zk?$JbZzlbs`Z9Z-(y;P^7T=T*cWY83D+eszuC~P-o-!O+@=0HrG<+TJX+dO*6s*8}
zj!+}hfX|N?5O4cwI{0=(>pXnHPyYBiR*txHD)WXgm)JG;=(%fNS$KmBBV6hMb3LUi
zA%3sTJU_`$ee@&DOHutG*FxaU;Xm|%?MDcIl(jZ%S@7>!tdFgK(DE^PqXh(&{*1gq
zOL5p`ihn~ND#`ZqwgaZVnnCQlY6Nc_Mk8!wwFPO`H<%&~f??{|Qp2~!$@X4;&~O-~
zQBAOTI{FGN6(e|3yw&dMC3ZU@nORKT_*H6*@P&cNM?@q!j;XIV(Hn3{QV<&&s$+Ti
zV_5`dpCTHB6R8@-J{5b{n@XmOX!ztw-*aNg*VqMD9qX*O7i9XdJ8(sAk2}RI1@s2b
zexXa3PIKuYyPNTT*`Rw)e8CqpUVPsD<@<aIh%i~60%^QMkZ0={-}m1(E%)_=3eB9~
z>bZSc$HXP5u)TigvleB)OonQ9I8kP-{nQncoDmf9^`GNLISW=oGW}~`Q4{=`?N*;O
zJ9~!t>|#W4n&FD>63B$MWKI`k?g%M!I=So=M3iS6GMPjNDYs-d<KNwlpy|b)2CWie
zOJGdCA14X9DR^mfKk53b7c_Y4Al;bDKjLK5e?KNpGke9pgB<ep!AoiuY1VjM%IQqe
zZ&56WX<^Y>e2mrOmXSA}rPPm)r%_)cFTdr}Wx|T?9TWFXIWw!&L2~1T1!ckIA;sB#
zaRX`v@%NmRnNx)!v;+9{A98i&?}B{2!&gv=Wv)n!_*AwBV7(@Ky-vQ;E#*Eoe0|F{
zfwk8#lA|Sy4}bcF_ao{dMeJx6wBO6BWFQ^wzIkVr$Rdu+VvI2p6Lzj2VvB^0`7_N-
zpH@0kb<xKXsh_{W`9TvZ<^6}&I0_U;1kq$`d40YA@tvrzU802>K9BUw<*<dbjfU^1
z;FaoS7<*Jq&TXa}@t6!ZIda#5S_#$c#`>jvH)mbE!qELa*B`KO--B>WJ75ts=iJ0W
zLVp`9X@Y*O<MLLspUJE-2rs-PqW7kVEq2n5Z>aP%yW@aXS5r2HVFid@(&*d%Cl{=A
z@Syk4&}Z$4Pukk_$iTrJ`SkN@<pUZjdHoiGR3iuXzsqIKW`u9_thNVUXSl}Jtz^BR
z+`KXEl5k~S-o$XOxv11Cs}16VxnuT8S)aasVd@vk`_YkcLF)*Vu1*nqo{-0_;<c{N
zE2SInmTP^@Esyt7uwM{vGmE$`-N%T}XWnUEDiQRBmhGB9*c8mPS16mlCb?_tIx#M&
z@qR$X^`<&Q&Z`_n?&>n;h*f6rjY|<us&sbqQ_fjWK1Ie3dv%-lqT1zk(HGs-Djqg-
zG0z!sGq@#6_v=N3KzdgO9=%A%U2Z(SWbG{cOqq-x+srog#utJygSV7H+nP~aQ^io`
z^DT@(L5IqY6X;#nFCh>dwlD_^YZII2hK9B_%<v!ZKGrs@=`i>`9K4eEVa33(P2)TD
zN}!BGUT-cve!%@tytC{!xi5SRitqRbJ}T|rS+C`KkNEr`$G9<`hbtt93?<Yhj66})
z8nP=JyIUhz^)#>4$iu_KWox;%&|z@VXGyEdvCOs9y~f!Qw381SY}%OKhZ<Mz&O-<B
zG04DuSy{E=BcmX(oBreVyS;70g=95Ct{tO^n&!Dbp>t4(kCD()P2o`I^u*@ow0U){
zPtek69@xXJ95n0-8S7u|Uw&6JROMDG;5tzsH0q&Rt$9#2vft-3jA!rRX2rW2G^#yZ
zr9CPzWD0Hv_w@<!@6zqGr~6M@#@8C|?>>Xh>aNce`Z&bOZthQK4h}=WV~h#$W-1o$
zTBEtlrSn;}ZBYF}r-QYrIeQ0(tolEB(0$fX(wcIz?%1~JyxoT&&;Z#p2O^(W3ro$$
zTT_w6>Z4#Ls6vIyBM-ij^7Z~1zM7ip?T*@bSG%YMur5eVAiH;Z^I%xRY;@6ly}!Q~
z;=Hk9zq{jNw>_eLFEM80g;xFAo+W!^?4VEWL4q5vmTP(C-c+N{;xu#?va4p{F)Y+R
zoH#N%L{gKxFNo%5J51@6pt!@v9J<%^iZcBb<=U&B{<SKN)D~u93LX*)0TPOMGK#hY
z=EC|&aD(OB1>3i#?r(=*-@yn;L=O?-eY8=f!8BLo3L&VUC8*ycFkG3mYw5O=9NR3U
zWX_6`S5AMW7=(^p69};lfOJYER?S(n@~7WiyKB_xulj~&I>l((dZns)E&J0Q`_IG)
zF)gAUZNs_=u3kR1XdUfSDd|Q~B5>>SWlcf%H~SHM?EK=9K?%B8ErbcWEqT98vF|-i
z?OkE5;!dzdr(vre$aUY_cVC-b*td*_Hqp@~c({v=1r+l+Xn~p6yTMN|8Z*EkH=9zA
zSKCf5H50MJ4@!mh*Mow#=GiyQ-FEs0V|^C4m`f_34t4vtbYp4B1X?<{O1a3<(9R^u
z%C&vPth$qbsp^-&KFezk{vYd>O_QC~PU1;VDh@8^$@r-ASHz~9;M#H(PUJ>RJy&UT
zNUJT>0aZc2t}cHsh{D_78{3}-FZRol3G&B54WTXIVcCJH6}kQt`7c|XuA{^?iTt<Z
z9wT`naR${0MGwy0p7gmc=!^||y_7YvMYePkbU>f(g3k4We}8{60e>t3-?C$DH}j<n
z`e><T+!fF$NlhZIO&R$g6k<<&9k%#YTX1t?BZ%1Es9QH_YK#cEikQhhF|5OVz|A!x
z;XoTS*FiS=gR?g>k5DGbh-+}eWefso>Fb;KY1xg%@R6-J_{`&~IlP~4NxW7^p?XjN
zs_EaS*I4Vt=^M%|AtQS|-%mrjGYw^86tf_1!*Ll{XjkWQ=p!1-%&T$jJ#eWRTmhTX
zXcP))*+hR;T7=HkRu&$tS-CN{{ppa^+^x|v88aSUF-Fl`oY|NH<1%WjjQifre77Aj
zBxL8Z`<zOnL%^;&c8jd;E`%oc*B(c8*JQC){K&4~jP`ca6A}v@6t3k)4{d5S(02E}
z2}mqRJ8W{9^X}@zXkm)c)av$@q1#>z=|RHJUa(2%%@^gnG0NiM`{KN!{8lRK5d5t%
zUG5~?OviDApwYabt3=?b6)l?HmAe9SMf`3#K6yKd?V%INna1lc9eh4D_upRaPL@?+
zEP&o$EgI5hQbUiFZJC%VOpO^zD^iyUOq@>7Qz8X<l*EmM)AJ203V@nE$ZUDY&Oz2`
z3%aM)CW~t8S8Y{fwX?c4>1DLL7aSuoJY;XG+4H(PIlpb`UW{n;dEZmZ5!St!+C3u^
zBK?uy)x#0p&FOt*y2g_QvOc|#bltm+SkKb)>TN4~XYJQao%sv}c)|PSaRH=DBmPZ`
z7^Up|?F@v<+}XxebDf1b+lw~5F2-_3^0F13Ypz=(HV(xVHN1RU%eIpug5|T&hurKA
zgBwtA_*%aEctN+(^O9B!*`W1h4#=LZKjAB9sPJr|C5C$!*t@#_-fj@8&$GGhRRIAk
zvQc3khUZut>incM(qXkG^lH>Tq9wcPObJzuU5$ZF<<Iv}_M33b3sf1lwpfQpGoWtY
zLv3#lH)Qz*$s4rPk0Hx5qcaC+2Ii&dt5zhoVQu<qRK0Txhb#~K<Co6&LWkG3xFWY=
zecCoQcc!MH{=NH;D)XK=&<w2gf*)1-cR57PV+{JNag~zw%~&k;%~!5vZTJkf<?VK`
z%wP=e_S!=?pE0_jI}4Q4q*VS&0Pm)7tQ&cOFRv&0Wf{j)XU*~F%uTvFFqQFY8~St2
zwA9<JP**bLhE;?LN=u>h?IXzkzE*`0#<jsaEnU68YO|1bOG^pD+(op4qcSQ`omn7Q
zWti4KW*A}6KUNik>o4KT^N9wXu7=Ym%#xcYJuGZ}Z}+psm=&2ugHhJr@-1~@bFQX&
zJ&2%?5WbP&9byaacCbb<L!gEF^&RQ4wb&jD7ljd_{la0R_4)bOmO}sD;kiY~etp(%
z+wi88#l0<~E+Tzi*J*+g$7zdJCD!sbmbKC4H`MWDCcHv|&`Ezmp`W9__r$geGY<OK
zCg%26hnb4B%(pytirj7Z6#_eACM2aM_n?h~i)}kl@cZ)eFqvr1cs3JWLu}iPNZIH<
z3#L&6|K2I5>RmCrgdD%DHLl3Mey8GJ_>iVd+DLEP=Iq(`;&4zDra{>rkht=i9wD19
z*EvWfjhZI0mSXKy=-A~#7sf?FYH_2s^q_K&+X*sk{?41<1maVl>FPNqr#rFk)ZOyH
zc8QDpy-p&?t`a1e3D#~<vTJ@-KZ6mYz1F$dN%wpkO)!o$a%#bB%w$A)GG}FCP$1Wt
z|MQM$i*3lWTG5t?L1DMnCZ~9eXuS%aX4J&OhB1htbrsY$gny*xpf7PdZOeC7QfKe+
z%DO+re!O1!_7w{}N0r#HJsgXhTl2s#BVuC*V;A!#gc5^Ba8tKDXKw_JUVFp0yB)6+
z+=#qMzO7|ht&!ue<fN7EKjma!?IN3%7tyj-RaQkGHb13Q0*V;9{;`pyhA@d6m$_*j
zszbQpp1(&kijh#ZuTo9M@6^h?t}N^NHavGrDe)Umh)1qioeBh7dsbF(VRTvI;M;?7
z?O9tOAlJcPuKO!sW4D8RA-km-56}UGN5DUCmkI=q+^(RRy)xDZHH@Cl%37P}varwF
zH4cfZY3iC^>s9*fk004T^#M}|NhXNTX*diXh+X2NYH(Oo->+E`57r{j{)NJ@q1Q%+
z)b~bNOQRD<SPGp76yJ21rRY#6@FkSJWA=D+J+WNov&A+;ICFPXdK>0vqt11!)OcCb
zJ*zvK2D2-s;gsDSue%!GB)ad@4fR0<YO2dMNZgaQAYk2^VIR3W;J_#bj4f_8^fs{N
z<b;3}!1Qv*=l6tJRTb;U67Xi1Gcx1eY$Sj7{<vrL=inO!wrmhe0%@Y_=H8ob{Z&Sp
zAUFys-4nfSbBn{%x-K?O`}v@Qsp%(RjC3wu9ztqIHp<y6$v$$^{tMPzBWrqF=#B}D
zS?g8pDmzZ$ks<{ZRSY)`nG(=&_z6SdAQ(hFjz{Z0@D3XbD=inQTY2FcAf~<jWxejR
zOgf)k<&LA>GnK)O^xnLbMAUZn!9Ne%vxVQce@iJ8b+1U7U8b9F!gxpr8b~CS-OGx1
zFP`P99+=I&N3-)dZxgu2n;C4|0kd~*v<;FZ<UJH7(fcvw9yDVS<bo@UOqYQAgdZ>1
z_SKJxr@5mBy-Hf~>GK;?J4|~E?U($y{MWK3+s5aN<F%NXraD9bYcXQKNCRj3?;m84
z`wzZl{B9cDyOHii6Ub@&IF#Wodaq(MX=W;ikYEyY)Q4;LHl_5_l?k5!0|#%@P`B+>
zVvyi&Den!c`sLUwE!NMWKAE#z?gUNC>+9>yH)m&4x<FpIvXblbOf|Dbj~qVpG?fZ4
z3S^g(IW#Ry*smefTwZr}t_%y4eM3VQYL4lQYZuKJS&2b3W8pWSwZ<^)MvyU|HRYtK
zw6ihC`*bNGYrKi3HVnh};Yz5Kte{g*6U~7(_YS{PthiR9R^E%x+g*d@e&q){)|(0f
zWBUp3!s=(TIiXmZ5g1LD-xd4AXrga#R}Yz%7$tV_H-RVS^{lB~RvT~B5*jM<c4QfF
z6AEr*5nCU`Geq=m8xSfed4Np7Gl?AyeQtAO(jH5*YfDOQ{-e8CvPC=z&lBC98$8fc
z!@gVaj&*68$*jJUDT~$KRFmD~-0kar8WX2y!(Sf?WC9AR0BLAyFSTc=h&ye&MlQ&F
z?(KC7(PYZY?N%zUkg8WO4NO<X_8F&&PSErJq+p6T@8bJGj>GT4XWBM#(!32$2|i+J
zRc>*v?<pyoN$a%e^^$CwYJ|lF*eZ`t>{7!+ifTJwhlkj{x^|ahRvwnuih@ttrCMD}
zgVm4ZX>ZjhslI<EUh{nGR+{Gc((hzjNyt>`_4lOp$&TV5@A^XwE2yBTKO}LzKggr`
ziM)td_ZQ5QAE4St$CM~d)drQ{KXh79Kso2&gbfkjJ2AzEgzTBTzxS2wXNoNf^yS{A
zG*K&Bt<c%#5AH(=KY|psKhWa7)01P62>T(cpq&DbbF4${DwgsaAv%#`(<d=Mf}FHY
zO*>q*j!b1=VUNu)q=%1n*vK87D{+Rhr?=+#Sk%ep`<xQ7IwnC~R6XytPcTwkN{|cM
z!4^q=j{8baKIZkUwmw=jFHIVWNVytE&#n|$wb~lWn;8mAe?L8qvDneZx(;k_^Vv*=
zjyK(;__~R7?CkO&25{s}q%_HV=n*sk-sesD0x$ESzi0Xyh;)RA-UnXT)G@}`rfk5M
zT*c*Bw4*%u`x?WiaQz;$(%wuH&(9Of&$~a1y>M5~85c&8{ZUGh4LrI{JX%zd6arlT
zuGC+^Z#pHCZ0Sm{X$AaXrGbyr3!gd$U2ls;LsS*b9^=(D|F2*~c)tC8=SZI{kjfqJ
z^V#M83!fB}yS3okc)Xt7&G|0(kMdICgIjs^IAGY40o+QT2c!qrGlBUN_WaeG0$^J4
z&nAZ(>SF2|{t|%qF(4Pi5B-Lb{DeDcuhf6wptHxIH3P;Hk$PJ%PttYXWPci2B3AFN
zXIC14!f|mZ-VFh!j*3Itug1x<>*FsK03-mnLy%N%_Nt@;Q^z2UTWBQ}(cL4Y)%26T
zA`vt$S4G)<Kr{7;nxdBaB<E-zYnRg6@+a=kvMq2QB_x+2bK*NNbyQ*0DS;D*1xr{$
z29#p$Cel%X84JOvbOd-4K$=6qHz`s;<EIrf5QH{}aSS(X!2sGIFa?`E0sF6>*a5?e
ze=wOK$faPo!Wa19b-hlbC;V{rkL-vE?TL?RWbn%>sR%aKd_!{e==|X#|8o-qgI@+o
zwuAtXCuD?A9pkL49ipr4*<}bof0!&NGXX$oo>M|k0&f+;#+rd{$S0Bf)dZ$?y4tKj
zg#yKKBnzNBji5`%6-vB|`re*92KK(SF#*$QzVg0*&O6Chqw<|b<x6QTpTm!<IO-F8
z>cq`cl=t^8m=s(z@g3v+rk5X1@JJO6s6)6yO93R*KP6${@WVhDll4!S%nFblm^vmq
z&pkBY3pn)+q@z>UKjMT>9aZ||FBae{$rfgH0xo>&7+n3@VEx*cT~mP7F}OEGInj`T
z1xG$`e^CHmNw&zF*G_%Fr;dCm=sbn1MF}!YElLoM)WY~Ws_FG(^3vtw9P-K2>&f16
ziU2-cLbktjve7ml8m*b98KQ)W&ePM{HG2R|9iJGv1o>Z0ijjdPH1_;kbG|45E+G*1
zVf#}IlG6!#d0gS10>YjGmw>H;j<;f!hfkeswU3S@@l*!@2k!(NO*O?@IbiC<$$<<~
z8Y7^5v#5Y}9m*|G-7d7i)KPVR{Nj=B*>w}9x5y`YtE~LE7@G<h9%1}`+Xav<U$=Vl
zAP<uAI?!oxL;SFJQICsTV(#v7p9zDp7-$4XET&GWJJlR)k0r!3l0fQgG`_%4b>Gv5
zJ;yBph|rOq(0!h`|3VTNS6~Aj=eVc;uS{U7+_Exp70`kcskC|z$ip#1#%q29d%+Y3
z`<y6AoXQ*BXF%QnlPg$ShQHiTWqDU#Z}&u&eHX7vJO##G;r|m8H8s3mcST^uaX7kw
z2W4Pvi&sK+8u4FD&_!{S-z+wg15AP*_qKr`)Kjsghl#BpZ=evy>h^@Fh+F+Jv%_yJ
zitbnKb+za3pYY%t1Su^C7|+sY3ms7f%#gYN>7PviHvPo}mfC<+B7oaJ$&R@VmDh!y
zz~sFFzyyrDlvF)Vk^FySqNYZo<k17{dknTd5XVnoY|9BmdrXhNn!v%{fP=k%4E9{m
zt@)GAW(>dvFYDz<A>-r-?i@7WJ=pb4F2fu!bIPO)7?VtZamB53Wcy#3z%Ms8^<kGA
z?#GuKi=yuquO5p8CqN)GU@W1c4{+-E>hS-KiGg8@h$7UgEUJowx;`};EzHpP3bt}%
z&l@B`Em8&iKP!+ZXX?gDk(eBoOmrTN0Ohyd*TSB$NkwE3ifP>bd1vfp7wTsM6v`aT
zEUaTYQn(#5${9OKxE(Fr4*S@S>CoR<J8HNcH{1^A*iP`!AL<!@v~W8yxE=1Xoy?)X
zvv%}wJ5{(H-m#t5p}*^A{4v1op2O{K9^088`a5gK1h;d9+u<MExgYvNJL8W9Zub^$
zM{sNxc<Aq}9UI&(3T{UTx68F8>}zKzkALt)DyE4=?c+1@7v5rK+)4SusZ7DZOF|Q?
zQ^>Qs0VYNfL+#{r)NKY)3<~VQWi+`u!4>zr63V<DSW9W8_9u+fM^UM;i1~@L6H>SI
zpizQ)%Df2CX>%|SGGqXs8ehqIsF}M=y{+(CL+=t$o+Mx8JA4Aztw<Q~NgRg%qU2i{
z>a!+1v{1b+sW(k*oJhWRC*c!M@Ws?`1Dgak`Exwg)j%$sM7<);`hvRFAUejgPQa?e
zs|PuBvrgc8sQ&7mwoTl=LWXjq)00`rYJ4QO^Gp@6iuRg}suC*{s1K);WKsymJ%(}!
zhl^TFll+D3P}E_#vR3b!LWyur!yT<CV^y=(hi#<%{T&K?BV~fVD28&@<BjeG7omX#
zBZl0_H>6;ZYCgv9bE5=?C+Mv^3mexWdgI-(^L&kW=g<l`&sK=#mS<`dN0@GbRNMV=
z)bg7!0E10JJX7(k84p9oYv{d$(s$<+=Um`@SXOtq6tI&s36#GVUpop)#h+5c|8&zb
z;am~yToG8-0MCb6L!B@Vd2NDqdOVfy#bV!zufc%^b~yr?G1QXL>ug}G@W6<|V1el$
z2gXT_0-$$70I)9+4lJuQ=2C}QO)qPp9Ba6IHeqlaH|vgY1QHfS2_S!h6TmWfya{DT
z@g|I4h<6KE3j{j=%Ns1%VTD_LQK@Hr6s5m6!Gdv_=7`HKepw<<0KaFF?m%{!bhqQA
z4~sSrUp=Lt%eWU(#&ya?-|Og<FmYO>%l$1@{`>w(%~;6}=^Zl5-}8uB#RPPv1ZUC6
zLWQG|OMi?;=AEg`OJ~s_^Mupa?eZ~wMN@}F&!PdQIIOv#`$shgdHa6%+G+N->fA2F
z(b&R*qcNzUK^9_7c7{_4WkL7nE{VI03toa3wu|39#S_5o88Cpg@Cp!xgJCPH2KcZ#
z<D)Bq4Ian0gy2J|2G9ul4){HbhUg(0WXEW1U=ad-&v0Y+8XOJ46TITn%LMOC2>uHi
z2LFmiz`vq#_9WwfhX(9${}BySSu3|k4M2iUlnI6;oEpH+N7VRdFuDb%03YpVe2BX=
zm&3Ax;vzg3eS*f!zo9YtuV}>mD;hRu^7^-ESpO>;XHVk$w`c%|`)6wK{3|v72@L5i
z#kvhF<g-2&Gky!|k&hjy<o^b;V{}q1UjGJ&yyd?Eg8Hw3d_9xezXgQ$Uu)&uVZgqB
zt(6bJx&B!>aQ~GZXTU%bZ~5Jo{JRVB5UW|X=CZEj$u7jBEe7s?V*`W-csVS1Mv7cD
z+H$qytit+TF2<G6h_4%naOH}?QXzY<L3XTML}Kb!94=FdK(2p0yqaivJAX|AeC@c*
zZcsA5@_!lXk8mW=EpP8$l3==Y_U&%>rWa&KiDVn^f{jjM>tf^X!T?-Q2pnyWKPwry
zeylaHu*$0^hXQ-p;nyF8R`AhLGczN9K}g&#i9RDH5C*$sh`_>!kB)>2wiu;q^783o
z_~^{yxG$12zYiBnN6ObzE&JhcABjV;=W9bi1%a2N2LD*&QXaP_#Zh;Ip+d9lnQCZx
zNfb^{wsCC7dKBWb=kip+jbc8!AZDas@>GfY5^|(XFwk&d_9v+P&1%5>IAecZynP=)
z&XeK@6_l#+%Yo+(cK7&T04kARV54)W0Olu<{_hvt650W%@SH(K^$O6zfR_$<A2qC_
zT8=pbDGV+$7;=_ywS|GwcM%k6&mFHbsI*<c6lQ;l%3oFk=Kru5Ml>LtL#{-AF}aA!
z^f^?3(K$$A=Ep?)-!GPq2x0huy*;M4$`*CZhIL0mDb1wD7M-IG67cD=dl>;E5)Sv_
zr7b`gBpgS8?NMJ2Tg?9-2G$%_0sT@ZyrT|e<qL*S!LIdU9XVsTpS_?y`Y3@Uj?>6M
zA_kv=bz<o%QfXo&_OQcNUF@0atFMDj37-PeCrty=a81|_RbV|WS6>RCTzx4H%QbfU
zPrOZ2C;n+Y*6~1q^>Hc8@bptB1W>o{+&ugCC=*?v7R%9cN8T82AJyY)Ga$Gb%*shj
z|D&22?|(iXr+8Y-(s5yPp<(n#toNNs@wFiqIqI7CfFlQ{z&vpK!HdEdA9#EE(V4f~
z<0RYTj;KW~*bE<?qShX5(-e(!#OgXx_~>lhHcUJ=N1sAsw`t*{6OoGHHfpCbk~x&-
zk2tcAquIw=eNR}eI}Thd0xyTGhHZ^vBy;xAtvo>VKy2`Y0nVx8c+Q@h-AEW~<+xgb
z(9Su3F&@W*bM9Ohokv?vKRRUmy%qUsDQ=rP=K=?E4&Ve=*Z;cj*X%UM*$QGa`WB6I
z4pG=K4@E|XpTw~JJv+^Rq#3Qv#|xOu-0!LbG6GlT@s!qR>kGN26RA6Hr8s2gox=_+
zbuOD1of|cur2_lZnPkH7z8Xs19*qP4Z17+At#B@vbQg#MJLX|7c~?x|^RNTP#}vk<
z4(vgOy&U#%7$#O1FoBgvtM6fX0QqRRkdJ4$SjUZ2+V#A1*n!z6T7Cb)IpJ{uJcD5p
za3+~ByomwL0nP%~od34(R)EsSdPHmU>;h3>$2=_S*}66P=~f`|C;X4%2Kp%Qa@a?G
z0Zf3rp5rJ?%z&f7dKs*6c`oKd;ZfC5JAoC~Ip;7{0M`D4^XZcUfZ=U(CYdn2ZOCC<
z3xR#u`LFwC2Y7HMmluT+IOegKF+Ywj{C$T1e-$(23z%FGvzr(5@!*`8opTO5@bz;A
zaM8KiIWc4SXEFQl`t~}P%dZ!R0z2lBm{k!QwuheKKhQ4E^-Nluhzpop5Hq!lVn%gd
z%+5N86&J%fF}vv8=v-eboII1vzY(+ls_*j+7if{^x*qJ9$6{vup6Biv{{L0X)c!@x
z>M!I&`Mj8&bq*`8!tt{O@E7NJ#{~cvGru#*{2MX*ulmkDCuYhQh++gB^H|L0<)^d%
zS<KolU~)msI4|boyqKMH4imGOa|LkG`OlLAfQgyOnPmQrnEhY*o>$PqzOt|S%!d#;
zqoSdfKcY#utA55d|De#7K>V4HS|EC19WdLk8``Oh&EKleLpohwTe;z!r83wH{9(1A
zIai*!dFlLa;qJx;_~n#CUgYj*?J${<je}ibb^lO~xwaX2G_PbZwzAX+!-G#NAJR^I
z5WcpdEjW_fQBvcsda!H?-NM+K_wgCFONe(XtLYyaHT8gw^_%yrc+|MNZPXS*3Gy5o
zA&!-h6`}oQg$>~ETod=V?RV3K_7o3hwwSN%?ANa($zRR;_BGOS*{GvVzXp?RQ~`r;
zR0urR3I^S4^sw1m*Bm-1jhaN99Fy7K)o#u5*c~9Gq`GnYApWDAhf!eLOt(XB!&Pk$
zEsxLJ1C1b!-}-qTk&Rm6qy61P-@3QV56EylXWVyoI#qi61R?8d(|39IOI_C?oeKNb
zZZ5kJ-Br_}_+BoupIcdr&m8WkA1qGHZLax+c2>Ji3uZ4R2<&|Ke)=6`d3|>KCInx|
zt@lQ%cA2NCD^i}|$cWbH&`53`XwE*Ac}Paki9B|(pLu>ac0M+*Ds9Tb@sYOUeeJDm
z@zAC9l^VUBDVOrS$6Kozu{)9P+;*6q?=X5Ssno3|ddPe9D$FQt3}^jvh}qlPi<AHD
zySc^P0rJ~7m4}WbG8#MouIVtk{?u(|&3X$lYrnmbDPh#0=IeNv$L!VCzDkUUMKIE{
z$fX&~UCQr~+E7H6xn+NkY4J@Zo9Fgqg}|T8&SeinzlwT{H1n9ahIKsUX?!<2we~Yn
zKk-uk(#~bEgQ@u?zooqt{DWSm0+7bAEVzF^XJ#D=zlY|ax&m4zIMUHFuYE7w1XRN#
zGSOM8>>-pkG}y+p2XZUqn+4H72?u+$JWC9h6@BMOxhn}a-+H!XXM|xC85`s<IC1AA
zhr7a4uw?o$$<M7=4Cl33bB{!fQAf9}v58H+($~F%cH1AzYet8HYRW6Bhh3eWDl2y9
z$JT+nJW9DR20N~+?{C-Y-oiN8^ojHk0}VoDu{I0&1-^7_Ep~E|0yme`f`2k8Z&_H_
zW6asRRl7*}&s5_7g0>Ah)Fze!_e=;aj<}4PmJGJ-j#(`I%*xt;?pstEb!<E<yy4+w
z#lPG!zu1UjR4I_VRN_OlH`edd2HkYGD;zd+EZ)stS!)ye>9e<O?vUYOYL8#pOJ;80
zv60$7_kn+pL#HMKc8e4#?>n-CtLJakQcE}cX>l0=K@0=oKi#Uu2D{}rN5#x0<sRn#
zT{JG6(Oa+YS814bP|9=<O%2RaO7E(DEs#d~j(0}}GGFP8IH;mq8NaKi`a`gCcOiu{
z#<bk=MPGpUQciA+{ajw!kSnTJiE3d?3BGIXEyu#i4<E6mKBEr2)3HsCpQHbBjp~7P
zOGBdcdZD(r$};k<_fOL~p-dVAtrZz%!`k15gT0)1OMThngBfHH=qn%V;t0qCmRQq2
zegbSeMTl2fko@^$8Jc4_&6<d0^QU@hP=$tR1|H^ZR~ro4FO4Wn3E1p^2<Y(72vUs5
z*7H`x#AV7eZO=pvW-(ZeM6BOu`m{P!vovPGNfA84Zq^^C;_?1^c>*MQiSbvceYorI
zLB3}ucW&kXR?70I&QT-2GwSjzr;1T}Or%dj>nUaad_goMSW0?yU5U!@zAY-3Vpsp8
z<s6zG>zB%0Dt=G$bp?_l-hF_|qdIDOrNjvos8CDn2%=Da$uN4LtC=TTE<s=UbBtSP
zj5|Fvr_8dxif0V+B|<9yqYf!;fn!FqvT<{Dx=$W@8JX;t;izfHg7<hf+oK7~2k-Fa
z->A4MvEgG0#akXo#424Ku-_SpuNVBD#rUXP{*ryND^KZ52Maaj)>my+45P&Nw~Qk6
zbOy|Kn4=I<dH&#FK!}m{wr@9w5oo&aVUEA0jAZiE3sc}m^$g=y#KdZr|By>5V~yYA
z%J6Q!T!y?ck_&^WI&dfBYyY=NTw9mV^ivfsV0CKL5wV}&{k{6W_KwEuc<SV_Ja#AO
z8Je3VT<B*~3leejiYM=DT@&gfVoFu{D)WkjE$Qpa+0@r+H07mUba_7qI9aZ&lTS$o
zIa6oFCrTzxyh8$Y{or8gSm$gHAi>dF{H_u9J-6i@Nkc<>4;~Fqvu)o8g4mgijoRpq
zL6pfaLdA|)R(8AY3=ThuJ54#B-@AoRESxOC`sA|`3Tt4nLS@KL^Lx4bXiq~w)ZKig
zkZ#*pDF2%1!!@?cSf<zR*c;WC$WwB#iWv}vH{_~1H0nXOK8Dp!<Jc~{bCkN1e7)KC
z^QL+TWo84de`|y++q)q7sQS@m@pjy>u&rHIru|gWN4OYw{DR)n3UB}U?O*J;YPCY?
zl<jv(Cb%$UZRHQ27m8o@bB0b79!dVk2w!a8Yi$bK`_8JOA6R%TNC!yG1bh2#V7PoH
zB#xVk+_eh0cAv7mnWuG)gD>Eqx-MgFFJYWtaJGTleN6O`gmZ{i7>@8O-iN~mm#BU{
z+O3O284j^x&=d0-F(@JYevP(|^$qn*#t11U`%<jqxCLUmOIWgnU^`Cy-G<H|ai)1U
z11x2&Nx}73t)8>S*fDiA8V`M^NTorV_1(#SFfkZg2f@H<Wc6#;6CgBldyPyr+#>;%
z>#8&Z3DrC(^VQ|-820!%BVo_bXCV}J!{zJ9m}oqX$45P-dpRnfsgjcXd$wNlILx{<
zaY4}4*IUOFK7n&M<Mg8CZnkbv%~-S8U;SY|VI}|VDzVb&pn|rWK8m`8%}pZoj>3zN
zL{JX?qxc69DOwf;gd2zVliJuinHt)_ABOPsX;2nSnci-ZUc+Qk!p<O~n+q98p;%O&
zyNe>D*Q<ltevhXH1hQ<Qewb@8Ymc+Y<jB9~#!jl8-!I>8e_0?8OK;#FwYcEVzJN3#
zqQ@ZB6z<lVAGlN+1*vMpZ0@l+0sL)p1XIFv)Nc%9a<P24J84o3a60rNOs-dm|5D|$
zYl{kq;K=a55|}IDIK}dKz(lM8!a?bnpsU0ez}lZ-Eg8W;n;hN1O;WdED8K(ui2%3M
z%S88X14^4gMzW4MB70D>S&wF57~X^7@zI3^c6Iqw=*ot15srPa5$*&JRVNRE#fRCE
z`>tBQ%G&%lKbB!mWZIY0y7zJXs0Z=vlDp%peaR<4b!V&Let@|hI1`n?UZgQUu&0_`
z%P>Qsid2v#H-ctZLQN@cE%9ydOYShKXzbN42gW`-f$l<|eJJ)+8P*QX%m(Z2-XElY
zGIiJ_9yZ8Dv~It95}M{yFb*+{wDwR|D<e{U2z9+dN>7aPqgU|?_0zUSh?M(B1;g}Y
zmqMj555*ZeN^ajDH%0V^?ZEGz#mG+QyA)O9x*^E18!;vnCU9Yrbzm%r$}f{58)%|a
z9xR)4rmMX!$kbPJR^uSVDl!ljs?92{(%}f_e$RT#KkJ&$-I&*zGvUTAbJlHKKl{~l
z`){^YxfIl?u;SWDCb26S7}n29-Owt&<MGii^9HxN#xgk*=IxGe<B2Wwq4!EFHI0p<
zA)KKobZ^+KnsWS?@za{6tn|OAzsf4QrK+ruMPLxy6Hal1jG?9;1?OYfxJq-vJ$`%N
zssopYgph<}s*&d1#Z?XqqI+Z?>H49<%k;h>8h;XlxCy<}5=uT2?tks9i=)7n>(i2N
zSQZ{y)95VrC}44W@KhPuq;i3CbSvFa62XTgztFi2+}<|dgX<%Zw!MtTFY<}?Z9fT`
z-i<Yx(&=IIHW!j8hsyZ-d+m*3CE)zucyji<h_Ch?1|sYldvUKieEd~F;B=p$r2+K(
z@d`v#jh{!1e=Q)`A><~B&(Q1v<w%&6pm?Ew^xnuT;fc=1B^=RyJBZBc@bo7(<lW(c
z$b7VsdAgNmIZ$JYX;Twz3Hhy9dY7m4N*UCf;f)Y3D^;;ucfaji!Fdzr?6$2u(WmLh
z<`q^m_t>0%M>HH{l{hD&Q|Qj4^3#?k<@w;RtJn#m--?}Ip$&PVas?=}tCjC4mL$+-
zBbC<RQ6aXAWH{W&B6-4o?NTEd+Fr8RuIKCl1}#7J&qPK@r~10JsL*hE7~j=&ijCyP
zvCjS#{h-2tMUt!`otfp=i}w13{p;wY_ForLDxGGs%gB|4RJr!!qy<T!OFZ=MYsCWB
zXD%-aMJ~$_CmWXCUP!|Z+<-tFaL1%gm5M?BG#@`GyFp{Qe=v<a3U%dCwR$haXuk8k
zlR&t2oPu-2ucwmk<+YwC!uKg(liw6W>UrW!{!?_l#RvLCI5^ouW3pCVFgtBM(C_2w
zbv;D&Dzd9DTOQ~P=3akO>gY80vH>?BdESrg3;B1sKQC1;Ep~k`rMxdW5cmB?e)!Yw
zE4JlSA`c>;-eG=pAI)0^69EN54}~OO{!0KhB?3c;@yiG^fBP$hUc*%)xR;Z}DCvT$
zbFU*e<7p>Ve~~d5e1P!wHD;3TV3L^aubWt64>1u%N}Olf9oZ8Jr}&L}4v1KG@Xuej
zm5R>$eF3EKCh&Nj>%dQKYeQ2TW+vEce5j=PC04ZidDw>9QW<rZShIiSKYV+=4EQyC
zbX|yk-TLOcUth?dV@Vz)BrxV-a3t9i+YF|eHn7xb^ec1bAQYI;=_FWvP^IUTyw8}-
z5&UE07be5>8r65kTJxW!QZ{?y>!=~~6*fhN4yd>rh}*ffF%%LH)%&epvP&Mc4RxUQ
z#Kh-iFYKjrE`MxY+aM4AASz<XupW{s<!}E!PcUH^l)9FtuUF(a`sZNn$0uBYotk)-
zG~cd15fo~R{GAKW5yDrzYMlx^M~DUq0Rgy1g*^@j_ACKC3kwsN`o9acFd1aQY^d?0
zx#U*NyHa9*<Fjs&>5TxhY$_);gLz_-PBM!4`JzPkP!c0_@6Re-HZ)K$I7B(#ZntZ|
z&H6|4c3Mj`rE$aypjpK1N)En6DIef%qZ2EYG}F{ab|^9CB#<cF*`v2h;!ft&(wpeN
zze^TjL2Nljh46wii9@v3ulH9!bEKm37mVE7MnTxn%_tpl_3ZIyuYT;*;D3-x=+yT`
zoux8@Y9UH;-0Imzy<=n(;rOD`Wq!H$*7#hqwQ@!r<D0rG#JU^QdzeISlW9v7K8&|?
zE90uQ4G_1jnJTr+<bzw)?AZ?-ftxD8l*o1I^NzueJA5&bg&6Wb|L|{kL+&|=Y@;Pl
zC#e@`%VU-C$t<_^mpmw(uS79V#o=?7ZRBLFb}PlstQMBFiow+K*JVS^_LVjFy*>6*
zFG&W4C|7+sY`$M8*XW^wKFuX#4)Sryge;2P*`xrFEAP8TNidR3|2DdQ^>5Edx4+c2
z`}=o4!e4r({j9I0-?^j=QYAsNJ}%|mjHpttjTb@j**v`B#%lVGc{z7E&;F-zjPuOR
z(z0eM0uuQSVD7EMgdURjY+B(&t`C()eZ_+LI1k$zLDX#a!>26sp_|N@wtHXeUbnuV
zTfAE#m+WtznzbzbeV0@!l*YI|p5)Uav2W)e&nNwCm3#={jJHHQ?YLXHiZ>pw5W6AC
zgjXA5j<ZyGj<Op>EJS~ZBHkA+vKtQH&Yx=e{YCrBatSE?W=I<Cdy8NNl$4Q%%Pm;Q
z>}q~h5@{V-VyN4t@~$j?9UONOIJ!O-PCq=DYIRQ-9apZYvvbsFu?u-wyVN3h{;X+Z
zM5<%}d3At`7ud6$o<6iNw>31k)mC(}G_=u#5x8ElMW&Vob1(dRAHDsoCz7#qvPSY%
z_b-&O4Sw3I=8}*tQ*3n<MfFT_D_^{&g;vML)zuA5#KLy9An)gI$6q~Bz4x1=8S|@6
z8hX=<@zEkB`N*6RFZI@$txU9pFA6dOKB|m;a`W+N3mFq;9AEM8c#4Dw1b)%V!sLBy
zA|b7z;-c-Q&?JOM>3~jPDpf~_^yp)|1X>yyUf?@s7qKSAU^CkfMvDX=d9#AiZ^~&+
zb5F4K6w@W6PPJS4*G1h|`GpW%XiXWf8A46U7BE`bbmdBnzaQFgDrSg+q-Es@YXpcd
zNb0h0Yxu(i%4nBWlw{c|ues83{;{p#f!jEWwQO#!+BSkKqs9g+iH}EwpC3TJZDrXG
zY=<Fo@-t)s+(EpAi}ar#g9d;K|MwF1sIk916z$^biw`9`T#JD45;6bm>f=Y0U0i<g
z(Ojp?XMyei=0RN-9b9}c%83Kd>}w~|_Ls+`T=a7BGyAC*6~Vvt0{;Ym(aXh)>Ju-B
zd%|!pr<d3lmtJf>r%N%!&b6Y83onZK>B4Pb;RR{GxcH)QoGxyXfG_?JGIG(+#iBg*
dQ!M$nB`PP03_Onw0Ra{G{~Ay&WNFyw{{Sk3459!4

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/azurespringapps_checklist.ko.xlsx b/spreadsheet/macrofree/azurespringapps_checklist.ko.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..0fc3f011e15eec3b97717fdb510d3a02bc196572
GIT binary patch
literal 20393
zcmdUXby$??7dEMs(g>0Y0wPEYD4`%B9g-5#BGN4-2qGcfDJ`OcfP|z{5(82qAT@M%
z4b1SpGceTp+x_diuJ7AjXZK;wbIyJ4bD#4(<2tXR3_1o03JMAq%1=TobqTF+c;3M3
zGw_Q5_+?~esAy|tZO5)}ZGF?(;+b5q9PW1xg8Tc@GlQ0@%XFM{-RUDuu2OurLXE^6
zefQi{zJ&}34sis1C2iKIqj%zcRhR8S*d&Qkj4M$q)|EpcdF`^92F=|zmq6k^(>jKH
z%0~3Zq_W&?347G@Uv5uPRq%qZ&*YZ)#wOawJmqBGjxk>g_U)~pEw<Xx$E=QkU@D%%
zYlI#<f`bYGMMFU$Jc-xP%GMYT*f&g1rj~=GzFK<5H9kwz&*u|9i|}jAZ{FZXQj5g~
zYkmx!3j+x~pB~wa7`6#)IVqGz<;#+v&ui1LPDM|ldYC6f>=>~qmXBx1zWKJa-9S{*
z&O8x(MR@SyqnlOR7p=pl%s<dsH=#E&(G_rWCWR`uO6@K{2<b3i(U44!a5iC88KLt}
zSX~TiOBCF;l)q3LdcnT6UIN3DhuzB1rQ3|Qlq~dD6p1YV$hT5RpR-i_Z?yy*y_udO
zm^w;a-8EJ!wr8D%Yx1--1KCA4SH0gRzD;}96yFj4aZy;|L;W7+yP)~vLC^aESoboX
zt$Bx$rmqJ$pX*kw&~A5s!Z->m-D}fx?T&8z<cV^cxNnyTs>08qpfu2-pb!JZIX`2!
ze`0K5eDKN%r*1(LWHoS$q#FPCKHc=9bn!J$3<sP?#k)~F_r@Hj!=lXsIj>!2h^k}8
z!CNqkK}G+nAA?%Hz=3xoAMJ)?A1(3Q`d?5&*YN852~Q(#vE639_&B0_NeH$*G&UCK
zywU$a>J5D>roK`wtL|qxbV*^#&?ns-OB-K(<IS-A(@@h`zhAHm@O81+U2Ff8#zrwh
zKuJgI&(_U>ex2!2^ffnf2{2B=2v+h13j8pio3xtf!NK>eq&|jQsDB^``@wUS#Jj(8
zG<5s-^feaHg74}@-#n=Rqnhl!8U@o<>5SjsN@Mq4=PWbx1ru1ra<spo-dgtOxe(yv
zbN)h?yhzp;_Z}@Ar8xS8u(_<1vOn67Ic{d!x^?T}+zy_57%v0OjDyK(XZPpWv&gt#
zN7)hnQ1q@tlg*`#DghM~e|d1>X}R{pWeVuT1-C9a7>S#UuhXsN!A~Ux`saAezfwAv
zs9Jqdg)ZXg_0^~^m<;5wY?F{E620O3S^Vg_YhcgKD`FB>PevVjXVhfuwsDM&)65xZ
zn<_MLJFblBpk%a(hu?pdD8Edw^J0zQn!9`uH5U%uG9$AA+N*`|!7nY#NqYijH#V62
zzcbSdQLffED1L7w5N0Co<FN8l<3@Mc0oTurO=X98iny<iudn2-mGMnjzI_rI<qGZM
z+uvKxT-mY`sq%n)q+u`ER<Cy3m<<sb&d_Bks&d_&-6@P2_JsDfEATEeN<vvHBt=<+
z?ri@qZ4uRYYl8M?YARwH^EEROGfKv}-(g;872M(v{mk`ye6|FPaHyA`yS=j(!g6Ny
zKj(Z0i*)3sVNrdlqd-YSSwV|`dYFeTjj4?j;q6Y)!bgEpVg<T!fBDQyk9{YFF|E=G
zgY$X9O`ipQmY7Gq5}@Pc-yZi^%uJ9@0+;aPgXbCS8=`ztSRQe+Sl+p$1M@?CT0yhj
zB`aY8J{Df@<gaA~P~@d+q$#$L`|<?-xySW0Ofc3~kFzv%WQH)Sbs8_9;C7slu<G>C
zE4*~4-J40TSi)tveqC`QFw`_kcvFeuOU!0UgsC|%$N7ptyg@iZi%53x$^+WH7iro~
z!%P~<R*!~X;$`56jz4I1c!b97AR<3Qpr5qLh#xiIKYpK*`lEA(&*sGj66$o+hK9<7
z+ky!kLNkw0jiM+uOcNeSz3IuI)kif}R_=X5CF4U>aNfDjc6(mFm#CdY{0i75ekrIY
zbf)Hdwp^xbH|>p_$YrCh*$4Cf1W6C(JYGcROG89y^HgY(oI<=>NALU?v1_?&AW~@Y
z{I!95%{l=I`B!_~tDkil`s8yoK15NzPjH+#XZ~>r`@#Azu<6Hn8xi@wwQo4df$R>e
z%FWNcBK&soqj@bzBzMW>!&}}@7QEjPQR8)S-6@DJ`(S+2JT647<wNtO8@tg=Jw%gL
zs}w}i_~Vga>M$~4v`yGs+?Qrdq*_(_@fbf76|zSps4^{Ha_?Y<eY^L9kwcC%NuOcz
zz2x^;4%EzuxZFEzm0;_b3nuCHU~ncQ7G2q8zfN<`i@x!RZ`9uBmN?05m{~CtVElPF
z)AzuLQRP7-FT?wZ!Z7CkOZ91=^p$Q@`TIt#;84k*lOFObZwn&yq4Zg&Tj`SZ7#+mj
zvQOshF^=JB$-Q%F(#-ch<DZ8_aU6If%Nn#*kM(-zo~y?c@x1?nKWc8y&G%Dkfub>g
zs`=)-m5vPki=!!wPhJuKWD1w{oo0R-Ta`!&(cx<G!R?c{8vCtNvT(!izJaA8k?050
z!Mo|CB?dW9J-?36Zf2Vbm=88N^Ve0iQfNAi_R0Eh&bWF<TnzMDzsJFU3&Jz$L`dHJ
zk&GDq;_FZu^NU#R7+cK&<}**LNTXV!d&tD?iQew`hs#ZJJNN5$HhrKs{#wN%WBMKT
z&Xq8GalrRixJetTG6-ZqyBOM@&oZZ3)~~Ie*JmYsZD{}Q55?S>oT!cN)wW<<RxGYA
zRoi*B=8Z|$<a2XM=Ek$lMI|=5Ac!Bqj>S7QLzepaiQm|f!$V+U+i2|04sl0;Fp1U&
zwQf(!<r;64>3;iEmgKGCI4=sah{l!cWxI68vcs}OI;4h~3oCH(+2YN;LWS%#nO%Fg
zF|e?9WWTx_nHKBEmmeSUSC+Czud***K#O+Kxb84F@jO@gT};BDcb8=kjzeB2OVJJ8
zFM}4YmLG@QjV?=G|7{j6l--#_$|Bx=gP-(Hs$TA;_wqU2_U}Pjjb_5}1DDmRwsm6p
zCcZ$~Pak3ZX)nKK@S>nZVWFXr9~@y$R<`DLPmGQ2?bs3jLY!ljgI0C}KcbdaO42s6
zl*?7a<o3=pa;xwzTJi<movvCLtPC;pFHj8=mrQGntAOCb?oqyI>lHN-bRp{73zZw8
zD)3(;PTGO3ZNjYZm-rF}`$UBQ3<>Qm&qFP@R?082)7%`k68=D&Y$am3_`Gar$Wvnp
zQax1dy0X0DQCM|baJqIO(D_TVo}0$-AEDiq-C7G6Y~I%O%gis@TOxw4h1J()&34V4
zT<uC`Rz|!0@aJ~*bS*7QQaqi>geWby=RoCK<+T^sJ@#N@kikii$(9K1?)i03cN?vp
z#-%(<;b)69mc>q{TM2Wt$xsr{sR&g!=hji-eb>UBJr2lPU+wOKsjH`5&u05j%Ft|I
zpCxn?H0fwpHlR(NyqGeu;Kvs;HvqG4>6y+Oge6*q@GZ8iJC;KSJeqpdca0%a{Hz5c
zkq-M~Q*ZkJY;M7>&$Lf3HNKQdb{E)&(l>h2TwLu*Er6O;>4-e*-rU?D)Lt0cQh?0Q
zKeelb*_ZFyJ|eZ;o!hjl6zI9(nM|ELY3sUcy**sm-dHXPg|dqX%@@<khYa^V-)eyg
z?uxjVmfeAA?;A2hra#;43EnJZZW)_z5(jr(U2zLzaZe`AWq>qaUNL(!UL?V#NB<y2
za%R@tkCQblIa+E;W}Q^4^uD9kRo9~XI~A|hRFwrQB|Nm~Q}UF?6@-iVg^CH1Mcx#q
zX)8Cc7D??q37c4WCvW~RL<=%5mfo`*uLYt_ylHu#L^n1>H?CvWCC=DP_vW-XPX$l9
zWFE*Pj!ADsKW?;#Lg=}R+Wz-%c<eu?S8lB93B-<yUlw}q%l4#g87I&~+;r?`pWyY7
zsbz5K4Am{J%At>*doYjPoq5=DEOe4&s=Yc<`S)i?<(jQ$b_&E*h$^>#*v+nF|Alj5
z`O;37p8eLC!v3CpwSdYJUyNsYrOR*keS=<+v1DECWHo02&Cx|?c~?ay=E=7Tif!Kr
zDz4_ERZO>wkX*rLil<tn5V;*6gTazI#^mgv^>kyJLm}kH3`dt?UYbF7?pSu`s49om
zkjH1%M9r@mzE;9R!+$F8?9Ple`W04NdMt`SGjwTUq-mqjEPJiX1%_xuSQMo(y?tjJ
zOB7}|GqL(cgF|$E*hd{5Dxfx2qnqj!)B=L{pxc{GVN;_&?D%a<btbIGt;>BKo|aY$
z4be>5mC{XPQF&c@tegZcax!j@siKAq+A}|~DZS!XQY-G6<hH5exx-ostA_pLOBw2<
z@9Cwbxb?FzVQ}*0vNLp}aSl{F0R=VIMlE_;;EVK@?6Z9^Oy++HYERfr7-auWuP3zf
zWAORb%suBscW`S7EyU~|WaM4SbXW247t6&@CEvyLJfW%kTUARo)dSce&w@jOl%3yI
z>Up|(Zh8t^EM{JYPUJ}Lx0|yGeh?C7&GM`4)82ekv|JO&MDwl~ENQ#dy|y5EW7K9b
zr*Y72n_2j$$Vv?)d*&tM(#Gm~UyR6pv$3>`n>SYSNXUMicrO30-M*cwNqtH?L?lC#
zXp1jH{NcoI3UnA>Bv3VSX(=>X>2vj!Irh0R5t;ID5eo4pJvJb&c5rRPC9|S^SJj5h
zqKxMTO_C`+yHm{ajgLr-zv>ApsLhPxsY3;5l6e)>{alTV6KUF*74WyD)|f@4Jwerw
zwNz<$C7Pr?kCh_9oAG4ORD1`)52VyB#nn&+Q?V;sPH#G|3J6cyr?Bcq`R$sxux!%h
zs`aD_n>lD-&FNhK9oaLw4N-X)+(<zkQrO(Gs?kx~4$BE2&sPqMX-t7ix8s{e(#n4p
z$$~AnHC_;*URqDYXClaxZ>Ld6{^EHzP7WvTQ!rC_9^{;#-SB>E*Q)c|iO+YSLJB?p
zW43OKV!pd7g2Lue7fFM=*r%R5PruiuR)G8*X=F;s%pC)}IPhl{Nf(TlIzRuQP^v#P
zJvz}n%qdc#k;X&W96>Ws){HOL6h6QGp62Us5luJNu9^Bs)ken5Mimek{JXLich&lp
z*!k5i3dY7u(=nHNtDR>>%(lJ{&CkLjww<TC)~F%9w2jMG+d?E0$##3IpF>4wY|hir
zHjHiz<VD2jc{;7PYrN|H2D@mi3yUWXyNSx^TD$!eGUNVEHaJP3!ZH(oE1a(lMk3D+
z+bgZSpKHI@yjT*a>QNz95l&WOKe9o%IaaVezMHr<3LFWRd~>_yQ?!;hmrC#l<_6bV
z7W^*FLFG%^1$L8`-3FI@poy+dWjm#={GP76W_GYekHWG$)%|W2gRp|?8h+2;gLzH~
zPJEOzS0^^cr6l}*Ck8`1-mPBp-o&t1-cc=k0CsRmj#PC^ChO_hxvf(v6r$F<Gq8TU
zIyhGu@-Bt-PSsaNYYg2NO-z<w#)(THkif-ENP+QmwRB3d0&BkKJ@Lj8o!`d0F)R9O
z(h)GBtL|>XpC`wZoYubzyD`!_eQ{ggVy6VN+!;z87E{k|e^Z;l^6C9bvD4l%q`z^|
zhE~As6W%}rtkT}6k#f8*UyMd%K*ol4#xq$scQd8d6nbrOV*@nNR}Zm-TH5V{d!U<^
zPFW=buKF9<BF276?y58*#E_7f=|>jkq!#81Rd<tze!U;Idz6lzmplCR<HsfT;jNb=
z6PEii?Fl7~7c49K-Yjv3t>LFwI`K_yLFG#-BOJd5!2h}JT?~Q9J3%*BExu~$C99j2
z-B#$`>Dd`*nOm>WUJzS#PTI0!HOtO@l1-1GM7{*S1~>;dw;&d-gDN+uKFI|Sw9QD{
zmTvOvVoJLXcA0zhsWp#Xo1Ec=8O!WKs@A@krB}~cTl9$7+t=TD)~R<Z;~mk>yy{{X
z*{uSRq&J(t*d<|gpOP-V4AN+qWa8-mM5|LPBpk+iTjycQ&4OJ4eJ+~&*=BDAQ7>L=
zT)TZyu4iWT4#oT4-f@tnyVIAdYRD>t%c&gXJ{;x;s^0jn)nA&;UbE6xIWhqo|3&@L
zqrH+cq*A!a>UZT5UkTq_3Gh;`*Wf8kyU^L$Am|QWX%nQHAN%MM+IW3|u2euza!#)5
zW?QZiX;OAC)KAudRD4R)!$q~Ow?p-7S@f-`nXhAm6!odj53(rji=Mm;_E<Xyt;4B)
z`qIM|q$x@aT_LFpa;jhv7&4YJ2@Y|w#dTZHx-|Tau<B*Xr^c?Ok-WrhKIijYpL>~h
ziVY`rvdeQp&{_|Xp<$1z{T<`4B*X25RVnmtA`wL|mv?sxqzX2Ab~Xk|pu1(-^;1?|
z;}AFZC?;c@INeQJJMgZ+_bqOJv6XPy;r5lZExQW3Hfr%Z;5(2eUeU+TA@3+xKfqMD
zWyYP>y?GnWR#SpM&)dAi5mSrCYZ|z&5V$r*Sz4|2n$fVg*N%B+mG!=co)BLZ!_Evy
zK|ji)X&|9xV>CuOZ;578?)h&KmoSjnPX-F=L7Q|z?Jpk#ww;^Jo+mo_#Xj?B2%){L
zxo0ifvtn>VyWfZVLb}aE)(UHXn*rCa-xRD|SC+mmbih-V7#QjSK?Vmm^_}coVEJYH
zJCn+7pe%*ked7jy#-;l2O_KyXi_&dqnibT$*5`6Ls>vnlW8oTXA*^w(rKQ5tA|OFK
zD1i!*GGCcd2V;!eOS#1v-tRIuFME6ujk%%l!J+?2_rhjZPn^!ut(4wsDg90(x7!s_
z5naArGrg#qk@p*GScB8YgkxwtQ>{zyxivCw2fG)b;SPOX?}@cq3(hpmQ&@d7^m(Zy
zrQK;@4fcEjGN}_XmB7JrF}-o3%4upTxRQ9d4ZA9d*zFEbrJp<E2_<GOQBhM(CU!1E
z_*Bq4E*p*x9;DSeIyx5Nb3K`Epzx7_xH`CItfuTc1_YqztfsPiHDHdq`M>t~+*BR+
z5^n~o3RK<~fHK<e4XmkPRo$+nt!ibP;K^}WE%~`W8~k|$Cr6J(H;F3&yh8S}R|Gs1
z0Ula2^6&bvUxd>V=!);o1Rj_dvY+30P_;0$mfz<-E19lPzJTuLJHD~*!gNPA;11q{
zJ6K8Lsu@b%dZdZfpuD`cE|`OZuBv*6i)wV=2ITf2gDUGH$Mr=HhKuzwT!Z=r;&)^>
zFF3|xng@v)+L&tQH_Qy+=W<bWg2${zc5}C9gjb^mQ$6MIyFe`qj(p8`MVW22Hu)tJ
zLHHh2O`qNu?G?<(DnHa`uO0NQ(zf01vSHC=gEZILxY}C{xh=fgh4QszNv>0Z`|-9u
zGf{pWxg0R$J#0dojwr$A=Y{rNP078*wYeE?Imb_UPB+6H32rau&b4f8I8>|Z)Yp&p
zGcP)QTAdYCU{BATGt&9MPHZ#PY&~_=hFLd!rY(xSzs&Z@undWBni5`sc#gtq>Bl^!
zczxc~QHBM&5Vi8VGm2CJF-H9b21+eB&nWywJDAVar*$)hX-RbA<zlnZo1G^F{xg-I
zguSWAIIs$xvSaImZW=Sm8v{jFY3hzkA9T}s2tBrNGT%(gC|qKu4uJRKqvC0qhlK8a
z<JSTX9TK{$jPptpkH$zT_P?&GwDCG{nPI$=#{RNyJz*?{8Am*woFq`Was9@4FSA@w
zwYG$rA;fnPQ`!%#Si#U0%?8=9maS%S^G{Rc3Ap!}*+I7Yn%f%$%GzPti&u;AJkehx
zO)or_t)6r~VY=pwG<{X~eThPzt#;V-?O|3PDTFF*P$KcvCnPTolxAaX7vKQ=`J^dT
zn%xeO0?BjD#e%;b<0K)ek}xv}B2em&H7Li8yoeZyY>!CL8X|ov?kh20u79f$c{|Go
z$ea5EV-a3q#66#AeTdf~L}?KNSrJ8&00~ZJvdmyk=v_1Tx}UrY|HxIOM_sJPTO`+p
z4TOdbUY!lGHgD~j;qtU-O$(xL2tr5VCXWarkHCw()xdzBDF&~<nIYLV3Qk6fBWh#S
z>tfa47I99J9u{i9+MH~H6dPC{vd<JN%@8a7wg@|m=+K0+kU2_<BkC?Pp>Om0&OtxP
zTWQV_UVhn!j;J?a<0{4Bdcp=ZlR}MH>s6oFRU@?QX#LF>hgmn%5Vg`Evz7<8m;vi^
zE_>`A@Soo%@dICrD}JW58Txqh1+vcGedy8=z`Bz$RtTATU)ubYZ}X_g)G-RrN1ABJ
zJ)tnce~HCbJCAx;j7T8{V9z0gNpK(VbrH4+{*hA8Ah*(e%L7l|!aE1!NO{uNh-9xF
zp<Yh7#4P9Sf+?NwSoc^Rs{t5mILJOD-kZb(Fo$~qn2ioGL#s=4B8@VDH4+b)k6kgI
zg!^LTt@<Ej$y&&asjiz)A?uMHX;UF#_NoW29M0E2xd4eA^sD%cWWdaMWP4rDqGbl<
z$HU)OZoYBzm`F&N0mKVQB(Om`!T|mw_)m|Tx-*2N3m=JG1&9z2tN~2x$Cxr{;Smls
zk{xS<7XlQYqLEJ2kYnubq0~;}22{!e&%+{s;`|Yh&HT!({6{=;j@>nbulwN?AloO>
zCIi@tWXK>q%m5%U>xe`^^9=O$3`d$LSqmUp!vVlnpdDy_##7BiNjFSi_bBUEK&2vp
zb*BlS{lm`bORKnATY-j@4<6tGA)iT7xO^(mkn&MC0`?%mz<t1HVr|9Mbf3|~cxEj?
z15q3|kZG*65xjvYPBqYv6Ae`R5G}I_SetPJnmSTEOPD^(G31=OW%5+cSZTbgJm*xf
z5nXZ1MCr6mpV%v)F%p2@I;<pTV1XZA;dx{wxn;?@WXTo#@rchIvin9elEWyL<2a%3
zq59un0K9M@d1+1axl-$M)K+-Jui(3H0Y5^r3v*EV9%}ggs5yfLM1uv;q!SE-k73yQ
zP}yN1Vc5yyzG}pJ^R4JH0gw^d!OZ0h?DVGULOZf)#X#7|(q&(VA&E64Ge#3IK|`u;
zYMc68Bx7R{N+yVt?daGNH@g>XhKg(hfh<gBIbaRI(L%y8J`+kB7dWwMpNh6{NRr=w
zLNSTOjF_c;X;fDlsg5$IvV-Rkc?<Z_(JY<75&*0Zo8S-*Kn#de{}>LoSTHvF5ggc^
z3jpMKxQ*+vO`ljWFgFhmMu7txKocO&s6(4h;524YdVH)0uVG+N;<VlX2BpI|8X(rA
zZc!&W7O0M*?#ktZx%;4j4oI-+pfy{7Qvmb$6u7iqi5!+xn3+V!XEyT~GtkY4bN*`$
zFp{nVYcpJ+MUQ0Kp!B%mNTyyuYpVe3PO{@OsV^-k9oUNOEHt3C;hm-VDu(ud8|`Dl
z9RVYW3^?zOT68_VX8qU^Fp{!r)(r_pbzT8u40$Jz7Qs0_MQ?Hdrzm{gk9O)5B{@Dt
zb>LCp>mp2GpdH*+wA5}&i%6ev13!%6>wcnBZX!>(fzMCGEC3Lt8Ut?}UL`t1fIUcA
z%K$#&!?}X1@m9B2(=#f-NNKmcTBmo_b^B;a?ul$h9fLiu&PZTgbgcmi%(a*q#>@#j
zDoNcoP!eEmCKDubT#`K{U@LOO`>&iw+%|$Tr~z>Uo({#moepe97KLaG;1ceP4RD6M
z0E(|j0-KStgoBWSJ9`Ajg}nZOLx8PE*#RKp;jW6|t`067EoAky@U4eU5(DJJ17BOf
zT_I`~5v>{s4#7Ega|7-MSVtCrKjnt>*o`{e4WeaX@RkMMILZpxgUkx<12M!scG8Iq
z{8d^wU`YMD@1%b}mJ$wJO29hvBcPX~^k*b}kIz%mEFgVgE&T|%upOn}83JrYrhfxo
zT;L)N6dw<`djfA9-d!L{z#e2h;67B~KGXn>oKW`v9XRmJis6|ds_~#DttV}J%$l#v
zOg7*FHw9zMLwts!;2dmRVM`hn%4wV3*xQVa<KppOtd*#2ODVq)pc68JjAB_;ghGFd
z28n<7R>tKd$7c9KkWPrS6FjgZI$`$!VaJTHBSP9~AJ`F}u#-dB@gwYrk#=qeb|fe4
zln{1O2s;v_UE+Zq=?Obkgq;S$judHEabQPw!cG%m_XJ@_hP3;0V0Y<+oesjz8DVz`
zX}5P^M}ERiA7S?zVMmU%qq0NrM{&Z=7-1KSumgT$5#YI)Lo2%NeqtNlb);FhXa*xI
za}hz#1qR^7&{kGALlZY9lbbM`Tk5D}oBs6V8Mi{anSvjOQUSlq`zza+P_~W`FWjJ0
z_Ei&C54yh<Z}8(+n3-f?kscsiC_OpDL0L61h;1-lX2kMD=oiRt+%>=z@b>5TzV{UU
z0oyp%xh77RFcUUyvTygPz8ypQEgJmzDiEpvt}<YL?+}tW2caa#Nl12N2uN+3NJs)Q
zbpp7@kleu>m_Sw={<S0sFdJr?u|zhp-p624_&MQ7+`)Ai2qf-W(XsavV~>$+chvho
zsPo5Grj&Ymg^5urxG9jwe6*mB0od_?(~Pm!C@%i4GB^M3YyRE4v$1e$`h%P`Hwo=F
zy^g|k?qUOi$6>qw6djxG{(;r6@5X(St$pW@(Xx$e7-=Xzz0!CUPL0L^Ab^^{I;y~9
zKmax3aGF>7R1B`XC)fJ%87tgy^(siKl$Fe1fb5>KY<v@kX4Z4M&%RWMonO2%$ZT1?
z$73s`3dwE;iW>xrhmu5?aLGpJ&`3Q4qH#7}m9n7A0nF(H7}+~N__i2?#TpVa)Mv!u
zMHs(7PxR=Ae^dV3Zc%yJbKzP){IQYoIQ<1UPsCFIcmsk7+ZY@K6K0c<HISD*4mM8=
z5C}wq8zLepv=Bwa5)&Us+O7MH1u#8J3_yZ2J=ayB!7!<TWO~-C4(`4CTsQ<M2^@yp
zZX~OWEYZm*vnt;aPNs>K8xcthvjvJ1olJV3*p&7FhdUBSL5NQw{z)9D=Mgy0Qz3D@
zpdWpKepqn?jsPzNj_c<TbU=z&>!tYX?;g{yK&5&>$3rh93>KnbmXmZ$5gx#hM8a5o
z?X!k;5{3%~0tR4sNQdCnQ9-nmFlY{7xL_b*gh=s+oP?1mc>se338RIcsEz)A!zfai
zDG<CmaUx2Fa3;cukMI=-*&`e$Er7E81&6?Y;ZXiJ93K=~R$oW{CmsJEzyL(b)<Vy9
zGTB*`21IF3i1dubJn>)D5%iyQjGd_4U#s%tKh<#x=>MZIiWGJLkxrdRHbZzKQ4)_~
zZy#q85bFt@o;3P9Bmb#W+mogHD<g^jS(yLlU?7ey`yT@KN5__d=Cq>q^ozq|OO7s;
z0vJ!g3v~qifQkRis>#f+i5xAAq1|}F_~*jozpbDmMi215Ff+gK$@kl^a4yfVA71cy
z4K*bcttF1#=TJ~#kWgV9*2=u0fbQ)G9m<JA)w!SDxnJ_|xC}Dx^7z&z9DZ=$;PuKd
zS(Xw3Fwo3|A?_nV#`Nyr=!H(c|3`QEPjELU;;5l$ncVcAay*=^PthKLMn)?}MyU?(
zJKWJ1rZDlRqz>*o-55Yx#LnM{`45i}6V`+p+~k_D!*dgxf%hfTvNw};Mlk%=kOg9n
zksG<DFmkk=C?1%~@E2ro#^rD(>yyE;-RN>C1ik1F!Tt07iVUwE?;~`l-6PO7okAyb
z799}p0G$a)<Ca$p5bE&4M=bU9oWck?Kmaxs;?DEe_u<(f>;4Rl-33kZ@MMG6J-G%R
z?%>|eYuJaOyNVHfq#Afy@Nfq$2$U7OVjP?5WLXjJkawl0!1k3B+s}&b8Cst6nc(N)
z`STx&?l14(xEy;dx-;(K=+sZ61D`<$k9Q<GV&{4w)CtjH2qOqUiteB9!?QV2_kc5X
zuK>cGC@bj+)ga0WggYU+8)wT3xH~8-Bj~kyAmeiF;J66~va-`Q+_C+4LlV9r<0A~-
zQSf_lAKg@~(eN2~(V46f9|m|0J1{&-DG_VLhc37{<VS$!8o_8o+*(Xn<7@Dp(&1~w
zbr9Y;HQ0gx2Z=Rt2aP9Aygh1(SR=0Za)7Y;y?`2d5%V7ojwfg$f8HS0h-)X%KIlx#
zz^&OD%@lF9=O&XI@hew?uMwXn;N3lfL4&}8xNw+DaK7gc?mPSh3A86mu%RPe4w&DB
z8__`EiFaUr8EzyGQt$cOI=wOi##lj!Bm&ga1IB7vk0lD`=Qt1eK<9=7l)FLmvFf29
zIEVa5q@wj<{da+v1Bt7;tv6AuOb4FWF9^BFpqePD#{mC~qbf+FnmG07xV=fIc5bEF
ztRvgEK0>M9<+b=x13k2%F`%b0KzbLXR!wA5J-Pb<FZcoJp-Acrfz4E>HcJB7+s2p?
z4ZxBd!qUdgbga;TwN{FiR{ui<fYal+!EwY#i7D5+Oa?hm9)1Q<Tj@X;pG?e7LeTE&
zLGR{nKS3Cu0G=#BpDb_)TuqP$l*rkhcs%u3f`O?Ayc|qDc<jkDv8jO406XB9NQ8Hn
z$@{0g8(t<vwyvrhk6i<R<wQ~25#bKT5{q!WfFXe8Xe6s9nzqH7${!9rQrgql0LHkd
z?!wc*kC0rwB)4hnS>D!8@pcw_5U}@PE+BXVj8E|f$9jUde`I!oHwsW9_P_Hs`tQ8S
z0wp}f8}Vu07|-$s4|mKP@mbz{PVsgU+uwNmeulTW<x{+!#SRC1%p2VJ6mM{>$GrVB
zvlF~ggA%X*J8u*J!Q0uYsGR04>nv~ZaL2r<oaHU@6mKW7{f)Qgv%IaI;_WPU*;9Ip
z1B_4c2FH4Ww|``If;UP~BE`S+HumqlwVu@*_i5ft&hiEicg!32S>A$9@pcm1-*{^{
z%iHPsb{0Dv><PUA#;16LV?E~WpP8ND4VWPU|IXXgfADs;Dt4!Nn>@=KJlrvFc4v7@
zJjL5dY=7hJ?70wkdcK{--g;VZXXhIn>j~cek=ZeC7382q%zx#raOB^4V?C=k+|#^~
zo#hQ4?wB{+v%Gnq;_W21zw!3%jNUX)&9{GGhl4%V8{GJm-r!h|dHZK(CwQX*C0_e?
z-p2ofx3g7|In7)2S>E8`j(L+g%Uk#<-cDls8*fc#c{?@V3eRF^J*79zv-1s(^#pJK
z$m|4fmqCf7|IXXlJJ6YX$cM9fyK$N~wX?jz!yWT><1B9hr+7Pw?Qgu*pXKe;d@DSQ
z9S-({-jXJ-rH+Ic7q>nMeb1sj`B^slftp^{OK8f3F+&_1@tbIW>$pa)M~pOV#A93`
z6Q!+zep?A3`8=mN+G;(|eha<9Ka01v;NQLQ_y#WT?SQ$K?m84Zsq>X5EDS<6dp2RU
z&r8b7T%9(Tx5lVjmReWz1oZYdx)vs%ZM8Il@Y`?gZ#!4JI8W2A&CicPL7Om>trq-t
zh>0F_46@OK-@a*FvDgc-FNdvE!<JQc8V3eb_O~s!rbPB0LbtZq&+WkKZ92pQWAs<B
z$UHY?wRe4;Jrt50i$#`JTQ^1K#;OH8AOu_cY>Z_nn*2ZZ_i|k}Xse6Q+1wNV;gQYq
za5&Czb!YvXs`F}3%;r?Cp6g-<PJ1Opr>&B;sxTYhCp*M)pO)CG*JEX3zGbyH*?l#0
z?b^qEwsu{S=S_N+mR5Qqvbt}epQ@mxWqM1+P>G_Q-RzBp7_$2Gbhk-i%f)0Nm&xzk
z8G0_SjP~#b15-SDh#B-;yzTce@`MM6bcg>8S$^{9S*z1?Nq%N~bzra${-^rq67+Ut
zJF2ZE^aN7%w%+@XEv>Iq8|-YP2UT?_32*T17Z*tGXI)ZWcde#R8-``URN0f%C!F%4
zJvxo5ryL}LDHoPLw^wPoSt!AVddWzWwwLTI^jntP)YdO)^f-B#jqQkSQt}AHN^~Dr
zEwZyFz|aaon+_U~t3T58+)+!P?DSZ<ghAim?uHuwnln;O=7rMkf#*I3nZB{It&CbJ
zT`AYLf*Q}r&_RXtP@1YMp%$<t&-KabS;=29bGuDp3nI_uOHza?hCN`z8w=T>6@K<S
z&!J?RozY32%ORFp`(r#4LzcUvTZ020UBDlPW$E*5F%h|uqNZcbxa+#v?%K6Kzc4y)
zyE|j)^sFwjf%a*Ku>CB)#;}#h?7~zzl#|xd*?nuJYcb90J7kdY&y&TalC3ey-jb4m
zc6O^?C(k?2JR9x4!oN6Trno+a@Ap)2uaQ<4b_MonKSgkz>2}gcjG?Q2ZEeV~=X}b7
zf&2bqmPpP3$iY)ScM3{551Sm^9c?dPXsk_vv=5aG3|j8$Zx8H(AW!Y8_aE)gmJL}t
zjk2=`<5u_03%d)>?Ut4eP$w_@nbMYQmG5qVJ}oVOt^Va~x7H5Q_i!5?o=X{kS(ZS?
z<o2~fa*LV+Ypu{XlOPq9`vX_HwpaGiPk*yZoQg6`8UqDI>>|ql`eqjw{2R(q>K(RY
zj3iJ}iKLlF^gaaPe8r|j*#q+?12YVAyRt^lx}?5~Gs{CZDqqa=KVo2FC!$*%wQU=f
zj$e%Qc*ZA6zOJn<cPH>x!!wb3n@5)SK?B@hNG}L#Ue~ch*QpF1_(<k9<2}p5NM2Yv
zS>QjZ!nav2k*O6h?967;kwkrES;`?R{LKqL3-w;@YV82&1rsHrh4YpZ&kg_F6-=?*
z(fWgJSM7^3-5|8;_BHa$6Rn)f8TC)ebQn@BV*{<ZVUY&CG+)97hh8d&6t5Wz1m=U3
zAExn;dDkvHV7;%3O5`OATY1ayT&G)trete5g_=He2;Hh)RMoR7v#&Mns;JCou#T~1
z&!X14Yctj3ocF(UI@%QEt$k?jn+wZSuN0WSdGE?F-CGbR9x4k;860GsxTlSy{%3jT
zVJ>y2<L$cx4ZfKq5Dr>JV?(oQ?#nbXSUhWYRv3zS*t>qCBvJ>q2(Pa`d^eh9j_wsm
z?1gJtr#164UY$wQs$Tj@M<kjTeM_Tsaf4FuqE$8Kh=(w$(?tC}iFj!Yut>`5eX+;{
z3Du`;;;&!p$@_SYfxe<!`5EL5*9-s7W&83+3*Aq#s>%tS{mHc(ULzcN<8~<1lSz+O
zI4nvaw6b`=1h*ro_5?7t$MAX5HEk@Hc6^fj@TA@3o9OOK;NC)g&H61!i#hu7EF_3*
z3hOd|ZL0zue^G-0b9D=*PuJDd8G)}~FKD_jcmC=o3wS?SUigJ4VKLR*_ok}heZw|s
z)y7Nvj#_nEg7<uPW*)EqBK@`fj@EYX=ld;dsaA=%(=wH+{cmwDUZF}xzucYNM$Y_F
zB9*rSW&V%H#fMnxhCMho<Au-P;A%Q)sNBFPu2YG>i@q2UsmN~oeKTN0H?3)<mDQMu
zr;cJJ6cZ%KK)KNlQcO;x_-y$+-}3ge!K)zu_Oc(|zvPk}0`=24TKY6r14nzj#=n=*
zaC2eT>xMME!fduqCRE_Fb4`yV5zq7M9R(FQz9`@+;a;uy(H4@w&>C``H*$H{?f&)W
ziUGkS6ye~Gt71vY5&AyZb^U{3f>-WkzEUqSZsdH4TVow*oI}s2z$ouAUG5qTU3n2O
z<`$+Dj;UTwqqERGO8Gt}wyfy!pN)G;1-*Z0+bZu|{PcrZdbso@2be}NF&w`iQ*A$1
z=M}&6Lwd)iO~<lUd8vyma&Gn4l^qjDN6g1>Q*MT2w$?NLzElDApWDgLsJ@oKby=-Z
z?Y_+8bF%^xYiWK%mwLYs_-7H5Y2(^ARuYC3Pct&ii&?cLq_SCoUSrMEp{=ny38slE
zh@CS9yR+mI<}bbTHeBeqzOu@165K8=YHiD3PQR3yZ_zFqd0}D;dMPcNRT#2ZQY}?&
zTNy1E$nqJD#4TD<YFF=K@2#hET5nrkdaJuvE?JD6mwz(wlB-;~nd)}lzV0B|b+%D-
z-vI@Xrcw13o|uOHS5z>{seRPb^G7Xo`r$M%f0#K?P%a#Nv((Ps<(aV^;;{&i9);xI
zB7og^y+wmXa8s2ihw}PtSbsYGg4*m2Y<Yv8$2e`b1gfj5tXmkxJ{iq85-;3z7F=`Z
zrqRpqQ)+X>5XvJo=)cAIK=@a0P^Ji_M3qK5e{1zml55%p8JbjF9tj_V1VM`A6Qb7{
zUm3@LBJ|_$U`jV4Za0WF$Nl=?w+5dBC^jgXCnxY+@F!{K2@Z*VbEyUh4}){EzUrMI
z&b}O5nP^t#)VKzI>bebMC775hIZ27Px&Dm?Y>-h->SIe(?vPZAZk^x=(tCs8;rV%P
zEu{?T%Er?oV#hD0Bx3^CIs{Ox(q@M4y6OHd1qE(ql@g4-cPwM}=;irYUnQ_h=W$81
zCZ8O~gR7eV9>I3-RBSSLk@j5wp2mk-)+u@o^nzT)Aw1(^Mg}=s>F;|rp9X0p6V7)!
zvGqC#brt%-phOd;ggZ=A8=O~qe$q_8f6OH<)}R>Oy8T8uJkzfL3^9(e^;FX=rPL6E
zx?P}Qp~C*z^Y9$wBTyqm)+0;BI6Kv~P&LBy;nZ~oe*d3j;)a6`i*HQg6(;jtiz-Rn
zQ53mN*^&#B`3Pv+@#iI#mT54JbS^UNFI)0vYx)$tH`IKt$wNU{WF#t5oBO5WF;5hK
zB<JP8Tr9sE@jmaTqMo|W+Jg9g^=W<TBLh{q7SyS8k~qk`<yJK^uAh;;p!?;jXI8-b
z3;bHz%XBvhuC#v#r?jwy-zq8BdHOUC!W)i#{S}u@)5pN&OPS5GHik7?FLR47YpAK@
zk{cy-N6}xPWv#BqCeDfgt2Za#5_I&h*mo79fF!408*1KNSmm*zyhWRJy$>q7%;F!W
zJ)IK5PvM)HT%1J#`_@sHNKd5LtE<$oEc$0nyW@*z0f+m&M{1bn<@3D5TiMPsD1OxW
zh0j5YZJ@bs5<j8L?PWYc@pqiB`>62@F09FyOb%LtT&ZK7%9HNywKYZ*FXoSsDmvaq
zeF<~wk9KJ6Avy1q^}B%F<t}+kL)8<B6^Nv!pn#O%T2QD{7#X$SpP7Azp$J*w2Ze!g
zdqXcp$2uC9h$Z_RAo8n&lkd1NcL)1p^6`e|uCFvJRyC$SYieRHrn{WL;`)e1HHUFC
zsu99xqak(q#`m3b#IGWryKk$F_38w0c}G;wN?5Y&NJdrJq|AyxF7yyk|7FjV{$$|y
zd7@;=?_Zw3#QWoo!xyB+ty#A7usE6d1A0j{={3|g@f@cMxzx(sSZIy3czdZ9yIwQ<
z_{@Tgzf#yB9a`(Qk|Kj;5qHjK({H3Uj&}5|7={!EEl}tFc|5i3v*2i0*tdR>#_`*H
zdb!Kghf+FK5e+_AqMR@_bV-24W9^F&?i9v?NX)W4RjP66mHAAf;0*}GiDXpnnd+CS
zK&GrTHFszN|IeF4_ru);G;AV8*erK`bdZa-g6VmO0=mnuzrgBN7QM^hLq{fs-mUzc
z?w90xiyu^3G&I#yd%RXl_(SG;a6r~7t^ul61?~A4E%zP|e8PQI;_Nc}qJbnRbuNIm
zhVF;r^a~BNh0Y%(40mPv6MtODk9yQ~&c5uL_`R4%SK061#q*UXK*2^az^2YustF=u
zKw%Ag`XbsQ(D59F_h5xM3C3F~hU=k~pKvjoN%h`V*2o(T+(UWoL-1CA;H{MXZ!$tD
zF#=Ta;^$Ls&fF;!6N0AQ`;;6zmrjqw63MxM8ekNX0T0^21^%sPYy8ZP{U-c1DO|=9
zjT7%~9+9!0Y)%~-=ZD|<Vy|&a{io97>cR}`);Hh$uAzHED6^lO%$A4G^VX5dZXokn
z14o^9pBnE+lmheXkCScEG+20L?y{xwg#O(4O~5+2cI^jSt>v#0S-ZUl>o{R^U+s#F
zop4AtP`5wT#?woSY4zE>;Fj43{b|SPj!(+_Fu#}0yPVa!wm}z~CMj;sx*nDx8|WCB
zC!9Q3m9ds-Xi(%lJiWj6^BsxMPIVGTrhjLzI5wkI{?3^v3SD}5-Zlexq7V~03JU(g
z?1w*9z`)AN96tTugj<;pa1b<92QZ<zf4RL<?0Dg`e$lfFK^7mbxo8^AQBil$(kIOo
zrFeu>n_l$&tlnwI1YKMVQ%iE#?d*5A{n@;o*%HU_G};U}EaG=%23}y7_1^|vmnxC5
z&@sexDt^jKE)9HdpT*%Ve=4u8!C2qjUD{|XD(lf}C}zBGc_eECdVcq@$2?T4!T)r{
zG=vDc8T<Hw)(5Z&@FlM5OKGyn9ftlmGuKR^x~MWdm%F!duA16KJDZie&Mo&`2G6G2
zs^uiIy{bD$rN6<rM?mR5p1DNt$97r2Jh4*G2zA@`X1T6~QfRBDBlo^@z##e}17=<J
zoO7u2&Yk#}LVTrP(}EkmkXtU|+jyyyZ?y{aln6`j$S;HXitiQ9m1A3G5Z`&O(8$YK
z>0UzgzEV`dCZ0eyP@fCugTI2M|CP~S25;rDDL-i~N6ht!d@>bNF=Rq}%0ma1NzSF;
zop~En<#zi`qs$_@eBbs(!^#n_`&Vk}+5!W+?q6Cm(KG37>3d#W3aOB0S_jMeHlwQ7
z>ybv&f3}SJdSNwt$FhvSOaS%{jDK3Wxw^JDi-1DD0hD|Bpr8lhJy}+Skn6+ca9(l{
zNaPXOqDWfIq`k|v{6of0V88dR&ZjkUcHzcX#neE{jNE0pAG<WN;Y?5Klc?V<Q2BRE
zdnxyEmES>$V!JHv<-p&{_hmz3g~}aWKC1F50hpu0Yna<8dOj{KmI@|X<S-buoj=hs
zQlnS1TwIk+7M95zX%(u1oj%ln(L#vHtr<`uo!Oo%g|l6v<i-)u&T}=Hr!%W?Qfz;s
z)gyTrtX5s;;H=%^5cZ;WsYUp7u9>5h8nl3T9|M;c_*0!8iCJ0N8(Z4zJ#?`)w$p(N
zxc*^_d@TpTUeu3X7RMPc^rz2LwNuY~)G#D81n8|=%0RZB5ouvR)Ot^6<4?LY-|F1B
zy1GGtTG*x;;``(^_@%POtr4DPf^T-27n{t$!$qn}F&~G#wOXgP-UI(<TSZ>TPlK&j
zaV{xyK4;8==i8;LUgBXw!8N+M1h*y3rRB8MUG>~mnnXw$oGy|-ldYpbzn|46jh9JF
z8vKUcRjTP>sD*u+=>mDy?cC6dWQw|z{9|0*U#_R(Otjeq*2Ugc|BVt_Xv>hK6UIox
z6*OGlbnaYyU;y4=20@sLjCJ`CXLQw_5LpcW)+n)LhB((%>{Nvc@7WTt;OJIp{}tkg
zwOsD4dUnDq!%vM?QY3~%pX@`vZ{^zeZ%3f=3bN(`+CfDlLI2+mL<2}g{PhC<(6N6!
z9_{SzvyUe`*o%Vl0yY2SZsfzt&Tc>ZkgntHGeG#iJhJPogR_rFIdb6j0Sn>auMbQ)
z>*egn@nbKqg#YRV@!|Zem$R4ZBQL1u#1LMNuh?g|o;`eyw^B%*I*QJ2JUh&fH=;c_
zLXI5mXE&c69LJlxq!F9{#~3;5=WJ6R`>B@sYl|w%U;<BOLqWj-{`LW;7QP&O^?v~1
Cz28s(

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/azurespringapps_checklist.pt.xlsx b/spreadsheet/macrofree/azurespringapps_checklist.pt.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..ff121a8eae9d874cb19fc0163014aa08bafc6db4
GIT binary patch
literal 20016
zcmdUX1yohr_bwqwNv9G@BS<SCWf9UKEgd4=U4n#!q%<5F1SF&zB&C&*k}m1)dixxj
zdw=)7|9ijj#&{~nvDcn!u5W(xn{%x*275~g!`{G#f`UST`hj6A$FKMe#TB^v3jCl0
zKU&6`5@yCG<_zj4CiFIj2BLnV$Tf`UFOG#~hm2%a?lRr&P8@Br7i4=Bp!M9!{lMYX
zH~&GdVMgCloM!ntGV6yPb*WAmO#)Db$o#d>yV3{*C~oV@6F+IU^}*`bsUy$1(+I1E
zBf`=ibwIRG@OXx>{NXswY(|lLc(g^B9uxIWnEtw-dv7^Oq4BOdTvhNMoWvEpTCm}x
zNYDUK7$_)=%Xl@7&9uRQ-2+vHYZ<ZYtAu9lBU2PS-LlZ`^L&8&<~sgbaH&vZ-IKg?
zaWJYU>$T~qW;@5WwRmwzjtKtE>~?vRc-UA%>1=K+tKg;QIVhS8TXDr58qWmG^`pn{
z@eHB9rmx&VH3^*2|8m!)3AT~yZY~Q`On_9Y;Qrzs#$7lMV(dSoOic)tTCnU>#;CsS
z(Of%5Vz+7oZdtU}^WSi0WiZyX?banJ#trxtf-S;6`mK1c-$pR9Pc{lkb+#w}NDeBZ
zj)IQxfk9{9x)=%ZU}`@7nrmEiT!KMU<j<hYB_8oF^#^dDeHRLcoL_h&JWVoKcMZfz
z-0-%6@0KZ7>TrBZId)Wh(5`CV9om@X40V;bZ+PgHLGVye4R@iSumIw03>YllY8z^w
zd@_NlTU2N>9(;sdh1Pd`_s^10A%*h|OQhF@`ys4PC#?PihU)q-QQRgEsiQ_hS=0@K
zhAmYOgDzWSM4`=rp|$EK!HTQ@b%<dfRP`cCFZj`e$8@M_!QIQ;M?1q46FxSZ11|+X
zlC{FAOV-k<d=-Ti;JFj<wwrNzv(!CO7r`q5I)Sd{mbtgPt>ON9M^?fEf>HE4cS*b+
zbTh)zP`wVNaKPsuM~WIn0No-$3v{C=QGoUHdulA08DuE;1wHUPD=D_?K*d<VPTwDj
z`)!NvYpCwog5FxysRz~KI;}!Uecy`14?d)=P_y}=8-_D>yd&CP@nXH@?dEp#R+kuW
zN`YgKB9deTSybSBN^Hq*B{fF+WHX0uRiwv$^U{&RhshB~qDrX)X%_c|9ciF;dA{U-
z{;BZ5ww*8vx-Ihd(4t<MlJp9};nXdMF3}@w2U~aRM=L{FMY-zmtoo&QY>H%z3uF$L
zkW~At<rd!zrrqDc#+JbR$o8Y~HI2Pb5B<I8{Kjv`EPH2Vh0S-6w6zoTDM^~j<&l5h
zn^1;IYUc}j;Snvig1-B19i75a%$JB6>Fx?8wFZpGV$e`Q%Sy}vhc4|V^*{|Z8TXyF
z`UZ)bMsyx3tbRsg7g-iq+uiZ{*@>A{e`j9DwaJau?DZ11DWkZzpF->pyV#BoR+3k@
zjd?4b_A-eXa(Cpa95(0tc}J2|?&nw9Z_VxIg^f5L_I8LrT%i;=q$?MAM(4}9(^uT`
zOg`=n%<q|*;6HF5s4=OblHmISU0}*t_@q7c)qC8wIkb?7R_q);n{Xr8(0Reza3bK0
z(rf0|7h7=@1()QucqIlpnGx%lT4Ox!Y+KCaD8>@MJLx5sjHl*4%>!qgh~byR8l+?3
z`;~tI`kuG4wO2=k+H+m5yZp!)nJ?{<7&f1=2_iT}%ptgD;0!Jdvnl${br-D$db=6A
zd={ff@g~SlluwXo!FOl%`TdmnM<7?YnJQCp!00SSO6wn#9Q4N#+&nUWhCNUct@r6;
zJnjbxGyl40jjpMn74@+K${p*04knz!f+&**I$r}%up*|&(7l%=2k#P;tVgKiLB_8~
z-lHU;1x&tdwR{c3V#zBui>@BCMu`@(FfjSz4pF8}lG_$)12$12bVEZ$)MKtFM()|y
z&{`pP<aMH63x4cLB2kCdmXhjyODODynS0Zw&TMBvtQWHboA2JZZRE0VPrz(7O{!?J
zeK!eh+NTw*uDO>BUg$9|=bhet$`RUoMw0!CIL6xFrFD$+`>1)#6Aj)xL%R<ej@29J
z*!ZOu$fRFY$os|8<iCX6NsqFcg4fR+Mtr&PYg{LD!IW35fBhR0$cMplO{&?>CD?Nx
zE%c!ww!l8VSWrv)bZ+`Cuk1rx``z5ok}uly`Vs!JEnk}PX!k>@dN8Le*9b6$&?Y~P
z69wY(z-%4GA-~t9!cnYLkG%0CT0C`>pD@|*J<Bd!;J2smC>ceWV${i}(*<h68KIMd
zBQiK2RE(R1-FlN)KR%vJiEy{%wr8h46RLY;^heqBj3R5{O<iO1+#A28XZv4jQNDWl
z=^=UgR9+zU0A77UmbxTurI&liDiWa>ywI>`S-UTW+a0%!yQ^IyPGdvJ+ZG_E9_=vJ
zmJCk3X<hdhl)t4hBN$OeSL8`5)l_@u?c~DpS<?&9#`N`B*nS8u5;W$_G}C`x{h6eW
zIu=X$)&uJYRgj4LA8Nhu%IG_L%FHcp$o>4J;omw1@-{tRXc$RgKKr6G^du3dNFz<p
zxpZ=FD^-U>f2hfZy{@vAK*4gXU&L!`*4{N3)yHMyDI@!%J=SS!4E*LyTr61B4*|mZ
zs0bZ5wwt~6XZ0#^LRvz5aQQ4S<95A*M5kG722?tmzL05`R^AuZsX6*=kCD1G=>99{
zO*^zyTbl;SQb0$}{dt9w0VTQYeq$br;o~RYB{F8yLN>eC+WnB}5SY7U%ob#uH>d4E
z@bi-T+H=kMMWz{Td!FdKhM#3M@7FI(^&x&586M{`3q|bw$!En8$lv<1*5PfLXd`Wj
z%D1eN7}r-;3(wjNLy<*$AK-Bs{WK~P@~@_5M(|lOSfW436Hi?i-nVd=80S&?G$7}I
zt4NpmK2w^#qL?9cjbZ5)OsK6qjph85U53=>u&5!|E~6eK%k0kk`LrqpLx%Q7nZu4+
zw*_eWbVIpQJJWFP^L5a&<8a2SX5giZrFC1Rw<$L2@<a~amaW`T4riMxIAplGh0#48
z%86%%f?@+UfBcgz%-YyY-~6q%wuLzZ<UhzhRxxC3KKMOkYb?8FGo{cfgY@+cX!K}j
z87u3udpDkKv*b0cM+Q+x;k=X<)QgS~uewW-5B=xhOS><XG4mq^O!AI<g2P3u5z9P=
zh0Y_6N|{^1&cnmM7b~4NO{=Por`w{2rW$(|&9?2#t4j5!?D8s<mj<hhc+2~TjOAJ~
zCO#S&50j^+?nVtx?Jf17jSw-c4>nCr>-EqX%Z*g+&6+gjC%4rey>TqkGu<|^FZ+G8
zW@MSSyK$H?o3Z3d(o4d#<d0XrJ65(o<=G>iaj3dHcqiZ4aou8)q_RwLBx}iPzHLaW
ztn}!pXK?ZkFQ=$q5r@i*@qACJ@^VM;P-7canX+onVnvbo@<xwVRr!vtWnSs;>?}X)
z?fEz6`(0CODUQYUy35&ZV;mz~DmM6C^>5a<YwvYrp?c~rPuK+1K36C_-my)VWm_y5
zX&=zp@Nc}yX1}@njl`(`*nIo$2np37Pn*w_QSu|UV`s;L<G$h9jHaGByIqsKV~2iH
zrLBqSS0#3laz~Fjhufy6-&h}vG^I9Xh!4)I@+@pc4W<r~ys0>zTHzYx9m-lJJ}x=X
zVcQrs44$-<((0lU&&5Lv;vym^Akhk}Y@bfeo5k}B<Ra4CvheNS!Oz>+WaU2Wto?%;
z$U{U*M3N9AF?laH^|@9Ds$@AxTpTZNx25rWtY4tNKU0Tl`QpKBq50TR7kLyOQz9J*
zRf>yK@Zd47c%wYm>scSR7?4$VTG#5wu0MPtwaDxJwB~kurQdT|8Az>|7F8m<bh6vF
z7#S+7Yt>8TW;Xg;%vTw>!k6G4J02k&$`Olflg9AayYtbd+PjN7*S-nP>35Lj;_+nj
zH-6m6#$556!Fk81Y?rm4*x200TxhK~Hde}}QE!Bk0Zq<sP(^>6y=QBDb7%~9JoT_}
z%F_PFA)2wXV_z2K+{E14GTZ#nQ5oC*7BSk!^x7=KGQ2>sy@S|I32{b}_fD=FC?2ES
zE;ys2`v<k?Z^pdZ{dz?}+>zEd^!WW_M-RK=#bUWzQ(sSRFm^R6i_TOib35H9QiYqC
zB0>#y*9mR-vXTm%TbF7l7Y`4O)+Xj=wz|XzrY7P$brRpTJXA6wW)KJ6qE3eX=F&V9
zhBm!ri_pL7-J#;PJZiRSv%5Z2GqucOH)(QnYQ5#AKNp%mm!|+~SOy_6hmz44JB5-8
zuL@{Vlbz}<0-+0@8e`0Em%ZH9<1LG~Bcf$4?f!U^CXb_wMuMq~2eUgm=Z{<14rj+)
zjnXO|T2|m6D=f<u)hup?8E4CtwJh!(?TBtyu{Ao=8y^X<``L~Wd~s4S?A=#&dtK=~
z7P>!mq)zp_y>g|Mt;kR@fQP*qZ!2GSq~Moz@13y}9o5R&W1~T$qGhX^2N{j8#a<Ps
z4bd<2iXDyA>e06SVPF{A%hpjWRyefDb2HlNn#*<c!8Nius=3v}e;{b2Qd;#qAJb??
zrF3X-OQk&CdCX&KaO@-ejNR%+e^}K~P4B1iRn!!dn>vfIuZI`IjyGeQ4E7B7tC|i5
zMWebYTlS+ir*c1f+?g%dUvjUV>*-ihDUG)q^Dydl>h!Q*;&I4+6x@h5vEQ?`wZhL>
zVkf^uIluZ|JkMCJtm)9KELw>^JG6pob!Mw0qipLD+M?kg?D2$p$#4PFftlsk$b}+L
zDv+an#h!`7()M6mPpukhHkI?B5;6VDs+ix#0~rSNTN#T<j^x{oufHs#Zs%4i7CIkU
z77U5dvlRvR7*#1Rp%q0s?yC<CZ;yG8mk&~PS5^?F9L?9Z%{RR+9+;UIvGUa6+}|=G
z@%MK$D;OR!UP5IHcivy0dt+vk8`d&tg|djh-BOk@wWXIE8D6&KQuJyl6U3c5^?V;m
zFSaqeWl;+eZA`tFSeHdo$M_QuPt)oOT1My6N9E-fPvqG{yA_x}&YQMlA*M&{-!lp}
zXx1v<y?$8HpP4;~R~xcX_;&Vbh`-7A2jgRC?p;e!Y{o{iEsI0*gPT)Ud4o#Jszt%J
zd0gchXzs7}k$4meRY?Y`O|45xN0!CtjfiEbND4E0hJfC5^k%(fEaqr($4tRdK066(
z#$ZLz4(+R*-9kqt%aMDW6O5hIuFTg+ik5LLS-PNLi^}513Mr|0R9#*32c#A4*};7G
zDrQho2ahA4k0O*qy)UZdYkfU3-oo(NI-Q$n!@sj^5V`2!>tUbnh!?0zS0&S`#mZ+K
zrU&_^<6vd%5I3l8x5zrIaocCfFgx}sYU<pgR&V8gzN&$r&i2^Q#Hy&8eQ{5rBjT+Q
zWa|u1<>Olwj>A!7QNybTyoBau{n-QNNsfsX{UQr`WskXnGTOFQ7LJOneb|<ZqRI|m
z7(W{9?Nq3Y%R6wVaoD9(J*do!CYCPQsnFRqv)}!Cs8sr!<Y-OTa@D4CyW{ZaA-tK{
zzDb^HEMZ|`NwC-fT+9yg<5k4D`Y`c>d7l=a4GUY_TtT0%V2cRV7$qf@RI2*f_;TUU
zU57|vsv}o12N;1-IQ-}xPmQH1mSdC55u3Rxi>@NJ{izouy!yR(^HCE5l@^6n7SV6|
zV?H<HEsZ5wY@1Z|FUdKB3{-Y7v4^2cJO0$NMQ$NPHDw!?>-yVo{&4y|LWI`i)TP_8
zu<2PgVQYFYxVFpLMqln#AgNzgX=8IhY-(dYTZxlDLNS1r){}G?yTwGf^k>I?T94hk
z7b|Zt6IJyKaba1T+-@XkMFmRgptG~B?vkq0`v}lcr8T~T(p2z)-*))o+?xunR@-CY
z;|{8dZOqw4O`FEUZU3cjJkGGQleUdN5i8x5#KSTiICvFW#ZsweE%#-MizCIva}U<^
zKuY4-ojnB`xXfHe$J{sS<85Ag7?X8<E()AAcD`dfmh#h>jDc__yKJjvZ}DDB{>-?A
zg$kN^^nvmduCf#xtBMs9751`~HpaDughm;jrrtx4Q)i`5R$*CfROi@Qa4j#dvoc;s
z0S!q16<4p|oY;<1S#(G4R8P}pJ)eCRPHIyV-{UeK1(m5h4W|ed(DZoY=1TE<^N)34
zBr}SbmRS@G*s$*zem61{joWV5sJ9QU8&>rf5?HTHDRXU(qZZiBPVBAxbjsV!*<YXB
zT3vX{tHyw)I!HCBDbMbdWuzkBKHy)D=2<H`e6+D;ld)yM<EzUyr&;r$H=}8DZF*u=
z-Vpz76+u28uM=I7<XS@V$Aj63(cQyN^P{!hn1lB9C}O!?a@E-bBa$P}vbL;4G4oC*
zpFLYg8mgtS7}WOZ8y#<gO0n#a))!bSMBb!Q?atD1zD%uO&<cEz7fc#8)3mn6%p0RK
z-XA^MFETDsPF|a5i);C)qq4pKphmrQ$;>wIV0>l<SwJGHY<|<z({P{0Zf9+OW1qu6
zb#g*(q;WZOQD2*-WYB`DsI;F;Np!)iYA^rOo)LHX$Tym;8Zx^v>_igT29U-^aWmDf
zP-<UeTWav(^yHduc}B3z&a)9mbwD92ld$b820I_%XGTyuc)^IBx_bB&m9*=d3<^rQ
zbgNPdQ-^2kXPacqOzkWSB9&uRnqyN~xQ+!0y~DI@j*=y3RQD{~tME{<Ophu|+}4=t
zzmT?9PW1M+<$QnaAXM1tF{*j|tMa!MT9IdlisAF3;hLURhX7vWS6q^+Hh-2w=beRS
z`s@#A<Q6!D(9#@&vhDqrWcNL{S`0ZCi4JV$4Q#63voO`O1ST!Hf$B9tVyTObLrr{6
zj+Q|{4r}@Dkc#8-1u8RScl8(qe$dhI)*<zJz8ZwmQAal?(puRbu~VZyJZ$`Ht*8&r
zXs37Re)Q8=;jq*%JMw}=?YTXLZNY5*ymN{qN9;%N+_nzd+`~D}-i2%>%FEBbS(G>~
zIH9_C&U-zMu0mT3>ydytv|TgbN$Z{-pH0<?zY|4AwUin=iN#Tiwd;;izTzd!(AAe0
zaiR@_;RA=A`?N<^o&75y_!(o58HSfbh}=sV^DR@Gmi9F&6zdaIx}Bh^`kt2{6|w9r
zotE7-GfGeu0jP=`wO*K+%X$6tI-BQa#dAsO+x2nspVnT2vNutZ=lm$?qLY>;`+v4e
z-p2MEry$5OATG$|$nt#={}%hbhGa8Upe(<Xr2rQ2X-)dYH|eP<wMx)fbApqwwh-?-
zXU_x)R_~`@si!_UtvPu}iLQFCQEz^7y6xoG8OM&z&}5=5$*UaODgJ6Co*Mh3h6J4u
zM{;ZgC|>&2f$4oA?&MfaP$DZe7^1ua=BDOPH>by&sC=huyE%zidPq_1z|wts98YpP
z=G0P2q1!(Wb1$%w6WcvO62+U325V2ZkwB=2NK~HSh%gCDU3(`O<s=%qIVu9gg1%)5
zY;S%hYTRUz&z(Ha(@GN&X=`&iG4v)=L)4W&LW(AYucrsGAmNfF9QX4y%mo3-Ik(46
z=AYmp&5PDYj~(lN)9_g|5faK)07Utu_-@1yxf$wP-eASZ;mWvEbi0+GvCSOsF$p32
z3rbnAm|KYYzRT&F1tf@tB-BWJiTKz)Qj~p8anj&xOV`DlLht|H#FV_xG_D)bituzT
zJggqb&?&tUYQceO!7fr%eOhrR#43qMLxxT>rS0m-=jsS26r-l<a+0H!5qkeQ+Bbc2
zac3#2mDTXbydlJ0D+`l+l5mX#MK6Lv%rm6zIre{y$mrn9JjLAV)wbV3pw_>zL}OVX
zKBGEXefu3mIUYl`B7bgxWIcvpPuc0=Zq2cOaw<hLU|i^7?NWU3%(3h@l(L)WRL>E=
z>EpftwFI3U3HI3m%+-|uca7rQ&r9lHx6gi3!`CN#0<WIF^tPrMfcHY4zzPkbEF}f$
zZN}Oq=rdV?$9ur**nw9*qxmZKF=LfDX%+(ti8*l8XIbqLYRw6`z+GkQBGs0Y{Ul8X
z;O>-c1!+~L+De%7wT`CYfZ!-$lR@giXM7*Oqfc)V{MvNpiMf8H{7IVB0=vW<HYe&u
z`0U`JGvTI9u%8NdD-lpQAeGblS`_eJym`g|4WJ$wYgX|6q;9$B^NNw)57gLqIg<b|
zK`2B6JOmy+uhhSK0vpEsXA>*JAwwYljX%9|@Byfhl!SlwBdhm=JtF`d(0$-KS?ue?
zMb`euCQ-iFQ7E4t*8@bJ2{IBqbk+f0Ezn9W&;tDJBc1Yh+_)_1$mih*cSa4t77n!x
za4i(0ex`h&JN?xJ!k(N3=@*oJq|+vnp8Xw2^Qm5$f%JkKCve}}_qNAHXPBd91|Xc~
z3lPe8Kr3lr4V`pWddhUj(779+xSFq;WYJwWNhtf6gKt3b7z6ix<_$>o0QD}U)hBdT
z77^;(0pOz00V?IZ-XTM0$@aMQ+~XE35OwXl(@Zl-LWa(Xd4xjn2!+}bY;{r%^)DVm
zhEDs^n?6RZKE}9iu+>Q^9K#v{KKyQ-S02X}0`QO8(vKVF+{Y$l=+wt_AFf3a5QX7W
zsv3=)2Tvf|h(^MIE8!r_SrW|`Zj=rp_<R$)n~Lpxwt+B7#ys(hfjR@rafAvh6r%b1
zozzSp?peeN(ys%6p|gnn459zcM9lEp>4vd|5Q9KlOALM5-sdpP7BJ3}_*LNhSAi#K
z=D^T-5+OrpNo*WZf0AZqfG;secnAKxa`o`RLuX1@9q9sWfYvlec%`|4hpyUy`wii1
z#4`n}Z+w>3@B{LG+TP3$DsFz#^K;~*>To8q^#i1Q*1R@x%rB%D{Yur;<D~P7@>2oL
zu<3;D=7dOJjz<LNJ$!ZhtXocmzoIogBV1dOsF9Ep^(-kfz;+{T4(?4H=X;JEZjWgz
zP|s%_+>hv{(8ETc$U&No7wzP)Ziarkg=p_=!d_`|)4&2}8&9M2d)VYi&3zZCj<1Io
z?P5#Q@1n(-8}Le`a}<)qAm|VP-R`_MJGBB+&Jh8P>tW*-7}4bh*GM>sb`h8p5E$TW
z4sdqrMppJk0SO#%d8%4m@Qw_=wsg6&BVRWG2d2Icv_WRT-|5b@l~}!X-UeX?(LSZe
z`Asmya2@YSN~m72t-K#t0dm&Wk#|00K|$@%MG6PF?uPqy2Fw~)#u@vcO@KqkUrf#q
zZYc9;XT9u*I_Kz&r`+m2*yQ`bbsF*)-cyMKP3ZrP$rl3*8E3i+FlH{BH-!qoh*SUu
z&UdBFMi>D6=}8X{;6NI}_92*U0Q4!_dz!%PvqAv}133q*gz@4&d$5{+$x!u3UhRA*
zoC4=X51iWyAX%qdOLM}2|D^=e=Nvvs0}G)W8A$HwDVZ+)@Vc9H&PZ_jA7jXR0Af8k
z2KG470kh9U30|iFyp9Th;5@#?MgYWld|<(W*O>z&xX|{0!Hw)A?vLrbesaNK4N2jw
z!Romp+5$Cm;pryTGcB6wu-vL7uWBd5%LNm0_<Qa(X8c6@imu)%;?cw$LgYnTr$|mH
zp?D9M%q0m&<6+I29T~*#?j^g(6FUm9oy@r%1;mc=lHI_G9TnKl^4yLJV)x{d-E9iU
zx-?+BkaIg4h@HeGJH-<_TCiQgxg9OUPVJIi<cZw_uwBo&-2;f7$tAmi6FUa5-R8L+
z1H|s#CA-^{5PVEvJDhX=m>_lmm+TZz>{!5d4<UB7IARk65i~_Cg5ED#2q;^mt;jRc
z(~xdr%YKl)i7ES`n~{T(q4TY~>0;}rK?3snqzIH??faaV+jTf7Qbd9SSaOVleoa2C
z1Fw|eSf-HRUoz=Z)@nsG`_;YrNE^QNt`lihwFi+rGk_MKym6B6b|zz%YlIox`}5?F
zBb7h~q;Ceve#b!x(p)3`D2p%mO{B#2sgy`$6Qe>(E}5yj5@aA9_9g8k5_}VrZ6H6b
zZ-!cm(zm-blx<q!bg%jYi>a0r0_L7{f{JyXnu(|+{REBMh0<)(T|~Cz)q<V$I3S;j
z{#5{BFrIFHYB95Rvo=zY#+k(I#~W^>p^`6p-NAyuU8KokiZIi3y?`r#$42?eNCdnP
zQVG+^LP!(0gK5|(&lZ9U3jH?J_^Avn$pehkqeXDM)ZeWP?VP=!cB-WNgc9=i00x1N
z(}Xoxk|0`>oH?-~&kE2F1QS?-J1eMoua^|Uv!c4vgCLU!mjHq9qf%!EII~b-q<b5=
zEBV|#O<93pO##A1Y_yY#<YS89@G=ARG0w7q`?47K3ei5~fQKGHA!ZL;Pb#dThZGT5
z{#+ng0e6BSz?i_mfVjZ|0Dx%*nOtTHRLt}gNEnz>NW$#B^+hlN=CFg`FpGqyEeQU`
z0_IxY)fN98egawC^yAB#kBAqL?Z+W_7rjpL0_nJh7d#gL%WbL&0b9%6Hhw#p;35}R
z<cqou1qcAqeORYNbJzEfvSjgH#sSa{!Qps@W2n*hQoaDS!`+0a9gh$aETHypOcSoK
z7i#A=^>G0tyjAxA9wOl_>|Tx5;`%2S5*AmIIYBDp0-=?=UIvFH>;7dJ+ZZP>1kPYM
z*7@!uoXZA);dlcA128--IufP{9+=B8NKRll-Z+CH&|2(&8OCpc6Bs0CFg7t*mdO4y
z3=?r(C6Yih5|{HD=mbdt6Xu@OfC6q)f{PkRi@#vWzpX+8pgz~olGi>0q!a;9r=`e4
zI`wa%Bmv+r*E<*mQ1AXvPV0T|!>51a>q;c!;JFZu^1z&Gbe;?x+$D|vH7PHe0d_C7
z3?3Lr%K%pX-y)-yTiev}MZ+Z@FYTKlI1ufh>4l%O@vn*1`d2poRXu^Gm-70zY%u>T
z8<!*TvLF8|8{hv`fCT?4jejEJ*7m2yO$?69J{D<acoN9Qj^!9<06gmF@`(Odd6@qj
zA!h$dNc*MK{yic8S}RwA`P*6n;`-;ZpZr&KT#%6t^Ri{M^WID+^a)pE%+sdHwb8;i
zPkT=~3}OpVC&0(4K7EVdsJFMloK}I1OOm#U<B!06lq|H9YW6MOQ)}OZzI<PRF;&pH
z{q#IRU`q5YniJ;SJ+M5fT00-qX^Ymb!+|!ZhdC=lB=QIEyN;r}c+PJpA9AERUY;#D
z0<7-0ak3ThD<#F6CkdSP-unUhDD8{p?Tdo9g2AVYP>is_ndrg5(;5dmuicHV<v4fl
zzRuxke%bjAo|zkd=g1Kq+7Ss)xle!6$;|H3!Qn#oPz2nOmH08js*%M;&l(*ZW+>2)
zfsc#X<)b(JPFtzWU0s6cYEIy|fJg{wKP?}GN8zYUuB@#hp~j<gPWufN6PU|^iGl4;
z&KdlFI~y?nhsi_$@i+V+`;m4X#fmEy`{k6uFtDEmrpT`ZxjOB>ID(4sRABRS(*DmU
z*J{&^WA0pD+D#kSqJWPRPQgp7UXS`3@av>i##K99XbsT;Aoxngt_JoO@8Arci=`Sb
zy85zMuxtdtNhgDxvItE7%g(_>Tq5-^fdT0{(UKZLldd!juZpM&eDKL;B;x{Nc%O#4
z;XojA20o<PUoKHw4MqoYzy;T-8Vnlw16VBf(^B~V!GLL5lu+~0d5}q7nyskhkRfn6
zQ>tuG`YA+Sq_>Vq_+}7z2vSm5s=#fRh|9Mb!M9x^z_&fHVnI%zolmcr&UNqRMFxn^
z>$IRFZI*-0n}6b6n$NLkMJ^hh$Pffs9kfB&zKeVL_J|mbABg2dyOBFz*i2Esp0|S_
z%JzF!&G&Fmx1_qR;W~~q((|H<WT)z(p^`bRXRHo8tQmIii)JxSD8LDLFvUKJtiv8_
zrq%1x?P!kFXpX>>Gnr_4806}_%ZWy_%zR>@I@OlfHZ%C@JnAGb^XX`_=@%!xf^}5|
za&_K8SxwucU$sY{6vZtn&<3+kO$63?)HQX1z;Uqd($ZLf@#$d?4uBkyN2WUtU;`g+
zz|KY3%`Zo-)9yw(&T;z9AAoknd1oDmIpvkOt~+NLYxO#9u;Uf25hl|wt^g-`3FZmX
z<o@fv5p~4QvbC(;?skn)aF{1Th~D`U#-Rg5ah?wmLg3U0e4HFk>g*%T8!j;l4jL>o
zz#&9t!!6M)*C;jT$5@U2hw1I-i$~fpn1in_=}f1c;0ki!>SEUc=;{vyryR1K{vXWd
zn7Et}@YNNSf_b=5=@nMMD)l{6X{}c(kWN6A=jmiL1->)@ACNEB{8#|x*G0S_7|9OA
z0zQd@O8_j|%Q|F9{$O*qF@Uvl**Q33nk%eacP_$lmQOG#DVNg;0M`)!XN?rHFZ|bi
zH%DMy<eFvb8l&JaAw3_c%}r*V%S!rdZC)4Bwc2dGt`y&^wRzb&IN&!|vU%M(%M~d^
zm|jXInD1+~`Cs*YRpEfDu5>$an5VUA15_8sr2;_25&#anSf>XkaKCB=@_MCu{J;(K
z1>}1LP`WJF`>?t9hndq&nDUx)a5IVk=3aE#zc>e~{-RCmwEuHkxD5RN+V}L8T$*1m
z9w5w<K5H_*4(t#>6#r0}*MVJcDc33G;HxuFxhU-G(>cx;e+v{B`07eenYn@-e0APw
z|5}>=!`U-e5(2)uq9ia67umeR3RvP`7Efza1=u&gT}tO)YZLhz<=1MH?s{#yUaif`
z&cU^bdxe$1I3GRBCzw)&f7v(xtG?l`^jX(yjDo{F+cy)!IPflK^RN5nbzs-_&FfK{
zKfStdUY|~XzBstagRibs{#E3_)j#c<|HIiOR}xZU(=1$59ozDUvEpul{HQvpWt1_m
zt7CR_MQ4{W$QPAmk?4)Lr!9SAEqO&PxlQ=YnoT%cnSVx)3d42_N#$#v1-9j0w*4Nf
zTxI2=o6*kZkGKzrm&Vwm$}%>cDoS1tmyZ}2hwUE%zf!KX?cYd?I}+aL+_JmZ=o!_c
zb=-0|w=b9BJPiC=v$B1ZT=4#)U7qr?^X`#M*+Pc1O02Tu@f>5r{FXc#TMNn2zPPc^
zacRHvzADMq$kFWLxO1g_SCh3dG1_g*6;eV6q?^v0LR?#SR(C5l^7Crf=_v~jb#`}_
z39Am!(T*Qb+CnMV1RU=s+8&csS;99(djuRleI@UpNgUM?M)Dgb_F#N{Z@p_|?{{kI
z&Tl;D@8%5CBYml8Zeb)tW4x3w*@wF`I;z-JoBbU;#+7js&TTr`u@#dHa%^lmW#2Ns
zI?9dw&Ms^@OmQSrJe*LsUAN_Xxhz>}ww+NX$G~GgM%>BpyY`DST3b|6)hy~8)#CU0
z&Nr7yjEu5++1N5NMl5)n@Rq3Va0RwGt*z^oRjM2}*hd~Acl<#X|5H?<7c_b2a7Xp)
z!CGRpQ?kHr=g`4m1J5B_ML>%41_9IIA=Rd_-E28Sr7g++%izPn5f(Ft#6z-Soe=@&
zBI=_*%ecsP<Ib(t$gdqH@@)6v^jAOnD|0!2cXF?%I{w8FuCs{Ol78r_pySC=SBa22
zYkUNQZ@JSovQD}$YEC_vt)P?Fr6E<|yz+CTh`If?>eRk$gXsj?ZslfJU)Ym9fl8=1
z$6K4dyKG1OP0l_1zpPspM+1p?>_GIf3p_?VhlaN6Id%@wVZFS@AS2r{C+~&|pU`6m
zp%S*JM+Z*DZ$~UfW>_9_9)z~tqva)fI37Wm)jzykdZ?pc20SG*W^`Qq;oc^1cZz3c
znq#$HSxIk{xV2}aL;2{!(viCJFunS&Iu1SSAn+7rm5Hr6@Z8MO8{6&eiNTQx^HPQ7
ztynzP!?FDdR;%OHRBLCUO5I~BwEYMk?r$Cbi~VqAz#}xq%Zm;rhdD;E-EDKFj$*0V
zgIES-M=M|V*PYCr4_@u}+kfp}W-A&R;mHb>%UB#UUd))W%j@^7D!1iY0iMUHJxm&!
zm@{%NuU%FhGA`U-G^;RXD>tapKgd6_v~2Y!8Pq>4)y=j_T<%@e=T=Daad0}&tyX^(
z`)II=g!3cG5!%(qn#^X1ExTc%ppa3Z{?lVk%;3j!Kgtf84L(9Y#6jWgO8wPcZ`S#T
znXJhwhW#a{*$~h3NvRhoFeo|s3r>!BaW6RN@9y%!JXz=;djGy&tZ;y<4-=~Y6-7u4
zC56V}JyAp1XZ4E_Sx<k4J&W=t6K$g`D1ZjpCkmy!S6L>_ES6|881Fq|rR(Bwn8FbW
z<}6~46EA&AgZ)EbP#TA=13AEsQ*^J%NuA;m#h$yxqqJT4C8%Y6<~ZHb=O9rtNtfJb
zv~S|VDc6rY2a%1(tPdWj>8tui2peZ^zK?QfO?}zHhlt5+fgXKCtd1y!+4+uici0s*
z=>03;x7Eu%tG0Y4Z1j!P)24Vy8_goi#pO}qjLEY$w&1NeK60t0ByUz33>qzMV-~{u
z^d^XM>C?^WdA?W|`mFoxoAg1`aao)qI!O(M08bQtg?57>)myf3P9a^feMA{*fqkOe
zdvxE?b*xtq_(#{t`CQHQbqiUPqnY{qKHkEo7ssdPsNs(a=xD)8p{1^V*ZeM!H18%2
zon3SP;hZ_t(%g;T+V<=ya6$-us<Ao8$hlIwX>2ghUK}{p9I(hmdE^u2R@h?glQTpS
zNOD4ZO7K)XbkUJTK=h?IzXyVOQe-TW?EY1Bl{frTQva;^k69LY_OQ>-6A1H7H^|<o
zIv?pW+OYj<Z7M}4=y*=u65d-M1YM@&{)vFal%iAWBdddbA%^^;`3Bdf{AUt2p|kg6
zjtB7tZ*fU|+bQVE+_YqNWI{t^pWXzq`cvdgYRc%p7wL>iDEkpFNu!INmLC7+PWp_|
zvJo27gm4NyzK)^v&9VSYO(rFUNurLr{T$xmJn@LB=(NN9AFihLP0$^-g33&Iaeg1(
z_IbU<XF48Fxb0_-VOEN7M^oXCXkzGws7p1y;D5W-#bf;^yF<3-G@IX-pWzR2un=&D
z47MVr^(`p{e_9x+8M^JGS1`qn>|oe+aN2cf7P<SRj#6-Mw;thU9E-}_!Ke&pk|Q^7
z!l~4#GnE$Bc&B1Sq{ZoBjWgBZQ;<PixAC-LYU#sgN2Y;NO{uLu4h3roX6hYzCA7Wo
zUcOsYx%fmB#k8)O2NABm8=dgRFFtHXNp5^gMuNA9a25%~olT3g3|v?JO!oC=kdsA&
zf@o$;^5gXi4B5De8+YiRd0O5<PG}%YQnE-=$`^mm&>-{}P20)T`$cxnqga6eUwu1@
zO}4n2Ip)Cl7aHN&w9ldh_Y$1VGnep;9=U#^h`;-3xWCLTqR?_fv%7!<<F&r%!^(jU
zA-%e9#RNm!&-524J&8-xA|AP_P%bHY=#CSk)xs45Pk$VD9Kl}g1hN5tr2pK2f}&=G
zg1U9`fTOvEt%0^V<mvp^ul+L~p&!wH*d|6mr<cJ@yF)V<IFLxTC_6`sD5lY)hSdIu
zqpGsfq=oW%me#Bl)*`(P*SaGMv1(4gWV_W3?raQ=fk%`td4Bc!CiC9muar+@Z>{=)
zO`(*Vq(I2*6qV`A)h2;I^^AtnLpw4H!;}3dRiYMFheoJAa_P%Hc{a<oaNkhYG#_}s
zEFqgIM*abP!G=9navPAk45u$sf0~(aC>?ctL<2if-KMtW(Q_Gm>>^ivb=n5RHm$UH
zH6v&i|9Hc0WxrsYr$gf-3kxiYl1YcFn|k?JRs}lP6C4yjIiQRaW{00RsPq-L`D~>W
zqfew;l~6nNvi_*A<k-LKgr`uQgOB9IT*dwreaCMm9K@2ZG(T`4|D~30hD;tdH$!3=
zMZ1uaT+~dc=Ab%jh*%)%W~cRoUQ6z-JkO&;%&B6GU8<Q)rh7d<i2tOkF$+C!kO*zv
z`6v~X?3p{hryXYIEUQp_NB;St!!6?bgor<Sq~R%Fw>9pGIHkPOPK~$ElL>Z~o}nRU
z_xgd$r#WP~^zluk_;ikaeg(E8lmv^;15h4_4V|O|4frMN6=FCoWmNLx6{Cl#3U0aS
znhJIbtOOYOTF-cEGYZPpSVP!9G2QmbK=7oEbW5KJ(X*d3Yh(M>ub9=3+g5I$TPMea
zZ7CebBBP~UKPz%erGV5q#XJ2LyQ0#{U3&C;9W~>zE%$>S6_qLL=|${43__&wU^Z>a
z^jX16ZWb}stX6!Vk$+oW_EiSHR#bNg*)0;fs(M7Ml;Cl>X3!%pE3fin`{x9Epm>Vm
z=KaMrR^vO5NK$C}51*~v_X<?{6YI}T;GPUBOd&Y>_OmXU3{#?4MY3V#+3$6wp9Rjj
zjE+xV%fjiGEj%3APPGw+@+8X1vuj&wZ=3JN_T*09SwZ3A`^@yAp9n?c*1A~H^pH`T
zJyE!IS<I7z_Qv4CrJPY539HA@?~kkpLM<D6uy0zY^yT8)KEZEksC>)6x+kE(#UaSG
z?i*koh)d-8d-j-oI9P<|Wu8yO!SMTM6F(c5u>|@p_r%tQrav>o?GFuv<)94D)2ud2
zR5m6WG&NBd-n|`l-~RP|nKa6+kj6bWQ+dJLv^Bf%SRTQ4jytjwy~^IquEAAv{6_b8
z1wtxKW9RtP@|-y2epyf@z8&nli3t*@DX@Ew^4k@O%~zI1p=4LO5Jde2wx|k+0=k_q
z&H7dbkrWF8Od|=(LA>F<%j_{4H5cWt*av$*6*tTTc!x@YId7(tZN@i_{p?@W^w0BM
zB+B@$HnZZkXr-Cgzky0@^=%=s%y#BW@m(2SdA6fyQ68ehWsdt!>jm7%GdC7_!&bxy
z<F$+LEhJ<5ZSL(^V~>d%$P`riP^BcuIvz%`|DYd!5#+!jZ~BS%fzj^wpZL#O$H^WJ
zdv}-7yhG@gdiI3e?Jlk$Y`2u%-CqJ5EuM!`&jR9|l_qNydA=lX_<5(SA!|S@mXq9k
z*YZ?tFbmnE$i{Z=T?4jn{Jb|w_1*6hf8NQ%EOve`B7Y)05dHmDPRQ#nc#9GWzNcZY
zNf}-|L2(yDheCwXKqShMtoFquhoTGAdlzcxV+Bv(I#kYweIrhgoF<?m3mL8%M>VdZ
zT1;#3Dbxoy^f>jwI6;d(TnxeI=+JzHb~EiZEU^SrTsqyycNll^uC~M?fqCz0pcUc*
z?|VT8{#P~AHZW(P2Y<!{2^+yMp*+dP)K(QqtAk<s(wFo619Gv~OkzY`pl031*2li;
zyKgask3paZ*=VeBR)pq*$p#IKbxQrR4>O^1^=Z^VrU~-*9|}Kt5YHO$W3vyPZhD>K
z`-57eUqvG32QN2}0_RK3^R=y!us5N1vT7sAgq|z*o4#WaK5qNnfz%xtll^7kAobx&
zO6&UO-GBrEJ`=i)z$6hLt54ZHprOj7^<+(re4CL!$Ll{nV{`9T#V{s&b@uWhQX1#%
zUVE_(p7c$#B;dt1RKQ6P?WFgEA8yw$Hr9t6{(_A42N}^Ds=TRS919+=7Fyl<s-ACf
z%h&J=g{^|tJR#9f60(^2{8*<TA{|usuX3H{REJATfwD1{`<(-hW<Q#Dl3OCk^+I)l
z%_4GNc<>!!$-v__8o?rALuE}k>q5PU_(FNR2lp-G*yA6nXiW4!*(V7#CNvqNfYN;!
z$0|_k-P7045GE~Kjh1y!#~<@>D_rfR;+OF^?|<x8;U$QGerkFl%~I$bsz3{~-tOK(
zBGoYuwb3oJpI_;@Jw6w2CYu)hz@rYHP<@l~0R4{RWb!hZ=Y!koWziL?TF^UY^kpiB
zk^!v>RxHOh-b1iU<ZyMV^ELrCyPT0>d1#Wq{%~!&?>(~R+d+w+j#JE4mBc9K6kBQQ
zFMOIeUxsLugvDtm-uRHI!m$W5z2cd;X(YOek2*8b7cX%muX|&^G~&b%?_?>i1kd;L
zX6ZbCrAY;&$9i{M7?eS_KO5&;>G1etqwo@}SpN>HX2qz>i+j~|?LIzTFYuP%sJ`iK
z>9;E^-YXZP+87scZ-$nuSH%e>`)U+YdTT9p*QkWOgyZP*__bqwhKd<|K9I<dfO2o2
zB=khQm(vOna($2}(tAd9{%lM$C;`LSgwGj9zi}DREe^ibxwU?pTcj<Oi1#r{%2*No
zzE3O?M5R|BL-cu((Cg<P7pZ>cGES(F2e<iLEZJMx3O4yy2_0d@LMrso#~I6AMp(2$
z7a|hE36GxTTMmWn<V>}UR;yO86jr9<1}0N~G7fl!m^j>UqXh$wMZvpVD7hm;5NW4K
z(t**tgOwD-+L@9!{rq^U)d@5*E?ZS+X`|F)8ThVtxrOIyl_rnfktYGfs|Fliz%Lhi
z{oL5dLfgnfRod1>+guqe;Cks6v06s-gOKmN_pN4KVD;?cmEvzYRg*_Gc&n}%3GZzi
zU@9U?E2iHy^}<<RXtilvTiZm3&TCijcYpg~{JoU?qfypo^l#?Ls7<=#Bl$9tVVT3O
zimfx-=_sJ;S7O|r@(+3?=3|l<(k2X9zu}R(@C9=FRjXv6KjzmL5>=A3S9N^V#EV02
zjf!s|Qbz#$BBfmjC7A@r?<0e~V3Tx!p+$nuB7Vx_i~v+z36*K~3Fhtsns}tCc2l3a
z@F#M8Pyu;n<T1*Dl*G)wBV|qS@R2^=C__o;fv<#3%7&RjD>?l|Zg{nZJO`0S*smeR
zi<i636^(O^Z3hh8!;-FLc5GEO=UE-m(^`$?AAa`sc&}zV!(w1382TX>T?U{XXc%nR
z|NLGqfK<qzci?wl{pBrP*JodUOV-I;D5!VPIhSXjy)*0j^y}}6x|lu-EdMuej=JvP
z`kOk=9k_f!fH?Tu_jX+Oa{Y_(g_rl-f9nPEHTk-i>xb%dFVG*KLcClYv9C|PzWH2C
zjpM(v6<wcry_sK3^b$Bne%9KrPrlwbE+#9!giQVqZREP2>qU9thhOM#OH@J_4tPNr
R6ciHh*A3`ep~B#+{{<(3Gx7ic

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/checklist.en.master.xlsx b/spreadsheet/macrofree/checklist.en.master.xlsx
index 9f5e356904addf6fff409722919d89241f1ac85c..e2c2f14208c0cf10ae826fb642719e545f2f2284 100644
GIT binary patch
delta 257166
zcmY)V1x#J*^F0n1DN<Yt1q!ryDems>a&UKdhr)&e#ogWI;7)OhyA^k*xVydQ-tX_z
z`+t+2kdS?nd1ls{Su@Y<nqrLb8VnQ#X&6}SH*ek`yqUtVi$N*Jfc#Oz9uiA>2L<^r
z^qV&rNmYul*g#;6qLn`bcHnF19g$Jp5W;Mb&5?o32buYKEeTt#6vod@-8XCWF0&0~
zRsHEsCvNgT6Y8|_;VZ|~?dScXZkmaCl3WQ-(P@jOhY8I$;-Wu%Z(@`~LY8kVP#vJJ
zew$igA<3Gp0R5I1Iz%V<JRIaGxM(*g|Azd_RkneEyav$qhcj%wu7i_-Q`+&gg`73g
zh-p`uj>YgQ&%+~aD9-kb3J%dh=gVLLj9=f(c%SfeK!ZQ{PoVDTA@Ei~QN8P2-+(YH
z{q||2+B@`+X7qz3-e72A0uTM&!O7)7b1FYfz2ZvYV^lI$AHvr~mM!bv%Zu;s(9<eE
zwdr}-YVGlWpD$y2UQ-oOI<Ig3|9n<^4K)CV`H$DoFmtV87h&G~`1aw=hc`)#O0f9A
zQJYQNl0+=Uom$nk0a=ELL=X4G?*rb18c=}&Sc<H)^r*qjmgWsC6C+8;N8k8(8>7c1
zdLHOcP)r{qVZoVNwe@(1N*8|I(Ddh>q?-;={J@t|`Rg`x?!!aVw(?g{+slbhqu1T<
zQZ*M(dbU;{4Zh&=o{O5rvy7+OW-k?B*CQr$iD|{I$Mtq7W%RpRg8HS7qV3`1X3mS8
z7r|DkPciH`2#d|?*s?q9*bTU^eK<BUDKMe%*&sN7XnFr+C|$gKI@_x%QMGEv*6R7B
zTQ*Ez*-_hJ1*qe=-Ev=dmv%he`>ll}%s*cX;t%lav1Yzr?3G31Dh#V?B@6(1z-`~l
z@1YxLaXhfU4}DKk^QB#BJAKEK`um0Pi>r$V(=`q5%(5QMeC`<V<#QVidue>7iC3P+
z-nia+?%ad;&qGNKALyi0W_!}{oOA)LpHJgv=c;8plXgNLlCL>hxIS*yyy~v6D{L1T
z&Gi>tSh``2I}cGLODn^1K4yRk$=>7j$(`1>I~xt3dr1~{8h1SK@BE!+)mJO;$)Kf+
zTW7t~Az33dcCTB6xi5C}h4UqPY)@8Rb1e;wmR9Tyaz=;gi(F&Ub1tS8$9MTyjSia`
zoH+#R><uqqo1?ZXZ~9=Nr>A2S1bpIOV6-_ei*ZA@fUqhDjLem8{W2h|*a0J>DOeZI
zj~xl_#Q2cZ_FGR8Uze{Bis`Wz19M&H<&lGI6<X!*`$v|SnEB%{ldLw4J8lOCTRo~f
z@wIt^XAbL17sngT#o8oA?0}nMBnv%-$0L*k+W|U9``_((Hw)7E{5g!rR+d>EMe-Ih
zk0py{r+Cly={KxS6g+^&-kC8B`_%YOLLrZ6UgNiZNOVe`3{~`LGrIX#{fR9O2Z=8_
zp2p_96ki)pGx$4(ATNwBiaKp~{2|?0+5dR|doZRl|Fv7vxZ4-VSQy^&=8kq;@@0>-
z^|fw&YMSp7x34cH(;i4XeYuF7Ygwbt^r_jVob|lC^(HTC1a3*5>*x+vvh<F(IX60m
znb$0V3D*3M^7e=~%Z8n3AI>VET9w!P;m+j!vKZFAof3Rb*;)#hj*@L_x$V<dy33uf
zCCBKtY2p6w?XlhyM7UNv?YC{xw=zj5sdOs@Kb_?}3|!|ux}AS!a}Df&g<pN{Ub*<8
z*NS%0iv=)&2t4QN!fK`4MSWhO?w<)S9-{_M`B`Q8TV^u%RUZqrj#F&w_XqAh2t1?K
z?fE-yXZ%hUhJ&7b!k%7WE*`m`z3g4%qSw|A*D_YgeTb87f7mtS6_W1l*&MEfuiG<2
zZ<~JVSR?6p^?iDw6R?H5c<lJ(vpaCwaj-`Chz;BYLm?rn8+H!8xjHeO|Hl86WW?R*
z?f%9x`m+sbz8jjiP&=iyov6<8AY;VGofHYbD&1qOk*h?8=dDrh!yNTW4-<wLKd#DR
zzTwZdHVoe4$#kNcw%b)q%H0P3{>1y-iK@LYhR;|F7vs6qu2FEmZ{znPPj3pPUvLke
z6>tG-Pww4-oggJKs$MpFlm>pR2BwKG4ZSyG`VTpb5g5OTzrNVp(ca`TtrY1|9d@*L
zuqHp3j4tCn7%SmL;UV*5{;-oa8rM?T^Vfj)Ux}^x%7!M^{odg2cUrq*R8}s<1A;DU
zKw}IA#Zkzi?~Pge=(bVgi+I!fS*34uJ-Ao^eZ<9e8yUhGxsE1rXdU$-)0zgqwcGo~
z)iuqI5Zbj98J$hqjTgx=TST)CzF;Z&ij?AT2Gu?G^A85MbDHY*K`xJOCFhpv)f-wq
z@a)Ic%Z>iwQqvb`lF96|J}o#dDA_LK{77M1`<iD`M2?MmmpU4}np2WBl?HI-iTtlX
ze|s_PS<p?p-s!tSd9@CfNwdn86@e&EGLo-11X%QjI34laNb@Z8BBr^bW#mpMKX0&S
zt<p0^@rdz1@xArghuSkkG6Ns?D~?P}ASUnSf0i~)8U9F*xH2JcXl9!BN2bNa)Jzct
zj)p-$1nMiygi(Y$vQ>|oafD)fVJ+MS@M2LW$U$I=()GavWvb!__w@cVF(_y@$)Igv
zm~!Bn=C)f{<>G2}F@ZAvBERL#D0~uXaw<#uH_{o=p(r-4{%CSPuDxKm!#@wt$Xh?|
zFe82$_3im|4_nh(vN1!PT?<=rW=h1iiJrHNeQ!Thb^4OSl_3j6A?dTFP{05j2bR_h
zV++n)*-!itXjFFH0RkF%;R1Ls$fTG)l&K0EX6}Z!JGwt`&)QBWyW!WN{KCn7j<SlE
zW(FyeADbgYYd~h=T1<A)7AtKoUaM<b+pXQV7~OOHm<@z2M3<ZDH|~1IG?*R(9JuYo
zV)runP2hfZ9~2!TQ5>ookr*HWao^3$3)I+Hxo|Ab*^<44^|Dqm>}^^;bgk?Cg<o}N
zj|8jGBV21L!Q<!-#w6(0bxPswn-;Hj?$a|-o55G(lC4W?(x6iY8)S9|H~K|Ju?utF
zGs{L+-Lt6Y%UcOwb3CHgC3QP;k2h8$t%4L6z7hXEydy9^IGiNFfFsVfAFVi46RFXg
z4Td?_jFFHPk)MUqPxa?kn^4Fa*#nrOsucO-Fk@6i_7#ILdFeWxFafVcXK!}iZ9#RR
z?m=~(H5BhKmy~<Ho++quvyS0j%dL<r7HO9T(s05_7~ro<SGP2-R`8*^dcz+-h!|C!
zb}-kk8PTS&5A^r|r`gY|f{$&?%co6SCbcp@X)a@vJv8WyUTKEaW4C!43EB5{CxNZG
z=~G5yKN4wdjg)Ag4ma^@uiMmTpZHp&2i}d>FVC5df!AJLayoqxfyo_tBWi|?fWqtr
zoA9fhUHnwZ{_5%g*7^sM6Sqkpc^0GfxTtdDI341D`~gt7dgC5H&@EoCY*d_bRi6%2
zW!)>{Gs?qqZsFZ(d>oSa6mH0V>1{OUHdzt%83|h>cVH;ss->O1<j`yG=mFx6iEG5y
zsi0z_5+S%@yAx`^>kzFWw8c}zmMrN^Z+iZ*B@l=m=jEDGzGF0u`=?3`|6qIkL1o*M
zNB?gf6u`-6xw%wI5|co;EbgMTddthapK^?U;=Bz^_^*K!uHVp(?}!%9+cqMJMSN1-
znY#8Y(wXS1jc}F(2R7&5FVHv;j<dP_^VWwNff(}8G8u`Et;amBc3?D;e`w(?Vb&Rc
z^A?uRM5KHcG2dN>%EzAP2Y>5Oj#b4-ePD$F3%#$KeELB3oQ3vQYvq*vNl^YWX@+nO
z2T&V1lR?FHo#9&nH~A|Oe`-)^(k)H+^(X{tl{zIZr@s~Tv@7^#wGwviA4z7(L8!(k
zmP;J%uu-*kL6m_$7Z5@G1lImuZ@l^mtEor)--mb?b4ijJPk5UKHGtF~VH_}Zl-OYE
zuXobN%vu7+NPml$X82#6`I2Dsev<v9ND6m!g-Swy5qCn|5dWe&qM1u9RtJShDA7Fz
zYdB1x{Sw>2C<=!hgHSqhUAM92UzPc+sG239UL|!p?6{(dZ}CaM!q<FJ{-T`mLVzIw
zzN&D9z?cLLmJ0F!Xt3Qp>phXji+<x58t4r461+GIP2qGOm!y@s$5yOOxBcGi{C{b%
zK}Cd6`IiQhJOX!k+fdCY{#c0lobt0>Qd0LR9o~6`Xl0GJt<6|mHSU*Iuk4%y3f0|c
zcH4y3-SE7t>XkcTRh6PMBm8gNfP52`5N9*qU`rUy{P7{Rg%RZjdAJ(E5e(5_C5T>!
zfr+=LPSKBmkVS+EQSsj=Xpn5DR@<F9Z2@(hEJcDS#GOhVo1>cGEmYKHrv$}kDT=>9
z$dVBo#5=Y+!0YF1@s%+r+~8pP{FDuY-DO)ZkJ|jFIR!}lu>M{Od4M1B6AS_gmzwKW
zzK#c!#4ny^Fb~lN{d{k`ipeuNA9fm+Yl2GRJ4(PP68kzyJj|By59Ryku#<Au+l(qT
z!41Z?dL)|GEBF%73A8sD-JvF_{Y|*{BZ#EY^kj5lr2R%YS-q0+#v#NMVzB~&VO0M^
zDv(7c2F5+M8p8d@LNfD(b&l9iPuXOG^RyknrK|a3EW<06mt4wwaQJ&7+V=6#j8IJD
zkDqCDg-M1#r<)rF(%%-ij9Vpd_?nEk9&|Yqb3ui~kScs8ojLGRH!MlTuo+oy7a5;#
zW}Sd7F+U>x;U}3op4*9*eEe>#Rr?19u<XW(C5QhgXt?L0pP4Pd8u8aO{!6#`ipi$J
z3WxOCeHOuceowDbIyF$Yv*3OApYJuoA>a87TG}0sRwcb!uBQEw(Yd}7gLUt#U}@Zv
zn}OHxl@s~;w}=?&;7zeQa;H5^2cyHA*3-rTkF`_MAAzWu_uw=W8Q`wubdN2}noc-?
z>fHrTtb@PZ(IYCgtw_w<P#Q&J6QKuhApR%Bik}cGkRJHRyS*&evWo5Vk5Zv}EY-eq
z;1NqI_~^IgwP_KTGSSbDPWL<>@6|*L|IkdjR{ZtLAx1b5v9;~&p_7QA4&8$egz|}X
zd13*hn5#?hZ477_VBAbD`5~gk<VL3`%vFp(B{&m}n)4&vOsJ-N#NgM+U_EtcQLNB+
z1{704>^)c05r2CHR<ckU1>+EsuUJ!*k&2cQd#RQK4r6qmP`h5^LX2|BVrxiEi3W!M
zjPU%?x^Wn7#Fb~{DCUT@L>Gfm?u{{*-W?;~lz@LP&Q;7Y1$^#_5fVenNgG$+E+D#u
z9ybkPj}u0umtO7}K3Zm{vxNK-^Z!aEq*DIwq;kl2l6BbTFvFdAQ?TzvjUoe*P;%`7
z!I(tKu%6X!z^0pZA@>9|+R2HNi7g7$Cu}<jm=R7;3z9iyFG}rU+7$R(ekBBH?V~SB
z(FySf0E2_`F<U6~jvQgJET%%+Bm>VqxL_+|RFGB($^Wu_icx&SR8wI?tm6$|T%~KZ
z*EEvXg9{M|uA_hlKN<ep>s2x+5P2f)5>LbbjHixFYGE^7@I#k^Fd7_F=|lwmwtn9H
zEcY*F1S(6N#y-#DP#aC2vwBprJ6%U0jHfjvJo;k}v35jK)BU7iZxV=^F(rUm#WRG>
z<V2gKEk8WR-R8MStup&t@6Ar3cam=5&hGo5$6F~iOA`&KumO|nyAltsqdVthu2{l%
z#;w%+-LmXA(P*gD_s$4|MSGr#vEpoTb=yqijf6Nmx}BRE`u;qmLlL6!J}wHtAm!g+
z?&T@Q%I~Gd$`38T@{#alUdF_DA<#=#)BSvEFuD?6$(wPcvi)548Z83-Fy?Y!yv2Pu
zO8cj|@l)R2b2rL}^K5iE^fmD`hHBgIUP4O=Sha7?^jW37{FjC++CkSt&9s&}A__O;
ze@F|h9w!CK)3?j}yMY8SwOkz|gdXpU{7X0pLB0Fv)MG5QFls-mKmM`L@(6iS`$+K_
zX>(#n5@)Pto_PwUWb;3ATro)X?rSUeN^+(Nppo+8OKw1yQ<#LsLCxqFV;72jjfLOl
zFX671C0@!wi1#RgeeF4!b^J4h<;Oqp3n_U&-VV4C#q2X!G1e)}8fx>X`!2-}PRwN-
z1npBS#y2^IIL9#&g-TA_RkE2h=nZoS_Y?9MG2uLEmx)r+co_G8*-`7`fK3SD3Xow*
zgvGjd80wmMKZ3*zuO$C*_k!Wf!#b#oEiuhrA%*I%mnl;fnH2X@nG_*j&cy@vCnZ>L
zg9X1VnI2pTH_;mZv^M@&va^)&v-D0b*)(BxM@M|=zG|0y-r{=!G^#qgQReP8{Uc!M
zVa}{sV|hP4>*$^@<XXU7xs5QinLt*IESE>rE0)%UHFg&{%vbKcs_qu}&bt|puAVvo
z-lI*cBGGjyufZDT(a!nZ#>@)9T(I*{#Tf7e#^iQ)-I=A5a8VGXb}@qA%maT1{Tmp;
z690EfgrMjH^zR_<Q8USS2b{6ka1UKJqw0Pq921B1T?=d{gOOM_$PfRXvZ!3~J7_QU
zI|y>hMSRF1wc@`y2RCF=@Xj!I*sY?X=1H)Y8>eCe2V3BKo%=}~tBlL8x!#o<j;K=3
zyy=3LZDB?6_BvJYljPchCayXh+tI52p}0iljPzt15(5@|i9$gIY(!b16lk(=Btx34
zB%YB_gZFI3`?<v2Xtg^Xb!pkgwaiwR!AT&nME`NXqgI<9vuVqV#zjb<LcGsevP%R1
zA?Fx)WRy2#X3n8j$NnpIW%58(W2`Dw@wJE}EK_+gDF{n~rufQ*mtsML#KSHzsjaPf
zZRSi&0U(PnryLV-dbOtNw{Q0RJj~vIwINoKi$HCmb}zej@X@g5$5jC*m4%o2Tk3)-
zjKXG>-&X#c|GujYxj)&<iPZvHuG^VL*DS6t!6VoK)Ygx|g2AVuRGFfmz!6HjqPjzd
z?1<`^VzpEuP8&tLgQOsXu)k@E-5al<%B2!qRglh`@x9NJMG@VETSPFP79V=@N2-f+
z?`e8b%Vk2z=TJY!RgTpC#(ZgJ5JB}iT)Ch8IWh#_ULik$L?)tfX6o=5M!50hp#)?5
zxdn<nF(nK7y>!q+ut5*&<>p9QQ+R*maO?E-cCa*RizzerrbVZbL51{g?v&17ugO#A
z<+q%$7PLUTmd^z78VKSwrO(!g4k#w8O47`i%1=7R2blvoaX+`Xp?*_c!_a`hJCp!|
z=_2)ZMjLXf37xvNnzUx9!|Z6@L(4Z1yJgZSa%^P1fOuvuA>7rjQ+R&Bfh)MQyU23l
zMScpCdc}o4=0vH_s9*b7yCKqpdR{a)rR$`kZtYji29A_kO4B<Pq+1Ms8HV+kG{h{E
zE*CPj1;%NCkYvJ<u90!;4Md~nnlPXwQ1P$cREtnTYMBEeDUVUu&qzdxRghT2H(6SS
zfELjSUA=kA7CwTcR=^p1#A|>%R6O|sq5Q0<x81W2C|Y-dC*8Cd?pF0C&(n+$$1fZd
zU>O9K{*avuzA%8W=oa&y!Q?4QL)}RcTq7-!U_*bFH*%dqyaV7}c1;*Kq>GGH+bj(_
zQet;;AVA(>`b(s}Y(*uL+f*eJ2$4`BL>dq@9-W3l#aFJF84wKEs9dVY*ReQ150OEC
z_qE<7!BR&Jtdl=}9lNk$$I;+p(RQzmlk(P!dq4I>+>&78Q%f;iiX|@>Pg;q9SQ?WX
zJ)rnWxo>Mw{9D3ja6U1fJI)uY>ooBf#qnP<yv4H%<aJ{Wq+L9b+KKQd;U1a!nN-8j
zI7L32MRMyLP1Wi7VU`*Hx$ioBimPRAnhWASg>i`c4w?i;WfnH4g+CA#@5#}F1S2Tg
z65q}wzq^-LFRNKKX6TG12DCl{asD-1lR=1|ZgvwB)@9Y=X)oj)7KBGY{IlHEeza6~
z&6qr10oM;ftnz^lf+M0k<I^rEJtE3)C(Mm@PspLohun|O%J{Lpj4v{XQbSx76KbWw
z>2aUr+;^F9cZ+!RM8e@?^j&e_1ksxt(vtl@fp)_GatKH<j~`lSD;!F3Wb+FV^JHPd
zFyI~#i7&TEAu6J*iMGu%nw<=9-+KrFFA%l8y!{xTluh{EpD#o_;u*}@KJ!UqCy5q&
zdNq{L*um9(f0x4uM0B$k%kNrIz`BcucF4x2%#Y`Rq#~h=%hRc){C?_Ro8MUsxqstG
z7^43L$T2*tFM&|peLWXjq}(kF89*V&m{Lc}Xpn*STbKf}OA>xl9%LPgt`WqePN<yx
zm@Wl!w!i2os#27)zD<>~hM?nJi$I9%0;<vn6Dul5Gcx*;XB*pl0v++qhEatY+hG*?
zhWeQkds|-Ma`(pd8XB4u4}H)bI4VrJZNSb}T_MZHPEe`dcrRnK1_e(}vg7%O%4TVV
zxp<`9uo^a!{#7SaRW^Ir9fim-X)gRKkh&EtO_W^;#<%+y-Vy93Put+)-!v?wMme#z
zNzu-Y)TD4+Z+3f`@thGU4K20{D$-y-!7wo4Q16TV6}RC4tJKu7uJV*DXIiH^u0->f
zCBZ&?(tS21?3wk}&&i1{J!b8z{xw>-yDJ0LqLao!2~DZi_%yy7xl?8(<S-+QDi7go
zrYE{2-i6`)%>9az&Xut_QU2_B1ExDknxnKKLnGwHV~ga@v*p^szb^PMne6%uiMU5(
zb?C2Z@XB5Qf+pA*jl2P9(L|~mrqAAVcm=htmEhXKblLS-B<I=q<4;M^x#r>0#c+Gk
zfz-mW{8z(P`$@L~w5?NRj@pZMPOMx`Gd8qmGNKYChQ!l{*fRk86bf~6AwIVNyE6Ij
zf8!l%F?6>dyU*8D_5Cu{o33OfvvT1_5z_>Z96*`^hJUYg8*|y$kV^trdS7+j^zr+z
z_Fy^7{^~8!s${!-B9KJHU%Z0N;-eSa3ZqjYaP_1^S5j{9pBA2fc{xwY*}&1L_{pwj
ztUdw!PHDMUPte<;^$%z8&{Ws<x1KLig(<9LXjS?>WjU*fns%c9MlD3P2@4p#d8?UM
z<fh6+w-8dM3{&h2-J{ihB8NX%z3Q!TxRGqilcA;LvNxxfY}T!q!{%ZIH*Z^_N&soA
z+C)la@%S^2n{P8iDjz~vn77IjFp@1$-&;XWquSs}2KOCmS2ShVkbg)6=SL(iCB~n(
z;VeO+^?x%4(WnQI*R#0F+PfHETl9NbJ&GbV&pOCFvW9%OXRu{aWA(IRa3*RA<lNxl
zpW*<6n5oLhtR&lkqEnKi8KfM+u2K;J3BC@=93=QrTTD=HmmHo}xLC=tlA+vA*fYAb
zoNZSzmx)a;BPgQi)$@T++Ln(r4#H`ia@$L~Cj}a|Bf#mc!ovTDPf3b3Hm9jIHV{5}
z=1@PniVPJF#%c}y`qYo!(D6#*D*RD+*2z}7l=x)WiC1`qE^}rR)mDa7skw6KIb-b3
zuB61V6i-RLg9XRlh&Uj895d6$vH<4xaoeP}u_0FGrdK{<yQO7!Ho-@0Tu?HT4@m7U
zcwxQau-23{wJWJ2uo+x#5t*08i=xU<9h_X1D>j_3>`_A%#41&;-ceC(=L(1NNZg;W
zNMqz>V86hlK0YDcLy7pke0xM?&~Q4EoD>j(JXjMg8Y7WT6{W5Afij;5wD=!<?yckN
zmRbty(jf2|FUIU81G03oPYbPGMx2YW)(V%$05#S(;n?g)lMl@ruV9~O;numeL3F9n
zz;8vN+z0*H)X*O<6+t!_60g`9=PL#jhj80+Xa&e6vGwj2&u16nVPKTQGCefM?+qNC
z+B}*am(QMVKhs^aWUh-l-(hN^TKUt{k~Za7IvmKM!kR130Gkkktdd(g3?=Wf2fL(5
zp;^Lz8x7dhhmt^>3Gxcy<GEx?Gi&d+&deVPJ5DB-LuX=l<E3=MqGvno<^>T){$)mp
zbv)m4OCeu6<Y)s3Q7kb!pD>H8&!fW`U@e)*!L6?oOtBTB<<c!KNLs+|A&Eb0TVf>*
z;39tgguwJ7JhKjBhW}$yLi7;=?G_QV)n;CLgY6t@n<xbfvzHNE$<!(aIqO}{oc>K`
ziiLi}-&7dOVTN0}97H8k|K&4S2C0H$9pwU9POS#J<H`&v-98_Aj)y?IMaw&GANU!C
zh>Tb06gE>Y_cy0hr>Ab&0Mz$`Qi26;=C;v>SvFVC*V`)Y-Trqhlo#zRbM@a_nRQce
zcX>gQvh@hkr)Px+#SpdICha_3t|jayRxn2N*+s7DW6IryG93?;mNMD*UcaZ`XiZt%
zbZ+10)h8B&3&#G=Gdj4VV!6EL;vx09&uy=WDk6gS9vVowET9C$In6KSzWzGIyqWW<
zyI?&%VV*ITU&eKW{oKDF)qK^biYh5pA3K)A)Zbn+yIHGFn&kirl3}%5XXaB0`X~SD
z<O&ytXVGjQj)YWwqyM5Z>Qp{zflZXdVk=Bnf1TY^^1u%n7eW(#BD-nxvEk)r+gHzO
zFP$jM0-lQsDD}7;DoehawI%8WdBXS7XARS9K5xQ>X1BG$@AO!y_s1K2BHQU$zB*pD
z-r?MyuT>2qYV}{X(y_naZS%1`FWHQGZNOP-S$V$nU&5W`FL!%=TD-VwrgR-yImx1Z
z4BYT}7Fwxf3riGiC%C-eFmxdLX}ud58D|2O547On;i{PaR{;753r21#z$1m}5oXIp
z2ze3VUVhY%Q*j-6A3v7z&R(=r?94e;1Rk-!x7;W9QSVAJP*)xJ6}N46{{Dx`fxT$&
z!Dl=R+!=Xgn~&Km;0Fsxbv(s<W-;M$&C&hHW?@?YvEt@_PNu0ic#%|O+6HjN_kTj$
z^#~b{<+w<uPDH7P%v~5`k*IV31JyQ@ln4Y=BC?zW@^tYpDP&1Vu+#Ef_c=e0>;=V#
z_G0W%5zWm4NV|~~S(nn1eypRpeqG_`iJw7jA4_xex+<U+V5>De@XMq*A_zfDFjK~5
z7LZZiS@?%}0QrUW&>aCLR>{B(f~aenQ(rb0|D}*YZO=7HVd$99sKz*>x4F-?g6Mxq
zlCn@S)cQ0v6e2p@4Rd>@$ryFA`+TMb?aGMTyEIkWXl}V3j8<N1nyY<Yw?^s3JV{(u
zX?aaZtn$Oat3t(h$d|`$M{{CjcMV>?KuEd3Qt=I`Qq;w*81$z!gs;!+CD527B8RXX
z$xWEEQgg8Gbd|fJukXt1il@A*TNG*3hTuTuFK=|CyX^;gZba)hrZe!?o573r|GL_S
z!{iC22{pm@7DM?)vMa}y%|D)P_ngc$26DkwvLxiNG{7t$lZR>lf1L~P&)tSg9@+XT
zEBShS?YXu%xKXmAMc~DIe{f9^Ra0syk@uoR<sc;1$qdwEVvGrLlVvscl`K4{nC$z9
ziF4&z-A9}`E-!1&KZZT|Om0Gd;@VKq`D1hMBJ!J5^Ij%X*C4UFD$ljPL>;vMSNa<7
z^PJaSSOJ%{_}a;3F;0@E2xo>)8+ooKBK_14k&eHa(iihZOzwyeiP_>*sc-ebkv(`V
zGd3TK8o$-Xic5Dcc2_rq#`5~Tt1U~_T1iEwk(oAxU&{S}OZ2EVO)h_+>2PsXL_G+x
z@>x25yL`#%!aC-X0UVW{RVCYF63x`#sxF~~0bJ;nz|qBb${x>)kn@$C|A#sdlhoF+
zp7Pc|s3VVOO3RN$%3n#!d?MUgSGar)Cw%yYq5L(h&p?+v-W1bu>*PA99d7bAhfSb}
zs*xwV81*{A7IkeMw0zZ<<{6!YgldG!If9kqp*`2pOq3%-w{R@4;+hu$q&y~3wP-cM
z2?>hMdiQ*)v7NHQBP$x5@4;eXJBKcOw<yHB#K0ow^H@B9|91|EHAEFt56H%_?pX8W
zC`_5hD$q@+^6zi|7(697ED!$`A;VnrlPyT0O-0u3t|$^)aYiAIw2q!Z%wLx1z0RLS
zThG$o7a}Nj?|LAQEY;h!$klclVEer(o@mj^GVIR4vLNLOh1=@M!i-!}URZ(qTk2jp
zVa8l}_l11uV7A;(PvN*$-aKomRTWP9jv)x;X%nHaWL9WW6Kw+*^!Q(Qac>fTv(Qm^
z18FWY^{9H82I+AnGU<8mxrctCEqUsNxS9cd^*MBTyP>xog3st5R?Z?)FFC8E#y9zI
zb|S5if^|bjVdPalU7D{r&11VFIbS#VE;eRZl6$IYQo&Xo-!nTQP-hp?xqgyLq0SZ~
zV7{ftP<Sl%T@-&i&G$LmmX#0LQj>Yy!4bzxvJ=#+LB(;Hru^$0NZ_v`0IoEQ<9!!9
z3Vk7pGE<alpLvi3*SzS<(i;D=I%Ukz&kuoTNFMK{GhWH@jFDR01nlONlb@h=KYV@9
zDR3_0u`7G-Mx_iobf(P#hXA|1sgzb!ZBz@es{Q(l0cu<<O}|y@qH5WLSQg;#^-pFL
z_RCOaPl?NBo+|6Fo7P8<fbe!z=8bG<y92mv!C{aeJ7g>Ygmk7c`3PB{51xEi5rPYD
zZXonW@h+w1#(8C>^Sm#PUM>pQ79`8&V}n7&ytHOFa5x#}&v{3SofGlx(i)YTO#E+u
zQO71FaiXUzAqN4mRnogbNqFJ9n>x=0;w#r1F%kkW6|kq;clemU4Z)(Racs?#GtB!R
zY~PSd&sVCG`3S2NUGwS6sn~0fsi}%IgK9=VoSgp}n4Zo=q!X#PrqNKDL*23c9^D42
zymnVBCu9#@m#rWepPBhN`?|tgNM$9I01qJ|dG8{+moF-X@Ex}uTO->PT1m<OBN_mi
z@Lw@YsX&;f@(<JalS)b;MqXXkY0jCWvubLs#3F?!g5vA&hGw28#S5mUzbFc&P{%`>
zcSx+Il>3Yj3kJ2#uKg8G?OJYg$uP;-d&L8%_&&$mx^N)l)a85<@5!YKNuefKvc|XC
zMgmd&4gJ-<VY~tW3BAHUp{J*NFBOOS<8ISJ$buy;<HAXm#<d_cX4RQZ`RE<ik`jxU
z;^w1GSSFpy%15%0=iljS+x(^MR;Yl&GmA?bOf8r4^*_DN3;6@2*IBZ7=MCaN#(LOS
z)#}!tN%yEt8Rd|NDYP7ABk0G!e>Wrlzk&;V_HM^7$hxTnXF)3NUa9o;?|lEy?VhPV
z_z`vz)pePEyKb5?#eLG~o1JrwwA2g~%YveVAS5^h;}R-7h*awkiI>6SZws*EmN3ko
z;s&X)I3eWl@yYEGi28}P(Yh@?dp<wejjtQ<KhEJ^bebZ)w;E>O6!Qst;1+I60)R$a
zz`C7l>Z;h8p$)M^0mTNwnc3qMGk9hkGoL<?&VnhiCTT$qlf{3NE{i<lsTWq0DM-19
z7vpLc9t>yU9pS>i52taAK>q+9)<tR?Fi|-}UQB0n`CNHre~eLr_{SzFd#TMj(r*;M
zyu~Huto|jIoxBt+1u(bNkt<I&$>mgNe~k6WZqU%eSGq84F^kdlY{A;m=_Ni9Z2JmR
z&4c^C$7aQK#*>$h+jpNgD3>z!_km6fQT-cgyf)@?!(ZP{G+lmq!oOOWHq`YMuT;%Y
zC+IDB=lsc6DW3Wo>oR27?=o{*NBae}G_t0nJH>;P>MqJ#aUXamC6+7Bx-}gq)L*as
ze(T>H7wP~B;jE51{Sf+BOnjUEERz^oehS4{gx#H(@y!&wTHhs%sE_?P?H<-)mUaKt
zv}(9Kmc?JJtdMSQvPX(rC?tW6kWBT$rz~8B>`QHTA<XjP(Ok=S)}<O3iz`(YWj2OY
zU}jtzf4X<ggrS=5w`-$h_Iuim*+nUI2{t69DG;jM45G1&v%Yw=CndxF>^5A{E%~&6
zY!CTDrLV(@-vPGSapQ9a0$J2t_ARKuot?hCqa=0nPr@G?ufv-082C-xi#pL!E6Lar
z-vpl5Jj2yIXK5ljf`%^*$EeCF&8!!i0C9OMHM>HZAlrt0NIyBEIRKZ)z?|J-culEe
z=1!T-Sw&9t5tiMV*3QN?KAAB6O~xrT=NNn6?z8wxf%O4-r_rT;i4vjB2+vOuupAzs
zHDybGkX{FwH@6&d?AQ|Zjzn}LQ?t+0oX7dzcSU~hbQKOFh=YRxp+x=Lxd8uc6G(c+
z<MaJ2#LtBAuuf8(!y>M*J3k_s*!GG00Cu#q4RNl9?=zdB6K_7h6bDzDjg(k|%<@j>
zyS91aN1J_&0b>(S29=aZHd7+)T$!Tq4o1K1gIhjBg(5Z;>`w<<Bhtcn*9+}W#PcAm
zo9S>fF&z!xlC}Q}8vxm-;PVSt>VTgEbtsQ5cD-~YpzSob{$5+N4SYkIqCor2-8>I>
ztB)rBxq7`JMgif_O{HmNCDFtMCQbDDE{Ktg?A!8p&)jblE_w}?#^pt2skA4HrH3|F
zZ;;Rg=&9c+!JPA_YU7vsQ1MGfTDl6H&OcG*71OtBL5s1j4FSfFdYZGZ$|ouT#cuF8
zyuX(kQ1;s-_{(?fHRtfkBMZc@Wmzmop+TSISJI$z)2L&_37FC7Vg}%gMfe2BFQ7ih
zxCyi0l2Dpe*c)ug-t%MZ5g`Q<!+J1;rT6?icK4Oq{)<mO#E94d___E2<*~vT^ckVh
z06GO=*r*{R`N!FdVpxbTf28pgEbYp%;#HZh(#Z)L_hhwpWB}O{4{d1>uI8_YdNfH$
z*=hxuvD%ekW-q#y?7*x5B@O=<{UtfPD4m{(7FbvI9HV1WW^s;UN4`(-myX!j=MyQ_
z8n#6vSgxJ1BN>d`NFvx=U2Xvmzdi{7373Bxv@C70FMIx0)O%mdeh&m%eio&}4gT|G
zX=%yPB-}zQc)RKCY|wE!S$*p(LM=af8*VexO2c5RMrC=_qe%O?J;FFs@t^$L$KD1<
zA!roPv>dCuuSMa|B18fDOB)}@pJS!$suPC|GOM<(s(5KTVq}Nj_yP)bOPOi&f(KGQ
zh&#Ta{fJ?0_I*6`p&l%k=`>7e#R{U_{|y_{6hm*;Q$t;c7Fe1;n`~HI-}#OlFDuRZ
z8w+PNDG!ZGa0NUQS5Z^;3yq_42i%5sTbw6SlS~|`+-{6&Eg<=t4pINcS`yN0t1orW
zl;+#?L~#a2iA8(2S7tTczQ(xeBJl1hyB2n5&Zxenw8BK@FY~$ED7Yp--hAhyb{?U!
z=3gT7L)XQtL@YV6a+uy!PMG{^`uW3p9hk(kj`4CG6T|y(mcd<!^$04*V7!Osa%;lG
zVt4S4!pXYNOtHtBeZ(6hUpF<4?tJdeOx3?72>5sE*M(PLfK~xEC`y+l{iuY*C&7Um
zyfDaoTVnL`GO3OmXK%QQdqOC)$?{0j(BwzEG`(b2vTXu>d~pi)O>M)rD=R<prE+Wg
zsTjxX34hUI$_6iSnC<8NiXm6MG)!4jL94EG_-Jux(bb-MLAKkr2@NumUr{h79nl9$
zdWdWWA<4r~9*<wgVOB)3TeJ4f%p80`yY7G=Uik0_<dI~`AX6Gt>$CzeF*)BY<`Vk}
z8d3Ix=ih=fZjyI({fqVbI=<FITa4q`BFlUbedHJZ{t<LJuL+XZ9X?)o)uB1&;)>@r
z>P%a%3_7OCTLm0FVFz6bpfV18$fJI|sD&8sI)8U7;4gJMQ&y%y@KQg2#Ljerq32SK
z<CN*>EA<CFjE?{mO8xm4Ph?l|=jwc1G?9dN<|EOlDwFU5p}H&u9vTQ=jdVwLxD6iZ
zurj7v#Z-k<uKojff*AOZzg5W}2*A}t?4@ckH-I;aF)sqTqo;NtZSq&~WBM1ln<x5j
zZG5yctJdRQk6|7)7Wwl;e+t_7s;t+*4=WYxYXc`q6}Jl-)-$k5*Rt$omRBmHOd7wf
zle<0FXKcSVDd{fea1|PJEWEJBmATLNwp#p>KJ@mXA$G~TR?sARlT@lnDIR8eAl&=9
z4Fia?<op8d^DoAG*oRzoxLAF-6{Y%$A#}$uJbi-@-r@(3CCiKx7SFsPN;3G3epKl4
zC))e2|EZVH-m3WI0caIp0wBmSBA5CpQ!`~U<$jUt0~i?-bjge|?GqupHSGAKZVk|%
zJ>#4xL!~;%zGpu!Oz*@kA2q8U1%?hZY*voLkR6{RXnd)=!HKA_0?PFp5GnPGeDMs@
zYrre4xDqppP(}v-43|$n3~Knue9s62sb8BJJfXELEGNjg+08b8!O#!0LAB!QF1y0E
zV~vTXASX$b{Si4LWnigRI|Gh%fCqg?(r1r&xQ$u_Ntm27A6O(T4DmXL)3#!t@}=5r
z_d<&lrr=%s4O&#~<04-8KzBtjPyViCf1pm5LnS=C!I(&wM9g+2vsNT5y;g*nliz^4
zwR1E!fZPI>i$92&E;haw^>#UYDdl5-vO0-KVAp@aCl^Bu?6!Ir_)qY^LxSJ)mb~r@
zpvCJMqisM2*QJi>pE-Gav+hc9n}8+sAg23GC5{4}&>79YM-fjW`H`ENxKK0T`WC!s
zP)B}whIwp%I6JY1cx}sWb^Eh%;BYP@Lp0U>ScO^F>ZL5pWy&q=NNnxp!NqJZdY95;
zd6yYWk9b<z<F4Fj>8a$V%yWh4LTL{cIPBm%fCpf?i!4Csqo0Gew<<QqEx%$i0MU$R
zmvqiXyk6Hwy=zAR@3OD0k*?PGv~=NGb%Ic43RZd+fn0Ipm5Y#s%h;z{$0hAEeQ4(E
z5ku~foe5;;S)o2FjnpctMyJF}1;;vKcR@>;1q8)j*1zf0Y*R7x5I9Q>wSweRio#IU
zI2jp^J9ipeQ!=Bj*3VmweNWt7AN0ztib`7$;p$f#Z==QMvaW4STMVN6{ZtNo=xR*w
zDBA9gRf~0iQZFHB1n7;;1BwK9uYpe6i(7qgRMD-c8TaL)POwxtcqudrryHzf1<8|V
zm|#{D9?xcNvv^~GT3X@9k%CX<m)IGeN>`$lbREpxu9IkV*CGq-h0KqMaJ393nHh!Q
z<075T89$I4)EE+PkrfTt{~lwnS+VQnEVauPa*7Jl^eJs|jt_G5Ic4xAUP^@kFY-qM
zO6qoNTcyfGN`~;KqgtIoP(U?|pYN(h&Q2*lF#9Hf-H9ypUF#rHkEB^iC*)><r&VMf
zG69!2{%uuyq|GzIgT8<};_NTgCM<Mt3>n+?%8e*-$K<G_zNM*gf^3MuxJ(5SIBmtd
z2TQg6SL|29V?BfB;yoe7eiB7RGcBK>#`$qQp2MU<_-prKdW;`}nPqM(uu_ePvk97Z
z#zdTvW%YAK8D%QVS^0QaA^@|rKKOm;4U@X($+#)KZ7T0xU9o=48rg+;aZ&{wT`mT3
z-COjUafTsi8<=US)6p^BMzg7mm>mTNP8Uizb=#7kkV!J+DB7#dtjJA>-i;mu-ZdF}
zo!MTOO?c97eVwBQvTBdOeBa3H7x>yVl*;TXpG&&@9bFW)86c~}H{x9wGT!8kj6RK(
z$IFp34L46b`AM%#02nJIzSkC=VH}MRr)e;JM;F~aB%?Re>_D;ONAWD--x<l}F;%&j
zyKFi4jy3+8l4ze~JGs>m+9hp4Vp5hD=Q2ahR|8LU8{mrv7sKa?49u*#8a2>E)~uWg
zmHUaL9CMIuadWz5=NquBN>W}#N>EbqurNr62owK;a)h*Gsr-aZ%51cIe=6x={}^ka
z)F``n7$s9er{{f3O8!?#EtwukD)B-R1Ifg_k$RJ=4-&aD)|Z|LC8_`Q=F_ZFti*t>
zGOIjinwSoV(<!!j!1JnmS~S_nP<iO2Qr5-K6ixqdfq*v5{K95hHz&=}4Tp;FH}`q{
zAh-S^3S7inRUy!T+^UX<z<W8Bnmk#El~fCmS&}6w+0N^PdwC1>6c2-X$RC>0r?iCz
z4Z8h)yL?4Aytk_rYhFQZldPY15`Y)g<3NWs*Mr>xgJ=pqw-53G-PT&h;d{%b%>7R8
zmfVgA2BwmrsQ**z|A=)B$9N+C)<U8zN45y^FT5{CO79C%J)||1!mtB46NV)g-B`*$
zeN_yU4Ldgb+;Qnv($j_+o8VIW8$1N_{cTYDG^`~I4neWY9BPl?h#r7Cx|8GSRWb+z
zwE=45T}<|H4_VD*YS*Weul$1Wj1H<Y%^VgMz4h)v&%Sp!_)(#s?G(s0jvCe!J}2-8
zKQ!KdWJZFw_|N}aCx`6FDUVZ4db`U`@<QT%t$=Tx?uj5x&6Kx&hJB5GV}oCx8`r&P
z7Ns_oD|P!8BnAA?=~@&XqK)gfZf2F5SshIs<ZAgW)ZyD-sH)cSdY;$o)>0y&@9b>!
zzA0fSiv6e}CvhKC&70hZr9#fcY=)sWU2c7C+S^I%Ze3b-p!o#v`IM_G#>)5w(YP&W
zs3hnPG_y2CPplo&zL|?7+x{lnv0bmSJk;)Vnp*1hLI5}{Dsf5BYY38YcoHFe^)GwI
za)F2Y>0v1)@EXr++fGLA%k%<o&z$NxAwIU0$n9Xv9n!tr85qmONoL)Lc)9g+RE%9(
zePSBsZv`A5%~L|_vMMA}7%OyOPVn?~Vm6Qr3=FvEC}7;lCng{o*7;a^UAYVJ{y}U3
z_P)(v5fM*uV|gfdV5j7ZvgUH@8dci1rFczV!5%QdaadS-LjMyMNl$2#C$x1kl7$V1
zRNz9t-5W2nJ~88$lmBz!w`cmpg}tC-<^-6ak0kPQ-V2$8g$z4~^8=q+goflFP2K4?
z*4`;*bYBq9L=<F@nz72oHK4wxJuL%#zzuI@*wsSBwRL@5C3|I!89l|(Boj}$6i?QO
zG;_b4DNU$#l83=bEtv#w;%>^<r<6Ufocm#4ioERq-CDQN3$sw;kvE$%z1y*#O7e3I
z1@Ne(X~Yw24gt)nXH5zEd3J*il`vrvBfK>Srw{b}P>13Ot)CAn<AEM@zK{Kt-yI)M
zFLGcmyEL1ru52^<<b^uQSLC5RZeuLw%q=P2LFAFMB!$%B&9}vR(Tb|v>1V1s`FF||
zr^aY^Bqe(Sshn%rhyA#z&%LOwWq#t7$t_+Vqf7auj{VM#Bo8H~U4Ah4%kzvIcziP4
zJ?GI6vDu@Ec%BG5)(1@Cn?lY=SSsQECN8Yi;?~qZsUEBlIU69pGqWBbuAUnpo-j`=
z?hZl?<FNifZpYBtN&P2*^n|Dve4THdb+9!Z>19$8wB9cnzPX)bCLW^5obcJ-AAY_&
ze-{3RJ;M^_SorHmS#aTDbQFS7FZiAdGU%8jzvlwVwP3#L((CPUDCP~E(U|gX?j~Ou
zvmVI#tm~d`TR}xVayBQ<#LG46;Vguu-S7(1Y^?ZgZKu4n1-!X>m%hffV83e{MpoXz
zr^Fo}Vi$F)b7S@MAWo$|58h?mhwmF^q+ww9c_sVP;bpg8g#NF)gio1XCm{^3&|@M8
z4@@)wD(qI~F$4eb(S)l%8B+M6IY#QG|KCf^4$M49pIocmCkU3k$&1s8pS}vJW5zAS
zbF!w$F036Webs)CVtV!^npEJvFO9mhZbuux0#_qzZ?r6OcS(V^yNEv*e9s0^laRx*
z#h*83y#xn;OMPX2Hb{T*l@)RaK9k0q*}e4FA}SNvLmO`Tdoo4t1(KjZ!_DlHcXKlj
z9LS_p`8O2jR3AA7m~!R(4|3i=?3gp2k~YwL^_XWuAgOQ@45Ccm>_4XW8x2w3CF{ky
zdDbj#Bk}LY3-`M3j8{*zqxCX<PUb0|;z=Rf01bXQTKMY4W(2%bh<O=pN*7WyU<KeO
zu&GM!Vb=V>Uljf|`HMpQIsZDhZ=ryw$U9JNPT=-uiH55uDg(w_Ow-2(TArjw40cm(
zG4prW|LKt&#V-nztjgI`X1~pYrTn@qf~)e)gBd6-%w?LfBsAt?<@Noia`~)Di=8n?
zfw5V%N5b}>b~fAof!GBtQfDiO1}l&+PXxwZAz$l7eKL$T9o&McJgg0D7nUiND`>#*
z-`9)gOTI^vwau;Y^6e<3V9$w25l<pxSL}Oz^CHwZ9vmE>JMFN^am|E7;WN-`omew}
z>y5+F6!)|15@s%02|MSD=>KFfAd%G}R)8%!C-WsYU3QC}x&UFXa@aA1%1J~<AjOZU
zgYw;<=}ZY~$->*_V1v9Ne)E<{PckIvDvI{l%8u4IZMZJVJ6Fc*-W=mjysKQ+d6r}H
zp%YJJ2VHRP7M4Dkkj&*Q>4Ry)(<5!^WjXM{4h)_@DZzBSXC)tG{Ay(jG^NB;BtZot
zm&wM}6?N~f85r}n)|h<Y?D&Ihf4??9TN&*4)nP*yC(!nzCymsnpx=Y~P{ZRXcHBH?
zZ5%@|Mq}RsD1`olMHgWL!h0QNj8F(9?7<+ybbCZ;XQ)HTr61Wy>H$f@8XVSfBpIs~
z9AcHsggB>Z0IX+yuvZNec@91%y#C5?^5^$CcuLzg{Wt}MrV=@_5XTxzKpg9vjka<_
zN-`BL#4Uw2j-tVYWIA%5mn<4X%pl(5*pmw9cZe@NFJ_*K@gESf6)nUjS$~H^fWTqy
zn2KS-2}+2qAr~(TXv42=@Vv~WoAU&~E$p<e>4JwSW{2LMXbYmAwFmI1tdZFtT*)6p
zRVTY`RuY%S=ncP;1~``H=X*NRe!b8ZgDV<lq^)hMTRknK@Ab6#=K~l_N<><xsfdJ8
zD`vzR$Gpuq9AEV+cb1?;!y8N#`D<uf?GXd2M4u5gdIjS$i@i9|P2^-fg$MxVC^|{c
z-0)W@kzfj5QIRR-TK;@}gY<<Fq`2tbkS&Ij%TL&!qeM)XEy#r8G8O*rDq=)Rd4^V`
zT!}!$Q$SoCWHE0;$Rgf_pNxPiO^nkrtl%25WBEa4Pov8wHow-^^_w+xov~h-TNy|E
zgKf!Ody?WuGOQF00Dd_8KE#@Qj7#~q$3)*qp7fLl)fVvPFngcJd%M*pgd58?z8U$#
zGuezAF>JZh1UwK(*oT;Z{Xqj>c2Dr{MN1hobp~a#DHj?<bsWmb?d8xQ&gPtqEbYi@
zDV?LWOP?Av`2>GM02pv@Z<2%OX_u2-ZDU+$uz`8i%o)~?Xy*wjwi7ahB|0$9%&f}r
z5arxVrW^z*{Szq729m^_c4=ALg7F26PK0_4^zU>Mw-tLX2C8{uxVy$j3^`cDVgHto
zNm(9hak6&PNCZd&yrLlI(40dP^2KK;9sf-62H<_q@^LqMntH>5!<8DCg#p@JG5J|f
zr|0>-lJtsQH=Z!%WuF8Hn4{<=pR&U{csuHFUB~GE@q`T=lfN;`E@uO>S?+*o#&eYp
zR!5Jy6x@G!OH%xTch0KJ1i{;#iK7&piR3v_{pcV(Y3amcTIV!!yak7CSf5+sx3$9z
z^3$m6$DqX$;6_WmsAhFpv+-*(*OW4wC1MfvoRy*=VxUZd!hC1Xbxg#nbCBLyr)67d
zZoY5#fkElY4D(u0Z$C6e?gOgofGhR$@X_R4&r`U&r4JmWPJfg15j(u$;m;FA&KIJ(
z%b>Y6bW5!D^`bk1I;@#T#M~X*{I;8aGBRi;rX=_tc=}%^lE?yyeYxARqP~MP=n{eU
z4=;JwRl8cGrRasiPSf$n>!yV94sp}Xv@>!yRxf97+|+a>YdIqeTrU{xI&y3^)eK$2
zO@2y6vbwer8-d2<S#eDKz?MFBUoP)3S@}(#WZBaq3FFNXK64(0#02J$a#DnR@~j3l
z$OeNrbI>!7gBhYCgf2e3kNt1Bl8aYwBKA#|kP`x`Np!iO;2#WxWcXb;rQ%Wxzmoq9
zQ04NyqtJ@=!;F>1DK0t4hZjauImeq#4n39wSzcD|4ZGRVayO9H#(oidzX`&MIbPfZ
zU)V#Y2X~krkTn6DkiZE5(9=Ari=kjW?RnSEJ!^$mXd0zON65p!)+9>^*?qpM+9R-7
zT7#CGrf*hJ^FrZ#eXg=u_860YWXdvmOs9Y;5QXEE91wG+9L&3zh)9JBRN3S{pLyuW
zdhQrMUU+@VqJRC3N_d~Oce4hK^Lhwy0cpR0<qpWrr+3c!2YrA$c>A^8{icgca)LKq
zoPB_7CpWV#4gO>#E(=vWK_*-|%YolT9kOkEN)C18XZYlty$Jl3y07~m3ZA1X!OxKK
z)1x!QLwtluA+KMYt_~Tk%~s_qw8C~+)aye%AFa*2W1Qi*Ldya=l*n%yZ|rZkV_K<a
zqh^6rHMbwfN}1jL;@@@{?2OxL{Biqi)(t^p@+*ie;ThDs;%Q7#^ca`QeQP&Xml5p3
z_iNWyzxnUsbpfs;xkc`)-Jjgx4W}vA*P@mcel1u1r&x@I(r0GWQa>>KL36rUd$2mb
z$afD{oEi=Uq1{E>%^g1L!%YJI&*l%1Pn>}N_aV`1K)6&#aAk^*AZOYQ;^%Z!Zy~zj
zj_i?1c?1{8rKsp^u|%{*<Z4x3QB{kMX1y_eZ9AEm6J;@54zV9N1q-6)&dF1-;?M6g
z1X6e}GwbfnmWPS|j2fe-ylpxZC2{*UZ$qTi#1llW7|W3P!^iy5X9UZL+A<t4#rZ3v
zA<Lf$8t8h=wf{e+zA`Azrs*2D;2MJK;v~4c1b4UK?yidy9D=*MyA#|sKyY`r;P!2j
z@4fT<qKdkzrf2%}>C-*3zM$kKMHTc4mV{c^+loG-DVMtTYOrFH$rNl=UOC$cFR)Qp
z(iwByVGy0WIECTV;nkr!eN<Q3=L%d9_+`jEM}jw74oTErjIg#c(x-W#15dmxMd0Mo
zxnE&)pQ3pX$R)$Qh?_&pCrk;Ho?3xA!bU6y$c@YX;hkYw5bsd<<(R{NicS3TRQYvF
zqp#VHbl4zvu=$vh?sJbBHibQdm*J<G_cBrf{}C`08x1{4r->#6C|3N?WJBOi{M(^M
zZmahK9N%y1lZV{=^p>6X^msr394aqC+?Ve*Qn)2Rf%G>i3$Jf$3^-+KDxoiE2TAW6
zp#ZMlx4=|u%b#OOb)_xSCbB}zPzI#JU2(r~OxGe>cwCbA3mL+N84c?e$D-UmT&O3{
z=S(Al|A)#+i99B#ElU%)-vt=@rqkCr21&H+@{j<U9=99fAO2PJ%|yrFOaacp8v{U=
zFbo|$+{QaF4^9zYDO|i4a{3)sE44e(PEY;0yIr4*5)LUm0ya*CLi*7ZTzDCR>`Evt
z>C{wqUr;Yn?;HD6E327`JTH*wQy)F)@00#}rai`)aZA$Qf(A*slY>&S7JHa&GBEQz
zeEu1TmiO!VlJ({}z7A-PFUUc#^)(#oCI04|$fjIBlelS5-hibuX`K%>cb0qg11mX~
z7(tsNL2ax$4Xj>tBJxUFhnHh4U!i4#C+ag8Ov2|;8t%joHc8NIJRM0g#dx=|v*2V*
z@*NqK_{ru_GVs|9m>DFgsi?ke#vqGP1#p3*;Ml3~pn?_;3%H=WA)YcS@T;et4pC#L
zA3hv^xiNzdc04?`cuE@VKa<6kZ>^MRe7R06ltn$#`c(4g?;^qa`c(5Tr#^<Wyk^dK
z(NkuUTCb<Vh(rpjut9vF{2Ag+w#lyY==D`rc4BE4qgL?#vqXyQ7G^u|HFoL%4ea3l
z<}f&r>--iFBbdWzmHF5?uE=<uf|JiFWl}j=i|eWcOcc%0D4ybCbMnI1+?YZSQ58GL
zzmEQKSk_y)@bEoIG3yuC$^-oN=7gO2jY=}pXYjy~?}U_Y%RW_G!5&#d?`m~9!Ik~x
zX`rslhlb%FJ2E)#<ZZJ`QwNusZF5RG2(TuAMA>EYlcjPlG*i(9KC2Z01wh4jSLGV9
z{I5T;6b|*$KFp4j$XuGg%nJgh{P$`6W<*~>9a;m=rZ)ca8`m7X<K~}LwgOF`swzy6
zu&ma)68x(bzXUVC&UoBSR?!38G*20?N}&A#HJ>4{VPt#Shj8f7c?=pSTe2v;5{(9c
zi}^omV!uwe!{BRfO^v{1pk5ZQz&I~ph2Co!vB&6!gx>o@!Tz|{Q3z#pKsDX_(sMu5
zU4aKze<lDsRXLgPq@#GIZ@XBiD5rE@hDEq8kV0@fWBc9PtKl2}ks)_m{z0TUFoxh{
zjtBz1b_vNO{6^N)osaRCKwbISeIvaka9Y}WPPN8U-vr2_<lk;#by186aNtj+n-)@P
zd6PUu=gPJbkGN`#o=zcP7{!!EhsUs%1O&W5<DPsRYTkC2PS_5yc+Ls1d!PErPx#&c
zpM>2)aXma}5}YSm<g%biaGv<D!2f8b$ilOHcu8v-U&?4T{&SNl9oR{h(K%PDYO`7~
zx+9-@(dCFT;uvyvw1+^hcs?7pR?{fDoqNc;+90TNRTgYyA)#VnV(slxX`pp3@Im`~
z{aSgB82eb>s)|=z(q)B>L{6EVZQ#NUTSt&a^9PeRKj!6?+MSvNo~~u`0A%lKEB&>$
z_JI<Haku8qjE%IVN1*lvn_-3ayTZGzU1~Vr<$QJW6EO^lA#o;57rAlD?ms}8^(+Yd
z7CIY##%c$F>oC`x)HMKs=z{G#4#Tlsvi(t|8xO(FlsQiz*V!sxmt_|$B$1<@NeD2@
zO>-(h;39hTf*lH*Kd*m85fM_7^pOym2;R_r)!n|Ss?`&y`unj2tb~Rwuer_H(r3hL
zZ|61vyNv-93(2-xX~7Mg&N*lk{a8hM<HoXYM`|jG3LY>I&!1#Z`!eDDa)#k|pvlUT
zMr=qua}MF@SrR%b<Fh};c1&f!$P)K%%-?x0sQPwy{<ikZ$|z~!h`unZ72w_2Nl@6T
zy_uh|lm@;gZVtxnhXOaX5S`eL&Y-=FUtD9lftMdW(FV?qFdN(GM~`?++G}3jt|!JU
z$QsGbAUN!7{eaGS`MtW@b1|AAa+G!|L_9v5SwfCUyL1RCQ$8@ONP~^5QosSyh92WV
zY=iEh2o+^A;qu^I<&J5g<5v##=>#^eO$beFlYh~L3(#c@!;Rkgu6(0TMTke4lhP({
z&x=fNXBH|<OXk$0lZSbGR88wJ-!!!lryJ4|{*iExL6T~Hvy#EO!`<!vG8+7rbfvU(
zX;ozo1AT_Slk*m)Y*G83F4qFcA?cD{sOu8_h79qV_m))6+6AD6yjk2Zr-?;a1V?f7
z+jUtz!F1mHG3HmylGV;@2F0$D63uS1CZq&^A-VNjgh5O*&hIy|yh9lUsZxU*-*2Kz
z&V&s(izpFllpp-*5}^fC9~BApwe;Hluen0Ld6<tNbI~`NrVfB0d*Lr2QuxfvlVTJy
z$;#6*5(?avEX|A9eZN&XSFk-jAkg)zJQo<>i-5Vz#7@~naWzts8q(Aqh|Ctsw$q*m
zay3bcDJE!<8(R2PJ|ADEta*M83YJfiP5oMhQebcp*MJ##D*wRm9(R!tRdNMvX9ba~
zq$`dss-2+N3vjbmI$hlCjey-Qhmt)Ycg3OW!yp}6T||jRlKjb!8ng+}CL~9FR}KYo
zMZ^^Re&h(4JO~EYoubHKhtA2@RP?XJ`;ns%&GeC1x<8&dSfFvNPi;|0+TYB)d7}6Q
zJH7ZsZ|$>&;J}c*9jVwU8W)8%itz#CZaVI^Wzd3dKzJDl;ws4ff)aNyH_JT`K9k^%
zZFypY3-Qtg_L0&=W0Cruaq0S*)FX^*E=(=x*{s>b*ssx3?R@{^l8Yb3<&YpQaX-}B
zApmiSdnm~N6g~IN5aC9IF@(OUYxFiib5-<ZxDx-s_KB|RkLOjn6hrjB@-mS?ga*<+
zbl1{@zR;EY4%Sk!AcJ})`uT>^9#3tr&x92dAH}oqNf=pfeA^Y%+Y2d)HY!q@rj)NN
z@YC`GM6kOs@&isw9l1GusSmhHJFT>;`jAPt9t+k~AM-p=biXIc`7p{tI|pV)HDfN1
zZgGT}jQJrUkza~NELRRfgoJ1ScZxuFRGBeyagqLSmF2VGPwh33ZdK|&P}$BT$6Rp@
z1;$?zV<-*;yvvQR5tO?_L+`o6W4+(ePzC$sJonzNEs7S_r1mJQQCw9yT)wszV9J{P
z+f0#K3j(~M(x6w%Aq1D_gty}OFU{`RrcW=(N|?^zCA_0vTEHE;=-vD2>z4=$_^eN$
zU6t4{4XSNcGSNl1GiZeWi!dRDZ3o7avOQh-HA=-<iWZ#s%a5XH1HG7{?}=FP03tWb
zyl{KU*$uiluGOKf4b;pzE}D9ync1{Hp{Lu_NwL3z02cBU{fCwgsW3~a?(bv@7<pv!
zKz1DfEsHYCJ*tT|{2;=+9ldCR&~Qk$SVmqx2dm&(5o5K&hci*Rq!rp{+GV=+G=sLu
z7e4E|{e(cEw>L8ml%=xL{^{>MR}MY0EP~KRZt2HFSXeDpi%n%1-?O&vqfNkJiLSIM
z0j->8SD2cv?A!P|Y*R+MQ^I0yfLewAJ-omtO}<R6X}+RyTtnPZ$28pV=4A2-6OGI#
zx?!edl2KCZ?r#M|i!NU#(E;{jLK=9J3IaLM$bW}_Z>b#x8Xo`m@B^*n;-KM8=#D&m
zfR2V0F2?=mB3cF89G16FM7BPk9B~sK!MKyzCF1&3ALimT$4Bygp~a4YcP2u*nY#m9
zZ3H2ud=_{1i*L%q(XCbpK26s~gOPLk+dPX?Kj-01Ap{Ar(U-2NR$&y!o(JPBkLt+n
zTR5a-f4=4YL1dznePVk3YHwiuvX6{;0+Xi%rOjaX)5%R`xoeEyUHf<|eJ#$a(dsp1
z*Q@CEmxpCb;l@f201z0Urs%<~&D%aT$sO8sB?EjdM}uOOXkwS4v3W8e1gd(9R%SPP
zJ3CnMTi=Nmz25UyC4C=`mQom1vb{ULxo(^`EonWPx~*LoPJ8Q!KYdcRs+(`A53E!B
zc`apGN)(ppYNP6?KJ&zPq{Dc;t%AvVF><`mJ)Es4a-&_u4kRJ~?R*KwX}+ASXLj5#
zpXliov#A=831>~#ind+(WU+8t@p(>rnnqM9-#M1yIT<=THnlM-7MbsG8*`|3=w8L&
z_|$ExT)OIaQ-q#0DXxYfy*+9-Z9tFxB4Qq$Q{tB600PZEX)^?V&~XhZ*~3w7VdeJF
z*?DlhK?oi11)g2Dv|>9GF+GXyKguCn0)f-kpPv{%TIsgPE|0~=a-H2+no(T*x^#P4
zUM%zC!9&AA`_;et@oGzBXln>5c|VYCn@3LL<gqeKoHRq!L^L20fSNM}@&6ON{d6-F
z=~F4ZNPJVM{WJyW?<WO!!Ulex2-jb{P&IzKK-lux4sJTs%-y7-@q;L$(y@8@e(52t
zgs<)8PARo70bc!^?&Jv@)u}cGck+d=1vke(HA7(+u`m{^Ru&_7$MA{zbU4?mxZQ<h
zD)VTt>6i2R^<-M+g<!<ssRmsnISMV?Dv1P}p$$`X018(NKl2Ez7H|67yVr*^j$q|5
zfOldF!59Gmo|mCcs+VGCD}>C872>oZBuSIXqzS8TD^4y$-3^DtX1^~z&K&~x`ez&i
z-XApw#SD5J1LXgILX+Nh2mrAIjKUfvI>zP=**+z2H@!Irk9t}&E{yrYDtF1SzX@?6
z`i1D~NmE7bhPvEk-h^X0A5MuPu>Y-%&<sl}VbYQ2J^il@hLRCE15ZO|b|njo#Yx@L
zH&0f}U{}dT+n3r$g%Vt+(QnQvK3w_cTCILaKvE1Xx1XraQg%O6(wPJQ1h>Y%B&YD8
z^|Tg}d7JLj(f4EhE=%WTg<9k72Vu5Y{`eMV(Al;=A@O^r3v`BXYi^)1=*W__YE#Pk
z#WM-!|CJDd>jS$ei)!OUx$QDL>^-y-wn;n4v8Ho#V?c(+tT7hxg#g(cdR`P+n^clh
zeSSw7nH%1ai$MV=xX}%FPUUbI2aMC<5>7ME-wDn1wM@~`iidTOQqeK{eIU_gazPYE
zFIzmJR8OBNP#!6FyoJs2U1n;4(0}51w0Rc)skDR>gqjs0xBiyhZ}s?B<>EFiH9q$U
zPm(_^5GKZ0X1#wxQYe+@qrbLlnFvUvy6A1^G3X?q9J6fOeP#~1`SEzF8?1s?)5f?f
zkJQMlbTn<PbFw5eJ{xl>IJzDZXKlr^7z}KkB|%6_w+U!81yLjQ$(B=^OH-t@zzvy8
zM9Qy9JRyE&tbS6X;Qf^akqM;P;0yixePe|o9`@jtQt~hI_@s3&D@_D8l*~N)FhSTH
z^?f-BXj~+9_MGguDvmZ(wiv?^7h!RWzqfWi@u89<+RjZhYo>Uyg;`RS3oDkA0@awi
z>s2VamN>1MM>k5Cm3xELO&qQemoh<F!Z?MNVp5xpm<-*xx*+3?)xq3!)+6I)slA=4
z-C&+NR4d)~(>vQHo?MN{X~tcY5Z52-GIzg<(_X`b6<o1LVUYBSQ$qjTy;AMB8^i_O
z>l**Enp>Xz=y|ok$y+635UvLt8iZ|NYp2?yOLa%~LM6pr7{CoMz_aFSebDmV=lmDR
z>;CrcvbQSN>7Y4%hYnPG*0Pg`!f^j-^TjjXhDskc@kZpqD`b~01wvOR0rFeEg$laj
z1>y)dq3hCV!rTD@OXHNJj>BiK;L<qI4yTk?P&{?V{lyQUM;1Ha0Qp3J28uS})?!57
zJ9+lO)~WLu2iNs@4xytHT>pwh$7jr!XfikVY-P&T%7GB;&*Hp9>6jBGjdmIyL@@xS
z+@G@X#mSjCcU(<{21XS|wpK!MXSdC+=g09wO$Gj&hIf?HfUy9l+PE(W+1sB-j)9UZ
zC8?D|uLw<K_=t8C#w+tpxFxX;;Eoa6r`s3VQg^)(xl6sffg3PnyRRA^h{CL3I?Z;J
zMSMAb1cr|}0bZh%*1?<ArQI|(3ZS+2(vzn>v$`AdW(*(jj)xnY4t|#Kq-N3p&BV%N
zkQ3!)AyUXus5HRT^RG?7-(`>!55w|ki$x>Ot~Dt^9K04Lf!?=EQCv%|vkCu^?sf6H
zt>mi$H+R$Fk9lj<{>YPXpcd~>Cl%&T+Y&m;@9YdR(`SSJM1Lr*+>u4joA8)YXiF8C
z&s8J$rjkaA+n1JJcWi_tis3P1!bwGJ=sI8b#%+_z{fh-Q;Qj`e8wB2eN~dRJ8+{?Y
zjItWUWwlHx0b(^*6cSePpSW72agT<L8@}t8&@%XS7SYSh%aR}ep!SeP8GK&D@Fb$l
zan+uS)xt^Jieb$?qe7S8rnXV8gAG2J*db@H|J~3SS#kT8=GZ~rlvtZ~cYsW3qR;{K
z1kNh*E?$ozx^3AiFD)Nea&=nH8JadUmX`CWioy>@)OwmBt0p$x*u*PP`kJc9dCt7h
zPyxzl2zEu*e>!?n>9Exvwq8Wrw2oMO@NBBRHS->*^|*2l7)KWw=)eq`i&AScppEv<
z7<p}@z1q*%zt`NSx7c-bY}4a^`X0sK1*|xJ$vzW(!!e_M{!z$_??C0@y4k;Jefm<~
zS%1#jln#X*GP!%aKUjAEyL(zj{rG}i9^02x<Qy!fGpj@2)!H9EUu7EndBb^PzCj?>
zc8TN!r#5NXg%X{8LVZVI7-=);s+ZBkDiOfv3OOI;X7swUy_iMye-#CAc;83+w#aer
zL~dlcZ<05qOTzn%aTu&1;&Sq(I_Ji@?p5ifOX>2F`+b)n<+3ZVWe$&{;S=b5TV$}w
zonZrtrzrre?70?ePHOa7aIo%E3GIi+Y`KX+kw0}g(J$K5L8tTp+mcA@Gq$#E>2~|8
z)x%xs8_IP8(u`92M&Qtwb#Bf|I0Ec(hqQtoWD&9lRt%&}*`WW(7<IhaiDtj_P#HwV
zBEmK$B530jo=ge@9*z6s%LOUcaF)sIvAv<!S5>D+Ms=JL%q!n(+^oIPj#-~^_5yXi
z4{c@^7opDe$6ehutjqW5lZVn6`x*yTZr&NK`0WFE71UTnl;W7Prf$cy%xGkE%(n~t
z3WS&iH_cU$V^y&PTfxckpkk~x3ViySCwU96kUp$dr(|E$)BMX;*#iYCoN6*<pqM77
zV&V=XEtdLGMzy`pZ+04+k_ETD?iBPa9ILtz^`rEB^o2{QEyAfrI6;IrzS;>W@e<s+
zpy`Ee$vkg;d#ux~Jl?s^|I0#ahMSJltrFAOT3DKuQwza*@);~+-2Qn*=*{f|sbYHK
z+Z$tK&JpIX!jZJ~V{WD4@Ir6vXvNcqsxq(X3~v4k9}-3|TpA1%`rvf5q4$2L!YMc=
z%ma|?rZndH(*|k$sBXF+Kv4($D<Q7@-X|sPX|saf8fCkL6f8_qAo?nGHA7`c&`o2!
zilT)}pURI(_H7okrHnoiwiBV+mMJF0h|+mFWCJV5`xF&jG<DJ0rT`+f#m3l0hWe^k
z_vZNOU7=jJ(pvE`-lMv-th?|ZK<J+)D6VBb^L8_@;gfD7H3E@>bcAuO@J8CZhSk#-
z`IHt({LcFoY_MUt-3I=L7Bsh+*3!#N+JDmmc1p8Y%}<IH+j#q4&Bu|~jW%VU?(s2E
zjz__w$gW&M`49@*7?T=p0VK8sJ;^!P`-;sZcCAjI6|9onT5bmFvW1@)zLwtUvKn!}
zfcfmv7O(GnW!>2DoRNf2SUA&=tS8%p3TtPYMolcuEtG7+b>K%C;1o6&t&n5K6L)*;
zd!;`vJ7VlD3XT|Xze`z?s+X|+h=G+k9{dlpbIn$4`=yIkzcDMin?Uf6Db+o!`b`Cy
z&}o{OSxKR2a70Ei_^QVexDe8zrJz{!*!!-E%Z6-nmGG9jmdzsE<p7cW=*;>a@IGKP
zAYQXPu^Xc*3_UEZ9{StQ7!<W4mDplUDlRD6BZ3`nCpo0W96N;7W7GoNOgeF$Gt^KS
z*~Gu=P3~e}t1V?9FRu2gRPn}k*gXCv)q7Jb@H=Vx_hLl4Wgwb9q4?N1WRg2Gqfu;}
zG2K@s{!1l*9lpp!nCX}Q@)qEkl>rizB4DsVDFTS5EAg7^P$B{?1^zj7f#|>!s;yz0
zj?JKodTl%Q$=g6e^7OPBxm!6e<j1w2ym3jBvi(ZiOtU`sEZIisMV!-5tE<ZBgY*yZ
z?H9m4s-vx74oe3E%s*Lmm(DAo1e*yBA+~bIQvwyhV^}##GPsTtQ6$(G7!l@A45zcq
zij(bh;Y9I&@mDNIb=K@eaaVdM8Q)|cDCAxM7gSpW7t}5u5GbVaomK@oUvoDe&8M_@
zYcVI#B`r?l{C@kB==EaGfy;Lwn|3dS`08wTr}XZD@-;&Gk?<3A6X;C_$&D5^g``-e
zN1W+x%%jI@oypbVl;3Ag=viXrH3wmY%t;_~ev$Md6y>83hU3<Wf<1j}!<F*l+;GU4
zjWQezKlx%pj)^1JEcjo!3TLd{6X`h@hzBZHg>n>isf1d{f$PCcgbE8;P9(4@A)0lj
zDi6_ku?OxXtm||{1Ns<OarnczDL09E)VN2<gAxphkk=TC3x3Ivrvoga8=RbHqMV%Z
zH%+UtO&#UO1utC~qP2Qav~D`9uC5KJ2<80dN|>cD`g^907f|o47{6o^8PnaqeBIS}
z&!w9#f~*+u1K3~pMgDi2@lThr6h8@iTbK1+@D*DuO$iTX7!AB<=_|XtPdpiXuT6sv
z+}EW?Nzlul?>58*!ZW?Lt)2@o^kN=tapYWbme@o><KlGw(kR8&FoTU8%zAVxT#y&{
ztby)XFGOlmwR#`1e&jO;lCWA};qh|=s2K}{&?bo%`a3$!`=S`vs?wOEcA0z#$vjyF
zaDBNkskkDwwg9gwS_%_MVjg_gDeLy3g%S;f0P`c8!4TuOz4u>W9uAG#zIEd`&9BWc
zotsP?p2qDE+cZ_(NZ$f3;eyD@Nc-WSaORcNm_&%<`fvVL1p*i2QQF!Mz%%p_S3ou7
z;4aBKFGA)?Waw~*dBfNtf_15kkJn?YraIaWQUBt4h-0_SQ)QPM6a{|rOO9az3@cKB
zJp3P|<Vi1kbK?;Jvm>*fuZ>Mr;;INbKz>?_2B9ovue3Et>jR)h26Yyp`AL&yj`78}
ztXY3gS`8TypzE|$!Xi4Z5M?t|W_v3*Qwp7*_#dV;^0$56+@f(#k}nC7r7}d;uOknZ
z&_4@~n8c4>luaM!8FWm?#7*9yasIzRI0%#;D4AU?E1jhV>HfeUp-M(V3vot5r+fCA
zAC1lULM{p*;;^2E^pm1A={Xw0=jHiCfl=2@)U&fxU)E0yV0#mhoW6O{cVdUGwHPil
z8X;Ydi5r0r_lq7VONBHW)WQ+`p+*O2O8qxGUukVY>-^1ro{Vt_O7V}(dlcqlTMOap
zdttb)?kBs1Ob*@9qyOm)c(n)&x;8Z|I;AyA2WSf1!e;+!K#M;YkY5rpKEhRGqnp-#
zffkXlI~8Csj;{Mohsb~Zupn=ydRslePHSO1#&!N@K`?w@@19}*o}ciGY@nK52a|ga
zWIK~aRm7j-$(^Fh9XbiKEiixKGLJaaE1J^=&T|FybS95Y-PkoV<2e3&CP}-$RG7kl
zc-O@R0;pZ8Xs8Q8btabNtkflfzT6dpvroKQahg^D`2_m11JD&k)L#W2Jo)Cp#d9HC
z`Jw^eLx7sSiF!Bqm$x>OG%F1K;-2hJh(B$h*-WA>UZVMf)<7|KSz-QB(TV3NnG~D_
z>TN;%8saO%hqq3m#XWotocV*?KTV21`kNP+E;ip$DwcG0OLj6{D_T!v%gFqlVmw4G
zY;fgkbOHWb+R1wCE&sbk7oT}q4-2`|s3K7WUaeCd&0>1EIUnFnjeOpMBm-5GX6mx?
z+fTwZ+i)F{fUrp+09J8+pJX|wmFzv(Af~#)xlh~^i=Z}=EJoa1qZz2*3uH;4Bu%HZ
zqqZVqqMHA~f$*bGzvgsl>>6@{bnu-9aXZHyZ(31`c~XF$)}UBwS3xz^-x@O~)Lv2j
zu2fNd1WyzrDS7?dUN6h1Ju$>-DE&7+40(-{OZ5!B^(6vZrf_0M!bGmj%Me)bpiV*-
z6sr;GencUc0LfsKrw_m(7)&#r9>K3*I5mo=1RrRnv1@Wqf46vPx<t$AjdCG``e?R3
zy7Ye3H&1MKDBoC)03e%&o?b=3_S`W$aw_29)cjpZP$A<@b1@LA-cc5&PHhW?rETOR
zm5QPWZruL-I=+k-P6{<L3X7a|-PZA(os>XG(@>lBs~Q**lIg{9CYDPrD2frZR)c@?
zVcN3=8(Yl~+1R8o(5KELUZC-P5tMB$BGzy4Qz{A_F9^WX8)XOb86_u1H22o^nYbiF
zk2z-eUh>!_XE{t__@F)w5vCI|2#fwl{Z#tth;wbFhzVC>3Oy8iP5BQWDdYznh_isI
z{Q*aDWX*ndcfuXp!>z^Vu#X+s+9iEkktfOWU#n@1ZMpXzSq+0#w;51?v)u3vEF=M_
z51ut0Nd%Z;Sk9V!aCIzmy#*z+{fN^8M&>ksvS<NPyLP+jcD>+dCW67;lCO%mTpTfa
zfVcjal<}UGTi(s9KBTdSZbF7(pvZqVni-~(&$N}2$6bj{5B#;!I-&(lm`6|oUq#PW
z93jIND1~x&wJ7jOfU~f8Bt)_%kf9YiOj^oIX8x&lH!go=c)!FxIdKfd5Q{v%t0Bdx
z7nVc6mJQ=CYd}<v|FW|#6gOjD9SViEQvCw!LM{vpB{uk!<xYp#!W?cmDaUl}l^<fs
z{4YXf-xrPlsw^GPZ&ygS3w@wB=Np3u-BT0}opu<b{5r+i@Da(}yM^(`)7e>YZmCKj
z@$i<TLfJ~9a7U+bo^FQd`>;=An0{r9CBcTcwrfU*6rkgd?__piwLK0ue@I2g0Chbo
zk3CwpYZe;yi#Hb|xZzDZF&<@6J=d&EDs9d{-~3}&q5%oUjxtF`YFkWxZG+$7y6#QJ
z`y>KKR{9R`wDo3qZtb};kl;KG5?3hP@Ka;z=Rb7cYa9KLpgb5$U6@Gi?u3QKi5GFU
z?6>yRaxwMLf4K+tZiUm8XfTMM;jf^;zBg)Z8$+i^K?&cvR<5`$*Kpm36Wgy}9YPgS
z$RH+JZfyy<g2Nl7+NVW1dy=)IBknqkRj!hShKf6kH3Qm|n;-cO9>$`{Mn}MT7?J#-
z!9weUkXK?TVHzlN7}#p2I_{ek9a#M}1Xm=UTgYjnxlsr#m|^*Fu|G|gXIdbxxK<1f
zl(@F6eK-V{V<m)v^0-r=Fy<lS$|kHWr0T+4*Y_Vkw}1?8LZxTv2RHiQ5sg+lVf|pU
z9v_0WerOHpEt12r*dZNF*?Vq%caOTkQI^&ifxalXnBYP?0^_#fAt#*l*+%7)v3Z5n
zA&lpMLxdSH-x*MWlD!t#H*ji+64)hwnnLSy@M&&mkdf==k{77lwSaJGbl1-V7G9@@
z>R6FkC}-2b{UE9rN=7`di8*ruQ<LNbGH;}Lw*IkEbk4KOLw~Rg^ayFt)8dKEL+e9Q
zzg=@|*g4HU%w^S18%NM=+;9n+tZXC$X^|KQCu>}=4GL6Sm!EcAiVZ#xO)*PcHZn6I
zUD7=-=JDI!ywUZ{XBpPli2}UMvp5>KBBO?oC!rGoM0WL&8+NZVcZw4Wq(#`qj};jE
zG;P7N8KlKX>;VI9J#cp0M#@KLvYSIjOf*ZNP4(0;G7enUp5bCNL9v@_jrbsqK3^wN
zvd-Es8fPJ6(HLj23JB>y4ECrEBjs6^L78_e^-if`91euItRAXNG`o>Ku~MmeapQ8^
zL!2mEn0BbA{67ix_&u=J9jk(#V$KaZfcS(o;ops(?dD)H;kd^hVhTHjOP9$mp=#G!
z1;I=U6nS}}A>!Oi{@{cLPCGr%C8iMy&bM6K8W}4<ZC6$m9k>}d|CP9XK>keip7mXx
zbagSZL1L1Fv4*JMP?&#``AK1w2*)NC>$v?41Ur33AzEv?xEpA>E<npQ6=e3>7J)Xq
z7e?w=dhYwY#QW6+C156!BPr%f$$&h{z)tN?Q^_{kmU4^L8+|HMoiNR~G(Co~vvEb(
zA)9Kh<<Yrqpxl+HO$Wb^XU<hw<YM)a;j^HC_p0J8R4Bh)A?=)$6VRP$8tZf{l2xXk
zApO8XhQW>aYo$9{xGya3C^JV~rTe&BEW&^#;k*QHk)W>?`=*H6zs0<;Bb){;W-jgK
zxX#C`CPR@k7^JZ8npap1MlF=fN<!~TfiFbgTQ+^o*hq)8I45n}+aYCnRuV2WbKGqz
z9xJ9L=0LZ0%i++um5e+a1e-GLK{kC?`ZQ!zNc-2t&>S;!soLrSpL9kg#UQgAD|+Ka
z{rAgJHAaq@Dtk&Zjd?;>)P0$C6lU<*>Fs8In13)3^dg*L^-(RP-Hn990v7LK2tkif
zFx7o0!%L0eTSudv(wR=x-0W~uf?znvU1VGv6_menVJyX2V+=V`J?UVlt?5;-=p982
z=69F7zla9ZX->bcsL%9m+7fUFe`n<kew*6KF4}d*qLk=v&Kg(8goPdrr!jWN$1>+i
zOOV*orS9V>`#+BYGYY3K_@n1O@Y9whT)Cv*toCLdjk&xV#EN`wZ87y80gpwEuz1xS
z*nT=jLiAWnKmqEy13TT%36EwoloQlgpIzu{AdpS^2pw$eb+Q>>j<~pQY#jMHNNVnY
z`K9HlRcx8^1i!LFcp0A4bS;(2&KtZ!yBgOkzK}ub7Qs^kop46D6?{~R7`(pk@2V-C
ziN97J|FmVdhBV+=#ErYd3Ls6Vmf|H*_QH|d8_w-$sVOWG2)s5jOb6g$@GR0Xj;i1D
zZS$0>D+gDTd{8aN7R`k90lh_%hJmxqqwx<30#1Z-Y(A=)bi0udq@~Q{sA$Mk#H6Wr
zKwmR>#nuM(=@^l3uDkDvwxYsnGYP!F^rMEitl#uJ=Mkh~Vjv@4wNO#YqE4YPYnDbw
z%eV|mT~XzPB+b1W)-vHCK6A(<J&&Y+jij7$`r``a&pqa?pJZnu;Ztoi#p~$gOv<JG
z14R|6^YT-&YCcMimP=l1XtYRe_i-4?;QWg%@(l5r$gG4yDR+>VHS<A&#m{OJIk8bD
z^^#8`Rew6${0?B8J`E|YMIW1OTnr_Xbh@D+Uc28ty%DP8aQZ;3H9o-GZ0}G1a3P0y
zHjJ-T&(Hpo#n~<{){y|n@m1zWt5Z@*sC^W@Me24Tw2da0OkTG);UH*PqUd)cKdgvc
z*TLKcwMduTejn0!sCEv)7MbBc?_0w6Js2$Y7PJ8dz*IjLr)p9V&O#d@YpIxL-{|_N
z(^a*<xz_x84Oq8*+w<0>(-WK!niH9Qu3lQc!N{kM&vFTXoEQXB=&ixqC65h?J~<l7
zD0PGHZx3(~u~XhR=Wb|d!20zCDf$bmJkl|4#X}oYhgA>FC^l>8ewr8*m2q6D?~;)!
zGKWImzqH>r-Q8APqq56RbuG|dZ5CiDN+eZQRSNX?<g(}5RhjRD>{AbAU~JV)7Eo+p
za9!w_ey+GDJhBEhBu2G*K*1y}oFOH>C1ZBwQ}0|^f=<=l?-#s+t&EnH&1lEces(J5
ztBE^KXh6{5%01$(mbkO?uiLd){BeW5Ox%r;_pRy$ibiHHGxy~;4vR(V`9yIPunc~E
zZ?w6TyU?kgi`+DIk(NKqkLu&-W~GFyl%P?}3=I<%<p3JS!Z8o@a(!{%gB3-k)TfRS
zMUl1ppUHXeqiJuOQZ$1mcaWEgF(uAYlzrY_)&?GB_M`y&@dYANw}Bevf=cA(t+^Wl
zko--D7aThdz7WLiTr+XRI~X>P70fL#)ZK(wJ~Z30JV_iM<H%SiloFFv`bKCjfZ-a6
z5Bgz<is`&zse8@lerbuaGiEWFgM=W!@q)-4hI%gjeZGjJMT}xJgenR^oMv;w94SeT
z2HB4_GTq%nzw4`_Cc;L9&$3&zgRG^V=UW3Om87}*LN|^00F_?Q!jU?}XF_?(BXEvA
z&#(Aj?jU~(;4!iyuO$0k%M9NE9Uw3$uVwy($1K=Z%6*{@Yo&ra&rb<%E%pbNf#IT0
zqI_5qxCzevLTICKq+w*lSz>gOqABD)$(OSkRMem^ip`_au$#>fSt7d*d9KW#%XgGU
z@StUt9U;;`pB<UoaqTOlH|TPm4vp7%emfJ$I6zk8lT)m)X6Igz1iJHDm3$*s7J{WW
z!6}&xIUhY*V1F3yj%}PuxSX|-duO(2Y<`&Ue&nkWC3c>(Sbm}(w|M4pnhWRio;Qx<
zmxApJ)GwLB_P?H=60hfj_BI$tuFw!92#V!D+<%MnBCD3P0irw8XEhv4J!`q@F>H{T
zHPmUGCiTcA7X!Z>?x?}j*0OvdMHWfE_t6+Qt4I1ITlPN)@Y<iY*fuSg10i4ogn%v(
z0(_(MCw(SOrrn!JVNu(7;etp~RXuIZ8W`X1PgT@vdVIt2hn~7K>xT)BJL*ymPAwNA
zh)Ts?BW+n>*bvYfjHU#ZGSsb?0jVay1~jM$ouH8Mj$uWBp#Yd@%h9z(w~F7CpRMy1
z1#qn@5D-!vXhM$Ahx>h}mm54N4)^<C*?@^&F&PPg$GKfn(`)5t=mPZoZd!pBMNC30
zOGB87f2@=-L295M)AQ=CTAiETU!F8U>O@8&OC$DQ;C>Apb_eEf?Py5!$FoDg5APMl
z##qP_lg#1ATwva#on8)|6KOSItzu|80gi2>Xvi6ABpD3nn-CpLJsh0CjMhBva@*t3
zbUds42MoyU4<=1?1lQo;=J;5Td-c|czBhcfVmrA3iy4~tgH!}<AVu8n52R8;pwB&?
z7?&)q?qL~yumI-h_LvO*I)n+hc&^4FP$W54@(f3|`;eOH^25juPF<S<Jp3D-p?kuF
zI%7b9)=T_Gyy?H}vEf9x%jvE<!VJnDfKpCy*(9{glD)#O(^<X<#MT_}%7Khs<XV`+
z9D(YeE9p3uMf}x^X??AZ5=(#N+jw<{_U`~Oc>NgTO8Wn<X(wuhxmU}&a!3Lc65bGk
z3BpXB?IS(0oj*oWNMVsTQz*Ux%$%?~)QvF5EXpB;gWY*QfWsd5U#3V;7uS}}OlX#N
z&)W#JknI{auHR*@Itxb0rSA&K0Ou{1TCw<rih{ayQEQc5{8jrGP>_!nYst!@D!zs%
zp5SVU8~H>~O3S4x7d;(cdTkM2K1CW?><={y2ARDWswu!v@XNxz)=+bjzsDrgM~f%h
zl#e2h^wx#ao+Gs<dpE)V&%c3m`<Kyirn^K+Yg9%#sTe~-EJZOv1`N@oF{m{oxS{?O
z={!Kf6kg&nF01i*0$Qdm@0I|av!`4Q$9ICl>~2BmbrLo%3!c;?wkTd|r*3sWg49S9
z4o9Z4PR^d1+9J6$X7S(G71=iAuht5_yx=MGbG(+61#DP^Ws^_T7824XnvkYQ*NAcd
z&MYM8Md|>Kel8NKpM|oD{n-u(;n^;dFu(?-9%8={>QcKfyzh2ltpBAzvS+SngA5+p
z{?se6O`N&(F2-EWAiaH^RU}oB<>+GvXL*1PO|ybwb9nq2l%Ak{0IUvtj!KIpcoLXN
zx!cGU;1mK;SG-Mw;MeAI5&`4)QvQr)-yh+AlM_i^#4&Elhaz}jM8&(n_Qg|@6e=t8
zq4^F~-b3wG{?$?;Vz_;WIFv_`Y_^oq$lstX%tf8pm9=AV6|!$}HZSxQB*DfOq{c=r
zP&d(l4^meqz-C9-)VBEtOe!bBByM+A2KL=Zp`6j?6=g?+poz9tyr8d**g?%B(m5af
z%Vs<??5~0Fw+DlrEHPJQVzJ0PQTgC1mBSoC%$<$A_)6D@v>f8QAqvqURG%`mGNkuZ
z^Zw*FD!=_38M`G%p{dNWX5_r);$6*f9BGDj#l#2qVRRriR(g?2e2e9GN{-Y2fu>}-
zxF-mjw;*WBZ!s+~&!r26zB2<(DlZ?8KSB>R5c_YeV*=4J@v2!MrjtgdI!r*nYhkN7
zrSxkncF={981iAT;n`13jj)PME5Tc5Y1E{RNj>KtbjWjF>06`c>jI%6!nq-D^T^e9
z+d5ZC%eU-CorWS>u(F0T`=&IbjpAuua1ls&2=uazeCsR0EP<TieCvAPZz+ToWT)%u
zf8B}^HeYev9fXJ=0<N$43Pq9ILoW3|r+AaILKS%3`cJCoOu4t8?P$2K#<L>?F>E_4
zjZ<TirlL5R0!R)KeO%QBvmeydB3cJ;Z`aBnjufI^VxP-b%2i`(h2Uq1xBN~pFQ^+n
zJPti5zT5!o9&-laKG+Pa(@^^6=$q24O)A6%6Tg#vq10Q2H%gIy`5S$)6#cQ#0Am0Y
z^|Eq8`1|-ogVJWqkS#_19aF(>6=Q1l+KqgxfBqkGAfyKQUy%*u|HRSHiy;4N{Pw@}
z*T%2v`9D>ZHY(~(p8BrJfvduJMQm{${GaLpN@;)7a8AZ1=$`~AGICYs2t8Pc>aKMD
zOp2WGv67|b#Um-DB)f!59H;O9W1Z<KzG#<p9@^97D>0<gQL{m1M+-A0jey+(<MU8o
zKfByojdEz|S+6@c=mOHVYvWU*!pm`RHf?=U+n+$Wf=n>D$BtjMU}4{H4Jv44gs8rF
zk%0MO_zbh#K@d}7`23a5zFkVsnsM)l;n*sTSD3zZ4y%X~)*+VSKuaW2sFX_Lw17jH
zZvX#I2B?t%_4OAIo6TdnmG%f8I4Y=i2NPrkfNhPHaohV@JUN}QKS33GrMS`pe-=7c
z8&5G(49n$T6X?2poE>iK4)NehkqrNnEs&j$7e38a41bypp%hQHy)Q#lH>dN55az^u
zFF6AG{U3Q190%kZ%>BlHLw`8hx7V66-E9Q*P;z{5n-VN!k#4Rl&j^o1mR&pQLe~g)
z1;Bh@-M!wC_!<J&N7TV<Cx(XfvP^&76IguzaY9Zd#+RNBM(8`}_xKq@U{(ymVJCL0
zUj52Gy(?_EUj2`H$D+N6Xrq?ZmVw{0z}`1bo+LhQBB~j}fu=R-d}dAP79_mRm0X3*
z1AX#ON(5r<qp8i9QdEMZM0s;Wvm|Q~uzCw(i)OBI)D8amQ_BHAWsS0*-}AlN1HdXt
zAxBWI(hwW_Y&!Z{Z5WT|(<9(o?Jq>8qXA7a_73KfF;bQaLB{y=5rC2}3W);|*QEv|
zjBe`t&J;rAie1A6|FoIdoBPg>UmC*&@$44AvPO{;YOX$M`2q3Z;nV<90Sb}gwZ`m(
z>D}~mC{1z<4TkN?!^ent7@z0Yn<vtzP$0{9?xWYEJYhWarkRA??~<M7h!3E=yf)x8
zY&V`|ujsP`Vuvy1{;rLvU6^T@5|5JqmIhuF7lwQ4=#5w^(}QJq525&KBq>Kf#(&ra
zqJ^c4UrJ{sY)OE4X-7M150^@)nJbc1WcyswM}QBbZk`ynDM5!riGYX2EBT;{_kPkN
zYpFN<X9{UIInxwAeFmdomRoW<td43hgYcNt<>T#5!rjwVDNxd5ZgTIfbP(=1BeODf
zxq*)k3kW{1tV~wit~l>Q6BOL3QLc=fy3hAeuNsX(4KLRjjS)xSM*;NUab<_uf>Qby
z&hOm_yIH(d{i#9CAA#H!3DU~oexdj-FjvS8V`-(*7XPkYq1S7d&EO7ZbSOLo^E#Yc
zRl;akTC4B+6Qto4YOM6iO3M=DpDLCV%O5Hiso>=xHSu-JcK}4}uwaB*nF7ClG~20k
zbusLsvh)LSi+3#fz{%opi~p*Uhz-P9Ow;T_D9AaBAlyJ@I{)la-)zYN(9c+vD2wa{
zqow=(s~zCPCJeI+Cr1Pd+7&(uvGC)GG34cbn=}f|hMk@`Teq3rtXN765`a<mL=n1f
zC|}s6R{zD!Lb6S`@Ad6`x34*C4EP}OM{o@CPCQ84Pnb&D@l||F5`5oH3P+9rM{b0_
zIr>pZ6z$AD+L7-cCr3VAb7URXIq*^2&Nc&5vv|)K$$*OEa<im4sV;ty%z3Mrc!$vz
z3ENqCt<59f$@pm?{b?CjR1lTvq8l{;agLDSveV>xv+%^gWa;U@7Wjb`nH6$~GE-2c
zs-lky)KL0mBdcQvrYDfnzT<}ztlooxNY4%ZuWW*Yo5(XOoRpj<Z<i?>k#)Z8C>^*q
zuKSjUx2j3vCGQ+oeEZqhrF5}|=?T)-%G~`X{)RKMl<j`dR#MDh($>iytso~vX9;-b
z3kwdJJ}cpjOdp&oTj=z+yCLtZ#8oj24GmSm{O%hQLtZi#v{e~IPJpRTmx%hTs7?VB
zr5z4H%3c!iPs31gME^+Pqb-QLU_(Rr%8&^S9f*RCFho~pLzSI*)>~N8zN+65T=Wj2
zPR4m^2eIw-ZiDV8@F(DLo872un_Q;!-Mw!XXf-^4D=1hV+39-9d0zlks<{TXIj595
z{u5uge`zppU%ZOD=47n}c5n&zoLra^%Rjdu-=FY=ncS9R%JeMPgUdNzri05pWW(^x
zy~g3Ee!sxd1{U37%cvLu5Yr#V^y{^<xPZXuynK6T3GTG5>JWQU9K?%6>C_H}w4B9H
z?McxRB`R%>i0mGSZR`RlrTc)N$csj6fImIAuS7p<Ao<IO{fLC)$i94iPSG3WyuSXt
z6_Pa=0ect`N}Lv?5HktofSk73F843C?(GTBnLSn40K2Dshx=Nsw7>ueOq=9npBGoN
z?X#NifEQtkt5x1~1qf@r+1(f|RG1Uh;1`;~@m9d*L0Aq>Zm=zvUIp8_GUtzuN@X8J
z;+UMM8Mczj%nwI#=4pQ-=tzFhJPj9gh#79lB$lFmr1tAL6SxL=K>V&kYz+%TbJkop
zU6|wD@2^073H<-XZ1AId{rHK7d0KqajBv)$2(GaA<IQ?b<dbm5#oKgYb^PY@_dc86
zTkeMqR>8C+*Ozac4#Y$l^9$0fY9<)jg9l;*9I_Mnk8Tzba+Icj3sggVfT;-wCo|bl
z3Nyd-7R^}l*B;Hvx6yCIpR%gyKBMc#^Lz%9Hsv$-4yXL1?ty#vov{;*;S`W1hUsR{
zHacg7O&JcGWo}N^hkANHLS27dH$U_eY-Nr2x1&X`5m`V(rtsZeAgOWtR8YD0d~Mv7
zLxpAW+TGJL<#7CV1lPJYNqJ2<y#{Je&Vol>Q!=Nsr=Yb<q`5^24&VT>gCr)d=!Q~0
ziyi=K-M<x_{r==1q>wJI-QpJOt|+N(i(omX?@z#e;Elg|5iWoMmP$lAWpsoST3+0W
zk0W35TEzM4H9q{}<G-kz%gojusnUx3SxMib-B*?RR5*GF<_WgjiNpB*mjEdQPdJ6M
zRuQTHFgZ~8Zx;Dz_f22yBRq~t^iBmLNlX2y=K1>V!md57&+9|~C+>$DK1oliC5QQ9
zM(d}o^%z%qAC#RZCFN-x;U_u9cH{HA==rzcn<f6u__nu}=()KKN8tWl&(osT=-bQk
z(|)0br(T-#&9&t0(>VA&DWmoJvQKnJ7VsA6;hmUw2;LdSUjkIo8*jjK=e6@;J?f`j
z@F09G0eYWrA=igId3IX9LVq<RdKHX{%HpNq^>`SeC7e8rQ>0X0>uF5vJu#lCL@Apa
z_1jicTRX9Et591t{DSW?4>K@vt+07f*RJNB@}_?Jc1zUs^xgfHc2Mo|eCKYw5YrHJ
z1M#b<Xuk$waE>HO{F4vFu-{4@>cs!(2$pvlgWBVn2`!TD+`RA5A}2G03SGBW-6wm$
z-A+@7nr!f~(2NdpTqz$wNlCv?X^je^EV4#vTh7$}T&G0KO5d%jR0VaTdhLjbLbS)W
zn|H+qjYw%l*rQQ8+mW6M456%3{wp)w;Y>?RIHXwf)JrMV-UpNmBVHkYV)zkO;sBIC
ztr}SY%-~Ka{?j*5xcfEAb*9E8ifgjMFcMch7)&6$2o~L93Q>a)dxoDPKkRACp2?HC
zw^<UVCd9<peUBx>-!sGtE}c2*eYL4$PDoY>0^--S?OW>Dt_dLUgwo=rSp-SLKfqY@
z+t2$QtHwu4gcN^&w`R*`GUdAM-LA??_ffu^x_Wjs6Cz<4^Z$!8Wjh3`V5Kk2{t%XR
z@t=m2`*I_m=&G(GN|?Om3mAuEIG~EU{s~41(6g@9i*<@$K!65S*+4J0V(Iff?nn18
z96}8<q=w$*b9h(Ymub4gmHq6U{$^XrQBIyzM$ezjOu9^LS;o-Qch;jQ=q|4r(y^sh
zd#LS_rNjTPom$jy!a>hQW>&){j2o~bMmIv@slgYXOw$U>dN<OO(ZbSeUh^-|yEb_=
zt$?@X_39(b=61v%vXGELFQ`TN5WeS-&#=9dzi;ojj<-=G6P?osqXTq?4cgZe8~VPK
z#6~&lmb|8aIE>S%`pbBq2Q{jG?tD0eI-aAXG9(TP5GmxO-5N42g(IBpl2S6V_N&wV
z7t)cxuGOm+>uPmDD<BT!0>yMJUkAqd&;amR=VUH-YvhS83Ce-R$Kt2nYCu*y(SqW|
zkqIouo8;<j!1TB#VVX)`sB^<Ai+r0osPF3wG5Gz^s0ihjYMhdtC^H8#rZ}3o*bl?B
z1dlW5LtIJSUs+?ZF{@$ekOL!_(XgZrBgBRMKoTOk=3fH*;VAE3NwX3f!IaJw{$F-S
zWxcvCu6w9cG^Mr$C<It|F<59%g}RzL^_+>O%kl_4_~kYDbhDdCQl;zh2?Aha<u*%+
z6b_K!JGeIqG-Gy>=|&*nIOUz7o10^V8kV`7dxtKNVLl42uE4(^1~8lbLA=QOnkXQ_
zM*|t;_qeH<x-*j2xI-7}%2!`^NoA8u31ADhp%lSr265~E`RvOM4~+F|Iie=WW$#Jq
zqBG&ilBUciJqTwt;C6R3%lqj2PzHrjc{}fr&d;ir&&sVZ!GXL^vjnT5KD^pPK8-eM
zE{xI@65i5oVpnzerdvS8I|l?NN@n}Nh1XD5N;Bs~-#9g8CE702m+R`{TSItUR38C&
zK=DR=*c1{j2gd*GRT!lY_KjyHgi5({BjJi{*O6?ab1^*de2gbv(g|N;0JI9j6*ke`
zR1}ZHE5XRZ5O2BF-RSEaMc8KVH8kg}7cU?IGrR&?ksHtOAW%3$lUhTSE<UF8{i((Z
zdmv@E#_iE<Wn<jvqocvc{Y9x!)D!p7l$?{Z5tRs<ul;v9LjT7Yo^<gokTHF~jX{|d
z+3Lu~I6v6;>+Z!R*L{tbsex|Ml`Dn)e#eARy3X2-f_u!7mUIN1E~(*5nfyCqlymxI
z+P2qP`o^_pBPOH|RJcEjiN-fee-Uu!6p<ai?lF5l#{UFYUX2f77CTUtk8$_(mpYJ=
z?;JYAO`IPk?&-YmhhM3OUfGG)I&pQ9pI{EcN2-z6z2zl&{M(q(b3)z3ro`T|gMx!<
z3!wJG37t%^3)O~EzE@R8-bXV44mFA$ZnpZ0#Yc1Y))>gI-s6(O3UxFp>$jB}!aaAA
z^{A3=X}!7(LS2W;ZR3RmUxN^#+_lzDe)a5`_tZoMmygJ>9Pbe>q|hSch+Z}CaWo}+
zR2OwwGBv$Fodj*6LNlgorHga8p|QwI)d0WP&5q>y10wd#yOk+$smL)*K4<&S2>c6I
zzj=3-sb>xIY>*z<aF$q_K9;I{iLxqZlU-GJ7OPdn@gBkU!zU+#WMNLo4P3oAkX4wC
zDzOPct#U{omvFwG9m*Qp`zx`<`6l+p?Ac6Zt2xO&v%-W9d<g-@i53jKXMFZ8u|~>M
zaESIwAOEMZ&33W|_r|gk#w9?h=ZbL{)5CkXVSPGUzoz|aqLe_w-Qx}iQKwE7oMamE
zM5_34+F^k#!B8#j2K4J@P_3%UgSS4XxUM=%GlL4WS_!qN(RiPoAFa1}5jx|*6_tqI
zX^`3h{jWJnJb9r3aqj7VnIe6IX99oUeh(^|nd#;j_r$06bH4ws&sJTz+V?di07vw{
zdJ-)?eQ+CO-yq07BtQ~5aYyIQ()q!F_rqd>E4>ByF*JL2jF+<LN;O}5Q`vaVmDOGQ
zWSUFWM`QI>FjZbiG<+uDy?rL-9Ha77x}1smU+phUWNN<0A;k<(Pi0p6k|`=FfIXZ{
zI_aH7(E)LNmJ?m~KZ+aa<yt-Up{|w%#HAs8)5#wmlVX^M2iBQ?Ni>#xc=Y1Af2-$2
z;3w+;l4U)ROF{0r+&}}|Od<AF;wT~9BL0{H><Ycz1N9vJ!DKh;DRJOXp(Z|Vns?<z
z%sJEVIFP2+@I)%IZHw|q<$jEM=Zam653u{6T;_KT_y3r>%BZ@QC5>y);2zw9yAvR2
zaCdiiKe)RlxVyV+a1R{Zf(CaE&Yb(+%+35^(X3vZ+Fjk%RrP&UJL|C#lL!3YMYof_
zTrZ{TJ`-;|_=s!^>>T_+2UjPixgB3#^h0HRmv+M%2^wpXYvTSV2Z!vaUBcO37cibo
zmOu-D#DQsSwES^wG7|<{)T*K>!X*?7`_H3R+kEyeq~FaWdK<A$HovF6`-K=&nX7xC
zt|q>}<xw%mqG$shf8`DR6SB<1*&RL{<(<hXz@Lro@gPQ22+$3HiMgL>E@|cPKod!7
zk!2QIO2bxrs)m{)aiY<g|A&A9EN62hf>cR;hDCiK5tD4?P*#!K;!REX*K*d8DZ7{b
zgvw@)?QYLTOIL+je4J`4F$XSouVaJHM0r?F5B$Hc0bk;`A;#^BI-~6O%S%2cLhN&C
z&#O|3w8v(Tg~GtJ&c!#fV3C`3$;jYPsUegb?Rg6^sp#X7NAU!~(6(X#xc?<qU}g>3
zfd%<W*%q)S#Z{894JAXdvK&DtKLDXe>W_k$OF!t`WL1@e<+lk@t7XHesvp+qii3ca
zC-AkQvoz0;J|5%ZpEDi`l`^vYLswDc5>G<cLM>y75gq>$FF9skRJCDQ;TH$f$9|W?
z#T>WO5b#7m#Qz2%dE1O6g-^@uU;1Ie&%3%n>)UeDe|$<}=q)5XVdvt8%5pKvPexvJ
zCgH}H`aK$#PJg6*((I8rSOJBUJodInvP5f<cnU*utYF5t^B<JHkid-5oqDN^8ZUZ?
z5laor)Y%^XYJf3O#gBf(14mL?ea}oQ959VFxLEI^S{NhozbG$9#f&jyMZDl{Sx-Q{
z6qk@-1#=$VuULgx>m-Zvw6o$VUEa}SxcrXsTP~u*j^(<7*Riopa|iy807ueau>%IC
zlmVX~l&(ovtcYMsl;1D^i9J-YM9KkReL%t7&BVJ*%ks8bAW{;9zjiPJXl=MMQ$^Kp
z1oqjNK)*dsmLs8P@6i62s*&HPwIF;~Zy_FtTn0Gg#8ChS*sHb$AV_h2jSR5Rb)Uel
ztp(sFupIHsk#hfe{*gjr>e;teyBr|N3ownpgcMG_3J3jj#85p`u9kl2LgyI1P`U9%
z`%2|vr3*!q_nHHE8P6vKZhrR(MH-uekDl=QzeFJDH^$*yutrcHknsQ(94(Ju4atG)
zsl>gwbuDgaPslt0mb-6X1=X;KQCBYZo;9N#NJ!J*o))Xr(Yv|T)dM6hX}99KUdmG+
zReOjx|KTI?eOKzyvv5W+4{}I%5oSJSNiPI&*X$XlMPGMK<{@Z~z4Dds^nKfEj>`_l
z-(UOve;k3V`>&_qXif_3voWqb_(-0@a_~1f0e&j)Po70Ix5tXSF|7J=>z)i&qzR8(
zJz2FggB~R4Tud$GW4FqSc)R|?LU<`CYM<UC=!LP0i(Zb85->G_eOzh;Xx2@Fpwn>G
zv@d^<E}Vy0fHwnpChz}k2LHy*2S0gpqNB6MvEkhxy1D8H9-m44w>o+n9Hi4b%0UvB
zJ{MqwK+Dda@UZng!`02X@{M@4OSnK<S=VQ_*{6&DEl)X+HhYT|BftwwA5^pu8yIpq
zTUEi3jI1Wu1n_A;4ohua#OBk-+Di36AsUuN#>^-@<-JzFob{#mLA{s)A1Mjw6hW~1
zEJf-L#c`ID&?&3REE3*WVzh=EgNk({%8)83U6(GK;<7CR8V()*mncQBC&=L`A4POz
zheUwR)C-To^n1HoEE6;r;GGdmu##F<oIe-<cq8|@Eb1I-PWK3pu}FcGbU&CMzQYu*
zaQ_(2E)&pLQa*@J)#paN<VcO+*ykIcRA7F@7;RLX&7On9TDkAdFBL34d^qa(716Qn
z|Il%i@J3;NREu{lE&G&K#K9lVkHp{~5+5uocvWQ_?JE*z9)6Nt&_FzzOV<NfI)Gk$
zlrZR(8O`vtvm48|hY1XQdyvlX$kfq&HW#s3Z?LCRq6LAk8}=@3Kx|#IiP@5t;*Z;l
zs`W73B_A9d1LzjIO}_6a9319ngGmvQ-;Ig+S%xx*zO!-g;(TbA+R@@OG5ZjTX;__r
z?KU8@g_c|v<=MA^>`!`lm|p_;4<iwr#~(=9#L0fIq7)ck!;<@S<aB5<PQ}>kVR@q;
zA)+U0hIYN_|8jKJ+-lbXbxI)LQaM!!O6*Nldh03ovKoIu>>dbEdfS4}*05DM!49&Y
zPgR;_u1I%5Sm^;d8Iu5gTw}KtO7`>rW0)WU=C6IT(hgOcx+s&|(r5t~5HNxep6chs
z`*uhW35d_r@By-;eiyR`eh_)|0kspr{3Mn8j+KeoJWdNo>+Ok=*?6+?*cT#){G7cW
z!dvULzBFkOI3D@dLT?XamDyamR<ZviHp9Vxx^e2rR+v3Ar>c#rlG9Qbqp#PlA!A$K
zt$ooZ7%;}6Vh5oEMvmP7y7^(A%Y-{K<K=~2-|%-rCNA)Iu&m<ocEoRl{l$_a677tx
zh0Q-SHTQHn_j>qhu=4)F{%kP)9LpCG?(jY>Fm$iD2}yn{6YRrm_dCP~^@IQ1fVClw
zXrbLcW|6gl9?C@Z(EvT3>voLL@xkS?AzLBZ8Q`BS4vU&KceooPlxukV*jN>1;WgcM
zQ90lD9a~ME<@bbI;OOos+PdVk(DWa%e{p>nA|*7QoYWRcuS_T+u&9uzQMghNBd~iy
z6=$scWWqxD2!xy548O~fegbf}Zqb6%SyxkLWsy4B1C1c24-20n&(Y*cZUFz;IOXU8
z^N+q+(}y2jg-GCy)erDxlgTYGav||jcx9vVwk3#Rx?Ih#8{@M7nW*@`hYaSYAcCj*
zGznO9Fz8HXD)p<jz{|&lg#uqjjT$4*Z{7vy5LTN8#0k2>&8vqjwA$Tpv*iyla<xj0
zoh9(D9oaH=Zva93gSw)!+wSONH)aYlMgNQa-7@V9v0Wx}w&OqOFeT0}FJnZ)|MgyA
z9piH2U0!^Hb~P5s<-YJ(N2o+XiGm62F&~F1RyeSfj%L=IphyoN^8ZV=1#j&yfkoj^
zGctQ%jfz4J?0e+(QI$h(<xf4+I@&`X7>@v!w9_g*+js7-G()@j)oJ%jz3P?3x4xW$
z!rGWmKMfwwC4CsqBUc)1zPMB;AGf)A>WY=0o%<|EX}nI1bkThZ6-2~SoY3I_#w{jk
z#QFcp;RZq<ethD|ouzpQF(VLnQj>^T!nc@X++$>j!aA-_6H=JSIIMYo+2C`Bf(J~~
zi2pD7v~O<r<I~JIO;Oi3NK~+>5F=F55dVnUCn`88gQ^ipxHf1FOhkU3b)r$%X@9|8
z6M`#4DCpWf(V6oG8N;&$npZbuLBEi3E=gwNquw5^ivid`=>Lg5h);Mxvm@={Lj8ib
z&`dCB<_Y=i=1Ley>Ht-@z9f$LlLn-T3K4f?$MaABFV5QBB>@X02o?zcgacGZcp}Sg
zyDs+1cJOJjOL!rY!8b`yO}ocNsiqC%%vX1bpK0V-R0+nYBdmS>xnZR$j=jwvxtF7O
zS>MY6r`OBir=Y6Zf={r)Px}#0hA~Gh8pn^_00XXP{@P8ub1FQy3u$8I4m`|jqh_5^
z*4qFj97k=6yR1v#sHrx^Y9{y&MdIM8p3Be`5t}6lZlJ%RpV3lFp^9$%z<k{l_d}|Z
zWt#HfazTq~3cRo=@;3jst|Ie=oKG_{Hvg<^#u4Ic&Dbzj+pPH4V<gfgOtHs>pn~Rd
zKQ$2uMwp&eM18?8`Ga4$_|t6D6UBjp3Z7pwYf2lssko(uOPV4t-M>Ant@ODx>N}9g
z-4!JtX7bP_btGqJ3IW0_(Qh>q`?ab@_h07km`7BB4j1B&ZotuphyBCsfiMku$Goif
z>wE9tAptkuKw@~l#DHrj<vMY$96-ml|L^^!K^);<MOoiZ1Hv-%vW^-c6~)^P2$a;c
zHV1L_)r4)mKC1`N?|!kK#!$H1$)=LN5>?Q~PYrm`a>HnvX$24+cYFKxrr+N;gJ2_4
zsF$QoBJjI~WW}L%8>T58@eQ&|fnT9>WpYg8O!uEX&$_qDoE_ltGf>=ghu47HMq~QR
z!P!Z*doHZm=!znkB`jwJm3|w{l#i>=wNw2Jyryb)+|I<M)<WgiP2-XmI5F(!RZ@@I
zU*j{hw6E25i2;!om$)O~TI<1hw2n0U%1*-%2N`yB7Ld3J?=n4$A18hqvhBKh&Oz$K
z<Fd+Eo51VqBtzGRQ^Q9Kemka&_v1oNj*(~|)#93<R}cH7aGf{lwIig2<Ty<C?|!7{
zI%ky+Zp159xyo>i+vNl*`ekph_(|VOHaL+2N)(96RpK@?U>sT!nq5!zWN(!aKcT#g
z=G)Cq#||F$v={D*F)XEC;%0L!CSQ8BhM9Oald6qtI@h|^R-&4RR(t_{i>TGm2QD-(
zTj@3j6rB0@1&t=pqJ)|mIx9U^waKe8Y@i7f4-UQHr!?}P=5uT^$8$k%0_%FM<E&8t
zjJ4f5^+x<k#EaM|dnYn$Ra~KT3GnQb@_!_%eZA@JNK}`Sg?IOb093hqbbm4@n^7EV
z>>M$cxcb^#Ag7yA5NfIsjD?XgbFtBDze>Ogiy}?3R7dAkG@_3sU~lW{{KZmcmv&d-
zES&60zmWbW3Ky#QjrgaN60kwF@?iUi;>NsUPjj%}cK0KD3Gp1UxNK#Ox%pIP>Z)3B
z#SaKH^p|#{B=4N}!#+vaf>#?|6l3<?U;0J9s)43XlW<5%ji{eMQ{6lGsx6I3ooe5^
z8mm#)WZcB(;udorWc{twl#S*O9L7~V7Wx?Omi2N~;ghVR%FwKt=K<5GnRnw_{HGe%
z<tC-k{ien)0UtAiqa&su<!w<Nja@|0Gf%4ICZgcM;mCMF9TOhNf<0|WP3sXd7cnp-
ziKqVmu~>5MBc}Sbejb#2%J77DyK(0z<MVL399DmBq=S?=n=kZ9S!$X{2B)lZ0M3KQ
z_`U~o-2lrRWt-%vsLI_j$n_Hcbp<t4?eU^%;(V@#C4d7?`?{hm@N4?XRl^FAw#ztO
zy?N)#Nr3W>?8@o*;4Ad0hC6@ufhkrH_+w8jz-*OJmF7O>_Fp#=Zi*O(sY_*dwU#;`
zt11?vj?H_ei~Q$gJXIge?Qfe)Qw@nX&$zFTssS0b_nW_K_Om?72vnX|%0$*EE@a&r
z4fwokr@gj$p{JTvS*j!`6Uy7|Op9I|HASm6)L!qD{BB37(q-Lx^e6PmANblobX)Ub
z7&{?(I%2>I^wDiY%0r?dAbDzEcjZiBs>2FcC}G0O)ojSBN6LwJ#Ykkdp}9e4LB)a7
zr-1*GN)e2Gur9Y5kseedivO&!Ak}0prci50weQ$f0zWu!w_kzaJ-ey9bHWTOSmF9P
z%=9U2aO=DZJD<_~dtcZ7ygl{Tj3cj=e}jl$7m-z3ShC(yv<pM6HETMPNjwI}<Lezc
zn014jRS73PYR&$YHj{5myZpr#t)c)1H-^}D#~F6o<9(BQrfO)zapH43v*&(}JeAG3
zoI#rlg$Khz%<X|Dm{%hIpPe6H^0h<-deuT!V>h3h2um~^<){z&@U@W}Nvlec>zNHs
z{GyxDQ@^2+kvtsdc^HvY*8xhWM@%QXI<dVaweO`pW&{vl=gtqfj<2qcA(;T)r*$vp
zY~QWu^%iyPU}_njITeo!{sY7}5kD$0ecdCMICCWBj;QGGE6;4EN6&j^@#Ylo-ZB_-
zz$R!^z`=rP%Oh)(QbgYl3WC7Jf(gmXi!%2Ym_Wv%RGi};Cr`U+GVjV!3w)vb#%_uR
zgNv2-uaA+T=p6(I+GZ5(UqB4Sgzn3Gjcqm92W<&@=pJlmxH@`g<Pn(6!_1)uP5IB<
z!H}tL`)E$o`?ao=)03V|WgKDk6L@2d9!-u|^Ef;mnqcC$67p^%(|o!f#P8n0nJ=o;
zc5MEYF6@p3`yJ2li=}n2L*WEkg1!Uv7UEg3Paho=%kd0A<Y4$W%QV@;n-hcUY?WIY
z=4%b<(u;nJ%DvCcPxUFmJ+QUteUKG`Y!<#+_G?hm2&7q==&T~4*&)#UQT^=qT@r1g
z{C8-yWH#u!jWKYkm`%EA>Wsi0_-TGmFrjCX_h2+wKOX@fRN1IK`sT|FusUzm4TCi&
zKdD_%e^COQq7%_<azyPWQ+<MDLPTUr3V~^(r0fHaJ|T_`uGdz24!^MAFh+^>U*jui
z9o>*sHC8eDaU(K-r~Gxm9lK}{5vP+v<c6G-rvuel{bWIt!(R=~4bd7kc4lM$q*HoR
z6AqGq`0*ZkNstNz7>*`G?7Rgb)&NkLu$P&4`aO@=kHEUiWWtdnA5Z5WHmqGyG3=zK
z2q<k;jxZwSYtD15)z)()&^P_&5+))UwPtu7K`6vLCqA<aP4<NQqt2mVVk;m+2yZz2
z+EJ5Kdv*eMM}GL6Fkw8{(tP7f7xQ9W=;obat;1J&nhuYeXB)L`v<a5%YpF&>NjTr3
zg*aY=$PNAcJ3)tA{oK<Fr5I3C)@CZ`tR|7$2!YP|t{&5u2H=NYT`;v$j%wai!TJO8
z-gu4V#CQ3J0*JKVb|;yzNECq3<l~&R&B!~gI!j&5Q7ZC0IoxfVac=nlj<E^q%7-DA
zx0F;eT`f^*Fr;|gN=b7jS_OAcmiF$|MGn*sU7)R3&Gl>_YK|R9%Dgu>FmjNJ@ACC3
zkzqX~OOOgsCcjLZX18w)XDHPA7YmT~cNZd~wlnBmvp?K8gcaO7Z2-=}T%`bLPt%FB
z{Euq$6(pku=fxlyd0L?8hI!%jXMDa5n~TD?JHjQ|2%nxsQuc9~*yWKp)EY0K9vonj
z519Fsuq~)TT&iU7<Vk8TMbm@IQ>37-2itZ`-zMdTy<JfWp`iyGa$Hey!Wi3-wO>H5
zsfvVnq&B3L7QuKK3?ScL_YmW&>G<+D+&K~isyU_|ThkXMN0qB2_?z##kYzi%5&QzL
z#?hggR*CLdc>6wmuo&+8xp-%4V@ScpYBuQk^Js&atvWqV{uO?KREX`D+lbrGgEvg~
z{+N2)NNx<xuw?Zc!_!DFK7@Zfd_4?E)zK}Gz2qGD%2PKx5|%Ilb{d)HTe(o1WrWW4
z---@(AdTKPU(BOTMrk@%&Vcy!U*`JH`cMUvuI@FiF@D$aXi;!=?V;l^|BBEWVbc7`
zX)KmZQ^E+qV7%ur?$;uyFRzm-sTPKf7T*<yv$%E8<~7t_?sSFTbuC`u@3``Sp!j_}
zDl}|A<MTL@so|IdQ_$U_fP2&utOQ&Ozwq9m!2DSc@4dE+z<EoTztQ4pxjM|DsLVsf
ze#D|5mf?d>^%lt2V)M935~$x$si%pkhvrwUw?+a8`S$Kp8l;(h*}99Ep)lU&TFat(
z^z=z4WO*Uw&w)O0%~t))do0jw6p3&@EgIehC!snMGlhukZtd#2a<ir_JlwDY;^Wt)
znX{51nZy^F9&{pC8riF`bfTbh31xwkW!R23EC)+(?{7H|?77h?Lq@6%v<IOd#7?5H
zua|fLI0BclFs@E?B>#GIVzVed%3YU|GFP;RG@|L&FM4^hy!?nArn^Fa`0CTH>t+Yo
zv5k%?h3-K4=MeT&GF!vVTv64Ty;&l1Zs!Y&7HIaYl%X^C&gi$?P^%vyJ}k7jM-)_#
z6{uhI_Gh<qWj<#vUcRQx%n6n6egzEV1NXwu@#&?ObQ*V>0G-UUyl&)lcj8KvC^XS~
z;MX9t@=TPP=5r@2=j2UrwR8@t)xuv=jOoX{iji>3Xb_Mh2lH-q#m!P5x?IVvBBJ*c
z|E($eWTilf`zDo0wEv>#F?v3%T;WjZ@KS%bsfAHVD8`I2l^6@a$bkW#n`~edz)61>
z2E3G^O}WV@lZbu^jmZl<OZ-sNwNnS$v>q6^(y~ShgjCC09aqwXxbY~~=+q#dkt6Na
z$dnHg@Gp28-CQV31L$4B7k$|S^)QrLX!g7C>>r<G0Wo$(1<R5g;`<Jc?Q^SVtA1pO
z$*`)2Uu0a%C*A_Q(;qH^#p${Y9Ob#a)XoBesz*aH)1J|E-9@RURhZpfnB_pR*v|4*
z0p(0@t2(c-#s!(NL_nQ3saCD({g_MqZRcE3)B13i;tU_x2b53z=nzKJirHuBzr*nK
zFY+~W@^bnn#gvNBzagcw_NMjL3K~_0tlxCY6VrCOr6dCg)5zH7<Z!79<{<@v+XX)_
z$(4*FqA|sEQ}8egep1#bV@PH_vgg!Urb$*w{Yuz(BQ|gBnhfS}Q{Zf)#rT&<IHx-Q
zkt$4BIYo-Mw1lAG@neG93}<>7*4Xf|h$6$$r8q%KI<w?gF0Qkfb}tdlbJQm_BCD?+
z4gm5we9~zz8PZXvH^hWzj?<oB@Ma<biW%MaO5~gR1zx1vsT^~P4>1ww=vp2Z(TVo#
zM~jsE2{rD7JP0a}w5rm3G%zB(Q&CA`53kF}L!8gk)V+U55{e}&y$X|4L7ipER=N(i
zFuymrSPBCyU~5_%;^{LbYbChP1g%eBodK`YN!*jAaoW?>FYZk&DrK%DyDM^cZ9vHq
z=p_C58iP~L3B?OvQVTkeQCXr-oPubr2tw`XHR#Lc%&x+d&fa&;saD0Cn|Onsb0~+W
zkE$o#U2pr}o@G?x7BJ=g#P+wi6GCATVvbF=&bf|JI6(=gc7>0T&Kti<rM}E^kO71%
zYTNGxy$SX1WxfYjJFsiHM+=xHWzv2`p_vdD)1@ZRr~HWG^usa&Jo-YdJw2fOU^F1E
zImC$RKOV&w@uTdT2ZwyzJT<cdZ--6kZ!E&Dt3XZgCiR1MKP%&R!~qhK(S<}oYJsDQ
z%LbK<Qo~hyl<!kMZ4-ds$z@X(v9uQAy*KJ?Gl4=E`g9N<SH;d~;K&v9%3wncdKk}0
z6;zgS(>ZE}scxCTnq~e4{q$W;5-Hsgo?7IUg3ht&y8I{4zAA94y33B+Y<^~PN8Y30
z`6fur``!J0N9LPrX7K0F73x;zwOiEJ{K}meMOoTcG+B(G4^Dt~3(v%L_MiJXpO`=&
z5Zf(&JYX<WASM))?HfZlr%txb6ev!P7ex%&9!xJ0?>PTI=9=P4vJZI2olEnU<|SFa
zZ76z079`t#P>igBix|#Za-z~pb^@+#+3WLOA9ykEH|uMyW~?$=E+!N}?+p8a3}vcU
zPYM7lqGYgTWcjtFh^~X5sbFEvL1`Cl5>3a3o|MN(PwopfT}|bg$I2BDmOtX{+*^G&
zUZQo%<5vtSYp_h@i$8nW<S62vZ4%|8pSH|4PR!54JT|LSUa1Rs4RDnPf|SeEe|spx
zq~1@wA2%<VnUUDS_%-^D@Gpy48`(8o+yn!>pESF@dF)ZgQ&WIJtF?iGxx*E0uQEM(
zD$hL0p{bvksy;Ads)x1JvHb*(K2?1XR}-hd@g|mJl$l7nVgzaFnv3Eu1TsT;P#vP<
zs{e%|gU)m6*j^F`WX5@6H^f~8RgD;Kl9j`=<Pzj~`D52UQl;HOCl~_A!;62-5ubN6
z=ceiPV}Eoir#$hA7rrzfVx6OWEIJo21rFw9h_@<CXl(53)GtliF2CD{JBubWtM10x
zkvZXaFh8&VISXMr6)ZDZj8B;TDI?sBi}0CKj`zHG?I;lKyKYItlCPVY|8v(PwYx07
zQ*BLE)V$`V|5HT3`T`q3^|$GiQG^ZZU^GYgryAZ5PE$rwmZ<X_aZ#o?jXc#1IM`<W
z4Si@@L@7r4X5`2$5rdrJf4x$&no`~mfTDv0=QpKn8D69Pvmb&!g;7MFOU^yveylK?
zOml=uv8kJiaDGhIb3P4TxZB^K+u__si3QTHHB*)00I4>_!t@bNES&43lDf~NdU9O;
zF>DW<8(#aT@d3|z<$^=QT|f2lDqL9U=x^()Q*#Cf^xhWs8)mPLO9cLigB%64k*Z<8
z)J3&5sz9!o*6T$?pAAI+bpOQEg6veUClzrv-ZdH}&Qu89?hF^|IuvEeWs*ATg>}s{
z&ah{Q0>EASe<{(*oMon$L}UK(N2?~jN{hpMAeAwHgHyPA>B>k-ZY$pmODpm`iT}nq
zS9rA$&MIIH&mNw6VhVE61cFp1VV}oZNqUjYE~5ad?NjWZC1LNC4LbwvT01feMHHKZ
z>g5gYYNP`16Z5`YD4A1{tRe@)8-N`OmK~u0WT|FxqzYhZghK5uS=SsY6{Nq8%lGyy
zO?>WZukWLfn{p3Wh=Djjn+fO$=kTViJ>w@7wsU#yG+(omAqi9XvQNt=)75+rEw*$7
z93B|!XhmP@4#hp%{GtoO+39FanC*u3!kL6>|8>Ven$~GG+%{@aRYSpq1R$9qk0UzX
z?%@7wy8f)rcZUiqgTC?#$JSWfoeH>ii-W#$Q5%aYYf)=>bKNb89{R6cx4gEjsOeSI
z)AVch%GVRJM^4;F`>D#feCV|55NcTISnIEsc0mS4p4R+`e5NeXCw8IHDBvrRS0~yW
zTm^TP_&6Zr_z3vMYwWo8*sXllsXf_u%~#dA1|vtT`f52Mq28(T{jK%3EZ$|8=uSv}
zd)@TY+GT-QR;SdcIdP{WDsBVHHzq%aQHyqTTO1s=sN0(uGwJVak={bgCvB)~9^+x?
zxD9`mJJ6n!@cAY23l~_qSrh~wlqvS7?X2LgONfL(&#Q^dRy~Brg9EfwC%w1Z#Z;ts
z!Ph$AgNOMiJh7?5FJV(g2BV4%d|yp7N_N78j-@SAlI`C`1G2tR&%QhVQANdx2li~3
z*V48|watqH|3kxnxZPFr$opVHcFfZ*OH{?KT2V3ATZ>(<k==T7iZY_+LMj=13BaAs
zhwvvQuxDyps|v{x`0lSbNuq?`cZ#R?s$=tE3h_aQo=(@t;_~rUWhYO<s@umac*-3Z
zY?FFo?=WqxzVQhq$s^F)fwt7LVZqLG=o6y>rCVd1UR{jrMi@1`4cCnG)(i#Cj55A|
zl;dy%-`Ku_8-AJ-*MtQ-H{-4{H{f5jht(0?71__lr*tSyD-5s!9~vX))-C0lg(8Pd
zcjqx^fWF#4%Pm9XyNYW{ottXoD}N0y4*5D0V=E)&UDm2m=}E$`Eo~kq`*q`D8ZuN5
z?Qe4T_gdSncaQb1Jy&U$di+^4Q-Ub23DF$QXusJ*^EraLX9)xdw%<Q+zm<Xbz8QV&
zlYk>CG7`R3egW4~md_XLhU)uV?9W)Mh-A--1<67#+5G;kN+@*)?h?Ptx0zK8%E@vQ
z=s1@3R9l4yGg{{YP>|r}Q2lzGO;{c``U`h08|3Z5iPaC1xJP?cCh#A?iPbQ0A>-0y
z1DR}PL}L{#8xDYKF6N4U%Ct^*#2-%*XnU{;8{wEu^sh5cfp>niS3p{xT$lyG1b!~y
zF3E6r+I4eb&~Bale(gjMHB-*u5j7yq%R@5Kbtc<#%g&o*)={`CvthZGU2)5nlDTC3
zz*b#uQ$)eU?fB6zSnQgA)4kkbYRsp8HO1gF0ImFFSqAh_#(}5l)~Z$#nypwKyc9-M
zn<PYQn`TtwRN#ttmMnW~Lrce%KtE9AeG}U{62e{EjrJs|SL(8WsAdFaCUR(-S}vd|
zdYisN&{3}DP%8)?bbFy{r!DC%6!pDRFSvy5vOa3{Y|!Vgo_us@4qT$?2pQ1!qo&sZ
zoD{Ekq~>WScb78g{4z^y^jND!ve|Rly@)!CYJXCSiv_r;BBmN_Q%~@JkCU69=|t(G
zRkJGf(CNL_D_&Sp|5A21V*cK}^^2i9<%ya`ELF{`RXE2tgHXJr`Y5B*vf+SffYW16
zBBK*wX<ef2fQg*LgFSJ`==;>(asIXlz%+s3XI_n_Zi&%(x)!5MYZpIw`riwtq&nw-
z=_xS-Y?8~ZqAk4_o7^H-<7@>~*ZNJKy0kcpC)Rv^t&Mo|d_C(Yg~$$KaV6;FLu%=$
z5`<9Hsh@|Hko&?8x|N88e80GLySk-13>ffNx`o==eSH-@p*+h4d=>@$ps8ja*+KF_
z4dSL4TpZ_kWlYiEt<Y$ZOg{_ClD*DRH5Z&Ms;s?FEU`rb8d^P+UjWO;OdGmB5A55`
zNnE!eq_;}6b$uq^v+Kf96y!4X(j6NMN#_j?hQtX=&BZn%J6_LrqXSR=`&!h=IbENh
z60f-c;P)B}v3ydpLo#GEsJJ__+9Ue3HU>o7&+GaK6fH$<5iKF1HWwC~hLwryI7wn1
zYZv$1nTra#>U?)RFuAaxZQz#>J9Jl0Sae8eX=m3gc0LsCdpCUEeEMUw)G^P>fJZQi
zlec_6g*_b(L8#>DNiQhnyJQoQopueS{3Q_Zb-CpD+FxjBA>JpuUdwD@ndFot^9S()
zk)DxC;ilb*jLTUHSyATO0t|mweta`sd2x;EN~J0xx=H0vg7F%M5@dvJh2YNcsQ!bi
z<(+=&^a>Ug&C>cbjRbb|$*SZ0Oc<Ju&)3at>?v7Yna#hRTb&na2~RqX=;_H^hHjk!
zadW1A1|cWU1<|*D7&RBsj(!H>f1Z!4qK*lEiMi-Elrer(FB0t^pJa|^MBJfuB-Igb
z>p}Y)_vp^egCvBNw<LLmIW^?$yuWb?3M$DlPD(W=qZh!iX08!$$>fCwGV~wN37vdU
zE`HHsJ%qC=`Y^i2(%ij91W-?v{%(te*+GLQL+h2*Sao4fFbnasW5qCGZA=~l$0%Ow
z5{|p_&#wgJjtx?UAFaNnN8Byq(K`>20Q9&qpd=EHH-zhnkj?zo1>biV1ouzH?W8)g
zva&5cyq$~jB}g9@a#jSTg&@PlHK-L%>d@O6wuaOsc?dLXhrL+%kO4vc^P%2zruq6I
z$ae+NA>J5F3(=1G`r?RpJCs$00wz#F_q6C)`{bX&<t|ofkG^S_eX;#*ihoxC0}d48
zJr|F43^v<FEOV}(Tz@NYBN>p7QxKZa$~Ezq>;jTP-!&DazgLxlIhjwLI9;32enq(O
zm7Lv#PJr@;#0sIR$YP-W_^!HS?&4!Ao!+R2g33?GzKplK0yWuDEj#UKO*U6fw`WTK
zG=@1lJlA?w6KixpO7M5qWbC7gbo6otsI}rCwPJm$jLquIccEp~IVhy>Sa_si-UOwN
zb`5;Y13<4iiQ_H=jYEkxK4$U-uNB6M37$AjsAT#!QUHbSN%;-f$WDWe?CScav4q}O
z+>fYHd&5rgI7zOzo-^A4om_&mJlfSYRl<5|nz+x>Me|w}#^Uw?{Gbg!rc&pz)^3hl
zH0zJr*q{UjdFK5KY+)z66w-uW!*H3?#7|3-Aih25ECCTdD?_MzcXU3K$Z;P?$)JRl
zn|u3Oz|DhL3rT=_x3iEs-s$38aa8+R$17fejOpimYciPRGf2(I=Qq0FVvSlWFDsbi
zp}Hj#@1&jH%s)5PVc=nR>*XJ8F4CD4=IYg3R}h78Fd@Rfnmqn8h3Rg1CbLe?`xTyI
z&9B2srxu7qJ3U0`d6Ng!67%Lv9xUs1`L(){5Ab=jtOyu93CLUV3E&kYC0f=nqx!w;
zS}Ioj=v2A3nNslLsuExG6WM>lWXCCaXOy;(gY&2iN3taM$a%uDVV!MYKW$FJc>*C_
z=WE+K8~I+^93!&$9}UJB8{XGTS_>@!SuN}*E5$S~p4~{Fr~du4zm}*ZHwUoJ_LS%>
zJN`I!6n?xsc65m8M+I!t@NCHpi7~(UemIqIIER;2CF;3Z1jADhBs=N?$8cQ@$DHcl
z9&Mmg|4Ry)Fwd^A?qk59pjGyH259N^Sa|I-^U%!uAP($1DUAgiP|`&kL1jt5tU2TX
z8EG`=+=)keY=piScazY{I|XpnmIcq%S$iDBVpA4=F;>cqK|0F8&pOT3df2JM`OUSp
z0&><gh)^I`6yM;RiPQR+RMOQl!$R>4IC+<9qNYO}<-uvzc#$h3L$t0+yriG_0Dt=S
zYTjjM>@w|^{Ct(;YTyMRpKZ0{hi-&1xv+h^JU1Ktv7;$BU_KBA?FkUPV7p&+Q9#>M
zbZ@*X95bFnz>WTj8!17d%SiCscrF4x`al8`+f2Yjf-Sho-Don3Z=Z2=oHmn6O;3Du
zJs?`*FE@D#MX=uTmSU(N<px~S2dqza8KgQ^thgF$|80e>3tGP<)|SUTUtK0v#6n;K
zQ~UsWlAVCv6q_JV(&CL9$hmChY_fTzrB2|W3`hjnyHZ)G-Y7noONxU`SjF-L)c;X)
zUx6#~<m%uFOSlR87)39$%dMBurII+-v+h6-%X{qTs%i^S!=TC(P(rLfFkZ&9_lbB$
zr~5}(tC-)hC6{XL-o9mzSZQbFu4(ujs5Dxqa15}s_*){p%{Q?P$mjl>jme%kgJ>kt
z4EyU5qlp&MNMZpK{-N8zPKu;eHnlX?rv+@?_5W9JneMZ*_(w8IhwhNZ=|_^Wzb|M_
zVPb2m&9rFA^(48^S6*#cWkrz|ev32_xfwQpC72qAn+pBeicjZaLFG~8{-hi5yR1(u
zyTe^U3Qe$SNx=W3(7hpM2}~?oFEM*@R|v@w*0o;YmdAd!Vj>-fj|r{+@Zdns$F7hy
z&%4zVVaDaQz(XS$#tJ=9=^AdwprY?2Wx^5tz6^7MzFE`E?W#{N9a;t4RQ1?GsXUDx
z6|UZkMmlySDpi8Cx?@89TqqRamXjyIzEXJc3mGGGGw=FltnAtGQQ@z6oCE0P>-Out
z8|8`Ab6OmQJcaHd6)8cj3%;&D=;h46I<-fbiiYoM#FC-QZ^R!&=`~48At@Vost|&|
z1KrYG5|^YgB<%m0@$Y#<0e?s2NN<<4+@m-v_ltGKnN<-rKnMI=18e9)O7KNw{I_m&
zZn<1I^9sUuVVHwTlZw5#j_ROIL0h7uSPSUZF!<76H?Iafq=US7=L&sZ0$SYsU4I~^
zccWb!!3BuZ)nkx{V#y|r>+u#wN*0VL*cR)#tonzX(I-tz5*U(B%KX0thTR(f6)1MQ
z3s9OF3n;QrbN0uarrS8S;^`G<ljTxhK|XDXAe<c=&k%c1!v77wjwSd8DI=37F^GN;
zx?C=}X#afMVp7<~%{T4$Ve`VhbHNAMWf*n#?u@~K`Jua*FpZjmj3_HjhL@LozANQj
z2q$w&1GwVTBScG5_$Ku{F45BNFv%?V1emx=oAM9kn+s8}L70a?zW*{hvY1!JcYL7m
zY1LHPEJl`oH<~h)m8m?&N!m<KivCqM#p*|CRZKE^lz<u|@-cpNAw5PhX#|Hmd>MF_
z_`ldlh^3&k*$V|#YRXM-w4kkfe%{wK)&=}zQWn+^``a8f*@fjVT{Zxcy@;2Es@{&o
zSjUFh;$dM@B;J^A_)+%)!ExGVj*!T6lK6J{1=0C&63_Am0NAh3LLtY{VaLunvmV^A
zwWzQFtX>o1jD59|>1Kkr7UuM0-aV>Y&6lpNpvABj)7+}p)L8ol9ayMr(6lL5IKOK{
zLd<-Ta$CpHWSmibhYOJOf4#kUGV12TtV}(YSPCN+=$Btm=H|ab`9sz@IF2rqRw6#i
zKVMqNjc<Mb15f8B3N9!0R#{J}_>qA6ChVI>vzaa5rW0EXjgK^*!t2ue@fZlw%7e0<
z;Y-x-exgMNHH6lYUREILx4_Sa(=SC@Q5j!n)?#a<yiBkERL}$Ni|STDNT9gRIeH2C
znbuP0Yxgn2{@l;&{M)-H%>ncR@%0qt7Yy3%WI0uHF;21OzKLJihdDD?Yvy7QW6c$*
z)$nMt9<AV3tapR1XlZ|B{b*>SZ)B6C$Nky%^>1;)-08x+<*=}FAvj}bPE)`u$gf8Z
zq$I2a_{K__@8PRp|GxSfVHeIAXP4SayyumRawcC2ed-SHjSmS7cs~^V+B*8@S>*n3
z*C7{R;Olh*Vt!xgY@!n^Gb+#2#p2R|dG1<!0TM3|JFPmx8u(c6%(L*jFQ7VR+d$45
z#7YlE5WR^0e2W!crT7_V+`g$=cXs6t{6nA)Kq>M|iI@FsAFvFGALoNBZkVXtMcx$S
z*+9TL42-yvu>OgsK{4D$z)HOk;gp4AL}#q-xEzXb9b%?N#6qH~l!8;7`}Bhl+liC>
zZ{VnUT8;re=U<DmRLZ0{N|mlK^~hHq1fbydhfgKD0>>5IM?os;%pbNy0JzTe;;i@^
zOm2T{Wo5^DRlilz?Vk@UaLKt*P||6JOsbR|x5Vmmp1b{KPMBV>>tptF<+oP{!TKu*
z<+E$wk<k7Or53H(XJxSBVWjHdlwD$8?t8Gd^3AqZO00^v8hfVXC7##0&YqrHWA?4C
z)7P8*5qUrUj5PoKIM5II7hvMzVvFKZM!;C$IID^y#;MrIH}MzCaB3K94Mz-Ou@SKu
z8#S#Bjs!ccZ?+m^Z3X^KG8?KzV43+3oy3p3GGhPc5WYUFst|xRYz0OkE>pp67^kvc
z)oB9UO-`vQ#2T&)do|$lbA{gyzG@95j!VKvtCdYvRR93)R{gjaX$F1u<MVT<;P3ra
z9fVD~7@T1Q8A(s<H{50FN^n;SCXbr#Z*@=x)u6Q<RIr2=FF_vA`|B;S0uO6EL`<N$
zGPd1~)*V)e^H98h$^LoTOwqNp``o8c$Gh9T@}>BsHFK?*5BtQtm?XLC`EjtOye3Wy
z*)5FnwdV;S8JEFs*$`8;U{uoau}mNO(MdSKQ}15cwUZjor?W}_{toi#OOK1hZKXGF
z5IpzF(1`YzCW3{qZd}F3603_lhT8pS#Ynf<sE@F(!xDE4IljGccNTY;d4viVV7w&&
zg~GJud(CzX4FivfZa=<3(RPdztVIlX^rc@5#|V({Rltl~jvj}K^XD#`KztH?R;rd-
z<Rq2s1DFXpjoTLVk@LSz8mDjtVJ%)Lu(MKJtb52Za=8t3$qy(ARiuk);hmQ~J_c{#
zaY63nLA88@iR<hzA!T{`%vLr#UnX@*x!uR4<JvD0;RDA93XO3ubK3?JPX<W#V2B(9
z26D@qN`m&8sKaB4s2nx6`gUE}m3L@wY4pT~wX$i&*BwBDPLrC;(1vS~RM_eae#-O5
z_I=J$RfMka$v1=SfKK8zk-u0JM#nu&)Kxqdt@1RTD^&&>n#20CccgNn^*WuxTLQN;
zaEK*%%22mZ%IjS-SD>0>#jrE07W#g<zTxfxeQdZ0z|kq_NIuC>2N2pE#K@eKjH`VQ
zrvI+F$_&|n!*jFm7H<2^234$*DI~NTEpjYpRiehxgDCEj3{$9L9lk*9;tfLDI+WL~
z^46$ug^?>#YFkNb5BDV8yjAN&RbwRfM=!JR%dPq2@A2o6yPb+m{+cI7LAT-Llb@0R
z1S21|-UrF?7urLt0nDix(Pi0Ne^ZkPea?;~c-xT5cm=eD+)K!~JZrR>DbxmI*xNC5
zXh!#4(m7H$^x;aG(qjK#&AaNCsl{ee3(fo$8$$NXP<E~ae46gESqvS%#CmU3!yRf|
z0l;8LW!VhF$+hd|Psz(0I>R-gAA}?UKhafSWBYHEeW27KwtA1#V>kRgxB+}FKTuBR
zm&EH*Jy##(uTAqeFO$SfyQRu3h&vOoagR~Jy>jrc!4$y|!=TbE2|8v?rPQGP{umk}
z@})@+3I?Wyzx3#kD#3jH7m85t6mV0X$b&<&6RIG=hAR&;2DSJb0QhlG^^yo>SO|1I
zm!kUzDOcDcnfj4pPuo5aWE7v@9`Ng&OB+5^?yTES3SMN#QmmvmaBJUR9cZF}#=<xI
z!ef3Kp-6gD7c4kiBdGXX?Wvrn{Zjv)J&OUTeiuBWbtNu8dw{vkrhwqlgTz%(??Ykc
z3+ao-a$KxOhH`=htk2%wX0W+u4dn%V)WWZ)McTXeqqaU+YOL66B#W@#V?ojA`<v4Z
z=_@J?ko7NuigT71Ap^dAKq%793K40z!hqU(g+*$1|3twEVxoJ@;;i7kDn5gpv|Ou4
zLmE*5?WP%~6O1e*o#h7w5z!ze`S~5+7k4a=08qCwaM*_KG<FItl|J^n3MQU^kl*S*
z5sEq%oPITLw2r5mwp*o?0_80?L>2M%e0f*lcdE3)akMn^$OVNB!N!EJGkK-Vp>&D1
z<GNUxGfmwSay_Z!j>B0cd2iv?+Pd%OuT(y>T($d_)>&I#JbhrlsNNvq@-=R|9jl!L
z0zBhR^?P4QMEQ<Ow?0YyQFj#(MiNtLHJ_(CW|<i}-2fetjClWS@vL`g$nP<tq0TgI
z5OVOG>o-l-Et+YJBTkOx<fYEcAImo%dm+Pe``H##tA!PvU}p7MQ(MwWmBuNx)V{|t
z=;Y=vN)OJM_~~C$+<AeG3ZUUr2AcZCdHVt850aG!o+U*@H98G+`$8Rz5uQ%|RZ?VT
z-GF@5jt;dhmqH-1Q!XeKuibl<>N7_A<%f@fSw5&pmV{F_&%<t|@p;GF7psDLBTgCP
z8}KyoB8Xf%yU0cYn)(ep(X?rGpH6>B4^!fuRWhA(r>f6#RAX!s%>V>aH6zkJsQcgZ
zvR|}{P3=fnG^t3aJ0cV1(h#WI#97*<$iHu6_QRwjP=|=K#Jw`c79>z<5!ID3(Wf1n
z4ai_j5AZ0+=5$ERATnY6bp&B51S1WvDX4<Ln_e~Yz#`z7ia@l1b;vG{C=0Rp)lcTL
zd%_^zIH{_a!BVD!O*;oS>@Nl}pFb`E8+Be^>xVx2noUGOyM~;>1G7g;Gbsr|<&=>k
zmBQ~>zj6g`si#V*{#i1@ooym0bhUMJ8z{7yi>@$xs7!+w%r4MM4jAJGY}R~pY{&oW
z9u%F7O(l`iaTjK(NJ(-CLmx5CWhTZ-7ZvX59+G9(U=?YB?QDh%Qpf_%aH{r@_G;o7
zRr?&<2c9%GK;VY#LmMGV<n;SWbUnBMf85D<Wek@lnMCny<!^QAT$DvSkA&HLn5z|H
z7>lz+;XG$im9o`<;0EOqHnKl;sf1GK0zE@>Lu$XWjK-)gP%hE(PAa<kxEY`|8k&6a
z-bwIvkL6SI*Wg)|tZK>9r6nPST<JszKZB!|yc?lSI8_u+OZw*A<j8SxfRT&BZQ6^}
z9N~V}fO)|q{<3f6ajfkNv8>NPs<eL1NnX|}9Lc_iV<G*W4B(cF1*Tqg=5uggnm;cl
zLJi+>+SEN0w8Kq3192GloeF2rFFKLmn0?ABc`%j;e1>pju$LPPyK&zm<%C@d>&~~b
zrf!Ao&0EW<ZYMVFHHbFYljSC;NpV4<eVDyS6p__dr=2Q@G;ND0|0W1As_v5$C$IrV
zz}O;Ft-jxI7AgSvtou+Dd&^?|6GY2bVTgdRJA;Y^5qZ5ZY9q&;zF&TP<<qGHEJz(L
z#jo=2s&?yfZ3K8)f!_W+IP!~5RBdq#?NTGD+k7=JV30c`&IYGc4SO#^T~JE%rx$tp
z`(w<b+kr+Pf`w85<GT|v?tgR+_@}Qe1>@;aTM}vcZb246NF68vdG`5ef4<~J+xE>l
z_%{_jQv++kr@Yl4FqX$yTJWhG_)YD&l*QkPFEHcc?rgUqpj%K91i#6MG+8|tJJ#5a
z<8=pY$ZiLI0eNJ`)_g8Sljk7k>oANO#h%2<4G$7ZMa|94u_1NS8u2ay5PBu^t1V;2
zU0iU=twEJ`5H*SIANcx?oUeRSRB;I=B+x(srsiPft`Qr=t$O>RYcoA7xHSMToB<om
zkXplwj%Zx_)Aa%s=P&jA2`E)(bi;7+wYs$%54O3RWlYd_hDAezYi!T6xa$c%8D!xU
z4H&Fi@oC%MO?%{m+Ce9PIZWO7G<5GKmd}_<lh!yRMneURm0H8>)8pjK#{ww(qzSt$
zy76KE_B*gl`*So0UMtDMtXy7MMg2HLwRQF(stk?>RxTA^NeO}M<Is~2yHlSLw2UH=
z34egXeP&Lt7TwWnVP6!;6XM|1fQt1RooQ3kU}Wgh8jz{bFX)7>7wi{uhKl)WuVH=E
zgGscwdT-W`58OOYKkl&!!nO@Rjs?c@W+>-s<mxgwHqq~k#)G<E=|ABFDYgjuQ^Wyv
z)ch5T+h;X`H!#@^js(~9VZJ%gLL1irmAAjkEaPmFw4Ey(t9MSdv=R%TOL)96ULa#N
zG&i@T0+Od%o4o-i<0o#tDu@%0RqYzj%ie|Gg>5sCa+1flUU0i)rR<&Lkij(&uADk-
zT2pD;)-8MFoH{|3E10@dY3SB1Z8%N|kDQejZZ#)XH<ZYl>X)lCQS``u9&;Tq8jXK%
z#eu_|jL(mW)?lRb$Ag?#{^cX41b}cwbN?dnxY+(Xbq2_&BMD8lU`L+;<FvnLhXq^k
zkI=QgEdIbTJx2Akdm(yuZO+2jLfadMfa@SPRoA?kAmq6|4xtwi(1eqdmixZhb8NO`
zC)+Oc2M>$j;8Cz|(XgYw&5l*$tT%)1YuK;@mYHn9&6A_S==)fS53L{kPXLM^WSjj(
zL&iR20=*|JDYqfQO3uFIR3l&2y)~3FC-+`B>Phx&=Wh21d?=SYrUdUKtwx<_Be;}I
zgV~P8`|hkK()i(EFUhpFiPU*9@Yn8ToZ1_giVR_C8{O1qVK;>)bpNL!Ub6+7a7R*V
z7q_+CpatbG8xOOQd>l>T@c?IKn4F3E(g-<}pWINfYcw`jVH!l!$hcNlRVGVa0pKAR
z7?g`{i!hOzNDdn3MKiBL_Zk;Zgp<bqi5M>n`e(}DJ97$I@Uy;i8cuC(Z3hkmzQrjY
zFvKVK3HMjy#^6iCioJTKj$eQR<$$j&$OHMv(+v%<(FpT9uhRH;hUsSF)Yb*p$?F|l
zgKSs(<Dj6%Y=^)^a$U58`QxjB(C2RDQ!-J<@}NWid-k@b(po##y&;;1g*S;_j1SV-
zq)?eSQE+r@w)6gK()4IPsQK<=*o{S=P2i7?q3%_|_#)y)`QmNpUsOIacpa7+&x{#!
zgBuC~z$NY`j`f+G?JQyRAg;_S%32s%3oG(K>KMFm04Bzelj1c!?kFl7llxy+F@n`f
z;WRCW$~`lPHRaF>PwYN@0B^j1ObW|pUGNQ5^gct~x6>U*UzA`om+A|HPWdYPRXXFi
zD2TsO(U_CD|D|F5v_<>boPyK_kfd)W)uyE3roR2katt<QWj(ol0j>>ji2td=`Uz2S
zx8dJw_kL5FYbw{J)7#U^-&H#?)%~`npwrW915jq<>i2e{YGgjA83_fPoR0>wh|SLn
zQGweqs}3_Yu7>~W^&g0$&tmPB5l@42K4SPnGf>nvfcSs+0H6e8;1)~%NXt1*8o?!}
z>&OQq?3g){B|Rc%y6q`kI6EI1_>0jc{HW?F{xw+o`5oPJA`{S751ridBBTF?<t~@D
zn)jdfqsyXAZ%)giWo~ia^MK4kI$Fb{*Ox}n&NA{K<#V}*mdbp--={S@4?;KJg|Z?6
z#S6HW&j2pKqXQ7B<<;A>JB+g?D^<To^L&5wcjxiD4}!j~7xSC%4T--urz_CQd3|YX
z>^W+eW!gB0MIQmtqo)k7wtdE26zlRAnt9_7{&<n7%7ni=5z;^*G$p6_O9qVZp>#qI
z?nBvIQlCd8OQiLS)nKK;0}|Jt4NiAD0KEK5@P6v6JM{5N;gVi@QHDlNchz$l)sQ$#
zZ;~EgXk@Yk?|<7(Q129Er6_Lt;#!MBwhah5W7Ycmx2JENIT(X}83P&iYdIZmLT&h8
zE=(0DFoxZfMr?;A`U<KLG;`9Nhj7D<h@vXW&<9MTY(oA@`5U09KmisLBO^rY5HX|&
zHykV`k87lDgte{aktg2QrgvtD^v$2Pm7njpXBg`B>`2@qv9nWt+EV+yRB>!f88}lS
z(sH1fCSY%ER2T>Qp1oqVq4o;Jcyq$g6%3Y&SU2#&{<oJ1UBO*E@;X9bG$9n=?eV1!
zW$`H^j|w3CP@e?3<_|6R>+Wnqf6rXo_vNJpV7U1<v-0k}5r2`Ay!4F|X(w*;{p{5R
zx_`^#b`1gF_IeP*HIw;zM!_30=YsV6gUv+enoYg^o&BmWru~5bb|V2%?$0N6)U@1g
zb)gYIQ2S;mO1e5g_iK}Ix96Sk>-!y28+13kAql`!Sls`pZ5mK@4|rZd#`H|tc>F|+
z{&6e4f@xPPyO?p(oE-;N3DK(_nYyCwzEQlW_+r{EX(x#GZ*t|Mk^*{a4pl@32S#>j
z*wbcY#4$53hF(D;`NdH@clK8#a|#z2|NXK36<(@A+V>@E%<G(<luaQ>(~KQJ=c~57
za0CC>E2K{xs`$RDu!D;oTz$0$J-+_!zMN9?7Vd(;_NL88)4H2SadcQ_*>8Xn*SdVF
z{<&jhvb2iQKhx;1f&P*I!_-xWRkb~B=?0}6>5w>dgLF5NO3I;2q+?4<cb7CMDc#+N
zmQDfbl5W1^y}yg!e>^-J_Pb`*dgq;4v(}bjFD^EPJIQ-z{ff4>OOFFj$lwZR(N%+d
zW8>R*n{uAgG99CvSz#7#mZ3HZYcAP}`E944;w3!5E)m&i{B6R3&4A3#Va?YC)~2z$
zAy)mj<#{u0KBcm>vgB^9!KUWO+&*o-aLz0i6-c^0xdH{j2ov%}#J>+YEqBK=LrLk-
zD%9V8N-&^l&(V9V?}tfp%@1f+C{u~0DZ<veb{x)`MdHvTtrYqe_Z43(S?h3ui;?x{
zPp>@i?`8d5a%UUwc63k5<l?&B=gW>VXrS{juA4TL?d$LJbMTHdkV7f^y8&rfP%JLM
zx#nSZ-}ZhEFCJDS^loZ!Q=ITUx8*b(Gika#r9*^es1I$E7pmO@uhY>yO<igJ&I6vb
z3`8gLxefLzbQ`EpLTkrm@OwgD-6FdoK==At$)KYa*x7)_`tb(t(|de5W5;}1Ge|oB
z0n3!W&TEbu1K17!z&X$K_TP&x6K|Wu^nlzYp(TUQJ0I8}7zZ>5F(RL~+82sA-jlq+
ztzwd=rH=V7RgO@O9L32g72(8sGL|{Fwo;tcu~78d5<vlhIl;hkgTKXAb53fZ2mrf}
zn3)@Uf7>!zml8G~=w&K#q^R1V*s`Ug^LZt{c7NI&d>4{qx#{onb^Ri@j>hmdWl5@e
zCarIz#II?%jAN2l5aqsMUx^Y6Ja8>Z$&<mAph)TI$5YiTCE6P=JiPoCE^@0jZgU=I
z;%4vy{%B<&`d(0AooSG%%C3xo8@Px^?&QpP5o3*~&HRJ;(&-aXGk_GYRiW9gzLOw*
z@nfMa?p-xto+$jzCHY6)JPwb+kIcmV%?@ITiyy2xVoBnija4$KN%F#J#02d}_*T6o
zh=@~81&Gf{b<$F#g?sJ>Y$?#=^MifIJXva%>?blBws;bn8l77}K7c=uKhP}2)*jzB
zybL`Q_6Oz-2^8i7;t>Fa$yQPz6lEdBpg<IoUnYlVwrFRzB_GW6ljt>a$F1RCTiUnW
zv&~7}8iKD$u-yyVjMt^^F;G;Kdvo;cUx!J|KaOvBYk=U~^dkc*;>vgw_1#QYvW#nR
zzK$ynHUe|X^HjeDo1}8xFQ#-zjCjY${p+@$b$H;<?UP}xTG$C%md(8^Ew|x0E(py&
zJ8#bm&CgMj>J*BSg?vwS$dES`tT7QlS*IDf1H;*WeU^{Mj8~!QksmX6#`EUA_JXFb
zRHh}50`D6mm;!nYog)hSg4$){;gzWa7eii&$|hjU1CMS5iSx|$qp)k?f@p%NgE!KV
z9pcI?((MIhQT1{rRz_9KyWhx_j%rKBr&~^9jV8OiH^(!M=2&z$Zl~+O6${$3xUaXK
zMU)ng=Oa8{@`7^eo{p^bVkNoDApZW{^;^!k&p^ZD*N$Ar%N*om7Ps79)f2^7rm7#4
z?#h5<x&yX#!gDc8r3pSQXWF>*pvslH)d=D*)qeS~iSp%KXQj<`YSeA>(iqGqLM!5Z
zVb}QhMiX@vy%lE0ERPjK-%h7X3J)r_1ZtE@la_MXDQ+$9yms{-hqpWyUI#54=B=L2
zB@d&XPyw8W&gSoI$|)dJ-@i?)79bxCG=PDCh1>=FpqsCN4^J~8Tvb=uWcLS9R*N<~
z>8LIJ@R?xAc|K=#%~Gz7HS(p>;p>rwkMlUZg0Id<3@;gldwJtq$;}DnVg>}L<Pz)G
zXK{-q-^}eITY@j6WH&|kc!MvaK24w|qUtcUO!QxQ+{&DMJD}*G8s%!uzm=(YHrY!Z
z%ylSyZ)Kg;71dm!!$P^14iPS&KiYNH&TG1S4yj+lqDYNno~Hs@(d6DO9KB8{U#%+h
z@cFUywQ(!VTeY0==r+x5?6E@e{PY6p=!fX^uKVfMN%^Fxz$WyfKE$h;=eyRA?mVM!
zfSQxjvR<&|H`H^WA!0T?-0Q0N(Ry^LEiS~+#T-%hV+AeJlB`Gih7swb!>)=o!hI)_
zvE9O>MM#J5#IY}+axf2UZpJ1D)-~ij>hE8!4RKzsJbHsz&Nx-Jx5Tc5UhelfRns^B
zrr7!n*Lpv<nsdJ%tUYW9Sh)CzIB9QD+;`vn?)w>NSN0`Ir28QSMQJ^KD_xVhn!fb+
z=VJzykO@a+?r&WJXa2PO&18QW;4)^}CH>9{Z^5ympYw=Xp>7>IlaHun*O$FF{NfB3
z^nw4Gm*LV=-{|C<tuNHPko$anBdB>BqPRr1T197KrXTl{RMiFbd)OTGm7uL`>`@n_
z_*I?D<ww&CS&+f2<Cl>q%Ow`Jw)8XKi}AO==0LxmRX;A~+~}WJeXLAqvr)kfSw@13
z+=Nnu9-NoF!ibUeYaUvfMjk{U8WlUJgw7G~7fpG-u4yk*)G)Ky#9*5OZ!j<IU*{8h
zq+vtR$+uIDRtM#$VOKn($c&shYl52~cSN$8>9|?7vRbjO<X>Kp`!Ge$Kc(fZU&n^V
zoV}dvm#ZkeJpR?S_D*CK;km*CJ{kQPvuGAZt-pW6L0$u(^(>1ywrkrx^2?TS0&-&T
zMCO!c4Bt1JVyc7}wASyc;zPK;-f2C{-FjM5-~GrvG7T|=`=D6-^0)c%pRGTyxcH3s
zW%ahVGOa0tcvkG_%a=m&TW^tFvrABmKq)UKpM9Dr_eY3dHLWIDQ|q@hUFjpr0W72@
z3}7bnu(D=U_8FY7rStxzk}yS<(l`J0KhVfwv-)GY7@){D<YK|b>DD<o>!j=$8l7gb
zvl{$w(ixb{w#~Vn2x*a?Xe;<k_2kZqfgj(!AedQdpz_)F$2IlT#Uo0BigkO#mU^O5
z`nv?8D1TQ^GU1)(9Nuz1fKbDMZK5|3#tl9^+%y-7o~X**(E(JK!8P-8wTtir;pWJT
zWPQn!5sP666E!<$gir)Z9k)SM-d9~M?S!&B1Og|*O~fYvVrNE&cUB-?C;&0$zy>G)
z8aT@+e8f&zp#!$-gB}X=@J8)M4^{YnEo0kSE>SW-R)1%GoFU&9h~6aVh&lyxrDl`8
zgbU0Pg=~K782=NpML&f-ZXy4?!@#3&Wy1T&I_EG?4v3PW-QwNnx^q@JP7&Yab2Qpd
z+)qcn?g$oRxXom_s};bSE&P@8r6yD(wl|^lR0mDnOfw}!HM3A?vv}~%nfycY)<39$
zf9SsF+zkp_=nw23mS0fVvP)Ja*A;f>PN%+@4>+WiucvofOZCnhFwd`}+4b$_Mcit%
zUEU_^Wsqv@Fv?(*W*I$@+%i`Xjcm643z`#R%o*@=KYJsEbV?{@Q73Saf!dJ_t<$M0
za*$J=D5Ay@Z)NMQ1r6AD#v~j;{FkghM3Sdx7-Ed{QjLC$%y;0yf94c9^lI5Z8Vh?(
zdS;XUKJ{};essQ%G!iEn1S|f5@#>et5XXF*h^raFfj+UTO*}r5XGMZ)lZ@w=<t;E%
ze$>13+fAA{!CSB_Lyev7R`JO*BRWt@gm-^&FniTc8wVlakEfMa*Df+Ps&E2QB0rQN
zs4yA})gZmfx0|AsrP3tdj2#p}B;W3Ya50n`6@SW~c!hBgaG7lB!wn`5TbvuHw5P|e
z!ui;ooM8k*XLxH8QJB?jRC=)3rC2uLD6>zxpe*`{D0smG{NA<R94pm@L?;7lU|6rI
zu)e8dodocVkZF258f7_u*=Mj$i0N%aI$H>9PU*$7j{b))!1K}sv!)~&8<i2+XU<s{
ztMAo9LTMZm<M;+?266|fsAE(swPLg$O7ThQBE|j_Xzxjc*OCn*_@IVN3;eP!WowG!
z7|tzi17~?azWVUH4=Jtx0#LXOaA^VTUp<GxRIe?(I^?-vQQg9yN-C^X!l*%V<yg2N
zoh3`RzEs*L4_M-@ob!Sqh1-m;#NuL~TCI{Za}fGtI!+_?6qyS1mme*0QD4yK(5a<P
z(?psnx(%zV=QFXR5gXHyJWvgh7AQPn+aMBdj5my6?V%by3(p5WGU6M}bFvmHWILnb
z=Va%52H#>Nv53woX_lS!Ua=^120rgFusK>BuU~V+Jz-l#K@67Dun9O`H0H5H{fAL+
zo++k&Nap&5Y$<;lYMr5>u9os*9obJac8lhXKq(HZc;;1>kwY>U!qY0nI+NA#;hw+^
z6Pjc|N{lVg`D95^AJ3I>3`5gRQOL3ntI{Vtt6;uDmrmg}ZDMNOeu!xuH}g{h_)i{T
zomHs&aF_h~2S|w~`Tzbs<3E2d`c7)gt~`E$=v-5iIF%9|c-MsUKJ%-JAW|`pASXXE
z)Rqc$f@F<m@EbUw524<$v-Duj!hfZjN;`xxI7K58RH&vE^0^l;#G*h}@msuuG^4S5
zS!}2lkWg~pObC5KRj)%GMj>CD_*ycG|ChF@a%DfKw+W+DC_?f@h=T7VO4e)fmwSk(
zKdl_+Nta%sx!PT;bWmL0>`~NlBD%iGkkKhw?P#S;d8^$1nvut0mK?mE_b&wDc0R^n
zNA<|nJaz)1a!aY|kNKjf;m3UPvP?M@0IEa+T?j?~Do7bs{*?}sQSq5PwdeNFygMsC
zMksd(Gxx|<KAXI7a5pm<BaeQbEUZaaNZj421!HMo!-Hv@fJkJW(cybALLTs)={*Wa
zG!z5BHel`<BVQ_1_F1EVUJn|7il=^NiEB<}!bGPzmfFo95h4o#c4<^%nX>VKDBlDG
z^k}~)O@!_7jIoXQbtqJ&qA0+qGq+dMzBRxgtPViC8s9`u%k}nNtqEjbJ=RdI7UdUa
z3N{QWII9;{1)t{M7k@w+{M=Suy8NDB@|JIcZ2!ajQE3b5(dB%J)P4gh5+k|qS0++v
z<;qc>^I8+0kEl?A55#SHAfsoTpkF)>7}HFNmDfrS2zA2l+f+$-j`xB?;k)Xq498Vl
z1VxL#5G6bU=-P<0L!>fyC>2nYpb&%Kj+pzA`*}ah_iOn@%exoseCqLm_xJl8!aJ*5
z<Q&gY%Vv{ONY?(|P<w)*0FMg$BG&#P-a>x{F+lVg$@&%2)~f>-0<?E?RScJXtK;u~
zk5C@>ox{Cn1$BmaZ!<zSbshcw380&>66qNmoCNS|C2sN(iS#tF@=)5a?#!J{Rv-@p
z{o*gpmLUdpqdd9NX-5nymY&l?UD?1K$Om=h=6BMclH%}ysLcbk<rBzz=xY-`9L_U+
zlzY_oY@ck=rL5Ntkh_XFIV`l@WHaw#*C1#r*}mT>Zuw2F-QPzP%Sq&I&b-_4U}eoV
z>OXpEefxQ%ewi=tbaH-9?MR2wxI=|AW&)tN1VbAkha$c+*0@_JZ(EaB@~D`kRqeZM
z?p=G8^RiI!Fo)l3tOA#;$%H+viHt|7O5y*GaTx(8H)G?JHGohl;eD|p0}6FjUg(}4
zPMMSv!z4!z{~NvQ5H(Dk+$Z&N%!)7aBKKl+<~J+X3G-2BUzi&KvC&}DSZ}>+Hs$g*
zS@BFQ_|n}^-T6Jgkf=xHTr%6`-nz=!O4Q~DAl3PeXaD5s^7`Ci-4Ywm7J(ue0ynYy
ziqIGq!v3D~0hk|2=uZZ-MY`2)DA=caGtVzQG2{JRh(IwgHGm3C1GbcQ(^2b;&k?sS
z#yMbNn?<<bLt_44T!~1h-sSJB`J%>kqPV4l9FYT4kg<NkQS-&g=sr!;aK?};T_L>|
zusv{>8-190ykQ5;EqlR~eH~kxGfK~|ru)=PWVefliLcknKkA;j=0Thu&e(Gi*Sq-=
zMmKJ2lM`SyQBt@~Wp}$hd8fLqVtvrGe&-itWi5G225))$^I@n%{D;qFJF!X<hA!xM
z=IXraRa^uJ@he22rw4`H^+JcbYLGw0ES809_R~gp%W%ul{aV#Y4+UE$(yy=+_v3}W
z%NrR$-G7!rps_eF6D_jypJ^zE;g@SZkn{r?;2YedS!3Vo&fE}N17XNzru_=WeUo1C
z_CtQN*<n-ravoxb+P|!ln+I;mYegn)VJ>E;abhZtshyOI;O>njZbD=WbDHx2z|=5y
z)4^@2+AP6rSXejpbrd~|eV0vL9eA({hw&G-HQt=4!VsOjnd0z_Ft>k!07Ph1nNTE^
z$ZNXh9O2kxv5JoRyRXdiP`l!3Ea|M?jWhkWzut!R<iwX0GX5vjM{w{Qn(a${-ZCQ!
z>xk1J3aiQIeR%&)3klcuG3<J=P=>~^k{!9p&mxjfwRSduWwhoESkbW2vr>Oi`|v7l
z^E&_Cb=&Rr<?5uJ(|4f8H|vevOVO~FX5Mc^t3K!^DcgjF-#uBAQKJ4-55T<0;7nRW
z7iuGL#xFU%lzgFt7&^!Ff&gvt=lLHELUh35&*m`vQY!vSZU+zZl9mX3Q<BVhgM^gL
zc&G6P56$w03Bs?r=Pwf0ixxau@eRk;9MFq&aYRuqfzx*l3)TAmVJapqj{Q@*@0!%x
zGs@v9AdtnZ$(ITtkq%6STNCleZqTxUow7gIFWr-0T;dv=RA@MvbOBqHDW;r^A-b<P
zu?v_W4Jl6A39hED1hZ+AFO^XKtqa9ZTCx?g<uI}hS%zz*4_cP6#81i!auu3K{Q-mo
z+;W{7A1J3Td{mkBaR_#f9Q|1>GbTLC3pBRKq&3|b+x|qj&d<goS58|`oo#SaO*`W?
z3>EDV<G?0ky@K~)B}BpclR`o5B>k_QXz&~})a~rXi&@AMq$yuCfH%u)<R?J`nwUbq
zNFA~||Ak32*Xg0duvhK<L*GdxFbltvSfiQoPGDw4jgp^QS04<Wm{!>&Ch~Ie+f4kR
z-O2rx;u<HiO9qn|_jZ>9X!-oQnOT>;)}BeXvR3sw)xp^N4B^cgiv`!3hCumSO#!~L
z^X1HBN0CI$Z(F%e)>(8*o>c-Ovn%*pi-&IO59JH>!$&t7WE(K!zAE`QZ^@sN|0xbA
zIY%Q2DYR<JxU~zhqnYbDQYH7xF-u8)Wr~oEr)w;G6?a5=S}4#Dz;*r??--`s*{0am
zVAvF#!>iNeouT&Kl@<IrE$j&?|E)kER8qGWJn64AT;#3{e#ldb<ry7XR3TT|Z6rB!
z=P^LD^r&%iPCH=1+19&qBHq{-d!hX6?5#59KX8UEqvHe>TGOE)jZO&TD((s>8YC}B
zkq+GeVq$5A_z6O%+{s{^Y@_4+|C3S1$}+;rtc{=JnivWzRW<k{Y7ssVTL&+-ZvEr#
z_1hVe(kPXIMp0Y;zWYW-@az<0W$>hpi{T=j#Ob;`X*I^#S*ynhPIH4BuAP9x;sMV=
z48Mt|&#Yae_gD_}&Z(pEH%bCnz%Pfdn1+}#_s5G|!la`Sqo#*-={H|8u}<*sUyjL(
zrVh_zc#_tuRDZ77gY{f2j1xNKj28++!ed_th0-u{zq)6h0!wFeP`zh~1(o1B^eYq0
zZizg_gAZBc)&%dm=ihCL5K8g<5}A$Js8zl>%3tw~uAMD0d8h{rb8P{(rk?fzTWr-$
za@M8qZ3>nR3*?tg!@Ztsy=iJl{@1Y6m)%~JsSzc<>kYyRhQAieE6yI6uP0u7^X`8y
z$&DxZ0Zex#pHd@~A5LRjfK6t`owQ7a@Xp9ypi_vL;h&P5n!try_4e&=3!S2YkKMZm
zO8M*Jq_z+BhCr^ZVIsw_u)olD@X~T3i2G8q3AL`IxIwTEsa0^hj(_3(>94nOOKDj4
z(!!XhP9om;!v&-NRC^Z%nH006K;HP2XDPC}d7PZSqo?6<e8srM;xR8W98%x7CwKpd
zikAj?BmSoWa&ZsG&BrfuM=Mn0s&5slul0e)pY*&I5@(U2UFHvGJt9X<NiRPju7h8M
zrx}we=Wp9AqW@FuQc@%24KrF~7I)wzD$rzN{hV^8MN{S^9Z*F0^E;|;Mjl7#{U;0f
zb?}qv<;ThG@V!MB(a{3)8MKNp71i=6Q*)}=8)lMfF>1F)?T*UG>^A|R6tCk4p-050
z38Au|5Zu6&O5~hYpTPV}D3t@q&kF)uFj9Zu$eDl}P)upC%#^Wv%*gs`BPlMoD9{6Z
zpVrQ!$7`Ll`%fTd+(bZ!mJjrZFK(=Qd&=$YJwAKG&m$yk;mwz&qLp#kgTVISwo_22
zL>aaTo=*q1c7;tGxq^)KMv&Ta=2i*#GNBRP^C+OB92v2V3jQusF&12`__@GR+Ju!V
zR@+!somkrVO&HCf?+y#P&tCwpo~znt_w8&@08KgrJRnzsPD9mOpF;y3?BfGbdqks|
z4RsuFb;V&jeO(n1%Rfa3-WSGz^eaE2Qe@+5^|V06<f(jw8k2nL&Nuy^2jd4Ie3&>!
zdnWLldVh`DO`ePAEh>$M7D!9wGRvC$d1!=FdI8{q%Ub64mD(=&zLikOM>_2~Y$xqm
zHtazEz2SiTEZ5=uEoPyWwe`$=(?Or1;T>X$l5r{;$^4J|IR7I~;6H^j(J1321(iab
z;>MN{T)~sXmY)l_$65hEs?n`w0V#NNFSmIm`3HJ@t*)mVc~RUf{ASW4>h2^MM`*k2
zewDeSFwHUQ^u(MM-Q3teZE$hU0skL!rZs@lr{r28J*&*bdjXbm_1A165^^E3ud2T0
z3!!}j@=*66ZM0N=KbfCWA2U0wk<eC(^uWMQ4gyO|^F#61Xx5_cucYT&t@mo|l!HzE
zO+=9M{U>v!Xcl$r`#dW#bWUlm8uIDVVa}FoYQuin%YI0n?hF!4*r>8(`6r#_9Wd7W
z7Uv}wIj)xg!O>2W)eh~J8wu$LAV8<yhPrkPs`ctPyQ1}zQ$YikQPVjqQPZ8`lyZ^W
zNO7drpIg54%&XAyPuJGFKju6#x$rK2sn2Mnv6mi4+6gsa*{0;kz~J@Gg%U+(aQ_!5
zPq=e9GPqB-QN|SyQpGw*$&otB!G|#n)WjB#@Ff)k+U$YA0PWv#n?${ZzVR*81u1SY
z%^RbV&{Y%i`gU28Xm1V6n-4q9SyY%jhmyg45h1G^T>5rEEiQnS7YQrnUJe;YVb+N5
zFy$jpCH$Wa3-B^0BRaPlp;Zp@k8W-y2^Oy6{h&a;LZTO3KWP+dlyyrb4@KKcp;ek;
zO+qW!f2%ZuKgfSbwo&{DfExZBwrn7)7%kF5iUjaFYSX3~Ufj%!I#S>rs^J~(YMHG|
z5HvU>Cs(1fKbS1MR533~e}%O00eV@%px4=*UxW*;>%}iM4S{yyPSoY==f}L;uOI7O
zUC)+7>>tSM1oexr9B0Ibr=0+i)+3(|1!hxW6{10#?$FN9c!4jA4UKp1bx#@)dR4B$
zv${c}6^sy-C(rb=c--OM``qE;qdK9LT+IyI`&8+CRxv)HY-^9Sw+#(ALkp}p4f~m7
zjy|`sn7zdKtR(bzq{sDxnJdR+s7jaeLD$C}On+|Cnx4*mARD=0Chi;Q&4NPJ*S3YU
zsg^o}WBrfMG%Q6)7IHwfQk2KL+BzOUqL*b9NVn0%GUG?(@M(CrpL{GmH?<nxfFjsE
zUhd_AF&)~|=9J}%>G$nR)9)3kI`gJ(IPn*<O)C`6oVFJ&s2+hl_MxAyIUjQh${Ifr
z-4y{}0FCg~yWKe@qWv8O)swC-_&n%t5yB)tU}c;Z<eca)K|@l;iD6XC+6E~bT&^~;
zL0r7<B%D-MUuBauUZCRl37xf-=YWO~o_N0bpz`h6ZRJ~?qUDnDVQbfgbH_TQNy3ne
z@9xq2DrR{siG#C9mePl#W+i&F0QBfp-KjZV^8$IKU3peHU-Ubq`mMDO<`hnkwht5U
zK(6-z4RcKrQJCuXJw7d`Z8-%X*dU*gklSM$cxZSy&^=iSHf{~;^dgYDDx;YY?|viC
zWOvl1C<DGJrIFJu(ZK~LD0)+@U9wj2W*N7l#s9PC!I0(YMR4!q1^s%~F3BlT2v5qW
ztUhyAB^F1*=<Ip5uA4<cKQ$`E%;6|w=Ja*>k}>gc3fVC4_{F_YMep$<xjLO9^oqI|
znMzR~6wIb!6dx@lYO~q;pJ~@N1?Z&1P!ZOW(xpfgn8FbXGUE^1m6R3Zo8b<j&WK4b
z2tTITsJRx^>Up@K!Ue#CPaAgecftkXKB5KaXy*|FQE#SF<$a*Wx|>Bxf&Nh104(6t
zVX9mnosxI2ui9Qp0~2W%WlM?Ec2WG^i`=}9w2`g6eD>0&gqv4h-QgqBkbfgJbMOmJ
zRBAA;7{tmhtK2O0SRi6Q6Oj5Upd{OAO$^XihT_5%?1N1H25RObO7Ph&C0M7(9`b=^
z{(T~~Z6$M`NWW&H;YZ;t5zphb5rb%_5m&5*eTk#nrR+fI9-ik>E+i*Dwkz#R$#<9r
z^YkBw$9*ow*2Bhs|3nTZ2T^F{RvB~uTiAm$(kYGeBLCEG<*XP7R3zdR?*-`UM8t&#
zvKz}0_gcPvh56(D3#jA?5H;3zht=6_hZPji*|YF>IG*RaZbP%nUn1CX+C>K9QC7Fp
zA86jr^HO|iBW>f0GA73$yOks#-5iHnAd_}Qk2GjlU?3@P_C=~1B!FcEhiS-9225ul
zMW-<-5I?P(e*AUqfrT75X!yw$$$2G6X_ZGvX~x;DEOM0=adM&D(y_SrG&pjhHTME?
zqgVs1aRwLS!2fDhxy*;YR{OWUP>2IR+(URCuUb{W&pBhe4y%&{uFTrB402AvbI}Ix
zKr{fAsm{W6^FUHt>)!9>3-{{+1ce$w_8)Ifxp0oaKgn?0suv2DXdRGdAFkK(MJJ8N
zFi6O&DR2~}gocd=BgE3@|CN9r2*qaK14WYRZ#I?R1`oDoD5H$l&|GlwGn(qL?*gD+
zqX3L2O5k6Vn4P_pn5|IlU$88>E+LgRG2s`AvhPY=YWBYFz#A6I(w`*Po)pIA)b->O
zo<}n3Ao1iY3Dohxd)__1X4<lr$(pvr`)ky^KAwO_6O?5x0bVt-8wFz7vW)w~JEDoY
zUUJ4YbDPEXgGS`uqE+1uSB28Vl<hKMx@W>(qf7kNW`kSg?|WM*-UkI*t)lUMYt^L)
zxJ}ZxXn<4p_X$BfE11NXM^`YZp4k#}#as%TFl^iVuJDr&*HewfV$=I*s(HoZaV_bD
zWW}8Q^SB2P7K!1N)dR*c{in!y_=6;9kkEgU)OS$4N<NZ$ShiF`--3aF21`Sp@XZSi
zb?NN0xGnUc|F`Bgg^R+yMT?+HQK=<n^C0)&CkrHNYY4<y<ZeIOpKnTrPx>K6;BH*(
za3<;=X-UxC%0*v5(Chi$!T23TH4qyl$7vJbz%fcU+&=zivSASQ_7jH3u)|Y_oeJOx
zKzq+PJfC|K#=Naa|B(=>ULaoJ^k~P5X!`z1S3#qmG}Iu{L4Tqihuwax;yWE`bgLDW
zH~Zf+=!ddq`bt>>SKT9j@x@(S&R0>rn}V;)5=bd388G4k&`Ai>v#UBl4qVWh`K1e5
zl_@&7kFYaxN;8k@yEC_SMl4?>UU9(J&n1KkW@S}OFqt1a_6h&nZ-|Jk?~ANF>Weha
zuApf}$8VwuNy;`=J@vsf<k33m6pnt_%EcaovrOs-%Id5x8{C7ve8RoIm+qsC?A=%j
zABX~NDIJQ0JQKx8vsJ~Qf0a(DF;jSlCZR+T=!JRsZ@sv9c_;fwDcP?~<^jcgQ_k_~
z%GQ8hm*!s(Q0W&~c_b4E1yS9K4%b9eN{~qIKYw|8)7ep*R&o&FUh$~6h;rN9=)Q3t
zzm6SXv>e_@y2+}QhXFKGj?%S2E$=e12nm#9LyR*(r)>Eypl(^})G4kXCNd4a|0X4$
z!?#%(8Zcn98iXEa@YnE*<U2jB6gz)(-X%x%UM!@C>iW{5O`JqLs+g@YsBOEnY=$5@
zy^MVI7I7OMJOwHVj4<0p6e5|1?fVlPCkcU|8Yr{$B9|n{Fq-FJ%EiuW7zccjltiJX
zYsgLimKsQPTF8$6SJg2@cvj%w`c&ZKqbiu@UGwJs?o>Bby?wwS-05tk@u|75UOuWl
zydN9#WO<x$nT#iHPiQq^xGByM4KY?nBbnC39;K`Km)B{6jLVdP6Iymyr(dy!DLj{J
zLWAP^XUke*19-;F;22G2GhDY$gs!(w<5gU%M{?>}!GdaRO1W_EHlYv#jEyO?q>V1S
zszebiw}@JxY9)i*pYGE&ftNjY-W=;(B3@Ne17PUF+#gl|>KOJYKNu)8^jmsRwwZbS
zkR@RQ_)WSjdFH*db?N1d_q@5ks%PIJ5So9OZhW*;AUWb|FkM;9tzGKM4Vg~XuMi<s
zb}{o2Nbd%p_LQxJUE1+cxMZETLc4a9zC2D(v|L!_0KeImf@e&P1ZMM7K^bm5o{0ab
z$y8`+Z7Ptl!Jd)5;a)PbUpbaTrJHJn4V=<&aRx`nGMBG~%P>z>0=(wvRpw74=ExxT
z#0Nw#psPCtbK;If(fp@-l<Ms=1ZHn-lz@#TWn#X+S42+`(bIM>jf*?UW6zn>>3QM$
zVMijGE6VaT4?Dm2j|Dh~j^*%PkmBaG^N+Q;03v8!QMKU?gD8LWhyOHQbSf75O+gZ%
zk!V0u31t*VOntasohwRWH*38QWc(Dyaup9=fPY_7Ln>5}jf1$MEv~g|I%$;;AYKc?
zl6uPNhpCJD%V8M9T$VI(*;=FdV$|4Re}&c36e`Wl&iaKK;j{Y+9*uivGSXI?Uo9!S
zN6HuIz$>S)q%AlXrX^9=zKxqOf(KMf_V7ew|BS(3b07a8g(j4yK`_;Xh+`)3uQg(D
z{iL{KVhd;r@M!T0xwGG-f;oOz%HFGNnh?H*`>+0@)_D1>`sx<OLWhBQsglW@py0MM
z$6Uwrjv0%&69@lx@$E>VWbNginlJFvzkxq3(Dyrz3t9wus`ZzJT%n-kuu^WjI+G)1
zu-{{|u)!<Uy+$6MDq$CT->V21#OaDCIFX7db2w`#Wsk-l;bTo&uq)>FAV>6CB+|;2
zp@hW-bQ?o^%<WJHP6GPAhvrA#sXQ}Dmi`NG<kA8PZyX8_u;GZzTy@hOVUrmDvUwlE
zH_>&i#p>4=Q31Vl&!ok2X6_KvAg!&5$()Ym66A6V{xJo@+gbzv{!?2RhKk30s_?WP
zkR3jCy)JFFd>0q3dnXlkU&70TwaTSYwUDo0*Q0M0UUq}*{<=|f|0mRqUBeZsvj+gd
zw@YVZCf4`EV`#9XbK#h6f>?WTO^%I)HcP_OzKp><x=ZOzqHTwmdlsXvWiEYSWz0oc
zV_Xc9wIAr7JmJvUeZhQvLO?fclFSwMVuE>w@t33e0+ZPUa|(`}WQl3)0#y!Im5kcW
z=zNIr1o~4zzh0moUOSQjQlX@&&p2^6are%Rj#eZ*B!qL~A`5Bh4LOeQ;=b~(Vw}Ks
z6OZd+!PV9E78rKXZo%THQzgLi*syTv;S59~5MeBWar^Sv+k+<q@t;l4vOHq}mY|(#
z!t6=b3cqf91W?A)*r{J_k6Zq}%$=-IO~(5YEN1|K5zxlDio5~6h>yRwT9#{@Ds0}d
zbCzlqo@QLTS1j1Iek3WF={sb<TKBnsd12^dcbVohZ>x-@irJM;%)`YOZ0=<BPw2LT
z{z4Dk$%?(R_+50@gSQ?#r1&Z2VhHw3*Sovt<Azo^x@1okoCs0;H$ej7A;7}5nXUie
zTcxz0X-n^tN;>?nHO0)dhYz*xZAz=X&Che2#$6HadOCJ4fP6RHiPj#GPjDWb#ABd^
zn99yM5fXE_f6|;Pvfeo;kslzB(B%#62#v~SOtXhbbjT)bg>QqjbO~pSyP1I6E<Tc{
z$oah`xT<Fbz%uU=_deaUW?rRLvm0ZW^{)&Q!E464?L@Po-(2c@_UiKrZpXT%J=QN6
zyI-K~APiHhpTZ;`;r@*uB#2AUw=NTI7f3<&n5*^qov=0H=H4)vit7^QhnVPTK1}$r
zqc=X;0n`#lzMbeLI);J9?YKX!Pz|uV&Cd8482UzdR@pN@u<fmv3(Dm9AjG8=UkshB
zcbI{lMtNcv0e2g^&8#$PpUlA^4-J>u$CqZ6*-Cjf93(jZAmP-gMcbE~Q$EStSG{Q*
zjo#rZPN3m(4tA6D)AX~Vie(7XCDo$JUXE8XQv5py85g>M?%1Q?5aa9u4VOc?R5TB7
z1fIh}X8gx{wid}dCVRFK#pLTwX;4B+RSMg`>VVUjnc26p0=}cujhH@k_s3>#sZl3Q
zv3kPu9%m(Y7TvekWw%Gr`X#tihwy*(OYlWS#m23%u};wrB;E7FCUm^n5%wQT>js+u
zq7&}<tNZy@-TA4$FK9T;v*a^b)3<TvBuNNTjT5&Ii-AOJA8BwJ1k-;18?&7Vz|Gjn
zzvZ9zzABf%uTqSrQB*qYb(gR2|A5^~nIJGkg&KdPWYqgNoo-k#ZH_(abAyi3iGVt!
zeKBKY?^T84V_9f709fK@&*$aM!rLpGlzVYwv9{K9=Hc;#7oVjM>p@Gl&}O3@lyx1H
za8p|3$b6<4Ev`^m772M1trTY~Iwy4*#yGW1PHA8LSK+2lPG%7H<kR}_BJ%uq%d0PH
zwPss>t{2SQXfJr;{T4Xubv<#m397>k4VJGmp;uvalZXe4Eq_s}lo?HOz87-)U75bg
zUirFw5vB5wy_yBpqWrrs%)E%4-C<qUAVJ$)Fys&*TYpntcac5ST57qgayHcHd{ndl
zn;%Jg`z^&tp)EI@00HqwxIIK?fq8S&+E3Xenzui03s>KqdU&<ie#5j6T#y7)%|G+i
zqj-Q`$LQLGQQ4vNa-k_~=Nj35JPKqcTNP3TPd5@PC1Xhkicf4;)$@C8DWqU6EhVi}
zL=`Jf`8kh@h6@6jPcM+ezs?Gy2gUy-7>Qjm%K<6Xc@7Ej#!nb1))p)H`aWIcG%d@S
zcZVPRd&QPeNc!Rgua!_N?R5#X0XNP1+;5kryvO>O(#aXx#P7IT9;+{IX7q(-B~M0s
zr?3gN74WB&6^wFNd_!vCDd(+H!US+$#1KV<6v&A~Xe48FP~{IOVTc^|y<u@|pOl0A
z1NnI3Tghq`=xJRvzU#`MB)UiOehe}hzzVj7w99X?-tXt~#u0!TP0{V25wO@WC$@+4
zaMZ^vE24WdrRL;w)GiXYq<2$KaAJW@{SyDH;Ov0vrS3tzoHH9O{j<wD3l)uCj<hHR
zBN0~J?mk)&MN+%hTfbw+gaY@>Aa3K(4^$kivNYmK&||Q8+}|=apAC^FM?HnWn98%O
z`VA@(z%Hfo<-7J?KknuqI`~vh+uVL&9N8u;&v$z*MLdS{PRR2)n<_)d*7U!IhZXjy
z4|1}v#g|cj?ww-z3`++Y3n|Ro?rd`Etnk^6o>SbjvOg-0z31^wYKJ%Y{<&Sj2$szk
zr5T>`*hI?O6eA?XzCShKYa)#thnz{Kbn}{Y2;jSeq`3Mtb^B>O;0->!@U4T;Mzb0v
zwG$icVxwgXoe_(%`c`{7N1IU3Uw10ctE{<Q6`Dy19*t$~`>3xI=VW+)R$6TV+mDH?
zG_W|?+SA>wOUt@qP8d8U2`cos{LEDS$U5b7S?e}zXWi>)fhDglcHVO@eyRd&_+Qhw
z7(N15O9({M@l6oAhoB71C9@a5XAmwL&=l`5Xh+uyYPrkSqL1T=O+!A&Yj&z*%j*Sm
zB&J%ozcX6HdWxur6Vwl}VV|na4*l4jzBG9etYL-ud7!xj(j{@pn%=7BHr2yzm(O9h
z)s?H(wvf3T#uQ!(0>3>mv~b6!o4$*MUPe^5cwcAvxF%zv(^dI)7#B*o>cFGB_<A2c
zgY%adSjS{uXIH>8HpYHID=FJqRQ5Tx5|aft9sDrCi-L~+)YvgbHbD+bHh@QG{eV=0
zHbzzvl+*x+kKlxKhN{#6H$B_vABF5vU}V2<=-msf7X7++sheAxJ8>o`(?7NzLo~D>
z=E_3>?-^QW@8fQ)``_NsXLhwpH6<TMedKB3+yA&qu|wriiMIbcO8Mlf56br{iC|~^
z;&hO1A=t(E&R+)1*rnN{85^iB{V;sTsL1w&tY6gQ%*5kGOFcvs>fXoK#0J1N1)9Qg
zwzkEDXmsz0Xez4fO>u9~x4v=K_w&PD2jXjYF->npgf2-CdA3!WYJ?@NJUNEG<nqmi
z!nz>EHP=1f)(etOk4a!MpT(;|f*3Uj3ls@D;u+C33P6e}RG|E6O1!~YiTAD)Z}4#P
z22JHm26y>hP|k20;er&Q?IpnfT7`1AJK}ewK)*P0UpIb=fR!L)<3y!FwZfgnOXWh%
zbJU*KK%(MHR;hf`dDX4W#x^!Tzx}e#&@aP@G)!04b9Hg~bhq~i{ZwuEBhS~A&LVIl
z@|2>nCTF19Fs>N4gxojgX_TL_n>0fbQdDm^vDJFwBLknO0B|1w)ZEl3&iD{S{x!uQ
zz>3ugao<66j3_#YK%lGh#%mid^&?_QWrOxg%HB2QY}i3Ytv%!PqqEhBnf)#-49YDc
zhOIe$wRVIGLrvYN5LQ$#5$0BG)-*|~0p@6$ha`Y@d+^}-JW#aZ@zN>2(L3)&p{SJQ
z@_kWmFOcbB(RFoTCSsL3BCVuB$gM<>UBDQgS^%<2r79}U^Xr*E^xX)L(J72&7*Nl#
zESgl*OaMRNRI3wm|Lt09Ia8fHyD4IvMzCR%?Ls>+qjV0fc|2GTOWboizsyxy?Mz%q
zcOa$7tO?{zduNu28CaD(f@~KW0&nc&-+K^cH|vY5udn;_?J)!b)Xrye8x7H)*%p=N
zu0b{}Q#T&zPqKe080fWjCzyV4mbKLlE{pe{w>^lV-RyI{+{&>6`#Dz+(Yb<sSvtIq
z+sZpc4&x1n>C`lmC6x%0R#9MHJ?#?ReU-^6n4wpzWHq>$=sMDu{j~WkYIV+q!0YC;
z$38J0b@{>7N#l_s|L827gzKeN1!;@Lbc;x8_7w)2rSLH}C!5E)>x=$#gUso^PqU-b
zUi4(dSoH)v-KAlIXQdZmpq1^dbFe9k6h&kX$I8C9Q?oC3>9Rx8XH*zmXp_r3jbvvf
z<7sXw9c{6EU7e};09_X3N%<E{5eq-$1Kz~`z(cA{D+KNRzaF-o%CenvUF{OIMT6*P
z_arSV%F)k?GK>f;g@{fT2F+$D`Px2Mer-+pctO&SkWW>Lm+WABh}6WwZtA5&u}>*8
zg71UQ(^T7UJp+`kkZr<!+p#g?4)mS+_@W}Uv)u|6?i(X)$#gNhKSO>VcF0TiU!i%r
zC2}lQFG2*0tDd{z!@+&~J3)iVD^d+8bb1=wmtasnHNi<onjC(@`Ib}<*BhJ4-M>}y
z;cb80UCrV07qJrhS;o$;8@rXvdIu1AHS(>{t3wx(x-tGTifUU6GBL}lMXw5=c;sH6
zd027Vi~km%tOL4)!CD&0x=^q6qQNi$|DBeR9yisR+~fSFLr||~v`=q^EBovRgM-C6
zc5ZSc_T7EOwd<wiImIKGdgq@0-v044s-<YJMo2W~xCx1)RrKfp2Kr^-^K4=8ue;Y>
zhbYT?qb60AfzKf2%Lfo4iH4e$g3;Kk2vd>B)RA7b;0(+N(-)ER2p2?2_UJHl|Fz-w
z^Lg-Dd3clJ?ZNV5(mb;xg<{}irBruZPmWyUjqEr@YO`MTClRJ`RG}Ra`7SKPGfI0`
z3(AsEGIuKKQVy=I_$+Y%dus!;sTvGzyprZtQ75DCE_sbBN27v_b0L~g^qpbLSnGE0
zJP#E7<bMf$px=Yk%EcQK`raA@=Jo{*y!zmDvFrNVp(Au1bO=$!#ju*~m|e1h9#Y5j
z2jXEQqUOr;Mi~4PUXqghQIWZ0mmbQ-B#8f2$0!%itAvA_j<i+#@m9KK%CzBROhGa?
ziQ3QX2e6*a*>OV4p!n9qI2mWUlM*T}?ARjaoB(>@ZS32rYHZ3d%g*NI=#Fs4rwpb!
zyDu3$W3E`q>R{jg)!bkWLl*r9N%V!eJz-n_{Z+@K0X*83H0ki!qk`vP&I)<OT1MH<
zbzre@{#*%YzMU5Ll7-lH5EZPEN2C}74r7==FOcO-rW$@8$~7P*%c&$c{5@4u4j_%?
zQ$rbdOz%_F^ecGa5QaYdH=v+;;99zPhvM$R*1?v%-J;d1IDTec;ysG0cw$(Q_!`dV
zs&q)N4a-Q|xtv9Ta^JzPX<B=}%l2>>L85e%Wxgk#7Sb!jNk}n_|1*~;JPHgFNu|6h
z3OxlWnJ9~svv+>%1tQosC||@fIcY09r(UVJ3>$gjKE?dRu`Zdaz4ct^#H2NP^O~&^
zo(9nhg@Ekjj-?8Y=1VS70W(bb>s{vTUsQT<Iue=3aVxl+5?OOL+noN{qc$(jQaZ-W
z5hb#SV7)gjOCYJ)RM5Ol5?ox`iep9-A(^4&oB*)@DkS9~yn+9(xDvy7_GNVcW{iFs
z!46gSldH>7z$4hzpGSIWReW<Y>zeSh`xgFrR1<ea7(CkXv{yc++iqFM^^Wlr`GpTC
z_g4G(=I)^*VrEKm+ShS%tK&%jBwK=_aR%3C1e*jBF9q3T=1i`F;5#M~L3F_&z&wRA
zJwIMkMy*G#H}~^<c}Xy1%)%C0%@5~ZQ%bL_Q|QLn43*Ic_P-lr{Zt<5W-i_%*ierk
z)3iUjdbpLi0Ci5mhTSl3B|iSr;`eLV?bzh))?BZ%DO_rG46`7$M_4WRXNVM|VAD1y
zkj1ej3-Ov~ohYj5%ZvN~Ku-JiS?B#oVUpcZs$=4b=m5oGF|DQm9LZ3;FNBVfGdT}}
z9}`ccs163nrBKqC;qP!IrM}42P{Pj0qX~C=|9}&it(vW@@z@)SPRIDv?EU_wa4biY
zh+K%XF9|aCDhc{~O7)PMBNkCQTlhArE$_0&turIhG$mkZv*{CDn;2ZvCE+yaLB(^x
zX0}F<D%;M=fqN+WLN?(1x1!C;5vI(u%ua!f50P{6W{4Vzb5w&I{)|KD1<afQ-xc@X
zI?*wNtTR!)!DAG65`0vZ>w#2DZiKXLD?^|CORtgSW-0HozIQjaXTYHxV~kWjuj>Zp
z0WToL-e}9euCEv#ORt_2H6Y`)&WEq{*Uyo6tj;mE(0xe6zQrDj5Y6z-E}7M)Wernw
zclAp1lHI>ev~No-t;g=mBKO(OenaMa&PBMo)91y<nTBBw2BoL4_;GR)jzEm~I3-pg
z^4-juA;MM6Jf|^2F#-7(D&SV^paftuLGkVZwkzcc=1CHHddfSB5h%=i1e8@^*Ui6H
zVrc`L4##W5eXfxFX#4r=c3z8iK&0mAXpgV2F70fI(y|3R8>{f3ac<2KIWvWOD9VLm
zc|76D&8@<`lyQZ;xo%sh0Aj)u&A<QA0zd2%gtcOn+32McgFCQ|nz@BCYAudXE~ls4
zm=mgjz2#0ytF9dm3x<LFi;5$RJQ|9sABt)i7UfxLk2oey3r`%_H<QMv0}+e4-*svA
zh0vrc%)+--wf&{Vu4+SjxXClNc8<-i)Hxd+r`eq`4*ZVPcSc!e?G>A<Cpyxx@);J&
zMv|H8>ehNMVgf>u<@wFz28pVDe2tZ!njZ9|m;Jd<_qtMb2#U;%U|tTj&l@ND8l*7}
zy(VUx-Sx%T`>HQoF+y)cl{IV&<=a`w*3S$3u%0$KaY8)oP`*vt#fG8$Zy%64ZQC*J
z`n*928t>_%pVfK=24dV9R6d`TWE*=w6&e;~r+c^+ndqQd=U=W?KoWMRPcW$9==!E%
zevsnA^;Q(NY*W8_hA}BQ;^QW0B85#{z=?1NVw}e*6Fs6cz=st`qpl!Dn8aS3peUCb
zjEC06EFVY#eE`VAc_KB|aS4IbJ?ac7sVTgKDR^f>ITT{>g|i1m9|5})R*NnR;IW+F
zVxu_d8uV{yUEXl_4`Mm*6)Ck)c&^=a`{mqs*?0V&n75BDYX0#h&YtBU3AieQAL6nZ
zHakKJ7IaEJfV`;X4AHdOv=7}7$fLp2d)@<R+R)+VDCaI-!Ko5+1<xrz+1Fhn>Htzc
z>SFS4b@>x~@<kABVY6vO);7a?D#wABscCg9h!ytGq}ZrQDgcgo-`PD#B%#|+#q7c6
z6K62Yh}Vnul&)vym~iR*untzzQp}U#AX*73YWz4^>3AB=p5oYqB5Wfq;2B){(*z&9
zBX3VJq*(24blWmGl+cZe7;Rxc+Y*}iD6m!OL)O;9{mLEqnoG;YV$aAUcKOraywJbF
z6^+rg@Zk6A&^Rx_TXa`hxzl>1y2rH<usx>jQKP%fa@gV0Z-~bcn{Mzq=P!gRxnWW|
z?o+8eFlJmTzan6@iCnC!%`vk3l`dg}u^7Qz@>{neDoy#v!94jq;L#lV)DylFKl0)f
z!>k|Ojma0VHeNUepSUtE{1lQQC~WN_PD`z=UXD0LOa40cSx6q9+nBEeJ_>53p8mk<
zXsMuWIiDWcCP75g;eL7luxX%GYfrNu=Wj@2Z{P*WdVgG{-%@_&gLKvH^^!9S<NYQm
zI)yDM9}kB4NsEb$!*QJM!KLUBOp5qM*mu%L7fgycs&OmK(z6x`?x_FB2yRtdV|SbW
zIoa+71HDdF5fkEUgZ5_LtF9`#>-1FQcTgs5CLSc1>2yxj3{xWEnyQE+ID3#Zh{*~5
zYdkZ=<n~NeLoKe`?$?(_=#}8=*{6J?)L)>d!JyARnPBjNTodY|uTT?=_&`lC2T(R|
zk3NKbebYGyhy@NfUNo`byxuj<)lIxPb?@`yIZEzoHf{av3Nc=04|eY({Yf^dqtz@=
z^RqVHIng{-QvO$fR($1KdbPnjWDU&I$fq~S-;*CD8)gBn&{rvY=lzy^SZ21oLv7=b
zJyGGkJViE-*W0}xw=EXnDGcGMc?Ze2yUTgE1J?{It@i+?po%{r8S(!Hx^!<*Q{PXx
zPSf=x9rpWWgmvZ+{P8Zo4W7pB`fJ6oNb`mL1~hzpkD7zusDNIm!A$kCsa@pu6H0&f
zhAyv#+$kWbN%OuJ`sH~3$~c6o@Xztl@p5>#DvSNbu-H#4_hOv-<>?+yG}Jd2zFe8L
zQP&ZMKec=3WquEZCB@PCk&W8T^9KLqlF_RUw%q4w7bD)L7eMv2QMnw+uJGMoevZ?U
zVv4{PA((vC-sOL-XeyFsN$MiN<twEKm=esI!-6LH;)MvsX$hkcXcal6b3lnSGt6|F
zD6~u+`H)Y+;h;(6|JryYa8`v2Vhpn^p?2efDfyj;!ff%!Y)Q$_@VismyOb?uNb6Lv
zns=h4tcH5|9=CfuJiIKJH^mlGos{zBn!XL$eX+Q7TgsRo?3nOz1=>Bb9FRmv%%FH2
zkXn(=pcJ|Ym8^%Lcp(k=btJ0qIB;})#_UmYiITm{Yl@6tzjM8Ln28~kCVC3_8<@iJ
zF@_XoP(&_BC6Ki|L5TeyNCXXVL5}m(7X}P*m8|9dlVXe4<30ADf3!~Sdv*(+cXW;(
zrUUIuE~h=@VAfjSYs^bmk5_H!3qs$*hwh{fdDd3F>2L7K`l0Dd0TI6<=ZO>-b+Dy0
z=43c&HjxvVc}foVKo^Kku{heHKph*Eg?mO#%DSDwDD}mY=cLDTiLTErrAxvrbCd1D
zp$AnieAPc`TsWdEZinYOzGwryjkGsbG54U~7R!*^=bS$_u!)GMFIC?=M0>WZYa-md
ze6T>&=Z|5vlBzc{{%GsE1@BU`pSp6hdg0i_iG$^WU}`EfU#b`Ezc9GNlP3|6%hSqO
zmohB#AvtOz>`E5%G=_AOn!i&fC>!$|L{Y)Yz*4=?SoXsJgIqPbvw;Rss{WW0*yTm@
zB>xu+`eaV_PGg{x&5m=)EpdUFl5Tv@IcC8~8{V13QQdloZ*~HMXISmB<Mk;1H^dP}
zpG$JD)D!#&;a{Xx*YcRB30^M@2aH=|yS!*+t_DF-#i4Pj-7)=g%2mmdYO&At3iW8^
zN^~{=vrgky;O{IS8DD>OeSR$uwbfR#ozM_}qC?X5IrMzW?UIZ4;&rA$v-J91qYr4>
z2>;~;1bx(`2j6SETza1xtx5g&Eusr+iwLQIUrTgf&5zMx^mU_6ay?gycAd#lHXaWE
zKHXF#V!(VdnY4iYnu<8Ci;FJUQZaH2NEVWRPy0r?lM6GXjKflhCO=>%+)Ov;Bkca}
z1}Nh1Nu{mr@#MQ3F1qQSY9~eB%wMDm3`%DnN^O2p<$=0HIv(@<z7sVuOVlGRt%A1Q
zKBqm4w^4Rk3EVh8Asf0f<~6rsOQSxo9#8vTAJ#P0cHVy2zz|4X83saoyt}}(>xlVZ
zgn#PfF<vGQTYN|!-v}dA!sJXP1#|ItT7VnNq!=VRbHlMS_LARo;n56h=1Upu@SSPz
zZGm$CLcH8&PrbVdheDi`Ts)$XJv|k56#Z6Hbp5LOx?y%HtmTON*7^<>U>^Q;P%fRx
zJ+laZ22ktkNGg1)p$tumoMqDg-ZdM&v{hV+wsZiAs_ocXdMF=OE|RDawXJjcZQ82x
zn6%uvrM!Sz=fCm40%Pfc?`D_sz1TETU%q!GQj|CLUWE4)oRD}*RK&^LEJJXmS}QWi
zum7X!tHSD9mTm(<g9l4+3j_)7?(XjH?hX?R?hxGFg1bX-cXxM!JKVK%&e{3z3*)6f
zX0593s_N0z)wIk*dY19T3#Qurj6an`L5((4=`!MqqydYZBU$B?0>z!zIB?eRh`(FF
zX!nJ$9o)>JPQIT%PT?@*eHqo+obOMLX%oeFPOW?PqXMX#m!ha+*Tbnh<y!WOnS*b#
zR_m9zE(o?OE(c?vq6{+I<M-QcqEl(p$-;t|p(?pkka8~<X(@vA6x(5hcWJ|i^gaPU
zh-uByl9MG9=yKGo3)wh{<ZyP4%i{{`1_GF{JF+`zDgIp<@cGcWm&d<~R56pX2}bDz
z)TW-%y}f({L@J$y?v#yc;sCHxOp*Yv$VY;DvKm*pN4uIQeHuN1IJ}j;nJa&F3&<zF
zpix5+z<%5%-w|6w3WqQi;7{A*aB}kW6{-D}e}s2`KWfOGGGvll45Ai{t6`)-)WQga
zutHF5zocWg(GcsVQbCC5uTYW{hHm<dVbK{Ua62;Elz({zVur));^#+GiaAJQQc;Hy
z$pl8=yAJ+<BrWMpEkemE;w4HR(++X{rBDM~{kJ)@0&LVa9X1<#ISw~)9hkP>jv82&
zq|qW!KHJ<ylsJJ4#sv&n`#95`LYZEfv8c}d^MhB^cW-mYKTh;@gg|@DvpiUwUz`<K
z<8uU0U#y)`U$8@BT|civ+>vd6>N2w^_>A~wD_OF<ywz-n-YltNjDA_M=TYmmBo?&I
zzjAJBcRz(IHf5D%A*1cm@$9<91A5VMf4b{Q6yxoTPsL8k1ZWy6nr<(3oZ?hrgMM97
z8k?Fgr;p_<k5#4$wUEwXp9&C4Ca5Zj=$H{h`+y!6?S@IEr5jb+`M)as0i~RbQq6QL
zp%zzl-6t(bY{Ki<ODL;QwxKVM$35?nsC?e66vHZ0;m$ImKipkth7P|hokgrJbhkd*
zb}WB=176u2H!84?m$;IUXj1V=@%y;B(aGU6+Ma)pZ*;8VzKP(yvTPS-p84H9b|u`f
zy`99ZCYih?e198#szrapq}yb2xLA-Y6sS=1>(6-q)C$#OAOa$a%*7#<(w6V~ZYO#r
zV`)*D#FVI%(2H3k+d9=T7mk?-@ZkP)!wJ}7s@-Q&={K09rmg4_X5C~GRT#0L=F=l<
z+pA`n8^_zKZXZ;73fR8>4U--j7+C&hvpi_|I?I%9Mn>?qB<64mv7<8{J1&j<%A`d2
zGdCbE-Z<2-wIpPNim0wgzIR)aa?{Ig8uE4tcA%sCKX-f=VUHIFXCG8*;YOr^N)+h@
z*eSG{I0@BxF^(?E+<K#S_j8?PbKNeDZ_LJeGtyco29c*{W@_M636-d4Ej814EL*0h
zxo~eM(l)1cw8X{j5a;vu9ULb|#JcD;zAE#M1xh}h7G$G!ACO(SB)Cg?eda~QGnB$n
zDHx<o)0V_U`a}~P)Q(H$I4=?a=p%5CpWqPM|GgepMs%juJL~(8Y!tNW3IiR|QQoDz
zDf-I3j13cF9IhZr3RhSpo3riy#$!Mz(`@TI4c4ZTLd@^sGqja3ncIc=LX*PL&p%~s
zy<~4%9L(=NxPTKr+`k^;R;|k!`&X79N{WE-Er5E$d?kSKNbm$A{d_73Wz4V&VojBM
zjiHEG#il^*Da$R4Ua`osF#|vp8!jY--hZXT`EtlMG|Q(7l1{GjYQHx(y0cujmTr$c
zQMV$|p4hY&;}-d8b&%wy^pa=(Y+;x8@U$xyi+Q$=YuVJQ%dKOQKx@VP#S|qbsE$kS
zR2v%m8<3Jao941`3I4dD%%$<NIN}@+{6ct5mu~FU{OvSzIPopPr((a8yWw5ed<^Km
zepNzpypxeKc?c;ROI)<-&TSbg#vm;-rnY+&J?Nt0DmaABe`Q@EI&JEm?fOTP-zIWr
zktW2AP_9CmX=G+WHH~M7J=rX%b{P7A$ZkXUVbLpD#i=DfgiA~MhrGJzATs&-UnldC
z=nSRNx3$D?E+Rf;H4c5VAZEoPbLEG=g$_oGJtWD3l~bhy=AqkfSN5f0gP<nvS6dk8
z%m%(U`qv%oWsPT@i2#;SBVCbn#5Ob7_a2BRSESLtxMFx;JI0Q`N}z?P;>HC4mua?E
z#`JndbK<QDvBsT}P=>mC|LZ!iBc(Q;T0Yj9qounRz}SHj<N@vW_+o|v9;SnLEYNY7
ztM%oXJn~ZeJZ2I8<L}++7*QmtBwi`cP8QeBy}@&~fovDs+FG`qw?O=i#`(Hrk=4~F
z7w|2evjD3R&_i(Ph*kyw?4dj2Nex1@Bd%Bmq-@@F+HthuRGD81Nd@dMg^>Oa<<?LN
z>Y4=`Y=XlN692oRzC7SjZ|5|HehOZLkoQp0(sK66|L(C-M?%-TCfK#NBJL(?$`jr}
zM<m>U{o`-uCJ$*i!v|v*7wB~Cu*kL<jfPcOM;rI0al193(lZ0Et$JZ(Sz*^$@>Fuj
z`KgQzqYsKsN94CYC9_WCUTS4cnaJr;);lD76JpS*g5*3{%s=y&o!}#A{+9a_R54-J
z#m2@l?u8a{BEnXb2EdRCSOvtJw2wb{fP4*T+<$$|4twi9yNZZD$kojArRW^7hfSyg
z&+OUfK=ixJ58s%NfkRz;0-N8Zi}V$slZb+wO6~>wvHimOu4eD0ru{qLMcOh8_GxI|
zPoO)KkMCf9Wqip*BA~S-r6hD16fOHfKp}?_%L2rj{Rl4k*oWo=O+f$;_dlHp;0L?Y
zS~_}t!Z-%M04sa=&h7J^&+{E%;k_ouxeIyFYwe8Qpa5Hepi8(ULbG1UxA2;;m1D}Z
zK+TyZx)9WHTEP9AxV^W-azQv}@%p%O+BZTl>|ma{vR{~e(12Lr@R*wtt0q9WTarv)
z=!jEF)Huz5qG(UA$EYYCpD;xC5&hq+op~x(C--=|0u<;Y0NuhW78$(fwJLa^H>E|P
z(3cE<++PJ)78=N2NRM1{3tv~?L$0>M_osd&Q{};>K=@s?K=#z@`PCyq%SQfEF?G#^
zlV_j;Z|QmCF8N`{f-%)ILidtMU9er4_5rJF$08uQLh(Zl?Iwy`Xg*19d>n<8!$)C4
ziTrp;3Z4fnplgTn-wedFK%`xGo=m5Tnl_U!MdopY{u;fFwOn|rQ<~I-GEplyYwa8_
zBSW*6NqB78{Yi$Y-I)Km+|Tj3|LmC;vwYr^5M3X?6n^BV3C(yQlbrLM`b(7P1RN+v
z)l@CO^y%jcsair9RH20T3d3Lwvmv;lF@P$W>qt>51Y+~TV_L<hsB+YlVQuXCLFBN7
zE)~Xq$zcn3RgmSVK$g40%6rJ0r`pz^4D&DlPW^PywW$5*5G-`&=eXj4X@I}eSVMjJ
zTuL6URw8v}c>tYe8?hK*34vNYNyN|W2fGMEYDgRq{j*W}k}-~C5RKRvP?nEt4yEWm
zk~Ne|>1)0{qdo)o(0Wg5$oHS?(wey<10a<cf>bh}q|<c+Wfi{I_XSdy%*sGoXc@C!
z-ciM+$V1NHA`WlHe7&%&;Ro^hTz%QLGQO`6(&gvZh16mZk?NZ{4jnGnMgHD+3YQTK
zeVQw~MN?*K?5;*jpcW=ELRXX7&u$T>%g8{^gua*|2i0nhTYXk=r<#;1w3Ks5wOe6>
z4=#N8Z}O_`-Uw2NCP*PQi4R8FHWPhGZJK_=(o4gw)eUF1A>0RGtkBBeop(fx2kGha
zUQs`@&|L!S1X3*a7#7l2#r`y1n~tuU!#8Ju<NX7lWeQKzkVNM5`W(n<4h2Au2HFyT
z>W;wRYea$H6s8TpCPcQzP+>=aB(BDYozc@@5e<o_{rQV?+AZm;t{#Ly<G-}WWfool
zwibRj=%|kq=I7gE;csQdcD_`7!~o1lAsiUk-xeHRc1%%oTh=WcI4|d|Yd}_&Hq*({
zC|h{g<HlM}`o7pi7;y*jh=@+^;(-N3Zp9?gHIv`uJdCgoF@zU7T^ObEm%IWo>26Nx
zU_~`?#eyTnd9g78-O2a475_?MAAt9WrG@VWk^%?JY%P5B9A>ytrFCCo4TqR7u)<tt
zrHS5DO00IT(iV7Qu{BBjx-i$ulBoT(DG;-fjB&XJs%9X|_&FA&ox3<;0U-bq0#xCW
zJr5J8O$_1wvy`?>o?3LQmPFnpzQ?XajDj3B8%=4T4f3R=Q~Q@swu<b38j1Wm;H#Lt
z$yO-~yWRY1`bpGbSeJQ540HwuXN!pT6d=>uNrM7hle!|VJ}z4Wt#3^$i}aQrSL=HR
zTvvrH9tOBw$2ZzQy%VNXY)#t-yxuins2|&LfknN1)qL>zt-r0Z1=ioa=IO*G=)soa
zxh?nX-LK+FBGx*%69?!|(zxOohk`w^jYFf=L_<u)M?I>7AC*Z|hRT??WUoeaj0pTT
z6=i|{-6(GoK$4CqM=I3U(mnHG>=?j}{xp3?TVY7KboPT5)sN@2Y-5q*ZlX(B%pz0Q
z9jTs|I0JPJuW(ztn^|Z5p~-X~Jbm5K_-ZAc?c!*k$G@akRQM{)3Gmr~FyNm5P=I4i
zNIQ@9ZA%@*Pr>;%&1LU^2{jG~SppJyVj6?NRq?bb1;$q0aqNa6#+}BkFnj9%@-L=@
zwf%Kd#|}SLF@wMBj?z>iQ$bZT^6_-_V`_bm?Y1FPh0w6Qxq5W9x#V`OSyUobgKMGs
z%?^uEHu2^}zor{?<en0cMAwX`&R|B1#8SElP4YE=E%e15b7CVI;EEd$cpg4SRozGB
z<}>jx{Ur^}&4=k*3d-_j9Ao>*0zt|2kvLsg1PWm?5gq6ydlE%sF(M_r{t(e3{I9vR
zjej>snFqe5*N+>Z&CwpJ=vA1f{^!n6?L4utB!L3NsRbL1fuz?~7Sup5o)Hkea?gY0
z_-nuh_;#STkAKTz_KCT}%T}|5%T{8gN!|2}X_z27*;-Yn=F(&`BjO4oh?4=c`+nrt
z<NdbGEq*9hw5JC=_p&zDz|G4UO9$kriTa^s!H;f9O0Aw+`6RP^T2OgFL0x&NAgO$`
z_-@*alOYDXQlBVwtm+p+hPVB7KLNdhe<Bj_pT?3HGY0C1H_6Ina3g-vd*@5@ao*>A
zSTfWO6Bh5O94ehF&ZtnaIL}6~widfOD!cSOHN!ToTh{zz_pJjjyT)WQpgVrNiM_($
z$^1~;X?@y|d3gvXPmf5F|3sG`hOF>`xByL9lH4yTly!vv3!0wzJV}(j5Mu>{JaEX0
zsDyST`LLcU`-$$~+7P*;J7fiSuO83|t%O(JgX0l#M4<w{*|U4cGM<g|{zu_a{oRX;
z(M)fV#^3%Bb<t-pN88)R)ngPNkxO_PtAnqI`Xbtn>0GBrzAY_T`#zNoc`5^4geNsp
zP5qWL@!dt_S^+7bVw8M<)?6HAM)4|1oPmednJ}OVSv!t4n|u>pDqoy&pX#awIy~jC
z-{o>IB5&h12ayI%&{M6Z+D!MO2HXXYA37N0C==Mi59f~~j1jh#!B;~VThbqqblDu#
zeCOWo=BTdd6xp!_@@WIbG4+bj`eez&v*jTKX4Mh^xRNi$`afbsC&Nk9sKn6v)zpQ|
z3J8vU=@kDx%TSX+63CzLmj%V3V>Q2QY7il6W$BC5uzQ#L05k5t#%WwTJ3nT$G&njs
zI`(`wpDx=G9Km(o6%|6D^^|_R+VveN<$cXbnqdb=ed>;LomPY83CEJL`t_Lr0T5rE
zI}`Nwj#lLaoU_IwEYp~EwEsj4>WR+3<Rxv7zO8|3Q10~;C*}38v$)s0`h%4B8sVic
zD`A*8(m&FBe>VK)C~Y`^Db%!JZWPzE{Xq?`LJnUp|4B0+rZJ_U+}+DmSsk4WW!q2G
zjE)JN91l*be?}%<_LJs+O$~s0b6VVVD!F^vf=U$}zLf<Z=UI&Y!>=+=#9`#6bBSw0
z43We;D#Z1_JWjjko?B|U9UgTq9ow1GoYf%Fyh3F35xgu|d6XBF;yZcZdAgf*J+^t^
zOurtjU6kACWW1fRggr=7rjPzv7GX)s9~ge38LN|b*OnxacbNgA`rp2wRPFVVZ3Vy#
zT`3-M%8ztR2Z9#Tzgf{pPJivxF$2i`B&iXMzL|D~x-9=PaNxOHhWco{#QeLY+<TdK
zi4P|f|H{?BuZDSsGsuehF*$l?+W+NDv_G?~ka}99Hi#TMNvcFXNijc6ROv%p2^y&q
zIe*Cqpd?^qD}{s#Nvz~_ktIZ047V!O;hWRPS#N9~F{OW}z#?yyV*Wgt5@-rw^QHir
z=TW!Fr#w3M3BOrPpAMfzuz0vm9gmZuUim;Q=EAen`$=D~%~g!^-}c2me4g(UA0M>w
z&qq%>1?yl^F4CtJ?(VEEl;8>$4}o6~U3UA#J*O{DSs(mbTZKfJj3{cr=0R123ThCI
zpen)w@b~5aWVdSRQ(r?q%Q-`*ht~v?REdfyPjc=l4G})4cl-QRmSjG3<J9r{a*(o$
z2}b1<)W92Z5>1xG+c~yEg`PXY8})ys(#I?YgA(ZM5GsC602B{UeNpB?=M`CoInq;9
zBr#mkG8cj|im>ALKMJx-C~@<DtPAS){F^=pl6JcXQ?_t#g*sidv`Ez#D&cu&^bBZk
zy|<2RpQZSk|2u)aozKA2mHp$q#W&TbNpiM{OGpF*9-q|?{FAZy9z3UQ^D1{PsIY@I
z8Z|`@+q#t&wh&gGYX8%iB)rUJiiw~(?-Pv^8tZ0zR#4kGT;DdIH>V}s?@vk^il-AD
zi2Fp<i8c^@++zV`Rg0{rpq&6&l@O~H=EAmE`p!ijsH<IKB`xS|_J6(A$Zl-aoxRd9
zj<>M6V6lIH$q4A-<vRS>dh1yY>8$z{<7ZXD&8@vjb3m<7x>+0Ur)jxoqt~en`^gNF
zCF)cVxo3oG>%#q-GgUV_e%tD>JiJMAu4VUe0NAUk%@WyoeP2^+i6Swqn~=~&^-Vx^
zDZEcnSRC~Wpek&t%<z#sUo@6<>KRZfZ+p`P&cQuippDJ`o7_GZ_D@wG*VL+Ft{?C$
z_|RP7lRzEuFc4~#X>Bt?$I+byz&SN-Ya%cFAax5RW6tbN6sVkC!p&1ac&vN!58n*w
z%%L(C1(o;?^Wyle&Phg|_yR%3&2!(6BOxq-m%jEA_LRA^_$iaexHV?OkzZyGnmkLt
zI+zRn)e4zDMXnlb=oISVTMWe+3$()rdM*+TBz8s9_!H^`^0tT57Z{X_iRY89xXWjJ
zb{Qgvb4n0W8hU~Dr2BOFZ=8rByCKkV_8P$a|C9?`L34a3Ljup{oZS8fMZ*u?&WJKs
z;`QTs@Ka>92?Sod^Vh2{++ZE6zK5d;Bplc^VboQLcNSr53jp#sVxb7!mfE`Gcs7_q
z^7w1@;t7raqE3BqVj4ZDBJh7kExuj=efRdC?@B>}j9TE=!z%?@==W0Kmpw41h}W|Y
z>Rj_{cg#<)ZL;n`%;BJU5L4sqaiV<HyIv-t`4y+Z!&b(+{Y1Ln{HE~6yTK~*#XKUv
zsj)Nh3Ilg2K4hf8^|RzfwGbMOKe;xPLMwc>>zCZ>EdZ97T}D8DnwFGv5F+NYikYB5
zO2I1;EPR3Mzxk3O5m#uUR_0c3^Sv-?7nElRs60;=RZZOh1D4iHG0H@LlO<6?V)V9j
z?o1}NpxI019dM6q(z;V!N7SO1j+HR}T842f^%P&og`>u~)COzJW^61xK1K)B8a)H}
zQX~jTQ=X!Uqk)c};SZ~YqN)7}wV(u=;e8!z#PdT$83!qzgekK_i^SpNhik`@g3U7S
z8!%`;P5reQ`3-@VvzO=}-I>8&diXPoyues==m7MGx5w^J^F2>x!+wpA<lY^8;Ax3s
z&g}Y`NashlR`S>>zyjE<3(o0E;>7cq%_t$)D$7<w*h3O^YQ!P^r)i@wS}iDpX81nG
z&whvY8bjn5OoNc<0R^AGBp1=k_Y##jjs$%4(dta1{@1ym<OCg79~(4-mVhayMAkZX
zEt@$egRfTY`pa3Izpmw(x1*ue?~8fNjt3SQgGpe8BY*8Uqc9}ca$FB{^))Z>i0hzb
zuPvq&(#d=3sbBqEY{tsN^DM2f4!5P>4z>0E_gK3HJ5HUfR_)#C-n-I=pT^uDMvQYi
z;e~w{iO`a|zS8>3=>}$Xs^uN01cj3D8wrZm7>k?Xpi+#C2+}1B)&U~#KqLMe2>=x=
zH7O)W<9QL^Dr)XdBsA@<h`SU<rtDMO=QF>6uh+)kN^YQt?j|H4n&6hs)7xC3+a@m$
zq@r0&!(DFcM%C9+je_8A-P#se*UG2%<riNaGm#Ff7o*QAr}dg?{2W_4+Z}@lSO00v
zsaKYq#q{=;>@mMrACotJS4w-^1F)S&$}aZcE}&wg;z_gzEKQSc9xg7pKxPqan#E2C
zMB7_%zbGqb^S&z)oXTR_4F25k(@^Uj3}CGELLb+gaZMIWyEmfNeT>Hu`HU~4xjr`U
z#+nzFqTFZ}kt$zmcHMkOpmn}WsAV2}IG=9r*>^1M$k%?h@6$|D$v;{540P(1zWXq{
zBQpgS?b0ZJ2)j|bCd&V$One5#B$F<$hvX!29*ON;bSGnbq~ABBA)NnlgQ~N>yo~^n
zX)IoTgw!s`AMwW)(Z_j5ON9?<J-8_uQRLtaw)|weVi`f9Ofen#Y6C>;s6r&MMj_;o
z(pxzN=+^4n1vBPY6yMj0?SPj=GP`0z(jR`7l9Z6Mkojmk-}rIf=itV2$<MDTh!C}G
zGyBVC$a~GM&&$SEuo*8Oz01*4f_qeVx(nQ!Z!Kdl(=x=i9_7D{IdS60eqIzjv7PW`
zzQ;tVDliCR{uC#K9Y{L-8jy-^--b-T?jqh7w_t#>532zsgc2x*@*R+9VZLWY`Kz!z
z1TLaEz>O#YOJ5zksL#ao{Ul^D0^^(cJe2(khXSaG6uhO`Cr!+j;v$%ebYS^1+iILe
z+?dp6Qlz@2I1yluJlbY00Z{%x)OHcKZ*FrH=C|Pq1L=(35%dg4lmxlKO9I<&DoOB;
z+J4~Sfi*JpuemPoY!%;j?G!=gO3VbAYgh(ku4lAkH*H=-u84Yl*4COMf*eaY<*sJ1
z11U+EB8|LTl=bUvqqUQMe<mA@%u-Js7AH4XtB!!E9Z>}=I&7pHJI<L7m_N{eA)DDL
z5Jwx;O%jsSutPXp4fGg+p6ygUObk(hGD6nF^4-oZGW(u7*GOKMB8)ZpOW-B3U!a(<
zfXUC?Gf)^=D;kTBFWtl(Vsg|*Q>5}4JNh?wm>DJ%7Q9lvd$#-8EI~%O)I30z9`zD=
zzO!Xi^#gCPul&Q+gEYXrez@&f2%!9dsH=4DE*B`fj{sZ+l^Q{JxDh`q71g#+lQnq&
zHhUAysb?W*$X`iHCbl_V68AYkk|_CtB%zQU)FW3)5_6c^u3uksv3Gl`T)6m|#O<2J
z{_IZUNMrv1<^g$()X6rmU*Pw$iN^nI1c>4fwijx@EgBX?#U;NA{Q+)3+V~M7S&b@v
zfqXZG(D%E5^5bX9_b8QAU*pQc8-GJ?p=}tFnyYUXFj<TLESNlACuRW6SO$<BIzY+A
z=L()l$cM*ioPw7dvL!8->4dYEucaNqiJ1pyfu*SZ%JP?OvS{yZ6bXXm0;YdXxp%Ti
zwMCDkb<giWm-I>I?=}H^QYZFwnaS5C3~}6Jl8=~le}I+Y5OrjyS`*`p-bJl5JwV7B
z1{(P+_FLQnrmQ{@`N<bU&$MJgDaw`FKB?ka#@H}ChQkg{1~CM>Z<r+7qQj7rkmQ&Q
zSE=%+>Y5hWh=k2jkm)jtZ4=n9hEi0Iz9)|n$JCK6M;%c>^qp6~Zd2tZ5>ln0n&;!?
zL8|14yJZXBND$G>qHJE2K+LPqAK*q5dW1mx{6p;!9CDD09Fp&&Ae9U8Shwk6FCX&7
zM={5fZCR3kH5G$*ohACVn=NV{Y{o^P$FGhQOfAYquynk0QbdskZ5OGi7fi9l<O>|!
z%iXR(MHtJpN$Qab$mA;ow}E$=B6`>joLAX8nir8<B}vgevi2V62>yX>v|Jh4@L|r#
zAqa|XDCr(ek@&J}Kc64vH9OzWUA^@RKY69;|JBS?AYSi52WPJ+0^Lu9M1^oeObBAB
zH6ls$1Lv^o+srUP<(uzU8iA7!Zs@nQ{)#T=XUABsdpxbb#a|vEUr`$$@pUl6R31Ct
zEH2RH^#~|v@vW~-entG^3!<<^Sutg=FMfx}f+&@s0L?S9O#-i$Or?d9;M@N^6}Dji
z`6(uNn`8h5y>nA|rnXzkVkKT(iWvQ%E8=zdSHukRG=(i2up;WrSNslvWl70rsCB6d
zCPjGa(3})z2gxuo8u#-p<h8=GvWt}~L=gSA2=zdmBXuK`Z#{gxlHaWf-g5K@WIO|m
ziI)^Ld$*LV!5dy*&)gB7FxGpZ;$k1Jb9qv|aS++#W5W(armLjHZ6EDS-MI@u-8C_3
z4E6#)n~0sU0V6KmvFN_z+W{PMpBKunT&Am(Km$>je%dLRGa=-Y985-a4NphSAjiq`
zGZ*9s9BpY?rQaiX*}RJuR_`Fws9^ft7(}uo+ct=Y_27H5pV`cg>mz@63HA#p{TM4o
zmGbo1NY0z-C~F+1ia}v0jsWvv5{H25xUvF8FRL#TKn~Ppeq_aQB!KS{I><d-AcF5R
zL<!73d`QYq71BOS9HD%UcC*f?%=(IpVQ43}_dW4Grp=MxCpYS^cj%rF!1qrS!3V9%
z@0<45F(-b%=>|0Nz`st_Y2g)MFE1XrXujsLb1qJrm~&fw9{R<_^VO?yKZ>6X4#@E}
zK&VpStrh>``Q_~k4}8g_*Ay%2Wv<I53ltGk{+y-?0yMZq6$YE7JtDpD5~LBg^yiU2
z^7lA}@YLOZz&4GZz;>u-zX|^;{DL21gwm~N$h9dxGDzh^%$G@e^(9Eiesa0#4=jIF
z8Uc|XqyR+|r64aL2{*J0uzs0^totdpMr1h2U&kSo-*7FDZ=;^aPpx~@8dD0Fl}7&~
zn+3ClYhC3=f73Dhqpy}z0kp`Fa(ADY5_cV6`l;B_8KX?nyYO|Y`e@4qYLcsD5G(5N
zc>~n+2;~p>FeHL?X|fy1->ad}_Cxn|M`TA^WzfYmMb?VF0fGy7$L9qGrO_KBU(Ej#
zm|?}Dn&7oFn(_jZFk*+3B}(ArMU6=}NR}4YcNO#{zpB3bL8OGS=Ke(RRzMbVPuWBD
z^eV1l{n0b}SB45l+l_tP>$&*;>8ZG*PF+>j@9BEER0A1_(fa0=#MK}9Gdvp7<MYnN
z$w>B4HGII>J7_llFy4RQJ<bk1Of>3282pq&$upx7ihY8|WoA2mzYtFEu-~%72_)-4
z$iJbIgo!Jf!PPA~4og30Zi=J&Vw8HFhbya>nC8<{U^|QXjl)xrmMO^k-}f@LUK2Gg
zYVZB=S*$*})fu=@6e&2)hkZq)+Xw2gy06wKyevKPOYnl*cV#YS93e|*d+=_06hEdl
zo0W{D4F4u(OD2~}mI{Jm#l_MT`~w?~ro0o`lk_w-IRk2&=-d)%tj2Qj{Ud{JeM00z
z6AjziVA4T<a~(7BC`1J948;7vq&c+E5E4eC*98{G?O7Xub&ih->Y=iA**TlQ#?M|#
z8b+i|fP#T<szm#t0Q^$#dMB5)evrdOQswJ{B5+%vrZ}4U67?%GtQ9t_VxFa=UAxs?
za{bjnm%Een9Biiq`O5)vbs<M4BZ6^U0hn|O6lTmHU^T-+&NDmvy#UKq%w#85ZAAUC
zk2s0};E`}0+0Oa>@u|tqC$8Y{nwpv>mhw*|lLD=&{2)_FvGM0Bn*)#cXCtFJ8xf2a
zUs2gMSCF;D$oQUMvJgsIQwQ$A^@fVZcxR=xgEUdikn&IEVWD{N&W^oqY`pDN<6Wj;
znr?l2vaD_e2KJhUv%d}%e-fwR2Jn6o7D64aW3}v!6sq|zGFtddmvssK0Wj$rD2P!k
zObNV1-(OqZa7l4Hki)C;v^uW7+X>0|!nZlnpdtT9$<k5AASE0Bqhy?tgcluIY=l_T
zV-h;&-DDnr>_<es*D*(qC#(`DO+go>(-Dk*Xf5C=PwKnDJP}3W5tM4&`m{m?(sT4W
z<=$%EtL2wnw&zfH+22T2#b>&N`C%@FZ?%*oo}|o4qdicpsMwl4e_%t>l9#s1`?JZ}
zN6*iR9JU3D^x7p{*k?x8sym*am(ih2^#87Yw1WN~D4Ove(CVjzpS+(2&g33XW^wy*
zQy+e<Pc(?27X@r5r89-TaLv9aWh`;`X@4m25FK_|a**O#^%M>WOk!Z=(yRmGUSH>&
zJ6~f?48#$PYpOu;$lMkM+X57iz{dJO@yKA0%AfWr?V;Cxu$2l{b;p$uwHzC5n0`QD
z9FGfi!;<R1ksA0}5QBBSu&}Yas0s?zOiAnakFk9$*Xdw{jTm28p>DUx1d*osWjVn`
z6{y<R1U~)5fw^?p;HX23OmSAwYE3M;v{t|mEA4f8#BknBlIe!35nI^I64-1E4q(Dv
z4tP(d7eos8d#`1YUW1eh>0?k6o*_Kq))xo3&0TMtV0ZxbC#>y945pv9(^xF|%G0u}
z-FUFr?VPX@2z2B)n2hc1c^3#?CSzh~l1@3P^`1kI@dI~SiM{hBs5>i;_PP#?2;wte
z-p@fsqLHo}eHe2k&WeKCa&Tf>8lT_gcw(ktx(|>KsF?)G^gbVkhTlM{A0wZZG)x{|
zYP^5sG6%5b;xX2)LZd>e31=JbF-m)K+x$&S#qXg!fh=P1*KYASL4AQVQGN0P2V<w~
ze2iW?r@bugiwpJG6@zor{B#VM2W~9aQZ|RO^_Y6|0X5BWHubN=rKv1$k9Fv@_lM^k
zq-}{-v%z~RPD>Cx&$S%EFXa&wXG_46k{<Uu*4UngK$;B#&DI~VYiA<4pR@hED?Ns)
zY&!wINkSFv*D1Ic%=*DC1J>hPF7m#{U(pn^`x^pj#v4FWsu+ASUKWyKd_Rw3Bu{-j
z<C6cC5I=YcYiD$Gv_sMRoGVB`CD^I>gD(yiKmh%q-p~dBo_8H}sM#wJ<nNk{P1hM^
zT2{*6UtP@DGG}0IxthD8{DI)@V#4o*7<TcEd}EjSsZ~W(5Zmq8m7*kIH2OR{)H&~2
zGyZO3^4@cCGI_dj{=m`~hYl_f1Y;;+gDi+;fu07>Nq6UP>BS}oJAABpks@nu1TdN?
ze4$byvCx_18f+z>#GNgOG-j5v{PufT;F=PUIUc~~sL4{a+xDE9a>ED{`~=vipwz@i
zpe27T`j`d3FW40N1B8f4fe^Y!L3Vo&Vx24WXjE|T$68h6M}}Pw*wm;K(VRa~^?)h-
z&BCe<zzQ~p-xny)AS>weG3NJdb>n33jCS?-nckIig(}v;y7cn@fDZsVg~7gt*xxRn
zyR;;Xbg9hC=KsEb_c#R?GhMfi;CrFQcqdRAa{S$G@rMDoFxFU~r~nQz0!^Z`5SWNo
zH~l&2U&i}OS}ft*DtS|6m-9<3#U7RD%B8YPUZ5kWPlaRc$02S6iQG*DVtq4L&}f=W
z?ix{zK%C|3y*b+zX~Bgz^DMi)k<LdsgbUM>*mKC<w4`S2X`1*=l!zq^#s^SSPD(S8
z)fpO}$(5|`H%CO2;v>ony?zVTelFEw3dXBAew{4zp2y5Q2A)S>%g6WWel2nu2VW&^
z3jG1XF@r#esN_WNXquXU?@gJ5PQuAmtRwF+n)6|vjShBV+L-x3qyNT*bN8rzc%6)X
zP;%ftPY!ff-i?yJb<fziDd3hhIg}rs6_m8CPuzX*xFN@>{Z7@O>5d9~(|*b5*2rD?
z{{7kfZ5G4-adRaM3~95NE%;QQ7!Rz8LQ3c^gHl%|;NjVjH8m67&YQk9_z(0v3`TE|
z)qJJFExcCUYxIMZPOBubW7P;0`rO!6ZR-GV(4lWV|DSCK(e?e{@7)J6^I&ozf)wux
zBH2}xP~Knh&O%u*(gW+gcfC0e%6xM==!ewnss6&qp@q2X%5Elg$M5O-mhvEHz;04U
z&1hY#Pd_;uC5_7m)~F4EyqQsBa6TjMay*y`c@XLFnW1cG4}y=SEq!p}f(RHbxMot~
z2T?G5VEM#<&p5AMHpKF=kP8=zX&@eNM3@9bklbt#2~Ig$PQS;A!TE<EiKV9^@+tm)
z&aioz7E&ac^qaph{E9VL-0;+gIQCy%2f8EQAP*kwqJVx4ELT>FcOhQ%s+7lvoi_d*
zAM-moci5v>#E&Pc`9239#OPq6024bK;l(=_&U~_|GbY5Ery>%ZOTV>&@8L=`MPVru
zVW!Mq*>D`QFeinw@(verF#8NA!?Fkc_&W)O<N`)uU3)&BxrM_$u=HPS5vaNIQJ<Kg
zp&*L?4X}qoNb%v?c<~_HPr-d~;+*mDHnH%Ks?YD)OdH9*2ky@ghXZ?%kB`SGd;@OJ
zW#B&4FATaAMqHzP_iFIP+QjFlk*d}nzjXn)5kHUi5fbABg;RI`0b3k;B3n_i9kmno
zv?i3YPu<-Hn^P{yHB|N;Fk$rLCng_IA_e|R()PrKL+|c}6N{yPv|8xXSL~8$Dgm@T
z?UbP#NVdKil08bWc_n(QGhQy^h$G_GA;W8XKefp0p>o}=W=8P}*Psl*h!Et4A^!u!
zIKJU95b}oB$*z&l^)w8L7b9?=_RGh+i9#9^O@=4zPR_X_dH=tULx4UG@t==>h?Qx3
z64W?aB?C;n##&^YbJkyu&5_usd0y7iA%|vVUSLYStRA~}3qOEu#Arc@E+{yYxo;ch
zls$csJV~L=bPP9+i$sxT7sibF1FVOiQ1WtBnmGrCV|VG0)D9lf*z)75I#G?}UCT8;
z5~TRVMgBWSgi|JnadQ*Na6x$*!00;^z?Kgys3DFzHkiv+3_Y`QGyjI4Sz&`|WE9Jh
zz6m+vi?e=#dtLU0w;4K>7!BGq+RFFgK%Ws?E8NzRt{LVJbWipM^I{5-Gj%%PU_2O&
zB-nOF2YC)YhwsZBP<_W<%HD?&!TcM4^0I=cg=wOw<pBXnF|Z&0_TnFc>*LWT7KjKT
z(K=jLAE7!pS9q9|##nOGTdlN$buy0MR}1lm-%5jO!}2>Zg_IKXk<fD3g{n|t6r&XU
zXj6H@ZC`1dga1JH!>`~CBsZuV_$xm<7AiFiGHyzt=*o!@0h$nSp5RlqEuu7@|LpgH
zf2fd;0eHZtHckMv;r{}os6I%}N3bOC$2;cUsGT)UE6b&QTw6sE2I`MQCczttIbfOo
zErAMyLgutm!YS>ce_sbnRQV}ty`y9teQq+_c5_qPd*m4vk@x$f+Ux$79?d*sr*v2M
zUgFKN%>0O2>)YcGwvOw|4fDk(cOBpqL&qKAgn}_M9AwfM6lr0QN&f)r=g%mHhG@-p
zn@{$3v1}3v0dga;nmc9JiE=R{!~FNR)1xqC#D7()SR^7WOd})wPe@1ZMUyU`F#1Ho
zb$qT&NO5RPlaoEVR$YOAi%v!Udf&<l<2J2SKa?$93#dJwnhU`{peN!lS`o)%PnQgr
zj?a4Q2s|%TsGF77wmxUPV4eizl~}iypBDj?OMBwpkM2f=ltsnThvSxr4Bc!a2Sk4W
zW}lYW@7HyXe7rVtO|S{<6<0=Or;Ed0v);}Zz76WcV9WrA{}U7*r?+Wy6M=nN&@8+T
zBKbsiy-$A-+e)`y$R%iV?p9~U(1mjpA-nuZK^u8;Rds0TY%$w7_l(bk7oS;^ENS7x
zWS;}VN?|(kcP{s^l%aU*kpf1L+jQC{5}yXSO@y>5oD|E#Z$y-7M%}UW<f<sper(Aa
z)!iD+68#ZgNE~Lp<We)W!2c+g)dRVd$zg>QP;77Jy9fsTLCFZPPK*0(Z_lwCK6GmH
zcA@>vh+xYB36>D6_7~E1xS<K#`eE$oW4MyZ(b<~!r=dsQij!Dc{F!iL{}fPi9cznH
zWX4`E299WsD5d<H!a2Q6*ZWXt#EE~5a}#}J7i|0&2`sRUtTwcf^_MQpCh6glW#ERJ
z@l+XZ&{5BFK2P_&xs!#fm0D@Xi28AFjQ+mlYLF^HaoeIOidf~q%3igUN|V+X`*E(d
zX5NC7Oq;1KU_L=Z!)o&d9Uv5f;7;S>?;w^94r+7d{DJXUTE-0hGqeKpQt4C^=}-&s
zEM-nT+ip%ZFKsTCc(M7-tJ~sS=rA{sI*A_EP@z;L29%wh{k;4*zQ-OUfVlIeJ@}Xr
zS7WC)iRzM`aq-pymF!|?iiF&uNuE3{{DM`RzR3?(FzJU|!h#9~-I&u~4>%|hbsRpv
z#lAl@{0tv|KG0_}IQ)eipdHk>vX-KeE0Tt4y6H%AtS6h_ct~%68*}^h+dvK%qYbC2
z(rYpU(@2K>bhemzB60fc%taD(-RZNYsIfo}9b!lyCf^@mCBZ_CHbtRo>x{BjzW46&
zJglu0ELZ&$m9|^$Xn$DtU#3dbRut_&OjSfc9yAcrXTq1`@ZHdRYRJWKyCz^Kwk&z)
zryReZA_1{T`I+NvInTz6D|o2F`lhgr;ZOz8M&<cMhlu+8F4sar<IWcc##yQVi-yji
z+MD^UxeWU7eNIdbsM=h?TaoRXF}Y*3{`&{I>cWoX<QJ(?1@s6Ohaaodc+CAR;?k+V
zl1_l}ejTN^J#%~!6$?+iO0%G#b0np~D}gI_yOieLyYnBdFC9lCSrOv1@1>_VI~|zF
zzCL{IpLuv)D&xBB2e#i{HQEy2wnx|3UT$GYoG62Y#ibP*Ffe--cPzu>YA%HS0G;$$
z9|W6*tM>+}_E^qDT!zwD6&p?%oCIj#VG8qgN(|h?>gf}i$zN{*Q6)0gXA)E602u?W
zLk1Zmp6M1zFqYYg;AKGy8AHWXK_NkXyXQ^ewi)*PwbzW&<{HBuLL4@B$q=)<32Dp_
zZZtoMGg-ZSG=Sd8t-aQ|UHkcE5JxkaWKT3RD`6GV52l-bB0l^FkfE8XEm=rp*hXnR
zL$Ku8O!gw9Sq$r|{hlF@1*2uVR@+zIOT*;_qJ-->kSByIC-ACx)0LSCXM4uh6Xg$t
zEBvD4L!hbA|BTi&ET{%ypa1zg6}4v&x^<=IUK74iJC`4AU$NfbJf7=B?$?Fd%x_Ju
zyiQ<IjEe*dpvc-wPJ7qdZF8l`7?HByUXT8*vE7iK#c=y(eZ9R!{p<JE7==osA~zXl
z@RrrgWtH|ecA-tj;)z*h6cV<d!**h7)>2e&n`LwnBZ~fXN+Duk^VhqLi>(j#mS>o@
z$#CW8PE8dJVV=36)(yQnm2rMiJB+qE7R)MvINP7>JyHHZxWNFOFJXWFIffjSYCIZS
zocvZ538iKq?wK&rR+VUivsD+J;osk3b*MLRq4w!g(<=MxmY7xcl)raH{Yd5r!s0z=
zqLVxrs6%EcE~jD<6QtIh$iinE0!#Jzz#;a1@zs;Pc5dqrkRm4CXwmL%?~*_MxSVdE
z1440UngX7>v(gmxNX#e^@0=z-CD&4-(79-a7+;Okjq&tjUi<;pHyqSw2hxP@uzY`t
z6%zgSZ9}Rn{;1uwD=Kk%vXB@n+B85|iW2zmQG<LA-WyJ4FVDCV(FdIjMWUPw7s|=!
z!IkKUaRs6yZ5H#E1FLq>GZ;TNvR;jF;N7gIAY)>|Dq1wdPcd9P+7&`DJ>2EFup+>1
z^6BpmeSZgi<y=mqSN{%&2R?swKB|ZdYVLj0_uO)`wZk;4fYvKwFWyKrYMc!iq<xR1
z(a-(|>@e6#RZVFk1*60K*sNjl9dV<2Tj5prsD1H+-GXQGgY7V|{$&(IW8A46Ju%?8
zRARoyyUE7{_pSdFy&`iESSRHV3*K8@ZZCC_S$<rg!sCrA(9C4;*zw0(=k!6$TJ<Jr
zNni3xmLlnAjlltQ1pnZ+puHsWVE5G)Nl1XBnEhd*piqyic3^lAwM$x$4ETvFB3bO;
zrKgxBLeg)7GU%Y>10G7I<YW50N<j<Ivs_ydDf*aNuPwH@7Nvd&-Kr){)LH5s?1+{?
z6hsPczcDweU869cJn=s4=Fv#x|JjBHVAr}n-9GNfw<cU(&y4Xwv+%BJ@}ka`Ii-AZ
znn~>1b}iZ6I$ieq$s9HcxdON9tK}JN(TN+qD0^i)kbSKQ!IT<lHRUfbDlmOTC(yJr
z$aPj-ZJU2>Sgvb_^DX%oE{iP#VdzIYUfZJ2e|6{XF6-clF~h0i4h-NFD@+M6zFHq9
z^CV+eUnF|n3?OZRx=9zt6KuS4<JAOelc20>hXqN!7$O$WC{ya-+(sW~6HJW&te}?x
z3PEj|2I?e8&nQ)osFsG~1Tc`C>Zau~X3JTU>+=G&RD(k{y6Lea@DSP1FyO6U5m>y=
zB$;Ok8uv$r1<%mA0ZOj*I7ErF${skl1W3L^VNUx1-cG?Z576BF@6=R`$m{1KqZ#B<
zNS7&rn!Wc>+V&e<nP@PBAeR<{oSlyj^KN-9bLGztJD|t}b0!JI3szz-^7US~VrS{W
zVenUV{B`r5G9#*(*$(b7SrjM|z}iJU7%SG$+12v_G}QGjqINXN<|GC!sohx*cr{|f
z8cnCGguKHCiFgF!jOGJqyb7r}_egyhNbUOcSt8Z;b_tQXH4S}jeq=)I=lq=&JB9s1
zAUTCVat<R+-Zwm+l~V?(o$LPaot<vh#bdd~J$jC%WI$>;N(-XKMDJLhjqn8eQ+tJV
za<nuCEZBK>rPq#;^_yoiD%isk8cq|ZA0^q;M`=#?E@&?IlsT>#9_$`$nvAzn$(U%$
z=XsiZO4q195PGbqBepZQk=2}Lz;A>oF@Pg$)Lf?R+zGqLIv3$7rPHO);xpROq&zkz
zrl{g#Rgs?#AUG)$2wF17rEdU|&h{uElyvrEScL5|?AI)}xa6-~i4xdrQ7ez?O_vmu
zI}9X3zWt#B8t`|2LNsSk9hYcWT|8DO6fP-I8fGKyXzw)$Z#~fGzdQG2PSZZfa&3MQ
zl(vYzMb%2iVYSNpP?|p5uhozT$_Fl;M)+Zb>nU;Ej22Vo&F(x$U|GM8|B`!U!ADxg
zbHP8mySX^??m;{n0^J@Ruy{qVN5l)DsBh&Fm-2=T+J6(}p=yRfame-lj{kY+H|930
z_vEkCpi(b`iOCiYv)M1<Cyz`#54QB!+0wQFpmXQMdlfK2Aj4a$TUH?g`tkb_x{%+p
z&Ps?vse?x?rJR!fRME$~cciMd)%*iHBKD*TDRkHj(zYY4O)!6;i*7rhGyJMM0+sa)
zkwL^<IHs2h5gb1>r&$w*2ZqxFwg;j={O?3y%nkZXMicTGG!ZPIChs{%8w0)-U;&wh
zpG|DrD|P(W_LqU9#-K5t!;Yaa6`icgX*;;g8t4)^)QJ|6)61fHZ2FBJH8!TH_<)gu
z5Y#kMY3iImV4K29Xu3ro#YJ=BiD5!bl^Pm-!TD8fqcH^gUQCn7WEWN%HTU023^CCt
zQfcj2(gOC(1mv6x!0n?wEWhL$_QFjQM*adi_~JRCyXl>WB)<9n&MJ8k`mO0DxtH%a
z4<5^<iKbA!ifF{_RmP<*R@;KQDC+gP2stq}tAx!+tOP@ETN;mf`S@7JSn9TjePqXM
zy-u}E$*SZ{7wpy!ksm7vAjpDILkaf2W1@4Kv?mVo@HYXv5pYeHn__#9n^Sk&5O%t@
zexLrjBrkUeyUSPzy4i=?M^M?XN5`a$l_!e5qo>!Pr1gPEzyr16kfD?IxAmiv4ck3V
zZ--NHd+mxn9FB@G=D2Z|wd+24K3I8b=hN&tQ35oqR+=TRBa4f#=M(2horj(EmDhSe
z^w0H&&(U#<Gd6w-9k6|;uYsxDE~Ke~$f6bJ(2=%{!vuYr>|aCrUD4dBVB28yM+kdX
zs8Lv_{#KEYpm61}xQXQ@9(k%06+L&ae?dw7-MYioP2y(?J)FAze&?A=v3(qYhZj9y
z&%A20rG+@S2fflEh`oY^9XM)Px%&C813o5-L0FL~ZPzuz{Q^ttqKQ+<>0n#{(VI+U
z#ZP`=&ygtwEeE@&Og4u!Sqhen^-G#=+PO{Rp@T_vF_iDS)I3ypBJixo7TsiGOjfr|
zS8AH~Fff&+P?7Kcn!Z>V2~2v7-)DAnZ)=+_btYKC=byp`wnMT&uWRceghj8Qu|*vq
zhp9EZz6>@@eV?nyncXdOuy+D<=Ey0o(J`8_koIXsyTI&uLEXCH5b0Zf4o~TPm`pyq
zSwbmVdP3uC{d5z);vv-iSIb5`f<fJ7sfLRWnfIEzPtC={zi90QodY^AsEHw7<<i?_
zziV-yuK>;-I?JWfax!pQ_@jLxlRB*$1}QDvMC$AKh)APvo>#`i_uhBz7H3Dtt!qb_
zZHsfgcEl+xogXTPb|8#fBWU7S7<uSqC2c&~sz!DlTw<74N$z)pucqvTda8R8o7DpC
z`SwI09m0B~^vN79!P$iRAB_H{VynQ(#qglo^QBv}8|+U>CT<B9I@6oLlZ=Vc!#U@}
z<`|myS(Kh&9XZR}^>HHGyFT__t5;gNIhfx5dGustx3lx>Q#!Nquqk3%HFE_|v^Lhc
zg-cY<Q#$gQu@cl(>-=~^KVowZD+z5&Z;3FGX-XIsF-so4X|Yx$vga_A;`ai_z4PiH
zGTR*w6I7Z!S#Ay!N|wK{<|W%mySeUIXehhT;^xoRvvuJ}n#rcy{7hf&>ABY@Yafhx
zYItl=^kNy{`<YuSz}QB{Z27aDmq1{7`Y_qDN%I^lyk-rpjc|6Jcd!(p;QY!#o2;hG
z`Wm;1si5hjOf9$0){WfP?N(jjlG1aXwz17p!(MRQuG$k+G*H<6?LChJD#rH^pDi51
zZ3*)8D(oxHi*DNB6GJz@xZQvKJ(N2hm5d?V^9%GL+v03|MqGpy&ck)6+l-OU+Tf%+
z$`|(gb|IGh#{{Dv$G&%l-5QT)+;cxJZg1;6F{OH1?4u}uR0HoTbJBg__HI2JX1+R$
zy<vuD34$66okkX=Y2v5S<AvIT3sk8NHyx#Bg;gFwgBR0+t>GA&O|KqHasHT_x?ai2
zu-d<CHFL;5potfzIhLYyy?^4{mI-=0e+$tfdwj!|y>f5)9v89|FL?HD`{;VZd@J=x
zCYzxaLH;xR89VT7jeb*pdY`2X@#Au9)<ueD^`q<!1zq>D#XGHs8r5IUn^p7b71bDu
z{>e*18P5@2LfTB}UoP)c?JXp)1T!q9!k*vrtgzTPE-9?ZAWl*TFOYj+w8XvkctaPb
z{Ty1?+H=^&PtK5;xu`b!96)%*AVL9bJ%vB<b?ei7BoYTgkq6~0+3UaZSpTo^DCUxb
zYnKP^h)3puhWCE3&mkV)|EJ9Ws8_y*%uCCW#3|;x*r2!*<>FI;Z%W^mgG){9=~*df
z(+<9Jti*jl<unVow-<>Lbt}C*-ujTXBV0Vr1u$~J7EFbr8P0xLr_#>1$&WK1vuGLE
zUlRemAuq7W*aJW1rtkL5zwR=6nVjfIXJ!`maeUEci3V~7e(rJ=-_3SBshPR!7#1QO
zV=o6<Xx)`hLb%_?9u8K7r;9JHXuaUizS_n&>@kd=@1iq?sQ{kV-filwJZCfDs42ti
ziIe>p#m^t(flz^#$uftG`n%Fh@0nQm31^@;=ux_edS+hSh3*$k=CpnY<y+2V6}rEK
z@@aoZpcSIB+lB3>`IDIf{$xeTq8(bv;YbAqV`O*Ip0^Up&vBioBpOOmouYno;vEB~
zb$OYS_;ZAZNPYumVN#8aWK1Z|0kxj1@Q3cG&*KDo=GuZ{hoP*YWi3(#2FEUFST%s}
zf9v1Y<*d&+j>?iEuG({{gC_{E#~&iQeIBvx8J~`NUfTp6Avx|Z8yeWCnst=h$a4(J
zvOHQ!P+v;UId&gQMZ@Am03*(AA@bD97A~A23@uYkSKH`NHLHc^scXiUMVHmYHTvwh
z!|4jY*bW6_frrs0QcT~+pgVv7;(O}`cu#W}*7PRs*3GKL4T5_B#G=d7<GpR&MBVo@
zqy9&+JHUPkK8}ZLXO39#GEz?@xMWlEr=S6IxLLXK$DiZ#;urJ3gb^VhNJ`U^&wJxE
z@iOoNymZ=I*i+>{P7+pO3c9_k+a)GX^d`vDgjO5j*Y2r0-|rsQY>@|YCJ7t=Edmrj
zyotXoJBYrDzw}c@uD)<YJ}Y{VMGwhvqE(l{Cfl+c98*7=f++T*oI4d$X%PuFYUB7m
z->@}}SVS*!733c}zVKmTdhWpg<fj^A|1(}aymSsR;10<>pS_flBX|@yv6GMp*x$&s
zzytdV`0x}o0LeN|{zsRPkNFr!i=6e=mY6Q|NkhlIj}Mm1l-j>rTG|>FG`QQc^rK^6
zZqZ(bSyEr`Bq^^7!z02}_PC3=Je*3h8%}<lFq>=H+h3s!rsH1cq>Q0yF&^~(Kc>Dq
zE()i4Sh~BryFt23x<R@-r5lbAX{3)X>5`BR>F)0CM!MfqfA81lubI!W$L;RK&g{gd
z>_sq7KCZMSZnh6%B#gTsJ=eC7rjMbcai-!}I$@ec@p}#W0xS<XvKWCQ+y0xoU0<Kc
zYmXW6Rf5z1e@bnBt-q4xctkO;k|j%6HW>k^VyCoLORpDckt5j~?s~qmP9pSt#3IB1
zPB_Y$<PcIuhqTW_(|$n_da@+?+C7{>*c>AQWd?CvT)`W!&X^-T9nS9&9C3h{8e+O4
zt+$8>kO=BOOZ~F_Y@l$g-B-i~)3ueOM412PeNQdXf@Ytvf9Yx_&ZC7HeOm%^JxIR&
zkc~%KZtLU8v_C_kVN-{a(}1S)=H&`hnl6`p*u?M3xGl9v3VNv~3SK0WC_R)H{U9C&
z;u2DfiZ?ZWXsgDlfotC{VB^kb&e`EX{39%YMkA*z8b;b@9+X;ICwPW=OTPLe4*bf`
z|0foYgxA*(<s!*f*AGD(lr?Mx<61j|NQ+mLX=3$fJ&j*FL<>Z1gz<Gl?>u4aB9{ch
zTIpeGXw(BHvd&{;!E6)<9;ob$hD3*$2|^aHA&XIX;;TP04Q(6jyB9B)1?zEBci8++
zL`1P%ev{#MyWm;(Yc^mpXj{H0Tnvz;<87&I(8Hg<K?6>jf|~i_PwQb(>SP}$XW<Ig
zN*gb?oCc<v<B<DX{g?qQ%fy$iYXt=Yn}*!TA61TfHWGf1YKqB?u%C&2M;awMx$8gY
z5&dTsjlYCvWZ*vFA-~MD0oBi+<(DwGhRZ!v&TR1QyR)87@TKnMu3ZA?JTDtd;5Z%?
zHuar6+Ir?{fxaqBST#98!c&#RlLyev42&8hbW+~?rya?l%$9DVi|MzE#T9&Dr5Tt2
zU?d>@Ey`kq7Sv0>FI9hub2})9q2}_lPR6BtfB-%P7(C#_u^<bZR5c(3*N@UNK(2Eo
zfX0`rq3^vW{6tFem{|fiIW>L6w;qp|pb!UKHeqChWJXZv)(hR7JRG9mfM?9rE(!cS
z_5V*d%O^dP>BQR<dgG-drRI<Vz>l3wF+*K_YXv!A`A;H};cz?(`p>VV?uULFUDggS
zhUD`;maE><Dq%$~25kfy-55F@I<9J0TlvJ(LxE7QzLZ4~4E-ytlz->MYof<HQJfPu
zh^~O=Q;o9&7un4ijB6L#tBA^a#^a9(%R+Yw7o^btaaZJ95Gcn3@H@#vnm0bn88sK~
zO?x**WgtK`hNI;NLqAjqDrid1v666!&IjmA_Khmv`_j~d6N)>K&*Ac{FwC95al#`|
znn55?KS+<c*r=H~I3fsTgKR?vLM!9oF*6Kg@@KQbD*=}HFe(E`N@s(P7|D)g0T-|O
z>-Zpw033Y(pmekUFU7QkiY(7PWR7=l#g57esbqxv?$%hyrI-1R%F%E+sWz{8<ZA)V
z8f--U_RzY0<}KiX?9z9H@RG<wyl1<bZ=%^joaF0~!J927Hf$MPB1{8|n>L#xG4Ue%
zF1Eli3s7j@a&}9qpQ)9<MXp6hPx)tnoqQACzCbF=>gHZv3wIGg9`0Dfe44l6n?oX`
zqL*S(-V%f84md@(aC~igeB@$2AK#y~;aK&(fvAoUM2xa6(pY)SmW8meG_q6LlaLm7
zmE+nq1?RiDxC>s?|Ie-5$&>oZ53uYQf8%Z9;TU|&^)KeW$xMz0H7AqM-S4WzmH0kC
z?`ESJi7*5e8_gNvRf;k3h|ii@*86j<{ijZTfBE3uEX2pGhZk*>@1wGGEu4#u>%Nau
z!;d*~5@mprQ0_eo`8ga6^QC1reL|0;&-1=!DU&2~e82eA{c+SbCHTarz5@>Rf%>3S
zn<omdUg=ltS%*T2&45N1G*Smp90fDRo*%M)v<ZjW;iN`F1fPB$PMgr@*VizhKdw_z
z)M*h5a*X{yFGWTjW!W88;zpQ3#d7cRO);EY#Wo>zkXapP21<m$WBgcf@lE%k9)PjP
zDzBJJtxt~bbq@H-H||l_qShmgFxsg^wk^Z*FhfTPML%iNH$E}`Rn}cmJ4eX><q_)A
zjdkFj!b|YrwTy$n>w~3>t-Oml<mlCUsvWzS@}NO1*2<m0-eW<xuW)jfBI(;<5A%K?
z#)CuH0IVX_zc~&{gZ}53wD?<gLL7(M6M(QN3bhTtc#fGI2NRx@;OF{$OShZ;dD16S
z4~sD%nKc+L;BH6*@55PI6_+1DCAL_uCp}E4t6F{kXs(Hm6U=yx<{-ANyz#_|)GwVv
zY_(c416QHnYQSWI?_K5~H5;VX@zb#Rh-A+@T;qT!X&R~#?F=k!JV?9?a`*7gPMv=q
zP55D89kM9Xt0mRm$jsY19h=1WX>=D+02x@#Wz}oiBtgrJGL8y!kD>B}%B%q-QXqH)
zDNS1<I1N^_s$x|5;DSgrD(t7}hF_^Vsgg78LV2Mg$RG0jDffk_m}&>L{!UA0g7OVC
zEhfl%8&(eJcM;bHdfDc=1Vex?l8qzi8%ifrL8fK@`3WDUrn*@_W@f|b7Ep7j>Cig6
zsp>G3X_oXA>8AmnFO$ctJ{U-sT*fi$%u%9n45BZmRn8&<&1}HPXf=)rm_8eLr?zD>
zJ04lbJ{0^6rr1?7;K)<up_W?>qDx9c8p^wB;sjRMfPLUi(3iKJ<t-pA><KsV8^@%n
zOP}TyY<s6ztKw^7vgZHbT1V@ukf4Tv-sa|bo!kuT3t`FS9XYl)2V}Md69G^#16dm_
zW8Rk4+xly>65QWIn`5;QWsC{3HI%J3vmLIx>L$SKmnuw7Ci8aDFOs4Mb2QIr$a}HY
z(&_)*7c)oM`4l^Haph*{V$+UER^cJjzSVrA)Y_<s4i~U*)scvbhyNmL;qqUn-2AC!
zfoUV>MS83N-Jmqy7Mhk~y{YFfc0x%ZVKzR~gpF%wyOH)l9=Mnvvw@Q(veI?KF|&K`
zq}Fu@P`nbSoPMeJ+t%XV*h(=Ao#IDtcjg@{8j_Jy^3=)czdI`%v2dRR9Y@o8c%7;G
zrZt1GohSHHF<^$>zVmL{UAe5L$-I>fQSZK255tZDPX0}8C~Vo(eKk9Lv4Gm8Jt|{8
zLE{6njejuLd8WD=MeD5B{LSb&4GwcpVZ6s}2}Vr!OS{n8s`zS;=%mE%K-<&x-s(+W
z33q?6;(`^slV1rjWE3c*qD<t<pEOt<AegLZe}d1R@gyQ%Je=nEVP%n#1*HD~rfDVQ
zphBJqP$7@xm%@Eh{C8i$z`LJ&qRDJUdp;k3Ry+w2>Cn>X>D4y)$M0B&)vagaJ-<{F
z9+0tqZ(jsx`=IUDG~+nflMqN%6c>l?Omu~hiY8~>g#spuqgaw;ai<wzkOuS9f;W1T
zI!&&-dezO<p)df=Sq6Ta0xudgS!Xs=Wz$EuRo*O$8aO9QLBT&~dQGG=`O_aIX@0AW
z5U3)5{ftL9xTAR^7sMRgJ(qRU@MGY}rD;E$07?pOOV!2<%fI@Fs_SCIJIg%(l0o0l
zs*KeHeJy5de{rr)$CO%{y!!&NH$PuJG;;tVnUv{R(Y$qmMm?25U^|9lKi>7*mRRTL
zuo8U#`@40Z5A+GYyTP^24dw;)d(mYg(z=po1ep7yu^L=Z(mN|PX8GyP_Fn#vLSQ=B
ztUDY3JpX%xm`J@J$#3ab&&G5TwjaB0LG{n==}vu_fZ|9sV}L*sY17ij&^7;JW>J+-
zBr&1>Xo#q=3TsM4)r~w9ataPMgKX*XlAuFR-evY(k(qu*yc?V>*9iMO!mltUh)q^u
zd9mcdI${Q|kr#n6gt%oTN6-+-|I9AcU}CD{SNTLn&eU^d2zq0d0%)ANpQ6imvjMnW
zGeRV%zY^Z=s)Yv3gP8LR*;7ebc*jaqO%>aAYI!w4@&$zW1SScP3{z!!kUae~ar*+y
zz|B+O{G|x6?sh0Bjj7W#e6jB=UsKu~QP&t>N{iQBKkH@XMN?O>dPfp0HN_Hd?v9SF
z>sj(Xi%qnpg(qHCAJe;Qa|~MbuZSRZ2CC!0sOp1DM^j|+s`O~bLBV12j^m;bef7#R
z#2(Hc&_{6sU^<dw{kxzP_ZBIA;s7g|F>4nWFQzOsQM)W(GQxvqwgrgSzirq0y=_Dl
z8I$|yR%pGS{VAzCid=(jfB%Z?d|al6GWxySqF~L^cj4Nd#hCx<9sL4hn$D%s9+-s*
z4U{~y($2Rs_gJ^OKztgL`C@0~U*TofcYvBC;!*WH!4i!zvb}SIq16v>uPNoWj}2h5
zfNr+aO6FKTC}!jWRc^TXl0|8HzI2euRHnugf3ziCDo0wPsA`tG-8bSSUZN%k7;MaT
z+QZ4x>XTcKjzzCzj>-S001nkrWZVGMlu2nL9tW6{7$s_dNd@pDG6}O)_>9lnjN|Ll
zIL}>WJzalmV|LyP@%=V3=o1#?9It>)LihEh@;reAwqr_S8Vxf-t+A@>AF~$p!A!5Q
zDlkCig)y9iCSXBe+*oKI%uHlZ3$@>A%QF@eN*jEWmF}PHFkTy}-dP68{FWU?R6#&o
zjibsFLCp*1q1zZmpp`(=g-X*(I?W-Q-SRV4sb1kVQ%>avpRyTMSa;EL(k;nZo#iq|
z{E);~C4&6|hRH)R_2@{O{v{4<jw4}VGVtJU`7<G#;2Z>$l7EZ=C}<d&=s{{$NNIc;
z<4s=efi6OHNlQI*Zw0OPC`mnN1xZw?TXKG8<oJJk1t*U}3EHdJM9^NrA|}};p{GPH
zt>>IR`NK#?o#7|NLCz63`!^VPt4CL2<cc3`jM3MdNb9%02m_Iw!N|byfvnD8BEs#`
z%7QB7PTId$x2&t%)o^FlQV$;e+_rwTS0%hxnr5p6Hq*S@zJ|Fy-T`Lcrq)sx*?@xL
zEI5q?)*@&D{O$~fg?O3EdQHz4G-L@_=>$$VgAst~0#BU5J^+$Blcowl(~3QP8@m$z
zisEifo|d+yC73U$)<$<406#UvAIOJu5mDTXZEt-H<4HaRu{0Q}_9;fUtt7ABMFS<w
zWJ7|Eb3R<n{JOVL5+YQ#Eiy+HB~(_Bkp2d?c&5Vy5f`24IhzrpGlLawSPU~DcH#G^
z|Fcv9Hk{EC-(Zrwg)!7+754Zgf)BzmqyKD^4?~vAnLvOU%2Vl@W+;4~1%ZACuE9-)
zTuW;mJX0{_RFRs=18hB~0Hsy(6_P82<DvxwGjtvzkD;sr<_(p_Rl$LoL$q}z<A!fZ
z=v4u6C$LZPtT79NBQ&&KZ&5-hGI+t%0Fe5i=h>v2c*_|B8uQOIshQZ8Ys(I2DWJY0
zs$mu0Kf0lc{xs014vkv+qO(Gz(aBKDrb_H#kJ%nm7!rXM-F%6XzD-m{`tEGm4+_oE
zo2*9T7@5|&GGgP$#uDwff!S~~wXW`EWxm6LlpobgU#&U5%2&}5#{jBTaU$u*?7m=S
zj#RLXY7k}^-#C7mrNI5T?$X72$DV9yGWbjy3@I`E8B53zTOcftw*DI(@mSSAHltJg
zYJB5Q{pGhv(vCetR?Gw6x04Z=riu)R&gw{9k<c_kB74rFLk{oeeq`~;v!Fg1o!PS)
z&Ec&=C`0FVL>uhL)v}o@HXETfnH&W9sA6tl@&GYHY}<9i##l{n9*qg_yWQ-g(e()X
zHUPT{TclJwZ&%QV)O*9CafAVTt#JKU$h&sHl#9-WRp=htm^&y|*`<i79@#VE$pb5=
zKQ`0XZ-<GUISyJN77Ag=jU(n9g|e3L-8Snsb0ko5?AbiFiid>)8x{?rUzgg;LHOtf
z;E4IJAV6Bco3{LpBe&|eIu!`ZD(u}BLr%64hKg6VU&ju~9VNbXE42394Jlqlf~}Zt
zL#bDDi=2-fe^zQrR_T1aunry+dyLJrN@JP$hW@Q>Lvr@z;0D|uX$oSUBnG9;34sjD
zTDR^-lH|z7L+e7kB@5pYK-aX7y2;QI%fR4jiVb5ln9i50REze1c5b#K<XktJ)>jdu
zNK)BW*2Lpnv4}(xD7n6-Ztaf|`LID<mo7a`ooHJB>=C~svZ}T5&mF&yTR(E|w7DXL
z2hDQ7^`_jZ*3yAYMd#10wIK^Z&Q{-d+SfGS0MKr{(=45Enl{vG=P!1BSbuiU@7$?x
zwi{3LtC60Iuv3D7i`E{P{#Fy%c9#>_hpT53xRSw>gO*T^%72V}?)TLR#2tOVxuf+?
zLTUQ^B_x1h_Eq1$?e)%5Fe=aHR!Sd&fgjt0Nr@cs`y7L?e<^i21^|*4Cs#Y{=gz4n
zVgzyy8bB1>>*1jt1MChu4mHELpir2Ktd{QMU-MSXF=95w4qZ&ST#`9n-V<*)S&}S7
z{FMoAD5{A(bisJ6?H!n?W5oZQk7C}KWp^AZ<-Z9k1|lfcj@V}`+jS43vBuMjEsw<l
zz%G40@5wITjuBj@^^QGLOy7KL17Y5NGh!$z{>n0;Xd)PlW=WGGUALX<-@Va*Ce-Jo
zPG?ufQ#9p9tEAQ1<BM};?h2!7Wz@!{Qrx2<W;Jm)@0is1k0#>g7d{82ZydR0plPK1
z@U{oNC_*;sVJ4i=ECS%9o(eS{^{EkwzNq}@1$`H3=Ysj^>{je##;FvuyDc#gVkWey
zY@|InqJ4SLrv--qc1A;`MNq1<60(~YF)<*G*xhk!oLcg?L`}=%u@dQ;b)+z|v%c59
z71AHSfimNAcW&x)6by9=4UM>R3|fE~>ZXSfQjGX3*nr>F@q;2?F>e6Ws-Od8kzHi>
zEh8~-cq+kU^od=hI_CrQwNMxS(9SP$mc^zqg=hS_cg>TGYiH+2y)CwxHsw<-8RJUI
z>eXvp3DSV1TvbX6^q_CwW(soA+0zOBnvGPD`yc!=2yWmUW<-n-8<F-xoBBPo;OY@;
z<N=MtkX1-6pEp)$|DCy?uNzg~EVn+C49YvAgEIaC*iVk5yQ)v=!kBSiq3u_I$a!zN
zWW>;Lyffap9#TrG#%D~7+{DMFv1JHG0}SoFaRyTlJVGm{US#VDg}f${G(w6|su&--
zx1JXVX#d(IusrNX+XKY_CDL!uQzilC(wbtGOrE4~AAgaK1jj-o8EZlk;{A{9_?ejf
z=uLirmNV5_k`zBX7Z#Y4r@r0LaG3O*)j-tvQ`qvXw4<W$N7fU1W{|6S>W;MhiD!LW
zwqQsbSy})`=1h;HLJE>wUhVG)SXzL1rVz5*BjgOgnwAmzN60lg``DJJc9kz4rJ})y
zce)FlV4-~fE?M5^!ni#OW6a1XSm<C3NMt{}9)f9S=ozx#A}uwZlcT=;1R5SKFr0g^
zyv&Lb{xVUyfB+i4#7@f{3{Mp(!>jz--pf%7(op{C&hm~Br=?3|n-rrNV{$dtA5eqR
zUbf4zG8}rJuOv33)psKz0aYYaGW<c4xVA*emHqcEfSTjcbbpCbc8(BIMsGlDfS^29
z*mx>JFJ)6VSZtLoyrSQ~Qvy_d_;?MVK1xU%`BA7`Zm}wo*r>0(hvF;F#YNmVyQPzO
z;l3PK;gZ#}Prp8|0AMojb1e|l;TLLUdqPzeC1!~6BxvJHpsC=)vX~^a{zL)cqT~pl
z*qj^=fd=4$iWu9U16{1cDF#0BKpkOV7L%3W8sUs6{X%q(#2QhNq#(j6MrcXd!2BO}
zO1Y+0ezVLI0kKmg+^Q!F@-03+4kBnmLg9me<z?X$KC$Zye^|HrLnYnvJf^ZTEO6E2
zk6#~q7mnMu>OZP!CLbCbp8h%t{3P#>oHCc!#;<JoOXakyREG&(`tA7L>Kq>?NgNG@
zY}m<$BaPdkS`7!mnZzGA#T+J--;eO@8m@6VKo3zFY0pxbi8<jokNm2Jl$L{(^8`>6
z-2Fej2WqB+`Cqc(&hn`_nD~Jg88}hC!CYtGBgPI5#qnsc4i#k#2skGiG#$M>d|+|j
zZP4e;HImo}Yh<sT*ghc3HpQA;Y1u>W2w?>TDiTd@QPR5Msgbj#L;iJ|B*AG!{W2hL
z;LvAsbP$V?_7F4yRg5k~*j~n%ziJ?@x|z{=;QrNCQKAc?&%C8dE8DP7lRLpZdvy+g
z5*rN`US>_`1wxJvYT<+yvGh-#S;>Wbj%MrTeAv7<dZV4#P|Z8Ql$<|e46zbi{N08m
zFc^X8!9qmH4Qpj45$>JRUL4+G6B<i;a{!Fli6i+=F%*ozKXy;dh4BQj`^Il}$743;
zW5Ip+VkgjcB^sS^Ri7hAfQw=q+P`f<bBoVjv1Ie9{spaoTnV8~rF2QWEoD`)K*^y@
zlR`ESB6}w4avQkVNb^_ZL3uLP@?4puj!NCmY&o3yT9{OF0N-(A`bp@WMcA5=O3;9R
zHNV9eq9}KW{?scVPR>_Uj;3+j3X1!5(D&!UQal|NX1G+;ZF){)BT~%Ye4jqMdI*db
z2bIsKgn148j$pLPSk=nTOb#^?Fdw_|gIl=82C;}s8OdgD;X#&_0Qrw%<dEzJxZ0s1
znbw5$O_=c-S|2h&i@;ocqy54@4W(AXMLG?QB35Pv$wT-*M8Oy2c~5#}&h?8x-rP#7
z>~8I~KB4g&y}u1$F}xn&YjD6ig1J1A|J|5xDL5<eg^DI^_26ofd1Cuo=U9wxNeQ*Z
z=U%%SSC8gI?#JCK;1wIg^k**&R@=%^e<pG&;Al272+|nE=b;0c;9(owlg$&b?D-Ii
z1Waf<a#TyQlQ;he)VXP`t?#RFj&a2kcu+}a^`m5g)5u=bvkq`6=#=~ez{ZlGAvN*g
z`iC>kJGy9NnIkFClOd;q;o=t}htQqNmZzN|c{C%^0RR7vJYPt#@;xcWr>p`Y%4yzQ
zA&F(-r3gEFV=0LM<`EKE#jUGZ6Y@(|zZWLEN<X+&HJpjcwb6tXMCXS?HPqRoujBQ$
zZz9NREW50@KW(s`ooY*7D@+aV>aP9suWG&U$I92%FZFLe)s_8{bLo?i;=E4lW#GLr
z1fY$kMpi=CPR_oQ(hQEA_zfTk^^ss*XIZue_G7o-BZzC!gfO}UQ6UflLvyoxs8k)8
z|MzsKm^{oa154GrVw@zK9EO`DTgsy0+c8JY6ITGg^d5T$_&Lx}!{=c9X*)Z;J4<}#
zIs1_)>D<dny+qbYG8f>ebLb*1wUyvxXC{1VP=?2?@LkE&aJYJQ!naoYN1WiV+7f03
zw+ajB_EF9%>r>%fA9s%(pLTxO(dN}FDc*^TYDS&rdT(_?KRDjN>n4@>R>fDtmW`2J
zli)=?y8xGJ5J7$eu(4ifNE`wdh=wrJ&OC{v*g^7Sv&vzBXGgcRgaCGk9|U(t)Bo6!
zorg}<V4X}^bUYF)2|?mN1eF{IhDjkq(;&%tC?m@VqsHkoMJ9cMHJnYaw!WE&?<!~r
z_15wM`HD(pOq73s&sVxDx|KAKkiz>i#hm(IsI@Gsk*HU<@FOD>N`7;VK72M&mek||
z{9vah8PwipXD0|ja>V3ng#80LR2Bk6j5)^93^IJmT@$pJlUJg84GyYX8AC9rv|}m5
z)`PxP{WCt<r^JmRz;y)FK7<)in}4?Q$%={viVnbX!Zm3HmG}N?O9W`YSm0pgB^>K$
zbPCn$?iu#pineX*C;{A+N-fNFGjml)pz?P%bKHG*Y_r3A`?4$!Ab7bDsf&IBY&1g3
z8uoLVd~km@eZPZ&=7qzFZdbk#a=(eWIqI>Rd4<JWPw$2BEiC6ME$!icHF{;{Pw=pc
zi)iz`!<i!SrmdMjI_unx_JNQj7)4TS&maHhOL>FmHH!pG^aG&jBVkgM@&2+n+1j~7
zSV+!mrUc38@C)pUuLySv(g8G24uKxzAFvVNAo8x+L>p3OXSe*q1?+Ib8N0u_yR{f`
znD*|9YL9L+fcc*d)pPT1H9%g*JGlp~O<tC8@>U?cg|(KRH+=l)pk$i2r3WqZnc7eW
zP(bvFq~N<TVZxi*`4WU(-4nQNna%toN2$SgMVH%r^^)L+Q$8sn==u^3n|rRdR&RRE
z57U*{{7&~D&)*VN^HTY#SlfO;J0`Ccdw0Ju1h`a{IW#QoWPKNr+6_{)%m}ibqB$E+
zGa;V$b>&WpK7;0ICeZu*2W%WThyZe0$Q_?Mz9Q^Bf+{cKLK&S}Q_QPd^pX{sGbV1!
z9$O9<=%sm@Bh&tN2@0AK_kduBIn)l4xMru5mRP=mJnT|0-Jy&vAecO9qxbOe$a_XO
zbx$>;!Zx>YA-C2KD&BpSipA(c*^y9Rb*}ZHknBHLt6l3HFG<sxT?+(^O9P9Gcj8T0
zX3|a@d1-g8Z3D158%0v`M)rM!7c)KuxU_dl{sCZP573bN1dcqKD00;Ctd{=h&UDn(
z<Ik<v?A!?mpjYH6i8eC+=hijvnrA&AfM;ACGY=>u2~rD1v>>$*A*KMXmw}mUOFN=j
z{qO|Xt`y8XJLLt~4w88~d9`fURF%%dc;nV_&h+tdM^^Ygl))_OR~(Y=N*wl%IcYk2
z=IA3IDzZacYJJZ-UY)H~*vFu7ywS_5T;izu!6$O!VIarm`8dlg+%vnWD_yIywHYgZ
z*#t|)MYP-lBNZMBy4Mzii}F3>Q}sZ92;By_Bx5=^Q3VaK{1RY@A0SpB+Ms3o$3^$o
z%3A>=k>1JosBQ8QC?GDnY+`L=;DtlY7M_BGBIo0wGJ5yv9hb$189aM^;Pl1O_H^(<
zt?-&}6QDF8!t1Jk|C6)eP1%>v+`l?2e!dFLKre*XfErM2l3Q3F7Afoj%|pP@0Ch_d
zz2}PnP-|=6U566S=C!9HJ437^)!L$uq@v+upIerQj!mbTMnw{G;p{xb-y$=FT}R$;
zfgT7*4_>tUopkP~-@^q;I`0ap{gZUAPi)~erk@N|U?k)Lxm}=HMGglqJoZiCL*6&=
z4Euj++?bVB{am2{$TaUPN0l~tIGovA#?3qyQ=P^EnT2`KYtCA)tqCj!$o`*OlT6+Q
zl!W9pwHA1kzQvxb$#|`~n<P=$U<0_x)aFX`=&XZYEXXoxsD#psZl5a%a8l2cgubX%
zrxoTL8f{B4-=x9B*-ljJ$1Tl<Hp51#B3g1xb)&&-VHorPq|;-VwoK)*FY(eCVLnMF
zn#=W@n}gmdMd^vB>Vnf^6zFWDbaI*Zzrfy#djG%F!9BbPWt~!IN!Suc8?p=^4@r5?
z8y-$YFnc@Aye=Me+zTK%hS2n3nYVR`$_hvKk0V2eGT0o`R9=hs>p|HG0|5BKgW>@k
zJp0RVVF;ny74F23Cko>gTDb8K&n21aaxhWi#q)G<mNXw;mfnS=CMd%-Bu-QL(PC90
z|AIChXeu_&j|>^Wbh^Pvm)o?<;_LA`x*-1pQ1?s3gNm?o9f8KNY+t2vT@z%pFO@5=
zB{DqWSQ<&b+*-wehWs)50KfbHL?@Q^tAz@GE-Lg+RWBv!RGS8h(qav&ElWlWIhQ-_
zN-kj^(_(W!s_PcCVxW*>pB5^eA1qfYs-tgSq9*YjOxc!?Z*|OSYb{wcsXWfwOWaIt
zGI~PSiN~OLwMi=OXq1-{r5Z>_uN<g}Ny^9UxlVEMzUL-RZ9<a;(8756X04}{g=Ao<
z2Zx;bBqbS1YT1LD<;e0}%pKM6XGqL^ZEPt{;7UJ2b}Hp>4f_LnO3q?)n!CG(pJ_K3
z2PnpT2Nbg?wfiIva3nJr_0go<54%eo{<{UBI6PKa-9*W4E-`qAUVlss#ng~9wk+`d
zD?cS5Ho6^J>~1Xmv;H$})=PV(F20Q}cc}ls7v7Zf+ol_2PZsKKJ-@=0VsFbJMMVNV
z_auQ}&QN=2i#{P&ind4L<7-XF1@*x>zq;L0;+xD=%>+5PCCwWvCLhDqRg~Tjr-~&m
zvWK}E527sON-dgI+V!y!G{B60B$y~sp|v)^P}v%GgJJ9Z3V%nI?5fV1T6)2W?C!RG
zviQQ@6RFMZr=3!v4s-pw0?UG8OWDd@lsGvJ|AWkvi^W8OL*1dVmanf!ajIKr^1Si2
zaW|+^bKQ}#zkxWRHVT~C>Pbm8s1WYaT)m1C9-~hZwGZ!ZtE&MR1Mg%;^gEVe@~0h#
zw1Uro_q}+mTPcp7LJ8!MWyxVk>tkv{RT*7Kl3YLR*4y{q4}?bPf^W4q<ehckDe97I
zvQDu})w{oDD~y&~1HLwd<03u|Uiw@FW=Tz}dz`WzS~2rkc<>Bt82~54!EgxFG|my-
zUyVX^JqkQf1=CU?_%e{%LwW9r4IqIK5ugw(m7$Pa6m$OCc*bY_sIYqbJn$r7@dWuh
z;_-uKZ|#gzRdHzS6in)uKpi@3#pY_-yBqg7I4appWQVLJY<g}#;iq@fk!**0w@Vl{
zt^wKLw>~XTs)nV_?}+%+bpyi?o#=`OMm~&-6AGfRi2VUh*8-FiF12yvMkvt_fMHgn
zm2ETxufuL)e7oF5Noc9@e{PXPVQ5yUFr;9Scc<hR*&*NL0lk6DY+ksQ0aSamxIr$r
zF9&dwo9pIsEr}PIz9bPx)$~Sc2p=Z+Wv6DSYl2u)hyYe+$KvVZZnn2GiI3OMEUQfs
zdVx%LpPt}fZ%8Ic;StyS-&=9n6L0<S@<anFM1t{SqkyAhIGnIc{E)1T)yrn{67$_d
ze#ru6MS`Bm_E2bpGP3JLfmuwC|JKH8G6U*`Knf*1Fg*YC@zg61y=jeir=;J2jKqs&
z#2X{7_yN*~C*26eDM+w2><{RHyNxAX;2=?5uteT=P-hoT22Y|=?E74My_KiuE#Q7i
zAA)i6&&;ErrC8`D5vx*blP|@bbO*>5Fz?J+qP%3;Jz76iO-@?FQ(5*yZ%xO9K6$V2
z2_KynXUFr@;XyA2@sg@GRcgV~xD`p<=^!a?y0}B}BY4f5zD;dhy?<{_w_MBrjzEH&
zNrCy`!@)@<skQhEl0+Gm>geke-LU_3;kttk;#+PebeIkblb=7#a_2w=^%lS)hj_tG
z#GhwNd6^k}N1>m~z8mZzcd#pUFNDO~tFMOfYwEZQ@KVBzQAzL22g(CJ#*T9{K;WMO
zufKWsa1r|M7f69GefW_%RgX}8fAu9RhOh9ECw!&o^tSklDy7aoG+tPYR6kM!(Ix-d
zk0eP<@*GIwvBv}e^3_%#JVdz721hlLMtEQ|y!lpU7C~ESs;I;GCC+Q`og6V(nvRug
zkYr|y-WE2oYcZ7$L+5~-kaA2Kz!IjM@fSI?CMG(N9Av6<wH5oe-NRRpd1tq87QEwY
zu;O04@tau7?u}HRUj9XMAGjbyxUnXxUjOVl3+snoT}BLuNoTfb@n8!3g5H2LJF!^)
z>e!R}#h~X1bP(f5)IN$QD2QM2xIc$6b(=$$Eo3;gV=}rvvxY@>p_oXBJAEYiFOI1!
z{*Abd<OTI(_K~@)cuD;{xMEv5zO0hJj(Eu}E~%Uno-fE|)h3WLg@p=6%}Dm7)Dw-q
z2RKmN8`!s$#n}(??2lRyvQxT$oo!z$F=N$fE7fo3rB75SBJpSUv0JTaL`l}K>yKu2
z*1fBkt<g_!V>#x6A#-E<1nOUB0r57=_vpIRWn0?DQ}GL@F5G3Rotm{7#wqj*wMqjf
zl0t-q6bxc0;efuYifaI<ZJbA+SzJr*A>bh;jsaZLlguR}&q#H}IoVOzRB?l^>&_F^
z#Yf)!vlL9ue`PO&`Ye2;k7SczAW}O^{m6`OK`;fcx?NrMRYG?91$$Qnddg+FLlvcJ
zO7B1qk+0n`dtLK_THINnr83TXQ3)>mDKPRS2J6nSc$s=vL{wdG=%YVC9goEO%D3$x
zo<Vbu&y_U5b$20m4Hh<9$4=6pC8Tyywwlk$nOaWa?&<Pf%)9}A1(QH-IR9cpE5?Rq
zT5G`LM9`btV-!{o?z=|6KncjGMvumTQDpqEi=4oNyqrK-ls{+~EdGE#i;VM6BNc2}
zK!uhp7(!4$h{K@;AnPJ{qPErmjre`QzgB5RZJ=+5LLw=*$;0DL-s%XvI_Uq@|E)PX
zif;jcCu9`cJe|9bEiKM0et9n{aESNB=SO0U27X)Tu822j!s@;ErU}MtI~&idRkWFk
z^LJH&SZgLMbtMQ^-e*;VN~e|HddDANWIl!hOqY`sq2~OEk=YgKCGPo;hpyU_aSCjY
zOADIS3vE2(e2V+ZJoeRpsVfxLYaPvs=|hJqGh|L`oI)KX5}RQD;5@;N<JqcIAk>kl
z?S>#15Fl-)6(H^Ui;{Oi$ZmS8fSJK$=-nHiRX2w5Y|CKFoDbY##DozN69@deyP$M#
zy9hW4{R{(Ia|EHJYT2mki|!|2Gr~8B;@jc@w9|I!5-W)B$A#A4H}Vk|NyCckN>$&x
zYkadPX|2OYKX@O!_Cu;jwITA+VVvY_*>w~NlG2T{{!!H=^_rEbmqY(ERH;>u<Ays+
z6$#kn@VTAj>u!gtI^aBCzSLDnAM#zE_7&N)71w8yO;mqZv_Igp_&plfCWMdS2g!~+
z*3A(d(E-ms(MDf~6s;DEO;n+OO331d^!XrE<X)ZSZ9<#tG|dgV&tVOS@(b&!FB_Hn
zR1EtqD%|%TsNYtM3z?}r;Z9|-S(I$je_8@aOx`mtpxG|f!pB-%#Y@6}XI7{c^|*|@
zLe?^aruOutmVTz3TgAUjct|%CS_Z-SQzJdP(v)q$b%Eiz04G*8CZ?4A5IIkpJF<0Y
zzu*2TH;$u-66XlHOXMzZKJ~fcGhTo+L)ZuRmNwOFYlh6U@cQW`EP~TfqT5!+GD0yx
zMviCN^;vtS5F?R15;VhCm6T~@tVrlOR1H>$jF%H+dL`leuu;<c9R0VLZwfbb&fi*<
z+E+WW3hxmV)gcj=?X|i}I149xx-+H@7OUaVh|^K^G1E~u|DtHsaN$6yT!PS%NY9Sv
zj=0EuyF-pmpd#VD0bzJY<)kOT4*cIPez-Hi$Rj~d7r9|CnFRTzoR3|oP^EsrM1WX%
z32yYq@+1_igl;L#w(?SJn{gsrjG-ls6xn_hn%Xn+wwIzyK7!pb2kchQM6qt9@F^n2
z0J9|3?8H3Ua699l`%kXHNFv6|^#m+7I6sHw63XnTW=?4VMG`9;_9TiJ$xA%VSk&(7
zo193u70$BbD29%s!OvR2wO?NGvJ$A_PZ8%-V=;MQ7qk%vd9)F*U;m(CVR-|Rn~lZ>
zRR#O9z&b>BY+&qr{&24isIDt=ANOU@Fp>XqXX3jJFeR_W^Jt3=sCQ$n%IdaX+5yQw
zm*?H=%kKUC`pi*PrGIF4Q+xxp>GY67F3Ncl-{(GzvO1dO+}$?TW%};%=C)EN<EY_G
z{wU;|V^MQ&+wzdDO5}X`^R>U*fXWu*ZF`aEteRb4L&vtg-yp4iEzp^BNpNQy_fG!D
zqC!l|ScqTSy%qo>wf$&c?dXI36&-*sRDBF91&Ek2D$nOz05|UG=IL$KfVx7306gt8
zyJ9%;8{&um*&o_>!RMn9r3?2gqg>EZ4&O6Stuv!@YEb%kcrj_&Fw|I7WlH|j2o!V^
z9@0Gg^a-FL`4Mu)FA&0u7j9SPy!QhW>dy3+XNF&2t{;P4yGLnzZWpzmYx4mx-*Ma}
zv+?55N0DX1FJco9@?sNVQU0J|@G{|__jinYB3Q=?azZnxm_1Sw?qyK1jnT1g;oH!N
z<AeUG%!4-2cSAqt|5llNledo~CHmbgQBt`}WhV}Xbw@{AE~<7rW|i34yGw5Y*8G#U
z4XH~u1qXoLzS%{#WwPZU51$)j-tvbg{r-}Lw4%++8>=X_LK>GWO2Z0ll=pOgWOzmG
z4h442n2oc!SS@0+jkbtcg0vNy($+&thL%-7$$<w1JUB2X6YuBnSBPFxq66wVcq4d)
zKQ#;D*3vEe;|w0s+hysTrL)BDTbk)3<Mn`1JMaPMfwiWl<N{pO&9q$9U4Kz>6I1zT
z1c=xSFxfHB<Xy(SrgTbjh?o^-pr;+;KXK8!H8BN=3xW6zI~`C$SDl#!F)DY7p-Ek`
z?1aNp>DG}?9;V4hSY7f|CUA4O-Ft_=uIW0AxY`bC#>ntEq}7Oyd;&&8lTJ)-91h5z
z3`PLBG9FU&s1yk)`=DK~t52#7Z=w6q?<lLIrv<A`#<LaIj;DK%)iah9u_%jpDeG2W
z$sVuLUm>zZrE5>$V{z3ZHU5=r(D!S=5qtS7h2Z&nfJKzzd;SlWAnVSQC1R3|X!$+%
z*GW83OD*dyN8EtDk*`GARKt#gc`Ji1?U)^a)MZZ4-$nnEn5hMWD8*}W6IYPLa3))o
z$%ZSP*BRiJiq`?fZ0EJ|h|Fe=ZBrvun`}Lxu0~aeRPXYTv-gM9z}zbms~zNiRPDFj
zJI;O1|E%o7m)U)j)O;w%NgMN=So)f98NK$^zHQ`V_mUzTASUH#25$TW;Ft_*9@f-E
zo6+lPmp~wpVQy8^=xV<O1?@CGf@474#>;JDo<T+K#189IKa4~?_K*K)xt&-ts9wo7
z8P!?ToW<+f9uT<J)7<QphJ5|{sN~B=Lohs*Jd6bL&w2`(3bJNl+Df1)$#-IGY=e#<
za2}54m)B5c0cpxU!W*5}Mds@VHL~cOpxYdkv`g5HsF$e@zUDQOMj_rw*d{+ap3)L`
zueQ*jA$y(4vtRZ=hnAf}{rf%o{pg4^-UqkfW6l2i*<6?$l8)&WYq1g}c=dK*Q@ZnO
zHUny3vw&VE;UX8c&%sq1S5@78j_<Y4+JaO~B!k;DfTo8ti%5V2)ZMr8QnHf+l*rkL
zpCG9R>Y?T}sVdP#fWxTNs$2;S4(pZUHZ?zl$<1bp?5V}^jk(;w`{$%PokETG2vd4~
zIWkw(D{(|q)nh@-&0R__w$(8UkMVBiWJ2p}nof-?khzq4?9l2bNyorN4M9YZ2E2)k
z9oVuMJMr^iHV8Ywi$f09<qwq#<OhjhEl+G$E`kMAv~7gY*LrRM;4`iA=wZC#M)x}z
z61S{XAKzZOal*XUG#AmPd_<Gx^_zH0Pdm<#J52Q8ym8*1pM|a+wo2sD$i1#?U3+S~
z?M(z$sM~2*sQdn+)Lr(C036CD94~nZR2E!5vPi+R>WTe9c62<P_LndL&@koydID2^
z$8o@Ti*+O@1<DLkEKS9G7*8P0u2FkwMhdq-Z`)i}I@sZk`_zn|O+5eTo>hnGMCJ^B
z6FWyu>K^r3Ap%FFoU#K5!h*%b>faPE5j&KA;D3-P3<G@08)$m}9%gQ^U!y_z768gs
z_`jD2NVmeZ7pv*hJz*?NOuFn#m?}>lFb>WZX%sUe!Icvm3t^E(hbqEfE{ba4-+>jQ
z%LHbWxo~XX8YX$haj3BT9I>;Naz(j)vfL&xmH0H*VH2tZ082|({<?B9MAUGSw)N#y
zL8ucDRaY`s-T<*|B4|^C?DxTdSkmJhIy?x&$4w$3!HHY|kA{x{kEZJ{N*?dDLo@2(
z(v;8qnIZ+pY0Pu)k@1Hg%bqsk4e}@%s#2e50TeS;V<LWmDC`O4wgiq$Uv7ES7ZH;a
zoCT^!nR9eJB~%ARPgru;EJuV<q7(`MvAKxl>cOEZJun|iJqU~u)kOCV?ndu>XVq8B
z@0oLptLi2$D-<nXXBsA2Tye@118H7<fq`oi{*2uId7uVf=b9{BoSK5%y{fAqo{Qf;
z4MTd-A$%z-)D<a5CTis!r0|}%le!DTF0U5dj$GgmN>1KMjYz=~2A};P0EkN2#{nCb
zAROqm>WHNM)#_`#wiI~*NuaK?p&BGtqJrO(s~Du<8V5-*G-O3czKl2FbTBf5ZzJ%-
zE#DN)7*c1$)nhGpUSVxy;5zEFZg3&DT*pFBVdc*WX6?5M^n;j$uinUzY7`IMdjs$N
zJuIRwi}sV<t?xV6Fy5DN4*>MbYPC~j>0An1z8J(tj8!7d(%@WuQdUN^P&h9~Nou8T
zO+QNc0YPC?OkiQH5xw+7x3JkMe=PHhFv+P5heqmmO!fTAl9YixrZOMFfq_R#S6L;$
z+p@~p#7wJzzRvJkS%xlu@%br6)cx6EAs3tJOHXG+V37Ff+NYVN<Xu3s4C~PgG^%{u
zEuGm1US1@cu4%`-+9^kJfj=lYITDQvJNMAHFep5a6yP`^wwKe0-7=`|Zm$a^&QC%B
z2_^}<F>yoHCJ{QWHQ@_}J|$9U4LkneU>2Gyr7#EBexk0`nNfynK4XE&>h;^=;9#na
zP!r1)s3Q9q0VWzi?4jga!G>#evBRgFDN@YJpqWzD5mLjAq9ML-Ze!e(v<|Iu2tlL~
zfGFk&VD~73>;A+FnHr0(bg5+Db{L>e5qU&xfJt|(-?Hi8Z7Dd6?k*h~5*Z`4%k=tf
z5=a=~9QGyk^D%e18OGg`nXK6uU$u<Pd)_wcu4!A)GHn6m0)KFF^0vZ(tMah!6kdS=
zvy@@pNOr&=WP@bAYb5z?TnI;&L9i@>o~$Dsr))6myv+A-=6C~fZ9F8GnFV1X($3S7
z#54?MJ7jZpDeO#DE#cbPYnqSRPJBrZNCMNk`ssTzeAM~YKOWrM!1?K|L=1FUWX1^7
z!<JP6)pVg*>7zSpP|1pxquWB%D~7sc72ygGXR-5eG@x1_bLdi<#v}PnzS&N*asw>X
z<fWJcw}Qo1-k~q1tMUUrKIl({`5!n+M}-o()eWU)hppDrgqGsggKJh#PjD^*16kIs
zhON5qcKqj);Z?^YA*Hr%@&-dEcl45A$2GzMV?!F@7k}|Ey(HS&Q`#ZDWEjGYV?EY0
zA7V3e1b%n;`Kys=IC23^sQ*YkS)EXZu1~2M0wOh0cy-mb&=AzrR}l%BM`+9td*meb
zLIv)p<|kTjPTND`4f!_`_3zl<@^i-g9O8iPU9-XjY-9dHad%7NfK;XC`Rz@q>e8bG
zBTnacaP`A0U$9%xuIbN{t4`23`Xy3d<KPLaFJ!M}`Afx??Gs!nI~2~_&=tm5!Y`iV
z56Yk8VaNZVVFN7TnG^2Yj3zPm<0<=?c*EeGi&OQIRZ#+(_X9ChS%yLXkq~u$kOf3S
zLoon|hE6?Nd_9?|R?b~WDc=a#kfpbcmruukHrOhgGOBDU0NoGNoenVHY#0D^!;g^P
zE?r#oD9)T0&Ir$x5gC@c1i2<<G$fXV1T@{g5Us2<w*piMD%J#dPS<j?au0LnUcaeQ
zne9$+sc21xW;&z2Eb1-?<aEV#Zo<{RwgQSXMZ4w1^T;me`tmk+<YQkYpC&KL<zxG*
z=<v5vN&OCYIe`WTJd!6>v<<t?3u6e_{I~HB275i)da&GFmdlc!)UfnSj&z*`Gqgx~
z#xxj|d?j9?Hkgaor?`<3pX+`&92z4>ZU>J_A<lhQa!j;t%}#eY+fODInCcF}e*#pu
zWVKGQJS?0`j9C~37&IN0>7|Mj-7KpKPMxEai9u;$p>0GkCED#C|5A2kW)h$2rU0@@
zDt4<YCu~9jCis6L_jUE{M8$ySZM<C`6$6^L-3A_!-(Xc_p={?8u?q*kk-^ylBLc6b
z6SimP$W>kn1tf9SWZ+*~061k|s?a>x`AmX10s0F$<<Vb|Y#aqKIKEkM@9RA!6Y9}K
z`)k{`f4%d~L-ac#x#mJ#tw!#st|0PHRib%aN?X?|<O3GR$fCeIFB8|)>GisO6*o?3
ztJ!muC9|ZEPjZ}`HEnNel<E~Ov(YM@%!-oV8n@RDe~li-8`FUp0H8>nnm#lNf}Sy5
zspb!N2!x@jb2eWvBka~yotyokc*Qt+I?rtzWjRA2=Fzq_NQe0%cbli}`w?E!bOCh~
ze-L%_G2R+|2h*5R3>(LNK!CV8iXYih2t^F-mo%n<MU(|wme~KT6{I?>=45ii;G&+B
zCZnpjh)0X50o3nOOBIk@-lzMY>Uv+0mHk?^(QQDSa(j{bwq)%mF~liR@0|y6R=!kQ
zrh$_fGDUVyZ+KOz+H!Cz3wN6_x0j0Mc4*jxf@gk&U%Y3_y_G8{d>`xU=k#D(M(@Tt
zbskKTlRzYq?f0s<7-#%_Y@KCIdv%Vk**V!?9u!de1P~{qUI?Bqc;)|z=^~MyMS-R?
z78iC&7=B+)7>+ys2Td7>bF}P2a?xa^LAGzI8YaXRXTl=uVT|Gsj)8YUXaWrr`R~}5
zKi-k<fy8_rO8Efx@Qp3{$X2Z9$KiZ?0Sq^m#-|>1Ek=$JQSFkJZzMpCXwFQ)Nu5E1
zS=U7GXlEq&BLU;0qv*gmjxUY4IP?SLZ0=I!FD$#XD~nL+8$lh7mp<w}eX=9Pi^GYX
zl_1=4rm*oLrm)MuX!uHy`B{H%0*<r3CJ!o~MU)f=FhtG}G8M>#K-oar=YpVY9ViFK
zT=2mfm5;9p>Qd%~LJ=82ggGsQ&llENDi13PzmnmC&~Uv`4Ts8BA48xy6ygS0V$gpT
zZ`Y&bLZt@7e&-^e&VQ?5JEf%YFruf4I^;4-ta@t7ed;t@5NE}jdHI!w<CSgfzTcAV
z58&A*!HD`P?Bd5Vvdh?o5P}FV+CfgU#rVUrwjdLMpElML5Ww+T{G+1)5~%v^eHaW;
zpKu|cR4X$v>RjJ87~4IC?=-wVEp{~Y^rsDw$YLWE3*na?-E11c1J}=}HQ>cG;O0uD
zb?QILRp88z_bL{!cli~&cs`KOgMmq0(uCGHE2McgDDH0OF5QjIrIA7?HkA#_)5Bk@
zd_itn;_J%=*vhrG0E)h^y%iW7pMHN{R9!MvNEO}lF0iReHJ!iSL%%dD73?dyy=VLb
zaEq2qgKRv2?wgUcW)mjZvM7TK=KH)?-$u3#ES_!=wV^lF`Tx^LCYqr(UrXkYzenm*
z&In?+6ptYmjhYv(cQFZiGJ2z#PByWOuo<LK;JPVE`9QebR7UXOo-5eK2%BC~C35MW
zew{HVFl??a!z)!Bz+9dgiAn=r<b#od%>&U2K!FrUAhH~B_6+Uj&W4y40SdEgH-xvz
z`xj`3!%oxO5b%-7a5OC4!uN*vZ@VX9_efErG1S{@Y%xClmYaV7&lwR$V*`WUc<2zX
z7iQx~B*fQC#*0)n$fi>kzvb{zHzQNRyAS`d_PgVaH8zc$H#e}~!rMU$aDM!;IC-tx
zSOD`igw@1Okl$wPdxcvn;CoK%ur)!K`fzY&si9h1N`nZb3X&l-u<1*;AD-Z^Ju8Hx
z>oUyNSw&85zr<-Wsvi~`F&d6^9?i_(UVU76$j)%GkrbfIObN?l#=-vprz$>B$^CjX
z1sY}$RtyIFcUn7ae!yZBRFf%=F=4*|D-CKtk5=@5=bO<KSea=Msh>G3S$Q-JhRH>w
zk#hws#!Jb2nB>C-7dezOl5&!k=T3sBk3(?5gJ<LUtM1ekmZ&hRXAWjGhw7%9woWYD
z!{SZMl}7PS1!=PoKVS!GeNw^`(-~|L?%GPH17^(uU!`_gOD3CsYSaZS+kngJrzpSv
zsBE1WE3B+&W*8!kZL4h;Re+I%pQ$Y_`?ku!bIn(LdMee)t)cXkj`*|56OSN0vebm{
zg<G@15K07&-g3C5y%~pHuX00y@n$!4E@$(IgR*zWq|HGFT*24f|9qe({=Q%%(3L%5
z^{1IIAU3PljQfj1Af{!_)6}pnwA?sUKs=KmjimuD9JW*wV!nWDpj=SB%AQCBsNdQD
zmonIVB5MA2+5`n{0+jrsq<g8&A(wkw=Zgi`C_CgF{6=k$pD(veZS^0|ds@81VcgC=
zd>GO?cScYhN2*=moBbJ!7Al!g()kVnl3!FC>+XJWy<b~kjbhnzQjmrk5J|dOKR3&n
zuIq3YG2Cm}uh3yTnlXI$ZYlC0ZDxphWqNE1DTkQ!%YHNe4_-#J?>H!O3909=R8Pi-
zjC(C?cJOjMSF1n+0}SZ_@;e?Ei>^3hIuGr=9<tig5qCcth?)VyWXC;%-<BBQx7F=!
zOqW8G`sw~^w+r3co{=#wxW9Xf_qV>?HV!8&lf@2GsAW}~9Q1aHLb<^C^u6L)bZ33p
zjI)f^R#A1P_jGstp!wq`q1RuV$EUiSP#g+b@|`C?(og1YwqAyHJ`oSu{M`Jy#nhwR
zy`;7dnD)aU77bka=_j*ZCIxsUI7!whP^9r!pLJ6AVk|E7T;P_zA7v2{Dc#b=H89Um
zk3$KQWZ`sFy~fw8A!x(5*15Jp`Wa<Van0_Hln<PT++&N_IdV<)sg5#mwn%F7>LldX
z{jxcN^cmDH)eey$4~O|b(+0R2ZU8iEm9gEPJpQ5cWOdC42)-<Y`6|g`asr(FRx0$}
zCTwmRTmP8I;57YO9R9`QXJmBR=)uO^X*Sp~y^93-6GVsI87`YfJKOhV1aZC3J6K*`
zer~e|((9Q^)ta@1Fx6|N%Qk5Sb4g95=cu~Q4-#&7n{|3Z<i_UgRux|q5gBQ%R;AS-
z5a4wh;_0eT0Xdwgae0mi&?%Uts=SeUEM}5tFdYAnsjCi)>iPPFG%QGWN_Q`fAR!3S
zAq@fwNF&XqJ48Ubr5mKXk?!v9?tEAM>G%DE=iKMnS?27_=k%F7w5#cj+6lh~t&PIO
zVrt8TjgpswlUr<G4=4QKA=L<MwY!L@q45;?fOkF1BfyK0$hizb-+?5HnxwL{G*)vp
zy&;)B$ycI@`>J^%Evwz;=8u{36<DhE&3uyz&4cK?VYPMm%J7v!K&lL)OE85fjJ^Y!
z4HD0;qgn-maX1xLyg9eEA@<AoJ;?+@35CtNm^X^P`CB03EIsUgok8Tyn=hf8*rXMH
zMAM&B?hH)k1+7qtG7)>V*Zu^&ubx+9NwECXj+*SsL}Yi8!RCW)p+VSdC{Q*;(mY5m
zXp1VynRqu}FbMpxdz_dJURaa4WmNi+%vCTc`=u?*{JpKY`Ywr8vHU`D(VY%b5r404
zgw?gVDz5SYJ@3uU=_b#O8RHfOzpPqT&u7chMU+_w#<q!&W~oXyOaW1p<!1F$D`&Wa
zq45T}g?IH6_WczTSeZq_`ae{pD%&Mh)x7JYc{9piU)KTh9Fe@X!<BL4E~uMoJr*B1
zWQ+afL+$8f7iCx}C-AgyXJxX<B|TT6R9tvESa~ng=_Q^y|9Bq4S&hgc(jQxEvsTA$
zfoe!c7yduLprb(^qy7b*{5v9a!;WS8m;0!eNyKh4*OYJU6QX`rf`}(VsEMcYGTp&C
z^;55aNbHi`_~0hO0!P_t$Mld0>|@TJ&0*}tdmrN(glY3hKd4=$-E*$P8q~2E1Qmk*
zI(-vf#7P|9tQC_rl$35UEAhw0sSP1tR-Bl`O?;V{K8cT-m92i?-mB_bIymQV7)0%f
zCX-ys-Gy0F;FS47?@I6r>{qIu74zSqbkTYM%Fq|B)OXM)#G;Md7Qyj!X~JJn$9<3B
zs!I7_aYLZPI#&ge<A@M+qv3?pG&bXcV0LT%D#5^b4_XslOa<Dau<kd8$I)@l@I~^V
z;=U5}Esv?mfFU4`iq2rznvz#=AeN%Mojvz8ej(ys{1}lFr$70b8eDz$Dm#Fw*=;pQ
ztf}07plMaSOHFq_HKEn$$kN_YQK@@yr65dVhONQ3WOi!|CrAI7H!C)Y##>&M&(CDW
zYrFEUNj=d_wrq$@-^TnW_<H_F^f0T$2=)Mw&-Y=$55|Qu4{CPuVLn*tQLh^QJ`(n$
zt8_13-aFR3FZ1IH{;_w1G7f;_k8I6^2Js77aEdlV!#5y+g~C-<eosBYGAd&BA#5^A
zM^}p*VIxStnGnoQm#Gg>$)WYqO)tr0r@irfK)dVp{AiSdi2MyFyuB@>RERbadej62
z84w}+H`Grfw)Z}zZuJ<QbyCRg*{{0u;)6<UJs&GsIU_Rx-hKMP4gc}8!oE!N{%qQ*
zI!TiZ!9`zXrOufgEu`H9uKML-(5#L{FO3`hk$GFj4=(Fwx2j@tCS9HOr`X%4>qi-P
z@)FWsGWCo8k`!#poM`0dSjV}?ZxJaE2fe=^xZZU0BFnJ@e!Ga1o}Z`k*ZZ~J*9w&-
z)I)wvXu1>d>*pBJEkb?{o8<BXnnRx_osmLx#7WjxDRHol#0{z^haJB7iHG*zRF-d9
zDOMLt&=o|o+ws|*dgo73CsT><4P|D~EVu8!vdwCyCkoYl;!Nity0BcqDeUb`om17p
z(5StuDBHz(K&cMx@(+rRnJ!@HiYTb^2g3N#n6Das(kaxwxoDiSK_q?2Tkt_j%wSEG
zn(CbMJvVdx0h>xf)ZwS^ww#>_Rt0rLk^(_0oa*{oDH|kt`*IHGoAl=-H`hk4!OB?Z
z@OTFSwRV{3@7lB30%%B4U$j>l4RmmjkH@L6ldcWEVMEx}dwIhsAZ}v*VHFx;7=S-P
zZ=3cwl3nZ@LGq%o06qwm*&HP|q4}I%^v6@p=e>pz5`JU#qY+VH6GQTWW1wobR4K2=
z!J=pyo}lvi)tW(!2$z62MvBT>vZG{T?>C0DdqZ`Ma5J7y_sRk;x6x9pk4K&GCYc$8
zWaIWlDpzR&n&VfqFJ2ek9O?p}$WF8AH~J8i`H+Ux_bMCk-*etC3xG|<C|{g>?xtKH
z5A|-9xO;w@6zV-$N-vf{00#>R=ZOSkq2Xw0y(6`USd8OTjGN{gpb!U%DMmtJ{_WJO
zo*FC))_6tHcSI3iAe!j;X($t{?eUMG<-Cohtm8)E(!9)2V9{=m<=_jLk9vdL{Ub@n
zyiih2ZY|k+-krw}yBODb_lqK$iW{h|ifD%T*o4u_+%fad+7qr#-vvyKy|S}U(0-$f
zmW-b~+~Ex|6u*cXhXgHUSz4<VL7II(mR}zSu*son-+v)SzSBQ~B*)b9*A@1#FBb@c
z11=@7Q0UAvM}i3NZ5|)j!q^d$ZDzDw*c{4VE>?fk&A!aw@A(;%RI<H)PD~ha&{0*W
zwu`EkWtwjyh`fLYr}c?{yZGFOEf?K5?9md{;34tw9=47u)$|4CbQFdAxrZ?CXovJL
zKF=#}Nsd?EP3NZxXsmru0Y)hYea^x4NkCZ}p20RY>9BQ|wEo%`;eTNV<x7OoYF6YO
z<;gB8Xm+PI!Hv+nT55z;s4ogM;eJ-TpL^latz7)yrFNc?<#Trs-KeXw@VHeoFoxB<
zi`bRGzTmmhE&9G|b~vE8q-7_aw#5J5POmvohXh~Us`O+<ZrfO!w)SKipfB+FcvN^(
zuH)ixR9V43^~R1LD^cFIB@xeRe-<0Pggb5QO=h^l(#W`0d*URDbdSTAKH;<zGuX{6
z(hG(W62R4#!#j+YYTA^VYTD_~<0}p^A7oC^lejI&yULs``|ks#_*Cfo`m+*=+Pk2F
zX{plwSm|fO@&Jdo`^fuey|YeGjcy!m1Xp&lAddqzd}q$lr&LH*6#a|RqUBi++(bUp
zZl_8sX)p1r7awWLm&elQZrxBydx!cj<v<SD$XfD#s(Ndk9x9Fq<{;NM9H$S<9HP*N
zC<2!aGju*mhV_`YATfrU$NWY9F~m2GOezsb>cxqKmTHa)cDlOqkD9q?{HnpQP7w>F
z%bOGBJNPIoYA3;~8c{|yAP>_AZ;^aM=qUzRxnw!Pd<4eWi%8~I7YP<O6i-3>dt7YE
zpszxEk#g@5LgX@a(6WfDVlT=eZ$*G#sfwyJ(Bm@qDd!=zWKFHK>3W#|>hm_fM9E71
z)1aNKywFN)=7{#j#0RhtwW|2V!-%ppw_Fs3kGd3$+||7QOfpT3^TZ%l`cAxIvBP*_
zW(L<p(LMZ{*1OJpl*#;LE(acHSDRr9tw;8`pK+Oe=O|1&(JmQfey8hP$V9-~%+ewH
zpG$;1aHN7`Z8RLr4Z~$2(?J@R?SibVZn!gTrlgLB#dTF(CT7!JoXr2_7M%FwaW5q}
znd!{eytYo`aZTrknE9@wTf`j+a`AdO*3YYt66qATQpmKZQ@%ai1l93;(}#A1IwPw6
zs!fJmo4qdZNO$=Kh)TQGL1bn<L^27iuZmp*1#&hj1Q^@aYCULO0SiB=b5Naj^(#S!
z-6<cO_+c+_yT!)Vec_4TekdK1`A~ZD=P}6F-}t$Syh=~}m%TpEbp%jIlEqKo`^?yZ
z;GT<6i82VJhJ9(d{s$@FY<V#s_Yq%s2%>-wb#7wqzab?|%_a8}6MXpCe%Q#sl|9Kh
z+GyZlucQ8R>LeY;Km7xW370IHC9^tPJ39jNuH#|{t;S}nZi3t3gk-S{upJ-%E|Uc1
zb1tJAplnBhCTy``fpVzDE9@Iwb#Pleqc;|$X1kF+iflhYE)D&~d{HiI)6cAx9kK;-
z8|jx`iPa;UWxdW>hOF4es3Jc7O@UjFN(qmuLlZSYCul=xrR;T2C@k)usADZEp_u{r
z)&khaIXt*0dh@l`5PU&ur{pM9Q8ZybwA6->RN(GXJvmx<y0`XSET0}@SN>?$)r#pH
z{4fKx$_6|aNY{$2^>Y)3gmRkrfkONmzKuEIsgfiGVctL{&7)vZO;hsbeY#!sfaF{Z
z3%RR9F38P2i@%G<8C6xeOOC?y=p1M+yM1guXB8<RsbA-LC<0kByf&wG2~m^?cF^q=
z*mKOKsTQ$Nx$`vFDC)(dzm}H-n{L)jscj|a*Xn7lsNo=c{+QY%n>D&CDG;KLeA4}V
z+Pv|$dgfDil2%Pv_FXlfo4lM%DJ?Daw3CvzyP6V2ef)ludqI8N=6D7O_Q#i^e5e}W
zTPr5xm^(8}k>FfnrnC#}jKcg6qJ{#mkuD{oFd-17xIBH0^goC$%joFAO)dE!()&aV
zo2FEfX)SrkZ9OFxsoTO_tgPXMF1Jiy37krHsR2=%Zok#D%2Ai58<FYBC-2UPSVir1
zz@ST;7pvc{W}pU(MKi9GvWnAyRi~rg2AAw#?O<`i;N&2r{5rbQ=7<I!%NTd4=8{?H
zdR<v^*IhV<QK%?#Nx#y-!u_86wN};GepSwb4i*Z-r_+IM9Zl8!sfAtL;)Sm!jCAhH
zQ2Y%=1t0ou5U>q?d=raxSK-w0qiNm_=+XC3o^YQmG^|vS^0>>kXR<G0>C4x>P`y_y
zRnjZrgDI3<pWIQjHkz7rq^L4$>9$p;MyOHJVR2nx-SI744V?0ND^5do0!j74PH0NI
z8BJs7TEA#wjXkf1W&~cQ?UJ8dN<=zA#3U`_<B4SeD>qT?gu}uBnv>;VZ7L*<JALni
z?+WWW8ga@xu^F*=HB&(SCSchtWU~D<>kCShdlXI$FpWg8dd`Ev#8nDol)5djqe~PF
zRRkPw?K&OQy%6?E=4`CehL)j-jm@ulRq;&Vv0+h8Nd&#G5Fj&b^f1kmq8f-G4G`(k
zm^SgX?Rme{o)N;mPWZySiM|7Ky98p(v?pf1UGj^Z4Bk%HvV9KQpTT6Tq&dW}xbPtI
zbp}f>*h@CEzA{I&6vsJT>}539_f{|1?HN)Xm_pq(7v3wj6RRxn86{&-a6Bv+96D+!
zc06STx!le$13M$eXN7g0Ug>Me4#2Vk!&^j)SWCldZ>X>Ud$;Z=<o$}T$b{|L*Wt7{
z=hW@;y3dDfS%|-FDRv0Xp=n|>iGLe94P}+kcips92{SPI^$msJj@-ps{n%>;YnB8R
zQB9(-qw!^=lLv_1h9uWI9L@IGn+iC)uL_KbfXO=cG}%2vxX9bsU1pZNdVEc7{-`n7
z;k%o8X)Je0M0dO+$#HG3=i)q&OD8CT%?^7Q?5v1e)>CB)x%-tAkp-%r<MxM74no@B
z_`D@YU<Z0oVhk1{5W;d5=OvdrcB8O8twzFfq1@N@mMOML>y!8|Jfs$T;<SLb{*xoW
z=2BiD445P#e&>kzp^<_*oiSjbf%3CH&Np@eR<~|kVNp4g>aKK$e|6*<2ZVQyEXYL=
zr)1&wbolm<ZZ(jKV|$4KJMen;@=KArbG6IkiHh97T_TyF8b;w=9!?|aO#A0*L<Lcy
zD?F&Ya}i$`fM|Ct+={GlPNdp=Ct6@{pv?Q?sVM5}<&c)a!^6?!#2Uj=%y8$Ojyvzs
z-jkK(ZazuH0(3qS(wnED7;TSek!8IV-V2s<tEb&3xTw2@mkkpKc6uhFYTO=KU3~y}
zWAo;@*}&(;EawHW#%J~mt8XNGNr>qk2gQC9YvB7l#h25Th}z?aK;tqL9s9;O8@=iN
zs$@#Ww$LGqZemoM@5KLvy|vUQTHx96U0LDfWXY-BUCnK^WS|Jlc!jQN_VF3kCoAUb
z%~Ecu_Ne2_Y!0#lfmo!*qNvzChh*exA7)KE>kjEvt<%*{7wS$_n>|t*HS7z(Ci_vb
zdvU;nht|WzgX>N9=S0Wu?a0`OBfk6GM?JOJH}2@~vx=1-NEe?8=z6zO<L^&WrIx(C
zCaP`Es{KmiA~<L(U|KdmzP(wL@5t*^z<qe33q;uKbYJ-wxP7u(!WPVhxi3qVfM(Ue
zcIK=V#bgOdR$z%Kr#t7gl#=ZRrZdVQSp!lqZn(^!YJwoYMvb_4UkNH{bYt1_%g~3Q
zt)(z=D|qoc#g!KYMlZeC(p<4jdPDEK(X@uxf)uh6^yf~Yh(=u^Fq7(2+*>9$lsxw3
zgfEeR6ano7#*Z0q*D!wA;XXT9#`xhQJ`93>>FOa^vCv`)g~~Bx2gHV&I(G%r1tyVy
z0XBQoi38FU{}wiu14$5PDHy|=N1xNX8ih-TPJ~S@o#{N5x^NUxSi;lXf}Go;5=c(I
z&nY1x-wuA?JIQA_!?BV#Ra=f9CcSWV`1DDw_I_!iDr%nmvbMG#>Q>OPhD&|)RX|6c
z&Q@XYA_#N|@PnuKF!ZgKnT;&FlbDmirn>uhOqZvg8wM8Le5uSn^SlBtK$jW+go{Ez
zzeId8$s<c#>9ULXE52*6xFP=9!RxnXpQR1;wO})6qc@r*l=n@|4<sH-H6QlK3wguF
zX%hDOy+t;vl`iBw$)<pfd*@FR==o+Y(Lnx-fXR80=hdAlx1iWfnS|{sFw<@lTnIme
zESKhrw`ACIYuA)%qp^l46#FMj7yDC9nKqGO%hGCzDMikFveCf)2T#j6F9{NFO1H{6
z2ygS>AiT{Px~(#QY>c0-TE{=^rd=?7YR^~l2-h;Pl9}#QS1<GgFq%tr$IJ5i2AW+1
zY8d4GGe)&vW9i_~iX>O`yhWfDAxXNoM?4)Xvb&4hlUU9l=A`<vG)sPF7a-t;=Ndnw
zYIBP9Z~o$03K0_T4A;s6$o$$dkogM?eHS6~+f1N;wEfzQxjB2pQhnHmd2fqmuEdCS
zN2UN^HoiM>FxH<~&2bo$TWd9Ya?kW6SM40@b!5!-tUR0?;_%7XmaX{%cJ^=yep7?U
zFoP((HI4Ur9B$S|(zYmkK3r&<8_qp7r6{=YFEQ#o;#^5>aRZDZ|0T(fS3$TtUzk=I
z8{^7(H#<8tKJ=U#v`-D4>H&7tLTQJu^B)^wXNu%2zqp%*4%JbYxU@B$MUOVPEalAx
z%cYxV_x-G-ykIC$!M-$5#v65IGItwFbbvCuiBxk(z32lA3;SeV4-S#&VQCxIDC-3T
zAINvbhoh-t!d+gd@0o5BWy>bsFOO0tJ!9a<dS{_p0JINqqA={dGzM}qKGKYU8V?Pk
z@5+@eB_1E%?W<hsh9UMc7A^DkrSD8vPOC60g1S_H=G;!swwAVoOgJm)bBN^Vd{l38
z%?P$mPbfsi#*h}2#1g9)J1UxU5wHMTDEy_SDD+YIrOQtmcO*+HP+U8Z-ZU`xL0_Ch
zYlZitL;jQ5k$ze!C9p)1lRMpf`dd^Due<W3wwQJ!3FVqEwD}nYXxPdvD&bjFAKWh<
zhn2ce7de!(eBVT_ncszG55c|EginvX$q0-aqDplxyVve0PGn!PP82Y}g>R~z_VH2v
z_ICrupR{X8dPk{8x~AM&q+O{}QOuYUjO{q_XMsCn1+@Xcl@Tjg<6=IsjmgW>`hZeI
zuf{{0bgZN+V-n}Zp5ZYJ{8CAQDoeLfKP_90t_du$GY&NO<KH~L^A!#Au>2nM+?#OW
zRUny&M?=(7_yYwN1ONT<-TeyLTVQFP`BC8M=xr+cP`1%b$w3&=d=o1{`Tg!2VcZ}f
zD~Y-ba;;h6vBomw7O(UGkN1hDK`bD{|0MoEfIM4vG@``bwRbUY4$H_fAWZeJ3f*mN
zZq*Z<8nfYeGazgkI6fD9g>L<1t9kJuMW_y+!^w3tksSfvQ2z}5+M^Nxzu#T5R4neq
z!d@uc!oH=~ybCpn=suAJR1y$!^+re|)?yAdov68Q=lNP6p;Sw65>D>RQlKjK73M=4
zoeh^~oqWmT<V7aw?cZRZpfVUC<8C;=cv|<@{Ngvl#Crr^3myylS1&^xG2qwn)^T<4
zP1_HXKs2<tu%5=-h>+VNZ`;4bCw6olT}xPa>~I~MZ)GxQepirh!5pW5X|peRWc{)D
zdysIrvd^LBI61dVT?Cow{n14J&5}0>&+1StUmG+Zu)Ia0J<`ZlEImtfW@pHhBy1@$
zVsqAZyJmi&u7f+EMC>(lVj~k-w@Ic~QZyD}NoRg5IRTHjACW7dCgJ)ypINM)(9`c_
z?UT7sMcy4@py`5d`XhlKLrEXm>U0GDrM1dy>1mF9-iUa<w&iF_hJhF^cF049D{hu_
zn6M*&n-2F`yE5JgS)RS_Stq`Aa&M>8I!-@UKFS*fHq{fJ^4eq^6SekEddYv@N=G!P
zb6Ypg@Wnw`C$`}}$|TVEF8H2L52e9*ZlJ|XBu$~xO0RZ_Ei1{Qe&<FbU;E_Ntp*Lt
zn1q*HSKFLR$uzs5HfYvM$e8xWPoT;3Rp74s-D=(7_azGRIyI!ehLNDAp+6D?ZiAM+
zVruzH=xzxf_0yP6S*n=Wd?}ofAdz5%39_$yHmo__c2+~eNv;&P)g`>vNBN%OTqQ`G
z%oE%0O`Dhee=L6o4e#jUZ~tQXh2g%{{Ud3C+4|~>Er34aLpXbfXq?;+zp@Pxp@p0G
ztZ8V7OG0~LxFnLryNz-CGj%t|b43iNbj^tzN%oh*1_5>zfalqZb7uFp)brnF1|Q41
zYfLEQ#NMWBtdrnvtiB)-c_?&nTSLzUzGI{G?FWTG@<Fdx?00m7PXCF5lt5?>;A+qn
zRql8;c89*yq=`#BK)7%~^)aJIrFml0zn>+fA|*$#Y{odqYmR#=pw)*+aPwuMiq889
z{ha%<Jai9-h}{dQVYN!TG}qxMeos{v=4Sq$pl82kff$|zTvNe?3jDWtrh+<2C-z8P
z6<+Q5rL_Hw^IvRquTk@TB^7`dT!{UlIU$@Wf3*vj^&DtzM>p=|`+o9jl`m4$LO!8N
z{Xp*8>W?k@A&bx2hWd8uVZ3e0hkayj>MFySigNfw-742a_6~kQ7wCL%eP<Qwph`7Z
z(&q}!EpPZ19m7=l^!7Fei*t#D3zXdJ`s6~~Wn%-9=#0%P^ng4{MZqV_&(29W62CmK
zI>Eu<I@7WY76<_|?qU{x5dX@)j1adK;%$>E)gN)j=G&VNsvcm8sL1$_;~Nm;u5KJo
z7KGzdYz~*+SVB`t`m@rvPHm6m23bw*U3yj?<&O?uQqoTGvRq4etix3=n%Z0pi(~+-
z_oEXV`5p)kYZ?y{M_d}7WcO=~wyT~#8M(il8@#TUidReuKiDm74T!N1Wc`mM<gVEC
zq2o+hb-Jj^-dpZ(fX2t|%V33xu_gYdK)p~LMHR2w(&&tju<>Z#V6Q3~#Gt!{uteCf
zoJS+@2r#oN!~*+E#N#6OK$o*ik_00{@dMH9R~6R*ozL0?Hgd!;uYNBE4G6l<^ra`n
zLYuED=>CdY{96pH5r-P4zsWNM$K|;MI+L~%G|X_@(4qhJ8*Ynt9MS}j+7w8QkLHS1
z;Jk#fBMQQ}%G;a1kiAwW3(iqhJq&G{A)7ms>$T7UXpkHf&D`p?>Kj?!p)INEkbQ4b
zH!qMiURnx~@v7S_H{D)XT7iIRY#xLAwl<Qc&cJAT*+1;Pb$b)!kI>G*T5_;q9z}z=
zb+e4@bQ;MHOvzi99w2V}-|n=7UTo>$f6d%)>_W>E3pTP0Y`2Qmj9Xt71`7kzZc151
zZeF~nvqY)|ySG22V@dDU3Q|USW{^y-I?BK*znoszRgEM^T-+&qo?2S@T<2%$lf(3=
z;fe9Q6>uTW>t$lse%3xP@`(e7L0D%0%{v52--PrX{F+xN&pXhFt93x%X-PcC)@;1x
zvd0N7kJI`TKrH5YIv&Y~v{u!tYrLjN>HTE<NnHziO%?7$3aZqh3ccajwa0Ki*KbFy
znXRIJ)tBg(3LVk0X&Vp-u{K9doX0^J5QO0}Z$XErEkhkNBtXB9%R7ZqAZZEe@2L&&
zG5L?7DbR;a9el1|4C&-?IQ!PG+5-f}@q-fInM6M?8Wgy{r5@gCpRqJ4-5eO7JjPlo
zf+EkIO0`n++Z-JKQfbytFLX2FR_-IbMZ)rn2~!)Bet{4I2or9&2(^MR>t-#8@U#{E
zSSdq>yov0pv{1dzz=&KcE97|p^51S%u(r;4@U?WVB`2EsUI70}1-QkbS3FV20XhG|
zb%I4|PT<k}%oH5D5d0uh?Y|BcA{IRDqhX~A^C>IbRV~8Bs(OH^_8Y(i%3mtJJX0O>
ztsWPm9yko+)c7qiS6u{5M@;Yq5Q(u$3OYrk$v0rYPg?GMYrFsRt!)y!s%V<!*@w@N
z&%_||0{m_W_i}ZNqdRJQgKd1oeJIEMoo1dW=exY~hYD9L*dRgfilLQItl!JNW!?2t
zAjIYrLfQ#vBlMF9$-P^jGgvTq4f&BOYfgXhB{32X;FSNj=Et?5wRN31n+(XBZy_o}
zy1$w4`bh)C<)d|Or=!bDfu)^!GsT1S68#H(n-4Zwhq#+R&@87523s9yw-0pX0t@O2
zaM#g(#-9rXpfX=fSfDk|1d{oj5sSXy7$M!m{wA}pp$a9dPd~SvSohnlz7+&XJDWl)
zkwOTVeB-&Niufy06V<K;wqt^bgU~!|i=LKnA<n7o6;EsiX5fF_nQl$6(vWTW{%c#D
z%gq+zhSuD$jjw*JBlOBlElnWT1n^gdCkl~io$rXD^24G?o1_O@dYSU3T5LaD={3(k
zj_o&qcYS5-sO9W+i5*S{#gYXf#CrTEl|qicpT0FipP<NB%l*FB<-Os!b+40WoNdOD
zVsL@~^=A*xy-aRE$&`<7oC32Nn9V!eOzuQW@!T=8A5Sd^EkQk6Cy^GAtcye_JbN$M
zZV=&5wOh!PQZ%^<5=cGX`d>itLY~FhG*T9#uB2AimGn5A-iL{@fzyn2x%xJ??CIlr
zjr_SxM7XAyPOWVrbN`wefb@ow&QQcQphU?+=5~5vuuJ>nv135r0^&+%$gYd(xItpI
z6Qt&%KjAO1avkZ2>oJbcbAuO7c99i3Wibs8Pg~e;XUh_so5UG2hC<)iCiU6f<{t5%
zMtt0GJf?bTyMAtbg!AYyT9o(o>qPIqu{(+oD<IHWGt!sqRUqdsth^MbI%TgyjdSGa
zW~X7dP43A2lqqPj!J#y$L4*mklc{!D>THO$-wyDrrA}#Ru@u$2#21Jp)j4dOYVt0y
zR4b|abPVoqY@7eiCS*JFnVs8F$(^5emA3W~{aoIFG`<e!K1YH_sOYb#@b2_u9{&kg
zXvcoyb*YUQllu>|r=W#(y*SHXnC*L8TWQ1EO^~A;n%J0xuYpIQC|^{c)K_0vRdAG%
z(r4K#)dc^oS?IIsPbayLLG$^_jm#&s;~_=;b5h%x3%@ismJkj?@_mIUEg3?x8?pT<
z(r{in6+UryFHSC5DPXbl{>?`3r0U#2O0duWlbdnS_PQRv{VyJrfAR3PQ}Y)OLNWN$
z+3AdU3qcQ-)G62Rw)&9EggkP+q~`ZKg>I3BSJ15kWFa6tmr8nnIz$=o1|c?If6_{4
z`@88|d-OJtpAk6Lw5wo3OwYo81Q__~``6Ki1@^zZdGvct)4OPXAIVlZAH>s*bs|M<
zk`W4A$A#{1U}g^3cUXBMoUI1!eO<DxE6@yDw7ai-?8B7#F8*zQ^EfVu<lg>htGH+v
z>XRGeo}}Oda+u<IO@!@i|Hi_8;j8)fyBI8+3DS3YdcCeUA0JEoQUUe3E><K|G|iqR
zJBpN!x_KC(JSNd2g8_Ytez@DJKQ4SLtW^Ge#TN!LseCu$yi=s_`6~?g#LwC_6<Ssm
zJSJ87Kk0<c5er&>NB#>r_|{Axl^Z<Ce26?Fk^1J9m2(LXDkq<IYzDquLjOK@P*>wO
z(`Q|d1jPKxQW%40)>9>TZXjgsebn18ayDPOp;;+$om1{#u`Yy4#1oYX278AJ-1L`4
z(sRo5r2k8x^zpxs0u0K7%C87n1v0OrB8=pIIgEXQUY`s-g~e0@vP(%Sb;&dX*IcSu
z`h(=Z*(@Uco-zo0w4T~20Ng<6T0_*^V|g3F3ZX;1{sD?0mUHATyJ>S|qW}cW6ua&u
zlf$(JtbZ0nu&iC+25&Q&&UGPt&E$y+HB{}kfdKWWetFzbe!OK8E^4ja;Z9l<DVAiY
zdC%=s=cZ<%Bvn-_sd1O`q=k3WuqXAn`%k`&{{;Y|x-o5)7KRXT=sFhL*J|u}mU3#l
z5K5C2J*QEM_9Tfio%Q%eR1`AJ##J`Ve_Rlk!&2Sg`A5>Z{t(B6KX2L%s9yrS=M`e6
zGwL&2Xtz@f<P;xs(~5sq#>_8xC<=dJX^Kn6L->|kuW+G*t0&JqC({(;BMF>3*pd{I
ztbFt!PTll9EqGh7@Ypi7AGwA8CG4t+^zm_pZ>|XWbMCXg4oN0;R~jpIi)Glyh-8gN
zou<s>Yl_V7D5pU(&{FF*@RN>8$8qS|KS*T5O6!r$)#d$e#gM&E@T|3wipPbfyIeNz
ze!YBikuIqLif+-j#sFWJ$vS{r9NPQ>AXy(O8A$5>`1EGHH9kK?HFo%hA??MWl(XNR
z?UjYQ;?c_=^v}s6wrq#8ffUE<=6Hy!?EjK@?{uiG&J99r3j1hFSwtY`ZZbk`cp1pA
zC=AQ2iB0My)O<C0Dw4DKP**kn^8woQ5%x}5Lmd<^w*fY3{Nbl2tQ|T>w~{B4_HiwK
zmE^tHqJcE^C2NuG=TrAer>nFJMfOZmk!(hbvtvp23nwxTF!Q9Bb+VEq`>_sDq6B2Y
zrpe7Umh+Bc_R)?G*Jq9FU+8zpTvJqmrPfJOpy?^(?D=DyP^{`hx0b3)?HS(byVFjp
zi&&ABBjDjr0HtirHXwrX2I9&XB7?FosA0E~JDcL*yk|UK#BCuCu7W>n9AZ;q3^E;a
zP7y-}qy3XK_AJ=!8$9?iI#>HQ6sY%Z)9cgQiLKin%jBrQwB=Zi8`FCX_+5KcIwP%|
zccM3%d}XEk$E<8R`OkjLjN<^z=1P(er877-{%F7DA{cU}HMO&p+h49YkkbO9vDeXH
zo6enD47FY<$ncvqER*`M^t64pbKOidAH4;)`~Ov6?&_%gs9M$r{$b@(b(F?Xk0+FV
zCzkL&t|`(pB+N77X#PJNlB)6eu{7Ol(tW>Iu16G9LTaG3K<PL0THRsaDw!6~!EcG9
zE=&$3OJN)A%_N5Y?}iZ?emND{e00A}iM@i^InsgOoO|*hS^PaW@i^If@cuM$n>C8w
zoGIrs@22<HG<UVkhC`<DTiqClV&9m>2Vcb@_$4~04-Ld=c^X;%Gct(JNcx#;*nmyR
znM~MLM$`r?{y?MDszk3^j}PGVgsFfRBq8X&eoGDl^|#*zKT>uye6+k$-{Xy2XWf9&
zi@Ek@sEkRNIO?NG%XNoR1)j+m6!*dm9(*FV(%#c_dF`MB+!_cg6dm#o`*~Yka_gx#
zlgEV=M2UX9o(p(-e9_(V)3-L7>=qb2{GBBkftT9$uE3~+lG=tLPDerXWkGjNL1H!0
zq)8insVLeT*!~LJ-(Ve1afM0|GUmT}B^*DZj<tbrc)666mpVR}8hIIefj+|WvxlMn
zoS~R2@NQ|Hm)qD18M&2|NJUg5wjmegd25Q^NkinBmv(GCfH(R{6*Rq4CJ@V3&mupU
z{ySldmvi7<@u40n=Kv<D3WaW#CG=iU0~y}*wjad_`qPHsH`ayzpYw>}=L5wdW1s)6
zsr3Tr6P|WlRp$Ok@f|X3P7MoaKKXRpWQrOdq+M-SDD84c$QDq1_ejU9es>!>;v%>X
zpqn&zzU2KK<t(kHX<6fL<1VLZdHPsFL)US~p~1pHmCLMS&kw+ziI+eQp+P~l>{o-g
z|Dg`H`M}e%)$b*5FX=%wEdhpH{j-XS)i@&Klww;kO*-B^Q*$&pna>Ve(=JyHItfn?
z!2HpZ$y3!W(#~!0;v)(0JCH!J!C(QS_@Y>2u(Z6a@q}6-?C@_b6FJ+bjMAkuZ7$Pu
zQY789-nF_EBlZ>l7v<u87Oh!sBPTYFxNM6;-BwMX)tMEwd$z!(gHx+qwbz`x{zR##
zniQRRsPEPtir*h=JzqGRdr?;!>X>rlyL9v`hyl1pIBnP<lZT>Mv$3?aLMC4$ob+#f
z&2@H9ZkSa6oUs9X>bKVN^2ZEh9O$3ar_4aFd87E)L<`Mw=5gqRuuh^a+0hkb%6}Mu
z+y-DntG%q!;LnkT-sft%Rwo*FZ;C?g!4-Delv0^eN?#x!Rsa-*ZFN66iM|UW1Jr}>
zBcEEyssUxwpSPwIu~8*CypKhvwv5w+O0tXQYVeldX<VMI;aCK>2JVs(dOzLCOBbA4
zA)i-2AjN_vp$VbIW9cWMDS?+QJDxzRU#mzjDTy^AY@=sXs8&6J#vVe7@{F+HA_nfV
z&r`Sh9$+R42ZMT^7#U@++SKFHP6nEJvVRhYZ&pQJlYjhV;8)T7L&We>v0)njchn<g
z!@vv<kwLL$U~b9#;h8o{DC66DQ<+rZD*9#GTOyLE{f3)ZFVP*q&KdnD8Oxa@3=jd2
zfylReG+SDY-T5>j?U1~)LIo`*Y;zTw@p9bH(&nt|<-_76e}yUItlq+D&Yc(phvF<f
z>)HyHC_?L#Fi$4356-%r7q`SATj-N!5lP%D*nfBmut8=5hrs-bJ@Io|AeW1o^Ed%W
zKAEOB$zejcrV4x_w(T1n>(-|hmj+2N|A7YGk*;*P4I3W<8iTf$8uT>`eB-N*JVAqv
zX$qNxm$D_0Ge}ZZAe`_1u(GokD~^+HNE^;2%w=DT>&<f>-7<&L{ZL_30jnDOosHEY
z7rwN_v}$#>dT#mX^ikkf&Wn(?*SjLHysPwQkxfP+D?#=UH&fd(Q@nHhG5!!oD@+Mp
zhSN@qV)+c@W7NNRy0s+v99Vwb_KLumb!VT9U?G7+G`i;q{fLj}<IRii?802}+{26{
zt>(wm$Ej4n(hXBSqpH3fOea~X+_e&LZmQAV7gGWdxIFoaEc_162SgMzQ;9xi06hL^
zk2BKnPy4d)!v$Snd}4e~R`hR7AwEfYg4WWodUcx*KQIs)|J%1zl3~UMwrz=-%!jDm
z5$S7M(C5f+Z_nPg1&@f#Ku(;YH_vmi%;K^cO|%>6MT?x5oo3IM{!9sJ*93kC;6t4&
zg~v=_#*URjjDQL;m_ai-5WG}Ze<B~xce(z!UZQ{>C&QenihkfEzrV%{cIco*bH#6k
z38F@7X@6K1+J>)d`GG?u2uOuoGT_mXxvlpiN<O;m4{Kb}F4=GsscB!@4kTvho2Yjf
zF#gtFjH{)9suQjS&T6S@V7nRxv=+BMypNsH&GU`Zw~I<_G3+3uH4lU0M9kGvoPTbd
zb{VXeAD({^#EoN28BVb2z_F<c=DK%A4b7Gmch>v((w%VP;2=CaSFQBsR^cH1UA%5%
z(@wGN3aq9I?sxH$&$~>yyY`wBoBbcLw}G?8-vJK^Zcbra1ziC~PN7&*IWkf&Lp3L)
z@E$PJb`{s19CuQK(I4h4jAd~6%CENaO`x*ce;RxmWQ?O5SDvvy0&*48>v|s0d6Tc4
zGQMAceKjHYwY145rE14_*wrwn9F#Wcdk$-@V!fZu-f5JFnYoJzG#{vF9N}Am+=|?A
z9%@#ZaDR)hx(zO)U`Qu2gmh>Ye$g*8<VCz6j%TOUVu|0nfexwAY&HClz1v+&RI>>?
zjbU2$9~KHoa3NR-fndS?!j~q5swtRCEk`hKMm@-jxkh`)qyV7_4t-*;cSH;^^_U1~
z`cv2=9@OwNWmlts5U>#rW~izLwigMQWz7;wPpURIRH7^1no4nM<(1kuu+e`Ih}dIO
zTk#`cgh0T?7rJfDx@tF?mfLkcud*Bd!Y!fXg}&k~qiK<9mi9GhveSWIu4e!g#3}t7
za{(O$-!U?Qz$UIy0{TX}nXHI(f>)JSUD}Hnv~gnI`k3K?;4K2XhhdYHqn|%5ap(FS
zSDw)XhX}r^a<cLMUoHTW3OJmnh-*W^dIM4G$v+Q+Zm!xV_xr%b_6ZYZ6Z8hl<~Ps6
z6JztQR;sjHk(K4OQ?CsgP4iv8-FvO@PPm)_2ve0%Upi^!8GoDcMuMD}wu%qbX7+2x
zy|oA+^pD-kvyCs<D$LiGm8Cu3ro<xgR`A)i8Fw@=`3vQ|VcY)lj>(iIg4nJ~A<*aT
zf1o%3U1RIwyFoxvEQe1A^(MM`|Hy=}Or+sx(bstTnQ+-Lu0gN1lQ~fOHpwz8vvLMk
zwn^7iLFNabG#2g!cc{Bhs-Bn-{*JV|d>eh`B&*R%k{i%J#q669>hrx<vvd?(Y7ZI#
zDhF&duJSjpeWKKUEo#TFhZW85INWt%BK{2FM`XQZ7J3{WbZV}46Oxr{J<HWPdvXCT
zObRRZ>Utb+NF4y)=}=?mj`-Mi|HK|!+_`x>6iYm9axdhZ`hSqZ$mO?JcQU98DVIXX
zuP}4Fkh)qMAJ2}WU5e~1eAN=3aQ+Y`dUT5A5&NgQKh^cI;FxJPm{7=_c_h)={?X^;
zApf?zssHH_Z_CtJ>`}z<6~igQ(nD%*4WN5B+k~t9g50xIFoJRp#gr+|kMC?>(A13v
z#>CZ&499OvijqePh8XdmJ@9xD$S<m4Z$KVeE+q-m+v4<MJK|8n8zOS}NV#5pMlY^=
z&JaEX)o$V1V`xyRdXCipafl^g#<#a56Ci^|j3PxJ7VemrL{tC=VM3A1WID%6Q_kEV
z`)QO(9w~NUDN%~c$w7~!g)aS|OLLuVE`_h3F-_HLS@tHCQbRI@(d|2nwXf0pfBSvB
z3zEdu!KZ?_ak_H&<PC&5J#_8%tuVb}-Hln14hE{OO>^q|S2ARFdei}7mGdzX-?TH`
zVyEhW@&pQE2B^ldjdqXYE%S>rXHB|cA}}YNEDZh1@Da)+ySc%GYh~rPg38>04L7@@
zLFA59;!Bni=w0E$^mezB@af&>yCD->`)1G2o3F7-P%5e;p!R1OfMMf63dsY5g9<MJ
z7p9Q*cPdBAW$RxL9-$EYCe+rg;mq~E?eV__zJu2<Zkjx_W159)x*K;jE?b~`juxd&
zS#k2r{2%lGWHZvABWz_<wD6g6kr3`J^|&@>`$E+|ch%S|C2LU(B*8?oVJcxIsCqBf
zO>anR*n-~^BfnD7<4?*mA5>9;;fWtdMG?O7F9Si2`MI=VyG?`CI3gVI^@XOyT-8{l
ze`^Nv%vp@=6c*Q0^m`=ETt#nk<*MfZE&lPZ2@sAT90-`5=T#(K9_J<Zmv-Mt-IPeI
zBWx#yUvmy#N<5pJS{6kGKij-XZ>OZyD$m+N(B)x-5@)-EeEM(lmQ(=?J$r+yh;per
zP6JQi*fi-tVB__`;~Uib6LKCj-MOUkU3&2{@6F8Ns|rq|=>nl~DJOJ=?7aCNxIxP-
z<V0Sa$#9c8hpAbD`iYOZryBW@j1yx>ApL5$oJ4%9{PxV^`oil#UQx*(?WF4)8&8$%
z9o<&Vi9=SycrL#aU8wwELHuMmbV&#SR*v;wwfLafcX&qWr;vb|HZ9XcgB0Eqvmx2N
zYFT;tuN?Wx7bJ+UgHQT>f8@Cro9L@&#H4}{wx6$b2zcMrnlW?~-AzR03PtW^bSKRC
z&30VD7`9cazD8dZ?5lj^@L{;sKf^P@QX4)>n_Jo9Am7;MM^OKRO&oynJA|zVzkzUs
zB?%!bYzD7de9@YoZD>*MlqGQ<-cnS!v%=HC#35E3t+G-4v%_xHuvn6K{z&w$KaMcr
z5tlj*+J2e6dhEsP4+G58xBi<(r+rSHfc14<F==Pa1$t$`G3!ps?#54%qtt4~O7@Q@
zyY&FEl0eq|@L^}F8Ly`n*;B#8<DUIR26l`LUr7q@O&M8DaS}sG_FmEC(tSJO=)}@O
zbHzF2o$0LShmwUiXGE?%iH&gO8jLqC)LVo{!a)xRZ1<bUG^4hp?t0&@%%R7&3aU%d
zU`lN-V7H5UUDU>qYQ}R?*Y_bO3X-Ug9XtSyv(4w}qw)qZ4(9yRg?U&|C>LtW1TR05
zJ%4o_B6Wf|Fk#OEt3Z9b;vjV8I4PofGEF?oUX&g=_L*^gck9}&m#0C#%(ZZt(l#7M
zgf&OT74hqrZY$;uy=Z}p#q=fWhMTp4<~!BFqK?$s=_)k#m8oih!U=!HF&Q)3-5D*w
zW}5zcR&rru#bf;=bdA~;nO|MCSpk3D(Z!tlNzMEQdd8ylL7dm8ge{8XI=o@;T|I{J
ztMG{;UO%U=C08FS8TT-Ct>%o*U2jyu@6G7HWAba}R|V!@9ZYC|4oa#m>aijU+Ns9!
zC^pfb4L1F*@rq!8?+78e5=jUFR`$(bm6o7kbVC&xq$JLS3aosU&}1?cz!IH|`!z85
zufOMm{wlydjHSOx>2e$WnZYt%qeK7>WsvptMYI$*KoRJ*8dQQ_+NDIqdqJ8J$}(rG
zv)FgkBBb|eU2Fb_V{wAgHlaA{aqZw^NzKwrf=?60>e9U4fk4MqHk#ktYrEeSLo6Y@
zfcKdd$QKg$hIf@QZ&GA&b_<+&;R}P#=LL-f`>49?Xu~DG!I~LfY7^W2S3KSN%r>>%
z7RLyQ5VYH%Hfq7UGMbN?9(Y&0#`Ljos%=#(n+4uaOnZ&fZz6w`m-qD$*oV>^<4h1^
z0=(QSNqeQrVxr=1P&{=8<1SrQxeB#+t&a`r8~vLnB)T5y%b!$DCI<3hOq&Z1wkPKU
zHl<~_%jbfGv=g)j`zsdjm3q4)IeP{ki&Tfqn_`yqy>ffqMG!%W;9YHE8ZNU!x-Y8a
z^2@)MUK~z-S<>`*O_+glZcEurU<+VEv>FN>+9o)MqKVxv_HE7?#D-i-x2fP|RPoQc
zAmWf%@YJ#K$j)Sn!x?xY<A8Z&H7(!Ce-?u$rA5?A21iB*G}^Ao)SWk3GBT^f%wkQ9
zK6^Y>!z1vqww{(*vQ(>|I!G<Fsy`jtGOzS!M82UCFxF(DR^f^SPQ-;@E>&?RYFc?b
z+^fl9Gt?sc^yQt8PMBQuOt~D;PkFgysSBPA=oYnnbGfM)ZLCrm_oAt1Ly3G#xyACW
zp(^Wh#fG6$a!k87LJ$L3J>*wCDHQTRl-xPN<1eQOXR7_{G&RpTAuPVXv(2BzS^9EH
z3^ydEP(C1kIh66AO39E3uz^6V1_H5MF?`R4Pj-T>CzHygqr`%NUa(CbNTS^yaGv)e
z)GzHeIdfyj7ckiBUktYYX_>>^GRUlOnubJi)Hc&USP5z}35ASAjoC^(F_~+V*;VhM
z%|xubQ4=M>7XLu)4rzZBDE;VW04eNA)x9tlrB2*W(~2HpziW35ckaz3B#9!-eK>J4
zn*4TjWvG7DklzPxIYIg1S>1$ECRDr)&Bs|sc}xD=@8ME^^}7+Ocp9Il#*m6YyNtE5
z!K7W79f~1t>(#LAC|X?p0aO-=;P*=VP^|y8A^?#0G+1|nC<yi9FtQ-dq7z}y$4l`f
zbfJ;`9<Ic4>wX4h`W!RMBH`%eh+c7YYf>-EuykJFPr*be$tiS*l9Z^OW~n{CBTgSv
zd}Y=d1D7fAl$y&2RioomVyEstf&@l@#9@Lvx+&&=jh(I}H0(`mQPML&rh5b%+pa4(
z(kWwxeJL{^E+51<EGh3el24nnyNoVFk>?`|MiEdWg<blwShyJEIEl~)aU#cdX+OOz
zVynK_EH-PdwH-ia-agN-bT~=Ir{@Z63i?xdqgrb)a>G4>tOp+lh^p&ZXb*`Z*kH4?
zEgWW(`O_d}x1$E2hV2JApD2+|z!GkQ|NL)o4Ie)5^?VJbJrLs6M<T&yhKFVb(k77D
zy>DyNuSH6pLTO?w<Z9f(xx3Fs4>GvhzPj+}ew)`BB0T-4%*|@^f=w6&DHKAwB3t4_
zVNfDn70L0w)uO<O9uSyn;v;W9Yh!dfGyy1ib9lSKn1O%Q9BlJGxz~wbq$nh&iOs20
z<-Vf^JxlrUxu2Du17k9JHaH*GX?nlF+<bUI%zz2qn40Hy?_C8;gMtGBx|S^eZuY8+
z79HTZSQ2yp>?lH^>^}VLla4NSZ{4`5G?D1nmhbTw5=;GmxGb~L1=xf`@Iq~L*}9xt
z<Cfv<-hxwz-uHj@I%eib?UWUGZ^MQq)?aS8Lq(>Yg!k%S9?i(nsr9<8f!sLavqf7=
zuF={La^p+!1Z^!^Ctd?d?zafa?Pd%MLnW4@4Wm;1KdbeYXqzAM6Q_gMYEK^x)JYG?
zssb7hWsQn}{(<FT(?3CA9h1Cur|ENTb_fBt;$S^fKMXWJ#G^pjZ}V9k0EL)Vgc|Gi
zEKF~3TA9d8gxh$d{M#;;If|N96fAAXb{QkV8YPbz5ie!*rz{ucEI`^H9}BW#o6)l#
zrM;D#Vo4w9Uq=Wn_Ui_YL8|`%q+y1&<74496Cq>Q$3py^GQ;35+vI7KwLs%45_Z<F
z=4yv_5pcCVZbN5oTGJ+wu}uGbA}51@u3*+TMv9joSYM!qx=@50Dw@1KZnHtzG<(mx
zOY}2kchoz-<#VltdO`P4uBV}&*}(0TN0*zO6N5-6LN5EU56H>@cm58uFZIb`On*iv
zwsZ$_OX~3{NE$~E|2rgl)0M}UPUUseqR<UjR*9Y|*)XXT!Kr?sm$0j5X&kVsyN#S#
z#~~N+brNlWxkt-0RUwE{?x#o$Gi7W$<U%(Kb9X%SjXKXY3IZ~6D)FMo8_CCG7wR8;
zJ@g;5NIK9s$9$X8|Hz8Z+8bpz+%ZU%nhyXEa{Ve(p9}FK`=xR!PJ_<88}uXhtgFsB
zP2&-4h;2CO3D(~HS6(A-Xy@w0Gf9ACM0~K|B}s_86QnE7O_NHk@3yMu4`R^GSu}Gp
zuX3gdKQRQyuxw@m3j9yEweJjsgT&>22ji(7>Dkvzxq0jsr>}_tvt8Njd%Kl718h$4
zq~EtNiau{T(>_lGQ1vJ91ozzw5cgkqT4{*3edf8Dw}{>-?Q7TQw_o8U-E7&a_M(2w
zbmGmEy>*gJd??nQB2(RPw9VFPdBi*i>$;UyWkpw*n)hAMs8)BpiiPnn+QPxE!H`7n
zBs=+4+5r;Q(`!bC!ng*+wc1&Qe#GdyY>WPCWXjXG)@97;H0a6@WAX9H8u--hxLh;2
zo*ri46R`TPzA1hX9-#Zpf%0I4ROaPtBhuh<dC2kU8NMK|Y9hG>ST&nx=pq)Xm3{Vo
zj!O||Ivc5N?|KQ?i7`HIHy=8IKK8T#`{H7TIouPs1Scxdp>4m~s$3XkB)Lab-b(z;
zRpW4Gcqz#}{LBYS8{V`gbjz~K*0oCl9~s=j?Ft#T@{bYa<nSEbZ=n!IQe-IJ7^MV%
zRs6+>a-Nq9^{tb}k-FASxe%GE-mn;xdSVRA0!?h%Tgb6dbRecH2ZQ%jEzR%leWDC)
zWhyxb@n~~1>L?;iZRK`pHn5d($`*X+TydW_<=I0PNt;c<44PswQtaP%=UHxlo<A<v
z#`+lXSsYoE&<^r#{vEynOKH@58rm#$;@KQAwIbD}l%#oK;ojG~2Cy5vi{HrrpunU~
zK?yj}Jl0uoADKOTHphdjf<)6Z@AI|DIN5ZH_YPX^`{|h0&J5>jCmo#M@3OsNw71#!
zJl!{;!j*)X`E_&}v;yxuq^B6C(|B<WEmC{1sSvyJTbc2Rk9&<v^h&{{C=P9VLnZ`C
zM+rvHdNuy77rCTUGQN#wS1{WTscyu!7Bano73j_a`BHGzGBvz-^2YgGNpoH?HwK(q
zV&n7y=rpWV`|c@P^Flo~{Qw#dMlm3^?f{w`V3<O<=<^cr<ji%eR!W@2eE}ACHe*Uk
z+sFA;xL}7os6tM<({^k>X@g(>EcSXoEm5F|0Z%(&+xuKhU2x7sF`BP-NC=$E6Mz-H
z-}YDMz675LtgM&6$NLxoqV<J_{6mE)B;4*cBzC7MXVRE3Mp*wD8$}ot;P)Yd8al5D
zX=M^T>e6>V*WW$!nm8sw4G+jNcZS@sKw91s1jD;7oCHeLL7^_S{&(Es-OKJu7Fqqs
z%MVkOsQSfzZR)fd#CFWV^)R?=5hZ3p+S`1$+4HT=%=f%*USun1hp#{v7vo~H`_6O@
zfA&H!x(<MBMv9{(>&%&OJlz=g7u`i=aeFo}j)^XvTbG0ZCv8ti{GK%!o9B+Z*Z$w)
zx0JMp>*;;lfq>OR4!`A|u(MXa)ag@YDZ=5hZ_Hvf7R_uS3sJt?gW{Ze9%??<2O22r
z%coIn&_Zr)d9NKEv(+VD#aSjBE(_tWHnST={DR1A{-+>!W7ea4x?S!ss7bDJu~tXW
zxBx0qGMPl<|C*SRM0UYX#)_<?qzCuD(ET@xy?f6>jD+8!`e!I>KQ0ufuv@tppXx{I
zII4KF0u($r*e9w1nx*KpM&3^T7mmtD^GS!E|I43`>?w*tW_1x_zm3ra3b}jNsT~_;
zk3f7$c$CEvV)~HN@?qQxkcxxdr<;WU6T125Z?Y)GX--EaKQAgEqW%+}VlqeVRMEuU
zft8}$_wJs(cR@~&l8;GqPN+k}s-(r#1}C;XhZI!Xc$m|zgE`Z8agf}4td}X{ha3}p
zASB#s>0}6NaTeEw8+Pa>Gx~X&vwfpx4%iZrV5+W-+5%XK?W?ON{6D6yG9b#XX{(@w
zgoJb`lF}euA|TQY(%s#XH`3kRh?JCcEG^B_-Mw_j(tNAF@_c_`^~_FOGjq+HLlOL1
zKv6mO_|J2mCXEt1%`A0C(QZ=Zk>E4yGFl~F5~XbQeohun;^sx9vMmi2X|YVX-dl0S
zgQAR3fwCW`{fAUdYK2(W<B(60LWlK!d>=0Zl{CSHO~ihwlT;Vq%;jR(NjDAz7B<zd
zZBBNsWoX}<(TCU66E^_6o^x+J(X~a&xDyG)`^SfZY%y}y2u#g1glX!OS)S5+M?Vk#
z)XgT=K1c0jFckc}vr)BkcbcWU!SJVp-kanFJoabwvC+T&yfHS0uI3aFU4eABqa+x@
zay}}0R(eax+(~2hPO;g~X#W_^?tPim>ka?P4}NrJ?s-r0#fO0#DTK(<U_Oqxu6vg@
z9{;vQcR2cF2NW+w3y~N3oiFG`e#YqL714$koOD@{iZ-H*I6J?~-uA|6*%{}s8h5_a
z;!AugW5lnzDImh=B#X|8$+O#YL*gm`8=dIwnxGKsiN3+t6V+xZaxCXPG18E>Z!qcP
zCBdfaOCSj`!dL>_co8j6)Vew^`5p?1_HeXjW2`STJ9-GZp@GEhn>=-r<@}omjF4-N
z?=M-LWEt18xAp<buKsmz$j_%tTG&;i+UkspRvz#L8%XsYd(FB};2R&WY3Ns2&w%-n
zn+hW6BceW5#cUgPVGo_S#1(k8>aNSODd3$U1F=Ux82A@#{IDS05ECC(|FKzu5cU{+
z;XgNE$6!AR3^NF3hxe(C?W4jtjO^G48!gBi&@ot~TncLW4vaAH>Pmk8{l*UJz^iZn
zdt)aB&Bp{QaDL|-DolR%_D!s8)Te^-!_V*+RW;-i9>IpyV`qBo@u(*O>;T!R(M!m>
zZx~kKSX@`C14~xm!XS(n-Tuy*WwPq~P3lE(pCL&-KjRdOPxZhsST|{d0iW>+2eLh5
z#?$WDM^xDVwGrQmKMYeoYMA7r(cPWQT~6B4-Vn9Bm^^>fx|@zoBv!X!n!q80C{1Xd
z2$w(a<>-Pwp6LtRxNhumze*4|8A$FcJ!stCy?T8s>l2n%OulvVGs~UmbY88OiL!L0
zFW*n9t%xoPeyVj3y87hI;Ek;=%gJA132=vct&0tUpTo!DU9mDc&*48eDjDSEu~Xf(
z&k*s%<K!LmQ8h6lwn!C!D4GQ|Hf4j@1%dfS28I`%`L*wrjAJSmhY#3Agyp|J#$UX(
zQmFat{G{NTr!Xd5>g0;Qq)$lKBii%Ihj0gs0*2nk)E*}S(*B5luWR07(JxJiQ{Iy^
z38))rDPCaM`*kO!ib+hS8nP;LP8U)8f>PJJoe8^c9*Fd%3}Wygkc*ts*eigf9}CD=
z%~Icge<9Q>5Ot(^PtG7m1v$Geo#boYwsrtf?mK<HC%v(~u95bnpNVm?LGZw(wAz<2
zy{hVmT~@yfsqj5lrOOJd@MRysoPn3X3rM#VvM!<fj03h`7iEtx)W;ExYF?9&sVz(5
zDz}Y)@xNjnh<$c9tBYjm9p{#IkJ(9mpYyh4tC+6hKpy4II;i`i<N!0li_O+JLVW$w
z>-s}<<kUKClNI}_Ljm5I_`1Pom7FgcN^xW_3A9Lg@6yg>Y%b*|C6uKQGaV-yZ-VcW
zbHljWhi$o|T%*gZ&kS5K8Z%&(-1y{hvTd=!v17RpU_6i@u{Gz1^~1XAjR)V`&r9o0
zWezUg{g$w6z8|%_E<Y&#c^4N>`{2-z{cFFe_WkM(`qZ#gif}aHYZa#yxf-h7f#+q@
zDZ~e>Tt3#_tu#Y4`F#pL=&BTravnPCKQ4ZeZn0fJ2YeH5B-KFk`B%N9R#x(b)TDK(
zP8;=raHrbtf}-^}yDJDz+u2ro9G#Kx_6y@HtJ>akxn|}H=;{|T$Go3Nrsuakhh(lC
z8R}bpP|wz!(qaQUiyw=*Z+Jy(A6M)VU0Hs_54oVzud^QX-LT_X>15Xk)6Ldj-F@};
z?}oCz^ORtU&MGAjyRP$GSsr@RYlH|McHoQ~QHIjrnXgW5ZwHkjKfBC(m1$F5)hfQw
z?NaFJi}s=N=SHXKhYe>=)6zFPuM~AtH81n$6Aj<4mlk-zJssz`yviK832knvnW*;-
z@@{DVMAY(CWSgtY=yA-~k1!O0y(WgKGcpN#e&xv%iqkp6rGbV>E@=$b!617aLnmM$
zxWzWUDS^w@=p&LP5ygM;LB5&kdoCtB=lkjX6mbOnD8gc-PuH8rXWW6G-jAow61h?G
zdSEj_OXq<%$BpNnFDcjVL!1m3!{BB%)=5j)Z{+T_WCf=;>Pb%Hrn7CaBkHwp`uOqN
zg$^M0v`IJkdAkHXYlHBBp$cNcNgECwnE28V*9E-t3h^_})iU@*Zy-BqI>Wa2VPoU!
zZr6dDXM_C7?%AE>H1XL6>ob@{qPI!z#H)9bs0UXS+h4yCtLBXUa;`r*>MT}KLLIY{
zus?i+c+l6Np>EwY=YA1SFq?{EmA%nAMjY-Qlh*T|2!Le@^`50)`KMKJDExB?D5gYy
zSRHkdJG)@CtS+&3vPI};o#z41m#>=4?<jdV_x@X)A>ALc8W5|Tg(uBjDwQKm=fChL
z;@$r>w)4t8@kbCsz-Q9nuJK&@tGD-4U-la=avPOB93OM|OoJ#$I`*|JjyIgZDHZ_L
zg|kyLM9J?9Gg`77loQesBgp#4YCR#g!QfUJmVnIe@>-i;-Wy;A`fkM>$dh2T_N3LP
z$Ld5Kfw-&K_z!ehL#<F07nPg=Rzu=Xp8bx$25U@oCHBR|`UTQn(H^<)H=7`GR~a9d
zBNtBtq2FCoIRM~z^JU1_9Zar|C3mAs+a8mAUx!$E_6;sj8dC;gKCY2UXKzyue%;No
zNdN7VFf;8glfKrb5uIJ_;FlM{kzL;oSx-u8d}0hA_(_{NG*w8daJ-a_M%#Yvsx+y)
z5E_ZI#<ru^Dy4wO1?P5?Zxqk1>QmMUebqpqDo)T$Jtp|chNi3n&YX&8>W=e$tW{P-
z@U*@yQ)qocS;U?J6ABDAV0fXLdSyl)Gl)5ci_5y~U#HU+v>rQM%^F|V^viC*1*bEK
zSQPSP5KY?SUqd?5V$3s^V2^pm)@qCdTIJ{QI7H?8GG|;cX&XH#e~Qmp2#7~1Aq>YU
z@x80lJ~l7x9qe%~nrMWAj(?8NF36@5k3ee3v<2nyEOe5RtPza6^3@6LmwR^c{<zIr
z8z&xQNheXrOP4ofcgoQYhw<cdiEGaD6Q*Qlj?Y(Q-SMh8DG~$RoOu7a4eq{|?tqxi
z6g)2FZa4@yJZ<GzTe8K?)#?&skbG<=gv)ToTz;up(}=T1_4yvYTV;pkp235dWvbKx
zEADLD_US&l;bLD7#nbWqPYfCT;o(?DV{l6qJ3WE;ztO2@4Z<k^S-MFSI@I_3^Ej;P
zzRR%$Jy}3UHC&bX?z)BP1}}OfBilg4Z!H0T-Vki*=ebF=#}r_1?MDJNS3VU5hfB{-
zFaVMFxk^Ep6%|;|nu6vr%{ndZMlaN_p51-wXOIp}Q8^npwW2y8IodT^yh2iLbG_3H
zs^X6}^BTF4-Rl$0qFUj?&W)GYL%0;<xPFHgBj+4?eQFT<+p)slVNlrH#DZG^IhKI;
zJ$hx8&$We7hOnL;206I#7)KEsvhw$N@iK$>!lVB)<{l4q(h2E@9%@kREY`0eFumCY
zb+fAk+WqP*<D~K}{QcUsMu`*8_`cP>?|HV;6Gt3uOQUe~JY6GA{UIYot$O=pC4H(N
zLIsgAPvxp!1SP|b0WXioT;35`YdWH}nf1G~?=6ktJFb37Oq5K^az3exlg#i;<+iuk
z2EWd)AXC3Ol4KZxYkmO^X_p*0)91qKMrMRvm0wb|3V+P$_+VonyrHat)cY5XAE$Hl
z9{I6hFni%icRbSL9INHwfKTnrv)##=e9N6P?dt=)Xh|smP-CmjpCn#bM{aeDn$-v#
zR-GYIl(KId6JB4Ky;;3<rpyc#;&?}FJxnBH;~I9u7O{&jnLGLWQ3~<gK<`m=Scymt
z-$?m{#KrGWwd_=5iZu}5xgl^mi}<Cd?sLFYn$q6J^}mf*j2xj-uKU-nVdWBl2=<RQ
zd<?n3WkuoF{zAfXAcRk!nY$uKyQ>xSKRHv{S|LU;dvm>&cSvA{9C~HjtQ}a8^Gf<J
z|2_QB>z7TK0Wvx~%ErZ4Qrwck8$`SDwim}L$BA{-mOLF`q=ZkbTnGWn|Eit>Qj$3|
zl#ROp9nM|`43d1<#53oY9voYIAnF?7*V@C^%!6<8Tkn0vr+)0J&y$zGHZIAD_;L7?
zCWVaYm?~{r^1iYJv1&d}-4h7K<P#d1x4xGwa!WHqyPpnwWxYncBh^&{do}CL_gdJH
zqQ-apd35PIW2e^;@LlVDW;%{0P#aUneQE{Eim!<>VObGi@%3pk;G9CA1JfQyy72lg
zM60&wO|BRHyrip!BY{un+Ue-1<9_H3e0|VVVA9ue_wG~WzpfK>y5o=jm7@P-M=ECC
zaHY>mx>_F%g-XcjYOIy$74^rT<xP8QlP>i8ISDnJVMdM)k7v8~)NTtFzRbm$Z!Ja~
z0&r4Y##a_A7Yd87FpG*gSoYr+(8Ljp^6f9}I9>{28)*%8xbSTY9!)VNP5jNBdT`P^
zb)3Z;n3Y;OJQzfROq@QEkIB$K<AhKsq{KVcr*g3`RgyfU1wEmF3Hy7YN)p3_U{oqH
zX9EjPg!wm%{bFTb$<TX%sTTAO<mBC!4bAZ^{B~qsPWKdGJgR+ngL6)F{@wmY%yQFx
zM2)j``0P|UU$gk_s3q42nwJajojEBTgtsvar{BKs+OM;x;>LXMT_jf)tcgCootQYt
zUx$VMEmNaP5PKTBtZ&YYg(Pdfv6H}~YmSp<aKhz(&5HtcL75W;pwm}cpT0!mA~%N;
zMJY;?Z+=j(A7bf&yC(P^u*^?QUlyxJQy~tQ0bSxhNLu1A(HhuzgTyznkr3&*Tf-Hx
zY1aX0CKXykDP@}c>hoBwJ&Mw;5(B_3Tfd~G`pW!=Dr2_zr;<gerX@qRnv~0v;<K(-
z<dyu+f7lS$HxJMNXS|+T>txBI@)Y6_{@SpaUk;?P@t?)ZVpVg#nz}h;KqVbWRTzzD
zq5?_GXC!0=&SyiHeQU*&CDzU1GjknwqFfHXhgMrpzQKa~zIK<Hw<(pdAp11-tW41o
zA5_77-o<tTCP?GJzxLTvb%^et#k)RXI^STPBAq{16A_~Wj=j-99WFEmuQtf&PHpC(
zjV(09pc>|LgdB=^c{)R7)1^I<^9??%^RDqe7dLWHm+Lj=v&dU^$pCO`2yBn%X5zH6
zesZXs>uZw&M_1KcakF_0Y3M;gMSO0B=kRB!G296|aISt%Dlm%Ke2Hm?>OY-$yh`9Y
zFd4%oFqIC#G~*t|C4g@4N%HHG!f@-VDFrc3wB&I9GkWElEyQ|r_Q4%D+P$XE)c^ES
z>Xr)AODaq+8|Dm#bDy;%in{i9FcQY?7D%Ghr3W_oXEg1l_RPMFgcYS1UYXGLXMnC3
zj2Z7PPDk%HruS>7hlJgpv#;;6cL7VJlSaHu87OzH6Lj1?Ms|{CE{WSGct02ee~~$3
ziRQNrSD0?al7)Yuc*~b}POKX1S5BpV&NTj@ADv^8ahQI_VfsmOH;Av94uKGSSUQr3
z?kLN6*21m9HE*gt+I=NcCE$?2pj2439}^Iw*Kf+jjdtC!uLMXg+V*o!Qpi9KblhOB
zX-^9|-~}(bpa8fOTG;C%G<J;N#x|qNo7U~K4DkJXk;F?YtpnT=n|($wC1~PV3g6k7
zM>L<L2Q{y5ug~>jlkQAJjZe+@Vtdxi6g027&Y$*K?;kAQo7ONY3}<Lkg}5qJ;7jMN
z^}fWocEv8a1DY21ce3hwjy|ng-_mF~;ua1Uf1-Tyu4Z^g_1pvXU}G^Q;MDra0<*dX
zm#6CB<5X!4tufS26p1_q;?>Fv*{x;ta=Yw_CAR4Q7Gq%xr{Gj<5JHGzNTsO?kzNiO
zIXji*kBtkQ&wMcgjl-f8REj@;!$Xq0n_1Z|ADjbz3!tuij3|f6Uk;OhrL$YuT4S!3
zT$||HRF-itF1xYhN^LuuL6sS_I0N~`S2|9)ND{WXlXw_ORla%xATnNcVc1H@<)%EF
z3X4GE-cS2^M0H~SlPyHL9G~>WzSw}3|JNXmDs?k#*7su$*AwFz8AF3Oc6ezlxRL3o
zg@^<=v6ofTqv?=0ijxjIfL?IjCtYxrXmws_97T1Ks)vnV?B-?ZwsB>~1FmTcw<Y?1
zmUoLJ=su4Qe`OJ0GZuhGf{>mVsV)`~DaI<g0?lugXIJme(ljRTjjX=<x9n}Hr~5wN
zhf7V;y@)~LnMxO-Qho9)mfta&LMK%mXNet<b0`j>O-*!~T>TXMg+$~-y-VbUpqBWe
z^zcRE&j%wT;_<Z&0F-Uvg$d8`vXMY1k5@5U!f7oAu5OP~xIasuHKb~4TJFIimCQuA
zDO7hZZerqzb50*#I{K@|<g8vDoU##Ln&-k!PWKjb8(Q4A1b5jMb8qayuCEbU48lye
z(CM2Rfy9;ZdX0CmwD+y8@UkoadZ;sOS6M~)D<Nf*z~Jp%6VieH2Q+aBx}49wMI$Y<
zd>>#keSpbya&GcrzoCZl@!FIOoY7;AI#-NlXR%SZSCfa#rypi!APUVFH;}=M{#LwS
z;OT2<!rsEQgc`1ervqS2`IL0Q>E05`16ixZ<=TMueE%zuXV>@C2r-yI>kT6cCsR;g
zLcg3tkD0^_p2wOE``kgtIoWogMP{0ZKwN^7&};}`(ZB-n(&HVCvk=zuB;fwUzu7ld
zzd3BHLMey+JT&@XiXho-ej#>oQzEv4u?Fy6+T@-cxbDb%sTtc;j5hBB4$W+ek@JkJ
z;FzAxKp=FBaXOVwaoxV&DmcCA`APgoSxsF(HEE~a2V0!P<kk#{D813vcEo_JuEQv8
zB$_nx(uVJnPp-`}B6N8k638M{hvz;?hX<BGpxL@SozR39r`;N6AO((x5c@WqUb4}n
z;&Vn5TW3FbnS&J}Z`3w8GL`ToiDY>T0zcPN;6W^G#W8z!Ze%Dun8rJ%)njITPTsU5
z_O+-qMVt1z4Cd}`bGV$i43sBsKlxz(@An*haGAJxg6}y94apBYt9(WC{mqSd#7j&W
zbgb{l8UhLF+E-2hd`s62$-j&vSi5=TcE@_;rqQTTi`Rd^yu5<x8A0E0^U`>437Lax
z|9*u78>w!Q)HKgV#KMXOU4HO3WFC6uRC{cqjO$2*5ip*X-1xb)X@nu0N!v)d<Xrn&
zKw9DH{NZ#$;ZBBjzm|L7!i^KzD2XpaHOr?g-Vy-)m81?)q?^4%agjjMQ{OOHlA`~p
zgEQ1cmpS;;%Qll}@(433Ay$qjgNLl-w3*`Tj}L56zV#V}<?F<!zW+cl5Q7hA2%yA?
zEKCT&$X0z%`B9_oN%>+Y3Jnf0r4O$#mD+ufI%jX{%mm1og06a1&OGiTm+Z5efWfAy
zpq*c*(Aith95+u;HuGgy6&ANE%LM{q#U^=5HuJ@X{^6i;i@?^?AVRJ(*(^Ih0d$A^
z1OF(*oa0|iwu(ePex4|If~G+^*b+%f1f2B<cb9|kceZDC;UuVc%;8PGH~P(}+lO6-
z+u4P*rxwjc){);5xE2zGw`!b4fQ$vI%i5=2PAoe3cZFx${teb<4Fh*b^^T#~b_WQT
zj{p`~M0J=X>ewysvm(BJ$astlrwTKCeVal!)y-7W4)s#M$ZmJLGua}NEbKF{A8d)e
z`PlD{^|2q!me_cj?&m9>^ysk(xb2T~DH#eFRhr;#S?5uKKEm-=E*UjDO1jS(V6hRv
zG1B9v#x+$;{r=`iOy=fbGc0ZkY8tb&!25$3eTqIzRiK1zY9vNg;7?IQ7pB^*T&|j|
zd&{dNQXYzo5wAt=J~&G3CM)~_r|$TcS7muF{Y_U_(SON1$E_#>Rx|%DYPN<u096TA
zww(Hmm`gKMHz+eldsB}*$c@xiU>CY)>qILREah{$)udrr-IX#s4G`BLOs|c78)&!|
zo8KEfQrkYaK4qNLa8w#7QFg1#!>TWMyUFUo!B*nr|E8RWM96cFuqEoopc9?lXjqK>
zmwsnyoQ3}eLugn`uaYhKH|pGWV9t{UQ#4|2H4~9G3El<MyN=7~=3jD3BjDd;_H1Qk
z_S9$$UGBo&Kp7lw$4|d~AF<tBH{*W`<*8E})jS9&z5~pA_a+Z2&UiJO-P5>Fq-n6;
zIk8rdPdXhE<~-_kn~B9rurKz#b!AEd`xL`myaOV8H716Wk^zXbr*z%%mhfWKMUnit
z7NLt~N@xq)C|O15nLFA`vV)U^Jh;|WgDB+bpfCjHTI{5nsa0GGSTT4pxBNOI193ao
zb-GUZ3H-ZjW(o>dlhZ&EI4R@J-m>|uRbPU^EoGIbLbpN9+~8fk=F6H29!mjDO{L*5
zl6c?^PwB2_R|5$Y$Cw@B-P1tw2jIfH8nnDz8oid!yhlQmmXy5NPyMtzvm&kX@8z&Z
z!ft}kPxfG+c>s>Dt8NWihms8>u#)UzxI?vzmCZJsG-f<}Z-CU6-jYKy!4jRp*?*n`
zW64Rv&C*p;hSv3+g-X9apm}t=zFQ~{g}}FbbkjC}$MTuB;NFjYSMnR!HTu0kr5w=D
zK8tApdd}3*)rdkcix7jsKa~ip8b3Vxc=06k@F_~$<O=uL;!ck{1{Ik!GEM4RI=De3
zlZXY9CroV*$>GHlS48bYNko|2;Xe6@Yb^9gVN~7nEeN>mdgPvY%2Vx-fO7xQ8B*Uo
zInd<Rtv_uvw-vF-{N+uuKwjr*g)WZWsL{dCYa#_Vjg!H%^Oyp@-?@CcD7>H%=KpC~
z=W1gghqOTHojmE0F8D#b89Y`m*DJ@ZYPfUH|G5)t(L(mQxAC|0T34>Z2!;W*GzmEX
zp_t!)`j_&C_<@><b)IC2tNqp8duv6;f)tH2Xnls(ZOsoML64*}xEK!qR#Ya%uBsR3
zGciHje{@h38dU!X%ki<$Se0;Srj(QAdN+o=pLp#_OVAwCH$Ep&9JAbm3Ut;<<ZyYh
z<Y4(x)y2VfqBnubaTk~r#B$7?n>E^-3oT9|uad&NoZn92r9Rp*JE;Ql+T$s=`Uh{6
z?W^E-OOW3kceWEw*4pzO8*HLh8^c11P=AxYWk|i{y*2%_Hzo-h5iOc3?dkiliFgu1
z2}hok9Vm?X^x3~wLT8oa6o(h<v~#>~`ip}tTJ*9Rz-_%+Msqlj{%zUJRC+j-@2yY3
z0vj8&i;9xsqgNeAiN}UJAHK)m=4BGk<2ln64%21|>4w#2d=_<ZCZ^|7?T7lWRMDUP
z4AWz^6lXZVPePj>Lgu1Apy}zLZxbwJnn*NL&(0_g2~}!O*tjWvDGl*ZRL}zTZ+5Q(
zVp#gOR4TBXl1iC-JK2s?OR0WY{7Ish1ivgE`%gc4W@P@AO%O5kFejb2@8_xTnu|0Z
zHU<WhleT^$>O(;^$(Km~g)%V=RuG-N(P8hLl$4rt<$`()wWLr?NRoO~MRO4H@oBv@
zI=hx8cDmA@9a8}!xPQ7{wJWT`{%E;(PYc1HGP=5>MU8gaqVJKptwulJRze%Sxb{Vs
z3S!cRU*NAPsV7OeL2&i@C`AunbE+Dl=;<JQ5$tPLd%*wfoH{R`)u~(23~*;qeW}tD
zSFa6Q`7SsqolTie3DW>3r56Sl=JNaN3>*M`kRHl+TPdE&moi2pe_D`}cSa*>JrGlW
zu@j{vutY&+UPvN)se9C#F2lDe8avg3pYMMn8;$()>NHpGU1rl|R%TNeNan#nlDB`n
z{Yx^fboyNYT@%T{Y%6<3SijPgg~^%I&pu0Ai{qiB(2B+ehdLL#nl7Mt97mFib<#+v
z#S}~C!=uS7*4M96!G*2oux<?VN#<!m4BhJ`#quFqTlp(Na*>sfeus_Zm||O;diyx#
zC^?GZ`lMk2i7Nk9%8&W9=-nx`U`BZUSn{Yw-O~3ZwPy#808f>XfEZA>>kbSkiNshq
z4Hs=LRAm6)?bJ1stts162`2aLr8B?<e@=!tfD8N*6`tcuOVMxy5mDjh;MTS=ejkIo
zpvI_+Y0m-cQyuL_iU)GBJrsC(P|m8uBu+M1fwv`TJFu0o7NakK1Y#PP(8+vf&l@_@
zHVWThY~1@;g5sQ2HU13eyv{_&8DNHhYdh2Ij||38{zMe6{uo_*zG`=-k%;`udY=Ii
zk`DWM?SQyXu_WaxF6sF!iLiSp)0&}jtPdySLS-uslVn+8CwI`ja$4v}AP<5a{h4XC
z_m&3gh?bD{jo7@NUdbb7CtD1|^gOT1jYdL4G;wz<tOtfa9+Et>U$C{3U3htMoo31v
zWMmp0*it29|1`u96Uo@B=>B08Ic4l7(t@d%4s7*@hHHWDT3p{EMLtvh_?9xf7v3q1
z|F7)$n(Zd6dLb!{56c85@o+o`n-U|<Wf|~XuJFP}MDv+hdm_^Pe)QMVAs(plymP?(
zx$DFo1~JvJ!jY!OukFDKy<&s3p)=iZD`!@t-r8sS95VjBI=@*PdshG64=8bdD2h04
zCC8fUrW`y^bIbz$Qv2$<Lt2t(7h|L?v?<Y<6(8_s2|}WX!;hudIez_~Zgw90@_;hl
ziG#JH&asjiT9}?DYA*|@dRW`hKx;0Q_qTVjxB1NXW{JCp-R(Ah8Oa1Rwj|?G_SVMh
zBFI2`{>s1v>G=ST@k5cBNPLGOB6e#lPaPFd_vRZ*#Qdv6A<?fcERddmk%3Ayx7yQY
zywU^1dj$Iqd<51GE`*4lbf<|{$){mHXQFJ+RROzVrvQ(}o16fodLOMFmr9brMXO1}
z+l}KdQww4h5mEx~?6V`cLU)PNAvGEIT-TE+znZ&F02eN|lRcwzv3X19MbbNP>Q3%`
zFyvluunAiaJIqav=mn*Z$)7g(DLl$IKRn^*_%G<e`q~AV*m0zBZO(nd?Y2dtThemC
zvz+WF+TLDXg75zMlaJRB+;E%mli^y|I<J<O#!sFoq&`P<KW3wR724M}QMZ^lx2C}w
z)kYW3b_=yo8c#0{*wln{XcV87vLfFZ<{BRd%*JscQ-W?RHF*mTtbYJsok02@!rV|T
zpgrz?5zeX0T`lmkGIALhjb{23o8U{9Uic|u>Fm{eoFFQ1roi616qT2sDv9*?|3lY(
zK7LqW^TPtWf=4B_?AlP4;9Bl8sKP<bBer56x;2VsM>~<x$aTSdow=4g!oVg_LbaT-
zC#at5b#Ul8<g0)y(=p!GQ~Or}hR#|T#%ciIC9|xI!M^qrzf*U<;D|ZdwYTEJ_z=Nm
zF~(D@CB4wX2av6;4Jh;*^eu#eECVE%m7ytAPG6u`EI6ma$;ixgHW?SCTYW*%d8ICS
zZ@lw#qnx;z!!q+b-Rvsl&?aQ%jN{f&fXE&TlSKIlR&X&9UYm1Pu(AXAMt^hL5uTAb
zMan9EB0ahxgM<upq8!Ed;HBRu%=JJPv|mie-uZ~TU0gya760Vnc61-}nf_+%JzeXH
z-&N5u$dgVxz?ptat<l`CbXb-gCq7@ZV;pOmb=kgH?iQmV7EzbN8@S%w&%bZHC_nE!
z`g$)QR{=n{QzNX8@hmKjO!2T#Uf;%AsJEJtu%@ZG|FwNJ`YfY1-3`~ln<p8iw6zlk
z$$Bo-9^2$0>oOFxvV6xO@8ihO?B;tAf~wuuT<Y_j?M3V5NJP%1`P&W&9uQ&O?NIGh
z@{j;l@n1^Ff7jGhzDcIPyU^&?2-5_PDIAkA%U&xK6yB|l${3yB&K_uk2ia8OQGm*{
zyqbHlu}~I3*}WLLwpn5{wk(Qgva0nM?J&EClkiWjT<GFd_qDAKY@Ie(S?ev}6+}>Q
zaAx#~0*RPP=dQVE4b@?Tpv(jRVZtrR01hA40IUXaxsNsgOjQzIHbVrEr#Lry+0d*(
z4t#6^vR2>E-Y)hKbH(zr%&Qxf(<P;ZOOX$GvfrCe%>RfZF-p9lpIsdYMr|N{w>H)`
zYFcf=(*JDscfT0K+>fK1Os{8B9dC_MwjqE1P9=!kfk>`hI(5)c1O#!y(og=+rQ7*{
zWO`T1WSCF0GApFA9#M3ZPOnf=NheFs?Qh#|jS_V3d4f2wFqEuI<rwEvnYO~?hOApP
z489Y4^1i?p#dB>Q1lT}YNe=Y${U7_K0_#8i$ZT5Q^#o}?|DmBGEW_bAv-+5Fd1~<}
z=?hbm-yc__C(*$viL*HJ(p^^j0DL4D*+LeOwu?&8Wk_9sfcRj)eV}+=k(_?6-Aww-
zS)#>2!qids#YXJN{4P6H;-ux}-LjL=IfU#gV)o$DN{OB3Rc{QPc`W@mAa6V59DT`8
zG&a@N*wgvE{~Ynee)r%^5+zY`=udLRfnyTH)%9l3L*!Ng-mYJMrTYF&s31Kda4N!H
zH@a1pA+hB#oSWp(KTjuU_aYI*<--z$RjwUg5-(~C`+~JkNc}Xs+;-{nvRB?$JQhHF
zoF_VJYF~0^Ki35HIZsP=cO8LQ#Q@=tReG2WaCN&G^j?A5QF+DJ$i<U3zc%B>eZXk~
zsE*0##PdQilh&MK^t&IvdCMAKH-jr>H;mk3y`+ep8#nAIy^QcSI*_c3NYV44BQ>;|
zrz&h#aZEpf%>2?aTK6GoPFZQRy%X5U;J*I4h@R|fcCy7a_pN91FP+8SwW;AdTo)*~
zp&^iZ?TW`}pfQ{y8Vl@*iIh<v%erc5)nm@t;pjU2Cjx}e0VaY2OoWO{irv}2BCvFm
zw>s=*pVW?5CGqwU3iZGp2>1pW{VLvS1X<6pbw}1aNV&KPnK`ot&)?u>>jPQFU;+H^
ze?jI3?|TT-CtT)NX;=lHIt|Gn@<6{|sRm24ogbH<bimMaQvqZw-N^q$xZ#V0i4gf)
z3-=V{f3z^Y@@t+8w2>qZc3iXebeq)TFq8h3xDyIO<=}i{z0adqF`h-cFc)>+l{c;C
zp<qrdFmYDB@bP{|d&p<a^L!SxtIHe_ygmHORdaA(3eYn)ijUah-FG~K%o}i{SHl|h
z>LIVK2IX?UXZ{1(?O1hKUEY{7h>K#p7`S2-;Nf%LV2GAUv&ic<hllo4&}4JiWter?
z1;%xl=mckQRk}KgEt}u@{7j;*CCHUJOo?i1pTo|x<UTufc*2-0x%9WnGm`|CVAahy
z%2(0n&Vox~axcq7>%Kc^lWvr3($9Sz=BGUTm(0`Zx%V-?9I;}2(P+H?;${eXc0sQ_
zv}>&jD=XHmSc#z~qm$};;5h4Dje{Y+-R2sQy#jPmh7|VlV~L0{5uwbp%|F$(E!}VS
zx1%gC+R#(0v<-;!J}!7J@HQv1DIsLxZK_8xU*{v@2k6vyd!%_I`G{DB(TPssFo36e
z4+8tU;r%?6a76WPskD+<$LAr@q@dZhoz|WbY5Evz^qPvs33Ka+!EGFU#BlRzE(Dp*
zrN5H}rcPKoYwbXJhMUinHz(sAEwIJU0UU0T$ZIFYvMkSq85&TTz&`O1cAT{VtsR5D
zt+r=+2&_*<xf2Wg91rs)M5BC?+R!D;@}9AG<^&z1A8_*IuQ*j`T3dr1S5UDOCXeLA
zXJ0JcX5!~brw_Ds#He!q>6KGMRcrAoY?yzwDV_9YrOJ3`a`I6D3~*6h>9peFR6^4R
zdQ{as_!Tz)2>EBy`(-vqtYtPDjZ;06tx?iOX1Zy-kY{q62Dv|N?b1X)L?k;Gs~=3-
zRb<>&jcES-VOwqKXtryWb-ga>IXgiOj<QqizMbSl1s#NU(BB^1IyGyrn={RHIuK6U
z)k0t$&n)n#tUKW_nuWDI*8Y~}F3N(DDTfq>{^G&%wYJfPEZ`v9ifh6O%Ll3M_RB0`
zQdz>JT7*e;2b1cSFW5@x&ImcCxu=H1OhQzATN2YTzH_=!V{aRd%HdJfl$Cfvv351%
z{8PB9%jy|R4jT!c&MyR$4S@apsR8f5W}272^NSjI$&}vzZJ@#^oRz?fAVt4GK1SOV
zp1xgn*gtr1j4-z^YB!Q!U^%s#S;6LeSd!Xj!idLXnPEw72Kp-M6+gzpFR)bOdFrR#
z0LHDWMGfLR`Til0SnJhDkz`>r#eBk{HLLMmFL1LsDQ&`Dl-BOC?rVE3N`G*7=$lIb
zT4w&y*@(DbMdf4mr;MB?_Az6AHm>(f(HytrDTaBQj2=a_JY}1Pz~>8+$L6pCPximG
zw$CR^?@1{eR){;BM#DL>FG*iCpLE=Odz3rf)pU2A-jHk+f#68_gz4-S5L55D{b6)4
zIji9eDTsE>Oe=KFu5V({t;i|@FCu>03h=+4-wv<;Vy_@RxjYMe?bmESTbNkzvbvs@
z7D#jg_wM=ozq}H#wlYqE<kyps6PY~I87N9N@7dcJ)t79sC0(Ag(Per3Cl9FKw7_eG
zBGo3oUYap<5Ts5$^Z+uB724x;m-SwD2)9kIB2X^<3wYEO(Fm`Qj3BSo?T#ZK+E3&h
zjwRMLgts-ffz_Zo*D1udDxcX`gsqJpt|t+p{uhw&kyc%H5EpY+C*MIT7ZsM-9|j=_
z3(Jg|a!k)()*M4oFh4mxx{HFsT-nus|D%Y#b}%rXnkf6wyfPU_$ij}4g&hf5Lk?%7
zQb0GCE+J0kN;>Z6^Jmv~Qq@}1<VilDLx~2l!?wA&Vn-pVGs!+kgHx_7ntv;hVrI<=
zadvf92i4~Z6HvlSuHwo#7F<YhHsr}m5bT!^m5|O3i6#ypfTh_v9%9-5lE~aVmt<ms
z*U+ejRbl@`ddsB(Jh_;XBDI}f<NPs|C{0tdk%Bg2?zU|gZ!*<BJq;ZG7erOT;V=xX
z&^WL5zrwD}qQ7}N=%;A-3hei>|0Rvnpq>-TKZ2ydIEI8Lo)?R!bNo499}dx$Y6(Cx
zP_Y~EIDNg>gPgpmC)4DWW$)aFSSkwh>^|@QMp6HDtD9MO_xff@8LzGS<?|coyGCc}
zwG%ZG>gjrqE4P^<EOmSOk6Y8xJr4L5;BPT>>HZ^m(&b;SV4Q&=DnMppo?=BrCoE4X
zo*2s*d(`2)H%){oneY$f0D>>|q6rj(!U?u#)d1XVvF5eK0loU5lC#951u(Vs8iM-s
z!Vqb8YS5QxAl9vBzG`*^9U3<5f95(*p%TxwC6$23chkMQpMRS{yRVlGpKYWuo0&jm
zZ}gKHHiU7(w>Lt9fHD19&C%?{F;tppZ&-r2p0$0r&*tl<+0)+!;O&hbkVR|X)~JWo
z)<~l<yAiBwtl#La`h@+Q^)(~wdSt>@C!D>Esxvbuy=+Y&)S{8TDH#;GxfwUjMT=bD
zd-(qOxJa6t(tYxPWQhz;+n(GbeX}|BR%)gsIiEj66=a={^sS+4ZA@nUK?8LpDTAgb
zJa4IiNi#B6D(<~P*lWdO53c|1eT1AudXU`eHZk$j+H=RE$?-Zu&eEyiS|+9=aru%t
zP=H&6q6-01a!^g`d@*|=&)z|dVVUb_VWhdC(UN#vzD(CAf=SLzNRKeVZ>v~Xbqd4U
ztvN7;sRJTwmdF9`#Og`Ay`LoTmf-v7Yj9%j>iKC866FJ{ggQ6(W+d8}Y^2sz6qIDX
zXu_c#?-gc=U<dQf&=ipBMf|6C_1=p8cRRIgDhVZl%G2Arp+(kwg(ox_jk27rp#+nk
zHn)4c{+?da>80lVxXSnOSTfve@gd8lHuRf7dD_c1A^_1A>^tXK&E4wtAGj8}d8r*s
zdJ(7`n5fwA5$<jG$^R(Z!~3pVrk+{=uiDU8Zc`g4oKif_VfwQo<||0m%Dj}v{0o*H
zXt(JQ9BE!<7rmZSM=An%Pxse_q%WdtEx%)DvPRJVWsr>edlXSU<z-q8KWc#_1XQqz
zN{S1*B%IOl%YJYzA?XnyVlHFdM9Q6hu!f#cgb~adM!&5=2(yN=>uh$z?(lNChJ}TM
zq{HVM-3Vlj57kcP{2;z<)!W@qb=VF-6HR|u2cgR(xo*=PjObjnaxT0txxG{J;J|XN
z%LSpLuDyjW8XE!fi}S!l$y5qylfeFdjoaB(Ey7*bdjcrQ(0z>QyFV=RO@wJB{HO_%
zP&Q2sb#&&bh{h0udMqay<C=z|E{3mQYW}OA2jvurA0Ke+5Qz8)llUV{;ys|mBjWJh
zP;6!@{_~VFHtNSnv*%|X=lyemdLPd#ft_lV`W<Tqj>`5&_EQd}`xNv>PEaz>g<|#&
zanS_V!y&=4v+mW`B0K1HTBkx+*7_0HiQ%gY7$1XsOo;xtR@9ShTcnSxn9st@t-14J
zE#HM?x`UN4LKbKehDd0b2p$OV7c{OW8po0*L@EcHpIWO9FrvH*fZz~p4T+)cM}6H&
zS285I@H1_(_F}Uje4^bdzRmh~F@9yLU~Nky()C$x&dsO}Xvvqx&B?i%&!TYl*)!&;
zcc$p@F}KBa!bz{Z&$g{ZNL}q4`gXF*v12F9#jz(n>Q&AIy<2(rPg(+5l6wC};y0bQ
zusIZlU)J#q3LxtpJ%E@IEwJGtAG{z)aNSx5ui)~42pBn{>o9Oyw>=9Fr`EV8!H{DB
z<;Gbe1yf6M#o)*bBscjZ5zG^&tvs4(Z8p4r-L#2luK@QLLfw!m7w*g_a9J+TvkbO!
z7;avJCcNw2#36O6th#`lh$4$z`$QY6s{<+X{_ouAT3Se<dQ3Qyxwks{Fsd!&Y2vv#
zg*u&%Ni%y*?5m>pyas{$XdS{M6<tpxum52uchJ+Lo3H2D01*DUWrBwV=WuT)HD)+H
znI7@bvLFm`V!dSg7<P>t7c}k><NpNyX*B^Bwz5Np`m{#3q?0Eis?n${u*uabVXsi3
zS}~WbV0A{ediPn0mXC6psKq90q1q&3YX7=;-%d7M+M4Z4nrE!eBDQ{O?&kORUtxXS
zcT%{g@%)Y>5nuIQsY-9YGl_b2{2ra4SGYY^O3h{dG4YPKp?VpGtj@pLEIe`^E_FJ>
zYl9tPV(QxSFeGdZK)v=oGo||cRG-%LOlL>PID}k-XibH!VW+ANyPia66S-#I@}TaA
z$>Z-F^3y36+)u-iBZUnXH#8Izk>9NRW~p&rz6zZZtIls}38Xh857fy#9WLvpiE=n_
zM-N1P@v;43MvZL6_?8zvw0nYw`>o9$A=b;<Y8yaKmmsJ+J{u>ca=3AJcG8u=ro3f{
zL26SVv*4H636qP7%;O{_c<xWy3Syd$6(6kfgF9~>&t159iuT8Lp9+TduXNgaWI7J0
zmhsEi`vjaxo4a1Nnx}mX?CCj`91g;G;vEdL=ZhDLyX5M=I`2Dhv@wN+5Hm0hAhEA1
zoRfj><f-c7DT3Fp@&o@4u!RvzabKq+DE?N`>yJLc#$@o5I1C>oeXytPtko%#*k3kn
zG3hY)&)nm2oZ>>AD2j2;OT!B|=#v#%>{RAT(0*_ZmF|dCY<@y2+1d|+`^hbgH=UbN
zaitiHQS*CdR45c&7Gt5jLEYJlbPRl`tB0yI9j<F2;kTCsVlJLZOrmB_)hi4uTU2p>
z$NS&<UEwufp#XXZOm#Ec*)*N3${RCnsvZQb-SOt<)ZLqA+3K>D^IVp6MCcVfm(cC~
zFDlj;V;~$zksxE9*2d{Rty%&Cf)tnI+1fj|+)ZJXKO&U)W9tJ{(;EG<p*cK*K0gtK
zV+-HQ+`x%;yS#kPc<xOGTLG(Cq<~4{$o3$K3Id<X|0EgzElEieqRv`M%N$al@}U>a
zJl`C&ng>%OGvKm612y;VSHahCls)uqu?8*+NkF-0yk3=1mJp7w$F1$<S*2jaOF+xP
z@lKL35n50A^xG3(-02z~+?Tn>A+^6(I7FUyGde}nzh%1lrhp^;D(wR}`#q92MO>hV
zXz(}c-dExc)ZpUji<#hJxyQ#Lf0qUY6%pO!bg`RZLEg1s>1UkXDl*wo-f=Goe}5Z}
zQ-Zvsy;LapvQfsqzj=2fA_LfMGD60*5yp2P%N_G5j}Dj!8k4gAUiT)K*Gil$dP^O0
zHkiJT`9$DDV&wgV@eOAjRr{W5Wpn_}C4Z9n?rDCf{86c92YcU#HJewek*iE-^ExDm
zHIgPz1&&2lsKRaZ8GASEw=Sd3BIVS}#>-!D{oVUQr6W9}<3Z*E+<grh>#ySI`8&%4
zc|j!5^1b4cspdCct&8OJVYja*yXrYgl3MlLoJE}l*Z@i6=gI4pPV$yGiz@jXeqN;a
z(}T6nZ&w3mD@<|<_Wkg5sHW%obiC|gm$1A_z9E|C@Ev1Di7FMi&GVv3Y*D2fOD+Gl
zCu94gzn%raK|A@N;cbsdm$h>F2O1@h7-(dMDb@>O)KMzxXT!oC{WQPhG1%e~s>sja
z0!jF6JE?;1ej1O+u1<I^H6P<wNOx@5xZxDP8!w9dxkH|!ir>bdA}=EN4WZMppntnA
ztDE)~UEs$`{^?E2V5>MD`R>pEt-hgxlTX0_ckoX)Usc9>sW^JiELDsw$9^E-#K=&b
z!)RP{M{Ub#01dEA5h-2u$EiDq^7u4v#S=<-j@r*t{+fi53|C>M)`e1*ViJ0FVm0IU
z%vUH-<H^&7RrJHJ_Z?|R_lgE+u$U89xJ56hmoC4|$l8u3V@P8<6*2Xn5!(uB2nG0}
z;O$kn?l%TK7WaWq<GTODO764f(d_M1ImP)e_x5MZcN@Xlko(aYnVUiW+I}rJb~KwR
zjT(e6N*?odB*p@Cer#fvJE2ET_ieZrE&K$UZ*-BR?HOSNZ5(BNP4U#qf^vB+RPpL4
z$#yH=C0`E%!Ee8UxL1v^7VsPLaHYQO4Z|GV*Fwm)ddPhHds$Wk)MI-X`|B-KosFvn
zl?-(#1Nts(`3GaA`U|OPZ1z<Svm@9}Rz`NYcl<+j7ggzGxHZJ_ABoGCC*3MG!hR?R
zs8-D`BxQ_uz$R4K1lN5neC4c3A7E5iCG7G%YmPN~z%_8&+~`@1@Cnpk2s)p+Q0X||
zKhvdBX}@V|nvJiFJ9Kq)ZXVUu>b{QK40D11Ds&p){OuC*?GClE`rVcSw50lT+ao(A
z%=nz|^A(?7wv`%?txRR}OwZ>hBkXGoV(yl~!`VH2r?T$|-CWs^>O|Wy(W3P9dcMS4
z0vdFJhhuEl`R3w2(B;GfnNL&px_$+R`XcHx#5dIo3qxZ|%Fv-(j0V^<Zwfn}ZTzE=
z_*LJ7c+Vrf%h*bEmt;d}IGEFQjEbXjJF!BmxbV#F@rvl3(p(aUN>s$0KRxrKUFj7Q
zeo@fk%&UzKEw1x`!9`Q&XTsP&+r7Zj4#@;0v~7lD**rWz&z&#*J>iDAu()P~oBaY<
zgC6qvImH+k5m?y?q#-?#YualCVz2D|r8-F|r@~iIS{hf*gRfw^YrPC!(qV~%b)c{?
zG%^wwFtf=FcqV*5%&EgzP00GGcIQssJL^&BD$%nDdkv~mWJZj*P`l;97(jL{DB-!-
zm#`SzlesH4z?!z&A0@O)@Xto(v)9=HU0m6RwW7W#Xw`ZjI=@6)YIMKHn_#<#Fo`og
zU1YyrVym2xXAE${k8G(K#S;|O?T@oTS7|S;i9TPY2I1<dFBN($0Z7JVodzqvSr&1H
zH_!Z6h)_DXP_Pp=1lNJ5x(p5S%54$k6uXMz?YiV=WA5o2IUbDjt+GT9Y)gWhY$_{q
zu$ylJmvHbAOV<eBL?2>$J!Fx{H3>vqqt(Ay=tyBz<E92OAE+X%*q=$OwJSVN$vAD%
z@>GDBp;WkP7u8%}d8Jf4g!Bw;e`TA0>e-5ZQ@RogWK)g)CJL03w@pwgx$sQv@iOVp
zPude)7`(~R{bVkgR$hhs=82x@CSK@TG@s`dPyPPj|MU~S|JZT>3(iu*<6v;z+r1B`
z`J3wQ`9dYxh8RA=FUxGLRMNo+=}IaN)~Z=c=b4t2V_g&L^CK|o(V1hpQL+`30ic|%
zRZczGHz@zBoyL$Jc7zy9G@<G^xfPxqMv>TndJZ%_KKckE?OG*`jt<^W21q!&%+n7v
z!qPm+G=!IVx^ukCC4uJd^MPKk<ygqcf}xq|`Q&CbK?TX8RL5Dqiw9i+?%m|s@}fPT
zr{`@cM*xsfFtZJ0?sS+CPDa|Fr-fF-_yjf6A0Esz5S_~Y<)LbKEpRr|3#E0DHfWnL
z`AGwIdaq`wY*fsk;AF@!`@eZ5-1Yeo`$o_(dkOzQ6WyD0&TGB+Fpr~}t<4VG+_z*(
zDZXO|PUT{hB1t4omMS?U!i%(~@>3~&T0A}p4!{qKaiUjQ>scNVA#hvShtB~Wb(evq
z7~9{RC9M=2XXmn7kCDx@fEdALgv&XsAW?nu8hJA3(>1OV<a$Rw@#wl+lv*EK&If6H
zpf;QvLAIPQX_km$tLF2CVphhjOeGu2N|8~)*cMJTo00RkY7;%l+ZEblfb#epQ4Zgw
zJSeFt6<_k+VbU#uU1?2*wZ8P*5XpXGjs5FgKF>w;n;PEL%^oj8*mhQ2E;j+3Rk4Bn
zJGk1H>E|JmPcXLm)h|5PLO2<oXRWwIU+dEJ4Y}Sb!t(7fo{i6+J?k{?nZ3tW`&e*R
z8Xlq9bt@V53Ngw888H6m=%hP&@D!|pI(b&mR~XkYZ2_I}y;jXd8^cdQQ@fRl&zZM4
z$v6w>Fcw=}O}K1fe>!5Z59?!LOuaZ(@r<%XnHjBWk?UJk?#2Ant~-rjG6whM!YQnB
zML$GjeBrX*+d6B3<~_atH}?9$m)!562b+3DQ~+<gw3(GV4rgFOsKym!mA&1Qs)6#j
z&+S&3CWj(BpK??yBGjp2`RL`gBG9s3lQefD+=<v^Y)gL}gVEZsw42YFkQ^e%oFLe-
z!esk)tD_BFu|Tv(jO_c4=r?(hr1l)#*xq!B{*HXShj5m2%TK&+&&N|CH3k&J-|2@2
z_xy}v%V2%0AY`rmrI?!Is(N9kag=zsXle`J^7SMuOWwZK-g$d1F4Sf&L>kfvBaLAv
zrzS$}m=D%j8dP2=<`Aye1%6OP)K0!uYxuM|pwM9(S;!Qz3u$k_eK?oPts&tW_5+ng
zQTs4id$d)lG@!(18XoeaAsRCB!RIJ5sW_yLvE*u}Uze(Xo^~U&Px;seSKW4wwA#6X
z?%Gk=1Z&dyE!$*4qR@mxf*I?pTy@wVYN)B+?Z-KUo>!h}y;Rc%@?vwZ2!CANjj!?<
zeyCX0J;ZX?QIALyz(<3v9>Ox;#%hrfLua+dv)N-z0U&k5kRjEJJ)yVlB}@3*<@{P3
zqNKr?_9pH<J&Wi6h`W|cK8rpNJ&TY+>);bnWz!m7NOi5NdY@2@eV{6Fs0pd5n~HYA
z!mHGGqdCR7xH(8_=5=xclg^~?GOl~~HBroLEn64TLQP>SC9nW@X3kyLlk78OqK~Tu
zq+`jW5P$s4RG&cH4*Y<jQbJc~Lh|Fu7hHX{hrGG4r>nM)rLU&pq0qonE)H^L&g&TO
zb4{SRAKd>D#i3&KW-A{w-`{#V9J^{zV|{|eer;$rsUfcC%<!zdHa;~4P3BqoUvB~7
zb=xsVuCu&X&a5=O)d&X2l4zH^u1L%71lmUJm&xgVxM+RdVtQ8oz`iuh!j;ca!Tz7C
z+%E|r3&)zPYPCW_0>@<JJ<3iC9O$EocFD^ci1=zuD8K>QJGu){z*$tjR*J#MsvA~J
zppNKx3{GeM*1@)wnnLwP?Jw3Fg__ji4cp-h1BJm#FE0Hst#~K1H@^pp?Eet=EhD73
z<aG+}bsdz2g>XOKu=k%3hEZZdm2*@dD{HSj6#|;8L8TRpv)6mBZVI5}I)+_(b@PuE
zVpI6~(jkRV^!Yh^cB8N5+~&i@Jy7cs(!J>0`?4A0a63M8f$k6iPtcv7%p|Jz5{&Zn
zwl7JOH2RCZ=FCa!dMtg0-9_I{;YM#i>at9(Zg{;2caiQ1jdsDH?BFf;iDRIwc+if<
z?3;=?D$0u5E6V!#g0lv5=Jbwnb&ylL8Qb$%{A;V^ghh^iOVA2#v*7`di#Gj=<XXQ;
z?hM5xFRvFAmo5OL6z6eQm6D(j(d#$?`b;6_D_nrgvx>jgTEqjJQKU5EGnw!EXJNIM
zbT^J<Ni-5g#mX@R%Th|yZTOwOFAZ&_djMYm+Cm2nYNab_3WCjL_ztYWX0~S&ce#QM
zBzX7rGwysFN49mn$-PFCDaW25GdwV0R+URGG5_}S>he_}nd4;am`V1$aDmX?K&KbZ
z<WKv7bQF`ns;OYk92aLdX7y6WyVN3||6ChYm_|SUVeJRC$ZNwT+_FNE>&GIva1UN9
zowj%Oi2fkxF?~ss=>WuxZ)bP3jcUMXkz_iN_Dj_aA^h42vo>HJP;Gtttbc!TRoPRA
z^jX69#vV?bKZP?vMe&p#Sh*bUM6o<o2|4C-yhD9!nEvv$ABhx?Jxw%k;GDdx*sDFH
zue_o9|2P=}yovyQ7nx9f+cT+mlo@S1yB)JW$kP2iW4Bf{^F$@p#sOm*#OQ^ixz+ee
zDsR*P2lxMD>Z_xw`kuE{q@^24k&x~V0Ria->F$=!BPCtZ-7O{ECEeZKotM7wUiJ6k
z`~JbYo4a7`y=P`WGiT4ta|BrfzDrJg@ZD;@z9Hl<9}$=+hCtDFS74koTGp1{r-9DE
zxE>O9`PKLRAyA|noH$;4x9{LPHT|p;V)O`#I1?9!LeS`*Rd8{I3fVOpWY@>YDFHl*
zp+MPW?aGN2cu1oqXvcb@9v@QxM5oHaO5+^0wGSM7H5avv5S{l;x;LlS0)<*m#nT6m
zumv_HFwJz`HIU$>^3c#0@o(rx7t&6L;;TUfWjzG?To>w7pMc|M)2lCI;!7q^r924!
z(TnUpO$hmmXXJ=G^43_!@YR4I2kn3o*E+=;6nhQLqeUWg)s{z<p?f4i24gCb+f3^Y
za*k+CY$VK%lk-^uor{RL4|ayVVnKw{Pa&n5x$T!p$0e^|3051ubQj!)H=@z#{>BF&
zPSGmfP*c}8S<1WgTxFMs)3Vgy2r6We!_nai>Wf7NpWch3Xe|`7XS0AIIw4hG#vuCx
zX1v2n09W@0?&P|;3E!}<y0b>7<7oBSg85aCxoon;+}fAY8aHnFqWRvKKIclCi9J=v
zE8Dx%t<Frd#zLn0F1F*8Ldr^wzmQ^XK4|Tluyl^=L_^EFC)&{H^y9PhqV<=+oT8k-
zPKj7=MGExA%r!ly|AG1>pVI)~uJ7~*)eGlhR5Es_GIk3S^NnZM5%@P(&A2TpF;CAx
z3p7I2gU9HOeN*#EWmkOG7qC}jJG|V9V?KW$q$2c12RcLJdKlHUS5;-0t{t2Y>Kd+*
zpwM7{VRm^C-MXr&l<v&(1>^nCL?W(mAtr(cF%cHvpxx%Sdlo}Q6A2;B&2E1vB6~SU
zCTlFGone~hj=MP<*)wmPUk8X-c=WdF;F6W0DES8s(Fs-OjAmO*Im$$L+Ut}=j)@94
zf?GlFr7rzy5qveNw}uTE*Sd1Bo}DkHdrs{2?;I@E6<67>Vcu!K8K(ldy#dOeras}T
zUYOj5(e#AE^(6b@^yozDf6ApaF5(?ja($z?)z3&xxPmd9a_mjD?e_VtYbo4@Yl@%S
zxw^NdDv@!~GaNq585A`^{;lqA_&(a=%_U`bp6Dd}Lm#H4N|KiZ)>3H^-MprijG3)U
z0G3fmD)<rDNj|K+bvtsO7@iqSRHSz$N4XE!<Y2v{vsONHyuu;m$O*~b_XStAFRZID
z4q!dJAfCPEG&$^J#QGZw;=k=wf^@mD!zzljoIop+c<fD7%l|@kUFFVtL)gP`o)J1m
zjrqOsd4ZuzzJ*Pc-wPoNe49KX3=M>axfY^1zA|8e9<nYumaJ{0P@L*B+I1he8m&nJ
z%a9u%(;OX^9G4CGL|0e}+*d9&B*d+&yA3x)n|=5zrE2=TTu6wl^*s*3$5rXZmDW(H
zYretg^L<13V{P5%_1?r0ME7t4lnI6ZPNhuA!L{j!ry#Qrr7b|^^cF&^*3wE*>QZyQ
zk?i6?3)xo&)yPE)dWDRM+km-v9hSQTYiw_%_5${<<NM}5dT~I}d1xL#6?w65$ji}%
z&7z{{=u8)RdnVu#o=N_`dC`-@46&xmNvli^3xrcp+`4jnO`|oNW`*q)iE`*J_|Tso
zs`EDz$(mRIg6U*z$U`P%$p>~Dl_bX6cx1O@wwrB5gg97m?DobyWz5rNReySf>O3PX
zXLEqgt!$`{9VpeAThT?T8=2Tw<*+eLda6D4IDdb(SYIpvUHgIJq{_Xu4<vsCcpXa-
zo=yprhxII{NtyhMfohpjw+y%kOn}{=)N!$@6fL$A@$_GUx8GfLN<5L-{h+e-<R~Bc
z=_zIMJg-Zmn8~fIlnG?sYj$T1J<mlKXm)qcK|MP*`{ZU#*Zq-$OeZc4$C8J&(ALKj
zI<5M}8@K!`x6`HNpE<k3pc<2!WSnSqO{kGK9pJtk?7#K{%tOB7r>OS$J{gQIwr!LW
zLX}mj<{JLlhY{_Uf^y-znUPp9<BtgO|DE3ZtIu>#LE@0pdvRri!11MesS&q(y$F0U
z)EHkm-FAI_^2EDikVk)hrbBI`T0NN2sD3o5;}F$}2+m12xxN1Go!9OvP_lJ@w@r=@
z<fy`AOk-G&Mqb}|3Y1&@2A>)dApUu_Pz(#Tqb1(>!tZNPf82D6h!@P5LxwD$5VAM~
zm3gm&*G2vFd^U|{q=ysx`HV-obH)iE_cXKuU$Xg34DxC&*o_gA(XLF4{rH++&OFrC
zwT`r4QCOudZA!T^-*!eO0V)HgO-snVM^1$DTed%!m1#Lv8prsh@9x|Et+kh1lR&{^
zp6hOKnI=b-&Buv@f!ag^Skh-x+Y1r_*ce@AN7g!&7)R#$=~{bZe(Ggi=Js+NJeACH
zlrLET=Y1(y2eHGm?dhuRwZ6G2pKy_D;8ajbIoBz;)Vqof-$S<*Kn+)qc4Z;HFn$zi
zN{skB;_poEN@ECtq(=|jByRkJMN)W5Pq(AUpjO~Lds;kB43?iW>LlhM7Z!lPhMnD<
zsX8@6oj{eH!d%*>jqQmpsQ?stF+tQMx`}!}Imp^@De1UP%B=+{#7dkd>KEnx81D63
z3c|SRm$!UU+a1k5D-}v3WpAgMIM{oe5Ou+zzv=OBgeOXW#Y@hohEQuO$yX8-7>5WY
z@A9ixd22w^8%u1k_t`*y#}bk4L>O##cgIS?ah0AH)G_}R`l_g~lq(~C7F`fgEtC^N
z9S)1KywYwmAjc-105rgSBWdG>h4t=}ON+?leR@YV((`we?tNZVclo0z#*H1*zazrT
zD%+L-?UTG*odk@awQSC&0Ts%Bk0&H>ml?bOK@0~woTksFoxd2g_a0K+cB=@+>t6=i
z#Gv;iZA8ckN&LsPRUfz(fED7&rIzL5QG4|01;9=gRvEe2rl^(1EaJ`LLU^fHP3scT
z47ru_&;6QMx0XvI9va7j`Iem53=ONzIfcXG3Aasg$zWR{doZJ~`IQJLV0@w^HAq2e
zrY0%2xc`j=atzo0ntM`;Jj#HnW6=lH@;v+CM?;yho|G&AEq~YG?`Xs}IFlAUn-25{
z74}Zq4M56|vp;T*2Ng4y`50Oc^nu(pD%cG5WY8r3HhIIT@yU!4_k0LPQj3=h)?AY(
zwQz$fy|o$h`^n(Ao#)n}$J2Zl4#by;gC^-Wssw*;3eLPVY|c%V?4Me$xqL_~0ne1y
z)nnumOPf~4r7f=FLo(+X(9#b;R{B6=vzC2*zf+k5mHU}Y4;H94CtCE0z45O03EX->
zsi6FHzBRD}+~WOC*z3&^z)R%y+%*fWhfB1isp-NEl}eKk;8*k)EYxSi(T?5hU^rKJ
zuXh;C7~@L1G+Ks!&*sA~N|E{BowvReO5$Y?X|#dCAbHz+)mb2p=*}vYbdJa-k7GOO
zi5?8XaZkYW*6bgWIznOADZ8o#Z$*uOimXx@O@8CS9;=<m6laPoPFNMXt&$C?Gfd=w
z_AMZ!j!xI7Cr`F3`!6nOj(8_Xx7OAjri=(?RoE!i7p;fx&YY&{7-otG0v4uPv>KMj
zSi<j#DZOlDT7ZE=(1*79^J0>D>3k`0U(DW~ux$2{NQ{|A1>L+}|K*=c>!4`NuW5~0
zwp5flkyL0rUi9cAG{q$6%JSdPu=1q-+gqw=V}@8F%m&p&)L3}&k!95ef&lxx)@Xvo
zV`Dkwo6NozvtLoYa}fG16sL@zc2<TZ&_;kj2BL-ASf;B&v=FfLCXW`yOHHhb`zi>#
zu~1C=cW3p^h<km%@pZAgh?Ohby--xY=30wQlAz*ft6?gARjw^;iD~xhYA#jjt~-Hb
z_7(Al2T%9Kk;??+pL%vWFr|9X(PMKHVrhP5tM42ji9Yle^*;0#nOx#@aRXL9p$p)H
z2|(q+_X$H`yme17Df+WAg}<jSZQCyGf1oOOv!7Yn&gtM}dDHMZWeY)o+e6xBkWJ%8
zYIgl*1tw%<%S$;FFGx#4&lB%KB?4IXynRrAdK&cLyPFVD*6wMTnOl&p(iMTQC?3pn
zG|`J-Xf0{;r6lLB2V=MH0s?N53QLhCNOna7-=$>T10C+<Tjl5RFs2G#fo~Gi!l^so
z41ktjmmf9H?@H`zHI^O=sY)^A0|>v%3j=K#@z9VN-w|l~!NKDG9We&l$_;}%=y(MU
znAQ%)5&}V{Qk-s#+q)IGNL`0aZ^%0Si$Y+Seg?q70vo7n6-<Zd9}{REc5&I8nPx2Y
zjI+~e`1P|}Hv*2l!(7|aYbBnR)mLX<<8QkPyv{6r$-VFKb6;FH+PS&pdh3Ih<FC0H
z`nIRfSd-p;KBPa{-B_t4QPc94nF*vsGoV60!s3vQzWg_O^J;1Ml}O@d?rF1Ta1&MT
z={eA*T3>w5g&>RT{r$g0F`O*lYi`_tj}b_+@h?U-*Te$y_rmIp5o_1>tjtklHHU{c
z+^men6%ZTw9Dee#+I_Btmv)RT=FwVd(c;jlHpyD9iI{F3N}hTwzkmGdBx_X!t5m>6
zVk;$5>f6`r_$}&S_1z|S+usrJO|W#}Q-k24Xh)Ew>Wxt$gfFBQOAwPn!e4LwGmj3c
z?k4^-%-UW?9;}K-S(MgXc>8{MIJnyGe(;>O%dY1Uf6C`G))dmNOy7*rvrN*DAhzV8
zg1L$VoW!g~dDt`{wV}U1w_Y3$iI%n=^kL(!+TIG9rJ5<00M_A+*fO-L=f;&w2h^Z%
zn;&<IuZ^8Rqv7#YqgLAz?&hSa_ncG`FAK;9QHGNG+<vG~-H}-EAx$XT5aoS8SUx!_
zy>G6zkUIcfl{LE(7#Wz+XPXQ7T3RFEvf9)LVAo#GqUf}Eu&+Sg^zp+JOnGgk-F+vZ
z)BH-$#w~7C7htX?)HUa+3!F!0{5#Suuv#zFA2}0Q<9s=$>>XM9!{=L3oNhTRzm%2m
zb0I+sQ8gj&2MG0{6aOibKQYD)y?5=L?0H~YPmKZU4R^l4yYq^XQN;pxzK2_;WxS5)
zBwhA<w}{7dIO`)&-S*cz?ZAbHa^=}!fYzkAQ@ex)wKdN~4vAu7?PXr4Z^-WHi@zhN
z@5q#O)aMT=^fQxBkutRB%w?~~l<5fdB6Jdv1OBs@Kpj4AUKa)Kl;R_g2YrNE4*1mO
zm;)bd%}W0R#M@;ylP@~MUiTYF7_A8ifB@0?k-U3LvwNl5fL9wUKzucP*dEfT+X#=Y
zahl;|u4;L5&Q7!^sNg9O6|Q*MO_-+p8QwvXN~9Ff&J`FtSN6>WX$wCMW-gyi_zHsO
z8ZuSw#T72Z9p~6fdW18wZKogGWZg051mTj?Y}peAYhV)~t-tyUQ2$1_HL0dB>ijrW
zUi2O#G$KU6r<M$VTJ@guuWEC`xW)_rfhm&Emk2AAv>2-$a~|Rj(PacLem|{OwUu-k
zks@N^n_+2bYSy?`sm2i|Qb%E~TZ4>B=2vHxcuNjr0q4d<977Mm-6lYvRz1f{<9w(A
zskp81uP5K4@GmZ(DibZ)cPE8e8g>q@Hdlb;430Nejt%J)MEGa596Al3Ui(E(MHP#E
z19hkX8KN&O@)2@j4I6&B*B9eFg;7rzgT1c=EUZBrJMmUAtjVF=O5-1leYXTG`BaSS
zOu!C~!oQpb>@^5u@Ln8G%2qk+nr8>Z@29~O4eiPS0o#f*WHQQ&{YXfPLj!!L;3J@B
zSC}N9Mz=A{ckZw&*)dhLa7m-thCab_R>6ws_Ed0C;p0%~Xo%5eq9dXWXi{UU)&H^L
zh#2tYsjrtWvsCQ`bf1DB%$wC$vmuGV#|__C?IN(yuRP>P+8`g>86V{(Dg{VQeT8o9
zgP(#Npi9KYzZ$A-UqOYx<fnR(3;Z9;59*UUEVK_LA5|N~q#s%Qd%B(^Wf01VvlBh8
z^;`JHSwJ3(nw+*q`!=wpH23yxb)eUgB>=M(ePMpV?Kt|p!|S^>1xpFIxiociqPhd+
z3FFX(!YA%hC#0$A((odDwamyFx$dE=Mv7B6RCwIq%)~G@=~DawfbCuH1gg^*mtT#(
z23+S3>L1s{6`@(F_|CN0Pl4lJ$gKr42E}Jw5R)3F($)j{<ue-jfrd$6%eo<ZL(Cq|
z03iZVFP?y3S3ne_BPr;5K<%kxncHM4-DY_%dp<!CUg?hYY*JXMqK7$edfRYTYWXuh
z7YJ?!U~eEyg13J={WuwwosL{gXv*#@E1C84_<cvGXQ!LXmAF@~Rygs_#2wa%Y;K}z
zhrH?e?Kg-+70nD8hONR{$U@~OwxtH&3@+M9|H2cTGxj^-@eUVCLyzI}`5{)&YkwpU
zmyYu7|IVrdzJJH^?YC3$5m?*m)G#4UU`<|r_wP}ar5K`GF4u|46J%R2GLRYS+*vsx
z&rPrXj$hi5wq_AO@g<jwZcar?aTQc^BaxZ6_*lL7vT9-I&Rs(xAcC6!x#!D9w=(Pe
zt(~qB68oZLyDo-I-mNULE4pPzi0NaEzGS%>xnwz4td~a~1`GvMSOz9*#|RKhc3yY+
z+NjW!L%F1#;y0_nv)?b@8+%xb9)HlZ+VMqFbkQuYf4ycRAetQioxgvl<QQxPYI-{c
z$9MO|O2xT{Cz@+}SxIErS$oc{_&R>d6s~eP=4UEd;+I$YFE5%{EN<2e>G^+adbptB
z5bM+P8?HL@*;yhp1H6XpkHCjormm}#YxAptCyx6)Yvse5dn-qm+?}K{GlhCU3)oD*
zL`fd79m*;uVvyjYelUWNS=2V?I|!OT?N69r7&Sj-^XGv6<P@Jop8CC}xB9WHWDZ^)
z6nV^H)ikZx97>|@2#VXkHX1_nioAapmCFEkY09B^WQPb~JUj;kcEw_+0kRUO_K+tj
z4XHIdy90E~bTF>;qR&P)+9H3uS|VQJEEJ|<*MgJQHmljrH0>9G$tC(V9EGP_ubWC9
zLPsZ7e-;x=B>KFk$(U(q&_+#iGRWED@$E%tA|CZv%dRodx<p9yXx(%Z>DlLXeB8<g
z1W@g5o4bYIVnj#XmMtjTExbRU8~F;p{wkYd>rCI5B5pptJcvuLiZX*c8QtGdah1S>
z1wx_Bek2tIcZSG4p+ZKT7c&(gXy_RouL}R^^udfPe<IHKN*%96aE|b$?B&4zQ@f<r
z!P!Z=vB1+H?CL`2n%7g~qa*lyKo4+Mig?pJxPY1^)CasadP4JJX81$|lS?9+%ST|2
z(tP9a>e(Q6k5Xme(jg5rstdQHJoJ1#7;X$)KiaTMuU(Gx;(3_M)#Lr=w3~R2QLJhR
zD?wuRQ?;%6iG0{BAohBHD(1&2zAPk9rGq`VGb8CCKFgou2(wN=ZG+lWJblf@^uqCA
zz7s>@Y))+c8(g{~4`6Z0=D<ZN;`Vlmwo%o;FR@M=C=<?e{eHW5jE1Ql)Sw8gaO4+J
zm9o#UJl;5<YUQT|z)_|Lz@51Uo@QO3lJcXVtwTQSiG0Ef6p={<#r+219nmNi;JLGx
z(_U5wP<s%)k^ugX%!ot@G%V~V>qg`QL6ZV~2%0Fzr}%yJZ!EhHFL@fU6AO|3l(&S2
zEnoCt8mQ(@pl>b-8=K-+@9U+6Wb*TkgaT0rK8l$>8sYUa27d+jWGDgBF85$2(x;=q
zlGzXSHsR?5or2gpX0D|_xYgeb$JLS#(1BgREr381eQM&00(}p+ZQp)|Sh5%Igm5dN
zx>j<M6n}~bE$Qzb^p22la=)7|LcJ+`E|0ek;M)Bnu(Fm-K|Ui?r$p&>1mQAM*~Bk5
zpKr)(JKhZEi^@L8sWm$ThfEm6x&HwVYhYq?Hs)G1QSK_lp|T`)Z0K*32T;ud5o3ct
z%Pu)h6n!)!G|53aW2ND4wzbPd1BskqVQW~2eqT4on&=apa~atjN2*eWD|73?N3{Tf
zd4Z*;-nO9@Yg4EVJz>yGOO~D8<hPA)9}hRjtywxnk+O7U7q#Py!=$uvUJE+i?FHGM
z?**Zzr@=9B^P#OzV36|jp)uzJl<G}VsBMBANaXKS^{961EZoxr_zc%3FrJSkX|c20
zJCE@R3<wYjPb;RR)n!1>cp$>@wLIpr2cYzLtaS7sRoFRJ4-NmsU{<a@+uFbW86V&r
zN0@VUU)rf{CJ>Wm9-)`*6;GHXfs_XB++=dABb^Gxcg!$11*)CaO4qtnoRu1yg#$-7
zKyHr0k%@&rEv!gSj9S!ZW{9TQe#S126|k%jnPoIgpq2TG9)s!>@M2*o@8lipQV2PE
z!17O;rPf=uSZ5^p5lmuQ$st%Kz)vUGyS1ybKCfb(93q^Zewf<okIS8FzlfM7-nV+(
z+75Px|D62H2EY|g$lCiwLw;^p#azbB!co(=;m*v$Be{mg)~$U^F&jQjp*h?~WgJAz
z7fT(IVx@0C>lCiAd4gaqI&J%pP8HJES$m-A>WmRNNH4AWp_(<7I|<%vGzfwM>U1Mg
zq^9CcNX+mrO3b9*x)0(aE06M@mOrflazX*?=&1{7Tj0Hs1Hh2DRr6_Q2Y9?Y0K6V9
zx4|Ib@v+D8E**Gq0&h{GX6NZhqss8xp{`@Vu8B}03wf-Q{DypN{}x2-g!lR4chV>H
zS^3tdRKeUvy`qQ8WBtXmzZM0_5I|1Y`Zvf43)M#eROV@iUIO_H+oSd1-%rqCb>IE(
z5j}WMWD%|AH?Nzqi5)_YNKL*v9(_3tNH(jjdR(!>eIqfJeiCkB-ysnYmAt)-j*6Ag
zof?7=P5L+ykS6LMLIUw~8cJ=bPlcBoEDNvAe6WlCh<}%+!FJ~|vi$yjS}O+q=Il9)
z|Kv{u{3hoA@OuOj^iVVUKXH~is;bE{w_KN2)<BYCx?W0k#P|t!$*eOgn{LWUhv3)Z
zv)LVWN%O3;`FO>|`y6v+LCIEmJS%QG7Rr<<OUL~bPd%}Bc>*ttdRtcH(UDzl-$D3N
z<n@@9fV<I&0$Vht6&1@61l%HlSX#+X(#Gb1;DVPA`{Sn{oI#9<H_6!tR|VfP-Tq6a
z<;#=q3xdX?g+Q8CCfTo4Z{+3IeBv}aJDLmHresZL&$J0@e54kP_U2ntO18GQKUapv
z8ygvGSk8dvKRZJQfL(4AD92~Nl}ax-&m9c~>H<yqS|14++>S<3TE}FYvOfZP783)4
z*@t?*7FdfdArzfw`4PPE_+uir9+1*$)2bijrYRC}8Dlv<*fEjHauO<}1MhK+fuCF_
zmPq($-#4D)bstfb@QCjAvyel}pR1YY)|c*6TfDVm$n<56cX`tb?gX?6=dI2QG*`Cm
z&3zr+WX%QxQQ3|H0E4qJ6SEHS)IoBpLb5i33o11#<D<9dcA_<Z(wp+mzZF3SOl?G5
zvlVZ!iMj;WR1};qTu~9y18v3Qaa7pQwQuB2dpgKM{h!s!Srgzdwoz`|UBN5EH(w#8
z{L>)uyimO?DavQ**J3frz*n`s;sAqd;|Uc27!y!U{&D(oUt~r@?bw94=Du@h``zSn
zl5r)9{ipnccb~`s-35R2kWbNQW{_?O8fg%#Xbu^Ud(v8%5s{0xqJKvSUm@jX5vChS
z*{9<h?PEWq<B_8Q547#DXW8&BZG>gpH8E|NmHrTON$RxVlC?MMof=-mYyv72h-My&
zNn}~J221v4RBeolgB7l<rGAjiQ(|vf=RRGx&pOS#n+HMN8}82c?b1P79%Azvu(NB?
zL~Y1mnq#eb8A7O0W7-vN96pjn#0sl=U^@trNG*;YtA{QN{rA9HR}-)-x-qKJUF~sx
zJXUH{q^~s)v(r7i2qcqCFmLr%sh)d@S?K!J4Vydt^8Yf@GI=j}l%HmFQ42L9)2*y$
z@TcCT5?3|M<4_F-?9j=HEa^;t&PeMZ`*uqRCWtKMeVIO%svz2IrKuP$_?edN)Di_8
z+MSsmYT|16waO&1h~K&>b&=SqXI=N4aD0kvnhn^asi7WjS(GHbXWo)B5BN^b!J`kU
zqS$u2q5xmsh4g(AT)h*Vx-<aaj;ustlH#60EyUR?uJ_r#|C_%^!tabi`%Xp%6P|O3
zY<|4+PIZ3HOTkS@B{%2&t^8r5*B)mES-0)`|AH9rLU&t3R^)I)sUfBFh+1O+3)Js)
zHmp&@x+GR7fNPpV()~O9)V8|ZUhi0#_E&r*M<V!`q|{brvFN-`#c_Sm?RA+zz+81+
zmE#|_Q}4<Nw5%om@`$d1;pjOY2qzkiv?HzY$-BX2kvHx;{vxIM_1=L$Y-JK-w4yeR
z$k(%M`9^{y@#a~~L=&1J{W8G+k$750G>3FoIENY}O5pY|=kA>>9S(8Ss~hxaRaBRU
zZ}Gq8x>DsM0|#hMIJjQ_8gkV>NdiTW&uI<uerwpdv#70~Ob)gRS~h(kHQ_k0qMu<&
zq8vHTQ!@_wDYMOAe94iGYZCD~@WXu@J4o|{FVXIA5$xobZvb8`9E&wtXC2qrB9d?L
zu<mVD#u53uDCPImBSDL^5kKGzr@|OFo~!*(5#2&HSi|iM^j|8%V<0AslNr2JM0|@_
zhvF@|D#c}RroCbEWYH+^t`5bsSaiZ7e(mA3(0@dF>-65s*IJj~bH6Yu-@t6lkoI4_
zArKZ?QKceeT}}LgukZG(976kP+SF2f!cRNxhkSHZvyss{sB%AaRnAp912)L~A>-n)
zY(10iykK6fa{pxU2(<oa)@izJ7C3gGy8bSRDLEs4c}Y5`?8(h~=2LGA{_Q9{;*5b~
zS+3Xc+|^D(1lnydCD7{mO_m3sQxJuH4(5JG#8h2=7I=?JMHJTSX)&(&bSJv`>!t{j
ze;%SE?+}GOl0D!JV^?J96^+*8_^anIHe4r*+zWC4wD&Eeb{F884H`mar-ol6UzHy(
zd&}Ed*}qDx$ZJ!jxQ_j#r5GRa-{83zzy3iY)7Jm4`{e&JvH*4J_prKvm9CA`#tS{)
z;!Tg)Rf!11x0-aCv$_JWrOlSDOPatuHC1y+Uyhu6+$&RVA`Dz7H07+n(_Jql6?v|j
zQwffkR|+AfpTNrU!qaIQj3Nv2CI&)UjjG0f_l~Pr2GN!nCWfa#Zs{v+7deNUh5VQU
z{dAQ4KYOg;cmvr4d$DQ6E?3PrxEOZNF&F<an%$Wqs+}fzXhh;TndjhS$6bQS+NsE<
z=30buyiW@sOYOn%hGW3D1uXwmw^_N&WJZ+jGB?jQS)QlkI{u%>Ge;3n$p$~H2d``H
zJ($H{HU3lv^Y;*Fg>p3{tnD_vLuh_~`RP62`|-va4{q<ZTbqFM50caM&(Qu$I|<qU
zYbA4y$PP*O$=;yW^BB&u`7R*rusaoqfEyxfxKsC4b#kj{&bSe6%1)7Wuh^-1W^ef5
zK)mg7ixzx-e<;$(#(XcNYW9@&BoMQ|ntV6s(Q#@2M9H7rS&br~Pd2}T0wlSb-xel*
z-snsCLtz`6r%q(x#MFJL4^ugS*b^`D-RC$N%S)4DyBl7<PUff33gSh*XF6kd!vA{o
zx7-u79xxLKRpG-dO-}a8_Fzt}Y{aJYI3B8eAkdyp922p+zu7%V=Dd0NXg4#xs}oW0
zbn-Z=E%!w(9gu~*N8Kl8iS3J+1gB*!OZQ0~Oo#WK;R7=JpB(5?=vgD~hBK4zigJa<
zW<|e<=3wq=?s0$a+g(7?M@}3s-X8^KANT)b1GYzL4M~61x<QS%wT<RDyTn_v%J#Is
zv&8$VZUN_O$-bn<@!*<r!>oM?@_zMWIxyVwmhNSl{$aQ~@8!PX;lF8{gDV<w4ItAl
z-R7#Q)DMdMsB1ZP<rC{=q!&?ExnTZEBjC`k`_{nu*<iGf^qkKWb)7ZIvzxfHkQ-I=
zv6{AZz)h-&<G^y!P$w5wzq1uZr%x%69ijUJao;*2Z~jE!DH`~yFskac@bhuLIpifz
zDVK@U)q3BzKP;=UdGk0>PE0TmRg_OeuQA%jV7dybQuT3;U(wOX4+`(?2(qejl{3IR
za|t6IE<hcw=f60tlMtPA{zT|>FGJ%p)OzQ7&zvj3pCTL;v%1D+G@Quh&eA>Hx<?;(
z<?sPWUOqnM=CM3E%IoqYoPnENlYu#e^uR&fT?KA=2$L=j%eT~IvC@>D`h@#o%^MNC
zV8b*Qp`p$%Fd|!`{Vi{?4BDQ7rLBUmjou5PExdTM{ikuzHsn66w6u1}D{JaT)$*)T
zoMbja4?+R{cBD>%=wm|zy6|s0;4;U#cC6EwrBC^-y`H|s$@(HqD>3is<k*CGy$kaP
zNZ&f-+~jrVXb!I0$~Ns;^_cg6Z8VEYQvKo81zNHPb!;Z2d*tq89x0Zttnmvfd=^k~
z%Rz(f$7(rnb6d^SkD9se#%3-!{G=Ni^zpyA(sy-=?A1m-$*X!mf(WZAp`mWI3sZo&
zi9*5qK^QdojpD4itARp|tDVa*GnL3`v206p%GJ-z=os|a=ro#|c)N0-2cICQ%N}Vl
zT|df}h~)RD6likPf36ME**=;pjBMp0cW4UVdHts#a!Yi%Fn)XHe1MDov<g9Sw~DAJ
zYnF&3KxfmM5@>zeQMa;2u4RxKI&G+^84R^{N#PP$$i}-+?&yctS6;DB-8EIId#4(O
zZtclrMbOuurcc?;`#+jf)`K&@GsROsP4b9fV<|07*2ede#P>{ctQ-BYTcI8XH8^kJ
zS>cqnwcQ#j-9$dgiN8dFyrRN$((F`U{iO+@5G^kJH?9lQOklMnUyur3yEA;BN<FQZ
z|3070-wQM7ed%R+j%`Zhv56zrtZ|#>GnJ|0Jq2GWgDXO5MDZrm)z-fL;Q*F^h0c{h
zih)mE2ZU-+n4otsJ2cy3H9vlT<u2vgcP9lm!J;E^OpG~k@2>~`1fbMnY49#eV56i<
zVCM+*g5@Y$0(UOH+$e~=i-=+P+OW$)yWTWNQyhRXc=?=Zcd6^SB$sW!w2S5K@08L?
z31Fyyl?KMmKr|+n5HE8Rtv0HvzQ>AoU1S-#b!1NdXGC6ImfAjZO@4Y8KA%Re4-lQn
z2~kP`^ran9w^M>{Biw!}WJ#WaXkGT_yn0(1A3J1!?2!G*dl{WP@}JB|mhzhjz<}ya
zY)m%HUA{CNGDEdaDT-DX*Mf%#1@2YqSB|Brf5;DazaW~)gH%t3{$W~y)cjU5`NZqK
zX3#@z%3>U)J0gaus-i?hqof9~FBsvW7{ZnHrJ*k%Iq#`C-1dJJ>qsd}!lys-Kb}Gk
z%a&za0nf>yr1iA10L*?+;#crwED9~SF(Uma-i$J#cq7e^qN&fY^dEZB1=lycws(Z@
zoVv9x6zh#eFU4{1h}d>uqTY(S-Zt906Gz{^Du%%roDwtx{*SizOI6PlM50rFB$`D_
z;k=v`zeqLY^~O-19S6dRePEF}DCFTeoGaGbn&CeOZl;|)a6&t9tVFQX(C`#+*)EL8
z*B(ld`hNVcG`ttLL6XrSo^e!b&re>ByTaD~l_8?)2yo%|%fip=OP6-a=X<su`0vNS
z|0=T<eUE?Se>;Y3*U0cOZ9Vmsn3iY^-^M!Ao8{y#Vka7VS@!&~eYTxDXd>%mje?U(
zflWKl0_RavgCnaeyXmIgpY-NmN9HTH-s5&{Bsp5Y;KS?s*XyKcfXUEKrQMO?;(gvv
z9q5^fz-_Ee;YM||l?n774B&4&aKtQ4;&wedT}DTgF3Gf4T^rP{F@?9u9u<WQ_0S1m
zbQ9?zUsurW<W<`7NaIxAm!$zvOJhRKUZ~E#b>n;?n9k@It>a8{7IDK2`}{cjgd5oN
zO27H8$oR=Ih6j9caFTJ~{hD}2ebG}^^yaUmfT=y)HA%*fct$wlrBjvua!f(ZaluPY
zG&{BJjzlr?rBe!JIPCWSkI8lQlBgq|7rLWI`J5{M;ti409r**%J^3(q>W9U2+JRrJ
zT34N6N~up%nN%j`iia)9zcHL(4fG={y6TtRm@EFB1)}cX+UR;HEboEj;IDYD;}{p;
z*wcz!=+|Ap1hs|rFDBzikhgUv7(Pqn)HcFUGR?>Ek3<4oF_GMF&_lx@0^u9PB%*aW
zQq9fWDSYyhJkXIY<IRrs*$}M0uAh|-ontG-vt_enu7i2|2gi}SS0OA21cRd*MS-zp
z9;$<UzzR-F^oR&ifcIyD8AZ2@w{dByBGQb_(Eo9!uC5X_$MQlqcR{ubdvSy1bV|O9
zeNTROFK5y;IBr7uXhp-Cb_D62TaZpzTu*Z=eM)^}^Y6^LGc`dfmamylRiX;s7f_RT
z{BrPPNd5d<L=L_u(cMm=_r0?>0QsZ;=Gyz+-1qQuISXi=ZMGyQmcIUaW8HM0$LQ>x
z+B|W2v`cM8Z;Y63&-5hH+XbN^9PZw0HVBze`6^61vTr@3X(-hrA4|IjGeJx_$<Ba6
zG<nUu0K@v09h#C0uND%_Or$I-KV(Pq>;b!nk|?+~5>Bm|-+{M)@=w(}j=PGSog>u<
zN%+2&aB4yhX78S<P8fkfEkaL7=MM;>NsQ*SW_JP-%<_NvKe~RHv7SAVbjr5jS&6()
z=~2q_*(1=0cuyh;yPa$vkSZ)tX57YFoOYJDkb%m|N>hDObAcFEmB);KVP51T*FneP
zYGHn+DZrd=94zxjG*Z?gx3C@V+${A{03-Bp=hSfSb(R<m(Q)_}KD`fFUxKLUsZM+4
z<YX+O5*9i2gzD`My<yMopBLlZa|E46xw->c%<DABVxUH#Q3)Z7Y3tPLZ)ngUH2(Dn
z7qeQ_q+yj5qxySgP<ye!clQJZ4$$+0`9#n=R6)muW0&{U9@6)#l7w$Z!Z9N*AY%wK
z9x)PQoxAvy-dt<-^{whS^b>+J`*97SMtPU>FOFf@+Tw>_`_>viWUrSiD=J?8(2eb;
zmM4>NY7{uM(Ru$-?mc3kl6-Jt*enn6aMb}CI!Uk8dvsX}{k@NH3_+Qq<R(B6u@FTf
zRX^vD&-)6#9ZIs<qA@BP<bXKNs$W7-VOKo(p3ut#9}I&<(?5)tj^RY^?Bcx)(|$bP
zJ}S^w>^$MZobm!+x21nWKBNx)vEM7xqvS$ehD<!N_)$?AcWbITQraJ0I~CP6QdE2R
zs{qYrT-(qW>>l!qcWA*>7rA->=!iP>eBaj8TUe4nT`kia0hSP}<yBcYCbNkD2&S3p
z8e*^GWoSxnhlx_9MWTbFy{xk5Y}p0W;p>l0{an#rTYMhdsY!%RU7~7En{uaZzm?($
z`IG9s^NQH|e_4<wt1HqrW?Tvj3@09Rf|Ny&uLa$iHYzmYI);MP0)GwyR0GHX*ql|r
zGh?yv3mj+V4`|8{Ka(m>-bqC{RkwVz5*vYAv%nZy5l4D_*qb)n+3fQu=ujJKTHyxR
zog32ed$n@iumUf_z8?2xhLtQTayj3)Y{MiKtyArk`dd=V*d8Ou4hEM8;w_$atj6KQ
zHL%o22H0VrlK9eSA5w<{UyuK{_h2zXtkzdMfA-$>XYXf-b<UTesMIp7K>o;%@=I5^
zk)wL*i(|{8dr*zaK9aiyNLC_QUWJe=n8_-wzqqr9g=197O4QYn&TzumM^&|-ts!(A
z&z=RKs2#U!=Zwh<>-W3hOvK_Bd$5gB4G=~o0Myq<`w@_;xQ<OPuv{E-B0tP~<b7^r
z*J&%uHt`!Z&f;41Otrd<5n9_tdflI)fV!@mP0Rf&pD8T0KkMIoVIpb{beHMCmFjLh
zh^8r@W5^;&t|r{W$1=_@QNwM}c?pv~-C6BNeu|MA-s{rjIu^Z>9~Q4QkPs!VI)O}b
z<dUDGZRPI?JHJBzB8FI+9+zUyQn}{GJIDeUX+K@mT3H`72)}q(*{Y>)hH?6)VJKB1
zO_)@>@HXaD4EY7=L!lE!7?Q*d%czopFZ!c;?=}&tpMb!+8aoYhoMfz#Al@de^bfoX
zNkAoUk>-<e?je4=3Y{oC@JH(aMD3<_^JD8YsE-h}SKUC=PS^772BP-NF4nb?tS(f|
z_yM&FYx)TD;c3x?M&IzeVBQkjWOEMrDEZ@b?>uVeelWz&-YG7&W(4M5iPFkc{(#nF
zGDsN_iVMjZG~mFt4m_NfKPE<|vo#G8rlFZsHLUFf+n2S2v;CwX{jc^S>R5^9yhXj6
zp`kR)V~e*3b{Cbwzn(T$Hsc61<<4yQ%=xKK(hscUJ<Fz=0GoIAj`<Q@V4Gr&aOLLv
zrR&LLH%6)Er9Qup4vh9t(n>aDvsue9zY3g*e-Y%@m+o9}nk-&>Vh7UdE`m0{Ys0l(
zDhS9*-m@=v^*K@jRc-$?@UfX^llvNflUt$}6V&3TDaJ;mdNR=KsALb<FE|$Lsqxk=
z(!5hcf{-B7>UTSy>-4qn<J}!^s>+T`-c;sB;#<=qiH$1mnJ(p|jFNhz!v<dD1mZ3t
zrL?{;afa|4X>Z?)U=9XzRu{9%Xb5LQBh%TL8u`Oe1524D^)neI@<LuXuwR^07^X_+
zm9EvRb5R<URfFECapX+utS-l;1}pAN`)+6`ytY%L;p34$Qoa>vT)G!H;+8=>m72d#
zz9wE-<`mho%$=V^@hGErQS!;9X(`Jg927f_#CMofJ>Gl6?#%3qMED1oV&9sS*K_&~
zk>gqdt}5?&uQ@l~4XCwk0l9+hi5iBvI-9mkDIigN2pBGM`Xc%N1H-Lj#@R&+##t&-
zjM(HzxA3nR?>=v(sUU<~Iv2BjAq*TS^qi<qa8x72g4&jrFPEM6yYjwl!NwrW*2HmU
z_D3Qdf=um*n-9sO%O2g~jD{}rU)TbihukOSuKo;!dr5qiLwgcQKWz3*V6F?*y!*#A
ze?y0eL<-{FM4nN};>LutZ<!x$BbuCKj=uUofWDa0JE@=1J&_lpNMaD$=h_ZIJySc}
z+6JQ)Ryd1|ARD&?I-PK%`6^a@RAZ^fTY$^h#+G5RIxnu#U`nYF0|{Vlhe&N7{?i{}
zCzm_D;NbmJVLX@ND-yuA;T^*N*(__h0bxUyJ5s|ta>Fb_vYa%79yqj|w@%28XR2m?
zUTbd|zfZd@<X~pJ7lwJKIi_*yxz=<G!r6f?OEs@8Ha8nZj_qL4F0;>{N8qXM>k0~<
zgtI-dWR^zzE0hv^8AS(p`t{h7c|otim97?x>6$x9fCFzlc{sn~&duXPBOAkQ;@<dV
zwh=GAOA35kp4?ka^_Sh?_quvfd3I^H<INS=MC?8#dGPsaS)=FyDk`SBN!+ZG*Z8cG
z61|@$K7HovVb$uW&B1>nB|d=R!u1rZ;TQ3oeA5aBZwxWkX#5;d*hk0w#AB>cpoI{?
zwf$B9JpkjU$WVwDcB>U#7{B`m)Xg((_j5xO8MJ)d_FRo9(Cb1t5shgBMf%1Q4<vTT
z1~iGjlSVK%e&3js#8hAXw~UN6!u?!#q<wOT;J!y+V=UNUQ@#y9U>mEOvheJ=K~j?T
zUa0WWvT2=H28U_{zr`C~s+m=`P&W4fYH<{rue0RnZ-@`TYrP!CI#Y3$Tx{PkO+4|h
z5-(yWer7Kn2!j;NYY{oyqwyaTv=XFFKmBz9jo&bMmvCzlU)wWZ+Y1a$_=%|HSx;Yl
zLC;I6w~kEo>2YfO#zHCo>~ytu87Y@67%4xHVjR691$Dk{R3=FRqTWW?Cqx4tk4x6C
zsX9#dcprMNER<<0JUvXbYL&tuS087O4H`atbsCRlzi6u0P1ZAZV^(h5d?TK~x^SL^
zl%gDY8_}+@e`Qy+!C5x`k)4pzCDt}JUMG)9a-CI<!?l8S{XAVBZK$8Me*#zS-cFnR
z+2nxHGvu=IW|*=c=*;pxAI!IQI9lhbQ%pab-&QTy_Bq)Q7Zn9D8J4p|5j9U7Dy1%M
z!>K7Al_Y_A#O4XVJv1(6@CzMvy@D55b&xdoaJkWAUP1qBZde368u+^c0+I%(PK-}V
zWhz%)Yjpe^s~@$FcxcEt{Paux;nYwm0P+ofM%i)RGp!j=@Efj)cDyXA|3gc;mG`cM
z-wT|PzEhDKCW&X|WKjf}e@@+$JL(}r+AODw`tAm<t>+i<$5wKhZHa81e=zMt&Cjv|
zN{AyOhOcfC#07GwQ?--}7O*F!S5$<jh?Pd<<Tpf+VmT7Ig2RoiGlIVN18_CC)KF@?
zQT&EnuRgf$xxF*4WIa`r6XlnDRd}V{-pqQ<%u%~SZ~l5=lF0u#hVcyG+Sl^sl7LSv
zxWaVBRCdoIExekbht7kwM5N;ne6WyB77UmoHyI8QirH^@4;Wu_^QN##gh8ur_oc`?
zutHpjvT+K_{u+=XAF&$hri}-a82>92#|N5!ht^)C<EsFg>%N#g=7QNO(J-FKGnDr)
zu7$eItcEHGQBbpp)O?D){UH&c1j!Q!#FI2k2!6Ucvp?ajLW16hd*!@&^%D6|L{H@!
zr%eoM3qq;!^xc%333K&(!8$56pJi=vsyQ$M)Jg}j-<ByfjD|ZT))qCMpiJd0e28)T
z0q8&#dNQ<J4CQ%kdANR=DH2~gj+YT36hy%Na3kiJ-Qum~I0{XeTRi?CbW7Ic)Dkk(
z?ONfb|D@gWb@Tnz_Th%foRAt+LitsWNW?{VVGW5^m?e!E$*0Wk(eN1GqeiA2kgvt}
z0qUW1z2)A-I3Cpc=ncne|I^_$Z(@=GWG`wR0*2sb4|e5r_fv^Umpa8Ak90(;1afet
z=B`2J1{v?Dx;2hFv#!`2j8ALX*2Ia3-Jr<GxTH6Q_3L2`N~Oc5UmnoJy=5;XkIpC*
z{rOU;54ApFUD+0u2S9%Fp+3C3wZs+$m=JS5#5Y!u81llc!OYL%R8YO+_(lBMol_b2
zS>3aj$jY;gFv<z&%wu_q&}8z-UZjEvDHwwpifrt9*SWn^L!=|(`Kf#>%OT57hh29s
zoHkn&?koD|3L0v)=#Hs4^{4G*nAlVny^{w&h>HCQAdPysy3!(O03OGsDh3YSN)qEV
z)g0PL9>%y{I$WA}8}mk2?{0}?e*S;DUnZS)n<1J0qkA4w(1grx!<kbz?3Bl1SaNSc
z?mSXiqoQ~G{=G_<hoj|eX$@yk+&;Qi7A1@6So<IntFnb1ObO1ay5#8RPEHy=4th1E
zO?X5Ay|6rph8LSsj}~W7iGDR#%fb%-!!taL&Lf9SHo}C(K+wSgzA$DQeW>p<f;4G0
z4ZU(%CD5Z4P5*S8U^UG}J5TYth(2AE+R%m5AZDLPdA-k1{%@$Hte?WT?_Y<G;Wt2X
zQ8^fJ5kV3oLC_20!15pH-~~PiGl-jb8Rl!baIT?0OPtCsz;;i|*H#>Iz<y(DoNpS>
zS0|XtHY_-JOEzL-9DM`2wzNIm%XkkdqP@r*Roy1m88QH#6_IXcWL{gWsollYT(40A
zf8PCfmrEaC`DS-Jp;*_x;G~Skzk_4wOdjm}hv8(vH+yEjl;}OQl)*t+WAV7S&_>q}
z;1jhr7bg3}k=&W&5E5hr9)`|NuEhUvX|xT_firQLjWaPOGD!4WmWqPtH&a>smksoJ
zOK>TI9g`Dx_sI;y?p~-Xw<v*lDm}s~gtc8bqXt;A(Xw!N^i}nohpuX+R*q;ZDBQr2
z1v?XwgH^gz;V0NXc2V8^A(lv{@RCZxD9zuCL?62@>RU1cVqD;)N#==UoAiVl`ur4r
zzEak6cv5{VN8M~8M-A~SQ%R8$MIir0iLd62)fDsI>MM`4=VE)27f4DCY_Mq59Sq=e
zbDiDTG@y98YftLMgEMe810^s$yL9e5e810^Dz_(1p_KJE(EPsPCjm9bnnI#PA(X@W
zD$W6Bna8hxg7>Q$s#u4k$zqssZ$}sg_5b|acW1cRWj452h*a?Tn-@2a$iq%{#a}L8
zo&d9-7fyP+Pp03(*<IsoY||ICu7GdV`~4@_fFUDu(YYN}ej)l*K`$^n^74KAi#rMa
zScN_5Jf*DcKOt}MMvMd$I9`#uu{7aup9*>ffeKJz4cZyWQB^?M7Pj=xrw<WHtN8dD
zet?-oeOp8`Chapb?XQRln&-u}c%SoJN<86TN=WpwLWzhIvdQ7Fwq#R619tocPIOGZ
zJUoOL9v8RSWJ!=W^jr-W=bJnQV@6(-=y8+O6bgJxv&!mbU;lO!?Hcpf(VC`)>V`Nn
zj{-j&f5nc?mXN-cJ#=J}Feq_A3#F(yDZ#$aN$S3pUeL$Skh&UhIqDds3(C5=afQ$C
z0S)XVikpAGfRqm~O63A}F*VGA9_@9DsZ8|2?@@d-ZxU0FRyQ1!o`V}*3LXcgCwvDb
zNQ}k8)l9JWPq6KS@5hj@OpzQ*=yYfAEJy67JW>KA!d^N~$@z-B6;27**ZD0BvLh;z
zjg)3!{NAu<|0ZJT#SfX4O3SPxbj$!qs}DgCFEA3qDwCKlf_LMVlB>pP@b2Oh`$dS4
z*i{ZbG3Dm}jLd$Tbn|Y8WD^2DNtJs|^9z#rD`U}F=CvJz9;G=a#u(?}==x=?%Ox4x
zLyJm7F&r07+dga=l`UJpMvA1bRfQwxGgCUGUPRTF#~WTV6>Y+v2laS#^Z}F74!jU=
z$mYxGI6--n_|*C4QD#`4etq2c{8F3xi8Ama@Jz_IJNuW^Lr!m2FA;EUhfMQ~PmI2V
z$i)B>G7Ti~!%Oixy89;^u7Nk`LdTP;G}rC<Au0EHM*)gQO3;fq^QX-!eDiZf{KG1_
z-QJC^(Q`o2uIZnkbH%o%NLEgvtZ}CrpXdF8TJwO3HA7GUeDu5F=t%>SsQSBx0oHJZ
z`sUCq)*ZojuiP<*dv2@$2MMT-H`R}9H`Ng1hj>}RtE(T~&X+kUMuEe1t}O<>^RM1?
zH*+f~klObSzZ~K{<gyUIyqR4=X#kFra|&@r@1qOr{w?H(Ep=&xqMfHtaI#;=1+Pw9
zmkM4AlpAeodo!oro@nk{ijLYbZUMY@73iMAI;wwnDpW23!3R3N!IBWTT%9P3YHiLr
zBjo##u?n=fny4PK?ALxZE#c%|5t%NO2Ct_RlcJ$zov^JdtiA^{iwraY%1Ya@u|GZn
zu){8msI>L;@gMLui+6{{s5t#riotxF@7LAz#$|AcS^NlZkbk)2e_rWsL2vDDMt2Qj
z82cxeNx8N0tSw}3oe{{EmsLK~-n^lwXLVA^L$;?xa*~4@EA8V<jN5moePBwI3JEu{
z&HxG<LZi(*eV7_86#@>}(=uxio<>+|5x#Pqo}4RMu|%z$6mJ|G4-j_^AtQ`FX1^V(
z!&!ie$z{vkFuL!tk$R|}_^@!kLm0%pa%*rFAq-8Kvv7~Ik5kst*SfD>OKhWa<;%2g
z=X`V4!TS1ih30mz>0?@TBb|9l+sw-4&XmkU<#pg!3<FmQ!jO78>cC-wj~2yNCcXLj
zwcyjOFd|Evq$B|l#m;5zPQ>>1o)r7Kc1cJ)17ZCddn@kY-0<OxAOkhvE&|{b5X{)8
zjEDOAiVWD`wRt|h<%13`%a3d>%Mi;L7`#Mp_#+?)@bDPFpGT^sUGv>qARZ22(BbDf
zX8|M5&94zy7m0;-9?5RoX8S_WZ{OU<zRuI904$&q{Zx_k0NApTw#-wZWYIcie!8GF
z7L4qbmP8X7bjHwe;q7bg)fOHCdL|I%{(J0bHy;;gI4z6P{s^B~mn63bon72_`NuYO
zi{ZzPk51FH6pJ_HCsC+j+Cyw2Uw+}7XJ=)^wB@rN@&qCbuCZH*-(<C3Ny##vQc~h(
z{P7I?=f0G<xV_j3B<OEGCHd(wA>ziE1Y{L_*pQE7VsPf;0HnB-Oll7}({#THArkz%
z`*LWC)?L*hYyXDMoD}vHN7M;3O?=R0QyUNR6uU+m3s@;Sx|5qb@y>ePWHoWa#S1fe
zJ>K<eGk9lneDL$s(r0qmb?c+10{<5W`OR;4va8^)QHDflttyPcoS#?GM(8s{gJFp%
zO>i<G9s}OA$ZKN`8s^tte3|_#TA;-Xme9+~7RigB+;7yT=ysu-qY`_euKDLRj~mR#
z&XZNs;i8qzRprcy<~jlE8?TG(zH4_y4~-cG6FN6Un2${IJ*BdH*Yk=7<{xJ%m=Xp%
z#QwPIPju`)bn2EQA=uZXl5t_gu$d#CaXV-~$Ik%;BLBe)m*c#5i6Vtd00xTf9p^J-
zjjkhm^47t4rl1R%F^#2+uS>eMW}CdQYb<m^ih|1vCq}^<XrH1|W>XY9M&e2;e!IG8
zTO_L_OsUxUFOCzoGj~~C$CqHt@*Lh!!yQ`v#sGsP{e|MeM?||rQed!Y@h&AjRJZv1
zdZ;NTMEdZMt4G$V&OqeS_+^JzIC{R(H^%<{RMCY~?u$z&u49Wdr=U+AQAG-!#$Upn
zwFHgy3l{I!1;RZT;unS@-d0nGwAQ5{ot?uVpGORdP<Ow<?aN(-y<I+pd9foB9pUFX
z-)^YF%Khg$Sp7u`7NJYLvg0cjz}F(u`vYkVG)a;o_Ue!2lU=+v+81NU!>6r8YYEVp
z*E682oA^?nnSw&<#we&x8TD7nllc7+2b}m1;U&bkp7$1w%o~`x<_>ktvUxAE|3(6k
zFIL-nViQRwMU7HmxpphywraQnGyWe_Umev|)BUS}0@5Je-Jo=eba$t8cS;^WI;Fe2
zySux)q`SM}ejok4djDXtIO`l{&+Pi_m>KO@^m0Th`M%OL{Xp(-jP1}M!wmc{<(9zd
zv$%%kqb3HGGb~^ymO#J%9G3c4B7xF{sv+5lTJlggF1__yoBfrpdv0CLQrRL|Ogs!#
z@pwQ%?N6KrdVsyAu;`gS*=P-85<g6!D14IB5>OQ~CKnrLiGgl{`Oe1tzt4jIO1nZ6
zKac}g%A1qpBU32Jl&A3cX8{zFa2)J>9NNApaOO<;&RZ1X%WT?KS&AFfWR%tRmV9ZB
zYy-F~;mryLEq>K%=GZvWG7H&*I>|JG;X&bQ0aj>~8F;b=HsaP|0%z2c8LKYe9V1#j
zk*;dwcL|?VD55diAc_hzCaF@v4B&s+KdcqPx%YDfb8>tXp=62jSni^yPFJwnSdw9l
zP84wRP!;BipY<P09;gW7xoK*&l~t34#Nogc7Y1<D{@{1jWPWUc`axuY9-=T^`dcD2
zVMc^}Qfo{$gm`QpEe%5=XnysEacQA)MFX2mP%`WPa*j)cRG?w0K*Pq6CdyN}{u!1^
zy!waQn<ltb%WX$hH+e;=i&nH(_%GK<SsE5rw>S;ZMD3zM({E%PQY7U50Ahz8(IDQC
zBI*u^%N3%XWFs1Qy?J;@%FP7(4E{C|xrl7v;N?TyHHlAuO>TNAE}05o4M&DS>LaHd
z`IWh}H15hnc<fDXsX&u@K~|D!o~2PkS!;)&(*^Wa;^5_vMt!(sT{`r|hx`pSsh4yy
z%YsjHQs3kWnYn+sIeqsuUDdkEy%`<49ff&`;p7n|owvJ}rfxZZ)=qZ!CC7Wa3c6X`
zH{-X2_HH(R0-@&A4Zs(*s&dU{fNO3fy;^WMk_H);XrbbpA@30}4AUsgzw9j5>bmc{
zxiw!|5P!%E6gRN|OvaGpw-TFyj))_pIe8k~2Ql?C<KZQK9AAxVizuZ|Gam%!wg-;r
zezRvrE_uZu{ndN1;=+KosoHKAC`51r@)ZG#wKNacM}VhFjpmx7BJCazfgM~83+6kO
z3Yy^;J8_<Y=SfJV#FfG|bEf~TT)vfJCp<Q7^Ly-2WIh$tLUtWRx`Y3;rMpn(*s^G6
zT>R^>1^tynbIRbypGEMgUK}*9r&b=1sP!9%a?_BHel4pyW0Nv^m>EI-K$NKQAE;~&
zg31-2fA)~>@k>84*~`8sU!m#eZ-Ay4#H8lKdlY;tC~-W9y+QJq4CC}>Tx7NHaL8C7
z{{0#fF-E`s&An!UCVE>Fj%w5=g_bW(QX9#Pg)ruzZ8~<N<G%x3LYq<50J~8>Z#zR3
zQUF$}XuFgvt%3%$JLLz3$On4QF4HDH&`1B9t#SHK+)>r<aHE)@Vfu&IjQ($!p8`z{
zh@88wS>fcX6AS13FKg!7WAJ7s&w5K5aOZCpaB!zfTiNtNun-GdqoDQnwEwF_wX*5Z
zbVKVA@?tP@A-~^Mww2{Zr4#o(+vX7@iR}KdN!|3Y;q&?5(5<+gD&OHc|C7+wAt=2+
zL&vxYLaTK6okSE>?MOO&J4|8GNPP3^0^PyPJtRpUH|7F{^|mkWzy*u|flx{ihCVaX
zmkpJ+yTF(*4$~D39|(}2`0Mw*682;!I?ZGzC<vny>O+ErSj#L3BRL-yDz2X~(X+c^
zF*PhHUe~78TZ{0i%%wx*2lDY`N0Nt0_<x6?Bi#x5grg)d&}6C~KhjBi2SC%W(|F3=
zQQo@u4+cGba^gQ}aQyG3zYzE<Bfu$9d4?sy0J5|RB;-SdY9R0KD$K)4vm&y4I*Q?7
zr>l9Ijg|j{M$_lre5!hSPznCKBHyPOooC5pF~-Fiw7g(haNZe522EJpVNe?XzX!f-
znlvPPy3YMw!!X=CK?K@w{n?b%z7I=JaZzm0h<$L)6bhK?`7>+v|4N&Sj(fW6%zL`g
zh+-C^8>qRpaY#M=M)=B0cKf=YoF!X`N?OwEY+FX!I2LTa5%=KyLg3glI}nIfVM`$O
z`)y?tgQ~juygxW@Z_+;2pa{xZND>w+$Nh8zLj$_+kT98XopJnhwqk~dz&gAMLR1pp
zy%XQ??Bk6TL_$MtPq6vBAnhCu@iyzs@ix(jgB(aBNh=IWk=vR7IYNRguwA$|W#5dF
z_RLP_*bg-H1RMlT`_?s#--(j0mES79=r=*y2ozTMu!V+Ukqj0>lV9$QPYeTaOf%{0
zT#bmk6TT4Pblzq<a(Gn?=Ueb!#343CzvyXLV$`Ewd^L^LY_P$@{fjtcPT<4on%{?q
zA@fnPP9)2n41KrXg8ext38jL&ChtosM(34;4+OU+7E!EK**^u(2Rw4qe_OR+^Ep=X
zKD~q#ShYdJWwz8<1;q*fkpYSmKu=P<UfMR>6~b$%PDSr%cZ|>*s6R^oyv*(gA8l?A
zS3xxTBA&%$Xc^yNvuD5urO)Vl3Gp`^_YyojgXl6lg8%^pL1GX<IA%yCU<c0@<g~gQ
zT^f5;NIT2=UVOuoys6Wo`dY%cTUcrEL_`Q6CbNn-@^tPbNZ|g--%R<)L&E9X2|`h&
ziiYSR!bg+_oT<Ez6K<$L?~$b%q!2p}3YI_rs}!vpLby~~_Ha~qq&_klh3pyie-tmL
zKHBr9(UCjO3V8j#$;C4GwEES^NpaonsTjpR?Ca(#Gv%og?g`*DH>G1sWP=+<#&|If
zI^mT`)<0A`7#_PnvkP=wM;aXhGS3#fIQW>}+hv3vK?c2q!~3f4ZJo76`32(S2>-wM
zz`nk#Ke)7`Kg&mkLxL&K{*FNiZ^kWWW#C)bb*LTWf;E0v!jtqoiHKF1qLsr?h-TlI
zE7$H6*@vg@vQYr1M^@H)8(yykS2cpN1OFSq5XdD2BLA*HznIeNWiU<(0Aqqs@5&a5
z^8>&r5PU9CvV!jdkw&FMtUYuE;#vSOTp-Na<6q(FlQgb}u05Ow5vdP@^fc;>k8@*4
znh5i2%|;Ks8+do1yWP~xDbP&V49}Na{XXwPdBX!?#$gLh`6P24f$Hjf=hO*kRl>z|
z%4Vt4YXQ}ygiYOYE+LiL+U|*3qPaW$1FZRo*-we7coL=p{tNpG0IG01EaK!T45VbC
zhS2yN-?YlgwYM-EY=&HCU`q9tAIWu2VwR<pf~=*8{|WLveBS5A_jwV>d<9$}LB1bi
z3k3;s(}$ob3T}*j2z@Xm%S{M21aGTsL-CQh88gM4lt~=h{7zir?OfuJ?OU(Z5hTIX
zVGe;l;J;j(V6Un_(kMp=)T|CooEhOpfUj&~g=Zh-rVfn?VGx5uRl@G}&DmF<D)@hr
zOXQ^DKf$cx53(;2fjh_BqK@3H#V@$*Z|D8Iwm1?W2|T@^_MNEm>p*w7BjiDF2f$8q
zMi3v;jq+zV3WsB64hRVR2P*+dMWy5bjCFzT00JUI9Rdbvee)f3Uj?O;DyD1Q9kNao
z!5uz{vC?8TB&2^?Q8WJl49y<_BG4JpF~(99hX&>XwqTzONEcTIq*0XS921_y^&HmV
z;39Z}T>6fsuRI7E%d!N@^u!PJe-Uz|f)KhX<tS%}^)DSj;0#_;A%%B7?43tHrZjkX
zN6Sfrh#_K4l^N&_fxiU@wZ(N@p}93&5R9WGO+-<1!My*O{Kh&I`_|Dv&{;UBVX07!
z-4wTkb21sSpg~t1_Y}Vx?+3W%t{ZXk!T0et|M6H|tR)AmJaV}oopUP#Prqj`IRh9c
zr(p=z3!!Lmqv#nS?nh$5ojawW50AC*b+;mT(KQKeYH<H^mlL?9Ahj(8sqG{vBG$O~
zx-@U;pySV81ZJ6Ye=etTy1<v`#2Md??TGo+!P!85n58rjbS!6^3Og_{Z%7%g;qUv8
z;oIE}j!3-ukJ9VFul~7exv~PC*=9F9Uq2T=``BO#8VGTp!>V)%yWT1yZP^1sq%qqQ
z!5i@=;^dD3e|5K5#Q!6R2_HdBD2D1O%qoVONUbJfq8+ys3~;nk%qY2Dm1J)AXfZk4
z&{31V7j&HRj(W&HsmS&*X2?VM?bwb#j8gA2jsqo{1)<Mr#wr2+B5tg=k@I@a(PCYZ
z_mrEW$c%VGmc1}|*_a!tYjK`Gz&-<GiWBE@YaF*0Ne1SuG;EaN2Oh&l2@->UX13%V
zbpfltB!igU9BIcoBGxfU1grYymcfn(LFFKq-HEZxIwE8PihTQTS=&7{lry{e4lA2W
z3@W2S!A?xC;3m2^($3SEW~Nk9YD>L7oR5z7kvY0Vxd@=u1bna^EIsn6jJj@b!A!l{
zc@BhIE9NdUT%J(7kFZ%rZ?6qE^$%cQblefx-#1MO<P&@DR5mOYgx~)FuLxTC@jd#~
zG;5FNA=z`cVZQwl#kUF-Qp7Em$SV0L-!$N9{JEdhhW@)=CPTlv^^JxaENvDd?#E(O
z*aMHTI&0$aXQ0M|03Qv`x;qNm@0rf^hN3k<+ZaOqD8h^8CLe+Om~pG~+B<}ihe8a^
zN3_4Pxj#Xqs&lMTRZIWor$Gn`>^}|WK0t)sG(&_1`5x{}3Xf=RqQ$5iW8Dd!!j-;B
zXP>gGGXgj{wxkg({*I)qj+%zE(l6Wu#=w!I${7BUs%){&`<#OGum`;mv|BHn&$UT`
z<aSqo0BDy@m{y40m9BTzF8P2t8PRBcd;?9qO?Zw$>=5ARh8FlKfXfxG17mmZFBib!
zPOYyt%&f0KFwGBTL==vEF$(KTMG(Qvi9%0y#*t?&9+jkkN82}L^oO<s7R0w5Rl-k$
z`xtpkvi!V?P7HJKza>f$eRr{kZH|tt-q9rf?!Gugg-Lwt=2zTnk8^ZIX2?2UvHgyr
zql-m|-SJ;%=yl*&?|2^f>I)_b5yE(^8z<ujM*nsr&eIQ!3eZh<6%Ktr^J`$5^G}$e
zmF$APIo%YW{%hOoOmFU1b)PJPZevI=LX3QI#H}o(8#ZvhhwU2vudy<=@^?Z1_QORO
zI-@$y_?Ldu0&|?PxakSI!<+NB&BX7%raym#GLu_Joav@?QlS5SWy-J)|EGNeg&bJ!
zfhaohj%r+KeQ?S^SiD(Lx3=_zbk35Jex2Yh`=N#<BRBJL{wEP$TVR`GA(Ve%srPa{
z_<T`eYfRaFFy3B@^Yejs%IMehLtxs!rFxBi`jdw)&wfU;H_+N_^T6-W8xB>l@S_md
zhHOMRy0gbaXQz_sis8KhXC)I%R5y^=@H_xjn@FD=6~OnWXYT&M8hO*q8W|)u_e6=|
ziS(JYCat5HBw-2keC?c?<<W4u_pF6SpKu`9@Oj*|_CLOH*U*+oz7UjJXntU;SP1Qh
ze0a+ac73>W1vZK}3%PkTt!8`c`PQeVWQ25yfY+e}9xl7L@W;E|_3!jd9KMksWNjDt
z+~3K-xqrh=d~C$mS4Nn5PuYaEX%0HBz}k*0fj02JB6h(JhLLzLn>qtooN55bv4>QV
z{*(2R{c_SxvvN`p(Ipx4k$SZ|e7Pj|PuV5xn+L1@_)Q%Xx+SC>F=V`;O(?rN<^D-f
z?Sl&H**6`Jyny?=)bG&NTnRFPzhUu1FbdTs#@x39<TWOQND6f8b>#tX)vXE=TD~1J
zRkT>aWWRUFR^5Pe&|d`n72xFRxx?ZT1VsdGAEj+10QxP8NOyV<3)?&4nE1pVtC>dY
z)(;gwavHz1doM>{8!w+@*XYj`j_PzE;8da$RIWFFzjRWc7kD9u-L+8UQJP#r^k3Gh
zDCbFT4MQQuT_@;?x)1%+`mn>+Hu05(86a2rVS?$;o7_YLzX4WyAFP5*n%rZFc&DRO
zZ{pQWY%@#n4^Lden|*41Z}t;}C)j(iaO5vxFn?@aMqx=o?M1(H&2#K6%Dw9yp%gMn
zA9FpYh=FB#VfG;dfIP1IlLvSOyhpB9eAt|_l_^ZWbA7)*4pzmKb@UU{Pst`|zYKH;
zEvm|RXDuSuCl8t$&gd`B7)Eaq7+7t<yP^9q{r<O3GT)k_K(|jfyzc@LV$3?@Cec(-
z8|@f1CT+q>sx5PMT5E99avvud1Pbx87IE-<=*<)Z4p|qDc6sg}2sB@u4&B|q7g2*Q
zl606?UY)H0)j@cTZ@&%x;*ZgzZCfk~ZEur6f6zi@jCJXQi~uv%XZ`$qzn6evS|}tT
z!H~f88<7Q)^+MIgV}PqlNZ?oI;AZP|MkPBVEu$pg<AIWlRn5a$1h7PN07An|Hwl{w
z;$Jn7kB2w;lu_8yA?$#t4t2*zX>q^Gj`;03*AMXqh9W5+iJ!6M{5ajl=*x*ngOhqg
zTdg`m<~C2=BwN0&#^^1ihjpu%yT4e*&LVHW+zaR+n6GQx6dPrPFh(O)<@`Ov04Kf2
zxrej!RF|zDC5hOLl5VcR&-uZU9?P~^rMIIHt(Pt1*rAa3LDx%@%iX$~vAPHX{<hz^
zy)hT&%8qj1=3&WQdcJ=XHK4)&JDtZ2%Qp9^qrne4t}Gag9)MOvIZ^fVLS(VT$YpKC
zWjeurFJSo?<)lAXml+LAa4h7nQ0M8PeZ^J0Tiwfk$_ZPY>%)ych{8X3DEBK&Q3GPK
zUGKkSqf{)N(dHJjHT=Y4C@qd!@cmuPDJ*7d`qZ)D3*A9?^<kA>qd_)6u3m$SRz5a|
zxBYtpbm|zuKrb!URJn1)_Ydn7<2vf_&A7Y9Rw8%y#yGfaF7a-*Rub7Z4T{;XC@M8L
z?hG2mT3!j6q>lTF%-VXh96nmuCC|<rr6o?Ta?1C7v%(rKV9qUM^ZJSPskAT()8`K{
zg={}Qbzu5HcMxo)9yY2*R&a$AX;ZvzS5&Vd4H=mXaPvT~3~RkmgWma{WR8DT<b>_?
zSxe!TR)p5sEadpj%5RED4VsFijVI2te3}>F)VoShieOD>oTcz>O$U^1lF%tQzq+v8
zG<RX1c;dK1!9*au84*$90z$#?(V$1a{sWhbt2zW^3d{{gaV?>sjIqDgL`L)%o_t(u
zR#yx#qt!bPO<Xf!HAEA}Evi!SaAtK!fpD8rqI*8!tM3fzNWZ%buQ80M$p}mPAW-R3
zd@ZBzKW}o`sUmJC=jgl-ZltbBYMP*_z%L_bLq+&2v3oZDL2-!5`Mdj{3C%Ua^M14a
z@UtpVj{uj1MEeS1tAT>G)W!Uf)s{C-T{kD7?R(qaS4T!?3mVD3ecma6Q9)(b;+g`E
zpYC>S)XMEu5oarw9X$Yk6N2@^AZ+hUKM4Cb);{<oWg~7Kq|PV1+({HxZ>`Gp13AqA
zlOfe0ImU8SuK~VK)UYfuW$h#DZ|3v-*HD+<g$w#1Cebw(9;Gu@x2iYF_LtWDi{p4}
z*+9VFNsz=1d|$BG<5ljhbV2!1Xu`(^HK*R)Ed-+1#yFaAFeZSMErXU2%Az2^PWB_E
zU5|vzsD^$>*SlE8x{tD0wmfi0*A>Xg<9>hPY;_I4u{eeIR8@5hqLAsK;IS3t@#A7p
zz=<jKgsaglEY_oIO)0?E22+5l`VQ3r{t%Z3r`zN40|hk|9GX;NTS;)1hUkc+8ZJf&
zz7rP@5Fb<bB8%U>DJ_@OcJ83QlgXvoz2wt={2?@IE+4WJ)rG;~Pm?ApR$eJ)f9^Ph
zgJgEb?!_m4JpcF_^c@;X_YPYg%3xKzj|L&;zBUI~|IGCsyaR0po8*|BF&{?3IC@PR
zZuKcO6H#N)xWH*$rq(L!k`7R0XI?4IBA3KkUSJXSbD9o=$Y`T1CAmd;l)mqWyuwl%
zywo+ExAtvio?n3NvX~K$(y_xYCgCfLyn=`_`|gNT3Hd*WTC&%~^nIlXgP{D-B-5B7
zW31R~!aEbRieU#kC6{K2tZ8ba0&aTR4inS=X^YIas404QN!pxz{;>&tF^rsnxZfn2
zFpxE74Je$BU@Am44q&;D5D42oOHPjl&y=ObAw__pytRrWjQ}Hi>mMf(0fq@QVe;<Y
zgFkbx8<M0*2>zx<fKeAheK^32#xVOoth*C|f0m$anTj?^*ssy+d{Xh#-y=EtWSIVV
z;hs`T@LzJ-Fq>acyi8Ou%O}EcEAyuA$BjFqcfd&^Qsymv=9lVsggsLfwNn~J8MCj~
z9XMvpAKaG<AqEpK+Tyk%z(@h4KKzs*ge|+wFn}XL)$cdla0z1^l1o;Nl^d@7gu-_g
z8RHyZsg0I5c|OJ-+({JD;%St;MBgc8V~F{eapRZpRWvPRRUybi2lsy@%th*QDF4^$
zkt23M-uVZ*u8C0&^IoS5z;4ZD4pEX5!>s%iVjUReT;TJ6_41G;E;`ev!u%7#l1q__
z+fb>B$qo!MM8ED<GC^lE;*Su;`Vr}=CgeCr-pk?;7JZT;{kIB>3mK6)bJ>xyok~PJ
zM1mo!T9bE<<Mm~6Ofew`YKNrx%Wd7Qwyj6ua^Q-pP;a-Ba$G#rt-4!)Ju0fL;P%KN
z;0@un#C7+8-ZbKQjva$D>~EYJgF+sj!{$sw+OHS5OMX8rtwO{QE^4%(C#vLQJH{=3
z!35R3Tm#u5pUm}7-=eGd@jx8G%kl}O-o5Ir`_b#ZO|rGoH)=l=B@Rnik!-~|dQ7}p
za1<~l2$Y%XSWv83*r*hYB<bmFtdB_W3zD7By~WYjj)`xnFfZqBmn-htp>idDoS5~R
zCA<{w@Di_81yFZFV263DW?0KEzJK>DqP`2rX)iFG?p}-4WtjLwJncIvCUKigRWZa7
zxv@|~T^2pr$oDkXIXNPFgs=O4f&@X+V}MaVLm0})zlb4c4{>DD40(h?XERp!k7LS7
z4>VMmlYA+Vw>YKVRthd*V~Wx1D3}dWV{>2>DA<4ZeZd+d%)-&85aV7<2<Kox;q&i?
zj~Rhvs@M&Mis<y9`v&X>QM7WI#!;I7H8np1AA3uB6oZ{URX}@eL<IEVKSAn-R|E-?
zVhA!zY2Xz0Dm>OLGg8FTj6mk$XvFoWZ9eq3!#$qQ&T4^*sxd8|@35fK4>n?s!!5-r
z^2koYu|4uZImO0;weg<<GlDds=Gz$kzOS+Y;F+szp&>3pZYe1eMEt`4WeSdaMfEAc
zrHI7iz+=GZ>0Km|F-gren*KNoGgiXe8z<KWqr#P?uv55q5-FK3TeeZfrKWRg#f8-F
zoN+oaVAuevb^Y;Km)GvM3Q+zdP8PiH`a46*pVhy{$cxKiYoQ_CGk6I>SLL8q*+8HC
zwv(!Df(*UmYNHyYN}y|Ll$Fia0{j2_Ev;CsC@mpq?77YTP%FsLM;8f{q5RTS#iY<=
zPCFdUQvtfR{pALp(%@R_{XoL>$k(s-2u9u!Wjfu$sl)I7*tO%X25pdC!|!+(97h-n
zh5<k<lx%4Hf7LU0TsjpONjePDBMU|RWa*}^hl;@b`I)m1a+Z*C4-emkAa8tQwhCqS
zk88J3R@t0@ZDh3c7Ugw|Ea@jNk0Ihg?gTu)-$}l~(5Wt1eR)f7JSBZw8_A*MoCIpk
zE!BNSx;Qm$OW|d7QH`AdAUI^I>#vBV+BQ`!1mfqu*f3w`=A`7T&LP=xew>;)yKF2k
zU|Xq#HcVn;q2GFm!G~a*@}?FkWaI3~TdI7g5px!odMh+T#ce-`(@*a{cG&fjzoYe1
zD3rfUjPUG*$FcL}Fg7aMP5<j9T2k%~`GoZKlMlDz6(L~Ap8CN(EzV<*uPh|p_<Q&F
z#77z%#&CbHWw_u3$tm>#G)4RlG~#(%2=#@EjK(HShc=>!;8@4f#&5jC$1=lTR|<AZ
zYY+Krlzlxux8$ABE2?iueGq;gbe_6bMnQ{8W&388hz*P2+5k6u;Fk6J*7Kom_GQzN
z+E#YX?X?S77~pQ85{8<yIfIM3Bn*-C>QCAU*k>#je&%Y#rVxZWX<N?Y?~7mm+MsPD
zfq#IvS1T_GDF$U$F^~(M<CF5KXrDkt#~HcN011L-RJ?wPB<6&#A6!X@7X!_vU;Yt3
zJ;t0Bmx9(DLOo2Inv;bIS8L8*BLZ7Uyy~$d;JF@%Endnf_Cg|5)w@!85qEk+9DeJC
z_YmOpDMo>XA>BDxQpqM-*|D>jO6t>)p&-FE+t%=q5h;vrYQ?bP{+wk;R`%JCgqYg}
zvDzZGL0asNSmOD?FgV5K)51GcXv6Aiqk_8{{S|lvIE7@A^a(w$q**Ce#3Dv&T*1>b
zIhI2}Zj0w4lnoWHq*k@(*0<0_Az&r<Ap`x|5_KcVFsht(?zWG6lpWK#AHk@3r((v9
zO3*@I1jNMR0}AnDA63PawSpW2jf?m^xuNY=9ttC`W$=DlUbS4?HvHaF3O9in*~~>y
zm-qkZ;@&HKK;1X}kFJOR=mJ25r4;)Lg>SDkif+x4b}+V@=pC#1DsEfjMmdEw@mU@<
zMb{L&$n}-S-Oi*oD6iJ#B}Hx9IRU<yZ=xL>dx!8D-^eEz5%VY3&Fh1EMvh6v&%8mr
zV*ETbs1d+-;6b4B)8*aJBr=`26f!Ff`z`VCoAjqDB=gVSw8G^vxBxbmXSvy%(tf_I
z9PXhv8sf9ZGPCV(WEj(L$3>XdntKP?xcXNb6|VeTKR~Xn6=ENlkjKee?|;~1@2kez
zE}!7XI$zDRofmq~#G@k}eKCi0REJ`ysN$W|`^=EwYuOppF0S%(j4QU|8W0>1#OxMC
zgE>?rF41r5%;c&;G6&ebOOEDcbh1i2wIYgz#9d=MwSLp^Ri^+GLs2F3e5tnpjbjS=
zqV`Vch<V9P9d~vcL6ZnaEW4)faK-yYreCKmHvE0?OJiwx=6jbUKW!wF`u#(9`lB{b
z4*XmZXS+J(Gp=6Ior2a<|IZ!r;lgtYD-h$DQ?*M`4bXt^?+{cI+ATUw_No+o<TjlZ
z&?a%}y@CaoWe)y7zA=9}F?~XXHV5&|<mrz*F{KuVJNByF+`2WrG!=+&6$ia3eP}FY
zY3BBpADD^f$ed<!!66<xRj^&`_uQdnS;!H(HvtV_2Ek98wq4P;5(3Rbu?FPg?aPr@
z`8X5(OsxU6`_?L{nvgDCqi*MiY7Zfq8}#`-B-&qJ2MI8%EmmD!t5sV1SH6D`Ltfac
z*t4sahd46nKTPIlu@iPu57#(Af|xMf^t=7Q<bZREz3X)v+&o!S^Dq@CIfw11w!%8|
z%rU3aAl&LpWRVw<70e-4$q8&?W2sN)O&$sPF<Dg%I6@dKf^-^}u-?%*-oF#P(&fD>
z1^XDLbQC7F-l$z1<Ro=_=NZL<C4_p&|Iz12a=aKpEq7vUl9Ke2+$86*z1FFAU#1-G
zz!}Y4POPuP;zDyJn&e(R$6>-h;CMAItl?Xr-xTq7MBThH2*`440?CVww~g{BL)~x?
zL?n+L+8HRdYz@;J%$C^Wt8AEat+b|8so5htx&l>;)1l;Op1xrj=eVmC<0vfZ8W!|T
z5+t)q-+C%M8mXj0x3dbT(=FGEw+m?%8>OS0WYHZ8Q1MD1y*qd0?6w_U-4W<I(jN*n
zmO-bs+Fwop>#@@Ovzsz0vW|Ac*E(9aV#u3H`T4&Re3gX__rRa8>SL_)s;<ZXqqZ>S
zQ>KMdr#1`qL|>}oAz8uU4)3TOkEeLo_fBM<ZJNaGs_9JwIyaw^-LUd&ng6L6wpt*a
z`dAB<dU)gw4YdueY8}5SI5qDTqixrx72r;(pSvsTNpFs0uhQbdCF;P&iK`u{<z%~e
zAqc$q@mRE3>0C#GH{}jrTbK}zk8q3TqqHfT?v1vOkFW<Eu{yXD2Q&iiWOEOhx(^a^
zDkop39W=65_ay_GYJaomBTc|%yiG*+u)`Du{iHD(iAX>PF5!B{JP6SLw#Ps<lqPbj
zt0FQU>9H!>`XBj1TZcu)V~)LfqjmiFc<?B{67NYycY3wyPfmNftOcR$Q(7lg1DR0H
zBSQ##DSz)o+JV;e9kRo}?QRo3{%hU==u#7>XE_A|9N3=?+s*12YT*yChHp5U@b?n1
z&)IYB-c0;vzAxtb8=#RG=WE>Bn-6$?9p*~q452V+KFL)yj*L5ysp$F!2SG$%X@;R7
z5qti+K;M1aH=2d5iIcI4T_*S2Dx5A^p(^n(g~JmiRvFFRyYBCTymQ~x6WjB+d_VZS
zEl-5ki>dI{P84g3roHo?%7Y0tyTdpi855@#^|~VhAhUVp=RZiUm@rKG)lBZ{^y0Go
zq;dM4?&aKylTzzT@Ez;W<0H+8uRRXaL^+~^)5l4(efYDOsRi4bVUqi=tc!DAX{9-D
zx!bu1LosCM=>iT$-)j_m$OzsA>6VP(+{nB0+mRJ_S};BjRt&E|K8!r8Ewt{1H?Avi
zvhsP_1N6jS<wo$~{WU>nC(L1Y+%74H8=8I-MOS`3zSdL3Va@b_<20=Gdj~y>*bB2y
zF!WAnv~U^!aIT9rWcO#x#Uexes??YXbFqR!dwks6aQU5B(Lpet5tZH_@jbFc%LGm<
zpZGExPoOrD|1F`;F$0~ZxBaa|mkTVf@7Km_XFmrY4N-)+j5H8%q<3vCnR$2G#@8a<
zHynMrF;qsaS>8s=6fm#3vA%ZFv{_4uP7yk@-t@CJne*PTWVA}E1|lg)WOT}@Osu3G
z+?yL0tLa?$J2P3SUwVwac~Zyp!>AVXhcgwsikI1Wn;3v>oBgCH0ndm`b4qzMPAp7V
z+8(sw+s*__N^w3Bu&;i|mG7H4Go5zP0fgA0<ab2htqiXT3H5FpJ~bURJ{kg=3mU%=
zuCTFJIHbv&GqD&zmg{|*u}5o%@~PCPQJD9NEN1VghVaD0RBw?uO2o%ax|ZLKVIF)2
zFZd!N7E7v8ULPR%^PNq+;A~?V$Q3!@XG~@OAHs3~PA5$?z1{954n24kg&VJh<)1$?
z9fqn6q^w2{L5P3RJrWM6zA_H2XtRlJYj$?s%$KWR)$SuePJjHhYTR_)5IH+>qklRY
zZ%}hSD`fjk^f}r?%psaZ*?DU6Kvb_W2C$4WMFQvf73zNd*(s01db9Jb5@AtE)7!O?
z!3FVcKpvn?&cP{2{Sm{_GhU`o*P_YhY|ap9>#!0Mt65zqR->Dv>G8AeSHXZCUcGbH
z;__VLgSJ}7;p#0G!1bi?Bf?i*z0Q|Hs^&Ywc-B+i$5OxIp>^-FQe6HuK9R2FB#XOJ
z`%mCE(1%_7Cka!Nw}Un>1;3_}SnJx|-$w|u1NFxp#i1h}`en!5Zfu|MQ+P95pSMg?
z8;=#tc=&uB=_&U_S@TMs!|?GA=ANt!4y4OU8Ink6qXo2r6Ib}5J_HFsn?qv|8aF}k
zat>S+!{(@`!PK+2B0_I6w&|NBcbg!R3VvJ&5&=v}m*PB;yjg;NBN1%6x0>Fy;%9(O
zS_6cJj8wEGw+S>xhT&8eH|<+1$EKOOr{4R`I&32YDWycz^^qrp?u#@#yX(?OKe`_>
z2jh$Or3<D(Zk%Ky<FjD??Z*RPlzCSJ)bei;8@!h(KGao8Av~$OLg#s4l~0OMtg_K(
zm$aG4w<mH!Zmml5I783MIzf=VB6tAHI3KOt4n4)6Lanr?#znr)7M&09g7LOUpI5V*
z6xf+vd*&Snx>;F7olJxMK&xe4oqYsHT*GsIdE;+7XdX=a(=f=fHZ(%kY~pOK_{+(3
zX>PucYMu^d;TDb+Ov6pQgS=6%J1WlsHn%)aViX&0>`&U(4*{isSNiyVM_~z|!ON?^
zQtaJRss^s~(baesXWc1po7EcSM2CeVn6&ah<7=N&-qg8lNpju%mZHD0#|vIpF=ug$
zN7g5p(Qw1JU`;=0S&0|k(na7RlK;2wGFs3XtHKlAwgI}!d&GNr=!r=>ih@5jDdOnO
z$G>iTNRpMao%C*J4A8Ko%eNA*ORZiG*?Kpgg?qy02QzXIKXdO<lDVt`8?*=E{n#aL
zpx_3^m(O<{9DiujLA(UB{c>n~SE3B);TS-kl<D8P(!HkXO5oqj^iEtmVlzVB@?)cz
zs4stUVu3MJR}oWW`au%t$X;@3nipE#sIqCV>friRa5{uo2Aq6jf3^82d=C#lW0~?}
zyOh)FZB0?sCDro2GwNO+D@fOsVnDjChzcCDRMN+uyQEb0^5;wYU7zWZk7GQGy!RK^
zw~hvd7&>yFko=%w2B(b*(6ed8-R2xxh^Wh9;hji+fd4awlE;SD^$M1qm*!N2q2&b%
z0NGdd4Va2FVrQ(YeyN+w@Ks-XCt*8kN*kv^XdeyeZ85LIIiZlbB`fQcK6jLlZ?X!F
z8b;D*4JHNp(iLtO!J|_Psl0o`dmhqXpZJ1ShEDP6dY*dcuxBc4pJpFaZ03?3#mMbn
zkt@c=UOqhVGqO{x1i`&oW-AF_MjV)y2i%@$Xm5AY%Mg54TWn*c@o9EB6(1v3S5JFd
zK7gT`d9;;$yayj1X{BTXpLz^Eor}RyG2%9b1vn|#m2<B`K2#OiA>bMS3R-3PGqc%E
zUkT72ypvI@CooxDNQ`<~XpDSKJuI7Z@YU}-whqa{q=b=mAL2=`TkN@!;;c<S0E*Pl
zsstmI%KfjRIc0}Cf?I?IrzawOutBs!<=arTm3sVD%aQ>$fo_3Di3WUFI<bMXZJ_jS
zH%)kU%Q!K1;`Z3&WpwQtsKc6CH*r92RuY5XU(iuatBF-9OjnORb+j_*vee8#&#BLx
z7*5t~-X0s(iHCGdJEZ!YH&t9881P{8rBHl=09#uQ5yeue>hVV^Guz!nyK~xTziEG?
zK+Gt=;A~$ic7T6HDCini#3#<e`C|XIk`hOn5BJSkr)x19`R4r`Y$Xg9X4zIg2W-5U
z@7guH>81rj?gP^}GXxzK1?PL&XEEQE^S!$*xz+zH8+W9~mR78X0P`y#9V{P`&2e3k
zrzg=60NQUuBLcC!^tR5-IknHNfrMOj$K{KX!Z@y|17AhY{{d3%<`&DsDB<i1uCed(
zlf9v=Gl>kpo^RYYCBw~=FZgP#XlpJEV=Uyn%-wia300yW56%^8w)7Dl0wcLs#jM6G
zlLB=JJ3c@?Q?)sQ)3*-AapZwv0Y<xhW2@dTKbruPUWCzurSLlO-JT`5vO_q6!SO0}
z_vi6S4!*N3(s+?CXtwEEJ@J88xw~2!-{zWoauY=g?;GHc12K$ixsJ|X&fA9_;VVLR
z2FznC!c{MtomECNCk=Fn)}&BR7*k!?FFzo`jD>bC3&X><L|oDRHVeS-@FTV&>DRU_
zYEKN`>qI?PUFM5RzT@U>#LqjJ@6PGylkp;oY>7XQO0H-;Hz|F0*9x_FqG+Z|k#iB3
zM47aLM%2EM8Xi7}p{0+aH0i8h?~dTtT>whr-5aSX__<-hFN^!tHc)IFR`%AsaC559
z4?@R{oO!y}hkR{ifSP*418)S?%?uLOt4%P5`a$sBW-Z*&fu_5wf>KP*hpSjKwuW!i
zwNUl(na0xi4g|5Qr@nIQ%A;wCowt(YHTdw_B=;H6rg{5CS8WLdK^{_F_!U5WZW2HT
zSd9L136=CNmN_@reH-+E5C(e~OEC!t`=hJ0RqUQ3p>=TuuzyZ6Azy8$X8(zM##ie<
z6|rH4f;y85ykdp^I>TE}y_0yckyk!mFNHVfPYs_Rx-Z@?DjC8bea;=!KSj9U*XAZv
zxEX<bK;2w7w{n61);85KXsZgJhGa2R{yBc;2!-8EC)(epmp``Aa?rb2LM1kuaHxx9
zaFb{x7>Du@*bdz~`-jw-9#?R_g!fk@YTrNy#wEHlq*x9gMZG(xtdfR$Q&o24=GyI#
z?Pj{u(Nvsro9V*A{5;qk)Itz?4q2|7w(bYlosPo&azzIDfHU=aN-k_EkQ4Y`7*isG
z$#PO3JyA4+?lkIG90<`l6hUqwlysb#0a;E6Fk{raq2Lub_d|~MYMuCPGcLqu*`e!#
zH~kLyL-J`&H^>ocCzLpXA1&={2o|lUAm)lB9{jZr33IUOw|QzCG_DD}F0Qrqwq@)5
z@#D-0>@cR(m6NQ-&zok-W}YADcaL*9&_>nS;jFi1#aF#X33U2@@^9hWwW4n$0kK@}
z;PvChHY!AQXLk7~<0O##jKh2<J|Ak1PzxK08KmF^30TW;E)%~Dx%;|Ecd=$?8I8c3
z)2i2|jlkS9xB9$QP|vmNxW?Z9SU>6JIC2S57}Ae_=cvhZa3w<rP$}<(ez=>v_{_B8
zUi1xq%4+<6`}i1nP_sV=TS}~+4iJaKJd*oJf^~#&=tewD*)Kg<2t<P#F>QX~;9pmi
zW;!SC&!Ni>s78xjS25P|Q<zcwxSlgp<kfS^Csc$=hHkiCWW8*!?0ruuu|#0*n{Aui
z=lE@^N~R@(M&Y!QM!|{%W(IqJ?>c~HTEz0j$c98E!H^CHERG+#INH~S3fQ0!pHv~>
zB?i5R`qy8rV=avEU5^g(xzA#WiZt7Yl5~fcMF{A*gl6ZOx#0^KcCavCWeb-E?6rhS
z0Z1HXve{a`6ufB)-YvFgrxCc27~B?HiX^a7!~!j?tG}2OUayJAp)=6DnXV3xAJXdt
zX&vO_ZV$LaN`c{})uMv(M&}#lQJ^f$w(Fwn{uh*`IILLLLq7U^3DeEWKw(l*gU<&O
zW*+?F(PqYA-}}9gdvkJrW&W+En@Nk|0I3nH>)hQs7vlSpUk3LjLe-!f60?(B1R4uC
zH*GpLLjphUc|};Os@=($6|b2j?|Q5gT|c)(*vo?~5b%Eq2DIuV%Y&2{%Lf`5F_GqJ
z?@84dVzg*u33VCM#^`tMO*o8MJ^^Dg!LZ3?uyW70lX4dJ9UZwC?NQu<eZm5;loOk{
z7$H&hy(Tkq(o$xup66vBGAZeQJ&89IKNG~Uc``oA8F+rVXj@|uns5%mrbOsJoxBAu
z%K+Zo(XlmAr}vr0A=ZP?B<OZb))xbZDHqz(a7vQndp{a6BYvC~gc)(-q_Mt&UHrss
z7qgOTuUg$_+S!2;unO@+i-KXpmZ|$(C}#tyIRBi{GzK~y$S~>ZnfDFS%eP}*v!z#R
zVbxE^g<S?x2g=q|G^@s&_B`jkp+CwzpBsS_eVC-#qS1lCWaK?y8C_X8zAUL7i_xoQ
zZsikdtv=$nDG_~Bm!M+SNTNf{SRyk4^|_D;5~Xkv-D|#7XRY`ukrn7oA!zZT%%4r1
zsb>VimwW`#wpJv8|DQA^PDturkBaHK&nEJMq-lfzBu$tgX&NDb`1)1<06i7pKIxBw
zGTm^{7F%I*_`qMV<{w#BEHNj-R}87jIO@{pGH=);Q!4}68AHj9X}A!|qI*W4!H;bn
zLmT&60@{vfR8fYSb5T9g4!iiyIsMlamy8t&!gLc2!gN4wVs%8eM7YQx>_tDVU7LOb
z44LFvfPpNPid^<GI?=60v34qJWOSfzFp~N2JmGk@Lli?xRU|{2!6X#O2r^xyCVq|*
zV#<}oB77r(r4iv?t3$ly{;SIpqqZmM!_A;A4^Vay+4GDbu<+PQpt~8Mb=n$e@y$)I
zP73b`CGReGodL`LbVrooA<n-A(E`43S{EgWoBJclm(I;pWJQPc%s6KRB;QbD3I@}%
zH#8j~X8sB*@E)5qZEh|tPfwz8gqm?BIH+rE2^xsKZGo1vulQ~3X-bGXcMnyUo$e-s
zsBuJPU=#rLuJ3JS*R54-@>F8(Ve40^5<Gx2Ixp*}J8g?)&G&WE*(~Ujd5=>j?^HxG
z>pcp}Q!L<0%kxuO-Np>QAOC)itV7)3YasZ~zyqyBuhIbmSM#S6<x%Vgn290PmDu|I
z?bV@k98abii(AhNyNT{aZa0X7e26gIle!0%kQ3mdNa`x7B$!>$1fJVv&M<#)zH-&-
z=X7{UEc#ZN%haWEOT?4nY2}k5@nWM|*jBWQfRu^K*{8s#=<Q_?03wbf-KWvh!V>hr
z`{3lKkaH^}CnozhzeN|j5-oRH96f178|%|8jxNsEtmCs~2HK(&8~e2^-p5l5hykxs
zDU?C3)J4Adk`#1vS`_NWu)CR6%0{64vFexo?L$A9==Ndkh;u>J`*W8GhNd^TJXk)3
zTSDzv4(Pejt+{#lv!r85j~7yYDCSd!j3Jd@*Rn0M6mttzH(%LK4PaEvVGoVV71?RI
zcc7(svpjg3FF&TdSlTP#6+T<R0N*j>mw8bFrGz(~YkquczEn+X=`1*Nviy*cGA}n@
zKgT>hu<j?XA205re0_zJKH7t3+jNi=<yyWp#6DALU*Ti5A+X8eR+j8Kvx}9CL9O>j
z6)_+jf`>0Y)#)&FYsDpQdj)G^c1D{7dzQFTC%6-(iik!9r|BI|=La%n9{_X6tL@{N
zXVY6D1*`!-!N0(<9>=~)r={wGAgu-m5t&{S9_rkP2GR$@g*|=8+^vb}7nZ2cWJgB0
zyY1#{C%)4w_O!XlVfDw9JYgzzxvaQD@7xzAeJR}Klj|ZC_L<lME_H&#x`ql4`E{WQ
zvNRcfNursrYU=I4Wx7a$`dL5*MIw<&Eo5<vH$<NG1oeGGGQ8@bj{E1K_Cr7E?wM#7
zsp`94R$=YV=1Is=92O!t$YNv4ycYSbsTIV$4HnHtxp1vTnur!m6De5Jw}MVO#N>~@
zxRrxyUx%;Xsn-9xqFMH+0}pmrMJq+JsF^1YtaKliYfC=^o|#1CVz)~Byh#RB5`~j}
zZL|z!5g{^y1)GGB4gN`z+L2{uv6E8fQ56jf;kjI}q(O7$ZPW5(sEMAW<Xl3voLC6U
zc%nrn7!<Dhc=z-*Jg)sqRjy#6>Jvml9^Xhw=9JDk9Tj<l99M7dmnOPH129~0Dl&i2
z5qLG_@eu{(K8B$O%2eFvogcxJS-(Yx-N9U#Y?B)#>ziaT%T{q|THAcc?Qd)OA?%~U
zd@oa`xFC+Ivnh!Ib5Uat$G}W(SU$qG&RW=Qr}w08yO#@nHa$a3Vve(x+&wV&_;ja&
zPjHhFhJ`hiEbgS~xR?^{*H!pn%<|DS0>GV1+PPC<HOH%T)VfMN`97~OqfE(D^y1CC
z^;LuRW6mw9VHJIU56D+;+%)0N9}U^sgc=u(;0=Ty>!B6uAzzxK^?@q2{oV>bA$b!a
z_pSKRpgSfT{E-}lF7*Db-@JKS68>RY4E`fdlB8(!xS{-pum#IZJbv|p(ap=1=SIjy
z=T&z}PRcsj*OkvdpZSA#)vXJ6$KsBwz+`|j?M+=vWe%i`C5+psCmO}q;wEj?ydA~Y
z{I}4!3GycsbMp$B%E^Rm88X6*Y7d+>k)>N#;$xc9JG)X78H*tsPBxyAi6dimZsfP0
zAX}Vd@F~rw8u>XDhmUI9-cmOqhm<f(_c7NF-c3y<Jg(d*W4>0}8xk+p4q^<~4qicg
z9vUTxYpw>vp%%6c{Wqynh7}FH*Mo-M=x%Z4gaKBbUz4Hxihfev+(t%UgW|wzzyyJ@
z(N~kyr>a(@vHP@@*F&RSCrvpmAhI@r4KAmxqkM7ob_jH9Q0RzXtD+IOxVu~B#}uM#
z>o0J-ugBlE8CgzOoX^X)#m@B!b*zETk)Pk1zp<bX+C#Er!#y=>>}S32@zf5oU39Km
z8PMcEHgWj=(#U?WPvd-e<Ei@L`FRS6Yf5{(eCt{~Rowq=DD2x1`FC330+fSkisgl)
zA^K6j({1p0m*L!iDlGLW3EXui9#6cqRx#;TF?Fi6BQ>jn*`=xD_bGy{PA+y2YHFrO
z`%fFbJ1`LR(*BGO@4*^+9bKy{Ty*wdFz*mvk6ft8=}GZvu4}nYJ0rp1Yu*q5IxX1A
zM{FuPBY0POg>myTKbZ-2bL#O^%JNO4)=<~$8@zvIXHw^!=A_)7Mk}0NUEwmN@y_AP
zE<{LsOn6X;wU-^(ja$Da)yqB@ym!*&2Z!90cK2NowUV|fx3tyfIQO3Fd%Tjr*v`9x
z{)ILDBZB@}i)wkQs)85V4@DUq=$&PhC|i>B=)*9{9oWCR2&90b33zGGc`JvmJDysR
z+F!%8Vr`Hr_oh~9IbFV$e4|y<`jq}aJ7v8!bQ<=Iz6f(I9Q0e*^!=T{h-Y<37s03|
z8l-H8H&@8N4%*>KFdf4?VrKAvrIkjjmBhC%Gl1E98Dx5gRjBjLlcgMH@P7Zp-uI){
zoBikQT(`06Lj&$8L|-)+Ghsd*Bof^VTu1`SoL8(I@IG4DE*eNhq|d6D4#At5MYc7~
za0Zj6RdU5Uuja)iHu!iPU--J@<Qr}-^cb4Mg#+djm!D9Yc;De}&8s-w@6jM{9xh5+
z%>c4IHM1Yb8K+WD3u4alV(adw<k5_yFqy3<ijBepXxj+tR?<?JPQtfpALF)bABh`|
zUqmdMq(OfQ$~<J?S1n(IlN~#cP8#o2#P^j__)?cR2h3kYEIa;7(A734EuDPhu1ksh
zUO=07(IsqgpVM%>WuIcwH3rldHZ1I6_9_EutW5rpW@se3D|yS)At6GfEVbNeDmy=n
z-{2THjNK%@*=wt=`(?R2Z6zsbf6Zx7bI9_lsR-jmZu#(PQa@+gT3Y8T`04wQp-DaZ
zWKV3;5*f$3+a(QWEsLwX>_{5&shT$<Psy7fX^ugKBJ9t_vg~*hL;gTdA&=a*52=v*
z(qk#N!nV85L!h6CWoLlI=@+@(ZtzzUoBkk~#qD-DuHH>1{hT<#Oq%C(3FL0R@U79T
zztyPf@s(v~kg8vTRGpT|VdWy<x0T81W%yT#uq_5$BA!Cu_DRo0>ajBlcgni+?U>%L
zr<aqQsu|$(@J_b1rjs7=1>}L!ZsRO#yQr0%LwfUIZ#46Xt#fRfr6tR8?sL8_ah~^v
zjQ;sY9kcIfR7V4;e%vYOR&hgdM%f96E(_{5YfZTFu#s~s6OJuTxtAgHQu)DjTI^OM
zg1D@ve2aXsJ4|JVomMm3A6-nh9%ijU*Wz;BV7&)e7ZsI@;bUxa0PDf>NHgy*kQN7E
z&G&H}Z<g~p3%ph-AaCFX^-^N&tr9|azyd6Nes(1GR4e2*%Jr~C)a-c&7d`K*-oJ<_
zwF0V2tvr!2r{VhBj|xhy_}@(;dWJ8N<KB7TRFDkY<%-THB=uiItA+|yUi`I@0CuU+
zO0nDPf$Dv<09W4??Mi)8oOgLKB~scVr|Hjk{)tFt?ki6AU7-G4if{8-SBbj*7T3|&
zH^sWjTPm(IdG-Q)51WT2_NlB%D70r<(nW)Y&YG*$s89%yl8jTZp{q*xui+@ykD*{G
za#&h-0``0ZI&Gt2{!=j)D_bHBfJ97rc{M3n6JE^;Z)whP5ZI0Mc4M{f_5SjD232`6
zvgsG0=EHqT&<w>uGZX{OF!D4!d+Sj^%mdkASv*_s_`S}ccLH`f6OCJJz<64Yb1EvO
z+|n4n=z#EFuw*>e2>K5*@)wkWn>QiGZeiTS0zYp;5|O5XRN26jYn|u$=v=$nzCPH}
za0=Jj?Ac%GpRLH+gD@DWgy#_<AGoU(7Uda)U1zKgyWG{hkmtyNjhaRhsa=&-dk@F9
zvM|mV&q>Cy1HwhV$`MM<D2S1|HD$w2jbSCGg5$+qdA;tCnRo0HFIUON015eG8x8p)
z{y^Z3ux;i$cOr6*>$r|4Fxt0mai>jSbbw{qY4}gYN0S+9>y-hw6MrPY@kPTb_`vnJ
zo^e<Gx$rq})Uw{jWAm|WBb_zIv+dYWiP+H}<2-*QA=UjbTz~Z;&S3R{c%kk^<fcSg
zf3?wMbcKORWv?ltnv+Oh^ry`Zq#z<$#u-<!XC6<ad+@&)>BPRu>KQ09T9rfYJBFXQ
z!)dZJv85%|{*L-a*9VHSNd6kv{ZhCKmTHOWqW+|n=dtCPCBIxdD5ZcxbwY-wDA#sq
z;Q4+OnC78=H87*6vEIxtLU33s7@tg`dUX0uvL@`nO93{Wn|MGug<fZWh%|tgH0&kc
zlE#}Be=9Hyq4u>sEfok`JhjvAq!Slr&MYA_C&8@==RRiH!lP%PH)=g|L;EiKUisCR
zW|x;>nIcpyx`rt-Ea=}9d>p1^pNsOcKr@iU0L=hJD1gAp#lDwPw>rSDuJEj(m5Wl|
zL~PQrAnENGv$_DJv{>hr)$4phC6n7y!(b*WGSIWXz~>RFy;0^+Qkk%bh&=6Ea5LEe
z2C<?39BhJ}C#u|ZPlV@W%_`U=JB=UtUNJJZRbU)eAWm#Q^j(EYH^~~BnG1tq+n85R
zBMs(MK&@JFg#Pds!-XRQ!DIu*IA??83Ie!y;_3D-7*OGMJQ6Js!8PF|dYS)c%K%Q6
zaur@yOvZW_1~O8cX<gaSv2vAYs6pKbMsHP`!u9ra*dx&wf{QY4o^0iVJ$vw|AdR9T
zziMwMgGE|g=5qQ*nvXK*grQG|N=UVjEr(Z0hSri$gXNZu6=jBOhiysAC{R)bE-H$b
zK8@LBwkNjMkBOaYj+X+VZszJ35`gs9q0>^GOou_Bn^5%#ALg)O#>4!SB}{`bI&bRd
zIz)CDZ!X<^np;)qcb0;&_ejFEzW<M@e+<v_3Hrz3#<p$SYH-DFtTwi7oUzlevEA6V
zZ6{3{yRjNQxu5^<zWaS~9sA;%<2-hEW@kP#JG0X(O-}MJ$d9n7u!m5UJt8GT*sLVJ
z>&&=NH0rgNluI2s5vF=&R8%;&#hZ%CHIRc;wBjUkNazmrNEFi?utJvaPSGs{ToN`}
zW<h{heO{g0X>Q>zeYH5E@4He-(!r`CZN_8FbZz6|8$ud9Gs;>e5CIomgfCyv1(8zK
zGkhq_SOwdua7XRnn8)qlB<sEg#-AnokJzC}q?T~7m`Q9qVLt}2bXH~7&x~(y-hJLu
zARj1>F=@{IXGSc40cXj-Pga?d1{^aaIfaIc(a43OI$dyx^C*#w=1b`USeLI;c<j-}
zB{{pTorv+%9mG0p%~H8ICWOwBt#{jNSkxOqh^rpvZf-XzFj#73+=xzpiFx<j$7Hy!
zs^|aMR;D>RtUdH+!n)~FPi})V^pj~ksB&05F4D0A^Exc{05`&|<lQI?S849UPV9Ot
zOO|gVnsC;NzQm7Zi0ftdUkIuwO+Y73>>`NsJ(jCkgu@x->eN@c-hMD0sY42S_rxK0
zyR+vkmB?<<6RYv2bX+25h0F>%H5<&E?(@Js`W9T<Hc~N70VKsJZLjIaPnunpH6a=u
zb(A(D1-=_d$}T*l7DC9UH1jzaVm#2pE(WDyeHM|wkY<Pf$K?5S1xdK7>}XLLLY~eK
zCd;#s1#VmlQEWl7bp;2{d+xTm_;EDtC5hR%^$D~RsHLDu+sE?n7XD3YKiBY6&8$4_
z<Vp&!`e^N1k-TUI(Qe}!^`nZeI;|BLYh-ZwIi<QYyy`x^)aKF405bt?61}%r^^`|g
z)b@wCX*7dt!}Ajtykf+XU{Gm74Uk@5`L|tm@I6^nb4D}G=dx7T((k^c^4r#L;>{fX
z<hn_)Gt4;V@2#yKpT66<LWQ2!VE=lTTW`N_iJ?6110;GrSraHF4+^XX1%<Q&V{Xq`
zZtDqWe*_P|Cdg}8R-m7TC;Z~-ew!RYNGnXmt1AtHGF!(Q8;L3ni$}W>=WNqSXlM)A
z^)raHntJmKtQ%Ky-a4aH8Vips6ixq}`NP9p<RE)dqpP9P*n^LY%0)@F&vGGY2BZK-
zw2*|FS6q{exI&I3b40@iH_l1}c-CG@C*l0KFl8)kg3rkdN;mq!L{#@ftcf@U>1wU8
zI9Ri!*Z}{RM+~A6Om%HjMCs4yX1j*poa{4!^ZK~HHp~!~(NGIuRcFRRXOD}wZC;3I
zS~&HOe6Y#q-S%eIvsrR>RSe_g_Lq`>Z;F*&g(Y91=YCqYK^67|AZ$D717J>pZZGYb
zh-myHsN0<E;zy)n!N~05;c;Zwv<iug@X~63h2Ro7Lz<cp5{4boX!xS)MpP1oT;j+o
z>WajgoJN**>&V{HOu{cuOkm{;2;Pem$yl*ko^MpRA^B(4T$Ri(nnL=TT-<>Mn3QR)
zd};q#FVlF>-pg|p{aZqCKo8PTF%9qyUU*`>jd%SFEp5HpAj3^n6Y6RLO$ZefeAGnU
z{w+)^O&%T{E--pmq8VRkwZ8O{Qq`QFH<{|x^qnd(Z29}1**;J0=F*q#2xLlE$KXmA
z-c2uonnzTp2{)IHOdT}-Qmk!GD~Y3AjbLOeiEt%`1ajCN`jL;9U7u&V=}ak^WMc;$
zRlM{XXv^btW@bT^HDk%ht7BweW5+{}EL0f!%2gRyW9(c8<_@J+WU=E0{=()<k}KA-
zmPw05i6NMgd;PI;tPWCZ#SVckLe?8^<89z;mDTB)7u;|0z6+|E%Ke;Wfb|f~skKoP
zr~Nf-yRqtBsk}kz3ZMd01LGbeB%b8RZZ3clcM?B%xTg5Fx88-je%J*5bxNE{+AbmT
zuiKOJ*YutK(=Qz16~H0t=-S^Fu1~;xr}1B?E6jakE${2yu)BBvYAv)~J2L=pHM(uL
zRe8|3qnO!NZJ1s#MN4kk5v~KOg2^0)2yc+tRIi9pxL5fm08nn<bp@}d?8wwc=TD{D
z<}{NzGDr?aHj@cwlf#bUl<p75R8Ehp8G-1tzks?jI{6VrX{N5BJ+s!!So?2}ENt23
z`pP-vKK7_#NE+s_fNQBAS>jX<j(SBzoqOl!R}lhAwmJ`k5^TmH{KIobJi(h)lzs`F
zD}c+Nr=Ee^b0|_RQ!(UyyKeeT=vFn7*GW@KTMGQ%k^_ULMy_vsl`1bt7hTafB^cT5
zV}dEcu<ZjVf_5!9(c&`Lm)<T3V($_Dl<`u|IoNs<Og~pYsQ+`0YKKiyf;G)kKF-lf
z5aJu$8EBPg(9ynIE@vEI4VV$YhVDZae;nf+9I#P-fwUVgK7RijqH6{!a#pP7h`jaH
z-uv{UZl{5dYG6~MnmfQ$SDDrDMR0i-r;L$jMTLC(+v&woONJf?WI<}oqYsO#C9|4c
zv+WO))iW(l#*?hE9Fh!ey{O2<S8x;5e40ApCLJDsiucnqDjx-)&e*jX$?oJe)z@&a
zziM;oVY<w3&)L}^wmt>$@oe^66hK;B)Xw&YQmVai2RqsSmh#pBA(A!ZI$I_Mw%F@>
zJg!(0V|*ZCs)bJ48CNsmD++Ot*b{p*_D~SGmTnq~Tot9><T9dxyz2Fh8&WOt6kRXt
zG|<uof__Q+#76{>NMZBR^z$By*Q#uB#;&d|1lI`kl_5pH*$5&-&>>$F&}HJ=7wG<c
ztu5{wz`S71EH*6mJKtKbS>Qe<zmSl3;xmy8r7ny(e>EAe;5KsQ7Qz?>{aS1<X+6E?
ztMTwXw|raD7`mRK>G3q*r$S3L>`E`pI6}4LE*nY}73f+(UrE*?+k|qWGy1CsC(X|f
z|0P~sLSyaID9H4md_ntTrl}<#ov2~U7huHI^d3T>7sJV2f>4H_<yLwG@CeR}^qLPc
zLdzZH`A=OC5s>FP^Xywf!)ECeXfvHz6Z0aOk0pkkm|z1dM<YpR_tg^LGJPQ<ij@_B
zh7&f(**Z4J<8et;$}jU0acY!Cj*5NshwkDUk|t;(EP>>R7-n=q_<W_*8mn_;U-?W<
z9am97@?|nEu4Qn=voWMvB+)l$CiJ_If_MzUxf}@ZYD{E^kF`5`b4%(?xiFi{KQ|c^
z&#?1T9K26RmgTdTecY;}az-i;73!aX%1YRhC`Q-O#cDzOdpCE3=aScAG}D6$c4gAY
zQtMx&bOa|Ab3u!_pl-imDu%X9T6Df}@>$M&={?d&apZjIU{r~hl^fM`k3t<aVmJgH
z5j<*1`s!#c{71%Hrd9j+Alm;N1hi4gNO4V?$d7{%9?ZqZ1|J7}jkBQt0;!rysDaJd
z7EblyH2ak5Upq^r*0c%*9JbF+RvU;4K{a3=|0uEE^)bfy>NH2XLAT`N;b+x~m5X;P
z60Fv;Rj8>{TqW2?6#Ik79yvb&TP=NNhN3M~42_Q$bCwfXV(+(-I5M(Cumi0YE=&MP
z2<7Emcre0A{KgG{L&;LWo2wUJH?boZOGpS`ZgU)0NmzH+ViPV)9Y)^99|k^uBuQ1F
z3-etz9GdWl19Avd{7lS4S)k8LOL`|JH`L2iY1+*@yx-r4vs{epUUSulKAV}i??4{X
z`d3s0Z3Ou)O$=Ghrvk0u@QL%J@uAN)TJe{_xYKp)#%3U}XXKwJi|wL0T3y4XZRl^D
zT9N#=ox6s;^lTq<CV+@_mECmf$;y;dF|O|SbrT`z%vV>ea(o@8i`uPUbI{C3V2gLi
zSND}!;}W)1sSe_oO{JDQ-4khBrVlFL2+S<!HE55NL>&1V6dZ?QF&epXh|^aGi$i!+
z7CsaB*Q6F0!NwZy*<fHSVx@q2>Y@M2Z^95}Bgjkuo+Tp`UZp71!`W3H8%bu_%OBm*
zv-KOQV_De#*lrk*!R`^`L**vn;hwVvvJ^x<xg5(A8;(ei4}t5h;FzjChHhetfUlGZ
z)%BR7Ztc3?3DRe(z-i8`f()=eT6jMfD+u?vb8rA9s&HT90uYK<Vs*}npG=4J>0?G>
ze<00RJIGJIp+oV-yiSGS(swza0@>q>fble8oA^T9`#rbOi5|#+q6j<Gx!w(;s_sJz
z(kkpEkvnqBlZV+?o1^L~s)Q3#hFIXskU7O+lEcW5iAuv;;+9BYDko4XgZfh0L<>Gs
zu>nl;oQMe6d&%@F@j-<K|FDna93|a{sL~nWD`yT!Bb)C~=0o!!qCwfUxS$Y!32sah
zxv+rJg@7p-sD{#rUlc>(GyF}*8c03!qA6EogfZS860K0Z0{?f8L6tzfz@juBW=aG(
zvf&u#OUfS9Vux-sf>nmSY%@UIts*?*`_qeCjb5fQt#bi?3wT=_!sJ~$KhZQhze`@w
zAymtT$vs9(ZGlK%lUwv}OA~Zzz`%XkIp2CoK+=s*$GKTWSTuWPv72`K9oD^3dtrl+
z{pAry0F$Sha>f0kbMe<<6SYtCfy#{4L)LM%`=u-^JHA9|lP}nLxeQSF`eyJ_@bZ4j
z6HQ-T&<+1fT+u<6@guu2DC)=wTXN69P<&nsH$Er?jZX^~t*;MOJ2_N)U~(__w;6k-
zkEmr52&I*DgdG2IVeU7%Qw{5XP}xfcWAxDpBceP7{5x*cuKZ)p$|1NQF2i-f^OpO)
z@s?t?^$C!yJgse(D#K3j9u9S;d@x?McBan3rL+lVHI8`X(eTLxJ$GW22j1bk!?gWJ
zVe7f-YO++TC>0b4x9v-f-<yy!Nbibmkqs~I_#J#G$_n0o&68)2L%A;U`XNyA3xNyS
z*Czc-7IR8*WJyuZn0Qn^T)6n4cvQ0J;Lp-GoDqPNXlFioUN<b<BsMXe#XxOzh>X?&
z_MQ_f`hQm9lolO)bP^3IPZ9YIw_scT<2giWkuO8=x<_DVi?+*9-vV7J;jj0T>>ECz
z<ek-<g0Y;fi2tdzaR<}9YBDsjY;f1yD{1v-8~wA>qb|1N@U<InNxY3~_S_ekjM)s6
zI^D<BP9-v8rXdzb-T`sOc%bry!^8)9ppp#)k+aP6-qCd<9=_Nij@D_btL*&n#7cs?
zU8tq{!5a?qADdt#zXNh{-2p2`3&Cal@-80^TKJ9XO#ILT&T&MhWe9zJVyc2`k|e0)
zmxiv#Y`1b|79b2T{Kl~lz%yB5>C8x0f(!xW-qL2sJxlC0cl>7X*u+A4_A23fO&1v@
zEBd((nw&hd?Z3#Wv#xR&vGk(-rU*g_qXqv_$W59jph1$s)U6B@Zec3JtGIA&_Qq(r
z_wOGp+sHjUggTnGurWDslidineZJ`yKL0dZZ2D%sSP%{zjJ#Zo4@DOb94>c82W#WT
zvC5*0LZqV|FqP3G_my5VQQeYD9d!T05aOI1A7Al05H3cO;AAv?mlqdXX!)sjRGaI1
z%Zg<D%^PCFYH$rZlPp(aN{wyG?Ed=Cq_+$LyKGe>k}{NePDGhv{-<!L=gU`D^|W>1
zv##R<gq%zTd~qU!Kj!DzOI<-?$*(J`-WHyvOEzxIXMyxhKei_RSgo3hdDXzvD}SLw
zefun=VIUN2G(duR!nNxRic!hkSM{4;gc~U{(JPm9c+xJB){Psy4z6}+kc_fpEr%-O
z_n(Xt|Gu?t)}Hx$Cdb9UeI6EB=Z^Ldzz>V;yLx2GHG!dlUQH|4qbpgepHwJ4UK5?)
zaVbjh=i~o>EdJzfocJ46KkK)@<$wbY0YLr7$ZF=+<ksYq*VabWL0oz}NxAC{vZfJS
zMdl~X`8(gDxa2ulvl6s>B?AM>k9YLUNdB0?G!-=Yh}wA8MTNnl0QNkw1OXAVMr=(&
z^>N`<!j)S025|6U?;|IAfqc_0uW>x?)eByxM6`TA=gKCRo$l)lZIm)l&>aWF=__7j
zlc8}7618hk1rSoO@bwj!j=ro*^?TrJi<J|Li7^p~^>>}QtTA3ik{6PVcEU$ScnFPR
z+kignm^rpdmk;LS0#f}epr!wKI~EoRTs!57T&yv)_(mqN9J3De+7N<x>sj~&;S>h*
zU?XsUv<#5GR{SLFYsn|!USJAE?Za)GEoMS&OF8xAKUi0|$*o5e$XLkjd?!EsanvUR
zPENL6lf>PuV#o`hFVPL|A6}1Jj&|CxjZ<e?4ydwrWiF!$co1E2>Pembb{#<0lZw9N
zr%zY+OP8RO2e%u8(pI#{W=EebEoJYPF6&8P#rUB9#}m{Jc|9o~S3Q_wG$@v694BfI
zGAoBm{@AU6jY2l2U2zoM>?-`2DxIpqqu$dhnY9+>raV*h764mb^eBe}FjR9s@(P6A
zQ&AV2kgKHUtt&UrkcuaoY=+*Kz+Zea)}NOG^C<hIt7;$1?)2A?roC%aY-V<`N{s~9
z1;yr>l7Q|fV@j(FCB3ozw7r&<p|f;8TFQwOh&I6WS{Gth{E2*kCUl%FY7Imr)S`*N
z^cP~s%uY?R5^JRI&mRp!AnU<_u6fX)rg{XqIR!(*2*!{qTT&~6DEP+;NGk%ZPd4sA
zPx2;}(TMgf$#g>lu`W(rxk-AS^v1}n9*Za#>mOc%ZKgJ)>f$$qnh)<|8hYl%uq#2=
zWQCf-MdbEy-GF-w4c|?d$5bYGrIb<{@L9Lp7SX~`0D5`e9S{9J>fXvWigwn1My5%p
z8p4RoLQsMra2E+kYaPS`e!A*4ifUwmDt+8;O$2yevKjN4T!wfWJU<Kd5flaPN#jAI
zdvsTi8|Te`U5mzHCGze_ONphnef$Bn80WiA6nM3No3sM@5>Ya%Y6K%l<u;>g6rA1n
zdHQC&1E7>q#G$<Pk*v$?$1gW(f=!$=Uoey4Kcf2&hnM8NWPMz{;6D^=<LQhlD_09v
zMDs`wqjdBkxNxHRYH9+3xfRzO!cyaqY5PTnZ)bgdaJ=QW#_wdS_-B1pNFf#U)rwk}
zF)8JEZuI!a-2&dm3)U$GCPu_Lz-``Ua?FVo48eLWMDE{jEw|rcmeeJ%J(vi(@frhc
zsRC*#+&-=Bcf_ys5=4|-NgBb}Q@UMB8U^$8A=Pd$jHM>|4PNw-EyT&~MA!Har46@O
zChLqf4<m1e|I?X}tcg76`dK`Imf~P%{2gfWNOmc@YrEhCE5Pa1d_BL~Tz6Y8I7c72
zwpJJ5o`QwM<ZqPsqf9N?Pb%jrTA$9ce`2hw(@n(O4PhADtouNBN-Uh{bFc?K3Yps_
zsu2tdnWP7-1onVqChHCyaUXf44E6!Bp*HR;>)0G=t(sf}(Pzm22nr1~3RxFF3fPCB
z0HdxRu&MZjil|V3tclrinY9iYW7gs06s(u@yi_q?>gsXghlC5CSi4pq9$kQ|=hP$V
ze%suV^j*y^(_~rN^A|5e@VFryj&j@(?v}`?;x{S|9j{AuTlk`j#+Ho0*&EABIRP%F
z^y40yTPL+eq_%9)rchIEi}s{aRDDG?Ae=}%!~<WM%ncRG2u7J~C>-8UG>9?RB%T@k
zC}f1Gh;>vt-CH@~peto{ZD|NOKk(nK26HEVd?TyW-%>meX}o324w6Gf<J+^<C_{Tc
z*7k2VI(0B2+UJ1A1?gW!)(nWLS-<HQc9y8%?ZloiMp@%b)V}uo1`q>-cWecJHV2xh
zW-a)hw9$>w@3aLzQM`WT&7F|n({<cH*lKNAT7+p+U$=y4s{Cc92i-jF{K~hYcNnPo
zb<bI_`O;z+xBS4UGS+^DVJXlPqm6qYC6UGm#*;i-GCQ1TFJc9h9gcP_o^4Ky6qsNV
z6_^nB1eIrb5>Ki<0H~`lMs6&zQM<*_{0H!yrR_yLp6tPWKsRq(&mEhU4A~r!X=tBs
z_V3Wm%JpR-IS13zfPo#$M?)68d!BBIz-sA-PI_(|L|H~y59p};60L^MHYdAX216V4
zaJZM6h4XG9epJ|HJ2cnyaJ8dlQ3g&FN`+^e09>RMQe~%3r|u!-EVEoF3&Ah?%1t!C
z!dL>KpnF#?E8@n!*84ax%ri^p6_Ti+GtF@@ZyI8h+3pO0$cQqh@LjM`?pR@F(eeUw
zw1$xqml*P9OAB%V`xn-<F4bLA#ZPIRlx;)5&`!JGWxtp^)^i0`o!2v9tcGv(5xO@w
zfy&TIZx^|!Z;Q4m?+J3Jz6E91{z!jmYUFpuwW(h%VP=G5O!L)aMZ1Gc=Tfp15nT9A
z=Ht|;?sB`uCF<%%U@!M03#Hks8wPEN7%~1M<FC}?lwJJekn`c9!b9wQ1b@*acyIOB
zEWim$$Jh`cDpA)1%FmU>fS<6eBf{&au$i^IzfR(&x>W5ToKnFE8dWzY^fYci<t<Ml
z<45dQt2t{MIzy;V)o``O`}ptf1gYU2Je^T6301bHA-><3Y5qA?csh|3BxLUbx#oyH
z4XGr`J?^?Yy;(Gh3;e=R#w1%Hh9Pj$T?--a$}F7CasKpmUK(HL4xqK+lg9U5J#JVi
z-(ioWNHAq2H%vMRhL(Zrw4@-aZtO`8Dm47(78x+G$>5JJ%HXF;A~w}rnfGHC!-g>3
z+St^DAO(wKj7_G0^^f3I5Bf^5r-ZQz)9AjtpdM>UW`Vx;O%;2dx5Ci61>*qe+mbp2
z6I;oYnl*61<X<MMe&DLNS+h;gL~H8Ow5vhgGerSNwwX?wqZr-wmv>8-1keX_@uCY<
zmy$OK271DV8H*S2;S%q&>qiU6+qd_tSZ>|DK`Dhcv%41S{{)>V37nQiy4v|?tX7}3
z9?<-jK={6JQg}$CkC+K!rW?0<$Icz>LiWDoZ3Qwv&E+)2HjHwDhieFiHt2ANHvG?S
zpmHEP3scBsvY|tBhT7H91?1L#hm4`H-68eYGL;Ln*^jFnHWe%6f+HPWgd<Ir#I$4s
zA6b=-qIJTEpAD+*W8_xSdkf)E!NNUHDJ@^nReLFe0_)p>7&JSv3^_B{@7xd?FPq`B
z2E;}T(q$=6!W&T^R;Q>OgGPh*mJ?#Zh=>H{YqJ9XXbW?+Kcpq=*}!qgAnTg5;@6mi
zRm(k*jPAe04)nfD7hegZ!@N^CUJ9cJzoYGe5Wk@$%#hQNA*hNv*Wg64kJ9H9$)JC&
z8Sj1n56D_Ey%tU=zY%7Q0chRGcDL$@*5}#6Hi?9An-OboYDBTwXQbU%fBufPEa&ts
z(b9ZS!DrotTzD|A)KqcojZ0K@-Rx-P+onUpAy;r3*(fbBPkzQE?leM(hEa9}+)*W~
zw4Nb+z1R`10;;D%MMtO!sTcM;!UuYzJ|;|#4#Pt3cu9^PjDz+UV7xA8CF{~Oqr9C5
z2Os03qu4SwlzxrYIa#Mc)(ifRvL#EziT{>`6JRNB2#a?SN){dKUxZX}Xc$6fVgMr+
zdnWP(HX{@!Q-~(#Qu7J9i(UJLXa{qM(LqzSNXsOEhHY55w|+_5NxSm`JxJXT;k{q5
z{NmvjINp8=4O&EzE=X%O<`y^~6F&MQimw2KlS4vx1Q=4eS?ymN3phXhO&pIvj0hTu
zlc!*(L?##8A!Vn8jVCKHjT3>mp{0dKr-q`iOj8oIBo>dr3B_wn+Lk92hyJGz!o{fL
z$y)j2KWyF(D*I-PnCdY?YT%7DP?L(SjiH)-{w}x#vzB_tN|giFGdkfF6wM=ngzD#o
zM3_FdH{ru)59+5QbF>#S*2U^jph|rrUxFPSEGx$g_`-RzTO;~iN5I425w&$xcm-@s
zv2$G{>prGsURxPXyX-a8jgO1WQ3)f#av^vCq##YW5Db||T^L16J0A@JC~JUI?t_gw
z9blX&3;#q<ubr4v;Qyfhk1?Q3TL|7eS%8$^h4IMyF4lLBcZ#>ip%n)=8%Tk%G#&Up
zgvlMz2Er9LbU`@Q&I`laTOby%ZQNEgcYi7FcRWho3c8<JGDo@lV@IGYpy;dMqh9>*
zRWIA+nm7Td49tG{6+OMAK<z7&6?9~3fA?aXWq&;R?nyO@ykBde+ZVbs!?WSk)*Tk!
zXI7HDcFN%r=+u|+S%M$UqXmNMOpn@1BrLyuU9Ty0Y(;41oagbqh9d9J!<PAAzZn9t
zFt4eF9VAqxxF5U^ikYaqu(S9B`CP?YCnExd;&>>~Hli$G+dD2p7!foOFHhk}iHt6_
zL+VJ08_|zIR{%%hIG}=_j7NoM3e}xo%!nMsd&r#%<v~P={ExS=9n=vNt^5%X^WmRZ
znzC>F-HmAAT(FpSbo{X?@@aF=8LPkOLlq+R-fs{JoAfyvomwqaPvHz^(_V4`2Fkx@
zF6vfHuu9)(h`C=F9|rsD?ZR%3ty3D2T=UixlNx9r1%H#yiG0%YcHt$k#S)OEk=9il
zmL_zGHo+&NaGYU7hasW>9pO5rNhxDdQAP!PM}s8GGyM^te;G6*H~#saapHLZH2k0A
zPii{HmQX&=#u@_)NE@E=p%kJr(MoTNBl1X-?W(^e*F9_kZwt2>rUY~)IbHaC#0H|S
zakGaV8pFC|&N>py)(EMsINZo)%^Rq}^b^w`ogve$zi@F@{=ixF`HHipr%6y#{5X9R
z@cxEUr)pp1M#GT_){W`XtMQi%fk9p&_X}mpJPkUGFL|0IkRwfa8!-UNkw*P1zVqbR
z0P75X%SOwAgW4vILwSiIjF5=9VvL>YH1l70BA<2}v3GL&0Z+hHSG=Zz=)@7=Rn5_8
z2w6jvMO@58zlv8*avah79ZJ2`hjk&@N|3)r9X1!lzH<oFNR3!FN`Tkc=hkh;K@|f%
zcbHWsP2WNj2j3Uc6`HzYcFUkjh|HO!xdV{mzD+?NeGw3;v$Xm2acwY4XygCk&gyJE
z7^m0yizDDC#9@QU+^|zed(M(a21@K{hZ{r$A^j(a7(ZbGL8)mDVStZD*}vpWoS<OE
z8xUhx0LjeQ&x`aIeh2{03DAZTM|DpQDB<qNsm4o-5O}XI(%;AOR--u$3m--TEmnBg
zLRIONn>wr9PEVN>7L0bk1lRIgh6OYT5qnL7cZO)W8M8v_%=PdlWUZ1Btmk3$GSfic
zmJpGya2ok*2u2zp8;R(1CtPDuo1zUO?38el<!P!zT9Kf!(8~ecI!S19j0!3kFl_&c
z{*r20p+n4-V?cads6mP?J7WhL>TJM<R)K+7Y<$A>=02TVs|W}ur){lvD{fvKD}qHD
zEG<I}rxckZ4Nz#>Z^o+I`ouDOzR*7%cz4q6dx>*>Y9-BD8)ItKb@pE}oH;v~%o^)Z
zFH{3s#e2H|wWf^-Uk`@Yd!KEVt&LxiJ)?ZDBsQ8~&a54Kb-g^@{D3u~jiULwo5mBi
zmiaoimecVM_`!awh3Y-P08i_j9TqIgR6O%F>4hA>h_i8qM^(zL>p!+bfI~pI)5}e$
z7%f1+M)0urSK)w<3sQ;Ud@JzM=v(zv?IC|E@U5KPAUhA!wzIp$cDR>jjZ^r<7w#ov
zQtwqko)Y7!(fJ$XrBjwTnQ`Q+M?Ta^4NJvIIbr^soCTZl1h__SM=SVnM1}$XbA_e?
zGIPnx{pej_9t^@FbY3_JUg_6Q8(!Te72n^c!!N*M7nGXWpUE>|SqhMm@F-Qk#7)pm
z4?3!z++r)kH!~*?BaWgEZLPfMwMq(XrA4~?GdX7yND=WOMifIUT=D$ZLcsMb3S)6S
zjg}GWtI$N?U`65dw~KUw`mb#;V_os!EBXnef&%8)5{}-^C0i9f=Q+{lQSXJ_f4E=7
zg?)Xg+^N^P8@C|$kSBp>A|BErsbn^+m~o~=f(jI&a*yIC@`;%)hdR5Txp_o6vbuZS
z>ROskE0^P2w2w0=Kdyf7Rg|f};_K>^s1K{-#)g)Kl9J$S(|Qd9-rrKrU2bux*NS*J
zw<1**?)A+&1$?C|zUWZA8KYE)TVwOyGc=k9l%ymotH9t<Wk~{(GDIdx3m{1uH1^1g
z5^drnw$Xw@QbY9t%Ba3nkBI^>gg)Bb<Z$m3(t>}$t6#HGMpC9)QL>klyxQu6qn%|X
zZseep0A0nJD-QK4gC=MOKp5ZJd~&-nP%G;TM5kYld&sSQX8LimJ6jztL~qiwripj^
z1p;u=q~xv%er~CE+Q#Kzo+|kH@HvLoS=Hv$c(q;>|IH7#)!N2{isREX(e2QgN`~Y_
z@V$@`s3ppi`FQ_x%0jQROv%+Z6_{x%*UN7z!H4LcddZq}6qZ;;l+mK49J*$O1|c}Z
z60Ooca#_b8)c@`jLt)LYzs&*VH{U+gaGzmjn6uxadkgU%f1tDM)cDQ-rYjiR{3ecD
z)1zU|qV=`DO%BH!TW*tJ&o=$AoZw0M<NFEHt<2nOG-GbKZ^SD?WSgHfg7b7ZDI!k>
zgtfL0lD-N=sz3CyUUt=Ln}m9N6EKdpjM4V%qYWIdP~cqwg<F}mN;fcD;(|Y#kqK_H
zjjZZcUAhI`A?mxcw{-$LnKZv-%RD-F>0}XQe)%P_jT}izb#+6c3qF#WX*qNn16SmD
zA2D~K_mgZ1o4*PS1g$Hpze+IJKmz5@vG92EvfMRIL@k962;9{?GM@wmvI1GaK#csm
zVIprB{Ui%iPkrj+B!`Vr@mSNDO2$WSfu499kQO0d^z)s_FzWVHkuXy#z!Wg|{<^dD
zNgXneDUsSDV^i-U*AHkWoOQIkU4D3r4moo9n=RQ1NjpR3b7MyFm}8;+S#yRqu}qwd
z{m#OY7sIIut&wCsb}|2`Wz6ZqZ20UkPx<rP7=a%EpZRw|j~GWlBuw3#PlC=>DQV6U
zvuFXNEK7u0gqcS>2sK{7iYUGJga*g4MWc-?YTf=h_LUPJ-D>pD2MN_b7!aODEkW1G
zF9A0nZa^)|EXsy4>%UU(F^$Q?oqvk+{Z{XZU|ZHkH!Qr>bM~R=Xgvl*kgx!Zx3Swc
z&oK&9Bk0~DNgnG%E#FO^)t@ODaB3^p<5D|w1R-6=>r$tr)f91%dX<nR(&b`VtP4-y
ziZprIg(&;XSnBiCe_b56vR>Nea(lSeeAo1!)PG&qBo9K8eQvN0-7)H)Vslwv(0zvT
z(=Zm;JN4ux%ud(W>pq~V+xi83w$kd_c6+vl*B`OIGb1evIJUO?>z@1$kXUTKuqa2_
zKF7Mj=jXuAO__>0R-}C=8e};XC_?U1<&U{Y;(t{98FZ0E?o;xaQ7g5OSSFvAjO>m+
zftj}yCg4k2im55?8u$ls;y+z1?wELyq?dIOY$>ipi02DHM^fOUV&;svhz^gFn<@Ds
z@%Or1l^VukBj9|RXBlggu`(qHK^vmP63*nnU=RwYT|~%D1dpQ=X5>L%R&+1_9^pDj
z1=VPIhL&Dlw{cD$BGsE4Oiu#}>vO)-^E7c;cA;W!*TT>`oo?ST)W6_<2h;lFM#jTh
z=e`;b!_5ug<Zvx1A#O;%s5a}aBN-QGQ|x+D!{_X6d^fi#nL_MZn;!*?0+JzeD5OaL
zhzpm}_X)W*mQ}X>ST9jE4{j#dj<JgR{A+}o^0Khupl`$^q1M`O*T*{lnP&j+o&XfQ
zebe>&#8b0>&K*FXqNn&nj!3Q51z(-nRcT)ZMx7auD0Na#_Rf=1O(;s*QV9&dLXhoy
zPpcVVuuz#BP+6z?p!)~Kx1T2q$BHyd#tiY}9|&aG#kTBAp(pA&;%UN&MYz5O^-hl9
z%U^wIUmd^uJI|0NZq%`Tu!1Dw*(Tt;d@VchFu#qi9|8V#Uzg7@rNg)_FBlDw+IxJo
zdmY>1=X1Tu^qP_I4GFR#FmKskceB;~6JZJAV(X#~pKwR*(ysu2m*CfYaKZd5(&XNk
z!pHRG57ZN0M&#~o_UyH1v1&Z$mxC1t-Y};TUGAvw6rWa*jo``#*n#<T!x;9-;OWmt
zeAo7usmJKX4)+8W0C?N}sFpwA4erU>nfW=De<bLb^V;Bq6r~vX+8{CxrhvYD#|88e
zoqaJv|BE+zL%)5bOC2>3WmH|)kSRyB2l{vNU^l2gKEm&b`T@Xs*#9E_mgFSG!7#by
zb0P47vek861h>;l771H~>>k<-hS0YmXjs@hy?T-3%Yp}>r_8%Y<v;|)nK>}S^n|Bv
zZPLERRhjWT^Bv0r#vYERI>cGO1aJjd!blFBLJfgAunh%cT&u+bheHG0ds7ND>GVON
zJM!=L+R}Y3g~8Mkpuh=~7v3pf;W`OYB1EzO%+j5@|6`W@AG7QsS}TJI5m19L14?$X
zd^Rk?qTkgI7U>T|xkAp6q%s8Tp6M9O?2a+)NCS(kIGVD*E<TkQu19{JBkDYCF$@{T
z(Cp!prX3B_;b}8R(9&Hqq3z6+Tgh?uSD$YQ{<v4t;A;u?U6tOehX08pMLarQM@hEZ
zY>i(GM<<&cW_h+RVbHEB&=Rb%3jA+I$)|GmM7dPmEV*#Y7p)8Km!Hd>7Q&G*xHaa4
z9ZIfMSMHA<6$21nB9c}aYiqp0hLO1sPnOz{I^Y+n`hA7{3OG_0(K^#@%^`RN1X7h8
z_xa{_8yvt2(RTs7Iss7qLyqt<LB%bCyVyQfgDpK|wl=gB43&)<;D)n>`T?oOkR3Z)
z3N}wz>K~Mpyi|Mcycts0%8;8%9eHyqqXc<v5dKm!SNX`nXkYj-r$<+iv>-i-qo5?X
zRHCXCeKdx6jS`KprT1#xa-eL)%;u%zpQYJ;xjG(S*IyHFgMn|iH@l0~)ijhRi5^TC
z=wfEzHBaFnd3L@BdigSjd=|=vd$h-gdRkcsT6v@lv7ZbT16#D>YOZNzID~09QQ*@H
z)zuD?*9_8vo-F<a!+KXugv>O}g^ch4>`XRSTwaP@We3TjW*kc%b_yLK2$-|N(ydRK
z#Osw)kY;t>at}N<+y&FpR4x9=+Tsvgm;Ll40BHwTQv+%#y|CHk`1=d5k~o7loec!k
zfEUr;CSGOCa&t3@ezm>um2pz|``@Jn^6t&ojU$>32hs-osqXFeX5+Pe%-RVM+IX?@
z06UBXqqEWgdoVdRBuEPsAXa?|fgY+SJNNl}c#foBX2>=<3KO*XL2kJA|HiNYQ!#lC
zI-}J^I-}H~oIy@`qEO2b56t-~vZ&T8#Mw)YyQ3wIZ>RGYz3T<mITu&jZ|rof{i!XP
zp2(=n&dphMB>bF-n7?L+3%0(`otz4|UVx~+XTg^7PW6fFVj1$?L0gRiul)##KvOZ<
z3&*Q@MwZ+1`2BnU;aBGMu&gQI0af)j&_)+|OC~O2y>kw)UU|ujLd=8dy)VA>euP-x
zo^nBRW?3}Yy=n54WX>G~O=mL)1NQ6WP2YmXck;!%wo|=ktAb)ANq1^uoN%JU2A_k)
zne~PphJ!^c)zeV~$8zd3Itw-#+zo0+m9}D84@zC6%7G{LAIAfO18q~_e`9(5I8mb$
z<5g1={hV)SQBbO3om$2Bg?*R}OV>;=f@efQSxpl$0&sx{==STn7<1pHRcDwo4H3R_
z_v59ZgWu?+uznZN9J2ZPP6{Poj*;d6=V5_+at_SdLO^}muheWL-<Fj!<Vx4(Uhr=^
zXQ_mx{iJ(nq)ZsFjZWHL;bE{J-%U!YL=EevWDiN43QgRT$xYsBeV;aKzcZav78wrg
zT`mQy`ut{zGGpef$8$LNcyr#t-Djee2_<4wUVSpiVe9;`+9yJ(UHm(S#BI8^Cnk!G
zK*ZeS?B90gDLVRJL?mCZPAhrpUmcq<HqkzfejmJ<FbVAe%>9z`c_rK-0zMTWb<)(_
z*Ntm?rv){pC>WocA}{G37@V8JTC-dQa(;P*y2ADYi5?76nuER5L}{msID^c@>|v~@
z|6#iP=Fzo}O<eofL`E;;6V}@yevK>rNT{Z1+ih25n}TvBQ*#qV=G0#=huzq5gJjjf
zW}|2QuCTM54i2}iKyQg%Ak%I&LT-9#HaECkfD<F4Tl`%kgKO=F_s09jy)1PGwVaFW
z%bk^l84F)<XF{VS@R^nEKzkovxMmo64n>p}Q}ahp=lw2=+9rMU$qyGRju_jp`$80?
zw+s@zoJL==bknST43;O-%hl;SlqP*ZxaR!cOs!dZ^i;1>_;I;Z@PK=xvw=g~jqjYr
zdFHLovY~qd^gK@3(2bb)Dxr+!?KddB?~MjmE+J!qJxCa&t&*&riPIXwn!slP{O8Wl
zMPW_f&2^2W_{toFqZ$^#yo5P{+@|GT7Yos$jvKwS(vR6Zh1Uc4`-M`8u!Z63B!so4
z3fAoe{NbJ~V5KMd9yfhwyli+KAvFv>IpU=kZE%Ay-(W`!LY{!^`mR@RVR|AIu$(W%
zy@PT$j{(!sRYHejZO+c4Zg~*NM1YBkn3JTg#dqIzO#b6ekDX?v>bF~E`03pdNdqHK
znO%BmAT%-h4Du*2d94n9&{(m))G3*?d$e+IddiHJptL!{`O#^XQ#?ZLt*RwW=1uV?
z7sJDFHh(Jgn|d=9pZ10An*V&UL8PoI$;6b^f%pl{U*+V7^~pyl*$#rimV?~&v=Q7&
z1Ish3EBYVR>QXz*_XaCl$SL!1957j|8Im*;gf4v(AespPmESO7mNy2E$~4&{4!`cV
zJxn@!?De~RA2|X-M#(0Krr}?fuRTnn;)jV+{4i0g%@D=N-U0?$6KD1?CVM$K@2n?P
z$eS4U@1ZWQW`pseKbwbsk(@rAO?Pj;7<!uLijO5LDvtk!TTy#>sNiexG}J%xHO3SI
z2z<<war&ujmxprTkYowM>1}$>?6Pp?=;k?HYx7`Ymhx%$znPmH4TDlv_Yxg#!Zx^R
z6FhyALc%AwB}v?vX2$#Q36Nv2-*UkbAM%f{LCEJ`am{6ib!E-)LD$t7j1D(ZK>%>5
zzw(kvoqvL07A86)WrC*hy}t;T!wnj^yso+doaq`+ABXY?R8)UAw6gEEeHwI)ncJ@W
z#*+gXNbQsK``R^fA1$02;;h|ZFCqx50J_A2P5?@=3TKdF7DmG4DG8?@qO*DNawuEx
zIco2t7sA2sbJKZ`kAvKt!sp?Q*S8+k(UGeTl1UwS0p=nT7^goc3>u0j@{R)ZfT3qR
zuZQ<P(Y=%~y1uU~zqx0P5q>7`T`*)xi1_tq27=uQaoX{k^rR)P^{1R^0gmM9J<tAw
zLO)s2>nwvtFnpxWCWg6hyAGG|=s5?cUkaEKM}|08kh#My-`SvRekiW_DH|H+(e_$T
zTvhXy#P`htN-k%B<0(Gqx4yyo7~(*0ZY!gqsC!n_7A&*-MT%^u1c7>h)q27bN6zA3
zhW#&$&+P_;hpnwbVU42s+*t3Zy;^U+tBf{#duKf!d@Rh)mpgTq9W4{RQR9RiEr{EL
zgV~zNjyiGSp?q+!BQ$gfVxk4nW+5ad+J@VMrpS7kA6^OYznRIBi8v{`SvX;qFWLqJ
z3x+-6(NY0u0;HdDpl3;)p2cGW{l;Ln7T)x3m4JL02ZC`3Rny<`h{7gQ>)dO!Cwr&C
z=6JC-er$6lUaM~P+`kkt)s{SI&MrzSY3UwF5j^g7Sq+GU%1se!3X?I@{TvmswyfzG
zHg|x=!&fIzM8VRX=$b29WBQYfkP;6_8)uTsSt`lc?q1yw_~p#dwb;F+zq~_+o3!=Z
zkPHe;8FYil*?<4DSjKxO!mmGT-D*E)iqWZIAOB0xGW*H(JU+GdT9drm>0WzJop^8Z
zVE$?b_F`qqL-g+JPj9shBw_fpOChTv;Uz$+qo9(yud#FGEL@tzm(6Dgsq!z&FA0pu
zPjQnJojAgAG;h~MgF)x6VF3{g6W)AWb;9SrV|Zflf2zlJT@fyf{7-_9MCzlTjBlU5
z{Ywmt?l}8awKV2|U-Enc)PjnTfU^=s<^PpxY!gfuN}6ewNPb|Z`<SqwK>wzPYFfe(
z+;;Wnq>L4;1M~Vu*)MeF_J6>3yUH{r25IBW8SQyZB3W8?n7bI(cN|vGy3$D+FVP})
z%KF}!(D2xGqD>N-$f8W(1cep_(%wAc=x(-F6-l|9|Ex~hG@KWlJv@Hq&u}Or$@%l3
zwg5T{W6()?fq?n^#`i<{25?EQb2b(XRw(dlus}(&NGdqtJTB8p(!c%Q&Qu!YtP)YS
zvtJF~UWbB$RkqFVJdJ!}AnS<PZte)qD)9hvby~z8vqt!q@=ck*Mqd_flDQ=O{*ch%
zo-?xaBl5b69BHBN#&262p2#@j)JJ}~J)kXnU12~uGCm>K?@tv_1Q^<Vz%iZwg=40^
z6ZhEA5}0p}x)YLIZ-i#MCmX3T-=*y6jvni^q)U^VAoktceo0F~^T<Cf-A`BZTM!Of
zt3B9fN#W&}e9Bv|ER+{z#gv^szHg|DBk2B?S-dFX;aD#~Bk|6{?fv_xU*QzAToo^f
zPsh~fTD7hU91Fx~u|D?j9jIsc7AUKU>rgqtM`;qij#?CurC`gL#@INIhLsWPzsMAN
zD|?t|UWC_*IGY!sMhfS;jcZ1CB1*u_-z%w&GmFn^+`&dR)uCY$jVP8d2_|EM#-!t+
z*raB8$<lBzO=`n;C?^DyLw37}D?Je<&i_A=0RE?ZC(?^LQZHjX!s<mEGizvHe7Jzt
z3yGPgtjJi?ZK+UsXW@9Iw_8jG<D9eHq99X5qkCzS*zd{CPg(0poAT-Eyi&-`#Phta
z<@GhF<#pN=+5iI2-#M4E*BRXMC?Ax2wCm)d6hrx=|40ciZhtyMSihk2C{oBTcA}LA
z<~?p`uMthx+B;Uu^Oa-IE|pTMi*j`T3i6{QdOC%L`TBMMtj@;2f409~{=HXJFawi1
zYjqCT9W0#bZGdpd6o<D}j}0uy!sL(3Qk3hbWeB7sWi+IMkz%2?jDw;4ZgD_WF`~_@
z$0lP<3?n5#x4``WGWZF7F$k*_0C)+mH%4AXije#d-$DGt2z?JvW}y#jJA?~sIBa4=
z@L#@ROhhsa8CNqvyd-<5z$>@De~Y%)beJ_QYqkqQ7@_W1G?T1nWoh3yQpIUv{XHSa
zrs;u6WPJx;q&wW$ZLu&%mV??<^u~N$Dj^%jc&A<S8qgmu-GuRs6<tgQjP%hOqDM}f
zv>E=XuE>pJCqsvSlB$E+2G`cNnrYCe4SHP9$A+QAd_o}ICG1r?&*?al7C|YCuc+xB
z9G5&-Ny0}%u%4)qaAzjZ3C*~s1gQJ+CeGJ)GPY%E1Mc?4<=F03YML;Z8qbXWXZX5G
zt3@F$mt0TFI2N4rV;Yc7J>bieK#gCB%4eMBV1XaXw9e6)+%>SJ(OEP7|5DKdT@3>7
z8Y7ZRhjO4!>ld|qyvS$Kg~<qiq9NHAv0T;);A(y!3ejH;%R1^=E=}HU@Eoyj0gs|r
zzs!#7Uyw8d7N6}sbpcfc_?E1{3ll;<Xo8UY2qECTrkYLw#XYHtp!gcc3A2U&+!r~5
zi|nA{@UG)Wa|)l_phj(H5```Q39zS|D&bZr*m#UajVDYBmJpDDvGO=`=*Lj|Bc_kE
zPb)eozl^^6_ir3i$_XurIrjVw2d42F6VNx0-95ZYPeSPPXo>d!mo<QksDRtSZH%_~
zSkDT0H1Q)KD%uEy)AP<-NHoyWGV<K|4ckiiG1$uOsKfto*|ABXn4saFGuw)4&~_}X
z936Mue)#Km4}HCetYlR++0!Ue;hiR&$UMn3Wah75)9~gbe%$s30cy6Xz6l{AyH_1A
zd#rmh?8XTX?}|VNVw{dOrU?%-3RvS7)%5@@<TQ}Kjs8`mT%wkMY*DjD+ISpLQ@NOT
z=wr4xZQ`!dA9r#<THn0kbRLtf?oz&m27XbF-_cUX-xKibrjuPd&NAoa>BB#wXNydw
zOne@2Z(+B&eL6e$(-$MYXEG5GS|qsAs3jG+uXjvq!NH(_nMbbiMQ5v17mPf2GXnNR
zKJ?=W)o7pwADt*|$8ev&5=)FsQnDXDRYf$$bl?X~q3-_`5Dnaq4BT5|P$<U;N1dCO
z*Bc0|<)ZfAJM&XEA>#7%7*i@>VI~|=(`~k~xyr%EYnor-9h)<icDRdW%CM~#O}18}
zgq=V3c1YoHAnz)XFBkz?V|=~-e^SFx6%#}0n^hZgTp`CAwX5%sCcY<*nw=z8OHA9n
zvN-*An9`4*6w{6R#z96USzLz&Ut2N(6@pX$>0>>)4(JFq>VohgZrHy+mQzUrFP4JF
zG766_sV(W$L@Sd-WpISecxh`^l?7#y@_*%(d92)dz~vgFh}!P7==SOfqf&UnDJ$*g
zlF3{GFqXWvU&vk`36U4|Te!c<=7#EiWcVu}tdYs_SQErdv7>8iN>ci`emvi(<|ORG
z)iz6WVD?Q|zN<XM5&q2(Z3q8Yublg7j`V!e{4Cy1d_Veb_^!P5QVN#J7iA#Y(RL8z
zcsjU41vu^!7@yqm=gGExAC!WWF?r6?{socJT#jMPBB3a7t}xCl`7u=fh#{vD^}d-~
zKuC~~FDrzF<DryGs2$nG#dqRh$22R1;yZ8PY5!L{lNk|_xm?_thyQK?SC3tq$^M2+
z5-Ud4<S)E+G$kdNaGR4eoHkq92k5bxE`~NJxl1@6V|wP1AL?mF&gg<piMHiDHhN4q
z9AI_)7dpQ?LcS}#?rk`e-kj8V4LY)j)HD;R&m+qsSQ<qs2in&>q(D%&K^o}ahMc2A
zJ-UM*zK>Z^>TUj3i0;HZITPn*YRCN;nl!lKU18%Z83W2Seo&6SCIy=U@d=EP<mk@`
z!qr;1gUQU~Iybxvs}VMC|F8H`DJ5OW-Iko73@xOMZujEyDyMxt5$XgL3b@9it*FQL
z6ZzqCxg>1Z*uE;4y8ojBfu+tRH~><wSuZ;QYTn^GYg?IU+;z^D&)a%81InLI#ICaq
zwfpfrb^0wT!}dKBsLVOBKMP@g?Ww)|`B8mGu%uP@sD2?^Tf%%1IjzvnO~8WxQ;oQ_
zqUL^QJGC44ILxyCkok}~qBbQkGpoJO6es9oSQwK8A#XEdSrVE!rlR9Z3Bk0skXjCq
z*Im~0!p|j16fym=J!D?}Ka?RBH!dI7&g~Aj2!wxhl>DFI-bZ)funH5N&6?S{mH5gX
zg~U?hqxnw54OnJlk{^sC2iYDQI;U7><4;Ie!^N0zDMZGJTYT>MS%h2Hr_Btzs={hy
z%uPWfvd?_`FYC?_^6dijRcA2!Ih!QSRzYp`!#-{XaY2m?qj}VEoRAUu?K`Vh>4qjB
z@pmiTiA_9t0g+0Xvn-7}TC3Gn0f^Ob%Y$bbZ7;GbXFn_?gsq^uBfL=y!Xb6sLOcb=
zQd9GbmH%4{#KN`w{dafQd*os?u}Yc$;nCD)`;mnuWru3FsA=AnzzlEjwzuVln-by)
zmsDcEpDJvhz`8R7%n8!L9f0Pe?5(4ok^hmQO#TMMLg4yAb|!!)P!yEAJjf-FU+7=p
zFmin2{O)SNd~X+UvsAG_!w7NsQ5;#Z)eU~>g=A{=aJMzxhd1K?X;fluY;GTcD)y>z
zM;M&v>h$EH)nsja=ue%tk8deLd_k33lPhLyog1zikA?VCkU}lr5m4GqkI<U4|MJlD
z{*D9`OGt5t6Q;d_)|r6N<*_Seew+`>-=U^<gZfLww*q3L25A4YZpcZD%}5z@(?C0L
z-uY)!o0VisXluXS3nid{MaoZXYYhClGi7tNiT>W9MQN)&({>@JDfaIsXH)z~ire3h
z6t}<slj5e1W)`6jBvI1J+Le2GO4OO4#idFxPW5O0=v^@rZcLX_-uh2qr)!k^x@wBM
zk2Aki*z|=+h`3RGmI6;9+b0aghryO_v0CM}2J(;q*SkobEB=we?`7s;F7WsW8q4I<
zw+8!&w`h2S>q8J9PHMMWWmxVe?|Ke~0`Za)U}-Tp;@C~Kj#R_ARk~(qOVQSZ1S!QF
zfHmz47_ZB9Hn;plcnTX*xx%TX1ea^0&L`K85nP>b&&=K9gO%On3`{sArS(J(ObA0w
z+9{Q`i043;^i&kZW`Sjzk5&_sOQe($6K>f48I)`CFK~OcKuPPVNkeOh4=8`m`v2=D
zt=U7)pY6t2FJ+7%d-1_Xsuyr?9o)!IDP>&`Q#DmghK@GwySnUq9JxG#-sLj@HGYkt
zlLco1ePHN3?$>z9Q<UUsx7+6fy?rKb`uftw7J|XCYEBaU2ZAQj<&TJsJD>ir^QCKt
zr4P|`@A4I)4-v}tDJ2NV97qbG{LWFjn<eTHnj9S3bpbPhpkm+gQnvK@yDoCqclG~Q
z<L;K`Lv(TCL-bLDq^ml#wf+BN>MEn^Se7;Jo<MMShhV|o-GaM&a335JAh<(tcXxMp
zcL;959o|0ozV}Xk^%_>O_LNuGbbqyre%iB=^_mU~MuGT!Wv!-n>GWh>dd+TIt4ywm
z(PkRo3B?erkb-0S><EdLJh#-isAY!g`ZioQe6_el7MV=`1+oW|7)Z{nwW{5#dgk6-
zSVOTf=D=`QdmfP^Q(;jM;e>9KF5Ojk_-v{@s`V@;rm227ot0LXnboo)v-z^lRzemu
zL5krrX^Ju(wctd2{y4x=JOQ6IVR1vleta}1#kykCbw-@VrK5~mZ7%}4g8f)vi<!iG
z;b;|ekcH(jTO{@?5YYPlrAUlWnBm7umkeL(Ww;l{)%$lYBUm*tjFDJU#z1l;`lEwi
zfm(lQ4}CQc%j0VymLaZE->?5DZ*yaE7ekX77svZ+csOyBh}Ze(qfPsp52eVdu2eXW
zB+`p)xINOCJT=*(mPuiB9#|j5(LsjQ0qz0-UhyH|jT+yTP-W#%5Avn+m(@`Sm{$Hv
zsm+&x=~}VHL~!!SK>KnZ$RT`Lu0Sden6z`GcvN?Ht6+`LydF+P@0X=y%bYI^t0?JP
zlY5y4q;x)PJDCCk(*;V1f!k*zZ{sd?GzwIMB+r-F8ALZ`k9dVMa*JJW`_EsPwI(8g
z>$r<Anx&N)^0w-o^n1s1-{B7e8^%rJg2_5rx;~9%mQYa_bZPCrnR|~Wa>85@f5HEl
z^f{3i)_6E=K;sHOf?~2;;|gs+S*fp#K1&QWkkm&BKQ6+QpN3W-f{rPIj9V{H!I}^-
z<-(Rx|KFTei4<4;TQ{Q`^a)lU!1<3YO(W6E`adW5$HeBH#Jx+_FMGveD7r4IGhkx)
zF0r#Y&oSQ~3@$(E>oZh_$}~ylCKu0$i+%cRX^q$JGT?;6oiyBbvOt#Jm}5r^Lc-}R
z_fJMG_ksTG90ZpC+$^=WKA{0w;InwKoyQL89B6&u{#%fSyW;kWml$YQ6Q4^R2So9V
z5b5=ndSsE>K4KF5rm)BL7<P(I;)V4X78#O>`9x)@+LxDuLoV>=J=-)j)*(h+XopHj
zL*rQ51LZ3Aug}Y3acv;p+CaQ1eH(e;@#fum>Jq=#PW0KZ?{HE%x*tDZ^<JPX(*paT
zv|gYf1pvj$>mE`(W>Y*_RF1phS|tj(Dn3P?sS89v!paIg{Wc6*`O-ElRhQ<aRNC@A
zaz?xMyWXb#+pqiARw^0a$Hy}|XmRD4{(EReS}QA}pZ4;2P9rWy-2;*-6@uEYMEusH
zRoPLpK4juKr8fuZvea<zEvI*owk98@IiA()0HO~R+JxPHFr1-J6%QJ|iJ6;sEs8zc
z<E=joR_14ZjclD=E8nM`K1H|JXjXraRN2_eqnQ*+y()+);Dxmuaf&YB4Pxs@5TMCr
zBTGqgNWa^S%`@GLEBWyW5m16gv?7u7K$(gEOF%YpY<s#HY{8bI=w76j00LgrYW0CL
zY%S%oQ7&xL*f%?udyfX+qWjRvm1o-3Og39KBKM=MAJOMC$_udI)Jp34<AIU%{nR_t
z9=}5M>nF6I9iMU5F!V3@H=XIQ-i(yWrF#kb_P90>+;<D8oPT~211ok7bAT3IX$<9C
zXV2-foM`M$-a<Q6XR@_U1~9$KP|LJ`o+6PQAK_>sb9Qmg4pO$fbeS2l=j0{cE#B0!
z^`)RpI^JQlD2y;2uo-SASi$5qA{OQ{*!@wuaQRW?TqpQc)%|Sm3_-9L{vjzY)6L>y
zlxpU%_TApMYy4d~3VK?hSD>TXJl5&Cb4BCC(r_~5!!wh4j0Xx<3cwjDw*N)L<X52B
zJ_&uznm#$nyMQtyuXGRXo#eTaG;3y}6jr>Znx?dg7l`~{IrjO+iS6rVh=o`>Ym7FU
zmzhsJ&Ii0FRc@c*SXZs=4he!H-I3n&+clMDdY)e|jLE#*6hoHp{#}dfd89b?wtVp8
zQ*pZ!&?Qf%{g@$joOD)Jhlr<+P+y8S6sRa>5Y8vq7$%7jCDVL{F)<>iQpbcdkH3Gm
znI_&g^B|4;S>1|c8@Du}<D-M?pYKa<jJyqUi-Pd$!Wj#9%>4o`Pz^DWr|-ImhiYF#
zl<QC$gnmPzq^^5*lgxArT^D?tsykK+b9R_|0%~S0i$96d!(qgl!IK$oVUo*?B<G0{
zs%#bpCoQkFp`fJx%X5%qTp)<&zz|DOVhkJx2-SAR5Ul7nZ%q41u7uAu(`cBq!%62T
zc!zB6@e?walM*ej;2XgO8-zS9(8MXwEG+8ktC-c}6p&<X?FMvdb=BBIfEkg<bOSm!
zZ0+mpFUaMx#gCWbiM`gk^`z5AR90;egu-bbEZPw<n;+|1*27`6-fA~y_p1c3dak@5
z57tA!>QMhc;&$>>iz{DjvE4rDg;aeY?RtnFdTAl(8khBe3L+dci?y|4f7G+1clgei
zdY8PkH`n-<2U(Ra?lW5=0d&s@`G8Ino=VvjJ}N=PR3T_pm=I<g;zoyIX%ahbiZd1b
zryX&W)uH*n?Fheod*#iSQk6~6*~qFs@l3?T59*g#MC<CNwi(^_Z?^|r7CEr=z4B|v
zPXi1^M(^~cap^%R^1L~_UEk&01`jOFY+-4IT9zCwXfkhs(;5asa%4Q+dlPYy(3X|b
zZu|1_Ncn2Njmlo1<d7l<u(}C|ICGfN9kjKdo{#(IXAxt*>-fG09JH&Qu~HO)3gyd&
zpewFtsem$ju5NEe$8#UuQO5qF*I^Q~^CNERvGj8-tgq>;L`68KprtU4Zsn#cMaO(D
zvF)V-k82|kDkI|dkz1+RTISRnQn07j6_PM)v2Ocf{tbwcXWCYPJ<@{_!jEbAdB$~Y
zJQ>FR`#^uf`($z%)(617mMbNM^kKk*eEm-oSPjOvK~getADVnBKPXX5^pKR%Vkg)T
zP1Etf8}@qq-(oVLW7zw;a>BcpjTFd=`W89?{W|&;BtjoO8avr=+Wyzzv_ZcBZO=7K
zR085oa~^$i-gNNWA=yBhqJ@f%^{5&g5{V*M+8Xo~tmP4<k#9fr-}>9NQ!+k#qUz3}
z*1kW5exiIIJApJ&2_Il6;X#0#0VeY5tyG8k!xm^ZgWvPEnZPwrLw8&Fy@6FhN0*6r
zYsz<(1<bXJr9_)$H<<Ph{p;Y$m!9x=C5v?4zI07%_dg(e%sL%iuJ6F#t{!(!_uSq(
zuh=2jlD(>@D^Bx~X{c`2ub2w!A5pZ@1R@vqc`R%@0vGnl>Kcd(&?Do1{Pq}-)DZtN
zoWo3Fi5?=A==tqj`-;pPwjB6dEcsH_*Ol_tAh8&HkKo6nr;1svnx5!mvH1f=27CpB
zkxRveHcFFFD#z79n0yh5Dui+J>Ll`#>Ky#U!rBUBo{SYB8^E#HQ&2QC1^x45)epfe
z7}cRw3_^MDY0lctu6uYN6KTzRvnAJjnJ*{emIq7#;3e1z(ZcQ*8^|WW*N%m^W2lfc
zPqw8mAAC)q$_3zJPPi#<d&6Q*NEA8fp(O~Vg8EyKQ9*_{(QT4+HGgK=E-lbZ^N}y`
zRk{8>=@RBfi8;~9jfpZFwneZYcBs>qCK@K9(Eq~)n?ml|q`y+NE;VU7C4iqm6?iQT
zL>cg-pfsY!cX?n&PYf^zDqFt)ICP&dVM1eB+tKe=@2^}@(0-yX%|=)(m_W3~OZ!3n
z)1aPZ`ts3GC2{JveIdsb@7$E&Z~d--Ex>!N>rCGcnRVPClC===Pc+>^iRh5TMr9}S
z(~_Uvavn6U-E5mWAM|zuo%cx19gwmmcQdz&cCNgi4194Kb7LNSu^eOB?8d()7-Jza
z{5j1`hsY!;87tgljppcg{m7SWoR;)e4~O1S<|+Qd;OGCJq%aln`<!C@HlJdgEDp8B
zY&6mg=JrUt@#`C{x}S)pbtJt2@h&05CrOol>1`^nJOzb?5VEC@01>SkuS`%<vcc#G
z?}G;?!QclLOo#A0(m+XFj?M}IglsS@A7HZh2{~v`j9NndG*q^*eazab_we}V26U@h
zJ7aL@J*p9f<MY-xn<!yC8~b<Pm8;DA4QlCL!;guyR7u0{j>^}`CapqX@+FW5sn7;&
zg;@3oij<|?VM&2uz&WHwccz=bq5Q(du^tJ&fxiy%*=&#ZaUFO^<I2wuEy9mUPG#P(
zgCm&()mH@gberAPSLi?0l$krJU!kRPdC3hEp2%-i#CNEr<A}{D!i%AGKve(Q0$c^<
z;7BL;Ai`{zAKk()SW9U>!@EZF^bkzd82=qRpa_x<%tDZM#v{r8*RQ5|sLN=#L0hk(
z@zcHawEIeWIIjusei7YL8?W5rS7Y6pGaYAef4J`@=H(ygF+HWAjve2@lOLRz!;)mQ
z74%9Pdp4KYi9Zs^2Qywr<qQS9@SJ*XOdvK%5;ZdG4kpf@Ntxi_NVdi^D$=6Z6sDG=
z09Y=@hoOzb=o^M;-**fc7FyKAFuhU}jI!_qYt{D1)C#j(m97)!BV{i!Yztc>m(g5>
zYiZscI}$IptRH6|v^oMS_jn$(_<I%+Qiu|U17e7;zx0HtNnUYPNaB1l9ex+9C9fhb
z3#>H#cl(LH@Z0+F>w&c)E;<m@k4=N!BX4A#UFcuPZb(~pTh|xW&QLO+kaui_cH_9n
z;9^yM^ls$g1)qfP)tkR0^C4Kl_q+`n+DCbhw98YBwP2sSt=vQZyhJ<ThJ2KyXe5M{
zuHK&6aW2qspafIDfrnkmUp+pLfVE3296Rgs75xgGzr5a%n;vzQ=@=j`5wOZxc#S#l
z9;;Vp6eTkFRHP?gd_@pX3*hFDxG9!+!{(0+Qmg5yCkkO>2pE5X|FB6lhl(NGK17$p
zi>hfcjB^Vj{!8H{l=&cq=l`Q{TJhU1!P~3l&0pVe)oU@ylwC{>^2L^7DJkA1^gLVD
zhkgK@Ez31t3yBoY!F@50??wbeaN+f3ZcHe(USM#`D|$F3RZzV;1S`c5Aea)A4dikv
zj34cPDudIq1wuaX&DfJdTw5gisZC$<Tj1W-|Ah6sh~(1<v{^(i17XJh<~bC6W8;p#
z$bx)C;f{`)@;}U>z9x>69C9RjGZ*5DR)PQwaRn}w_oM9YR7ySY8}XfqOaHe^zs7nb
z_%?qe2=eAe<~QgN?YJ<(B?~xdH=MKrQ)&#Z=IG6ZAFtxBP*sBXtf4=2wa3a=ZGArO
zC%hy?{aIUeVC}>W2sQ`jHo>G4EHvsO3!hd~$91~6#=4r*O?cnK^ZMlzYN812an7g2
z;!~cGK~+T^Gmdh)e11ke@8m<ACMU<~SD%ye7O=~Hkg7ndwB23Y6B?mow~<a>x``R4
zdvWc}zP&yR{h~kp>+D=CUwBE00hiaNm8_f&{;F57MI+=Y(+*|E1)`5?9ahE^vm6mc
zpNX-=qDWm(G`JM7A?&s>hr$9x^4=5KverVbKWNCk?UfaP(7p092drjFBw{wYt&T^<
zd#;K<!C3Z4stQi`_C&#tU-><-MP1d<?$Fl;?-7(y{;T=08_Lq*PVQ3B0cc{rfvN6j
zUyL+(KICblgiUyw#ES2ZsZe%_c%GfRer+`5g-05W=}Qa1{rz3?yx424Gm0ROKb&VN
z;%nl!XlUk7WpfRBi5%)`u>O3j%4!z&FDX+?<pEmIfyOI8>=?(z|7b(!yiHI6wYjV2
z9Y^AxGKS3!+{%a7TRlai!=j*zyV&fJvUzGzM)85Nb4ih!xhbD!$tevJ86_o0p@(0|
zDIy*<72Q1mbkPpzTznJKf7$R;@|U7SsF0`ZVQXPQz>74T3;K@%`ze*`Z?4hi;lfg@
z$}FBO4N(T^3z+m3#jY@q+UVPB4pMkJpS`|nUfZ4LXHbOW*MGX5_)PUE^1_N5wy=K8
zx!L@PoPXquB%#>rhA)%i{9z=a0Ss6ue>1zw-#@$=s;+KL7s*;r*F}QSj_FNfyB8;F
zWyr*&d{$^T?)gSDTg5@jqodbv+DOOpRJ))*!5@#-9&mGcUhsBx9U4_>_n`maK+E}J
z`}KXPMtLDT=8H6}I8lCXtw+G4qZl>jEovqd-60$U+LJl-QGxSaSAzn^>nI>3qP<i_
zJDGzb<|U%vGu*CB1rfS-&886{cN*TfF9DrY8~EgOr^K5)fHG4usHihKpxDNQmmQ=m
zeN8SMmK3r!ljk8lLr*RB4{VyJ$FC(^HCPna=zlj2pab6oA9XSa{&V1)%+P?E|2t;T
zFBn3D9@VljKR{V~r|8R{)>7G7k{fsTqWiS>E`_x)U+w5szV)WP<z^E#4waL5ABd_L
zLWCl6(#833wZPAHGEFnha^<Dla`#G-#&JV8iv+~8#QS;QWODL{+*e9TAqFZiE!FBi
zq4{U+Rv>PiEUW3#q}Bi6S3$9!{~>C=l^(eCL6+<e3I#Ay*do4zf~%&Q#FqOcCXH2{
z=@?f}3upRGkXImwjUH=GfgwL00=9ba-|}@QUFsCRLjDwV`GhO<mc&Z;M~_ar4>n@Y
znw(bu>Sy`<c1`Url-;{zhMZMTPa?7LNVks<{<WME4%-B5W^FGI=aDAo-)=1E97`U6
zKclOhm0D@)V9C%QC$sUvSFVPC>)5wEH#jPtL%Z>tW4>T)U$EM-joIQlvCwiT3?rm$
zEbo_H^rICQsj*-PU=05%k9pe7KA(x?SPSsoQs8>;y_Ut^OUtM$#{4;gq>k3PM3=cg
zek%8MZH~TsGfIr_>?9x|7SW0lZwa>p*cg*1Qf78HMgBunOAv2zR<iW#<AP`Lo3A+?
z@Z(Kfr^)Aw5RC&`e1IiXewUCU0zOne7zwqhp3Z=#a%}u`Y*5*aRALeZ=hxkl++d<d
z53_DtSfSy+gw-IW2y!Mx&?S$i$cQ%q8+{qZT<A(F^th?ns{Ui3+P~z1zz;&hVY1ea
zh}6GhiTB8wLX@4pUUPHz!?%-ZMF!e9++PtMtB=R#JhA|nMc0n_nLpp~sc$tVw$W+!
zc{vz=eJvMqOWRjGL6S5Vh`Bwe+%6$z5Lib91Z+3816l+`kiqZgUyXl2evefb8)ABX
z053I~Wh9hXH5ChF;cz{O{d@QcEmPK4$-%`Jy+EnIj^U5<f}`knJVbsHgsGjeLxc!v
zX{<6~wjo?w#g-)AGZGAC3xz@_r;Bgn_~|BQxsqGcNNG7|HV_QQU;-w~TdwCZ6$H_|
zs;8VD=KLA15Y_%8P)2eNU#ck`(5wS2`%=4vfHHXezEm)h1&2~96U_mkVAjkan$AWu
zF|=sji8$w&{W>G81*0wEg?}$UiKw!CXYZc>&YmpJS(09l|EWaQRyU{uOmT1gY((<W
z|0e;KpHO@;GjrWA+8#-^?8Q%8xf<5GEQ6>QH@L?MS(jPAKTuPgE-ozd!XkisOIFqc
zSJL?_jy{V1u!Iu@Yj>fG_YqjM216bFeEtk#tsk$d_hJN&9r9U97%Aur!2_ma=}4aS
z&+tRlZj#D3@DpH(SLoAhb+y3=CMw<?!HYBPVzqUi=*7joEX7!OM4D?c;N6q}M|(w-
z?SUTuX6T^y5qe_*8uROIQYmozlu$uUwWSyFn}><Sy=FLSWc<(etSp;hjsvG{%Xd2g
zpgv#S=)gWIKu5k79-l4E0C$|yVaf&qcAQesf<q}b#6w3BgN6Dz?h~feH8r^yR<P25
z1x8<kc0r(-@xL|K<wD*v)Yro0f3R%5798IUV12(j^)P}CbJ?=~V1(k_|Fa;v&;P_1
z;2bZcWuTRZKzO`%oOna3^UXGw4TUqY>fpInouX->zUuT`&306;v%Yoy^r#6|TAvI!
zn)D>=bpaPsu0jW@&K5!hKUmOo@72Y33CVx}8kHen87Lg4lp%r=F@y=-aQlL)$;k|H
zK9SQwN(TU3c}l;g(pgv4W`tz^x*SGqGNT+&I;#xoF`#i<e=+w%%YlW>c3OFD5`vrF
z0wX~$SACpov^QfSDQI3M$Tqyd+jV=BcD7hlQn4fw+8=~Lsxz`NzPL2Kd^~QbVmxC<
zxBiH%smr+P*#ND7?5iRo%udc}%@YGm5T5unW(C@S7b;J?I1wq%o#fK5bmJWu^;W=V
zSOtt0)A$FbV#wweK%rPkZ)FugVYBx~88eM5#}2Si7{(;xxANMFVXDOp(93=5U}!te
zD)`G%Pg#p;y61~&K$hy7QJ?;~3UNBn_>;KuG#@z&l*mmT0U@BvRe)R^C%NX?dm&G%
z!`YP(r{GF3{M0Ri*k!2SJ5iHZF@z#`<nPjl*(@{ub^2Z>Zu3$kS(~iz@@kyuLhmRs
zx}_&&hDoGo=f|3J=yZj!W<myMR4FUtV#y;T=Y3GP-|P4fV{Hlu+!g2Q`8XJ3zD?qN
zT+xYHd2l2~su19YieT%M%?Jek@S_&RNb;Z4TKJ*xqp?BpU-C}!*(jnd<YJkN+Q`R1
zE(F3EMKSsdR;N!h4jV%!0~-Wqx=YXckjOs`Q6ZGs=-gQA8q_zpb>8iSO={;S#<o`P
z(L~#N|0wml=5PZp2UEB*qe8sw^A9hwI3SAZ(q{pQ$C8Yr^AEBkTJE#s-D<{C#nYmv
z4;Af!w>qKB+eO;)Y9Z_$^;1+5>9p9_W?OBJF>`%TH<h9$v@dIP$I`<t<1m-XfBggn
zJxzMQB0eW#ul9VUsT`18+H)M1Z_9syp63y>mfnPdkaqY2o)5xbLo7sB1oZ&v0cSMD
zCr}SCaOwKT+%8;G7NWz77`bj$G}N4orFy(?Dkc^^h~(cZNZ?o@l;9L?+~Cl&hke2}
ze^NBUiiN7tRG4kdKmQC(P9!0;Qu$oi&nam<+ukY9qO_?dPztlV8y!a23-$`u<%?7O
zv~Q;Bj&j>Z;Q{eh4&V;2g#lsww9y7`*hjQpvnR;8EI&ITRZVrcTPv-JSNvZG&iIu~
z55$>%FAXt<@x5;+o_8k=57sVQ3t5xca_vn`QU(!zR;4)qPTC%&@DjTz$RbT?Oz0jk
z#uZ^yXv0a}JNiiUD)mf^E58d^%o`Jzm>LtWfS_DPN4V}|0amJFA~A9#<ILaura{3<
z9~FH)P$6V~lR5tp_?Kytu+*2RKgTbqAb@GnnC^oB>Kqu@X{Rt^J1~%T=VvxBVs;x^
zAe=E3o0gvTM&u|eLSc^*o^=+r@hptaEFMs=n`d*Fn$WmI9AG6dnYUHpdky<T7dOGB
zfGxstrr}s<jf>>5d8}3oJ2QPb<?qDtipG!Jgc~(m5eYV1ccpEpWW&QVg0_J?2H);J
zCeuu;9yE_sV43<!$fJ7x`c8}OF#4&U$S+M<kqfS2Q)Cf$m?Z`;F4$pp@BMLg{p8)h
zy~O#>4(24L`{$})9dB7f(M5;7)F@|92=IOl|JJ}`lWDsZ$*x=zc)ypII3;8SUl^k$
z3|ma$9IYiBG`I7$F5<O~eA);-mKgz|r&5{ZdoOFGPogS%y}PamY;pg;={}%Q$_l<x
z-m06er5g{&o6()jO0kg6lb*}n7}?&Wt1(jYdb14W0imZxv<hWoYyn`xIviL)5=!sz
zq4`#~{UEkS6nZ3n_B6(uq4z13@LE*;c-x)*8mksHlfTk1-6(^ajW=u~#v2FrvEoMv
z5q%V?6I>XLNv#*d8{qSs;}m!8)9dgTFpe~dp{a`Nz?;wpIXi;}iKqMhn6%|H#Omc2
ziR30*U(7hdL=hh_{Xf7Z%K=bCH(ti;F}gNHPV3*@>nKk7rJ5lYsxtIkX3e=z0*_RG
z4K%(zy#j;#kanA`MfxzSGzg_dI&4a9$GJOpF4TFPp4bpyf}HNtT0un#^N(I{C9_0q
zUl7?}p-`0Lh<1Dah!zwINsV7ECPYm{k?lYh*_Ket%E`j#paK)xMJAvFd9#nu{!z<%
zF$n3A*{h=f9ef53E;@^rr3oWq3K^*6M0@*kdUB;P6pO<khARDZ`or85S|o$(=cr3H
zx<9k#CuC*3?<2A^LRG!L)D7@Q!IBxf%mQi4reg_87^y0PP<EubBAYO{!|1XDn=nZG
zfQ0y&SnUXCDb^ttb4%G8E_liKk4i)DbhM;0pZ`pC>-?3I6ir#bf<U&vf^t%kFia^?
zF?7~c16%U&!-ukj$J237({3u!$d;R4zUvP!>M2Dr#7@2DOakletv=9ZAr44kwCDwk
zXj@yG5_T7wz6KZ5kAsj>fIi`pU&o9~5rOY(8ponevwbTvoJoKyYj4I;B)h`Pi}_&2
z;ViMm1enTkKUqY@o$ouH$#U<YYD>a-lY673g%jF1lc;gp!SblS{e^nvN*|Tqh|2l+
zQI$CKxl=<qu-2sI^mQETSL@>Op5RInWN|-#q`=44og)Ky4MT+x0Mef6;3fz~UV$re
z_5(K;Uv}W^2h#LkH3)GtOrLiOizRy2=p+df2o04aU+KTIn%&lci2kY<?d9YZ++E~R
zK|sunLk651@>cPIzo2{tB-jpNtYq^Soe4Qw0!O|-lbLLPTs0>14mZ;{-ZL9~M`1Ja
z?+Fe73I%{xugCk+l(w*uQ!2?f90uJ#g!)^9gxyt*D<vUToHdB_H47?83*VJc(H<5F
zrob>xcHkQAJ`r6W<Vt+NoeN6(Y%UDzM43L24o@(aGS!_9kG?O9tNN`9?!(S=L=5w=
zbnKpzPypATPfE#yns%1pSlr2<|BnLzge5&MyD#hRvX2B}!3xAe2}vNs{S2r@2l3N_
zTCI>_ig?Rt^Y+AeZ%U2hCSH>nA?4~C-lrP*s0u+ku(!^!q$L$P{J!(Yjsa_x4}@Gv
z>?hTyWnLGWq#CpQLlhy*xXZ4y&u{M?LQI;|qS@PvkL61BO3KUvXG<9taX^t}(#Sc|
zj%4r6B^czu`2&Zj$j?5*d|mk-cmnct2V8h6=V%9ESa>Q?NiM{wel}zoyTk-c_}(mX
z%S3S4RhhQB-!ORL^zQq_+kbf*?`J8l?RhCKkhlFJ30!yQNbm?G9H2RQ8t;6o1H*5@
z26uRJL+B`n0iw6?yb`D59izXgUTA#%-5=mEl<tNx2!n~w?HSoeUzE@;z=dG=<zz;+
zS0~3+qOzF+)-tZlTA!l!=6Zrnb<aT+=&smEEaHMGN1>1@^gD-IJy;lv(;3>y4te^>
zQP$d&DeL~l62ygTk7ZuQl+X%1L0$$L$yvM*9KWDAFheROHN<Pz+W$>9whQrx1A4!d
zg;W+2K_0=s9f>d(N=vFXZcEtN!vSuSD!h{dR+p*XE;%mQz(0?TYG}=0dYOhv?fb@1
zSfn{L1d&trvF2APz0!(IoF3Q5kb*@hNd5DZI8aQxp84$VBs>B`-XJ*|bI^0<&46{C
z{75HWdg}$j14i8!aDgwTqz&k43qcu^KXYUm*7+uXjQ`3tb@GFYk*&d3VZZ38R?pz5
zHFbTqY$$?uU^2T1N~(2xibDZ&!}XFVC4|<2^(tiI$>1>3#ND$Lts#|?#I6eZ?Ry%t
zgnC8(9dsJHAv!#;{r?MdAPE_K(c}Vzj(-8F%>BZVTp`a@Cr}Eu#&}&s5gR+}q%0j}
z#|R6qlpi$!d+Uv`sCWj7OX8Etx5sa;22uF_)bDA3%9qoDq$!WFd4lXBs4DZm*F=tz
zuQ@tNDRfVgndbLMT9yP^c2PsCPzgQWs+Mft%YG`HFCGCA!b>IqmFD|Nsq9veb{lWZ
zW%)4_4)=2hx`}&C$qGf8+v6MQ6TR$L4R-yc=Fio^%8gC!DX+9ACo>p1cRLRxbdpCq
z)`mGUT6n=pV<Qc|O%8#{!*VsNk)D&AV^Dra0gZ~$ZH*Y!nI-#7K{#d0>&G&o{#)z4
zzfh2s0AlDvawC0!qXy$HLTeN;IO%i3lM{*qfU6=^O4#oMt5W=r81H2!?@6Vx-|69<
zaHGr0NMpszsKZ%DWwhghr@B>Z{{L<iOcPOxZ2sY~ECmRm{=T|fer*tDH6!nk2DI(7
z)NtuH*3K<=qLvhFJUGo-+1&8aXm5YL+MXo>INz@?-83KNlHiWm*|MV3ni=Y6RTPkm
zBL@Q;$Q5cM=e+j&&zP9zo=xu>5MP|B;fRa?NTefr%Jl(%@Ia|TmJ-R<DlHd-c4YGI
z9<fF-SA$h^OU!Fd8Qo*bHGFlvz`e@N$nt>d`sp*&r!_bYK8S7jt=8+b^w=9QbSGM%
zYk!KeOQZ&~OeUnX?>1N0A00OEE73bX!-FP~Td-`#PLaTc9@wj!s-e@9(Pk@M1g5Th
z;4uhg_Rs<sSsH{gYXL%;J?yaQJ4=%Y4=`IJyqC@ll2VN3rT>iK6warwnsShYHOlKa
zmGxISC!EGsbV!dom*xX(i<^p$@-TDQ+_KtTUYZwJ8(Hz!uQ$;PMiLD8j&0wbM|^ja
zU0YIP$a!iy;8=a_;OA$jx}87P)thZ+{z~z=7Cc^2w}&3=r&2{0AI^t___1b^`C|>i
zXI+-d*+lJqh&(G@)nNPNA!TXPR_t=)QzW2w(WvuOA}P*^6!r^1RRaPHa2w)xtx;+d
zOy)%AT<4wqFb;=Nb%;fNONT<FIaHF&(34d+w;hH*hWA%Y_(XY4$sO(yxC5O7-5-8}
zX2;Bas79!g<ypJ(4HD-ay2g}VSM>O0^QDvgOk4>XTAtc06q?2+{rl#hey(x<QA_*<
ziq}#gLDvR_%K|?pZ~&cz4Fw?|`?ZgZCL9O;6}q#O!dEnw%h(X#oKS}0HHi#1viILY
z@2yP^SHc-967tm}*9Q9cL1YBL#4DgZ8ik7!feVg(k+&(d@wPe;2BWH{r2dpqCarpb
z>_rTVTNeRW+uo)arhc)HK`-D8nA|b72erN);krg7M7AV4(>>%P_HVr0rC)IFF?7lh
zpxW5MZ4f=)9xRx!OiF|d3-;b$HqF_ar)RE5H>DS$e+k0{O(PKhO>704Mj#%9#x4z$
zx4}!LH|&TJA|_i?0w<~FPGXE-vNL98%@v0Ge|Zm-_9A3+#GL^wB}izp2z`Hlbk+@I
zaSa(%5Hj;>8>U-TkQYM43M8iP`Zj_f>gn6^=~oV;8$@CZ-JiBdNG4h`0uyKZdVP|n
zzhG6-ehZTE-g;?fD;7YOCS=fStz~%jH-G$jslZX=RY0ucfV~^0<-N*38E^0FlstKO
zsVLARu);X*JSqYFC^3l2Zz^BrU0ov4=3AZK%L^G2vI;AR!6k()20_>3k_OEw_L)XQ
z`Ah5+ZQT=V{U%2hc@v=5Gck=-<FCb$Mo|v@x7pf988?TPA!a354ZlljuoM*GX8eH_
zn?1gYtcvs_>mQ~+WTl(rFDseNXP49r7^czb09XQaT=aMTA&$-x9*O+ewID-M$MA62
zZH{KxOt_$f6&=*KONpVirD~$GlL17%#ZAuE-A&KSmyQCg&6A6Pq)Rzf-WWn#gLV$s
zY2#rCjv)^G#Hl@#z#$<H5EICxu*<}b(a5AhHqqo#xKD;cq)hu3aiY+TK^EdUyy2EW
zO2Ia1y@w@%3FKe4%|W?L%pGpymxDZj-Zce-b0Lmr!u*3{30-3vhG3`#@za{3?@(8S
zAIzh+z^lJ?E1YjX?H5Gf5j;pm`skpt{qWNiaQ4g_WzTvM)goELSeEs18(o2#WwOD5
zKthNF6{xpA0>9bchi5_GzkZ}T_i`JQKr?Eh9U6HGI)C9KcASFDvAppc5<(5bzwv|1
zhK2f`31#>zmVAN+{<V&@_>(xfw!091g3t)5j87DZ>_6CQ?~@y=9L?o)mH|NUG=Z0`
z!bhDQo@Gu?N^hOLq$*ukDgHZodm9@+a*clLggh*YRTtk^QUE+4NLAL4lzsNTS9ENR
zpON|lT6~HmapqV$-T)S8fC-kQ0xBGAKCA{qH1fQCtss_XEp%!srolSo9Mm$d*r8O6
zoKnle;#9aDF$Z*SVrQ*_?bO<(ft#}s(Mt7nsx??^C`^@?1!OC%5aEH8^cvei>PaH{
zu<#@WiD@=sG?1PpXq6ufQ^mvWYK@)t-``9v4P5UPGH@&1UtvDx7_XlKHa4c!Za)od
zk4$tEmQ@?xgz}$iJ+MuyYkEk4n9oQIo>fbq|0w5Uor(DC+ex}UXF8?Vs-`s_4W#f&
z5bJO6Zx4Rn(<a~qLHR60VWxZ!t%L65_uJ_b3xEl3takNzJtYk2d1=;ilx?z>^t<Ga
z7&^Q~;)i1~a2l240?ngBu^)NxAu!~ef4${`sDxu^VDy^0wGkwf$g4sfX1fb=4h*f4
zm`&3+V{ll!+n1=Xl}z~7bBhgcxFfLKU1Q4u0!(XfX6BWm37s<VTha4+fN6r-l%qSN
z5YabuMB}q};<6N-G2h`8y08`qU4EguDKgRUClm89@};K~o#T_c{ymlJof-b!4qCzz
zHHu$ei>u~;s9$75qEZp|52+eYD4cxjL6`iaNf@4hdhL0wt%~NK=w~zg@FXGMg!Mxl
zcvl`BR>)Slkk86A?pMSi0nqd5QQgQJx<j*MR|aEGBq?X~+5xR_myj{dTsHVw#Lsoy
zf&GwbvG=7I+X&}6CpNe<o7zYYMzd85-N0^+6^rqPY4LSUF_D_O$l;S-Ww;V}Ig0x{
zD_VIGGv@@(ENuAi;Gc`_l%;c%Fgsm+45B7DmFE0k3&1*|#U%6q;SEBjKYuDrwRw;6
z#df>v4n6tnjE#}~jMmM;<}@<Fx$wQX%Uk5p1&1$76Hj8v#}P2ho%cOWk%*gpA<=NU
z>JFF64Q=eOwQr&b@W2RU@iL%gt#^%Bz_5;+n@O(|G6K)?7sLVQ$r=xt1vy<qxMl)@
zu}7RrD<rnF@7*i_+O%1D@_TnMoYG77=#*x?ll`GOR<`nl%2)XWFK5T>*Pp?*dN1Hq
zxKV|XNbV~ZTGh`(V9k+8(W^rc&9@?{g&hazlje-@FDBx#Q`f`v-z;&PzI9b{hpDj$
z+D%t$_b#n5Hyjf2G|+PY=HN#By)e*kq*j)HRIc8yZm@X@=q&9MIbYU%vpnan8T&zB
z@b)s_9a-wTy$0zk&izp*1+VU{xRG&H+C(7cU@b}0d)sMbs_|&#rg<DUdXb!3puW7u
z#|`foi|!A5zM=ocDI(jtdCsN5)({xX&jNpcGDvJLRzH6-MC_$|oN!BYbg))IyJ&@2
z>M<$V>j-Ee07m0e-yiI*uD``dNPvW&0gYq>5+g4M8>1aZ1*MYyYB4M>0b-H>9`=x#
zcDbWcP~b_y4QQr@ueywD=(e^^S>;#SqB=dH+6H0Vm~%O)6)rob)FixVSPccqolMIs
zIRBaz1eE{{q*0>?EMs0HPF7;qTuUHqeaLSq5(%^fEU67~Lik}~K<Nou9E!hW8WJY3
zLAN0ou^@%%I-f2ub8tp5JPrP22>H1bIT5f_|E*dBNt?yBwjW!;$F`8rg2e_-uj3w7
zaR`=BDEn&nlO^|IO|e5?dvM`!kWXb=L!a=;1r3*4vt4`No>f&PsZQMPM?kWLtOie`
zve!|uHAtcA;i@boRca-aj{0TPe1x!`(v(M>=y)_>59toje5GLaJ*L5Cu}VZ{#;w0p
z+#CYCjVuuIA%mRbWEJ!wL!A2xehOz`@bF4E1Q$v6CZMP6X@>>@1;b(mQ^fRF<Pet&
zeG)hKe_CnM03uc%T6Vw26;+<iK}Mzqk4g*~^ExV&CDGlcD_3b@N99U>G@3hQpUZd2
zCPgVk5M&!w=Bo+OZUjw0S319qeKi?HZ1*1M4mG(FxiFsNdH%|rntz$RHRK2Xv%oNb
z43d(I)gXWjky0c394_d$R5T{M)CVR~^l?YHVG&V67C;6@miez&Gm{#Gk}&UvT5a+^
zHp=(Ic&yV?YrSm{$bGt{IYpCUN2jn^{}{&4t`AYIf`wws5Ue$s9_y|X!w0XX^>lww
zp273G)EWt~L9>F0;wtIfBwV$Rbctib1bx8RnG8~#Gc{y75(yim^XW)>?Deo}fQzBY
z9Alqw@27O1y}l4u3|sD+>QKekFfnEW=fB+tj$53Q8&Q05U{5ui88oW|o&H8W+yM4$
zg+8D?nZpYGE)Al_3(eTT5Q#}dcke_1nr<4r#bcq_o)=MML|G--s*|LZ9o)0eGeR6*
zVppjr2Al$4P6Qs1fQff75rmh(igzHS8e=dz=NF`FBaU#2g|QUfAx70C`O!!!mr4pL
zjZM(X9x;w=9R5~qyqcXGlv|q>WUC`zPY}3F($EXT-LQ<ZS^!6ncsiDJTQfpr8)Aa(
z@GulzwaHWQ2V>lNl(A-<S>V`pk)u9Npz;aJphMl-POAZ+mB8h157YzANFfvO>G$>B
zm_zZmay~ixDIE^!fTwivoE6Cze@o{ESG4r>In6uivT3K+GU{}aO{dyu-5NjwJy!ES
ze|YvC;1$+Ia5=0=&Lffgp2pI66PHI{P5CVb{OeyKy!v(eTmQ7CLq7*&;Yw!rDH`x>
zoZYxWv|6y_lVo_PH}^aF^%J7gAN}~(p)aMa48eDfHBe@u12KH^zq#ikBs%6Cm&=P6
zPR_%x&=d-~P9sd)VVKN$h3_3^$ml*JXP0W+YvDkG9zi)p=-gBc?U8)4CIZR>16-Js
z9AvslFlCbFKKge~qs^Nm*k~<>!2gEF8rJHcQ<0MaQ}y4zOphR$FWQ^h+;GqtuYW8}
zsQ$(!e8$mAKZn(k`UbbcPQ1et%8d~nZ`-$s^pf35u~xfRK-XES+sdkbF=QrlO;Gny
z_zH)97<@s0X=|%*x4JuYmN4~~J1&Pt_4#K$tFp-({GWUo90kRn4glW~d(~hW2)6-U
zf>ftxkrb=;5Q9KtNRGeNJ)3JBxLa!w2vRpYABQXD6CF?c{LK>L`HJjhl|Au|Yv)Rh
zCuGB+`L$?(CMwd~(*!@sxoF?+Wz%5*D4XT7FZ&HfBD=3Gg$zd4QisRkxRF{&L168X
zNA>_gd17d^3=(W060t!$WMik^r5xZ?BhH1_&KrxjB674i)yCL-)&#L#EzUO0Xwig@
z>#K>F@<H}1?K*>ys!BiyvrS{U;}IYIqTAIMqdjjOr%Ge7q$nQjm->x2wERP~GtRl8
zdb`>qaw61lv80=90=)8f7!6P%*gt@!0np=by*y073v|%HKRhDOJJR@n;I&CzCwsE@
z>(4Q645@B5w3!xgEqmvt=io=AUjX^vYh!io(R*J>^MYLU$vap&ednVHC#u?-V8M%E
zhJF5tcH(EQbyR-13v4<ITv{XYM?T$k7t66k2qYF5CLd0NNx1<7-W^QcnNU|7ppJ!^
zSkD-8hrNMBubuqcXHKdqk`x|DL&2gXadO#|%n&KfK6vF^4h~|yzrq0r4EGK@KjO|j
z=yi+@jLkp8V0o6ZR4rE2<3J*Y3almvpKpbC@T;w&$uXTg89a^HM^W+4T*DJjx%0w(
z{Le4f{lXK>ss_NJaJ2=qq*4ogu|vpdAIABHq{U~L5hOY2Fa)xEqx+KoA^R&io;0IC
zL{36Lfb3Ll()QHGlfN3G%thtY)2`PD0!g_K`Vhm@_gX}I{|Ph#M3tJDjCl8MS>8Hq
zbxt!_!Qxhr;uDmx{}KWc%%feGf>8~Cxf_#m82gWv*am~A;NV54R70l}GlD~<Lt;4G
z`zf9iq9u93ZsGgc`z;|rvVQn03TbDPecr7l{`^lA!o+elgKCakv7({eWwpiUjsolc
z-iQvP_O<@IEukNMKTiNn1+xJrvf|0??4jTXhv*~>cryKJeSi<DGFzi-!J{LlUsE67
z^=X#bK(6klDkp}edhrf<ij?BgJ>J4b@cY25Voo(U1uh<Ffu@j7Nji{<{@_0N`<HBb
zH2EYojb=QoQgYX4N}~)UYNfxjb$Q%R43J-A)PHL><Z(Ca9iRUAANL`SEZ?&tvjNaC
zn-{iWHYhF@gH`MnQME4F2Gf1a(-3|L@Q(|4P*i1hmh36#byh2X<b+sT^i})5@rhKV
zl180$_TI`Id2|^x?J9xiqWht2>HH6!q{Q+1Vx>OT#C2t5Cs)p~3)%w{n#gBd72K%7
z_yHJMOI~CZTs-FdYH$@?ZRY$EB4WV5!iZe5J((On9PZj|oBmGNf;L107qZ~vUxJp&
zHI@eXzqGARS)v)jYeL3`mE|e1a^H*w+@=Uo=D6$Yvr@_j&t&n{qc#VwpzdwT-O=ns
zvW7v{=HWXwf_+Rokwo-p)AHLrJ+ArlqCiyds>6{3Lf__`B|vx@(=znebmtW;yi?LO
zn4>60+nRmSWM9&!D8U-o&vmbw9P@wB-ILGg@G9+g4U0gbETznnS+&1q(FDh!DAbq_
zth!*3#6L%7&E%0#iZ>H|QNgTs>N<NL!>9&{S@kbf$R(nPfJ|2eR5+!U(cFA>^(-9*
zYNmi?b%AEG%WAFHCWi_@M4-~M14|dIU+jD}39m12`S?vbj<Sho68ym9cWj%5PwZ_8
zyX!k7i(%rh4W+DB*?z0=W)u;hy4rO<7HmiS#+d9TY16~y>vRXKQ6%NZ_{hOtHPk}B
z8u8gJ&`g9%cGfO6)IrYx895hDh=gQ75^Xjh&qEb$+5-tUYMNK1ECw|A`ma3)yR>tY
zl_OSDNo4pqu3S!M&1_mJs>VH-Q>IPO=61+U$ZC{67?S{4ig2fhnpl27VXE-Pe5%B!
zQfNV>SX(jB5Ob|3lhdi@lNPY=jpZGy>%q*1p#*~~V!rtpCSJpU$Lp8(hcdeE8T%-k
z@WD!_VRxvL?Yz(h>XZ-zwX)~37~GRu@la!hLN$s_I8_f)p(7UI-Q>-qtj{=Xl;I-e
z?OZIx8h=Hm2665HcF@r9`GJ0`$bu>T<s*iLAruX<vY6mM><Rbr3os7#FQgR$HHW?n
z1v3u7Yf@zg^hZ8rimV`Rr__7>IkE2_q>2!YBIpq@hIw><PAK7K)d<RYvDlHne@NvY
z{br$Fr$2LcrPQwA=Fj0fzFJo5`}>UNxnyeb$b`3vgT>D}&T?y|53E8C3A8{|sHyG1
zsp^snG0RBq4-%q}4`$sbC&h=wfCxda4gBB!goBm4iQ@}m6KH>8W%A$m79aSTFBTCI
zSyc?9*xPIWHkWXe3IZW-A8)BBEo=Ner2TAD0?BKg>QXm6px@}M7QVO}bra*IZpE2?
zpfA9vR|oESZ%U;8JHy8)kdBowAPt+iX_yVp&d6_z5(c#RZ<W*l)=)o)V~7n&q(<4O
za@f(GDRXf4e}D-83c1?w1OaL3&;g)rT|I`%Vdd!!7M)=>zk6Qw;G*s62Ip%(b9lDI
zdP0Zwm)7|bhB?<p$6ra2X-+hHHcazzsB0=uJyQ0tFTX>-^h}Cn2khat4AQL$tnM*o
z`*H$xre=5u#gH$FRKB@^l%=0)%%jWFOP@;o6&AeV#mG95u2OBZna+nJBw(muOdME|
zaniA)yT60uq-#WXm%!lpHwcnThJR!Yf*?(05oQu^6t&u>gfaQMrsj|a{ja$Y%xV)g
z-nZ?xVDmvWL|>nEBSZ9Eb^zNk0=rTw*s(m#NmUcNS~F0oCpLWQfMYO;+ig9OuMCm0
zlKsA>TO$;X4I%&o(r&4xKZI({gx3!HzgY~Ec`M`tq#alFRtSj%9IH2c-ow?iY<CkT
zH6+A?U;>Yy1~{bM-^C1F)^12#?N*4b&VaUmH{fT|hafA8rrikJevHJhL)+U=+v0RH
zhWIprdduV9>cG$RGXy=7GYcqRwVZjlJk)oV`lqpjYcKdt33Fp_B=Wvbc$-U1A%xZa
zE;vP*9WQt*re=yf?GE|$>8}tPxj5Z9tU1-m!MMxrYZR=G*RHl3O6-3IP;~~6-YT@L
zl_p6{^GO8R-QU{1Zna?^zdaET)%Xw7(jzi=gOy#t*c3?}3>sTaQ}|d6il4NBtE6Ew
z*MEmrK@|JY%Z1vMM%4cjKPeK63ICo+E~{qxS@ZxoS?jOh=b|?_M`_+Yx6%}`=%J0Q
zF7qooa--xLhy&f0<H9GnXZ^E%+Q1fi@Cm0v@m&$V3-#kle&vnXK-ise){Glu!$RKc
z?zf8nX6pJ)KPNdPuEo9pC+Pf8)?%pRyjZ^zUMO)N2rbk-q+NPY%Y}1G=dY-+;7f3j
znht$nwacpa%n)(b{v5)HJpEP;258`IQ$6K+6@IWNS6kh^mv5I}kSj);x&lqfgI-s%
zKx^Ae(*P4DgjrbSX(@SQRaNKH8I3_s2E&&dfRy;JG*-bN9aJN4SHKV*KF++8v_}d0
z61hPpD_A7QLtVYAoiiIjB6a<plWqM_@Z}~T@aw<f0QQil5sgS{@BXF2bATkeN*zg4
zWQ*6%39bj?*G$_q1me);Z;37bp|b?Vk5Hm!tb{S&8IMGGIJCx*!(`bPO82ou3(`Vz
z)T#ZAvUSGIq5ZwNA>ds~7_oEqVMHna-C0Ul{W=aCyP*%0#Y>vD;`d{z*cbUaUkU7U
z99Ia;1=ntwvo1;ouB<ls*yE}pd^Gu0J1*Z9pQtvR;eYI3eEO#4ZRmi~r-@p=^Mtv{
zu{{kP$bI|j*-AEw&=%GZbFak7+v0p>3hgRU0ZAuolZFq=mbY7-5E@6glHiQnpj>@k
zO9v|aEAW5b@)Cdi%tWUt*h9VbH4MOEb3&jN#4}Q;cR6aLD+bs8{%`WB)}5|SIMS?2
z09ozXkBsW>3Rz(tEw_O~ex%e^DUP@lN`a+ZoO!<`)K%8iI;><r?TXa5_(wYkETwq?
z#+D97@8ov@U$Nz3xV*YAe?U{>y`P)9XT@z!n7_~*xg(icbtwV`v&`|u;36rwpaoi_
zcmrQjvbhk$WQ-yulN`#Ex(MMgjD^L3`Y&7JpyUo=<wFda88B^Q!9o4mmMZGQXJB2`
z2#1$#RnOoMr{iJTLBjy*52}eIC|ekJ5hS$Oant`XJ)dh8ovj#N+30Twi{gtTbh);p
z1kh)VhV5TsZ`!pmPxNbk9uHd8zpoRwqc1hs8p6Pu@sfUKCuW_s3>%yC8<Ir^Eg?hk
zrjg1J?5I*`RD{`<zcAeI6(^95oRGp~|8h6mpFf9WCj*A+zTwzA4TvyQf;vd3OSp6U
zOT<C8qdHGj8>1@%F9o$gxhaZ9Cj7DIiB>LQ!?HkiDAK-_ot97SuzaJ$zNq%LD>6>U
z8dFIk5-ICTT+fn@Wb}TBEm4Wq&X>m@YPDet25)5+Y5S<9y>?$ejMNqEb|)8uN2JI@
z8W+GYn^}Pw7ho|{>Xc?Flld!0?x>3?`<9bBR4V%+_wnL%B_A#U|KB`Jqauh%`2`(e
zxy!o28wsnTCzsRFpt6eVwR#w(FRz{>#~E*#w4RoyGI#7Y{n33*O|B8MWm}tSd%yjH
z%04Q|;lavU`<K%5U?B5<-O{=fJSYWMFu52y2wsx@&|fACo)KOc1m`P{4NjdHU`M=S
z4`vAby~ldxhWpHi2saB->>a8}gvGo2@d>y#<RsnKvY;zoIF8<d9j&&^I@uuQQY7^G
zb-B{nC6fYnW*f;mjS5Sp(iKZZG^}e4dPIMX>2BJJG!xbK?Y&a_9nRK{RGwSU=C3s6
z<HivTz<dK#Zaoevm>e?L6yS^t#>NgNr~(PbRu3*{N!y~1VWBM*5Uc-VW^ELXw^eYn
znfE(J-wHO^-@71fJOZ%PU(jHnc($=3OAE#0|K!=VkR=}yTvgn%H0NG!O2Cp`RWHrB
z_w_s34d-d1V6bKIF8ZiZ7qF6OruumKpa9AvE!9*2_wzLKT`}Ityg6dihZSBSTUCgD
zB`HNH5-H1L^uy~s&u-!;8!)%O#Wcy?1QJuzKVsqsiRtkAKVk|zt_@aH&D3CA?1W1n
zUv|uRCmt=?AW(IDgBCJiIH)b=S>pXx({M+mg@vo+3b{7hV3%7H1%!I#$UIH`jO5=$
zc9@(4yO(8fP;d$P02UZcJgV$l35V^!UtQ9~YJ`g9pzxP{pZTNQ%ffc^2{^6?Kc4|*
zkIg1*NLa2wS36F{&<p9f{g@ZmXcwc78hd%RG#8u8!Om=9PUYF@yEqXCpl^B$Q;mu}
z^vAOc5U1Y{yVHiNT*w*xERgUSJwc;QZ>Un%4b%r?`#swJa6H2q>K07VT6P5K)Zrr>
zzv8!9$1qqlw|klP-(-{k`irV@yR>b${Y*{JOeW6U3zC!|qO|hlb=agMj8y8c3nTef
z@Xo*En)1oRxHFosQ<E~Fy(Fh*h3J*0Y#iNl0*+Umtj|UC82N(Q0#yj*^|8vIg6EV&
zwSDKS_a*Mb8zL0_Jj;6eCUaWc_G~-5cdi>`qLK2&Ws}^0tAb<OF58l7z1xOu4ohk)
z%UI@1A783T2;r2>50%urf^#!BF)ba%;En&j3$T>!>Gc`85&oSk*He30PQ{+itJae!
zhN!49;kHrXf0%m9u(*OQYZQmZ-QC^YA-EIV-Q6WX<1{Wof;%B-(BST_!97TD2u=fE
zzcX|1%-?>VK4+i3S5>XrN-*=^F_inuWYT?IwP~t%jW<`b$KT~z+BV~@nB52DqE2T6
zpr%eH0lipq2EL7MZ*k664^IRZ1K)1sp5Q8uJn3hceKW%psQ0;_wQVuiPWO>+y*tTn
z8zQe+e5;s1DUq4z-Ty*BGZotzImtrO{c1{SgLrS@^Z={XP;NOqAlzGyn|O#esTjs~
zuS0Y5ikfjIm>-Vff8Bv3`=|WYm~viiXbnGe9Y3+2yYR!o-kD&mBDrIkb{~B-`QO8H
zk;7K04<JYfFiHwR+CkDy+n~qD;5h?}+&8N^X7=Bfm5<rLKYZi(yo0I*=GfVH>Ylf|
z7j!5>ur+D5)UgK>ptoVRJN!$z2ooEI{>zKwg6f`NBl6n`m6dSv=d}{CoDhHpi3veb
zGOf&-_Q6tOECP;Mhk68RRDb_}{W#93qFaQh1N!I!2>8BQiDAH~?rB1Eg-$0CCwIn3
zDa>~`OEd%*+Xh>{6ThCFaM*@FcF!R+6ABYCFsmmIKZ+p9N%iPmC;%%kjBezPSnDa;
z-jxZP;JYTH4U0ya?0pmS19jM^pqh}sT}B_4B`)I!fgIb!%dc?1<nk&adloTX59`)h
zvpo$J&YBs;Jz;>S&W!#HbdcFQl?XvAJ8OPZ_Th4$*l+%e=H*h7dafni=TM^j;m*c;
zW>qms%S!Py{26IoCqd&-a4bvs-8Aw~0^`gZJyMME{{Q&SR^gsI0K{<Zq^{wt=M|7Y
zf5`<5%z3ZC@>|Y*jmk&_DGJ7ueJpqzjp+e~f%67Iko-Z_b`xb%+eh1H`RW%?&H>p`
ztulAjv;7HmPZ`F=sy*Lmar}jTeU4F4e1KZFAS+Wb`?P{aW4g74eu_cLYXDRREf0aF
z7ikA5`TviWHRK?6<Y0ueqw9I0bpCL3wQ$q&Lgn{!vD*qHRt;n-Ic&Y^-QEH^sUz*m
zf=WAj%&xNFhX`zX_1B0a#e+@SFa;96KPDwfouw@;n{kh@?9OZz9=>2y&r?B&pSWS~
zk9q$DIr07ff-XO~;B5oh86P?RAFCsRx~r&k&J~m*!hDQF1{z3(45MeJZB+6zlHe`Y
z|3U2m*6D~95cAff?dB&0wxST&j=+BE{|{{MvKOWO2V1_fxV@6L+iWTSNjiM2zV{4%
ztaRudlZ~l7JYeoUzJytYN`<Ww3^mZSMeHQr<zuWx;jenLNBSS7wTx1MAWB;|q6Dq6
za&SwaD2{O_!?F5NZH0AWhI|W*&El?q1Wtyy3O!bfp-T;o{&$qIVO_ps9V46)UGK|(
z^yUW9+ZR-TpO`rf{)nCu$~{3V+sX!F+cYfwH*FT`ICbaTdKSr%<g+*YZLaw4bHmEJ
zF5i=+tA)}syjMD2Gk3;cyGZ9yyLWx7b(zLTW)dG{xsH!*d$xA%LE3m{Kqou4iCd}G
zzrLN@(xtC-IGVbeu<<%DSDQon_3uy3?wKWIG4>ZtCRbON7Iy5Rg$m<PM<Ahrz0}`g
zyg8-w*9t-ZbssuHlGkXp>OL9^FPah+cqkR54sE2AqCGt>69+g*!Os4JvJU%3Ln;;f
ze*hvB=i>$BMUoQQBsEx7<&(#M;P;BOxUajY>D}skgMO5a=8Xgb`P??VTw0f54@dUw
zTDJPFDo%}WNa+LT1?l!xGtBtfHmJF&%$+j5X|#C#;%vSi0UWTFlf<g?-Sn^QgAljZ
zdc)^Q6A(211C+%3qVk&t^)3DSI-|K%WL8-yPoNZ(cRvS7tU8z*1<Df|gd(%z;Y}<4
zzp?m^f|HIAUGK7tEp3y+$Rtr}i3J~&GpR5v6b%0~V|O3t-tzMv1~<wQ@(T0>d*UDQ
z*Plv9Ig-byYNWF6*W2wTM_`%>h#B+aW%!076u)Y3d%lOv>Qd`|t_`UJ_JsnG@<ol<
zZDd^=mRc3NWCHI;?F|`Z8+{8Vv59dF1B^lNp2#<`Zdbjb03)!+@JCM!=Cm&wL2VZ2
zY*b1DVn|1C-=&VA($b3&A=`?5IwNGgLO$<sfT{=ry~9RHNj&rfsJRF@i_Fxi-14$e
zZXhoR`Z!FVofIbSKc)cw59kh+d?tN#kt!jdImrir36u%3Za>G=7&2aa`AxE|G=)LC
zKjLX`-WIOq5wZ7+R_F1t?;90!5{+!_nLyQ(ecAuKIPQRR&bLNyn2l2devuk#hY}j?
zIfFKVQSXNK8yy|&9YV>zAS&+vE<ze0o}Uk4<rh=J%0#j<*9*V503%(?co>Q_3g(}Q
zK5l74BqI4xE+5As(>_>^N?c>3*u%an8*G0JLtbh3i_C{*rb^9V=QDaqe!@f`bR2kO
zLP&wPRWLCqDfo2ch4<RMMjkeIMIOcthW5JjTUj$}tU^!dCW_%5Yy;l0DVhxM|HK?%
zeK5<vm|~VEZhbLOmMN&Im-&GuLxRXHojxC$+3aC@-Xy%ETT)>a4Amo-zBF(ZIIM&1
zDG$$5+mNq|U?j=-Y<<7CX{1~KD9JLaQ;UBippuOysJNjtU*#U|S;I`Ck#@<OUX}<B
z`L(h1;TzCy?cEs&eAa-5^D()6+B(=v`^bYS_HEx&Qx0D9rJ{8Njt_1PCRIA$PZr<>
zo%R^lt2UT(O@?>C^RBVp;)ZHSN!#an4esL$<!5M;%e}Qc;vI+NTJ~9%{C@{Q#fiQO
z0c>-=qY9_^U@a)|6UJIgSj~99BrGn1v;$nv805;U99FhH*IDPp@$u1n(yBqn$a0S-
zn~evhdpvpHBj_)&`!0Z5qi5Y@gMk;xSuok!N9_~8FdWbCN%<p}KBwCxc$+BGP4q~9
zfIvcFf$7DKilXdell&^HrpLNhKv|qjlVqpohjE}xqGpQOg6MV{qCwf$xwp%Lu||V3
z#i%Qw!BwKg_i#?1ElPC2KP`le0^2?g23g|oA-FaH9;lPzx)NkDCzg^;TFV#*JjQR%
zq?q@EV>PESGb{YrCamHt-3IRPLY1~hAo69-yQ&M#H{v@v6{e5H=f*M-ByLl|iwLQQ
z)#ifC!p_41=)<Ky0c?yBE4LSQY$_a1^=ziV;Fnc1TC5LdIUP~}7no9Uv}!-m;z%%W
z9+fhbhhial;U}d-pL)BfqF5i)%sw@5d}~s-7Z>5ukCMb2BKCEDbdbH3weGy!@fpqq
zN$cwj<Hs<d>kM~>Ba<ray~5C~T34g@-)#5WKQV=76X^y#B06u{q>BjJd{2G-u~~1R
zJ}vmC`9>baNSWcqDj6*|?=b>oXj&rfvMy<V9>^6*25Oii>IARV3@X{GnBbOzP$>c*
zx(mRS?5<iS6yG#;&nh2{uI$B?H~%9r>V~LJ4<eDNg|%+C^zkdlB8#)ETsJWQ_mxrc
zLx54vyTmg6XBg<Sxf#EW0U>TPr3VnZoz~n{ZDI9$*<F(}|G!DmX_KbUCq--opE~oZ
za0v_dlq?QH8R6w@b&wOTf&AIJI)$F3fVK*@eJzc}`L($V*Wr&MB_T`UP`18GSeki7
z3fjNvO~caf>Vd81uR4Jaxbii$JawG3V-ewVQ(n)|IMGd%g@>_OIm-%&B<(;#r9awy
z15c=WG$e>JiJXmUiPuR2g7>*CODLKlEt(Wh2<{cuK`hU++qhOebN3fVE&qN2RYh0c
zI{$^a@Qld*^}IPedbzMW4qy{!X!D+S+-4Vie4L5fs`bkV67)Bp^ZHdqVJbLm>U~z@
z+cHQA*T#;qNNNo#2=9u;_U8bSwYYi|KlhqNH)-=NF9d>b_>QY)ct!0%ubHg0uO7jA
zwK?HU1T*!o%)K$hJSE=XXq2$2701{o6@II*i=XrQ2}A6`>17`z&0-hJ58`53_pL~q
zl8SDY6N!7TFsI|?yp*n_{-K_z3Wk}0VpjHj>QG^x27@)9=J~aKq(vYs5)C!t3PPjB
zM3UwQg^fg3V{)8KQsiq;N}1NS?9c2{(ec|FR8ZwKwoFsHH6S0Wu-ro{hmN~CA3Z}V
z0`+?p*@#`+`kEl6V@#@niH>&<EJ4e?vPAE?m!huYYCt8_K*USM+=Yt~=Cu|@zs>Z2
z{EP1X;}NqH?0^_iao{Jhp;lIG`o7ihL>N)*savTuH7xUHegj+v3#^RD3M@bDMUW@7
zn)E)sO$x}9TG0~MTpcmopHO#K23qbJ72ljCCInh;+!-cecExWr@bUCWr`NbRNX0V>
zd+l%{SL5<@gp(&RLhx~rNHLBwCQt{AezlnP^ux?rDDgn_CvYqS-R=74VLr1S1Z$o)
z2cctla<&;P2|q7B77%E5rR#eT{OCe-UG$LHJyZ*YjzdhYtN~-sufr{OsN_p-UBQ?Y
zH{m1_M_q1RI(QStysG{f)RZ6}89kTu{nV34$b_OeTr2N@JWYICIwt$<G|D97v?B|d
zi6!OF0*ZE<zyp5e26BzZ8C(tdXVk2H4``qCDdu6qz1&hY8E%1kkxUz%B1HT8BXG$k
z$P>1s{$6b^5UK#9k=RgI?_TVik&5u>(5Pk!^nwtTc!<@vZ1{x2c~corgf(_ZG6!os
zcUs00S`#(X!JL5dcXGFf8C*Ar*0N?iZfqg%$v*)Gm5<e|a$oS>CD)sEq-C2MQ-Nz-
zMH0dM`BKBj8*XUiEMU8c7mcI4=U2UWg7xX@ZvHqx|8dl@MC*d(3VtTH`4%}!es1T%
zh#7m8k86H?2}>jQecm|sg5~gl8Ji%Lo?P3pRDa)S!2!IjBP9peDrVB5p(Y4^i;6CH
zvKqKwI@h9sdz2!u%Yb7}EJ|OKgpD@0>tNyIeZ;9M=7-SMz?+>~G_~iGS?zHG&s%1}
zJ8AU~r}lfyayL)ZvZnYTpTDs_8C{d(wW5Vj-2g~GF*d4H26o6%nic#X%iB4S%R=95
zeM{}LfmY0>NMU4O$R?SmWoC1YC)atH0pjXF^g&SVp=krrhwe#`7~-HMhwgjyKz!YM
zCcQ+7k4ig?a{Eya|5q2I@|Fl&7H|Yd{uQ^>(;T~5=pmdL2tTUHvX}IMa)Pd*V_1r8
zx_*L*--}NN)zkiNB!_wC^{5-WV>50-rPk;w2!GdxavqsSX`Mm4aA~9MK)x8L;DZm4
zQ4cd%Xy4%0u}A}coNMOd-m(K-s>x`Gnv)$1aMxgKi{M=wT!an9-&$9>xabj*Au2is
zz#F)t^2}~7_%spbbl}kex-jdgJm72yyadV(_IM_33^71o?2tjFLE=6je@!X<eFkq8
z(UNV#Pb3%j8tW)b&St-j>46lgamgN5Xi(qY>Kylq#h&X(c1`{|I+(tSEXw5!c?W&l
z%*Chwm0E}|ctGzu>E^{p!}m)gq2`yLx6T_K>xhkH$2l@}BLk?w$m7~V=KD{VaN_at
zDK9{g?=un6kW6!mU9kj?tcq6dS-JdZH;?S7rg*6jvX!9BcZB(zB_v?tQnf;5Q$)2`
zo-$ZO$}KJ8pY+n5%h_XWd^~?s+Zxzd4?YhqL$r>xM?hp5!(eg>D<7$S;h_WR3YBH}
ztAj=wG_v52U*9q|%R*u7JeeTXa%{gpC(0PmR+@W`t3U1Ecrp!VfQN_gKU<anBwGL4
z<mwFKT}k4+(w>a`lt%`lt3&Clgin=6&a^$?Ip{}9k;B%l)&vK(t&3>25g+mxz9QIs
zr&<@td_Yq>1Bd9p8+8{8y*>iht|@R}IzDc9B&6S5DieNqApo`Xt?hcNtjXA(7|v;y
zrX2sR@XG7yUPr2vRx&l?npYPt`*vfCjI||q?t&ZduTbph7EFP^hodSF4=L9J0;?bc
z{Uk*ghT<gF$JK?&H-yP!)_tEP{#<^DXutUHb{cAY#kc%YoboE8{TEgLBo(*H8wOnn
zkd4S_-GqNS?{uXy@031k&o)GeJ};ese>#OaFC$9LzV1EVeB}u5$HEwCB5<PA1}1e(
z^_BN7Xv#8<_00o%|3E%uFSfxbOYmC3k>)Kq$)DMSFELt$LF?cXPq<J$owK3)RTzYA
zw`LQAoVsr6TPOW57FM7sfSpeHBs-jm$WXd7?B*-?jMk+~CeNjP2bG>cVO82UIl6!M
zNS(k6B#{ZbnzUk6M8-AybpZs!%5`6sW|Sgrm|EUm(;z(H2Q~)QsR8W1;$}u<_rj*!
zkL*Uwh|P`5dGP(-BDw^5^@0JHe@fAY{2wkDlao=O9k;t}NsAR8prJlRzL1@iA`he4
z{wsKhaUgvzrDBL<GyAF`d$w_tbt+Jw!esl$KtjlL!$1NTDfJZLMIR1qInd0J9Dg%7
zDXuKyS4cllthVBfCd*y3<7~0X5S4Gpl1Gwc-O8%lu_|c1>7)Q97y+6g1n<BOoyByZ
zilPtES!9s6IKM8l*p;1QmvVpNbC_4#x`efgw{^hVp*m4^V52=A2MgzPzb~9b2?U*0
zJZQ?H3x@`ZC;~GIf8lws{S6c=jcChICn)V$<2HetV9@cIKFo)TJ`BWo%l(Atn)waQ
zZm7+PrRCN&DBE$XbfukQZ7SEyTR&tDBx4om;8gWGZh6sWhQyARr%8^bFS$1kzkw~4
zdB(2%o5Lj7NOt7J_dNEBvE9TIV=_Eo2kJwhq7d`C9B*WDF2w#uN4OHie-nt`{Pv`Y
zoeB)igjPIQqO+l{e!I4s0?+K8VFEr>FaZ!@$_F9BbVxN5%&f4nO)_UGZ<@L@R9>=Z
zzmD`Z1lw!m!{l}diUh9UcJ13COU_^Y-Z;{EEYeS6EuvwU{5S$@vSpdA5X|7+5pBeZ
zeVGYp{tE`yRc)a#J}-8QiheBoMv3tS(g)E=zJFy~At5|2d^fxqJQeyAFaYTaP~R*}
zcAZ5K1AGBH!58j3fArsOp%Hlh$&C8gk7fu-w-3eo_FHXC?!C8-b~bUZ6LIPuCu^rr
zCV!`|JiScgcqM+Jk7E)J+jNS!_7gprM~YrUJV!2q7P$ZTNJenEOja^RSSVo%G`rV{
z>EchF1CNGy6(7lX<CTUWW;o_1;2O|VNKTrhj^oGez_%Voo`w#ifAW?FbCM?iy#B63
z@-wyYE_1~}+6yY~0{e%VyD0lgbLFekV&2ns%w-m$I_5PLRxBbY^ck*z668Edm8{fs
zdD4dYq0)w#KKr91;)d%4T@J<%$QOm4>Qd?)XdNBL`)*arDBwJ*j&-aGU)!-^i(h0$
zFk^R#CG~9czEUmGrMtuahesBXdR~p{hE($kZo)xU;Qo!+z45I4A9&fU-t%b@Me`5d
zgo@)0Uz(q{&nG>vtk&XG`088|v#pwHr>2`fcxB}gpE}{6ZmNq+)iaYFfU1(I^!ZmR
z+!n$dqcj3whcPs7Ti}sq{U1Fs33Tbo=LwGB5Zp9THsez{p?lHEFR@9R*RzqElFxZn
z9=_tB?P7bh(4bsAw0g)8Xz?mUdYG&k*sa6I8dvD%BGE>_cqGl(NTeG+o$V4Z4t?rs
zSG1RtsLWs?)O;J)6sdm{kmAdxM~Qf%A|^iFcoAFN*@$?&GKWI8(Eh<$CE|xlB_c#y
zxAw;oW2NQ%p$61k`z-SUCJ#CsRgKn0H?m2Fh@f9c-KCyd`DRB)&4*7mIKImy&yMe-
z8LQYfc7^;hrjHFl3(f}l%==dAB5>DMr2*&!^<lj%l5Ff0HhM?EOA#@HVK0w-hWJOl
zI2|{)P``?uDeJ$ZRvci5RTPqEh2-l3^2`@X?|Xe~hK}IXia#Obi>!sIt5Kx0l(7nF
zFW_F=Db-DC<WD=;VGI5E@7aC$jD=bm+cSuof$17E_Cfo7PG1Go=6!pyi`T>7x;Fcb
z+9&$HhOI3Jz7aS9tB^ivhMZ_4@8FY9lNa#<|H)A2xGae*sSo@PL(CX~r2#uA-knVG
zDr}WZ!KS?wtHaFRKPL_)0;~>M(H6MTsJ$+b&0?sY?82#vg48n9MJQy%FUId$zXGPK
zva+ysMie7Gtm8!UNWqRA2_asc_0|YX*1yT{W9|8IF@qj~P9cy6uD1l)31$Lz3a<~_
z6^~2Ih3eRK)->__D3xMrl<UiM1YFCFB__8#Waf7Z0li-QuO?p|XqDTma5BxL;|#T@
zG@1!ErKTLb&?j`ojOc~WcpbD<C8XvFG=}OQWLv(x=oCn`;_BO}=!|NkO2#7CpEbup
zpG+BuqR<Ecl@$I|q~M%=iHvrYyrrJ(qMlk5<z>i%6E2_<#3_J2^eSmZ-(9S)Wuy|N
zBW%Gf2RG>?NC?1#g8x0B@6WpNKV$rD_h{KfNxj_H`*IWT+}ejhqN$Hmx1VypHDn;;
z#<VBJ>{BPCewo$h>$bKPqWEi5@_ZNi6dlVUs0o!Cn25b5EBr0g@yVV+V%+bwe>J+V
zbNcJ3FtuN=;PjVIzsmm-<D?C+F!eTi5U?lOOEuSV;Ri2L5%gzM5<u*HKRtsuFMwNO
zA%?HHFgx+QU@l2*k@7p^^p#n<7x5m;V)iu8^;-ezEtuv_#%wH|{=Nqac<T7eX^eWl
z(WN~aSc;akGJOD#8;HmolMs?&q`PxwL&_OE)I)fRR)Pzg?qRrsNb+2H>x8`Z_;Z_!
z&F7Dd>QE-Gz;c20m)1~O9_jeVv~1mr@tRoSa2i3JaM(kyD*BQjmB<x@f#Hi$DpO{q
zoqQl#u-<gp<S(;-%IT!I$tRraa#{t|h9U$rK(R-~ap+t7o8$eCV7Anp5rP`tbNH@8
z(0EIXt3T>h+CLX%9McvBXs7qG88?+Lqv_=k3o>5w7J(9jK0BWmXS9F7-*9=)ZdOFV
z0;q6U&B6RRWdUlQwGj~p{XWeK?)1$_6UW-{^3SWdq%=#V*1mkBZBvie)C1j%XFDRm
z)+!waym?mmuFb4Bt1tHHF!C(5R8p~c7i>-465;Bb{0^?x!vXIXizu~>2*+E1Tu)Go
zVI1alI5$y^M>}25=R<CetdwnPW(MfE+pzH@tmUdExtA{-1Zwm~{e1(EEUwy_$@y#n
zw{%>}VJ>v!@sf%NtFaFH*d)(mL4*!Kq}5Y${+>BB1g%bmC-(4X!FgeGkwZRJP6dQ)
zN2%0kT9k;qAwwM0CZD-fhW_jn28hvXVJAjy$r8+D$_;Z>VFyYiOlrMQXuSd^GuCTN
zzm$>x`&5n{*lvS4gujf3&X_xzJCekk1g)LwxX^VEw!Do8F8o+Se_FcLqTUBqM$HSP
zv9VoJv8PSO%P2b4SuO{z5#l1G5HlvmS$FRBMvh|;CZ_@_EUcaX(7)jWokA_WCog!M
z(e}Jto(o(ah0MJa{jQ{cTAuh}<USD7;u^R}VWsc_h;Eu6h;0*>Z`k{@uh}6|^Wh&_
zE$Sy|knRgOBVPXY!xGzB=LHg2!7IHOn)*Z?Z}^Y9B&OQpf6tbCJZLX)-wJTX(DK>+
zHHY(z{8|S4<!#{^m2lw@o6_kzyQE4$`Q@Z0XIyv&mzTiTuyc~)>EG(O2trmk<Zdzz
zXiHD_^(@adzPQ}8kJR27J>U`Sa<()Wz+1t&1N@5H^fcxFf=;owp$5!xiGh%U#3zYc
zM9OIl$vcW&?ow;7zw|vHW&6_AyQ>J%s%u`@P;k80CFx}$25B-ZUtD$F$xLzb0HzVQ
zLOT7L;{5RPy<?W*V>+WJou!XObZwVXC_|Dh>za7(7T)7m{i<w*(mobD%%Ab(H4V4F
zuYlMKlE$PI5$yMyOMp!Lw_m$<5i*sVGgC)n=taeO#kswG7#w@m@1h#snA4hB7s@CL
zX502{`V;1stcD)r5_ZxD=c1iZyh%0P=}EC5;2!=20XGH>ZadJodvL6GOoYC7`kkS7
zBK#{eN2!tn9B(HyxH)!T1usk#7cKP+x#XSk>gUTb6+P`H@M!e%Ug;*Yi_&S-p~;tX
znl$3CR4l^D5uC~_#1BZ=7)@!%7@k*Lr1Erwy$}v+E~dxoXFU{lrx(O=M}VyLbfasI
zwseg1b}`9a)kJ>6X`SM~gLezH{+yp@@}O3lZ=Y$~ajy&M!0*7=7fD0%LQqLvG3}}6
zn{qon8X6-o^FcEta2&sT`YR{(!}lyEh+dH1nz`xtJ$)#*JVbuZ4hhlryh3s>1^tI4
z#-zc_E$*-HoBefq;GlIEqE0xD-P>h#OuO5Lo7bL3Q_1B-3!0LOPtZ&b#Hp0WAD`lB
zsfvFW_tiuQ3o;7g2qHlwMlT6+76yf2?d_vY7yu;$`r=th>AZCH=IEoVhmE_6?CZ&0
z!k_oNepIcstxG{$pBdbN`6OH(Fdw=camaG2sXk8E352c%%y`{IRDXOeu)(dV(QWK1
ztH}me6*VSJkYpsS51VoMki)J*G|70^yw1pfi{trFw(}IvmQ@y<VG)%%9)H65um$TU
z2aM0#`4`8!D|`-5SFA~%VlZ|aK5RiAI8`}Vj823+3r8gVoL4z0ND+@-8i|5sVLeGD
z&p1)W65Q1pGf>N%jgh`f8Bou%Q+4DL@y&&_q@PRMM_`E{K!;H8=81Y+==oUSQG<nt
z;L!E(v*Yq?NOu-Lt(Icv<h@CTM8J;00#F`I407w0Qq`pH%!yu<RN%i|WDi&FpuVtE
z*aC-?d6}ps1B;Bl^3w4DA{7;PJD?w<v(-P>T2~mv`%r%Nr>De*0FZ42s2-1Rgrv&p
zIZ1zhk`J{9L(g~M>iAXMEc6nfiba=ywXOthEdErk!7}~*R7HSuTaA^tZxEIixT%NX
z-n_Vs?kFaJg@u@OF%s{3nX$~g<5nCR4M<LMi&i8WjYt`Aprj>vR-70+ba{Rvps@sk
zSTj`{gFQxlk$*vbD)mr2;g9k-g%%9^vlLNQmxg`1kdV&GHt_Qse7jpn0>H-@BB}9z
zBpn`l3i=Ck1+ukF*HvIw0su!TwQY9N+zLC~r5|4md~Z;Gj`+|)UA*K9RS2#oFnVK@
z6Bh9;5-$|-%!adCP@%-09TNe#XK9)fM6nkl4{c0mf_6NmPoA=`Ri20-TrnJU(||(#
zq8i;jT6*`PeRcCBp6mSKZ>%JUmSss(2qjs2SbHz?FX>{4^+;GJ5-5Iy;tzcjA4$tq
zN_)G-nuJ1p`=!aC+Iv&cpMDbnk+^o?X|)Bp^qd^+JSWOG?>V32F-pNaEw1FWAbmNF
zY}0GiE%VBc`XXFJ-4C2(tPCP}tgM1u^*K%%y#}wk%%EqF*6*R{X0zb^PAjjEy$Okq
z2iL?T6X9>BcEmk_&DBriQ4ZZ1SLvY%smY}&UnkotI5y7B5X?SNPGo|yebYa0rhD6$
zH)T=~uyh&6_fPh+`2p*z_uc$Dd(CdE;aH14HmLY5P&47_h|O^-e3qo_Dh%-Fv2*n4
zP1VA?ycPGeh;F)@%WU?z@pE3m(ZXr8qBv=A|5=EZLFYhW`^dC!Iv6xAd%wwQ`j{S#
zF^vAkq%+)9P~t&3f+%nq_Tvl&is?~i0F}#OyH2(3&wyWs|4JA019&)cgofHJCzbLd
z!60YevRn)tuk+5`?G1kw1;JWffUuYNKg-H^`3ZA;Nt@bq>mD;q2{vkuGS?KjBbibS
zM6F0W7%kv`NUKLevdPH2B^^T^52WCZS~#(<`?FZ?66}+d<9zk-cLMCYu?*?u!@qS8
zw+<mY%`Z(uHP;t>L?<_#aqh$k19Bk~G=4XIAAp%FF5i-1$vxPGQjz(ugRS3L?X%l$
z6oN(wAO8%5&e5tX_BRgQTV@`%`ni+wVHE)Q!hnz?WRUd)J|em}(Kgx!v-r*}M_Gl0
zTvvxkJA-YVoSWO1jyu#^MXRf0>l2=+W^Z+g9}5WY@zo(`B*e{AM`o-hT2{g{<4qhm
zUz9?pKvZWX@z;|BELZ#3m>@biZeHw&oY7mSMr%+t_FUKQW}@STMR{!Y{Mwbh$n>z!
z4b+b(kf~h!yh1InxLam}88mo;k@|-nW7*NKSoXD%Er`ZL7S0Kd0yD+I|F(+dPM<Ua
z7P6}mW;sC0jQ`Ld++rxbH#i{gk|WL#o8@Sy|IW$*V<N!o$OhqY(b~U~N?^oSaI~n0
zd+MgtAlcF8v^O=58C<TR#-ghLX5mz%fX|FSuU77DyN!3o<&u%fz)ihOi%yFj{3Ic}
ziUMd2j3f1BY1o2=zjiqCuIjfbeTU)HvEWq<I?;cUU-g8%c`^l(|86ubG%dek+iEbo
zn}7a0?o^5|cZ@Pu>czR)ni?^%<P2{M!;+j-w@_(w5XP{_yBnJbZtjv&c(hk~0b=8|
z&UmMAGgY(gJRV{L3`<F%g<$89Vk8+z4Kffs5kU4w^SBGVXW!68Ap(m^Jtr)4CG0Fu
z!)UT;$&;$toFK-e^<>qj%Kr$Qb=*aiWm)P&u1eS8GhTaYkk!LPaY|}^s9R~x?ZJe1
zpb{SOgCXosI>~d)NWjRBNUnm+AMoGi_@SGDCJHK7y3Gn}s?$e5ISy?3^9Q_h`&8CD
zL@`P4{JRmS!*ncgQIc7T86DC}VmJ7Qoyv9nC>hQ>nnfHk@+H3wD)1Iqx3^Xv5b@%J
z0d(%c*G4<sX@2&#j7hp0P(7(%zqxP;MkLbO<lf5ybsOsLQ=@Tc8TD8Lp=r#aVEi{Z
zHC^DUdUb@failzoPOe;<RSvLt_jutF6N3igud9Z6O%P<z`s-=gNw77;RvDZ{lydOj
zStnz2={Ch1C}|7~(rG7bUGrWPGr9kL)h>&0Ea3@r)DWk+z?r~kQD+<$=z+_Pl8&WX
zSXdT;Lray^tfPo>hVQHgo_>inSkB!NtJnG7S;E4LVd2|4?>HZi)BE;_@;t!oAFDgT
z{qgN>CVS|oj^XEY-z&Y@q2=EOABIBL!5^2B^wd*&Z*ZiNzpfD(7wAwOMryj_=Ulj$
zxY?0)Wg!)?&dz^6=;9Jw5%1GDnGPb`nm7+;f=*IdE0_RH21IZnKw`uYTU~21J)C@i
zUc@a?^_V?Q;i$9G{dj*%n8N98^@`V5_Jd`2PiC#itIRXhQw=Xy@cU%zbfOWZx#tCo
zqRe_G9{@igH>}oKck*huWb9f>*j@fR`b9-)RW!SVt|_v#zTaWHc6@?JmmBX3e4?Qc
zxigL`?8fStJU+}5a9k&iS7O`Y%KJpOvNZ_KasR71emm`b@je+FtO9(Po@bNXX=u)g
zN+@yqtbU@*26i?tw#m>hJ$jR&vF)pLi5=~ntO9#2c8X2UnKqqLE6H%i^}&ydz60Q^
zo<Po<$p9{9zEC#-&U?lMF;DGKQlhZ~YOnB;Hw`X)xWRonkl?lMYzDJov<HKBUYZ0C
zCRkfRa<7qu06L7-5Hg92^+7m@K^P|p@sLONe14yazCk{hw*R16Fs3IM=o5j|3+VY*
z+urWsSWBH3!hKD$7WdY%Yd7|w#vg5;R69a|r6;Kd%hAg+vaXf5p#oJzMrM8cO-Rth
zdT)<CYYD3ycmk(C{mdS$WKXzC>f7l1#G#pFtis?Fc?FN(a)kIdq_hG-GTd=&JNQ>d
z<_<JZ_2)l_#BsyY-4kRVJX`n|LTlnXP8;C?RaTM;ZJ;&2AY!C(IoGS!3MGrT5|+1K
z!1U7y4Fc3_hw)mID7$FdD|C9!9igJquiazvfBz!qf!wof#|25eaWj#;($5KeQ1*z_
zU!nUzWegJ-OfrvL9sJiD_jlSh%u7~Df`2JBG(={f;qK!fNVVfw$P20(+5VswVuzge
zMEB(H7pmL04(#9+!jid?&`4t#8HBdm(8OIz${t=_j}7778&pRQ=(tu~@UDj`VY58(
zRaK}V0<SwXI@rjc;k^GETwIfQQ4QFeNOSx9fZYiY4k(MO+c(KcFsG0bq{#LxZ3SQ!
znNL>7)O`|)VLlsqS}|-qq++KT%j!V=9Q&R*^+~`kvx(Yk5~P994gZ;gM)7Ebc2CWV
zXog#WnU($%qMWQ9j9hWhNDe9_MrU0#U7kK}547Asn1!|}4nX5BEV}IV|4mY9&5qY|
zZn^+qpxxyfyy@0_c?oK9O};y#J&v|k*5)r4p8P13s6YDPAjG!F$kE1r=?q+zXqKxP
zzg|E0vozI*UaO65a}?kXn7fxD>V6GI5D0fa+SKvmt$ykdP?6dA&EmSS?UdNcv7YsO
z33RLt%po=YOSRY;@b~zGsbDE-ED~`j!x;Aj=TdFt<F1;yZ63>Hhb{q?OTa1)W{=uY
zKwvQrW^GKJTL65FJ-#D7V_3R~(5pT&Q?&7UL9~!AK!#BD6SfR=@7K-%DJ5ZL1H#wl
zv8m-pYO;L%d_aEmEs>KwXUJ8rV9I%nK9D#8S=w`9eOJH>m*CgzljeCB@VWfQ&mVF0
zlFGjj<X~S`_DyoWbm40a+#TKxh&_pKwAc{uPsxR(wc?`kr)iT&$6KOM<}K$}einkU
ziFQ@g!lj~0saJ#<TUDX7!eQQ!wlGpy;dP2j;*Ot*<o*OXKX4NY4YcN9#BQYm=7B4W
zw~1kOXOA=!S_8UBiK&nVA;$Gb=t0sW4jEc3r_=Xp4>O$EQW7H(6(tTuOeD{L4=I+Z
zJV6sOyCf$BZrEvBFh048DFo@X9)dI){dmZ2_zw0$9Nr*pZ+Z|eB=&)C4xTcE^pwY^
zL=JWBoAuG*J+Zki$^`#rZZ6Ua2eRRDB4k&Wgy-#}AaAV}KS6tcj-XB$<&#}>SLMI`
z=!k%k6@+iEG*Kz?=K|PzNPXTx0i>(woG>)SogjTbQ9)vW>`Qo3Qu1<mQkrTD`Ds6c
zWb`=KuO4+s)>wWU(;516ZEDC2_!B^}uBL6pmJr>G8#S0L3aQO-kcXHv0Fx!?*d@>X
z-~--H57sxTw*#Ka|2h7$!hrI*toVNY`y6b{@d&2At2SiMPt#TQCkeM1m_D^&vxu*L
ze@<=3gr|VT9DpCH+h2r|=J$McazUZq)lHLRw%Gdj{qmxsJEySXdKE!x<0|wyT{845
zoaugl6B^CjqtS8)4|7n>Ct&nGk5n||pu!_Rd?YXOuinPFT$g;PfKGW}5mEYmXv>07
zWb5ZHSLHqu*gFX)tSJWK4Zf(dEhgY@Q7wt9&Hy`aTf&jh?(q4gvG+n4+Hkb;yjo9?
zXgw{mCWm#MX;8b=TKCC{@||+_9rg!VZ6J~Q;45Sek0Ga3x}qHcd8W{0d%vV=%#(v8
zfs~BF!?XGVae(yZh&bN>;_R=#tjIQT3IUt{Ihs5PCE_QF&E#SJ&C8>tU(eE?U5HG|
z++S66v?=KQXpI8td-I`ZE@OD8uz7Y^mk0{!)dA1-7Njz;5Yb%RS16xYF3>)UGFHWW
zf|_u3N+q~^ou3Diqi-l2arCgyV2fbPU)d~mrh*DcU>#CvOZuq8M&YpG0;KKJHDT@x
zwX;Z@R!@<>J*glOLQLKutI1^BFg&*Hyi&cjOzbEQQ0S9t1mxI+H!iASnx8}2-Av2$
zfRr$?kX!%;PB0&V%!+1hW@UbS-xa;u>|^3i61}cPlYoG;Zy`EQ>h=<}6=4p}f4);-
z2WG}9!4AwIo;y_|3c+0A&1usg%^2Wf+4GeX&wRsE9o-zV8`vxg8et|LnJuv=%&xQl
zPU~Ha+WYzB(Fj~tP4-8iPT3>;WTe+;-*DLJi-G<6vvT~`GZVTb+%^slmD7gG?A60m
zADhy=<TD@`v6t`N&|(Sf+D92!-zDiGkE?Kdz-Nvuh9D9VA7@hh-NFvSAttfM)jAT2
zUrWiU0HTAKAp;e2&g?XEa!P!4Tuwdct+BIkt^eVMK?#Mj|F{~HoeaTJS)n9r=yQGv
zXr#5;{#L?y%}eZ#8q0F{{5mhR-bQ7r4Li9lK-7E+;}uikdR^|eF4up&IqyfyY8_w0
zi$R$-(^*hE+Ndo$h}H$GVs8K+&1co59m$T2LvNbu+z5E=cc(%=jdykju*vdQY%MUC
zKauh0^Ee4K4l9}u2F;*m7Cbf?SZEkBIE9opc15ury16kqDfj8P`cJkH(A#Q=Tj5av
z59~C9tfZ(==J4s>B_ubRU|r_B`PUO}in9EPPln|}3eq|K<j_ZzuG<wFE^CcFtyVGd
zU*QjupkkFMlqx#GrkH_P7VL?lS%<Qk-&jP4gg5ELaW>%(d44Mtxf3*{{?xTj)5IS8
z*mh&j<KTY1v1)mtaz?Tg<E%65B(>KBek4tfVQ@|MoXM>H(Hp?U7DE&mIxIa^ZZ}xS
zKi}1g*yg)Z-%90B_v}B#aMkYUK|F;I037BWN>HvveOTv7;>83`>TdU+kRX#CQRt-F
z*;@v;&7A2p82l?$Uxn?cS>eWAuIus%#7+7chU(=zy^rxbsM)yXYU|uAc@-c5R2Zs|
z**bkK$l#OZSfAc!c^S`iDcQ6*eEIY#xF5|YW2f2-jl6^8d+lE!?ZOjn&kvt%Odf#>
zar`=ZUmgLpT5B2#yhztCUIGR~GRS;=Lb-w86BY7KC@nhw92Zk)7Gep&o**b&rbP?U
zxsJuLg1YCXr=cqJ5jltLU^t6|fFtYT%_n%B5nB}s%r`Az%?>=#s{&m!D;V|-WmWUM
ziRn*nU6CWz#_)VW5|8TXmi%;b#dd^cBqz(<NnUq#kQ8N3KMzTQm``HY6hn13i=65Z
zhoVt!`j<N9eR;FrWtfM?JcrUJ`s)oj(HFSstzo8Za5;NvlwM+K=^koDz}7@${9Ha&
zL`8@^iV$+(NW5M@Rp&tX;~hP$l4QH$LUQX5wD(+2&F?(_Z)2J~v1O!(FOykOEFnVE
z#Xcy1x^7(#EgL-x%-D`NiX7p1om0uG>AqP_KIvq&WSkv-jW+Dt>m1U2Pn=-JR_;7j
zQbaebB@6CoK+E5@a+Ih5`r@%u_zo9F-!!IfundU_Sz9c|ZhFr%Wtm~XXYqU3!R@1L
zQ7W8A{ceK`JV>LwHc68Ukfv-BKx#^mZCa|i65eMK$Js}L(9<2R5ZJpd?ahhsGI@s&
zJFhDQA2HVNvnDPY<ZJzh&(*^l1l)G6H^0}yy~niuHR+TNmz!mPi8vL)+n<83*w@^~
zq|UFOPi-$tCyXpDJ!n$KWmR>E_yj7ZtmcfLlHK%<9PHU4Ui&~?<gRl5co3QR{g51$
zvFbAbrXEz(FRlo4gl#Wd)nP%xCpb@KJf2Ny%vhL8oN(LZ#Hr*sZ<>BNnRW!TY5d@r
zp;1wX34cQ17ugB?tm(;ccyEyRsJhPfry^|8cu-<}od9H896#7?1!ibC)!{}<w4wP`
zO6z66reIGs$Y{9JFMOPp?9x(KOwdnPodqPbqN9-IH+0SXNiz6QX_W%y84o9}tVlc>
z8|wPQw9FQM5!z@x8_I~WumL&xhNQ@xk*Ug%5I$WqYUc@9{H5csvDPxsFge^TwD8A@
za@GctKTDsX*no%;JBzMzb^PB&!aTfpl2txO!$XJ@?wT3vH0bykPqRM;2#*Vn!;`rK
z>?0$T$4bSoyU<;<^2ZRBXsy2B&ZR=tB*3|TmZnJj2I6h0s4g=2?#*l9NzY3JVI^u7
zV1yG~r8wYedVA5r^l`nR6rG@twRYzZRP?~|(Zt*hE5A&ikP@wb$rpyBjq#?6l=1d#
zyWoasQHMR<)?()QlB|nete{C51k!42_bw}{Q2UX0xRXcTyr2Ur+i_k{b|Sd&;Ll*|
zsOl|k{AM1l1ybE1E3LuMbU1;m6k%f#YSP&wg%j`xx~%dHoa}#i+2`i8uO`Y|3%^@<
z?_XqoM2$=+u_7+}Ulj`-ORapb^D1N31(V|5!!K~^wbbfmgkyjg*ozi3<w7g8_gBRj
z3sM^L2BuqXfM>x776&H7v(EE>AsqlU@|x?Y(6{hI1(BbjJet_sP$yL+T}6&uK41dM
zAajry^cDY=vC3AkZPn0+nlDGY=Dt@T%x=D*M!oYRu<(#SW~vN!uZ?{O)u1AOi60P+
z#kpB0#dOssRP3hStCKp1WD1vsINZQ{uNryMuaZD?n<4dOajh28b#?-GQ|iY%QMky-
zK4kPbxk;wVr!2^m)*wHqsiI%f3eT_tg>Yt2A&X~Gqwkx^;&q)%>n^&|OOJC>!(dyY
zpss{&^_$zVE5?t&Iq1;1HWe@7f7P`o_l(WB+NvRjWWMe*Vn6d)TOS(N!KkK}x6>aC
z#OUWIgB8Bkm56G?L>1BYcr3<fqp+=M4xwx$&kmHc_yg|h0EzXXA0vz(FknI87uH4`
zKJ<-r^P_oQ0QKicSH?30EynU3f_LW;w+^s#lYJigy3!2XI^=e?EQlLyvm)56k$UKX
zU#f-Hb96<plC@G#5W{wvF<NQ7Rwd57yJf8wifp4?xdVjS!&Ryl4hCPC;mjs}m`?tA
zxx7$hdDz*ESQY|A{lLhH0`&q#>&<w}@m3l|(({fK{pH1*1!vvx-OP-~tPFHzgZx+P
zmu@;;m8kzIt}BP1bNx;?`-(@PmoJj6AI-(cU|e_JY5_CxcZAamJ4TW4I~QPZjt-hv
zb*AxKXNN<d{%&*w#kcq#T47H{AskPn!zTNXbCly+1r&m1&T?#V-f{^@|C1p>-ylqQ
znXG|&pT^jq{<iraH>WL%6!V@6(o5C7P)S|Zs!{z2us^6XX2YIQZo*!eZuRk5Ywiz0
z2{M|t(Oy-^dx}g^R7S11t~JiS5!w^-D^7yXBc<_afRhrE!KrOlws7x}VIhzewxo0b
zHZFUrCZN8|B0aa<Nd62+YbSjM;Zn*1BlFB#gnQ6XtHwXb4{v%*Ib=~X)Ia8RS~H$~
z%&mV7RG(Q!x>ua9%AzFv{e*1B8@i6bvN^P#D?n7t5@)p1_gN|$ONt`mJH$H(dVv$2
zhD47zOJq~vctWf!jF+eYV$-k&3+(@0#?@4LCYkX^MG`L^IP0%DDrhK6W`f+Tq66jJ
z{fUeEl91xiz(@6$O+skx?ZtsyD_gjo6kTx%w4atl$E%7S#*5~X>xE)sRAzM*Fv9v7
zFU^o&+t(0A@YQGZ>UpL5jKFwS2}^92T;!X<SGe9~$#WPRcFNalqib2ga<~NwUUO?T
z`c`GjO*q0H;4_TBXb9>8#Cct0i<81G5S{&x8yO{&bN{6&9WEujz~ci@0B#bEf%Be>
zqFbJ){hK{U%UC$?8132ogQy2r3z~CMuCf_TRkb-wfPE33<!{IufxN$+xoetO`WX9{
zzi_-`i59k}3pLgb{lWK^2y}8mmn&s;jB;7eQ7BAvK-;y&F#NySp^&7Fo5mQA=80{t
zVy_>ugd_KEcNYI1b#&b@{}M$6L4w{2vv7X~A<sGrgieRdnIWR1MKX|T%qyp50kh^F
z${yJj8w7eQNCna>Ku_3p-I<ftE_kW<Q;HGl<=!PQJwpPcDFuL=CkP^_CPgzlp)C?V
zV@m@0x@7KNZ}n3HG*CGBBf36|E#((5EhXL(afl%#8MU5u${6SN%*MElh1s3D)B5ef
ze(~<<|3MFK+A?gnYcY=Px_2*3ik;*3?3Oz2zq(-@hx(g~`MsNKYU(1LQw#1KH>-!0
zmWe<C1{(ka*gBqC_#Pv<$P*>0DSl8s+cyuS3_f|3D#xhhqW-BN|1&PR&<r@I0soI5
z(GS)?K9GaFdZN1^nMNiv^V}6<{Pr$Mm*su_E$-6q@yz8u>*5(;QZ(<JlpI=tLtO;1
zU3)Apep+ZOEwn%y<_<_9y~7~orQ~Onf%`qkGOz+f4N=T4u^=(r%2V(<woWCk74VPQ
zuBDOQ1&)TDqRyb1{2$3rOxyY3@Z7hDB%h3`rDd3HP1(PQ?{s}Lb$Wrdg8p$CqR4jn
zZxJ7O@yDggd=vkkG%SUw(*3Qzt^E@%JY=O}hZ}|6QB{y03~lq+jgGy_GB9rsKe_3+
zQ@IgNpY;#mcjq1Bk)w-%g)Jwxx&_7{q1EV_h}JSGZwy_wZmzR4X>-|=%Pi|@yOp;5
zGqzzjZQQw)FclnX4`+OaEu4N{hBobC)UlVUrXHdS$J}2-)Tr*>f1J4{OV}3|7tU0R
zPb%i&k$8;bMh9KVQSA}9D%p?N!f}&pJNL6*270rKX?a67eA7)dQndY~5MUw3PEwf(
zrC7Z_KpY+hQ>y)kT418)Z%2K`=mE@L1W-YfAoHBpo~XBb9bYJW)@#X^2(iFwmlB*g
z89h??WahoL?Henoq^OD|IX@(G1PV4X^M%kGtY&XRIJA5s7&{MacO$blc0o>nB1%0i
zrjQmDViUp%R`Z<-7B55{Kr~KwUVA9HWw{8|XmXk!M`5_iE?7fR$zmHU#>@x3Hm;9d
zAmwr#R0(8FSPcl$k3?akVU9R(v3uJhxky#hry(lJz}Wwmv6EG!Y%M20njWYeZCl_O
zZqpDyh??)4r%YhXFhJ#MJZdnBj)0n8$90*6BxFZ+A|xVK+!c8PO9l>j^PS3m^54+G
zuM0sPy7yXp{CkPwT+_QU>puMW^ZDap_K|}<?>Tpc`>FZK)9dY_=?NA0iwR|#IQ>*4
zWKrEYSkQahg4m@*=&?tbes#~K#2y)MQgxLLK+!8c+8KTWynCQ4jy@-3c+<#hFL+cr
zT^@gq-)gyluzDGwwM_=5dqtrDus5*yGpj_fcUM+Z9rm{>`X2qD%$7dc5Bdz1lJ8a%
zowi!*HB3kdh3yudS1=|4^U={9>(XY|1b?@J92mbuQG8e;?2X3O3~(rnqDYAIME+{4
zN1OIA0X5jN7l-U&YwrJwwfq*fvmEsy>cO5j>%S-9&WqFwq{>~Ty+5g6dKuld+VR?H
zR}>RQFh=<ZP)13yIRbBT=z+~#Y)tkTkI&v3Lmh#)ht|JJpOagg6EEE!MVO;yb7=j&
zYgALzQq7x*WQgdfSdd{bRyKVe+Mf$NoY1-W@f5j~e|}fK4zP3)EWE*X-nCCLzk4kj
zh}Se8Z<9~}8hv4-#m3VWgmlt4E!L~Ob^Mei99rbuk*T4X7#rs-{F^!%BO6quUUeZt
z-$_FqEI1FfmXG^)&`$RT7shRc_F7+x5mze;iK5G7aIwX}H`v5?7U%Eab3)b@SE~5n
zqm<1G?%z`N!pdU5Uj>}4SeT9Y+#K(0)ihS&f+bAQKs8=TOa}P3>ujB%$i7k@0O69p
zdpifE(?g`j(+0@?&Mu4{bPRae3mQS$|5jAE_gWMV()>n+DwwZXAUC=X_ZK%nx_V6D
z2674L0Bf*YrM<Yy3~YW67_q&sbjtj$k@fxG(7wC4py_2x*u<TYX|63SW(}Yu=BugB
zeKJBbkWFo4)+mPqS_*}Ak3Isl3`!wXv%c7j`ik#98co8#E1=j{zY2G`Dr4N3+X*sY
zr#4}q;$pL*BhGd={e(=TUGk|6_Taa8aIdEN4ydST`t(-@BoG1@&7qv$HROy&j3zP_
z#wC7D(pD)JFik1yvljB}sGnlJkv%Jhh#jN?w9qQDC&;r7EzZI98L-QgH~NP8Q;+tV
ziN@g)FLD@qs5r8n8wHXGTqbntT_tI`iGV^ovP&D*T)RK;U%f%M>0#VZ@9;Ho_w-VR
zlg~ts@p^?tFRSv*Fp8Fkqb-H#pS%$oNXd|~%e02DbJs8yJdfm|nYzj-p?irib8LW{
z&h(o5QB>2OUeU1<%H9pUG2v=>%A%Rv8mwrs8iT_Nt;jOOn%w>Yvn!J}5dsd4%Y`1v
zw-()j(MTI0a}0?2HtFHNTxXYtmM^KccOKCR0n#XsFAX8ZCu*Ct-+Ay4GX>JM2?V@;
z9&39HwxQt*B=jrp+Zw@ByZ#>b+XH&HcErRh&&&EK$ray4E4>*oPlAwW__O+N6O%@e
z7MMyv)939{hH$Qu_Q(SBn;44B3kr6oIe1v*<xZ_Zb>xX2Z0+pdW2q-xDj7>q)v#p$
z`F&=@Y%<;#edy#{V^pDFRm>l0#-F8v@>$>{na%xp{aNpa&APnPOagJjGXo)c7eO71
zF!U!=tP^RW4JkjlcW({+nTkzQFa><SQnPMyvnF=O1nXgZYdZ=Z|8X1ZLBd){81ePb
z;!{4t1jER|OPH>*UCZ`Oq3Q7R3|;YR9>q%V72paD7k0?YkQXk04dsB-X4777JV6S-
zNB(op_n{a|<>9IL$%UXaNc|=65TE=fH9YlC))wFVEm765)i;<iV`awjb}%M^I0TS_
zkSsKbYUqszj*mCPtqPL!=o8_FzkxbS&P<cllqG`nJz<bNaKzyTlDE6^|9E@rxG10K
ze^kLjL=>c@yBn00?viflT)OM|h>CPbvxJ0zq;xDLC?T=H60)!$C9!lZu*7}v{`b4D
zdtdkUy5IZzXJ7B<?97>S&YYQN=FB`ZoXf^p=eDG0Jb2wdSlMm(Rbto@9!ejyXYwZx
z_#dA}xWv0>bHtH1eIJkHf1yGNDSrhNJ!K5OygE2e<?&Cn88--gC83l8)tT#6;-7QU
zc?5oh6XT?4{0c`EUm2$UAWm0NB28ZBnRoYGhTjG(=vj}j62B&iXzc78&mQt@CO7hA
z7e@t*Tb{8csm|l-X-=tqaL3E=R-^b@=9^8AD)`Z}167jz!=?|6o~|*N>AWYvm_*A9
zMoocNd?g>`Ml&6(o_!4LSI&A*(P{Z{&M9{JzZCvM8_|Ocu9_EdK`(v?e*|r%E;Plb
z$G1Q6nfMN|mNQO`^`IsX_ih|p3C(TE5R;3lT+)P}sW9kA1(_^idIoWp-{8>e2~y=u
z>2!!*1C`Oj{I*Y-Xz1d>pLINT0LM+Mj_X~Ma^2`=4JD?chB9ULO}?a3MQ`gvd0Bpe
zv&R#9XQuvyiv<fvOc*)O$nYEbzCNotCr@%8`{PoLKkT3K7I>NxWAROM?*#sFc-khP
z^+6+{r`aK{=QG$?XJ0PyP3hBhN09aiKA4@I4!xT>Pti>A9ung7Gl$e%25>OYLf)aF
z0#97w>0~OQ+4q)?r9ZR(OF=b!Rz+j(38yrdX(1qO^p-c&W+B)NUN??SE9WG9JYi^f
zpFsL^!(ic*hLYCXC*M45Oeoiwq6MV-Q>hK^r2nMhd__KPmpp=~XASUi+&^5uYhmZj
zu*Z9ZUDQ%sekZ+C|A$b_n+M>KN_jef6DCb4E5@kO@8uRGxiBaJkbdY5C+sM{56sow
z1GL@VHQcu0Ynpo9LBl7>aI#Jl$x?EkSUgeJOs_zdt*F`X`0cFI?d}3WiqPSG9a?{r
ziTgP%YzPU=#edCs&#0r!+>*?B8LTL5ji2aB3md+}NJ?%l=Lm1U^P&Pc-m$%t5pc}u
zu)L>Jdos)Gb!Bt8?S{bwoB+pr0WN>WW)?m=>q~CYW>cf)YjVDIKPlB4b<;U*&$|}K
z1?HfyRJLl-8Zi&@1>v7EcYo6OGc5_d)x1aF`ByignVp~@+s^7q20tX1=IOx*<x|-f
zf;4kemiR;GfktwVDY16oCqOO+dr{(am$@%JQK_RU)4R_=gD|OBygy<}ybnJcdz?GC
zdN{S?Y(H(xYo*o7(-<yJ#4AhYP}|NncIzyMR6y3@v4cfM(A@8Pw;$A`+c6z~N<8H!
zkek-18_(WA2M6`{i@WqcSQRk}<G;7}JGpXNns0!bj9GS|xd$o@1Ol5DnLK*>8gJc+
z(Ox3KI>((GhOC0)rUP7#p?Q@Xq=92f(^e_N`?s0gO>W`kykzfTderv*heFmN)P%<*
zoXnOqxL#dQ)Z^<J!7l`^^1LywGF#L4+NgV;w!MDtF)`@d#Ei93nk8bdJOYb4=_F?K
z9$u@YV^3(|NPWp=pt%0)oiHsI<?keu9*vrs`1dl&|I3+mmse7H6n8!HjixX*K0z!H
zQJ}d#bn%VwGV$l!8<szJ_O4aED3il`Dbx`Cg;g&%S2lE5cPn&Q!Nx-&T>OV`L!QAp
z`crPWZ69Wtytqo3dw?c~(WfT1b)g!l%w8)$zD=Kknvc@$1jr~3roKfOcuNglnD=}5
z2$VK-&Wwi`dYaRjeBW!+%3q*3rMmdDFT>+*l8B%4@;I4}!%=lf0;6(kubnAYU@6dw
zDD}24quS%llKU-fb@y68Z#}+c!?(-vmLeHmb)O4o?3Tpm<N8hV$TJkFm`QZ`@6DP}
znbDY(jh{nLk^qSoDl)M9VJi9XZ8Wp4fQ?*(4et~A-2GnjStc))G_3K?y_B*3CFCYO
z*KP$p7pP#85HGlCZTg<|`m$q^l5SU&sm|%wGoBFaQIXqi4DXfoY{Ox;q^n;-MvX$D
zja+PHqTtX_E)Bb!%Dw)hdSwbR?`O3|%3rnE-c6{A0#-}}7m>DgzZ0Ul9u1DhGVdKJ
zXZlYmQ~ZK_Q@43E@8NxnZ;>VyWpX=1Z??a(Hm<j+xyNIIf;)KY^)C`YeoygPX%9H#
zpRaEQ8B-32ED#Fdz#EwQ&+zhERb*=WeQl;={xnQ+1qICwiMz}_0{!ra?;frKA!GV5
z?tOfK?pN^!>F;`lEn>ywXC1=da@~yjie&QTaaV#(m>%UAD^Na=*pRhkCCtkF!Za|)
zr&)TRx7Ge^iqUG`n9&OKw1c>l*OV*^B3?W*hUgFa9b?tsqhQemz4ELnAHny?{q{B|
z8D1ZIlIL`LIQV2N33)5GuW5M)8F=v)Z%?rSZXGm72XM+Guw{~nrhIoP{XJ%R_6PaO
zZ@lpKuT|(b>)QXOk|q4DUV9tSh?c@#?w#n%ve+_8;AJF^hKJY5Ea9xLG()34{r-T+
zBb}6WFyOtullw;HiC0UJXVRy(eiYj;{D8N@_$4%xvgx9lFNWvbkh%Mjjs?b=drP_E
zz-}j<%<YsXJQ^M&jN_4s$0hM#MOLJ-rE9>R2egDcyU&az0d)Z}wuztBgdZ%Pj;2U+
z3w;>Bd$;YnF8kT2WE6Pt;S{mMMV|KD@P{S0%o>K;U35PCbwxfqzG(TAf);fV`X3Ku
z9>98<?;bG<M0p2tguWr8Z8qn6&hr+d511Bp96#@Hosqj9z)tb$qy4K0!b-;W<&CL|
zLP8P;^GH`@9Zq7x6}i+^p03SJyiQ2s@-`<T(|P{o*{?1N@wEf-OrBK-0x#oc<1f#L
zlWJ97DxOyI>a4^i{V~?%uQRI7-InLQYu+5waLWXR$Wy;QJltds-YBJcJaVxaa|<A&
zOE6g9dS^Sww!|u$+O2Xg^0c0uLQIf=h;*EZ>C2i7FR|Nr9n)YW`mBzrWN|1?tu7MH
zFK}JKF97NnS(udZ(^S5Z|KXY5t>dky6r$?P;t_hndQ)7s>kads7~c}U>I<zhhJYA`
z-~7=NqKYK~sG7awnY->L+7EMP2ms>0f&ttb`TaG9e4hjsm<#H4i4ew#nU-pyl5DGa
z!fbYn_9PNQ^WhI^6s`8m36fvz8qNfDj{g~-z5LWbs&7?Wdbp6i)>&qkbO^n~e`Uih
zuO;|Vt*2J&`8;KDj+>Siq3dGs8#1)hTW%lwO&Js4tfcUJ{Qj}a?`<s-iKm_7mY9ax
zKSiXK;7Wc2%lmdyo{P{*c(gF(VE0cXUsT=vZqO>_+#5S{=zp9-&TMKs0<Q==2nO>x
z?)uX{H+eR9HKjf!Z$L}*pW6tv(cIy6GptDpS%9BY^?>nQk>X^y>LFsuYJDi(A_<oo
zK=1QiSM2kFrsMcbPp3!1_wXGDIm=6rc&c*lCzgGrp>;)p?)hg;5qQNhdmA&3r%es`
zd-bK1V%}+jW11her+HNpS@2X4bPOs_6@)Yk7_y8*Y$VJ6<_VYCgOa}y>V5a{+sjz{
z{<bii+>w^Db(FJtjQVbtCwiXCV!IzObxRbjwZ5&OxOPDvFsya&Rg6=FCHJqh(@k-P
zQX3rG)25o3&H7uQ1H>IXdlkn-&=Y<~u#`CCKKlTI>6c)&ha~>Q*fg%~l`*a@shfe$
z&;IMSEXIOp9iwW`h_4Z5%eUf!f9boaH$P&gqzgfG+pQ0!$Vz8L%Dmiv679$b$b$Q=
z*On&WOI#n7tP1z;1~qfNaA_Xu9%cz)d&v>P_LF|@v*j(FCCryY+FPUNt*c6hcOM{s
zEvg0htz#de@!%a<1Y0HsgaOaO9E@<nd<vQTk{%V`9T?5je-z$D%!9{3>XiiE9-!?g
zzumeQ?n0^}sZ5$JtbAh}mDuM1nTn8D#CdM9N~@viV)zMO&MAxPJf$b`r*oUTuiRhs
z#`t#J&u{_mZJYKGu>_Z}IV7VLqV7F7tEYP|R`*cmNx+W}7alu#X}L<a{+nFyM9u0F
z(K5|{Dr8=ORhn3+^Nq2dgkhiUCC~oU8**u^+POA2XKU))7iang+lD${0qX|u4X!FT
z<Pd*=@qdeDx0xAU2L|;&Vy2)=M#$Q)4{_MP`V&gFg!hai;FJmTkW|pPWq~U>s2{Xa
zKWHV6WJfxe4E2H)(&`E20Jo;2N~?~I2!C~J3RR(3{UvvYK|6$mce(K5y_RM!P$Kq;
z;%TS**k^GgWgRFbAox#A`fpaUZqc9Vm*NuX=$<E@`KiUL`TZA@pStZB^iej>k8i?d
zZKj-h#^5-?0q2<>;}hy5HFB=~(_5x|++7hP6$J!$=B-*1@8PM~t0)?o{ov}y4TuoN
z|4Q=)e}wW)ok!h6c1j*9mZB1+*;u9#vR=R{tV>iFW}*Yk;Xe5^JJj$@;Ut*xw)HPv
zo^-V3L2{00Y~;$ucm5RH|CBZH!2nvhA%MeMK4-;EE|htolF6cyeebD6MV7*A!uY!m
z1o2>Jr*Lpxy^U&J5vg)Tb$(KUDXG!OeS5;WvkBRii7Eomlt4!|24^2en0}h%Ffee?
z*C_@r<6i;x23Bc&w^x4hiYU-CB;xD73gKs*DlnK9P@&mP(GXGT48!sRiI%APCTKYn
zn=>^2NNAY2W2m|ty<<KZVzS+Yy*N3Lq8ER<yx-U0n0(h-0-jsINNcbc)8=PFZpq5u
zd(=9YYA(Xho1+=y>8O<%gVYslAC6AS(ir^lVinL2Z8>)eKIRX#0GeCRKCpS0UFM&a
z3Sh$rrZ*}BGTN(}poHba8lKSUC$%o(Y&b!p6Z>KBjGB}?`(V2D12~ttYno$8lgKFF
z4LhW-NOfykRDE~`1D;{IneJyd2bO#}|6gVkIawPJgHAQL$<s?sQ~l(qIF?zOtjA^5
zPk;|K7A(*FTEE(k2&S(0qg%JocUEjF(A_U`u2vMHtHx_mO}-?YJ{ly{VD<*D5-)Bt
z{-6`%nAu%ST}%c9VOO2C^*$)a`PRb!cxEt9Z5VjX|2L}<+@v)U`1!0OTow2aTl4-v
z4h2DUY6AYJ#XyqV$Lz@bCcb<G;*!-n7r2&JN*hO-Sm)4PXj{|y<g@#1WeJsU;XhK}
zoOpc68mw~-miaPg{O_R8FDORra(~yx&dCy9KR9e)c{E_^JrWIDkYph-s}!A<9G9@`
zFKZmemWS}LTq9>UrFM}t(+t$fE=eMp(*=_7fC5Hz@sRLc^|8_rzTV%hks>SrcM$5V
zYTM<Zx{Ify#7qpO7FapXNl4|v`WLIRk`TJgGbybTf#0eJJ{){-9$I{z<KX-L3SY0U
z*7E#V8;PoRlS#tO#X1Au&kw%0*78r<3gjW8Zkg)fWz+W2m@jsaWhmewdjScB&67RL
zFxVPZs3r4FvJZmla~=Df;0pt^P8_1hqe<xl>lG9{uxUNLyz}~qag5#Nx=H?JkCfM^
z!3i}jDe=EEmyJF$ot5qpZzBZ~FrPqA`y~NaD`2D|)2ouw7SdT|%Gmf|lG;M*Ohsvv
z)lg*@WEn*rq;gVVF|O`j_bdDG(-rz>#y1O%`XNPaqLqN2X<fNumTMp!rQy?tN094w
z{QIziM$8KpQI^CJRpnOJt(<xbR;f2O<$`MDkIrNVtUekfw3ki_B4#V@tyR!e$sh%U
zGqL|^HJB3&pHOdZS*>F~igmKXfUSf}NjLjnCff^zXR~3YT;G&fKS6WmyWb0FVf?oO
zuO3ssOc&ON5ZPHg-~eKMMM9gzO@C_}h$&liWoJ4)zN8M;0USU_vm5{WF8b+$K1SvC
z)}cln&WZcL1l->yxpf+017Iw#qcJP{Q;#9Fuj1B>#eG(KqHU7M;>Lr$wqu^e@l0u^
z_r|OU7di<)t^^sn+%Oa#{~I&eA4L8PgI+zh3tH=7X$6=<V`o>yYyPTNB)AXxPCBTc
zHIy6r!&1RpIjD*5U!3%99TF6o2Hjy}SX?HcN7}x94;OsD-v5z#n4y}Lq<G|RQF$Yp
z3=C*xwPg!&FXq$R@;W~l25(BSLWb15Hzw>;&N$*{UF@s7x>m)b-NhSY!DkA|WtCTw
zs_-KXqyRYJcp*=zQV+F}$lt$L^h=%a2qo!*b+jBodGQc`W0)nzaB~RM8;wcuR&}5+
zch4<>0PN&!lXO=ZqR|Br+c4n9>Xs^^h>5Dkw&LbXTyWOD(b{#8EiR!_JCU%7iVrb*
zz<q$!4eC_XFY<RW_hG3(k7TwT32`IxYixM|XRaGzb+h8!VJ$5{3&qa@Lp7uZ<Y|su
z`>)|^62a+Z6eFlLIovw|)LM9ifmig4e{p5>ruMEtTFtL=jbv*dIZVI#ge2I-XvWr`
z#gebhzHNWGKajWM#5!a)x3uGi*gA1NSwNRvTQ3M49$};6TTUF41Gifa=NJI711plc
zQJK|;`jf4tMaGy_-r3h193#yNZtJ8iF|7(W%`rhZ4>9iwyE}F6!zw;Q-7zknYDXdh
zg&t4BCWL1uWrA}?=QhF;#NoU7jH2c|Uywoy7RaHN0tB{7t-4c{!v?9knmX(>OmIo#
zuhV(s3Bxsiy|cu>pwK{zpLixUOPCgM+oc(=*2OEIa$c`DUY<e*zhmP?>AMgRYX96y
zIVCABC|Tg$I=(Uuq^^tM5p3qbzEN9~mCsksw9kBEDiiEp|EoC5zU44GY-g0QW5xQ@
zFVS%^=+G?>V%4P;91=99^#J(2#YuF165cn72^lVsz&|=+NdbaeDON@V-+{KZJ7%c%
zBQ36+WvD{euKN$HYIwQ*?fOEMC9_jtKYG)MzZ{oZT&-?zI+ffR<8^NjRJ${n)kc{j
z4)_F~%my2}hn-)zHJn@TfvCWJa2Y}aR@~o_x<HWm&qD@Ytzx+ES~S}i?sIDQz#db5
zjk;PY04cFkAVRpktpQzlP#DbFk>hwWy;Iyu0UiJ>U)Ztta*Q0}?QeN3K0)MUo4zmR
z{<L+sv1zs(=GK6Hv(~L+{EpV^;PUEpXGdvuI}Lj5eCg57t2-as+&&+&d0=8IwQ@KC
zUnYILBsV?_eX_nW0@l)5KBLQW*;K1<mev#yWi@VE^T4<2j&VyOVJW&H%fj17ZVj~Q
zS$_NQgA`%tGdAHsmOH<YZI?cXHZ9AYa=@=#OGUn%h4n~Uc@Gi)2@8znd6V}aA~tt)
zvlPNU7l_Z7=WCEg?nqQe#G6r+{7TgO%dz`#Sz`z~Wvzn^+D_52`)c3uL$12ld;%y3
zi;0W}i=l3?W0CJeu2ed~eNG(fij3#6LcV4wSGVXMeBSEke~V0=7|ur9;Ad-6#dxds
z!I;&}M&!Ih;#n=gDn&|t?bT3u@OCcy)yloA5MP9u^buA7u@KsioeB0OY-*S6NXx8E
zX!5w}x253S`HY5TWi~voUIRiLU&TWAzLY}CxP4I0?yw-#kgcts93g0d9#Ax8s4z4|
z#6^f1V&dX#sd%yZ*R3gU-NThj!&OwH3Z5Z-EM8ax<2|t-k-1d&=!5cuLxS%)4!xsE
z4P(7)Z42fu(C#0aB>WW`V-t4u)*NHQLwCF#dz)jj`0JY}+G_y&<RF{4;-lW#Bd=LF
z_ioiZ>RI8|(WN{sF^3pR!E>#J&BxZVaU+Mh#rE|wG3DBlw@Z1<s8E?uoI91EdHx`w
z`7=O=?8AvjB?FQx?@hZZZ=&mVBW;!2co)ovZMnPPQvE?pV_-|m8RnWq{_MJ0i@3c+
zWofyjIgi4gaTf^v1m_VQymGs*xUg4uUOy%g+J#UeYei}B=Oz9<WAYZAa~t<Km9iWo
zW4Y8f+pHgGo45=tCZK*9K&zi)k<7uGA(-zHqn*}TiZl{+;V+9vn4&I5>-WioA&%~X
zuS-6p$ES#)9aJ|fh6xR6t9JZzk9t0el~9{hcfjT+CV}J4pNRIN4SRzl-|8)i<a+tw
zKBy>Y#O)l1`OzeswN_uUS!?cm=})F)H5RNVjdpDM=dpdqLax~Sz-3<N`O$g%dL=YB
z^;gL$xZB`v3Qoz$X4~M|2Y*D5xt>Lv8ANpYCCcxr0`t+s503yQQPKt;(<lWCS3U?3
z|0rS%&<z}JJs0ybY#jR_61sUQmfvhLtzb7*<M=MM!ONn0_~;5xy59RjVf#4}96CFB
z7BMmpoNxSW2G7r0|HJc<vHG1TJB=ZDeyv4lbLD|wZio$b{7ooow1W<{eqbNuzN5KS
zB{J);fBuK|Q|q?mKF?SB;YYRMGh~+mmjB9MJPe^0^EwYI!ITW9X{LEN4Kj$hq&_Jv
zGjn<OJ`<80wvIlHITr)H1+UJ&Pc>s!=pytNG9-Af)qAP&BP37BMw%UU^1XQ$qK<7o
zV`hc_y8GQr<(nJSzRW+=pwbN2C)E%Y^*o^|1oV9`3HU)iqyO0j#I&ry)mJ|Q;Ls2*
zPwY6u`$GBEgjzPk;`V{uV4vm00qFbvNy6d=@yR@+Lt}MOy_d5oZ7SXt1<sRsuAK`I
z!JT~8&>iU$@hKXA)p@DbBL5zQ<8m$<LyQqjeVi;}@_G93Ih~l-v#*pS(+YZ38p-49
zF=9UYNmt7xhE0_Z-4v_k?)O^)6SoW6hu2fHUVglscc($UDwrVN`aA<2R=nsd&(_;R
zPj*-zET82n33W=E9j16f*LMRrBSnlqcN|vGi5)CDY9<j%Gaa7^5l?CuA3447B7JOA
zq7{YBCt2ZjzB@K=KcQrv^K(=DJ6RU(@vM+>#pdwN-5l$h!EgJ=o3M{<z-Y>R@@&uA
zMHLL5cK`>l?o~T9{<;3!*Js&mhXI^m6@4B$tauI<^+O{GF3u$2_34c{wm_>XsSc9S
zvU@r@uutae1-kmLqT(TIyIPvR{GonZPN5d4kT%tTs|<4c>aoc+prz$%!sW;<VGHX_
z`LWjXQsT4Hxp?vPGLS<Dz9cN*-r?X&qEJ*pibyA;b%beGc8qng|K$sH(YkLheZnsk
zz+|(r7GGt+_z~-G*^1#)nLgvQo#7(?_UPSKv~P_lOR$a8u?OrtKz}<K&p`*{KHt7P
z6Q=oCVthfEeg*+y1;DtIlGO82_5+pZ?sb!B)%*JITTOtq<Y#AeKZ|U8M*SX=HRL$D
zBR+i@CRIzrbTNxdbLg^OT`tbf%Z*x*?iE<tY%X+S<+rgt_E<yL^ug~Tr9`et7|wQa
z9s{JUMa81Ta%6nSi!t35M)JTCGhIDjs%WY2>La|2ll4lJ5xqLirJnM^(5IZjA*3<K
zcLpP`k5IsKZ%i`nLN=`ZM_{E-Q-+q1pQ=6`((&!Dk-A9GB!UtOQVu%g1A*7=4;Avb
z?DK>IOzh-h*vuvvK))%CWw8l1nWV{n{YDkK{(%F+@NUk$N_i$P(dhE1UjFRZ8PkZ)
zESa&KMDL#X<qd9sj_DK1G-Xi{IWJ<;YKrU*1W2D!pLvv(^xtQT4tZY?sj4^T5If^Q
zk(;(M$^aT960F%z+28!)6IY64<e5~Ev06M1zQ|4@L#U;D?tt*Hp#M*fdt~3j*^eC5
zH;;U1*|OJg$C3yg0-{6K3;4`aMSYdc!3_~7#t|jHVn=Vg6+&-nQu8YrVt2s2eGV9g
zMM`M#0glkzT4{r6LrACdRfb@I^x^FEPGEY%t8wDy`opNeKO0w?FW?LLjI{CF&jL3D
zWYmUISz|fRC%Cb9x)B0Y=i-Y6SC6+LiuMx=Uw3xGP_AG%fpTO{HYAQqN3PVrYmzhS
zkepKudpS=lu>-+K6B^FWFNdA;0isaCP(K&@V8m@!pMX|(;*moLX!gl{23|cD>LBxp
z4wo1y(LpKhz52%=J2aY0-Q|LzWArYK${$&cMCvtgR=#&Mh?EqR!F<DBV^e$ELYH^a
z<#^Hxr0;iJek-H#@?5~mDHdKBHPM~`9kXO++h5P~P<~r)0clUI<h*47k(1+*TL%vC
zDw4<ot!n$#k`>z1s@4$=TgkXuXz%r{_c3DPVCNTFYaeqI82(jm_Oq0<4`$apFzRx4
zFOiO|lZ8+;?QU?!Ga?lAE^?FwU(Y|+<%XXRSs;X81LqJYj$dPp)p;P$WYZbhfG0Q2
zVm8qLc5kKe!dO!vV&d{O&Db1XiH9S!hdmp9J=KW=4Y}tky=<zFYh+#iUmuJMd>w`6
ztksSt5e|+kSUesYfEPt-IK)V?4@#kq>N_HM)S62NWkI`;xir4AWc|%qKMe2Ga1!~=
z9(G)V7Od8rF6Z^TzQ%Ig-@rIEVqj9&Qac<AOmFCAC4hNxaIExTUt;$?I8*TAIf%9z
zv9IB=o-M{$XpYpvc_i6?yg1TaQfMbe&elJ1stcqaFD8~Pg3ws{NSmRG*yo|pp0jM3
zDD8t!g`r-MF_uGQ^qMg>I31JqPD;NbvV1Rq^%}3fq%K2fxVSj_{)jQ52F(env42+}
zc;66+RgOL0)5F>ih$w<*Njm7e9f)%~tOt7Pngg44S4U9tL!w1D{AGF7{9V@GOzou&
zKV=E{W6%+&(qr114Ko@L3Vaq1DfDWf21}!lqsSWMz!sxg#A-i(5m>;pSRR$8%iD5y
z&6@_pdetKBIm%nCPO4m#qv?qDv1H6$16)Rv6nuO2I7s!+J^p@ZJ1X%l*29Ak*EdWJ
z)Hg<SD7KYW%Yc?8l{^<HuOx1J6qZcuR_!kUp7KO{-fntXbqzPPyjX*FUb*pgno7H3
znTV#LmRLO^^QzkRjV5o*KwxdEr}%H1uoo;?h48tLZSVeeAX9N?eN|qojA65ZMD)gq
zq6B>YGb2@#h?AHRNf>0jq<KHTG}JMATwl|$fP=UsXYob7=#s)V0oZcQSmU$m4Y3Gy
ztod!}?HD_vGtD4seA4_9H#=bS3&q@oMRx*;M5oxCed|RStc4|wkJ?T)szjV_U*i7z
z_$@KRFNQ_z9PF^}$ZCYVjy15DTIMbDtrcBNX!bK7mxy=sKX62o(w{|L{lj}Z@yxUZ
z8+3fQ%(5k<w8C<XAx3F%vmzAn<^6L}GD<w56_5vzu}WwgKD`D`xuU27XPHH?rStS~
z+f{_0Qd=nsG~H8b7r(Z3mi7eZg2Mf-Y2<YIWS(VbKt-I#@61UkzyO|jO{)v~VCk-e
z;Jf&_7UYC^dCXK5@kgWO7*!|T)5e;r6zxFa_KN2p?ZMi}1X=3Pf-KKja^jdb3-?ds
z&co)7pSM56>Rx`^RATCH%?r7ky94=g*hV0B(5mZO?h2g`MA!0FZhI+UvfsBLG`|+t
zgq>IDJrAPV2MXrzf!)^oikW?e?0T`Z$V8u4n^eP`b%e{ezDB)BXi@-2E#ne!(tJkf
zuZfqQHe)RDBb*WZyD@1DKTMjc8as^P6^ewAqyQb$_a`EZ8dF;VPMWPuYDFr``&1-h
z-tA6d#+Tm)6EFyRX_}<@eZ>c0z#?dkg5JkAy`xtXSk*mgMYPz%Gy!MX#qnt~>@O21
z*7OG&FZpB-q|G#g+L}~0_Q7#i0;XO&h<HDMr@aSTy-njCKlL(dKxFsR*PUEHySV5i
zLiwNl(4puW_n=ntv;K}vYs1N6wrQtYN2WA|Sb7KC<9to;pJhJDyE3|E`Q*GC*?aT$
zKl-x($(+abOHhgDwelfH@!pN!cy_;wx!xI4`qZc&blm<<a1guNUB2MosRg8W{IFb=
z*TQUE`_U}yUcvkO7c^oowh_J4f9Zj#Lz!C^8<GA({Fs$E(g#>B#)yRMTYcmZ{jskZ
z_Sq2YJhmE6XI>(`AUKD3%j{^1z_SzPIP!U5Hul?E7Im3nC*<{L<d1|VTbABXGZEVM
zclze5OYTtUk;S&4oWXGDb+KfTX-BJ5vRIRPloC{=Z2*Tl*ABUtL}fZ%EQpr9Yd4NB
za$3-+q5oddESUxRdNO(NRq=!zwZ(Y-A~?cJ6vo=m>UUOjz^camPkvsRE7}IwgV)_f
zy_&18f^iINUrirL?z*p=19Azx)0oLVvz`W+vG9iF!Y=jJrArI4I0ku9+krg!8gTv|
zvwWx%Mx4C+D>)~tW8)>I9pf~fpV|4=8Z(1wh9;UJVm(H)y!UMCLve0qQdYhq@5aR5
z{MFT3N!7VjFU@$9ZWAuCY=N%SIT4Vg86Xrmq<>C;g*ESt7cP)o{r(Vjg1waQBzEsj
zHqQjvm)S6;<26@K@N2x_G|WgWe|pa18DMl@$9H{mLp7tgUT)HSJaw_1+km<~hq-LI
zkT}2Qp7gHkTEgT>Sy^?}p*gKohd=7FXIm=Ok>}ee&?ky68h~Yg_oVB`0%mXN+u3GJ
z_wMvWh?;!vt9wKx<z=it@4pm1Qs1KPVMsC~tiCJ9kDQE~a`Ph2WJhTyqzkzQxW^nf
z5Ao6mtrQYV9@ubP9zAJN-ohAc*=8JJM9|d>d}HaBK<CDwnY8)oq0Pg6EM~*|a_4dr
zmR-7E-0IXzEPQ~?Oj#cQsx%jlo=4Rtxj+fE8}zN}N7R(ijirUo562Yme$63~7R)@7
zi?SG>1ocZ}+jtWqDGqEJ@JbmNPJbk$8sq8YE<hE!F|N5@?RkU(smi5*@88s;tII4=
zX$$u<Ka8QT{{pReM$6(Zt6RY9a#pBxD8jq`mm(=y9J`C|L=G?ln{2HujZN!@O-(>_
zIZWXp^F7+-=|TXgVna|0rq-zZqH)~ya2qcFO$jwPh%yxcFuQ`OhUIOw6M0cHei~s3
zVJ0X@7413WfAaZTBCI4qwf84PC6)4BR~kxxXR4BzL*%mlI~O9EY~+>?c~CWJw{8E8
z^)X413SlG$Xf(=KV!mryp&e!_pDo1E^L^YbMT5r}t5TWcdVZt<AETstX^P5;Yt*h8
z(wFdID}cB@HPcnoGcTN5;pZxhC{AcC-H;15Efb#l9%uq>uJo+jFMV_$do3y&YwLJl
z*Saw7@6X~9LErWMGVXTtRE<$d4AFoPL}&H+8=YWFKolb7BHeyc8BrYHTKW}a#3eHR
zJ=1!*N#Tdz1mt3_eKzwmnnQz>_=g#5vu3kw$G0OlmJb1~c!eW^R_p!xIl8{p<psV~
zoa*xrpP8DHyl!X^Y9;1ISQ-fnSxqQtkRxZU=?{`QLak5qk9i!jS}a3LtANT3dO=Sr
z`G5%^PQ_-mJ#KRNax$#HFY|fuBDH(X%^=Dz_ou8<)f7YH0IQn#>O*4eQWwOq==z?9
zZh2#QiCQ<gaJ|ul0yinhK6QVIudg(Ap*Oue9n}hRg6$syZ5vQ1b_XSrPDiObx7fe1
z$a+Fz75OkhYNs2@rM(!)@{oFFrgjVsu!Oq9s(92ZQ9F;Ew|u6B3&Q=ZOg_jFE0|Bn
z=YwsE9{r}toR5kEfI$W*_sa*U=*nyet|ok&E@cOMAf1jG$CyNX%N_SO&2MYc|8&Go
z^<4hNEkD}7{1HG*DS>*evu4ZzMo?0JVO68sw2fB2bhrI2z=uq2i<Pld6Km?YcsPD7
zjWOY<Z~94DB-JBJK!Yy(c8{t0q^fKXFh|wD6!Z(C??C&x0Jy*xOzvULcfyv|<3^VQ
zOZ)OwF;iYb*sMcxw{8e2IA>9Y9~!Tx2Ug=!0jr}9I%LPjj_xrEsyPuK7*<93u=(~H
zK$TlH60H?F0@czwe)rf}&3)`D6xk_%9Wv=E>JL4>Tz=F3zH^w_Fp4Wdinj;K^<*`0
z<RNv-Gdou<#PsY;n+bKR{Gc6|SA6z*;S13^lgfyZ=+@FYS<r7(!{)!tgtfLWP>=$^
z^%XPmY7Nb=AOD3Gd~y?Y%Vlvp@$>maH#R-y)De(;_goB400wJQ1L~^EWPgeoK91ZN
zbTv&*P!Odr%kZ|-Lc6R-l*Y8ugJwBjQZi24h*`KbHtnfoiS#=z*+FbhCT|`{hwYab
z0_Uh5`8QDfYjeXqznKl1g~YQ3f+Bp?qrjs;@_F00Qt<S=Z{V?3rDULt6<T4rc9~LV
z1R*WwR=N!fdeecz385Lrhn)tUE7XhrqLbSwtVSocxV;s-%I~}OD%d!BcKFygrzv(p
z%GF)e--iVIZ1BB^2^h8EA{O(?Q!0sXT>phyviek1BwE_26aIe0_qC?#>xi@{vk3vv
ze^Qyy|8dhUY^w_lZ%1zwJO1?|L-BQz8BgankA2-VRGMGN4fT2m%XJf&axF*exBhG+
zV9?_74@4a*=32d-6v8|=s|%g`Em-AxZgX0m2Cic@WUr;i)Zjh`Y}ZHn6;Kpl12Cs`
zipj2U2`faj=8Ef1?8f%vwa%8eWlfY|RFdDRD`R%cvDuPzk{>Va>pMDn*LcG&uB9xu
zQ(!@dy15!fw8|DEJ{Nd+c{}L-z>de%#;FEA6ndIWd5Hrh*HJQP>-H0UG}W|obqTY?
zk?%@D2RPBIc@L=ECrjU}86kx11rXBaPDy$H8iP%eNq1gs41((u3)gON%=MXvzoi-K
z88AFk<`*m-rJc|e0gk6+CE=6>j2M+wv?hrQwXD_D7ak6T>R5g61`F%SW5m6pN0sy~
zrNZ){Q%w}A)@9S{g%!$|R(yw}J`VToIIUm02z7b^)im%=mzbW9v-$vH7Ip44&NsHc
z-}@9CUKOrUDEX|=)$j%wm;Um3Deh)Gp`R{<yn`UOgdyQW_al0f%qCtGv~y3fZTwlH
z%n>U+#N>rB$=X$($f6c{kN=tjPZ&@me|0ip7^m^Sh8xGNP&|nZ$~!p`maD1nffd@I
zbUt8bF?UP11S3eljxc9?3I9;QSYBK;mE&??;vBTmJ5@9zLxR5_7e8OGnwlKQ5%<WP
zt)&!S0n}-|P(5Gp&anH@;H2mzb&Y_fR{e#Qe^JS-X#rN#tL$Ca<ucuB5bVsZbF0&o
zJlKqIRwHiqqrD|3lX+cBC(5Gc8Qzg53$PN>YRSBIrth=T=xnb4<>mWLvz*Jas!|9{
z6ESaqWTP()Lh7aFTQZX!mpi%>x1@Eh4)>pLGzJ2xn5-2lCg&Vj!Uhw9Sf{1K0_88N
zFVzgag0@tD+6*E-9^JQbZmL-6nOPXt=zFb0{DsEd8eF+b3CfL9P;xVwEgSg@NTiRg
z38<MrEyP!tIisUrlWh{LL*+*?lL^<{Ou-~Kg+_?J<a*Fnvt~*Doet=?cgkD9?5Jc<
z{)vb@h;M4T35AQp=L;B37t&r=Bh<$JB2|26NK-{FO(3IH=#cCICnmXIH6CYoFpQSs
zpWRpgD)7iK6nmIn{)JaH3jlUL_gK0eoFrq|zd6;OTTM@I4r_R)k~JUj|Jr8JkfnuJ
zNU93EGYqlZGbMbnI!XwsfAw{Z!rW(trvhU0j+1hsw_6CJd&f{%K{sf&(nj;4Xy_BU
z2*q@>iFGix!<H(H9qcoU`G!qh-+w=5p(TX%6il4?+Xz$H91I*=AT|``<X1@|WLjX}
z^?GeuB5nX)axC0{OAFA58JriylWapwOzUS7%!3BEeqDrN5^2P0G_@#Bj^*q6rss4?
z(_u$dunkDb!W?3=qpXiv>Heve;7Q&f^sDmFrbgZx(^wLuoJzMr|7mD)zkE|!q;+}0
z2zC*L^jRHBvyt@qw7#8F+|;ruDDSRxrUV2Z591#+NZMUY1H{AU`83|>rgGlLmm$8T
z-G@gXOP*b{Oa>&~ml~f?O8~pC?!z`Z<cJ?+)=!_u)ChYavpt?iX;|vpNj>jlE-ZPB
zkmFUhoWKXo5Sb_(Y>YBAz7x1%FA;oL9yNuXGZ4hde%u9~BgTcPwbVqqVtsgqlQ|9_
z4zEeu-WdT-vEI`@8=EJGSJauPlST&i59{Ba%YoHxA_3n4qrW_j`EgO=tyS!?rP>ob
zrv+tdyXB1{o?>eqV{$Mh%ZVK@IO3QjY+C#?Q^G~i1T4zE{&YQm7tXR>{=iZ`ug_HS
zCL)sSa6FoXURSMbU<co(8c(2#(WS}Cvq*q_HMO}}1abb{MDo1AfDoMC<yFiGgy!<C
zqh~DV@$2Becb8x(&k{tPK$%`kz>D%3(;L2Wpf(FQLo@%zFU9=MYK_b{XndSn`eOKd
zkRup4&JqG+7VNe5gGDby*XPdgk>4jWqhq2D0?I##7}NbatRNNhT2Ha)D`wxE0#;J~
zTZ%TC)X<3%L>sNPA0~guils5(24%qqWk~^L(W#xPMkryXH_wAkh^46C$%&FBFYZe{
z1pBUtwKF!KmER__X~pbB7Jc2N8P7_c*-e-O6WU%E$0G!upR=78NIe7@MSzSba_zH5
z?LW$WB1>P`x4+3BwgzOf``AK|4FrvxS;bEH#OTIIUwzV--f9pHLp9M*QaQrmXQ4WR
z;F1la^ptDng(msYv2ER@I~XgntWZ4O){MJ8`$-`nai#p^pFA&_eO6vKLG+`z3j$K5
zdMk_IUX{_~F~>Z9E^GGl;c_MNmJ{qZ;rc{jQ<fgYBOp1-o~_3k^I3Wuv$k^1NQen6
zH*Vnko9XVR?Jn*v?Q$5p_L^uH*24YxNQ6Z`u=QsFyv_(5o(jl7%T(sLUXzcR>-gq#
zIZwJPS6AqSy-u-rtjUNm;i_+P(iyjpkq`X!xtbOFRA(Msn**ZwHYz==##s)#h1LT3
zeOBJsr2lNjB?GJ@EMi+q$-rpgQx=y-^^6h<zWSNv0GPG!^>JG1#wo4{=tIIe4rQZB
z)5t8vkgQ7;vWL3UFUeZ)Kh!psp-Z!OiaXow9m_IevcSO^g>a5tS+>ABI?BGZc(;R@
z^^qeMPdLXdCgafcshAg+&7_KB^czZZa&uV0!A2nk;D@b`V-qYa&gZt~agG6FDiiYV
zOP+&kaKdR<!*2F>9e;;=hc~_(e1P?tmuWRM4L3~#g7>%f>)%GK?*~x52jl*Ihptb=
zyj)VM3f2q8rpS8h%N~4rU*LS8h<?55wT%dRj->lrAo2iog@m>lH{DxLmz=KdLqtkX
z(th{?bu$jxW#b`Ro9BqKuWp2@Oy>oG^DH9Fql);?{BmJ3N+J-4*@iI%PX6MAQapvd
z8Ar6Ja&?Z8DC7<_A7;g~={9uaXGF{>W)nvktZ5VvGbDzvMufDVh8apjV1z1+SRV&H
zt3E1{f5AxyJ#ek8q>=#LxM!hmWlbCdl%{YLasR9qPu4Y5N4q%cWyDaDfNS~dF~SxF
z)i3M9L4XBl%lwYvZm=_s;jt_?-)j%=<e7s#Zb>~L^U{1l>yZFG3=xOtoy&hC?Xt$I
zMpnz}#8Z>C_Avd-`ZbPS^+$HX<^}zaz%)8G*2PT}Gh@B@zlg_rwOD`|_(I!hT4{pt
zh=!L{cw2Oh?i^32%CX0FSY7+M0}&l3GdRa?N~Rr0v_J69B?E(5;`{mN1F6((WTWQA
z6J~^?elWD7ltpU63Tx&m$J=c-5tFe2QS_WhYA%~cx$cZV4;2>lw~>?>a64eT@1nKY
zC^0`ptp12>PRi%(GvJh`Q)2C~K(3eVRsRlLjhZ}sgb#joUg!pG=E?ePUpdtg8A@qy
z`m(bM{kuUhxg+1oipSY#=t!hcf9lk8r(uvsjHTX?c=-Ct#{YVC;&(MGC2+01yLY@i
zd2+SLK7(-6KlN+E<;xqKdz=<Yn76f-tjI95%#9B&=WxO6(tpEnX#i>y(vyO;pX%<2
z+M>Ah0k6ihox1kVBOKdK)9Yxtq)B_xn1Ca08qC3(XTL}&QgoUQA^?UvbH!zpEYd40
z+uUMAl036sv=%?m(8ja;<!mlm%nsX#EAd;`{2kLu4A!S(qOe8j_m;nE6aEuPso-r2
zs+3y@p<}xe&-*w!z|#K6J+KdnT6;<5V>`Rfaq4W&6h9DLK9yhUQxVfBFb^ALN2uo|
z)yX;ZSWL{^*f*+TUzT}9*s?(0B*~t)wT&tFy<ceiY<6ex(?*n-xn`P+V>)qxIO<l-
z8U>w?tzAx&hGxAZ#GI)^^Oj9_tI@}@!^&NCNO8K$)+lhRhD`VsxY-JfLAGi8cn_yX
z#*>!L#O$ml@LshB!_9rwp82=^lmTaibAhDysb{9D@O*X2T%Z<i#T#Z%XL;Jus_pSo
zr;hgV_Q?F7R=m!hHx=|^Dj<L9Zx*l4bM*4(W?FwHuW!HYN&GL~J_c>SG*TzA-e2jR
zN?64Wn9Y14EFV-GZ|PF}y=|9f(zo&Oo}Xjj?-&yr&~|KYBaIn4b7qIk(KewHIKA7D
zbGc5D4kO<_DtfS0P3Abf2V0egFLxZr0Zq72iEdeB!}dc|Ri&u;{CA1=hOWnPPl9zA
zZ9&JM9L}T=EQ3ln?;rHlaI06dB8y2as{spt{XARyJa@;snM&NhOFV|K)ihV^&UKP<
z0_oRGqrJj7(#Ty2aWF1iSY?(|4&6kO7H@4b`1of2m{y!cj-K29WfZTM+fvw0%ml-Q
zqHB&rk?vJ5$EaOSrZKZjt@=Et{-L4ARWPU4>cgb~3)e7D6l52pB5L6$YO5pxYzHmb
z`L|M7!v*C)n-CkD>XH$m%lIHAF=fvBV;>Y{r{%ZpA4bgPQ&{slN8H%9=_RL)qPzES
z)VxuhPJ4TQ)U<bI+OzOUvg=C^|2%(Y%gRI2Wv$D##+}-y2Z@LVvhs2sGD;)&Mq01e
zoQ=)?7cvC@8o;6CdcTDvr+NAp?reC2sb1EVf^KGauVOH`+s{`}jYDn$bU4h7!=<gA
z(bNq`aXGc5(avk`<`!_XuK2WCTEWx#I>EtQYrf?o&!!<L8#gO5AT!$@nlKn85`1`2
zLLoU;Y^DWnNXVTFoX4eZsX7qRvO{1?%e>o(O@Hw87Ch3Qj_A!OhVqauM$Es1m16i1
zv$44&hcxz3Vo7Q{(YDL|pO&38e=8YO#pg{wYml;SOSr!UPYkY<qu6Aq;!K@4a{=`4
z5YHBHVYhoV94_hyS0m=bVWmwsjK<ezqSApt@%~1+_ag4xZ6Pi6e5zEPNO#$RHCCFt
z09M=5Qn-8)nkU6dRp<!lZmCdlk0JxpaHv}<p{)e^y2|>#fi`;j?>XFGROy-ejtlX}
zv$R}q?u1UG)&zNhi-k!rlmQ%19)~uWLtwr{IoIb9>xAm@Jt*{qLwaoU+&8!T1e<8!
ze_aRT3b{0h+FXc6&yTlU`#`VC7s$w!E2T_PZq*{jIVzKRl}Mmsp&mHps;*zb+wbu`
z?&H1MhVJc7W3KnXn_RD#7doPx!a`0(H!QH4WWGEJIi}-h4ta6F$>roaZ}!>Z!iVZk
zD(s?0_j^%)4@)PnI+erg&9LNL8*nXg@_0Gt*B?#kU~uzMN2{jTm8%F&Cp9yxy=~$8
zBAZ-hu27=MmG{V*WcNp%z2J@@&)3&k7|X}l>p_UWpjekm?O6==yfU~dGvw7V)LFc(
z{mOCgY8NYa1ylo7w5_O0VRQmCbdb<c6n3q6AJD(Fxz5}6twNkuX;zO+YXar(Hm<MA
zL#y$_R5}FWf+r2cKQ_)t%+2j~CtPptq37RMA5sZmjW*IO-9(#sMLXwLU^~}K!^7J>
zmw5=F#fjnIG`+fUcG&MUJygHWy{a5)c}~{5W4M|yqlnPe0WRcd6JXbC3ms>oXJVHL
z!6CBF*Ti`{JEB06Mfk36_3RPNrQPWo3c9Nm1!=OhWTtjqs4q*HIpkdW^N^xlHuYT-
zK{qbbV_qGl<|*75vF-*Mqlu?g$6W>S9+iD2wC`Oczm+nYp}$M|g78T>2=7)iL=~rt
zjpFj-gv6)IjN!h(xk9Hu9m8EtM~>pk0A?Oq%_475<lPOoIs2Ye5g3U_ctE-~`QN+X
zP9@NrQGE-4w20iRh<FqwX^?dD91lMKmumZ9`kqnV9+;{^D*((p#VWx$hl?i8P2G8W
zj0ca#be+F<SPgy?+Fgeu^-XHg7>^cAUJ*$MCO7E4f0KOWCb@Om!Q0;mYpEx}1|$Ed
z>;IS>{bO=|!^AH1hDo<nS3_><$?dA+ie^HON{7|Z|6C*&kq^w!c+-l1Oh6rQrh~d0
zo;FVrSH&5{r+7f_R2{!}Vf3hEO@||J!_w&xxEH_=%C8{JK!w?isz#Gz5gD2K8q8ji
zs@g1K-Jl0%M}Hxzii2|$fBJ1ReDhph3_f=?yuD#ZaKjGr#y3p$)@;|q%am7*Z}rdF
zZ$of7k9Bco?-`&=?lcor{MItIp6Jbc)%vJM<m$n=-4oI7rm{P11a~|TcEA%+lWx*)
zLVFC2AnGOU5*n3ld{z85t@f@EL45{yEjzbEjE5>d5+_H|WQ=rAX#7)SS4q-jJ@;*G
zMowo_oP0%t$;LbKaTOI1yjV(O^I0M~;o9y-W^HHNRES#FM8E26TG!VkFg|@-kCD^O
z6z8j=0jlwiUR*^R1h0Y;Fb<t1dLvwm)5JXLY)j&%)-~C$I+xZ}o;2CaecOnU)5{d6
zM$urk@s4d=#SjE<h|)M`mguu^t!xvswu@~lm|?146_wUinKaqTecOzY)6W#AMbTip
z@s3Yi#T*20i_*A#mgtXgZ8%thi!F(}TGw>H>U>&Pb<$)T_if+}BWI8)&UZzF<HkGh
z<0`fwc#o)zQJ@wgwcTJ5uC}RQj^F*N3u#?7Ns}Giw{00Y!%T4o6b&vL@1(?4TtM)+
zsEjW`B}8g*nwdvkZAm=Tx@P)S|D<)*B~5m5-*#l=3^&CYQ#82Sbf+k;;*lGkI+Zc?
z9MNZyTG?iRSsP-T3g$ret1hN>H6%@TbKiDl<cu)InNc(#Xu4A$SMl5p&y~tpa*pVa
zNNqS+1jLraQ>|;ZUv(+1t0`&n2ls6cM(|V~oJB<glBPR9;wre@@M5Wq&F6^dL~Fa7
znYG<)Q^5>#{i@4pT`ftIz1+8b7&+rjaW)hUq^O(jOvF`4xZzb$8Hdghy%DX&X<;69
zvnBB&0e_kQ{cctK=f`N{aJQa{LY(t6s{gm~+w>dA=bip%3Re+;k>rk{Z{_-{Ni0vZ
zx5Z07=vqTDz)yWCt8Ef+Zi$)q<=%bb(;6@N=+!!^cI?!b2BhQC1vPmHg;7fpMvSR0
zAA$$i2uTs%8^3`}H!$KK<oZWN+)#!7QU5`Sf7FRze-7WsS3Z&g2qXSsbr2KYo4g_G
z-N1-{(Ci;|>V|6jk2>{h>F|wfC0B3e_l8<>2gT`M*4Y#moH3sEAveU^jW@*KH$-br
zEZ4|Z;EPzncdo12nAqCXp0)3MrY}QiV(V_;tADT_xWU^0aKjCJ^A9$r_N{&QFbxC~
zH{HPh{=w!OnD`I2+`!NOVCxP1_7B4JyVkyUncfAnwcWtcf3W=q{`m(xZs6WO*m(nQ
znE^M6yYzpoeSc!60K)G#knSJszJYxIV2}Qf7lKa=pDqt6n<>N!%6YQqfiVz5cK(q^
zy<fn;DAS3Shdj(wV+EHzZ;1V0<WYhQWXD^WPiyp>GrP=ixrw@k!Q78QC&4p^+Na{=
zX)&_xd_3t6K*&IsS?)eFqjz9$`lI1h3QGZzbcc|EKR3j}e?<5VQHpFu?dPdkA}`6Z
zw@im#Ed1`-YySTMBJlr~X$<_`ehb}4j^4HK=Vj!1_+F*fAw2#0(f=Qbg#SzabSotI
z@!hF|r#&3^e@4UqI|Uh}2>-9TC_dJYg$wK5C|8vv2iiLBMp>5?ZIBD2C8&HWSld$5
zt937u*YefC>h`YW8v%11RNrI(ZZcey-(;`^GjL8wg3s9%;PVIgyL6pdT!wVzS==YU
zv0$!!NLAjx5cszQ_f7VCKB?(`L^oK77XJV5MBsm0N$co`pf+<iDta~DsEE2z5%9m!
z@qeZM?;`?W@$YVmC%6$x^hT&Tx|`zvPvUv!&2!$(a|jQZ=%D2$(c1qUk?Q|}Y5E=t
zmnppig==v0BLM_UU2pDp!=$fvXE)6;YtGmmaHqL1s&e;w&-e^`fv%o!m%ca)^PatC
zzuPiDx8N@I{AwfAumL4<t-Be}J~JnM)nf>YU+}{aHkA*bl)+l6cdA81fzvI&y7mPF
zLrh+!Te%OJd-c`K<zn5lT+Bup;5KeI%?ncYjDxs-Lf0=AlQEOk&~0A-UD(c5!Zn$;
z8t$EEw{G2faBKXjyCIB&Pm$g3)~!!JnmXojjYI(oY1tx9?-U%5R`GYy##0<`3-15y
zs%KRX5q{pj(f-lu?7uOcAHF3t`Ly>*A6q=_!C7YV3A1(X|9d~-=Pib)XxdDqpoc=t
z7mPZ!X`7p7>SD1|#PRJ2a;1F@tFxmD=i6Hho5@TNoI!2mKs#JOvFY6>kFznTBsey_
z9hdbN(3T5dQgVy<EbHHqtb&DkF`c60{Clsk`#tVUJqth_<?m&NN2D05Ten%fz;kSB
zRX>hVIDUMsAX`m%vEEPmX<t{}`aOl-q$6eTf9t4LrDwJgs^|2H+dO{Ho?4ZbcYb&l
z;}>JI<z8XCgIi|e?z^h#iQXQ+y^QJkAW4Gj2h7(sz3D2#f11SdW6reLjs!Vz(XZVv
z5ygDLwOrij@gVWyROf;6quZ}J58HB*VkG3^E<VaQlOJUg9jb?F)M&fbRSXvYA6>n5
zR2)I`E{rS?V1eL^LvWYiPH=aE1$TF67XmB}K{t373m)9v-Ccvbh6D|{yzh7Jckl1c
zA2U65s(N~Q&eW;ueoj3jNIo`Di+h^CB;zO~N*ibwOXc&R2J@AyKG}^DGp#9&+86Wj
zvZ^sdw(T?fJ-YZniEgW24HqybBgCPDnXU4e#^6tcM86=H+edtsx=J$~VKsiB9&1L!
zqKDohIy2a_PeUDC&P`tJ&rW=weX>agoxL)Oy1`43tdfLr8p-DG$PD)q(~(yeFjXra
znqv&(w3#zaQ`S%Dq$yy=N9fu`xu%eud$C2Q;0x^p=Y#HZn^HHNVl8vFA!*^rEGq}u
z`lOfqP3)}B5C19A#_K?@FGNrPP-!G#*)QSRXdr_cUPzt73f~>Nf-suVatxi-d^M{2
zuvoXfH|K`raUTeNNM+cUr5PwT{&KP2YTfY7bSGD$F&G*7<zi=hST#pjMI^0*Mh3%|
zINWH~kHN20t-||GHE%8gVUgzhTN!Lijl&I&2p{}MH_d9^w&N`SZqEyq8j0S!0>j{Y
zQRAq_mF&HvPaOV5D~LBfK0-e&4Qz~?LI&M=Hmd$uI=EpX;GArsFO?rojLFzj^S!_E
za(o&Z$->I&Xshj?h7yjv#g%%110VEv1g&#jtw7~0U*0$m{Vdsr{1cof(1HrTtf3Cp
zE6yBojyBAvk&H~>sf+XStC3&7PGWe(prLvgzLkq0%W5Q0y=_9z8~wI)ygq8qq12(3
zN@#{|(~EavfW6F<*PB#;fyFquQYjuS#3KO}nHDFK<v_2bK@V{*3O{Xk<5}L3bF(`6
z_H`1fB~6~9ilrf;zpXqytqRf-$0@`wuy*tDYl`IY<;5T4t^|{3C{3u6Dt<>rBsB}p
zPEdY?u|R1+41zQ%w>^oL8zD4ItoR`j-u$Eq(iWRUav};A*=tt0HgGU*!pX~1fa@3u
z?@lhATtZyk(2-9>0Rh}qt+*CKPz=^QUdg%`PpCdGzJ};cB{vIQx1bH45@oCcBe=S<
z!2NB>8bUSYk^I1{T4x7FMKjHY=(trEgt&yVRW^M4gu@blti0;MzZaei!(_`6gjBwL
zn$3`D9@S5cT%Esb*|Oj=o(kDm@}VzDJ_KjXE|l`p!Qyztu7BnjQ;Exj25m<*G9Xdq
zQ&-U#E0Fv9IZFhd`K2u!jqx;I`wD!<yi0a;8Ynp7!^2Y>F6WaAFQ3D6h76&iZZYB?
zbExn==S)F6`s{r(pK`o$WNrx(7|qKj#r{Xk2ikqr=r@H2HgqzZI(BxXlDldjtBBFq
zNdGDZwWCjjoREaRC_>EPA<b~)*|a?Bq?=uVXh<gOINVpfu~u~u2JOhQ@SiS>5A#t2
zr!p!kIU9pUsh7c&XMN^O8j$`O8KMGd1>(CM(hu}KXt+?kKRF~pI{3JqCg0|Xax{GU
zG&;eBmb1Fx$dn=(6nsHLbJ<FnN`yfBwCeFgg~Ik|4PS;*jUv<TSI%-l|9xH#=saT~
zr0SD^GW_G^Cs~~ZA=_}evHMM~)JA!_=A(+x`&38vbX}Evvtge&tZt(W?|Cu2yK^A8
zvlo;Wn5KZYR{B-#UHRiDL#+YP*Z*>+ZJAM5{>swPK7Y&j{`qeu>L^kcxf`J;snbDY
zx>~pKw!HeAN*TT{qdoK6c8d<Tr>nK+5c`?TRe#Vgn1g*LorcLBw17jbf^2c3PJ81F
zq!>q*U~zjFkl4$C9!|sA)6mh&Zg3Q5{3tj&F2OZ?wM6GE$H?(MHFL|G`K$$CyX2uS
zme@a%Xq@fTW5vWsg(rdC_v!eItUD6ExkOuS#K=Pu6xu&ItsmyKGAxTc#3q9c>B^Sr
zNj#*EkzHs#XJ^-#=PC}p+T|`5A*}!xX4T@MJl~YDy$^`pm6xVuTHW5KHak7SK_rlY
zdfdE(AAGR?91sH!dM+@#DxeE&biqTBK$?w6Uu^{;>%0)+5lA#%1HawRph`H87l)A=
zHyf_4SSmRwb4LbZetTP|LjSiMLZ_3<w*7YPPA*&rX7H9wJcHmVp}BMn(A`1A{vtdO
zqfqT=fW>jU12709VX0pGRa7c15|u|AdS!_VPTn}=O34%qJtkPnVzJ8RPSq8-pwEl_
ztlMgMTOP-`D-53j5}#>XGUcoJ%LRsY7*Q$4J>SbUy|@mrCTrX$VTbQP%mHtPxO9}{
z0fHqbJf1`DUVEs}+V`m+E(7}qS{L6dwn9K<c@q8PpBaJbVaS<LD(JZ!8ba!y><Xvd
z*wYIUQwszi{g}TJ6hC4=yW!ViM#>OKE5vSIrKQEDZpQla#L{Tw8GT9PW{4SdUqKC*
z@z7D&LRuWEe@0Z<(0Td*=?XhM=lC#tYy0CH(E<8iNoHpRrLUb`DBZx*YC^E6aVK4W
znS%dM@gp`rf?tJnPs?fXeV;$c2+=h6SA8fG%8bfUnO>(3I!q|AZ+Q(%xP*}s-tfh(
z49|avj`J273xCYaEMc1+9?+a67bf1~Q?h~LlH*wqYBUBZ3vr%|LKyN_zT+t2h)uZ@
za71F0!N_>M3#?Rg2?be_Q=n}ZpVt^=j0#OxyA8txfCD3uJbnd?@UWY7_;B;1;dX1(
zDfCCk$!YdwbCI(=w#0T3B5RRDz)H(Llj2MF$|$=C9ZPOp@%IXjnYwRyG%iA;aT0jw
z>ZdV6fOlb&Hgrh2khop$;GRUM`whoN=CHR{bogj@rp}lKfz~ticvo0|D4MHXM;j^I
z^JJz{g1w3?rD68qI3#l*UKlf=f*_yD7>{A3_>0h}vXvbMk9>*;$8=h(4U#Tf5&~la
zCMt%&RxO?jrQ0K~IvITYL5sJc-}N2*Y7fZtJ;Dcv*Ip<dLR^oc^SZh88OYhX&!hw_
z5&h`9C`^i~eiJel3}YkK+dWQ)&t4V4uL^P1MMd3G5y7ZB&rE%d!N*A>O-<y#gFEQo
z{tTiw0LZVHq`2CRpSR2^)7V-o*CHn1b<kE)nm#zZEj{FnHioC7PSfh9<VF}JWOj_O
zEQHMbCB(FXxPv?^nJf?3Srs=CV<`x-KI_uZVO*xCwV#`@7zm%Y3r`~AmDqZWDe3yS
zsr2ra#SivXED4)sU+-a}MiENdmCLe^7$+Gej8^o8d;DHVpZc94KBGeKO|tdW)yWX9
zlnvl~AqXJ9DR}#*I_uCcTs2nLU)`5Nz1D1y`VR&J<mX6zt`~8#VR9%_6ZyUY;({@l
z1|lRq84@-ck>sbWG=1R7^JxLBE!7pMHMm)h?W>{13NpDO-Ph{c{|=7<qNcM0$xH^B
z-N+2!U>y`M_P-eAA4|hj-&BNaZOjZE|CUq3wET8Ab2{+In!x_`-r+uVf}n||%tWbg
zCA#<$^3U>d<F=qH;APX8W-XF&%xzwbI^j6I0He%wHGb(6aqa9_vZ%cKyr?XmQJSh-
z=M=kq=o~z;w-7Cb8dMwc6W_VyZ+Joe@vkte*ZQ~AXv%*nzv6W}btdhm6{H^T8qWjw
zl{z|jU~cohH_W<~H}w;$`8lN#g$}>oAJP3af+Ua@C1OF__DkdfT<6&}-0Gd;E6S1$
z>gbZL3g4=y6}DKH@H~n(gOY(+OM62(@taiz=0bddwf45cRobkRJG5)@yP0&Y<O_0%
z#d^S^4_I$lzc|=kXhuR3c;G|6qowzKY^=nWDss-+ux7S)R)S5-M{!{Yl`3ccZ=QG<
z!~!MD`4Nj@s@ADartqCfI=zkB^1Q_v-|T3QCKiG4iLwztg7j9?D)Y*5v?<ZLquoBx
zhz4{5E+br5Wjo<@$2nJjBed)}|Bsxmc5<{8*M}9;{V-eQIt3e{MnpRwZ`Vs%C7O#A
zN8RO`36nz_YdS|;KG{M4gtVD>gHJRXf`r|`@94k`B*H+^9+<R!OWR>xw(b7~wid<_
z9rK;g;-iK44v{D*!s2jY8l(^P$fLEr%2y2~%+OpZ`Ov!*zB&%V2*MjStC5dKYQmR4
zaA@a#O!U$blg66b{i)|oYFVaFZ44FNqu=H!Wabq5`oK-XCRLfql2VeBG4jC<f*whF
z&$Bw&r}4&X-d`GSj%5_}Il-eP%S}f2IygO9xV4GANHUVzT%|b8>B_d?<NF0N%@VJg
z@LyAl+IY;;tG}*{Q+0J=-QA&($ctQHgUm7a8oI@ro4!YeITIi0W{O@}LSY>+O+Jr`
zmhoaP&FQiDM2pv(tlFp3n<r%qf-xCqYDj42E|f8UG^V@Kx?jRiDmsEX`XIPf%iE7K
zu9<#YLX(x+qJpU@>6;>*4tHQi^l3W*MSl_ce%usTaqPw`v|pkVu#Qw-=;G|{y>URJ
z)z(B#ubQ}g->`(;XUaAF#9;pZP-NrlD<`*tX7av=s}KvE67t7YCVf&D(jILu!682~
zUx3io{tk~(f`LF>x($ST&sXbK^OJ6;X*}i8s$h5BgWOy1?y?eOy`BALhMHW1>6!2#
zO4WRyspFAHk2-;;d@8u=prrD#7L!1FMwd$Nz2i((QG>D9K02ywjqZkG<tA%D<_)dl
zlR19_8}B2xEQ3JUEbj+G$W<2C2X6M+_K9F&9`tM~*eXttpRTgljIu#NK&`IQ9}D4w
zwlG3<P+9%#&!+tp<cM%r5{$+RwAkS2FL7Gkl7UMtcec)%B%xQW<Ei`sjvRodF0vJ(
zXS=1B#;XU9*L3=EhfWDB>L@Xqv{)X9iFlC!pJx^Gol_b&zlGXCS~hc3#uhLjt}9p0
zSHKX{VYb<fGo%%~qRXt>7`?-;uJ50{F9lgz#7pX{P3SqgA()p;94g~G;X6aVjC0@t
zzzv!uZZI*W5yRbu)w}9xQ)Pk}J9F=KCv(Rt>{}3OQJ?>JrnO!`CYui2fvu4XNXU99
zu2HdNke@-I>*Wp!b{Fd?#`|%p#=!dYd1L$wLs7}QJ#g3QWwDoxnL*WcbmfY5*uS5p
z4}qdS;0k-j@MUZBRoaRW6k$w69~O+;&%3ueLAE%BErZF@ronoM<h|y*0v9oZ%VROk
z`Psa_j41`dEgZrby=RyogbBY3y|HK5eQNZ8glB6H!9}2u+FA~Nv0j6M^R8)HbSN#s
zwT%Ul=f8IJIIFJR5)sG6iw}Hm(}YB9og<9#uMYNO;9xo)o_PcH1&C$NWs0wo6p_|T
z(<Yjw!iMa1F@V?~TPMf>DzCeMft;yjWwMGvNTZy-(!W27SkTz85^O`84d=BFYqPAd
zTEk_tb*zWve@-`@SsW07erR0FIng74(K}yD;piEJH2q0{PoBS5k<}|}%9U-!kN;72
zz>%V%HlTvaHx4mkx%ORR&0Cjx7NGxS_p}4iQ_T!SesQgTw?HACv39<F_%sI2K`=Yj
zMH-7?mrX2ipY15pD6SA8ZDieT<8e$>#Gx_zOjRkq;u4M8YHW!dbpOPNhYi`8jlRx_
zRUwL9B)<-EnR7fSJyO1UK=UtgA_ak=2^e*EN!4ltrY0bwK(ditGgv7DfC{<(>KAOB
z0pJJu9?1zQK<Cz#_nxi!DHfekX>plig~RyNaV2k0yXijvK#wf<%(n7boP<&K%k;y*
zsOXTAi|Wt;IK}XHnog6rTqAaYT_((wQ0N4+YmwKCN_}qXvn~gbuJXH`)83ngC$2K#
zK1!|VF6c{6_uh&K^s#>}hX@#f|2JS~{0R<W-o1Ry-}swCyNo#d2>trnB+MvYh?|eQ
zCZYtU%pTNsS|@D7)RWIg^0pdQOaBm05B4_DN1R$c4h0r?H{E4Ux)e0bt_ESEM|I$i
z2C!>NG^?rDPhzkFXTf7BrSC3J%VhO>H8lzc+S6N0jYP`Zu%8jl=-o6ST@kr}kthfi
z#hd!%cmnb0oQryG?r&j!CMF~=7gkCmky1E!xg5B%K+e-)TRK@D#d-~da)t0TVjA3E
zO(rW}qBp4zKPRAh_|YlI4VIPZmDf8x-4x}D%1~Z$epP9Tj$`h#S#<8_LGgGKtcEII
zt7WzsQ!Kf$gIo4<m>BwDe0$q)7{Lv~jG>9#C6b}<c@=b9d#+1p=PZ(;@JmWzSO23a
zczCe=u|Y>c|3kx=JvGgZ00jkQUg$%GFEAprPq@}O-J&I9!G4Dm$sX(601W*`d}Q!)
z(JGbT5n`DJ=l_NKB>VBKove3rS@K82GnUkDZuU{V{x>0%%Gu#1Z$*ne8Fv$4gXc;F
zuDN*_A;W_?OpO_!3}FkxGG`iWPm!J;ZpB?Q5wWFYxW4|*gR|3j)fvrO#ZFs`e9G*S
zW`OEg?m?Pb?O$PzNr<ODuWwUdQ7^fD9T8H=$Cwo*A>^=U!I;oP_Hsn?f-3mM;EPqQ
zlD9p+spows-8j#f(#b;!{gS<(VAz}Jl&%>x2qKZ8D!>Vb0x1@c7<PGeaT5>v1*b|j
zr4(r$f71X%iJM=0zjAFTo#KN=Ra>3s{M^$fJJAc>?o(O^h{Z#W)1nP$lv-Y$hd=hk
zO30Nvv~?m7uS3P$7Y{>(bFu0<)R=&)X;weB!gyKfH`XWNy$h@S@kE|-;ZJ-&nZo>d
z&2a|kwEl>*Kwy7Pa^ky(PeW=(hFQJC>t+nJo|x!)YD3`%H{2qhrCGier~+$Ou*pBE
ze?&Z3NEzYm@{!L|34EZQ_BSl&BhSh&<H(ZonyDEKNwH^-<dpKLk}<M<_l<Obg4JOE
zBBQyv^MrMqj*Bf8FxhnFs@qFK%MxqAd|G(gH)D^44k3N6qT(97dcwP)Gn=;=5iXi*
zQD<m*zUfQvYCwAn-e^|1=uWQj1@fgfnVW~N1NkvPkcs5}zNvS=-onTLOiwL}$vG*}
zG?AR&ltKP!z$13BmklgYILV_xT|$#oP~Z$xIce;NT!kom_9<$e-uVOnLhf8RX24dB
zmMHcnL;=;CS5J}Uamw3ufCX#1q_Fz;Lm;$vI8b>L`LTIZzm*IWi}Uk-#Ulz1rbcu5
z#^rcIQzm0o%WmOND~<1#uOzPH))D?A#M@7dK#rU8aMkY|3Ca#3OH6Pq!oVFX<8DM!
zj<D<F4%t-?Y=k<muthe|lipLl*H4V50IX+2{4}o|+V$$B4k>E{-7Qo(6VoL^NwMrn
zr`HNJ^|k_VK6RHms3`F|sD(4X@iw+0p_H=DD#XexIrfg~O7IX%;l|pXsG*ud4WJa6
zmXl;Y%e>t}bW)2ulnM+Khw+lC$=Iq}yBso89TuRs<iqfwJEJ0#a#;u#(A@9>h4U1M
zZyb#|kM@yv)io1oA`2#k?ZM~bpE5yq$T5?)i+&`W^yDq^(69$ZuXvj70G8EXQBF#v
zz<>G_#2DL=H`Uc4B(uD7KKal<zG<w{oRG~;27>DIx?i5>4dHgQu^;+`GS)o=ccC1s
zBpJL_0+NoDXmJwmJx6N1n{VRbneX}_WEo=994w?Mr){d*y)C9h=*HjSb)M!F@+fv8
z*~1A_jwoz3WuzNnwaR1t;fJkpAGez9tT<ErMePtt`4~-hH3L&3K-MiP0lK-9ejLI-
zJqf~pL_Ct(R${NJ2%-xF?ui8cYX<td!4)KjqVLYgCXsd2t{J|K2^x6$NUqpH5QA11
z8*1t2!%DFjQ4X;)qRnG!7H<oNXc*}azhIc8gtk^ex1^Ex<b8~<AQbZaCsK)XD2#zR
zDsJdvN+W=fU$oNZ-6EmHAOzObO3d!jkwIwyh=D~dUU^9W3{`fAtVJIHSV1&Y(_yNx
zeX3Z>S(W8ARwHM6%h4XpKA{g0@1+mqp*aqQQv7Zh{R#Bx?%tKH?RVNeDaHz~YhC2d
z_xWSpoQcA=n5{npuYz)>pybZYTA*x&%i-P476z7%>EfT(8~h=hKi_EoibG+FtlAr`
zP2rF{iMgGKnqm@!?88COG%vjTuUjK2V2$lSa8yCvs{OSPsy+7>;(;23xGm!;ooV!g
z(rWjVUh!j53#L4-15&fmF+T79VJWuAE{{(3X5D5>iQ`tJZVr*V;fT|Y^I#h%$;X5z
z>WklYSG}U%t+MyrE!s`PYnFkDS(vV$53FmCTGejN3wedrYLp_U{jCL5taIxZ^3$Vv
zY#clz2JeZMv-;iy)+CKUfaF=Oq2UjkzcO)Y<9fXhXGUNMxil2-LAVz`Y4}mm53I^&
zrfNo2%8KTdjNjliUme;9kO^h9@}jKMqsrUF&&)8Ptg_3>H7`fNnKSwGR9qfI&ECqR
zr7PJ?)HXdVAM%?nH_4dY?~U9RCz6aDbo^BuM$xF^`bWnEp)%`)pg;b?!%wH861JQ3
za;#AW`BdV?hqZC-FOL*NnR#>DMKpD11%1AsUKLokQ*BelTNqAdV?_J1^)~)SXU3~s
zlV@}+t!6zddlD6^12Jj~spE6XI)>&>POA(SDXH|$?eO*KU9}vl*YSu|#nS0-qLV^n
zVtqs|5B#f~`GqAa$n4%z`6+9he!&+vdbOcDGwrbtS)$D<F3@ASL+zAgtwF>^1E|&#
zq6MXkW3TFP@|S+H^U6WA&Yv7{g<@t4xdp<e5Pk9vHjf21<;-NB)Jc<Xm7U#DyTfJI
za|!ZL!)0UwWSRkSf_L?21R=XaO$u&-KQJ7_3lZNJ>gDViGKMEzOLCcw#KhmK_(^o4
zJX)#MyJ5)OX{yw{fyOM|Ine6WPLO^af&JhD5CMzAmsF1r7AWUBQ~tnaxBvu@PVDOk
z!`BZ`iAZ{8^z-B9?(QiI0qKjGq0~%1FDF(ql|9C>Cac5hC;49k+#D28jMYfB+L31C
zD2z&8MCym6{Hnf?m)^?_Fvm~+-Y5+;kT%JQePrDF=5=W1isQV@oXzuOEl;O_y8RIl
zefAHwE~{}e^d>XduQM=ya3l?8#SM51S@=eCL#wftk~-L($VCyqZPmLZkJTWP;lS(D
zAMtc=fNtuWaq#}9g>pq&^PDX|xjJ?1KnKngEnyH@u!m^I@b4;jPG{aPzw{jli@p|q
z7U0|F%b%*gL|4I%;_;gI5`fou>~L|emS+2n$0F?y*)3vV<LBI0DZOK7?ZQwLgsA)h
zM#|lxDvXtAgg4FjtbF5})HnDYE*jBctr=N!onr6sK6EPa@T_}D%b`BTj(lHESx0dm
z{96-=R{<<@^dOb1q7(?NKcskeKz4n6d1eTJ;OD4geW|nvHp%hRZfqc_Cn2x#Vq>-b
zMcLW;N}hnWSM4$@l>1$pKuWE+9`ZM?Lu5FDva1JxSP&ZOf(j)nK+7^`#`N#MI*=(R
zZwL`1?tmV#E^6jD@EHd%(l+IhY%Dk2^OK&HmMkEFZA4DF862#8kBC?vfA?_;F4*D*
z{iwl31ij}$)XR<b*Q+Y%`g^-QHzm<AX3vT%E#+b{o4M^kG4yF551FBx79#hXjM~)e
zeRy9mvXvw7V-o|SBgeHY)~`UlM!Wez70Y^}otc?NIRmRKTEov&m%<<d#KUMS{B5;(
zyRNhdQcAwZWu1HHFolk4!^>$r;K)k#ax{7spQBhp<nP*Xohd^muS4KKXC6L<#L4d>
zb~3@2Rf!&pmct5}Hgh??BuIr;PzZKxKZ>LPXl1*)XG~(;p}G2*vQ=piQU0$d6mRpB
zZ_#xJyJsfR5f&PUwF$<!kdQ=1$X#7w@7&e>Oi>6(*jP`cdfhFyJLryjtzU?>#RW6q
zKWW%W^xIaLji5gL71At!5ST~NWi*Rh%O`c~m6@cT2|hqD<e=dS>7bFTvyH-z!VCxw
zyko-3rV1s=Q-K{@Fz+c9XJi){eE-XKQZyQ*Sdl7Po0F$f5V(bBv|#TPwDhY5JyDx=
z=4X{+!B2Su9u+6U^h&)Rsn|mxeUp5PaKi&)<E%S9S)8!9x9DGQ)5qnkH=pcIeCHC|
zF1ZY}ww?PD58@cDAPk<&#tQn&dcztmWHjETUz?wzlPuRkZC)7-stS8cLh@o4ntAaa
z1&2gb@iA0k{*6Zwo=~NA@p9{UR_qF?utzJfKJ>@C=X+p`H3BRFx6kIeqAzj}Mc+sS
znW2eoEW|~WFqmXHQv&4I1-?fKmN|&NUl>MQdE5SPjoMl9l}n^l@9XLpqM3j8^jaB-
z%7j}fAa#cEzkV@L8~%V5tCDf{6x}j+^=imKt#LuMduG7|0h&{~a2&5Nm`*;+jV7%n
zB({ph?5fs-XX6|#L9xgMdPsGY18m_lSxQpwaos~=!elG6$Jg@O$xeH295_Z9+~BDB
zyG~9G2*R|1EbCXDgfH7wudiU9V1Y~{#2#99-tlsPpZC2dZyB}Mpj)|_WhpI+G3uM~
zVzHMxf#4TxRrSl!ccG>lbj8jZXc^+N)yZp=QzKQIauPP?QG+B^YT`V-CU3P4d1tkg
zGUW!8C1Fim^ZZ6pS>+`z=e+%WGt^Vcw3nga1haHVIy>7Bn{iT{HW-5UPc&~xcrR7v
zjsty#Uw(p(md?z;#O(<=@^ZACa7OCg_VyRLB1!_0bueY;1dq<OxXo*Uy~0`+bC)%h
zGIL4v4TR_BIaUD#iF{eyFG|eoISHWsXN5)S_OQXeXn8)q?Dt7%hxCTD-n?FsPH8zt
zWA7dzJ&(<uL$v<bT{KDN#XnL?{iyIwE>7!O;4u?B@|CX0b$JFjzqunt6Yw_s-b5qr
zSc~AdvRuNqmP)qx{K&9UsP5h&fzRG-;qCMETHC#-gm%*@#xE2j-}ACYT;xQb7bL5O
z)Q)Ob-un2f;&<5_Svf@no>kZ~E&Pqy4Xrdmx=V-c@dM-$xnXPq0C7m)o_u$sxkXLl
zcvJ^NzG-Y*Zax38A-yt5^|hOYF~=lILbwIPdr{i?U0Z&jJqq1BzhxeRgUt(d$cGb;
zFRBXd*HK0B-LNC`Kpv6{V{f5g+30A$xx2%UADP~%{<Q$7+Kw@4!c1!_#!=tvw^uG?
zeY5lX{*FHJ@{6{6{Lnv$1^9NGe#rrvxv-7<8iIhIceck>NpU4uYFH;pJCklKG1MhJ
zc_@xyQhifuHw3)TUwgEtuj<r9QLrS!`l~FQ1WCbw9WK%tw$obs+P8ho(pU##y`8jV
z-0{&=Qhve=V1n)AulKkSjFuK9+0R}o&kB8W+}8!z>O=jBlA;ibIiqj5Llyy;Ry+DC
z&wl;yV>I&K>o9FX4|h%~iD@-Gb?M5AL$7xUUz*6i$3@dzEkmtA+akun@J42l2XgL@
zc)P3&r$tWThH&P_P%5~l;b3@adH-h9xaUVwQT13}oG;;i$TvfYWXM3iq|%l)h~%`w
z>#`|EDaq<r3vS4KPK2%jK<}4`M26nYF82?(X*t!)X_K%2b6{rBzt|)vT!|-<zb-tF
z;C~CjCwGa>a?iT?7mGtYKUU>3ekK+0xagO%UAh)sw?-9EM^vsVbRHF}na9V@ecc?@
zA7Q(ckNG*9&u%1^yxKHo_$>rSI%%IcbR^IB6{H(PNY?Uxv1cyJ1?gqoNgbcfLU`jJ
zdla)JQ$cAXDOMQV>96i3vgdZy#^3DTZ9Vg{?#+X#-f>S@rVzjcg4fy1qoY|oiE*U{
zW0=RWB4w0Vtp83{6X%h<^QXn(ef?;Qeulq8s%L}#O!OF|wgQ8V9SnmT!){#(|7z9r
z-9mmhwfq!gvgV7*$1;?ZwC{7r=fANGbf2=}W*%r(I(dCfGfAi`DI?UE+Dm=O*!q25
z<wMWpY6Lb3cILHp5bL?&dy{3u+-n=CE>^n!)VvoYy$Cbn`i%~<3JD86m3b1lad##a
zUVP(oW@+ecey6!G`BQ^S;a~pHV`|#+4W`tdZC=2ecV{+7s(99G`k{gLR+si)pYL_`
z--7)(=2GE*Zhl$r$yeu6(Mq(<y*7uEnPy@?JeA>=NGj4o_H5PPy>*yj*gp1~OBrG7
zB9(jr97ZEN%w?e=s*#g@3(bw$0~SgL_Gyqj#r*|P6&p5nJ5_O1ar?x5=*=5i4sp>e
zZz<CaLE24)7v6YcQmc|+uxW!R4vESX%J33~<<BmFgs|5&0Qdl=#FE(cbb{nyUXx$w
ze&s1I?@KuAerHb44?U)atqB=p=h=`j4rzO957bAD*5+gO#e985QU=KE%`)PshV=vN
zn+Sj#;wNCm)FuiDfBfj!a-8Z<p+YN$Y}BPNqL6Vsa+_v~Ln9$qhXY?U5L6b)DD#NA
z#eFz67@@dR(-0hE_l%CgLw&24G8TvTM{=yR4(;({JoTCy{_~$as<7~dV&Fp3orC^E
z6bw%p{KgZXluSanj@Zb^*6nLks6Q_gnAe&UQbLy&n?K(@j3gXGrM+@FBj9qeyZ)f9
zr!+{x2JB2Sl<#zTka;|D9E5)&p-<(|OGO=t{!WfsDp1|u3sUVWE#zFO5@^-*msI!2
zXNi<*O+Mp)Dx~bLkNC)~RBBMnr?*?4^(9P<wP)v**vNon3zNV)UckbbEetxGICW+!
z7}~l?u6Inru7FQ0eN<e>d_**jRG|}v<LjZBP@iF)j7;&x-MG<CB4Wtr)^}p>JEGXA
z5C*PmBn(vyumC~C&%<X9a<6_q+8ztFX8Qj8*=!5pl+5m7MYzCdjR5NgYg&-_p0QjB
z2jeed?0b@5!r`x*xrq-3=E93g1;NPUr*MK@%D=;n%DXlSMLuqc6*$2>WfGaEG4nnd
zJgJ|H-8jbhxNKy6Wq#i?OY0sHBR!%rrHHY58!@Yyc}7D}?@*a$hm)a>9D44x#~fjn
z6zFO2>RS$}lgfKkyKr9}^z7|~F9LZy1UZ`&H5e!#Z@(3La(*W>IrJZWO(xM;<aCR<
z-bYTxZeo+`+KcNaR2Rxh;{4iG3A`!&hX4&3{8ZoIceCcu?d<LQqCh6k7(Rdf8oT(x
z^-K+UAG#rgt%REhFr*O07y;SxDtn}Mg7Q(btpLSlkUML-{4NAJ+X3gL!Yi&eFkbHQ
zkNyIGV14mfkXmFJPwE`@vEEn}Hjaa1EYKlDpu3rJ4#5ZD#VWCZ?HZCTmQMktG_Az~
zodibKBf41HFRdMwVX$}zh-KUgJWCS9Pa8$Wk3klh<SKMfw+z~r&(HZKr-ISD`qMFn
zu+~BHsJxNT7u1q<@b?#u%vk71Vk?E9nvYcMbSPg;h|>pM6i`f*L}%@2Dm<t;C%nO<
zM@p@c(Lo1$2#syNSb$5eYj#@jnuU?V5$_BkF3%(>e1DFp>>_ec??M5id4ebG6lZ;{
z9de}hsm~09{6L5omHn%Lb%~_-&EMXpp*xc9&myP1$`jAwS&z>$q|_4Wd@0w#MlBKv
zoRuE&B%tX60|N^W^wJ(aYbNrGIU5i3Pf<PF1r|Yu6iE&v8e&0!10(yZ;8SJhe1)RN
z)gVX-`}*k%=LQn+mEECqMP0!UWcl97407ebc^8E=i)d>yD7<4yNoT$?VcnRHcy@?2
z48DBRJJu?-acRj`4dm+*lj4jmsl>a*0}lJ&@AM^No^w=U+XDk5MdEa7dx-4=Z^*vf
zr5k2hoaj5!(hcXqjqlW8^rfA|)n<!iSzP4eln+T?Dclm4E<(;65LBzBldirhLyRt)
zKYF1GO2=P>Rer-XIJS;HxOA9XlmF(d@D&)*syffj@Y{bt?8h+0#47Lm%|tGFHtFCC
z*fMA<MCp!y98MfN=!*gNd}9J%I+Etc=4+St0*58f$$^O2>zQuK5KK*4-V5}4edytm
zGS^@0refY=&&sZd=eA~A>?nKGfgJZ(mJftfDW#seaH)u5!qI@gTR(9=bZr|kN~^j!
zvk9`SX?KM|UxREfx4}ggvP9DneG1039xbUgn(@%VLfvB2<z7@8iGx|oTB*F&IA@+v
zPFWg{g?U8uSz<QA8VbRRrAP-&E8<UF^K};*UJ=Bkjszy7x-kYCA!hi=kUnsa#z-sj
zAs{ITZ#_K)3LTu8-}%-e{27&sLC_~ZDh2ssz}&_TUoYtDGraM)JJ#DT#oj#{>jAb1
zmr&?TH7EtY?6Td204tf>S_nAXcHC>ubHL6!zKPk%6FpR}gOQOUr9uq!uCkw}V}b50
zPKCyB4;<@v8?IFw1WWBg%*P#ar<JqO<4a3+F%Ipv;~~7o+U}{rx?vTj!;hAyJkqgI
zmG|u|bwtw5v4GZcsd0K6x^J71sfK~nxa(FkCi{(2kxY#y{yV~n<2q#N^Al_p;^6hP
zKORCQjpOJ2D=$_sMQxZfJ{QWCo_Af?;zMY&!je^0=F0v8A*msx1p0HxUYI%<78%>}
zsU0!xl#$T8SukUguL(Y;fgafQ^6f|3+s&5eH|k45-k4$r3-mq~A&J|c;rYLJYp&k+
zh*Dx&Uf_)zfLOGBsgsfL1IaRGXIhAXzrXtu)rjfxa?j#hrXnNU(1WB97_SCB;;%=x
zWr;ZjPqbaBa4dAi1dhq;o{<o0k}JSFk3*WCtClkn^|=51N=mJ3z9sSit&8(iJMMc&
zROO|;9wGn!{STmSQ>-+g7a92#vfHE~4?sitPYY(K0yy}uNLm#zi}+s=NF8weUlBk9
zp#J}f^fUn?=>Ng`5{$~hFkqRQ0Dh|f+{V7OSI$I5KtQ5FK)`<m1pn_N1o0SlsR?-Z
zUnLy8d?&yvG6FORgaG>A8n4%o(0Uk`7J!lZKRx{)5HSFO_WxEwyx4*HY5}<aJG62w
z02#8r0w87j4FT+jGynxhLm3f?0Qvt1Bg3v=HIOJ&VA$HPn*Vu0w$}!PQ4@e*>S68V
z$;t7b^Z#S?QBOnSdkG=}0t+$%0?z+<_**Rif}azoud9cng{!M0ho7_4|7%=s;=xh>
tY7~!zfI#{`jQ6$wYi#NP8`K8S{C6}bucJYl(Sf1q0O(O^^Z>8={|kLQrwaf8

delta 255641
zcmY)V1yEdT(=`kSNN`CY5D4xL!QI_$a0|iRU3Lf%g1fuJ;2zxFWzb+jgS*Q&=REJ7
z^Z!-5YO1DYs(P<py;`om!fW2u6u(1LmV<l!{?)5jh_C3JEo0Ei0qBP&Q8=0d5)AZP
z*jKOKK|f6Fjg_739h{ks?VU`SJZx=(VhrVaKE3bjkp1JGR;VBRy#j+y@W-33Z@+b=
zj~l*R1aHYU+S_Zi*hzE^q&pv<WIE6rrF=p+NUvV6f+HpbRSICaVV%5VB<~FqpgEq2
zp6vSdv55P7(egWBq>p+HW~kOi;XO$b0S^xh79Z9o5^Z02onZwrjOyDx5r0V~3)vyc
zu=V&C=g%%XTV3wXR=D3?X!`Xm#D}~u9(fa$c#mSNVI1{kx&q-M`yopGVzYq_OQ0>;
z%EBul*g+ZwBagbOkcn|!$CpXLe%H)x_92VdBu4$(T$56Pv?wfV7668hyv6p0xLVrc
z>uQ5b-+AozWvB=Itol#A2?5SH2X{Tc-9`bc5##x_|33h0uVDt^G3cQX9`$Ftwn5-t
zv76u~IZD6AO(M~J{RTK}1LBsYV<~UdtF8v}T@p#(b@*qFua2n7(xJ)G#T08S+MfK<
zdWC56MI4jo6)o*@|8=dQ$14&TRswW?&_wy-Qn)Ma-Fl?(E05D39>-_9l@fPNUT?ox
z`{-73Lb8U_vWOa%2ZY*uv?(#ZjFo=q%Uh6UpdaQ~8x|UQNRj{&w?lr?$FAtuG%%Mh
zj(Tf{Vz2G=6?zR4mu6Yn8~dn76|9$7b$h9|=v??*%oskG`8{ZTl!*z&@L{y`3tj)9
zCfaA$GR!6V4Pw`}vpqBMMct?EZs@V($tYz_$OeMJ{Bpi4<;P4`{dADW9u2hH@V{(N
zSTZqZ$Ch)-#;gF3F4oVqtc3F_lKa_8O}9F(&$b|pzWGMe%x5|!=1TkPxaw_33JtQw
zP*BFni9~fIW_#=rnpuXBP^U!YK5@?cX6`L2(^|p0WTqI8e}lta7W3}}t)V=7Ur(7A
zmB#UxKa*ZnhtDmxTlkRrb6#VE5Y4{*DE<|}!MJCWd@^9O1#*3=`}4(C+viDwop7fO
zan>^Si+afmNBdlG+WC!%rfrz3F-At4@3(_GKi0WB$)}o~wIzd-rSHY%iwimt<*qi?
z+RQe~sf&f%v5JTNA<n-8?Y=HAG!Hc7Ty(n<GM}DZG!m|J2(}s%H(Ye52VEn6@Z0Pb
z`Xgpv7M2Y-zDxg!XyB2_b^-5IbM=l>u-llpT}lYP_L?WzQfHle=O<P2!@!?Q&yRrI
z=yeyXQYOP=$^w2P#{0)S`@`^d!onF|9#4j`#W0dnALrSiI*ek^^FUdyE&3Yw8Ns}r
zA+e8sQpQUIv;4k_9Yrihc~+VH=9gpDO9P{+4(8>+Q^wU{b~`h(^{^Vd*FfVVGr$y9
zDTy>U&GWcPcpK9Y`AGUOLfyU;vfuG!^K@r=og@U5=(9^b%lYOXW{k&l5D?y}-mhhe
zbE4kPr?zolE@#Fs!~fE8g)`aQp16Y-{5I7P@4%$n{xpJbU<)vNo-amcX>DGgw5Z}%
z5{U!no(Y=ELLI+`oxA-X%-X?EU8ST?w)=Lk*U{k&j62id9U}c3(bkFJIzD%{?9i<k
za4k36HMp$UV7Sz_oyfKb4h;phc7NqV^@xD6w<%Nlw64E7e4yW)*W#k<{%5?ifbR;+
z>^_6K4E@6_iqqquzq|XI?)YiIje($t=yxkXY(nSg_g3sl^qL`gM~8?X5cc>iH**<R
z;pU=$wBNim<ywC{cxQ?4)%bZWOQ>aE_+e{9%&$Yt4~TetE_`0$`$MsH<9>Cbae@h4
zyJT$a^NP7|J=WQ_jh|j;Y>;O7Kl%kfK7YJ>iU@XrKY!>T@!J_Z>40?T?y#J`gTn!E
zt9rjm!(DpK*tZiOhgCB-Hg&*QMU&dXZ5<Ka2R_O#tcK8aBpH9?8J>xOH6lFvGI|;L
z>1p#i;w-sRqjeUyqi~#lnAz!vuBH6i+d{dR_trdR@(>5D&2`2VW0@2ovbm0E#uu_-
zpND)FU#S$kJGY{iEg&Zo!?mlq$XF53YG*bHjJ2;3HGZHsqKC`yiL*cEC_KTRdCTIf
zdp>|*T#Z#wktL`+2l%=du{@M>)|&5S$e8dKvOG%Tw$s(wuYTht9_6(-OpMoW_nZAF
z8MwjR=$l6*^hV)wqYW3)J|H!@iq8O{uH#&R&c5YLC^X_z;%_;o_I(e__{uDRQsgW1
zpJ|UQYEu>L#W|0*#l&A8?&gn7oIbUXHq1)Io3-u3NQdj?Jeq?c4#I?Y{riu+MC6Ch
zI!JI{KkZ&LI1JF}=X`oja%M6^_4x*ABq(2^13hgIIq6l@Uwy=Q4EyvmrtCHIHt9_Z
z_8QK19BD>x3$ocH-Q5Lnc&_>i0A^R+OKr#ZXVjTpE*GucxhC`MLZmNNbOyqb`+~n%
zze+P}l6I~8QEy@Z*T55W^|6RrrT+mQG0Go9VExkOnSo{H6QcHST_WeQUh^}C`jqY7
z_M;X@i!ph^42WI%q6{bi1_f2?i*P=SSJ}HrqlnXQWh}$<E^{Qm0AlO6!1#CVfKQUz
z0d=L>!Mye_-dCdYNk+epw+Oec7;ZL=wNJOY7I38E&-L3*IeYiMTKuUDI)?EGZj*Tb
z;qzE>u(^ZC566EV?$I}y0w`khQQDtV(s|shYPjXacFbkW;MwS}2@MC{koLd9t?K+r
z2`~OJd*IEdH2F9f0#_DJ0C(4hmr(h+BMO7Yz9&#vJ1<-q?-`jK(~mh-c|-H3F-D)_
z_YbFSCsRG%>oES|l&jZDv%Zias=YN=tT2<3BtqMvR*}NC<MQR1n>GnW!&|}JyL*Ig
zcClq6MciSoRcu-m@g27Dpo4o6PAr*1?@j!UR81lY9GV*O80p|kz|h-y*4p0Syq<Xb
zFnm7q^u<d3P?elcgYT-~Q47cL9JIH?axATRU%hEPj1DZzh+)67A-=u744R-9d!|-r
z7F3#dx<#MqpA1<>n2KciO}!bDv>b8$ZS8tujT|P|)Z@|qi#`1ioR;wp8fy%KeEdJp
zs1cFFOedy6Dht4TA<u(6$bbij7`9kwTcBYv&^@RB+djgO5aaV8tVALW=AURm46Qtm
z&SnaXa3?o-jJMAn!3Z>(xEOEUxG~;-clV?`Q85Lz3=HJ{0z0-BH-MAG6Hav)O$J$n
zVP{?$UK|CS(cN?3?(6QADzU>qJnO2hd6!XMz^B}<>h1yF_BkhQ9FMEcBQoYCRoeT#
zq|Vdw{m+)EHQeJKW;$;DS9ve}mB(!Z(QiT-R4ArNpKex(u2z?md`_fz_%_?9AAt#P
zrKavx?`}o?{(Ar9j+{~Q>J<Sx>&3Ct=SISUI;*SY)j_OvT(aZFshdoT{!VIQ-61MN
z-!c}c4Z!XG@?NQZUS+$$<NmV7o(}7wxn1<@(RT*@9>e-L_pF$w0h5aQnh*c{EQ%E6
zy>_m2zSw<bJKH|Qo#}2r%E_(2ROvQJQ2b77hgGY+jrq;B;x84y$(ziohx+wD6X%<)
zGUA@L>xRJjWg0_Aa7FA%oKI5hy)`qidTyc%bfpt>9gm2{_NMNZ{=6;pJtMsAqaGJJ
z{mrLl=<~0Mx4-%J!cMZ8+u0s}d;6#LMuwkyVp5HUj70|(?$&;)li&@r9bvg*ZVza`
z#jO#Jp$rx0&42mbl4sy^6U+QeV{YDh8~8HCEVzN-d-ms|2jS%=HsEK+Gsyv2Bo`1*
zuEiz)Ch*JwDPf;3lcLW~t>eb}Sxf2S!?wWM7N9xmK#737?382!`6Z%4Ou}hety7ZF
z6|5KEDo>OdUWws({+YtZnEwaFm{11fz+3Sp{Aat!Qc#cIh_{QV9u}vcLy;5GT&!n+
z{1)bi?SCHkWI1_y8B^4l>Pf6b0F{g&ZiqB!jA427tBjr<l@61m3RBnrobAhWCg~XB
zF2jVkeTd3L`WUr?*&U@?wpTA+DOCr9L@3=e{`$)ZzTR_e9g74q>N}LY!F|h~A}J%i
zCzbdt5v{kB7!uW1jP>m6IqbshM<4EHEj&BZhT*i-{*4CycmRPv9--BUs7iFCPGQ1y
zar7d2lM)?eR9^B!;vb3-JTo`mne(r~=dZpqD4T?k#i0MW_$m~N@F;iQ2?h4_)ds+h
z@zxLC^Q&FYx;U)m_-4YV-=cmyCw7oa|FeDnq?_DG20P&3g$e<W&dtM@-n$Boc>k>5
zijp``pK{pj8G!joPCKkhp}VOPZ#_xotI{57mRZxr7LAr0MdK4M`{UpvZuYI(&}-|_
zRuQV$kf?tjA$cmKEYt3kl+ij5x*_p%=}zA+*a_sL&I^xZPaW1X71sX{WW}R2XJ;-k
zC)hniWzBI7+#C!%4M0~$Y_a%o;yMMWvvII=(#PXQ131F)Z^d0I4i$Yo@Aw$hF2~_7
zNqZvoVFOiUc>S+N6snD)Oi2NCHT>x57CH|wgyu?jW)mqlV`0!3Z1T=_=oi0K-9j@Y
z`Zb;IA$cnH2n7lowL{7_0*T=dTO9br9v?2WO%g@p`KWpdf8-A;CjMk{??V6==`0G#
zk`H5Y!yg8C_yQ;_7T39BNglH)SR@-fY#D%d-vZM&-H&-b&Y|o|CS|84r~0Y(>hUC-
zh(@Q#nA+DH;#l-PzBJ(o23@EK48{#=ADaF4UQ_5q3I~OQN)f(<lvqjDu{d842pAt|
zh+!4yR!3RDQ^|0m@Xs3;GI9gXtay?R^E>idGJ9UtDW;iz-(Vr^x&Ko>s3&Rk^IT>0
zH@VGcEWe!tr`NLj6*R$rzMTh8y)g||RGp-@ndd^UbpPe1DR4ys7dSpFrCRBO3!BL2
zQVG0-ugqszp<t3}sr5xz$nDJW{O+GS`qQ#TR&?S=JjLL03d|}TvYU3RpZJ;8bZ)VV
zBf>I|z~XWJTykF%?TeuK8_vg3m|QwZ@3|tK-TGUUhECgWR<ep6@()v$NtbX)6#Jzx
z<B7FSEW8hlwN388DXAWfcdA=XgUS$7Uyy@?)|RpntUYt<QY`{1qj(~cI-E2b*Zv_Q
zh!8N!`6dnC#&wie7t3W#(cLX3WdxyF=2%IGDT{q)BV9ByW3e|gt)~m6juqt>Ix{nP
zYi0%>3#d}&pa}h6NMH@naOAtnaBOj#o4-ZacxeeS&ZUU0AvYr$9N8P?pVhy1?Bg<5
zV$mw*j<tF#38&T<^M7DSqX5`aI>p@6WW6z>k|^yNV_NGJ=+68DCe>_lVo1~xM+-7z
zqYx%5=sz+4=1j}a@!ZqR`P@$FwQLq&r!Re((d0qWs&2g?IMYaZj?=h}*Xf_TQF|XW
z8wbcS8EvzdWX}b&YtbzdNMd=EZ3|o@8>U6;6L7%gb%=m1<%jlzo-GrLp|kH;TIp{b
zF<D7jH%#pgLwn~~5y0i*G5;^``0n5ql-Dtpl;@|n$!+Il*k|nrwcR@sf#5rG`K^)>
zd|uAqCpDo?rd?QS2b}WPQOGX-u0;<dMdjG<61LiM-E`(z803OzoW6$*1y|@A^C#X>
z4G{x(V04OGMW-<S)|BvQ0+qF&$jr_cbE17oAU2kiKn``U5KdFO4Dz=8@Ei}@tD+?4
z9G||OzGmM<1B$+T%HU^jZA~jvOZ2coiMz|1CcZ-l_hjDKBNUTXhIZj1>$T_`9J;$Y
z#GxW%K9Te{RB?4CYy%vOI3|$;-6`hZ_{o96I*E9{TIC_?zuvr<q8Tc3l^LSmwt*#n
zN2GKoJt7d8RG_u3=eNvqk5_cr8j+}jPFD63Ee?A>u6_m@aPL1N+-v3{$-BLL{%FQa
zKd9k<kFk%Kw=~yBNGJVT)8~@pq_nH!)CZy$d^Y`aq_p`*wolSJ;gtR|po@~=5UU>*
zOs}S%Zea|K5IRK^bw{1z&>1pNx{Q@qLzNiM<OY-Tm%GZzDBqo+_OZ>`tb&}p0t8TB
z2-*Mg@#QDkK1+SoJ{g`gVGMEsE13<{aw^j>1PV|<j%xD9a%rOI7n+kkDo?9mGUc6;
z_m6BXhC?}WO0R)u8U*Ig8bv;}m9d|$52#AX?(_~X^RPk9GWG8xWC~@urV2;Po%7S;
z&y?kJ{k)r)rdMS9@mzm(sZkksG2h9$bjMP=C9C?CM2IP;6iW<>i^+WQ$EO;-vF#!d
zswcVX{la-8kQ7|VEN|O{gpv^QS6T$8!ec{pfTZ{k)p4q~W71JNxjbU1vWxA^oK4|z
z2$&;-iS`Y@+qZOc($saZZwPI7H$&}>ijWc!xj#d~JySVb_g=I|#L}i>Rfbv`VtdH3
zYv?mPX{D6mnJGmI96q|z&(+iZ+K9Jr@+q>;n(z0m5Y4jtE?0oOA!2ayy|f_XcQ&JL
z5AckiA?l%iBQI0EWRFS;(DmUQ>sL=9t1^P3WmiA)3#QUZOW?CLj=#&-DJFr4zA3>W
zmF9@E!9k!ke`Zij+019d;pI0L`S@KX@ipm(B?eCv?EL@U(KZ4zA1Yh<&{v$CgTCTY
z?pB^yorLR1>9&Cb@=WzS;OkkOI3UeYZj$<Xf3xIH|85GWly^6%^88`Uh^TQVJeO&O
z(ms^;Jm?+ec~P@@X>%uQl~H3rL}RppF0;f<YAH23C`VQw>7%wnLUFDFRKcV{w8p$O
zUR%q-`=+b?tq(ke4ef^Z+7SNF_g|6KyRKtq%oY_%SVvs7zT9;J@`>Speka%Vy8F(!
ziV+2SnTe`b{gvGb`8-h79Hn|yd@a%_`*dDn3gWVe*~b}1;xP40ezZ60`Bn{7<O<RW
z?`sD9Id4NbdYYxU2}k)#wJb04ovik&N&}a52zQeDcH|6ju3{4sU6se^Atp9cUf^|X
zXvXA~0#0S|qKL<bEZlm~e>oRt_AA=QWPVc)vL&8EJhOclSo?~iUZgv{Q%1{TfGF(g
zGfuA&)h}@&&p<kx|Cd2sq=A_v6=dCqSY+Md#T&IrttejPT$^B;A2kx%!JK8<MHROh
zXC~gwsvP1hpZf8o*q#zyEWcZk<NV6zI0a}kMbcOsC*IAg_HTMh2C=aAuhXhE#iDv;
zl(SV(CR{ry$`nLdNb0ds%V(sFc~~rt%GgLn{@kjv=46A*^x%Jg-)zE3w<7UZCROn$
zSL&H*R|?V<ND^X*>hnbx&|`<W9hs;qa>lH!EY1ARJHkL$Aq2c3-tE}HrwCPnZqWoC
zzi*!l%SBfgN3ykdzV*4)=NI6bLw<ofMs!`v-4^9Z|NO++8&s?7`MT;8nHaCU!sP0D
z3qrepj;jllbw6^>Z;3x!VA14D(jVZbJS3ZvH*(ipIx$*wfGa4y)C&R!J^YZQ+B@r1
z3>r~2(v2-0eQTBddi2r^@Y^pebO_|sUzCJ&|L1r0yxHz+N=P@<?|K|izn4P&UXiLp
zmcS_<tWSJn&FP(>>Tb2WIN*Mg1!o#!HL|I0Ab<;epv?ck&Q*j57Fip<DPH>cAVI>2
zowH=Lj|pFF0rtVQ9sMOJB`A;gVvI9q0|MJ%sRE`mXTM15^>^U4hY8jiwQ&1kYUO9@
zrbo|%Cegd0zX|`VaRltLU>ieKusly%rwCNzcz%?n@OFwA_YOkU7!_D9o81HB5EBo*
z&Z$z>)hq!Y(A9@sYPXp*yx>Qc8{jq?hVpZKwl8YVfAC*|XCLGQixlca0q7HjbkR_a
zJ92(M7=Pw*{%*}gn(mJje5Pl&&eM)RFzY+1h5>eMKq{}bL=r-QOEb+BFpeZIp_W#Q
z3JSq*3E9@xC}gCz%+oP{ubn-JDM3a!U6iS!WBw4UV?Mn2dLQqPikyIXaSE+&x))-P
zz}2sL6m{ji5`&R%R`N}c05yXKUL!4P)z*N<;M!L9p~Iyg?2nbzYS>l?w&_Kgnw}dm
zo4OK2qs#~ext;EfQr73TXU9IQ9R0VoDtBzI`fw~$AQ<+g<R;(9SE;N-eEbI(eVNHV
zg~4XIwxDerHM-pe6ywaL(eHP(1K2Q|1|-QT_nEtQ4VDA<B#7!fK;HjKJwdDpRi5P}
z5Rck8)u$<_R#B1JAf#BNS9xwB3v3^$ml{{(r8G|*@D-YQ?_V*mXP3P?dP{Jr%@0|~
zO5M~&i&gPi5f(X$SP;cA4^FDUV3X|g1DNiNi|)!<03W^j>Xdt#5#3_Z)aG@V)l_h_
zBve%=Q~+tU{>`2eaX+MnZ;-}%1;|%?EhX<H7NyJg-|4DtMME;0GIx6`K4-_9D6W4G
ze`p^I%+ksHqfHV&tBMQmmHZoa$oK`l4a_CIh3N{}Rc!GK@kb;<5h`DzNSVP;wsv>6
z`cl6u#*|r)Lpdh65~hwF?D$*S+FHVZOtH@taAbH<`dk;Q-(hFLX|LmRYewf=151v)
z*R!=KT8VgNmpLy`>6}Zo7`|_Y0ZB#bSbMAn0cpRsIT(F&knQ(l5%#RX{rLZqds6`q
zxB<;N;-n^4E6X%0NH^;yyn`cr<=mZu+8l^oMd5(C94QbDV}XZ~-~z=S_<s`y<A_+7
z<)nC*f54x^i?thei>~gUy@9B{hpd;8CMUY~erR9vuW4Z#ZAml^YaK$TXXRLA*Lu|>
zSug>TgHJXFU*i31z`Z<PlzC)8?4Agv7%{v(YqUaGWkRYhW<jQ$az?$vUYTyw+kkCg
zCx1LVh`%lw$XJLx$!F7gns-71*Zv156J9|r6wX>Goa?b{E^|;glcIAi!sUwL&7*_p
z#A1c^gXfEhR|V=%Ys?aQrv1`Nr&3Doto@7VL{+gLvJHx8URo0El)Km=3oy+obSeM3
zJ4Rlue~mfiI1Ximr*a{w_17_Q8(Qv31~=Bj9-HZ<OzKL^V{1cC_oXToLpN)L6!$R9
zg3=6ENAXqIozA{U(ClA@QWD4uoV}(DnuRLVtn>Hi)EdHkqVDUN0Sq`;tKoZ#3hCNx
zU^%7bP77zvBuPXvnV*rNLWI*sy98#23)i5;(vriPF<9XS`1F;&uX!QV?BSbEp5{rJ
zi&hPmWf8nG`kNnIK9CIdSmU<fTyU^4$0nqS($wAWsmYI%0NYAUpRLnPt$qnwv0d}%
z*bd)5ELJSv$orI@NVBnx>)`ok?kHEgL0`tSRO$-}?q|j5B?gy(@Pc-G9wUOU2EuaA
z#aj6P6!gHqQ!tBhJjyvYCfd2ebYG#dh^yi}o?*8iJ2bkYnljf`=AIobRGI>|m{W^8
zXlDH!6drng@^TzcoGvBbtq2u4#z9S-Pyuj`)JtO}5{i_2bGc)5Imblxi8Ai}%{>jc
ztxV194|x$|?MliK3iIb2G`OF=F4{H^RJCQD07u5C%(Q&k+DUee?SBH6q*7zM8(U)w
z6)>+Hx(7G$;pU-OzTqyCfwv7=f<KOg86;AOWlK*UwzUPsR+uu?e-rT*zM~b0?>lZE
zzqJR0o$~Nhafv^o>@7%<Zq_DKXX*aw>|yeoIxH`zi1R&DBfmSYXmTxB1NzyNW2u$y
z9ZG-*0rWJDxWyE@LrGm$_wjdbYW?K0MF~!Ijo4t^Yq_%svB_SrxQ$232j&}N;mktU
zy*e3fflu@2cyvd{<V9#`aigxIBxZ%yW64+#)u=<NS#SJ*l#`&?=vq+c6M&W?{$>&%
zPT8d+J=G-zo;0A-92D{;c4B<eU9F)$bKUJ(=2@xet*{!mft+IxQH1>gBnvFX)7x?<
z^Ih4BX^UF@S9LoYn5>hOSOS9Mf2lNuw{~P+Qz3GEsWq5QXAttC|KNi?S|Mi{o8R&X
z($eo&&Sxe*zgr+~Yxizh@~)+w$e23U)&b0@j7>RKj$nWq0k*Eh$`RV4?-JB=o629{
z_cqHHAk@RPn~6GBy~+>R?;#W=&g3l_QkyrTio)6nG#mUfa*>j;7@4qCjkSNZfeyxy
z`YVHE_yrj5OeGja(CUM=n_R)f{6{aXE<Xi1s(-4B4Bg3UV>oC&w?eMP6-5`=DCGx&
zINA~`Q6YI(kBF?#VvuzZ8^WF`n1}!>COlFYtIYz8MqAl*w!zAlMaQGqj+ksh;R-ui
z?LFNlREq=WaU?jukVKCRxY5DW|A_}IZo#x0Q^|B;I^%NDb)zCB^O3g__kHKQEyp8c
zN3d1#Qql`*3a4312Ml0Ob8^y<4fAck)cVe?@QQP}zM=Z!`USPc*pETPne3sUsRHqQ
z+@r)W*<G2E1472o){_FxlT3p$WJ;ycj-!%|&eaXE#JPKWus0#gX#;T~l?;dBax1H1
zVr8_ZX*+1?+c-L%>tExZ<~`$Q7n|~DQ=B-TT?+xwaG>Bxq|2vEsw~fQuJ{1Xle+h<
zbf1AEYI5DPV?i~A>s~P?skct)&!D8$g+Wr89F1un(9S|azpT$Y`YpD|{pgY%G@t&W
z{phLw(F|u7Xcgg(a>wgT#;`0StA3$J@B1-Gj3#0^TFzF0rn=@{Y4af9D?Va~FBexo
zBnOZQzQ5EDGIPDkk`%a`4)Ipk=h>9>BLp+P@9?4Ouz*}x(|o($hl$7Hs*0rT5tbeX
zs*jgf?6!Ee7HU<4kJ|!%StmH(ZLRRLd1#*(0lFb$PuClZt4Ge8SsKegJ4?FP3Krjv
z-^0ZBJG~i0;^JqkS_{0b78Yt0I2^OgF~BU+UfXhCq&Y3oQN@(=ZxhUROk>*MEMv;K
zZNtB*nrjv7IH7Es<^2yrV)X;E*VcMIeA_yMerh=yZM_(Bx2&jg&O9Emj|}ZyRkDN?
z#ab&Aj7Pcmmf#4uIzDxw2u`!(^t`OX@ByaTuqUdqve+Jo;LASk2LM}zFYrh6n4)p?
zOBVsPn>GPFx>{dNjz&Y4j*gRv#Q%@tGv$fTj#ElN75{8Y^iP(I6OWj%09bAbGm_kS
zo+b;SeUUml<834=v-qNoy@ACyp@njnn_I1T-CN$uu(7Tr@T<kq&=P#Fx~fV_Dp00^
z{^%<f1t7sZFCv9+cd(XrlUQ25m~5H!{i5wSUcmn2=vmOvmt~}6I$jhGb3(bBoVzg*
z?8W~wkbK_z#c@jPMW{W!;vpq6UwFkL6c*c`;ltD*H4C<V^^P~B&76Wyjt@qt0x`TN
ziJ7V~oYQ^ztD-b7uop*dhx3wUw*c7tYh=0ba`82}YU8;YIZQO;_k?F_br>YG+=JKL
z$xWD&p!wGxRLsYB^;2!1$%jTvlI$z7N3d&POiP8nBA5v2O-K2v*m6VI;PklE@gx5Q
z8m%ZCAeqm>JQd6x5e(s(9W#rb?k6A$W^l0W0=eqa*x_^E(>j4*BgugOO%U|BWMPl>
zRACi)@F!g3z0$Ut*|yepGau2mvkU4JrpPO03o>bV++`*7bf`pJ=RpDR$tK|AkN?Vq
z`${upG!si__eH_{XSlhVS>=y*3pPi*`~?=NpGYWUDLtSV{o?Ahh5IW2bn{n-y?*UP
z0@J=NNwdCc<C4z!+dsBAr@LM?#%QwG$;&iZ;wjpy=CVFwTw$ci&?h`pf~0;2u7Eis
zOB;RIep8EeF7@OzgvJW^BiGWTRoE%O<51C62idCBp+r5=@5fTRmUDYHt0infbM!Hf
z?D^agt!KlaW%8_)qS6A@Z&v9PV?`PYpak)bSsm_!>^hZMaUSLeh{t~gaYFdC2h=zZ
zwefy6q=HeZk}Xurn<i>NjAvo~QOGFR&!KmAIM*#%6S*KI@Ym1adoe@*J#Rz&Y_)h@
zqUfZDd)fI1dk3-#@69o<=p-a`V|1QTtP(%H`Hp6y9C@b2BSm#L0Ls3WU78l%#*d;R
z5_7)d<TZBF)_4>}Lkqp{SUDZ}3z3&Z1$5Wu75!R@2S5Iu0V0{k4=%Ok52iYCW-8NI
zvdhqzTa-$<%JAK-Sj+Hzc$V#7*D1u))=LvBUIiD<KRQc=7F!h$y<5`6&Fi9y3T4_~
zvb)j<djbStD;}(*WY}9S4UT?ky)4Ry5o;BmO*3qEO`4D|zR^29mznrf+>qLAAWy%o
zsIHNx@Q=NvP<#DE>L-|TeC;lD@EA6F2slr}D3ifDC=%9$friRQY=5QXVua?X)?4O?
z4Jsua%AuyQhU3xv|0gB$X@HexsGE6zLLrm!81{)@@IC3L<_&9(-CFa6%s${Sl(CYL
z#A|3iieJTlH14d^NNoXa5|Tt<wdMv+m~ELBCH<-}k(DW?48!4C4W}{;g5iKxLf(;I
zmn7cIGSOwbA;Gwoo*606r1B&tR8NKo6w-~0c4=#7A@AhET0!d_;Qu-{^B5IatD9J8
z>A2{DlaoI|5tg2lK?I?+jX(eMB$NNGpC-_7uvBaA&M;Plv&tKx_2}w76%feNuPTAA
z%&(GZlkq}0{9fI)IkC7T1lYI>9iXRaqgi~dG4OdQFv-=z$xw4jaCG%>#)Nn~!c$qS
zAdYh|j6L_x5TM_b8&6wIxj(-O3_xxzK^G24EP=JJqjkO^@aHmpBrFi2XhG3H#v_@l
zKf<-y)3sa3xvg}Y8j%RvVxpwDfrYuM#*>atHeO;uVbgp@Qn$!Kv|ZmfcUC6l`Rjq1
zB^uHuZy8b^s0Ye3=qacPQKvpq)>Yh85(8{p{HiMB5%HQBj$I>{I%9*q5@&ZG=}^n>
z;59Z|jH~YtJ0<`4H(N<GC7LRW@IZLuO$&#Ipbhhi^VU}U*`Cv*>qL$I8}&QN%C8nE
z78x9Cp{X9%8>VWZ#Vj*37&<3Qlpsj?&lvy7A3U5l+I#2GDea$X&77?npR&PL?}5KP
zbCwDi>H+XS9=PYxR9E1|&CNRDxf6cNp`*JJixQp)imxLYhWH-js#@;H)8xow%l^wn
z!~)vQ>cDA}irRgZ;@!p-Zxu|W*tFldqLxW-WgB@3;8B*8qsc#uybYF5h_L01fSkXf
zi~m~=0KV<Gl<{uNwDE=M5xZf|LDTsGr0uwBmR|BzthuKym0C9Wp)m&ToN9;2Sj(#H
zIx4?g6vBv@)%8y(L!M^RHMWFGxJoeq<tKL6Hn>_|wX2zb_2%Ak_;$b&Ssx^Hgn9o*
zL$~KMB%P-=Wr$meztC!o6Mw+!4jH19H%R-xBWA;hX(g!GC_%;M0@8GEIo<Wv(05`8
z;Wxf2gZ_l@#Y0>d6CofV6)%qm07&z0(Y?Y2jg=L}yKhB(eUiuLLt!th)NHs~Ap47J
z73*e(PY2GPpKF6ct2eA289OANGICajI&>TD(<&p`1!xFel)4eXIpzJqUCjc{^7j4R
zvkEC-`sG8h(gJo6)nAFekLQ%7Ix<kDQsBW?vdjnayyHiuXP(OP5+?@9<`Mm4nhz6-
zKQx779*d;06*6s^3g~%%vx2>95IbFJvxxK``xx<{{_aBkiPBzH<AiN$wmDsgMNYyw
z+vl3{LfE#pfjxh#&ut>t>(7zF`x{EY=hamOYHy8v{M$y?Wp&7b;~ye<BJTGBG3gq%
z7hBoD8|9(B3`=ad9cRsb?6QW_EHksxIox{uhL1t#^oE8syp~(w%TSYy++XL-`|i_;
z?}OE)?%I1&JjrQpqx22tu;c5*qpbQ%_<|y>i|G3QrSbdC__L_;mPvznDh&$ur9?hC
zI5j`{Z`?SeL$FCfZ1W~WTyR8MiL`o83jhwp;%|N+s`kobUs|Q)Sc<Qm>Xqda4N2f6
zq|m4l$}Nc0q^*4_g!`p+qOqLLv0US7d8x>*#`$Tr{3MCJ_`GA}^A~lBBfB_Z`uf0@
zIgM|^HQLd!g-#A&MH1s&0lsgueBWgnskpd3X|jppDVT=*c*31;Kt<eub>p8CaT3o~
z*tR0Nz7{{DM|H@1smlD-hDN%3f+lJ|Ql&J_)>w)XWUZkKA=(`Q>Bg;%8lwZBnd46h
z;EI^}dlM7W>hDXaHAoL~{0uU}4{B9`DgO8L8om_=sP=Ez5gK{}0<y(4YpiDidTmZ#
z@A>EsJGOIjo~-RNnW|v`FhptIY6<&Lim&p>x<V-)>*lRel)oaSxNQ0zsj-&C#BHxg
zxv9&f8sB>q+icyl@JLrLjeRf2%HwZyNqwYZ<#7^g<pGWKX)3~ve1%l>IL<HaC%0U)
zNU8qbSQQ1nqBgxdSJBTT8+$elw0P>Qj!AHGmtWR^>*Z<k=%Ha3doU{@wDjPUN>Rjn
z`3x%pIq?<GQ?v!s2+t0r#ND#)v+3UnRh3X3mf(%oHM3%<cl>pmpnte(hj$XFLv4Ji
z`?=#oR3G?fWk<&fGK>yuj?V4vf+X`&gf`8CSeGqh&f7Wr;V-pq^ukf3_~+LcfUUIj
z?N7KX@iVP?-^Jn>R{>LqjpMw5zP&D-md7hE6_x0ZKVGJ`rg0(0XWCAnS~#zPo$~P9
z_H#QVT!;^O!VzGE`=V5>_U=m?U)5g9YQ3#Ak@&eMW$=t^#?-m8SKYCA`P``3n{&__
z>f04i2tPENxkrkxicy{u(Z$>Vh#{><%PCk|c(p-j`1ZpuNZjtp%z6_et=gaamTU(E
zKx9#WyIcx(S+Wy-RWc=>G)Ykq3N0qD7-Q6;+n0~s4+A>#uOA&r;;1bC*hQ&M?DzFu
z8+Bk2j%-OwcTdFT`uG^oYjs?a{;6lp#NIEvk5K0aEi2ahtOHkBU|T7Cwwv*(2DN_U
z4=nrouq|nm)z^uC$O%9^C+~(md61ER+K(+Tuwm^W&KNsdO(dsyk)1Mb=!mv_Ue6i!
z{Er4nD#M;9vBRFji|kH0I?^#Ccw}C~*T)q<>R84QWB9o`y*e`D@)O;Ojjj=LZ(1wl
z8!dqv6Ak*!O{PR8euD0q_jJ6Fho>*PJf!~cbXG+l`8(OwOppHMW{unMEnmuxGI7`t
zTVg9TruCdQazfprl<U$W3DXR|$oZXZe+><0K_LYC38)c0KRK7NPhu1+OYr@dG{<Np
zTHIwM__l36u0+?I=KFYw13PZVGzTIzIpe=*w+kr=yPq+%65@<=N}td-+I~CKd&ptG
zv$zI(0}rz8Z-m(-Qs%IhbKAX)b<Y{%e0mQ!Cb0ob%D6Ut>y-$t>(;kd=}J>6=q=!I
zOvO10-1aDg4roN92mDN5OY(tk!DiFN<!C}O!S4!9OMjPU&L|@R0uW-jbWU~gC}^3V
zL7r>BVg;{M{C$O-{jemtz;17uL52`-EkAMSmH{!@@*#!3wO599h4OhP=cC(yz^AKx
zbUTUt=mrJ8o3wsCAkg`Haz;)04Mvfc`9g@F;ZLqlAv1?z3p?-)HfpvNprMgmznd(P
z*RzK}0d&)Q3+0E?{Dn0KkJ^c_-`eQTE6XE}suRI(+6F#PDUAdeIV)cwTLFayO|?w%
z4$bsntHTm>3C`}zLfONq#L+fqitG5Z8~X878Y?a9ot%5GsL6R0o=*Xecme)+&Rdh=
zL7A2{6pjH4+ln^LOHW+_Aj7|$2JZDZWeuUEHiVM8-!yQ>(9Mw%?;DR6V@5_!eUXh3
zh9P6XJ2yfF(H33%HZj*q8mvHZOZ50YP382Yp#zhB-W!eO273SLYy6jEOXWZ9sR<m$
zV;$QED?0rGzjgJ?B(jPQb1=R3Yv8-HN-({kQ<)P2Bmq<Y#Hi~qV{bv=BU`?h`Xy0L
z?gs@+gPoq?WGtsU`Q(Z*@gnxh!~|t*fxq;rou<KVbC<yufYOKlouZ`%83761^n82<
zauw*^IYyRUWyCnu=6pZ?5Uk;y6$cqCK5YYnR|yd}!?HWruaW+C{`^W#qvevK!3vhv
zQ<%EU>Qa3SVAY-hCHHu3ZM%^-sTxeS^A?(Ld&<yLX*+g=dCq+M(BE>XEV$o1Ck8ox
zwTBDg<<Xf{Bc^+%w&%`8x+;`?fhN2*=lqv)-Lap{!rCEkyB{pU4N{+fT@xf*q*g0a
zq$5$kb=>Eb**_TYEq?ponx3|0{M*%*eBf=S6K6yM%?9g`?5@n_P}sdosVRQ9{1_|5
z{?nz+2m)b$jNy7P+NBzL>RBpX#j*mAKeJ96^OrcBZFSRMC+F{-p6VIC()E-iqQ4ea
ztKaxHSeH)c%D*EhuecFUiBl&c{tQ=2KDsX?U~3|UJ3?3coxy-O(>s5Rx|`Ds{5PW9
zgaP91mOJw8(wsO$5NL`hFqF~1_shqZhbr48y(0`#&fIc;E?FoMt@{Lu6$2mnrT+Y2
z-&yZQj`o9$sM*&6mlbj$pip3Is<%sS-4o;o*CH;$L738TRumcorRkG%?_l||TB1da
zTH+pg5w(2a=AtD5P|J-Zyld{*FOgm~`8zVhi7jChmr(AuSQ+<kXQurnUU{J-UpX0y
z6eVI2yIi`8XxbqW38IZx5Nl$u^2DCo+PWLnO~JO<y<{Sw7Dx4#&;=u)R|QXdZ_OPf
zC|{50y;fuu{I3ypJy2IYC>Fc7XtzLjJ^?#BUcNB)v!xNU*11P*eb;ICi_7NY=l#N3
zXX%SLe!Hij5c{b8oL?_<)wX`>-Wn@)!L7y4-wrwi=eV9<xhc*Rlcb7W4-M$|7(z5C
zK0nhKubb=dE&cTJyn3|X={V-gUQWi}loc?!V#A@`lFeFwly~m-k~16$2JOCQr3bji
z-e6FDQoCVb-&95)6E<fwX-%YJL1ASx#=D`EYRTNBT#82{R@eJ4+hRqj>OCZZ^wh=+
zSy<HTQcb>ecMXU+vN7VR30zw72>18&-&*PO>8~h!D&F_?zVUQ<(mpY3z=!uF&??y9
zC7VZG%jY5<L#{utS62e0Ux|?DX+rWb?XU3`6rPC~uFke{Ru>gJ+;;O+t--oyQ@KLw
zR{u<!vdHTT!=;px=J6;?hB4zw`Qq2CLrpktN;9P9&6946tCpz)S7b0>7m^1Ttd1%r
z8&e@|vTam1D~cg6(_4&q-xpW?JD~q}KHp>)Uj^k_6#yk$!~xW)^Y75V&&bgn6fP7c
z?jg=}93w<VU|}0_X3UmuBcYNDJ=o}e!ZxxIAyGaln><&4WBqkFO%PM!&Fa>h-}!9n
z>;GrrDRdr2T?4T$Jp}Pj{(5`IwD$)-!RsM#cKM8v9<4l@(u_f@l;TS3vl(>%17$xS
z1>oCSqID!r@cIwmmGD@vhopEfD85r@>N;up_%$vM>+#&CtGe0b)V+x2R=KS!)krwM
zL9;IJk<=A9{N2#TCd+d4iTA<6aLemMUx#0@YI*I9n@v=v3G7;_beT0qZciyQ>!az3
zlM7m)kmMVFj(@WRU!1U-24r}fjpy?*j^zAy0#n0l*@1ulGbk34(pznYpf(}-Hu??v
z)@AH=W_v#s;K{l7ca9m2m0njzq`au1o6TDrh#EcZXiJA?e5?S!2zsOAWAD(i<{qVV
zYRx(PT0GNo^PrKt?32F@!Tu2#)UeAkaK(tTa29SFxyw_X@;$N#sP_r8TKRkMpJgv)
zx$-1uwL)t?bDK!Vs(8+*t>%|(Pg~#m_-kb2d!jzlOq+$=(2PHl|8e|nYplJ5_RGuy
z82QZv!I0(sB$|4X8X7K1eaXHPROw#`T$`f6Bfg?y&x990z%A<bc`kFm(wTfqvJ89?
zJY7-Wy8?@=?y4Ug``qaM$WG&686A$ql>E?6H^Zw{z+>==r7>3PAo>R0`Om;+$&#HX
zIq(kDz~V4Eb4Aq;+EISV%``{+oG?-gPxU2ClZP-idMk4^Kd9CukFcAW8mRq$tG8hp
zrnSNqu6$P3{oE%NbZBxy21^HkV*x_jVJO-|P_&itNoik#`>j{hV|KoG$%>n6Z?9c8
zj5)~&`H@F7kI<aD`0f+B>CS(R*Sz;`!dmiOE*Y2eVGhx^V<AEbODUAboA^0omS}v|
zTetOAbRxExi1<GVbBZTg>&Pd{`bWZO1)kOPcA7t&N7m#6IJCvhH?!+0Wof`<-M2Dv
zY|b$*!@$S!wNlI*S!oT>m|_tf1|kl@y((5QT5@I1oIc-M1QvjWJt=tqsDujRb)eeS
zHB|JUdAz)bZ^N5fy%a=dxkTPr-#77tT-K!6VN&s_8thTvc{PhKY^tM2JkSCw+NHS%
z_3CE>LXUy}koA%bIewB0J^lyT;OWnsvtnARF?f{0Ma98Y_A|xU8He+N-mS4)rZpou
zs;q~Yb402($^2$3<tpH7yNZ;uT70tB4-U(-`}-62LLYrv7%y-orRF6w@j@OwdX7I@
zr6^)A2Uzl}B$7d#aU3O9hBX@B!2yly)#Wuh^S{?-HZ`w4fkR|uNJ<Go8Y=@u;8l&M
z(=Kd?X1ZqX(1%y5<8Gx1D(7QuIud^ji7cK#^%cJl%(7@Bvx+x?=z1W>>+{#NqQcjg
zN{gF2&Z@99o4_lsyb=W8tvcHjZ1_TK-O+0snvyt?ZZljqF4Sckm$tw+3V?v{-;*9Y
zq6DvXL)NRWP$#98%)+IoA<5A(P>f2MrmHDNe(4cw3KOe;ws@Xz%dGNlP7>HS6KrEk
z%(&-JqGSZWTiN*N?Rs$aE3A-OIf<oHMr{UbvLBlDrm_C9g!<hO`oq+tJI2m(@CLa4
z5H%D3(0%&=0Pr*oiMTZB5YTzVGb<jd^pA=@ZEr3NlC+2pPqdhMFmJ3mt7LYc6K~h6
z@JWq>GpK9{pSkXueBG|tD$lp}mwtveoS*HOdR_T+6EXJ8fP0^0GAQatJ^H_O)}?Hk
zGljMF8p$Lsb!YHYY#wx=TCgJjEvS6)zNr91G+mT&Dm3PC?Wpl;k0Zj`UwCTb^=~4&
zxYEhmKCcC?NHU^_#25ICTp6`KzAnooIsIPT0m2l!bs%U*9zN<ANkbn+vHn9=>3%Tl
zhk0*%<cB%9DpjZ-P?ADpp|;b-lR^W%$Y42-)6^NNdXqP~N-JN`mSEqhsUiqBJ$ei9
z8VU$hE*jbx4Sf80724D?0Mj%lRU+`VqTQM>q*)O#YpUMVVz>|=B*^q+;2aC5%sJr8
z`7<WZJoC=r>kcIQ@3O^4#BeDRQ;Mb-v^nzt8K5b81X9X+fI^-e1EsdBems3wsR`JC
z(GaO5aJ->WET=AL$rn^S0)A?mT)ln#6cR)H<m4KS%b|wH%Iy&-AP>Ipd@fY8&2F;~
z%EX>>Aw0)1D&yubM6ey^=cYC+axFFL8`(Y}pt5?8m)To}php}>R4%zPg7IriLlDQI
zB`e2TTj7t(g+!)chg}v{FJ>kow_@g>H55c)=FU6YI1cmU2I=YhF~EN*N8ZQV=cLAd
z9UP?rK_>!bJvF~j5cDEHY}(H~F4sO8Mtl}|NFX`(-a!<q;~y9Q(!$Dc{dzOfl7&k_
zVXdx>`>O810w(n$;BTL57^1=>)J5s+M`J$IjtLsacupW;2pO^&PEV!JIXu}{rPsqo
zGdrb?CKm?odJpJ2>$deiR(!C`+Px}^+*wv;>?soZR&vJ)m6a}@J5J~@C+ivUhfnGY
z+fz=)^H&8?4<_>X(&ZON4x?c>MPYd#W%qt30z-<-f$XJL6Ax>6?F=NW!g(By*+gIT
zNqOqOjgt8-=gg4r28PNbrCJ8mIGRjA*0r0~@7FWtLOQppqAI`9T4ntbJ*!7@mq#?0
ze2D2?|0nbQ<y)169T`d_YFS02af8%aJhiW(mz7G}?_IGqp4?w4_~)hyof0Oe!Ul1g
z5v9k$O5nY~wZmB;gM{;iIq-F)iN2Z04WNC&aiWHvWv6ymH{m<j_M3h!6wVn0{x>be
zh>-P1W=esTfYL_{g#2DnERa${ERaV=%y>FOc(^&%2Npkm2jYh>QV?h1*5LQc_N>p>
zn9-ggpJpZLn|&1G!BR8@g3~is>yqE=cLD5SSwx=d84Q<4#yYNa^%1!8FW)XjCJZf{
zuv}N*9yvIgkZebxOahuhSf3G2KQ#MF3g^G4OvL^k62~g!=DU+$8yHk^z&bHpwty3P
zu(%YT`$~aU^siPue@sw)ug6;O1FBUW#qnh69pfXExuZh9kJ$x`-Kdwh0xH5q*W!Az
ztiHuzxSZg}wuXajDOQqK*1zfRZbwjxZ*uLx=|pHi>&>pGMpWbVa`FB}94xy~NOKj8
zL27DN;J;92iQ{3M#V%!jWbN0r8s=KA`KtGv8oQO8z@cAZo<CwLObTbcLUD9fb%zyR
z7OdI8PQJUF0mJn2Fm#X2;y}stO9pNY-8c9R%a(%<EyL#~JZFV4?+PsVl%lZ|j7f2t
z|EAT{zf?k$yC|`8ptL|tl7)03B~^)ks47O2>u3D@&fwZ~qe>xk|59;`<%)O4@2p)W
zTQlsZ6ulZIn8fkbTw5KUDoiS=gd1N24F`u9^1o3k77B&-weMa7F-(lvR+<PVU&F-j
z6fWaL{6Gdoy(n$6c=9=*_rgY3x0_RVCS3Xd?hin(4+KaS;JrzbXUk1j*vuZXl#Jh2
zR+k-4B&f!`w(4ElAG-i+LF882EUSA^b?muyk75x9nZR77ep||$h@nPF=lUh;my_jb
zUuNzkY)k@`ZQ|qWGWFyx7~*2O&Ya{&Y?#B{bvLcsb?`9009VDmGP#L7kcfmaYc{0m
zFXg{qanl=?Z_U6+gmX$52vno-JFo;+d0ydZ_ld-177G&mU@f8&$cacn*rgCq>3?}e
zCLWgwOZKN^ky!PUki5dqZS_R=LJh8a(=JLD0vY6(9Wz@->AyqPz`WSZZ*o)uD&vLk
zHnxC#>S3p!${$TvX1Vj~ugD1r3smNeXL%<un`L6h!HZ|rNRz+y+m~v54EI|~em^Km
zI!4Rqn-ekw?0l$6;69L7*cHKN!x)#@%?W>jDGMmPxQv-;=)0C*5c$G3cwiK1*~d^N
zkVZ*{RY=?)J(p)n$ew}lUs+@hfOwT0hFplClaslW^l>q5%rdbnR8a1Unv%06aB6!_
zQpbT$3w-);vmgCqf$>+eOY<Q2dt@8>i8&5}o3n&WyGeOMus)m%8;2UgzY(Pt4E6dX
zTC<T1bXh13-`pUYinNwd^Aq){EsnWJXH6$7VT^XS!qpdUcB$7A!2hnz?NJdVkYgIK
zN(Dl@Upty2?iJ<4-uFVLif_2$pA4hkpgr(V)XRF{MiP!>9rzpYg=FoyTODS#jWB~+
z9Q=@qsQj`cQi69W{FM8JG7Xnd__mV-ot7Fn;Zj6cKRPq0eP<K-Tr=*s&=6@T%1#OQ
zKL~)!J5!LXq{mP^Dii|0l=N5;ZPiE7WWcM^6x$2HN>24>MGLl_x}A%j@UG`DdBM$E
z)s$>n?&M8y^fvz`@yQjWv{+1;UZYhmjzsxhRbA8w4Qn2Ov-t?UWBt4ORYhnl>~(2y
zxm#oA-72%-&Zl<}_qU|WC6~;#QifO;Y(RI(9Ue4KZ}8mVLG$!uIL=fwa?X0=^eEDi
zc0d2|LKQ;UnCM7YiU3M&O2PsgeVV1r8}-xwx}}nE)zjc4&?&TAib3AET#?#@-ptU^
zAe9f^DISW%TPh1+wTso^3R)WS>mw%4ao<j0Pus+`qQ-c-#s|+d1DK^^3_a>jW!DgI
z{9G?Ta5W8zy!r+794dIX_zt>3(7fnkks~gKIAo+0K6}GB#NzmBDr^W=Mi9Es>L4$7
zt6hv88(bVs@IOE=L(FCq@ir)3x8iFp#l^S@$v$?wL|Y*0#v4l>#yNg|uR{1bj&VpB
zX^091r0xoU5yYZQpWn<SpO0z8TU}I|k8o9@va!Rp#nOsn{{~^j94&R1oIBJ}UYrtm
za+^LHhXhRmS-Qt{F;pBA;;+{THzmK9{F(VKhcKb&Zl^ZDFT}EPawoZT-S`y?a$yI7
z7>FqXYxel=sTVVXqtuIn14F_xnWBoAHSbnb&WizlmvSmWql8-nAGYU{(wCbQo`<ZL
zi#{N=o$}>k^f7Iq8+cMWuxGoCdTLC$tDL|lfVJ`Re_Y$uoQTMKz4GL_5C11$Z?>(G
zZ6cHBe8#9GHpJ*R>oFD11p~cv#zKIAa$OcW=;80c?>;M1W$EQKb_p0>tW!b&HeB{*
z95ZjTSfx6Mdfe`hwwmj;A_LUPD>*fFH%s%`CROs^JSNaocT@+g#z~#C8Vcai8?0J4
z$a%sO6Q4!&w8orGUuIf2`lCQ=4hWV7E}!~n6sIXsCixC@W#Vvt2f_aPdB?$gA#i@v
zdf&R1QRlvQW#q0pwwrJLtaJk`1Dx_o50vCJnh)j#8gOb{vkg2-`tPcGQC>Tb&YI`!
z-i>k|Eez=`%=JP1L?<ty+ZF$BC-@~WT($#|ImJ(eC+!-EG#%YnbbO>Edvr<(5mE$Q
zO|}J546;kvFHET|tT0B%)+8AiV&*nsfzl?UI%h|b>S!-c(?<cMVUI_}?9p_dwfZ~r
zg%RStF_X6`Z&Hq4lhx`i*b=EW5rp-L5U^$5R{Vcdy>(cW-S<5VNQZPIAl)F{9n#$)
zjUZjpH!0l>Lw9#KNOyNg3P_hoy`z4<kH7cdnR~8#U;C`H*4q2T*tOaYnb^=-g_z^~
zbDhZ%BMjgew1vUlQ_2KUz*iQ2)<_@0Oy92W^WEE-O9Uh2Wi9;@8%*DB3svv8ntc7l
z?sYlT-#zZF3UcSmDuJ(`n>K~7P1xq&63&&sI_oG#+*o_xFEiJMA>5eE`~9caq|Wep
zqR#g~UU}Vn*4{F=Ai0$676dh1<Z^1oaRp&8`A!ZiWJdrLemRy1Z)1}TTN~kfwY!_E
zp@xn9`kHM9$Nsm;U(e><ESkLRzj_CXFfj>0Ghk)(1Dl9$_#!cAS4jh?<##7(s1rtk
z!LdXOx_3MVXNP<AL<OqzINcVEO^iKd6c7TKIfsyQLC7rAbJq~{@4#uih8Xz?qL_15
ztugNeCCW=3^B|0)!G|J4O3i#o;bk+wnlg^cSYo)&NEkO~W7`TH6wCP#EXf9~WD5K_
zvj^7Pcu6z(z~nKsY_R51^d6#7XC#sdYolUf7!e7CQ5?{}`emYieqB6)<}8=TUGj;%
z@0M7Y`Jvc?)+Fykeo*@t`Rf>q)dR^Jr5_q4VRcq{PgK++^=3Q*<T)j;<`NCVrB$zB
zr;^6{oGxK?ng}WoOApS-)0!m!H~wnXo;9_lu^Nnc=~{a&Lk~6~7gbg6m5O*#waI_e
zhUlHlB#D8_<nJ~)df@EaC~ny)MeQ>l(E(-;MxqvuV2r$rjK^C)w1Sm|3T3fevAG(?
zxwoG}DIL#mOy~SO>yquL;)+ZQTv7c=y0fvQl?#Ja`c7(r?lfxDS_Jhz!8l$+aoEzP
zoy1oHk=eB1{N}QWt71Y;6@p{N09UglJl&#fkiUj3^Z5U4@W&4^NQwU?hy-FW_cKc?
zOf=7SpT@vWL-75-GQdOJY(laCs<@9yQa!&(T2I2mdl6pP*;;}C6{YU|PL?~&TJ8=&
zJ9C?8D?G=oW=5WEWZbaHh2f)GFd6)P_j|d%;9J7L=!Aqr3Wc6kHoF|l^4iZ{1erf_
zW*48~XK1d2hA|g8w72t_oZ2Z&F2-E7d3Rj5CuX`Ak+5|J({M?Gak%Th=DbIG)A5++
z{OhP1sq;}tv_#S4jn6&8&bQ<&7TXPVKu=HB<L9xDf0Or_`kK;-vAf8C>}Y@tnoLl3
z7B&yB$cqj2gur#9qWbvGNov#7T+<uuiL;#W#mUkrSGr<5S(n+00QHxAoL%iYGT>(g
zeQqgWW2M9u%-&yg+;z+Ahr_RqK*W6c83n*je>my$spvw|Ck$?QZhh4n+48Oum?K}}
z_lxzfRxwOtd!Ds=nB@Ah=l$V?`Lfd8e=sLRVBb??4AhOyfW~iFINFjv;DuAPvYfwA
zlN2)D4ojr7t&|@W72>958^HU+U;L50mhgR5pSYK#|0~N!D&~Goo{(8579+2%tpyZl
zoxAK;9~Te8);XD6tDCG<ONvVFfO*8|s+_Uc4|{i;LY)!2(Kj_2`YK0}mLEoOf9#P!
zVbrdmm|x8|PF#8=ExsDhZ9hnFESF$wP{+T&ZOMF^mP5EKt?9{Q1r0rYtQAL+-+M+X
zke!2c;WJKH7nHPU>|)Sok*1KVr_DgV#Wk(&Bi%{bVNs7FDZO~W={5Q|06@QHwEq|?
z7K_8XU9D`12_7ZKrRet{(vH_oOZY9A&S%|W8ArL%{d9_%m3Pk0f6vbzaP}US>CBJ(
z-imN0i+SpPs+>_G_F3Ht2BW0WO5#juHP>OfU0}VTr*&5oW_T{HbZ%_rXjkvPaK)d!
z*~4h9GFy^sEN?y83#f~~uvw35uk7u>F<xE0#xeg!m+}NRVeK@!U8Hddp%{<MdlX=X
zRJXCmp>RAC@o>C~*jX9D%wxy45SD0oW6;hI32C2>6&|?$kqp6I_Dk<+$ufnT=RPBQ
zq6c$=5^Jo-bO&q{seC2DXX7O;-<}Dm>SYKE{u+itIyW)MGr+kJ`+a>>!(4bF(bg13
zFd3t>ct_sM>p3Ib{0)*=H(`%Ag$BKDDIQ?Np2xBzEoSW9wbiy+%#$-W5h@d)A1DW_
zj&383-Kn2I^<)xmmeHQfOu_hlxG!X4K?+Z>qOH?URO>3OjhJB@IzV->qP`V}N0wJ0
zWyaI)P;<px29V?xKjxJDaLIuV3jGmu%5D#B3ENe9+}j9+e2Z;ZT?etFK)|B@ny}PJ
zx1`8|S?x!Z7}Eb>xAZAtTmOx#$n7umw9hlgES~5CeLo~_UPDLOnbI_N&}YNyFn@Uj
zUu=>&FKI131#Q2z46#_6m)~cgHy@)z_=Z!?ITr)@_;hyVbxit&V{n<;_mAaigz+`X
zxByb<F(K4WbaYv}f`A#T+r*y4VH3sDhuEk#c$<#YU!dTcK_U{^4h1w;;vt~qs78r@
zA=+EubI!I0k<S0}_*Fj->-IOE7Ne(@;thgZ!dZy-nPh09XOkZHE-p?;JZ{O>N=sMP
z)#u4E%7Au(b`;6FmUC(GdHV#w%OTBUS>SmU=_l&*hwcT4tVpami-00p39?<J<}4%z
z&NB0&V$5WZ*Wv~Drgz!sYieeK8!7Hc@|4|3p;uj55XzR%=*}xte2omnVdL2hoK8@&
zwJePma@e&&yp4qg>#W%><&?r|8PQ_0L}B$)=#Wt=-^==#-unuP<|%prZ>YN2On>D&
zRJe-evG=wvYip-*H6%6Oz$#tVRL+?TZTc28hjm%u3!?k#f2OEE4v4A<9ZDHt;KgVt
z!L$qa%$cZ&i&fjh8BS>s)_lHkRzDNS7Zod(qn7{LG${J+dRhmu*R}XD>j#Bbfl28j
ziQRa6P~pt_G9ff5R=KMSV0d$Yz5<NiS{DzGXVWwhReyOK-p^oGx<ZN7RxcNLrF0?m
zZ{oHq<3s#T^hWd$<nM_~T+mOl%isGGyz>8roh|U*=p$m(O57%Cg8SX{Pd7Zk-|OBv
z><4(!A02|oqm7x1lJn3cwv4DK?V|N^Lj%eG90N#$7B+yJkX5~cIA0jk{Yb}*z98gA
zh9b|!?XN({i3EiicFd|3W>$?iD*A0=PRDx2I->G`lKmURf24mgQ(XSaWeLXpP-^#0
zj6tw_D0uiOdw*7MgqhOB68olYFq{gq(}&sws)>pkSZuXq-Dyr^?BWO)7fJ>J4P;-@
z?n=LZja|z>AyCf~eWw$PRVJhUO@Kl0tD>YuifR_oTW0nf-*y#Hdm$CcRs~oa)Gn=v
zj`IV=ak@Xhhg(%YaCL-GopMq0J}eCTibJ-2B+*fEEp<b*wl>7qg*oWYE2=1^7j~F$
zga^%L-tz@E?kCiM{HjrA{}a1C5I^-TH4|Yv0!;CL;XG#{>ZGR;;67arJF?17mEZoF
z^{pBIP+-EvmOqVI`Sh%JVBq<>4vL_A+P<)yJ_oGxqS2nPqQ=wg?NFE%x{SvDZaHi{
z#}!W6dyNVc6zzs707bhes_T-Z00Wte>)Nzy(<m&LiS(UC$)~Ugz$}MIh_^DmmV2L#
zYS@wr<K2~6dtm_$=46L(4$Nyt2bvjCDJ%}AyWaMXr!adqWD*(io+9|Ds#r$+a>{`h
zB6SYpYF$FUh6*q`W$Het>BWS{WY|_kH;G=DM`0g~ubjusD7?Rg5~zK0_>~4K^lLQV
z5LG=yQk?ym^Fr`z1t{e!v;E=OoYQS=Ptuj#8xoFYgkfq++E<Fj8FP7(0z-?{CLhNV
z&J+D6XML-{rM!TJ{}W_T5;vA*4ml!Wa)Y4(`zOCk&e-0GVV&%VVA>y`a+ndkg6hwo
zN%90N<c;b0OMI=cCe-5N5vTqDOjVm(6}|SEWK>P5*+LT-UUi~gd8ijOVz6<y6)-`^
z#SA`V7-voHw?t$!wd{t{s&#%fdp)LY-JfJY^J$w0k*2;ohw`<A&i9a-fjycO+;QdX
zc6rlsCr2!r9ixHV%7a-OUG*O<+Bi1hahpg8j}8walV*XsG#m?5^817?{vIl2+NoI8
z-5<TIsCM@N?Mjr+b;shPJXezBvn;xMWo-GLGuO-?)iu1<AZp#UU%cCLq(e`lqMpPB
ztHNQaT>`Czg0dLN;dQ&FPeLncU?wt?CbSrqUKNmg-*&Q?pg~)AV7l!})Glk+DA5pv
z+-_mBV3R3$Ms=J?3~@V22sgTE$G+Tpl=}FFSo#pK0dCHPg^npUMyQ{b)yd(l;%uwZ
z)z)r%_#ew}!y>X9z1^Lyg>3HJi=KbJs!Hk_jg~bSR<(02o3Cq}rY>ncn!2ss6iI*S
zh&g!x+0CTO>GUqk?ku-(%->0j@@32uEwp=+9P2Ze^{MY-pO1{!RhUjy<$7rpagh)`
zrf&cu@jBi&cAAqfoDYi!rI7_%qf-ar*3*q{Oa0@o(={hOCnIiSk9=&8Vf6{u*G^6Y
z<}3;B<t(Grqm%i~8g#4NQ(yG)?4`+`I+UKO_ct@=8Qos9Jq3?Bx-2SSPHdj&A}1r|
zNG`7Xl-{=}TVF@nUNU$V62GnSSrZgcUCaf3z2(UIT>0|7`u6T%{Y(7|RNsE=alJeV
ze#wrlZFXY!Z1B$UrULO^-*QNENH(+WgCFLE7Y=OWAkion{(*L{=xW0{1KKdd6g`0)
zzaM<i|5?#~i5-lPv2ZFh<qfI<i318W<pJ?M_c<ScZDYzC-Z;SHO|_bL(+7Z*f0$V@
zZTiioW@=S-SZa(uc6d3>F{@dd)O|?bQ;2Mj5y$#_;%vDmq@AWn^iZjLx`E4%T8qUm
z9CdnVpUu3Qj&>0^TB1s|>a7(SpRGnZ_E}lNM0gt2duv)7kB<-nby<>@T`?$8Z3LEj
zlJq~^5I(-SQ4?}YYvu}L1>phw-wvhrwGX8#O!UtK4`5TpZI$@zGEB`8%}1v3o%qx1
zmTsXj8&BMNZ`ej>P6MWS7cek02?Is{irKr!Q506@G(vIr^!IXsi_xItYv|AU-_8wf
zw$1VKjXs~{Qz51KrO0&Sx^%48kNArT^hdj7n%q+=CeS@^9{Xtkoyzz8gZ|U)#B2R#
z7uwd9k*DS|@{AA5NH+kp#rV0x@NFdOv~GcUu`W(k*zT2}{Aw}b(m6G2O^^kOvc7-a
z#4hOVAGRCe#T~)twGQ8~dcS%DKBd$_47*m`*AT~uIZ47A`j|79nOZ^(wXfTo=$Blr
z{V@$ec8%1w4rsl3{BnSrGX)j=ms5NQlZ8wT*nto*r)<Jkaf3Iq@rh?PRGL43>bx&6
z;^`%JMzlF}w|86zpD1`pU7S-Bu!jfO#e=JnGn2&{K9X`xgFtBkjTT^<bKmcx;~4y^
z>Lf?T0T(9H42i03to_zn?67(%S|4_vbOrPY5NO&e;rYiYx&sCKDY)|EIqmYhIKA`}
zj0gF9F%|;$qYW3o2!GIPm(X$x%ql(Up(Z%j#L4_TwoQekv|RCyL~V6e7c8HRczQcd
zw1Bj82Zygw(SMs0BgU~bAy*>BrQT`7#i1%TFsSn^2(mWW9_E}Yc&)s&3pf+j3xKsk
z#>k>*wZ6?JAF7n3Mr=&&to7}YXJM{Z;Mh5cFn*}TZv~AB`31y&o@x@zqKWN^943}u
znBG#@e`EUPU@iN<^sy2qJDC`;AAA9)Zw#Ei)QosLG5noZB6P}9ClR{z@rsfTC_ygo
zWz=`As8Tpf0cb70q6!OqewQy+OK78V3Yj9mE5H&4r<~o?D_B$UT;#_3t1d~VlL(zE
zHrwk_`aXKsjJW3eL!7#E=TY*s`IKKdUL62c!@P5Jbn9sq_pZ7{jrG)dOIj+8?DMr9
zy*lz|(DZoZy8xH)+`yx=3)O?`_L)#d!I&mgD;sV=WJsIEiQy+HG;1}ADr`UJikI_K
z6U3yG=zr?B>F?mKurF~1qOrs5f(g`o)U{WL!gOcM-uf=l<h+2ncZHHvmyhIjTuKx}
zp<WUf<6oq-aZx>MTU9QpnO*bFbmuruY#T`}L+(C_aGNk+Zay3p+?dyP@;~h+1~}ze
zFf6MIk>`V@GhSLJl3(a{PCXiO4K{sQ+_RX3%)6s4l$8azuHU4Cq=NpSs>=j-WpJ<k
z46ikB6zn_&X$H|l)L!48q{du0##FP^iNfA+uROX4NNwXQ{U5N3Cu0|yk!g-|@s$#q
zEQzGuBfoZ(9)?-h0FGR}JrJ5I1Kv65Nd&aGEQ3Syg0G`p4t-LT)jXSt(ANy}*MwxF
zjf!Ejk#HAw=cxZowjt&UlW|8&q^B%K;)#{*Z|^lZeWHWY5eWH}?#60WCf|wm7%QIi
z5Vta5`HYyGr#Nh)oOCZz=j*sN;v)WE9hkf0unZV1NYr(JGkcgKx0L(+Cn$n><R|zj
zaK+CQP;7x0t-%HX>sWDPSoRa9zpZQoM^$NN%0)g?DGc{JMTH|#-QQUG8bR&SF!l0w
zzvSzhCIoQT$oG6#%j(d_8h$m0%Nf3tI!=^H#c*y;>?Aj;U^BR#Q!?4pa1PCh1$JD(
zpGxfO$PUI*c{o)yn5=7AQv)PxE_tM_6W;N*$l))<k6HnJxs}b(zcL%y_4#7;k`+n@
zukFW*GM7As5IXisqt@s?96Xex&*!}tjx1_c9w)}D)s2r|o4WmNXq|SXZ5Q_9)^tW}
zGxI!CQY3DkPn2a{EEK{0si;k$w7x05lDG5Iyop6aV`;fyk~`#JM6IXwYmKDO^R5ZX
zbiNkz>8`6!bTrh;sS%DUpN~rf5|{{=uUpR**PRpR*&CZ?ZomJEkhou8MB$W0!@pC(
z%4K9e`zlH789#LQIo)EC_wJ%_Lbp6|QvUO%-qVL*lI&v-q2kW(FHkl?z=xIkVDHxw
zRk)dFSqmGJN3su<`$>7-#xE`H?yk*YK<nmnU0Uv@O*etG*L`Pljxw%`CQ|j{_Wk&{
z945k=sh2uJ{(bA4Ucnf<7Ry4i#=Zm?oP;&BC}yEY;{kK+AC9Ya<GygeCIvE|LPh_t
zpcK5@sTHaSHwRRJ4Jx10VQ7UTCqMy~#w-Fj4MzFj$=%G5^en?4u&LHUPkWUc-6fHs
zk<eD`>}@1v-b;LZka+!zku)FhexdSaMoQ~XPr-RR3R10Pg8k4__J@x`g?&U`vNqP<
zT^q#a+YRw&8q5}@T=%x<hiW!860i>&!wx}qHHJw*Dg$~UHNkLI=Erkqy5ETSTbi@)
z%#@Ue7pj5*fq~LefFZ$t@MBo~7VU?Xe;tYu$`zj@w}Z}egMNlJC$;65heg<`h$`a-
z|Ce6S)M(YZ4KH8%mO$lCPWq9Ci*gu~<$F<U4?T4Osew0c8<;K<V(c6|R|qzf?Lk1{
z%v=zs0f83X941z#h8eo0I%GbfaIGKQFs#BhY((3d5#46?G|DjoqGH)UPJ-rOsu*eg
zsDll5<RY=l%2*;9@dgt3i)_<b8^`ydEYBU4F<s0vh^xv3^I|o+1y;$iOpR4>TBwu}
zt@%D;`qq@4A&HsC3vIwWr$wpxX3<^8%EI+)S)5FI3H?<xRr!e|(N(rhF={8GuEr^$
z%r7BWMSCwVvL?m6FdZeA`*%kMnwPnjA08x2ZXXxbJHJn4kZ5+r;QAsbhNk0)PQaT+
zbl>KTUCiR|WFE67vd?_1xgmk)XGZzYA9<4w>=kI^0^_oI?edSpF^6VzaND3q_RF-_
z{c#3%ruD@yN)hi>RCg;IwTOSxb$1R66UU{_Nt^{}2Ht)Oj-i<ut8^kqpBhuAulpnu
zdv;g)0sF%{Z^X<?N&U^KL1V`e!ara@`NW)XdAq)e$-gsB#=2p+s<gzB(9;Nxtvn&9
z<Pcy@e6!u6fM@DqR2^i|{?7+25F}ri>$C4ff`zPM=qpE9!^E&xUc{$ftI8j!o$|Z5
zdXsvAd5bP9@C-+gE_k&8Ryd>3bA|y=1!~^Dn}j|s>*w>coQhb9>rT?z_l5q1dh>(x
zw4dTKkH+)Tga)cHGsh+M`_KSB`3ZBeKa%(3dZ%_-Crt-8-AlK-7D-gijWb=sw5}kv
z+FA&E%=t$OPhoQPl$>|rEr!hu;k9^>Mcuz}a|x2i!QrO=4!5|ty;e*_Qa};?wrjXY
zOrQPzq}tqJjbnU5PWw6Ht<jlALb>YGH$P2gTXJA>{l^_G>w;Cds~di$`dP)j1zx~t
zK!Q$rTn{Gm6;xPyJxrWN45}uj8F85ojSGB|rtZ+^@0kR(V&AZCbc1Qe&rNxb9E0Cm
zJJu5YNjPOqUHqO7MgVW?WtP=blk}hs?CcNvP0~l~tw#wn!_=hnIu=9M{pGP#9zmpX
zfZfa>rMV_uE7R<)qXz#gr2hbNvDl2v02VB*gr?9(2{+37@R2PHN(LBGO5+c+-uX$~
zN;rfyi&$qDLw!t~6a}}gdclUJ(_-^ieoAH~O==EHZK`cXd~@VmrRVX^3)YtgB-1<`
z7;fJ}mFN0V92R!J()>0)K-!4*PgqsPd~z%@{b3hl<_Px@>vXZGE_yu0c3%X1Z1>EA
z)xrv9VasoaGXJTmBF$~HGv!0>p$u3}14Z2n;Dc(5;DdhTiHPQuZ(`BGsZ=<QzzZp>
zIW#cmtnZs@=sr8YpKf2lT|Zs?@~L?@JAGvpH<T!2p&fuK^4Rq0i3DG>VA5PAKUc7q
z@GNo79n>mlz3AlWNQJfXyVpdKuu$_wN$0&7jraSyUfRQeVB-O~Z#|v6t|P{pubZvu
z-}Oy7Ld~XIBJ>Yn+A4kY`(LjqCqlNlhB?h%3~bM7)JBjbXbyH)l?H;p+JjVRa2=Hz
zssIj8mBg27bZG(R{QdO3@g+M^p9Jz$uDT6Jc1p1~Pu#-;j)p#O3Hi{Rva8<7qq`|Y
zd21-VHhVJpylcaJ>}V-uFBSVExew7m^KM<AF%ar_vw;?I-sjKKhQE8^&bvVr6`WSv
z?ppAgDs{vwq!JO!9c`BX%j9<;gl^ERX9;)QAMAMZW#~|Ya%FlmOJC$ON%r3NR_of}
zLghAgVlc-C6a7S=YNy`h#s}s@nTH;mBB|SyYzT9|4i7VZ{L_WSxG=?SqYgNek`EN^
zd}H;F+Q|rVJXD)TG^QHXHsxn0qu092^8)XJ3S?!B)c;C&L|}k+_avNdm(~um#CN7x
zRZVya^J*sH{=p;Cl*XEjpU8E}#%p+~L>n={^5`@ib@X}sT{rUO>~JGY0Q2|8lUcH3
z^NIOY>R}P^EsFDO%US)HSWygD(Bx=(dWyIG5Potvi+R7-6V#x3xcF)v_S)oWHW??c
z8PXrdoZN?qfLUCIA?sim@FE~}&EwqkBB;S(kMBQ=L>A*P^7$cm<nzd?IMmzrIB3Ux
z1G3$F<?U?o?FR{3Y=z>)lFyIob|0ea(OjOM*sJCcz4b2TFCprcUq-*n-Cw^qY0?hW
zfn~mzW^8VXo7Zy2?NCc)j3qPmm)#mJBP0dlhcVp#Rsd8#_enS_RhkeITkY;y_tB`r
z#Zs{L8z+B`Ii^?!9gfuyjmpIMAyleJ{b!9$SrrOwKd2Qbfbm6@pa3Gn?9HUWJbEm(
z4)gFEuBA<2#!eCcK_0BnOV_Y9$7CROkHs^wNui`l9_(Fr#fYrC0G!8}(qAw}A7}7!
zK8Y@%O?rvr#8~SEDl|BU&{Ks^P5<#wnuZv+cb@MDvF9WS6o%rL$4nfd*-R8bfegqQ
zz6Fgb4(Y)P`=sQ!dessCd5mUbkl}J?v0*Bh5$WNpC^XS-DKwQ1q+X%Q4DgYiZxt+^
zVZ$~7hW#cr#_y`c^-26U7iFaejRtexTQpS<3Z7L~$f96|Jd6)s-jE0X%7Cxh@-Vv;
zg>y5jHNgKZ-G!H7!B>b(w2cVTHG8lIM9r`3tVwR0C*^Rs*Gx-x3KimX8hOOrV3M)&
z{wt3R@TqAVndxW?!Q~yc%$)26fM}$6iRj{!pjkXoA&g-WB45)6_>%RM211N^IDhb5
z3RgQ%B=QiZ<!Ynd`_lf<Ops!QtW!IlSq>xl$NbuLMt9veOD<Bew;FA?SyHj?|8ngm
znv}!4>-BZ_BOH18yxu)`FtpMviTfY5cHHl<x86!{v?eqGP1RDPu+u*6ypxYn>?8)X
z#IxumNIcJr%Uy3z0PNb6$IguFa)AcE%zcFRWvjCpJsXkY+lR8(K?MDhjv_TB1ugP7
zXDfYe@}1*mN*5Ay(lB(iHCXho(=i2m-|=Y7wQcSS%A;up%zia(VEogrDhP!rLeN88
z4Q3x{pa78DDH^ptu24DYMb~vZdhH`nkLeBWN|&zgZ8d=xzo_hK84&+=A=%$4Ab$Fw
zhA8Wv_i>x(if_g%g=)b0E1Epo?U@Q>Vt?lA`TOI_^-HQcc-8}>lASOiK}4GC8?CGE
z*7xdTq`RM#M$U~iA(wrjDrC9g(YMGnN;|{=lb~TTjlUBBra7b`$XQJ|L`&j(aO2q^
zgS3fm6t-Uc#nLtdr%k4#VzX^2Gqu$Yna2P5#JM6U3sA^>OL0izrKD1i_WtMmds6I(
zqmW+>ZJbF$o1HTlP<wj<!ISq-3O-ZewZwD{wOOWJ!BPVE_DhlZh0xf5{O(QEp5bE1
zMtCAiGl3Hgn*il?`g|UAZ9g|9cf48gA8w1q&>19<`S=!v^7`#~y=gaN<^UDj)0|0^
zjeCSeX8&3sUzB~vl*H|pvpqiDf8>!H=)kIWkjttzLMVZ7kg^%O-<QBrNUkFjvRf=j
zdnF|obnyjnzH42%bW7AkeRbx|*sK!T|LNXX^lfi#jNR(n#VUNZdV<gHKUF*8m1Hql
z;bXfF(&6s?dy8{r!lZJN3wfK_6I)Z>uB0%?OZ@RL^?u3WpXETD@Y025%lzmfWMXhg
zm&dzZ&3tUBS*exe*2Jrsf<j9@l&Swy007)a<s6V^%?OuarM1Jd0h#znrJ>Faq(tH2
zsVUu_&9`ktVexK0ClM3xcK8|lI?5^IL>Cx`wtmN<VMV!M)IKRqQrtGCKeLGJt2b>V
zDI?8+t{kTz6zoQbZ%F+s44C#dg#n+~-iW4K!fDVL)<Mm(y~3AqgG9O?GXgp%E41-=
zZ9zu|<ZtxS|CK1*Mj+1FmSWEMOG$@bp5Ft@LLG4!at2Q+Ir=W0G<TvT$nyQpu~;U*
z^JgwBvjQ?`Y4DZjGJB0bj&Dv@FD@y1l_GMA;Pt$vIfzExoTy}(!FSAn%R!;78Ckew
z1Kz;vnHrnbVSphxs1QL6WzcjjjK_&_v!Q*;!JN(8#R>dO?tir5gGb%r%tY6b->&><
zA9er6Qg95_gx8qH98X!Fdt<MRar8y#cB667hC&<jiT<k(ccY(7(@$_OWvBO~c3rZi
zh;eu}(g`;_oFcV+MvL+=M5W~ui;xf7We`B7jgOc{$9x(L11r!dhA&r`peSiBsQ9(8
zLyCpBXkFtATG$aZ!ZK%>Crxy9Lxf}J?N-Mb^dJ-zh*<jONKcq0l{obFU?8nf!3{)=
z|LuAxBwGrHtU?7{gaLwMFOJTnoz8+GD!f+VQO|TuK03nQgTg9prx3<ghgUuTK?sN<
z#uuO$h`W@O|0$dHA%1*P(Ji-Tq|0qjfX9Uh`;AgSIW1!K*QON1tF{&2Z;awdW!vzq
zDBc6`;AIytKr3;OWAoVLmA6C=_i~0@G*#c34WAdheZ)~AW1hIHl54?os3Q!&y?0@b
zECp9-N^QMHqjNxq36BK(Ol$H2oRXEDsPWEz1DvQ~@$DG4&~<{<<qmGfub-JhbcWV}
zZjQf<VY|0~V1Ly+E;@`SJX3g{THJ;nYQX6)zwKC(<pqbw%2Yw{w32&-T)nY$ainmi
z{mr}aLAO);Y1Ejz{eAyk;+5}D&C53K;CR567`mw2Z!JE@mI#1Ui6$?SoRm>0Xjgvk
zEq(Q=_TD|8m<?^S#)W*%TLtD@Liw%RhY*2~ZyvfWr+$+HRe|djZx6b03SGAK%obx>
zHK7}xji%1k@E~nL5i%X?JVdE-k`fP2Ci1Ed(A0U7-1r=1L&ZLV;k7K`crgm5Uo~+U
zMxSEt9eSTgW&8lA?E!R9L|EE>v!!2plEN&6)Ih9qo&{x|$_5QlOa48_@*{s#1b&E<
zE`RRR;L1+ARMj@zDaSeSW!n-F@k8>+HZ#7Eo(m*Q?`tQa{F1Ynqg!!)zw#zqv~KMZ
zHN{E4Zc_ugl`O(fX^2p`2gN4^jF3>I^oy$|{aa;@)bv28eeWl6Gy@Zw&-9OJLCREG
zYH;sHWn1dXbA?SMdPdn@XEn({=l@T9`UB_&;P~3X@j1UudtvH>a%s+epMAtd3b>-?
z@^tSylTT1mXq8@&bm=eaE&Nij1Sp%-Binqi_sZp!KRI5FMlN?OA3-dmxLUxq0G^N1
zKCygf(VGUvk5*!w<-hO%G^Gzs2?8S9sGvic8w`ODnR3n&e1Gx@N8PFuk3<Zg`^n%d
z*_Oz_CGu(hCj&NveE*BIK^K()OEl6!dG2X!j&X-sC@#i~LP-7y@>cNZI#af{AW1&E
zh7GM}i(F{Rb`AtFESh@Czyo3pQX>+|<FL@~^auBm$)CGJgPSl6$k`_=lmXqte5+M*
z3JvJc4BFa`ja;co?%Bkn%@#aU)>-V6$w&_QekjnPl{^zec1oogWgeu`>VnY-S&x%O
z2!ojmzNV4-Bx|O)Ekk!|WwB*cI!?3YA^S}YDe<6lWLDy#j61m~3{ZL>sO0AuTK?l~
z=!=bO_H+%@I(9_~_C`1t<(5BF+S7Ii2%6IFb*{&^C&zNz{vOXd9M6dP6+q7JSNvI^
z;)@$=+22q=&kHpszjWhGe%;Bx_RulVG>XHDcvy~*a8RmlFIGt!RE{mI(@v#0%@B>K
z(@~x!;$pO)odGNf<X#-g7k+AMS0psemY!ukt68}6HCJj4XQg}27ZIT$^c3%(neqEH
zZ}jHBT#Y}_E8ZUTWu2BNbV#ea&xdW=QfPGdM{o<DMi!!67kKJh6m8g@d2&(QJ}Igt
z-W-)hQmerUd^ZY4dMTV;nLF}i>=HLzJzKO#gZfZ}Kx^fUJHn^zqu#{yXuq|msd_5)
ztiM>XX_Jl}a$#yAx1os~W?#s_AzJ*CDRV4d!t*x_{NN9U2e=hEsoZL{4U%fky$9UY
zYKoD+3A2}LF^2J@K61au;G$+4aIgI@>nOe-iQ=;zu>d~5?<2bY<+eNdSsm2gOm7zr
zNj|G3-2B*j1@9z-WB2g5(xzcJ6F_8mz3K0!<?@3xJ7iu&&|n^2wIjd{Lq+De$Ynwf
zO}N*xbysm;&YC^7F#Heeief0tMmnU~%1t@X@}`-&vznM;P%wna;8Tu2Mg%GAn5(Bv
zj*RF71k?kTt^dLzwIq_~^3h0R+Kcq3$i3&#v-h&atZ7pYJr{WsW_YsN11JjS3ZSZ+
zQKppG)ZtPmd_0yFZoe2^Jq|K=_|7iem=@{jxC5>0cs?n2I!vTnFT}OL?&7#Zw2F7I
zGypxwiS300-(^~oC0y!ET$@`OU+n}9G>6E~v^po3ggQhq{?mYAfhZF~A^O22umsrV
z-WLyh8!@StJ~2D03!bj!z)W9H^3}Y<CH2s1U>-WLn}Tp9nJ?7{g>!*S-BC~{_}HFI
zf-_2g_M*?w@v?Q-*5#gsGpZR=r^JEIAykR#`T}i<xL35k<$L7-3^Si0bIa}T<UY03
z6qfw{$OIHki0P%Ld|qB2AiOO~+ml1*orLQ!;$Mp;p|xvCyT(w3cd(ON$YZOsRah{~
z4iW6&wf0l{zBz#lk*IjzhE|h{32nTjVyL+YmAmCjQ8*QJcKcD9n=js{>3s=JLd^H2
z3;VCzxYD{fgoJ^Pih&vB#pv!WjJAMpmsxR8DeOUd&(`UM*e~sKB)+Get-O=iE&k#~
zN0^>1AC`+_3MflAUZr0{aB=fhHZt1S)x5&se@Dl2ZlPq!dWZFg2qY+TZ+KcmO40IO
zJ{{w{KzG6DuH!wADIm~g%*EnSHxEGfa7asxuqoFR1Mn6M7)AqbT5t@LkJ<3O6bvx6
zhdl`YC;}zhj;M#jN5h{Uj0(Y09!PI-C&XU^0_!OD;;YfTzK1yH*QGY@fjMaNFFUYE
zAVV3~8)PjxsuXZSE#(#cV-%YYn-+G{@}WJ|ewIW?UFvOj%T3I2D{32PpwpKD-OT3N
z`@yuV(hj#Y|HfaMH%fp&h~6^+JpL-BJny7K_va`IzCgL6T3FD1+p<JSR-}9FClIOU
z&TG`|tD=Lr72&h$5$!1d$-wiaL4Z!i(tWLuNos)RL(tNp7SwxUC8{Gx?tQorqOI#!
zx5B#29Iw|>e6Qq(fwMhiD!KjizrzptmF+@))k-hm(yctvmDBdpG9q5lB+QF0j+O2>
zEQl-#T^vhFSTIs6A&gb}k!7cZPgw>0#Q*V^C4uiO_od}y`L5~+A&i2W6BOwE>5;oV
z!QJ)7{xFKl!J8HySH+n(#f0n669>|z4ePD|suXS21EV@dpv?E|eh`_<{kgvOn+GbP
z<+d4|R@O}36H5rjRR+cic13-b(dF*~<&B>_mrbME4BBY?NnlN8f(5PCCWSXmN9h0R
zs<-&D(-bx5kEN71bJBSC@x(7#yIfFhyZhA2i;m^`Lfe}wcaD%GB4rulR$W*=K(9EA
zE_IiTR%`(zrUPm3*Sk?x*CLw`2c3Vj@zoZgR2f(#G{8lcZ?u&H1j#fAs?$M{1Vr#Q
ze<gNe7uvW<Du+dU*6IwU;&zXutHX+31J6Dd^L~mip0mZI<Fkfpx%W-_g-Ju)%fM%X
zSDJ|E4W?7VD;Zj6KpJ(LxeFR}gnm$PnP+@~!hkPCnB(HXynh)~j=<*8zU=dTHBKfd
z7b7i}2F>CzF5ojPA~l=O^z)k5tQrl4PIM%crenXVQ}8m>;E(6q=WYUWA`wwxklGp-
z&utNJhQ!xi(x9uWazhE8aBb=giSLr4Ahn49b2zF12|~O>{`Ri6bbkUD6vFWSL2Qhb
z0_nG*qP#7s`a$w8;K!V@v((4wjq)y@l9=YNbS;tVYpg>Vhr`Q|G499f;g<@M&f^`3
z1mP85bA&Y05icc$i*GF(c%CWS)<|o#yA}n6$>5;j@=aOc@c+zCXo}LC?=~g8>-*TI
z1b|hxL9grN^$Bdi`J)>eqsrR{)rYXx_DAWNt}~|g@LGD5kl}F*Chmz7TGRmnx=#sP
z2^MqggYrmg_0DOqTkKJnAb$G2)JsV}%y|$*(J1^Rd6v&!s+A-F#SeeSL$HU$GK?d^
z>O+bX$0z$5JC+p33W+qmwV;%}gz$sCG4SqQ!Q$MEwE^$1g}}|_h-AK7J!($MHhQJq
zBWL7sD-R&SgSNizbskz~$&m%8h}@vzh&-Xaz7gXMC0et%Kv2+=ly_RI@0OP>vV@@C
z2^k%(!$=0#Z6Kv_1n!oIM*hn~+n=N>P+m*eQvt1CBPCHUAaYQcN3pT6V}W$RA&Uah
zbeoez)}-KCF$1STKY@>yqo?|6{_z3BTzs$S;)i=a0=DIrbj4^Dzz-(6p8G+B9wAQ3
zVCVp23I=~i3ZjwN{F=#d-!dHvTT}42{}e68jOc~iUE}%PUZf~aDUTlmn7g#W+!c#I
zg~CaW0VB%|xbwgB6i#tjOU>fbF#Y=A2v@Xr*KgIw2z|4@g)KAowuQ&&ET5)J;L^L{
zpsazZ9Whj9@yoNR;%3*n&HQ-oes>C+cNwKk6UxzMm&i@PtWbjsnw~s*!dLBuxoTre
zs<>gSPxWkIA;czg2y^jQEywgXwmG6uN2V*PhPNsLOqKX3kui!vxrjy07f3}~dH?B3
zca;Oy@vb)Q0$5kNiua*?(8p;X3GSS^w9svYY)5XC*PBbWB*(vTs<dKyq4c8=J5vTq
z?$N>ML8a7e(~f4<6SDl|O*{Ej%)Ht8!~I_UX*Ly(rUUP%wf8Wj-`6}D>Q<<8KR{<<
z^$9XAv^Vz4V=GrFbw$}jk(4?-^fx_Q$LvXHtN50+zsX1ZrgsW`;7E;?teb3(h=*lt
zgq~ph4Sf9{_?nauiFqT3JhX|ue>m_J-DzGMu5)Yw;{Z{AV6QMum4^NF&=!kqMF(q}
zjxDGczS8#0Wx#rzdMPj1+mduoGm?za4fOt1sb0JT;%6^;C;o!{Sw;Ja5!3+UJ7r_u
zCf?Ms3dujEj55^Zar##ML14Ckro$Ua2j$TY9OjfYw*rQ%t2oMM20CuVG8(5vA9?!~
zw*NHcRRUf-suvz`vJW%VK<dA>i3MO_5ms|RO(%~`br`jEG=Jd8F8cnJJbGM281^!n
z@E*=U-@Se1RPENql3BB@p$D<Qh@tTzDz2XAd~hF2)s5tMLp6zH^Jzh5JQ2FVvP?i9
zQp?6UdUclKl@$FtrZ9U9DQOL&!U`4KFJwe{Dx19D76T}u3A}2>1TAJLwcF~WGMOro
zBErXCDk_oD$<-!IlBtu7M2d1(5&o+h5F>Y7s3%8`3)_`xobjvDtrT*mnu}&t*hXTL
z((u169euEQcl3I7)wAx~u@ui8+-03(n}OH}BBfkF2wbgdchQ{fck%<-o2smN65a?P
z`#CnEz!(aTz_oDu3B+y*U%NGD=XgFrI%;~v^+!X(7-*vyxM}&`zF#gZ)%%)VkEPmQ
zz>SrRNG^ngSV<?_5(`6Z_7A7RNe=lxzy!Js#;G<FxtZ!XttmbjrYUGP=r!*v$_l%i
zW>R)AN9$Y_Z9w2!;r4lKE>q6t?@$)GegS{#y2d5oT}TVB$zr%(13&V9Pf3!lq&An%
zqV!9Gr`1lq$v?(Z^&~n0Pw5r#lulboo{lQnpPM6=<ue$08CkTSbm$EoF|R?dR=RrH
z!A=OXK1*)U)f#A$;<gV8@@jCWyMYFTr#5A&k+OdtlX8~MPy|8^;6kBse@i9`V1sy<
zdj8iyLqTV5FQ(~1h*Uc;?j%88$)D0)rkE*p(7dl@C{a;w9YR6lCdB=3hy;c6cb1wD
z>uMcn?VyEY#wTAvgSj{)R`K&T)coz?iroZ)+&$}=hPB+m7BG~pD-)L`eXt5x+m*)K
z1t{J)vnJyFVPDV@xN0f|S52jN@=+|C=bHG{Gg{CvUmR&z5)ve09&$>Vc0ot96E+h6
z@h!{zpo8wL#a^SzMsbM`ep8~Ag8Yqx;%7yd+>^G6b@79UT55={0RGM(wC)-^({czv
z+ro6W>Wq!|@wJPAr2+;PIf<<T1Zua5qIW(5=@BVp%jJ6q9R?mEi)v$5#=mj(Bl7Rq
zhGA-|`ZuTbyW{V(4gETiVz`v(2}@;uNgLTBjdoWqI1Qi1qOSaBi@U=dzRq83hn9h1
zLC-{9sWMJm-t5~9$TZln89)JYw!ajm8Pp9)g`U-)F<nQBr?SZx-w`6+{TRG2+eOMu
zeTu&?`$IiPKL+Dh3%Og^DTfLgihEh3J`KdHRny3t47jV;#NhImU$tVq#h~5VRr!aK
zI)JE!-CM(v7L1Z7ljR&%4M8({dveHcM}W0uwQ_)HaUv~Ak&S4wp4EX{N!%hnCsj;k
zmqP|m4k4`8Ft}TgF@b#Dl4}-t>6+p^Px>9&tNj3e*>3Am;Zj#HfGnOi^DirgZDCDf
z6}c5c_t$X}xlmoQCqG28n_X7HAn_5oaDl&7{1+1qYt(kCAVA*_?jGh0X+`bBW4+bO
zkcxFMopcyRmE;W=wlTw<P=iCI-%xbk%6!c0R6O}6u_G62h=KnxDrq7)+m2suB7l=#
zEdA|%ft&ZkuaO6D_xTRWjwACcVBRRu#a3~#Y&Eiz0ULl^R8xCZ+^#a|Ll^X=Q@dO(
z?SSdNUZXEG0Va^TE1E5y+K&?8<^RkDyA7@SFGM`<D8n>C`W~?DHX@x~qd?c3HGV5&
z=-UQ)&RR&zLuH5S>xKc9jKuXL@;#b0O@3KGb=9R?tCmqPqZ5v{b-UHPFh@g&IL2%#
zZU2`uO<l@w+I~2}xS#Ha2T#y_2a~ALGT52)uvw~gd7$M12Uxm$jx4{}VPv&Gr6RVZ
zJ*-t2o06)(pH)LIvM3#nh?2Un5~WG0=odA*T*p563E_Xphalg<D?Y4aRRSwa1lqV%
z-;kM_nxh=cHR;Oo)oMj+yZT@)+K{i+naIb^B<wbRm~h)KRHhp{AjL~h9=0=TCqVFz
ziJWtfb`n$tU8Q1x6w7wa&?Kwjp+cdc5b&jbvPLK=2YUYg$-fj``4Anjd238igOPP7
zel>md%z8;Z|0u_ZQEExZ&BC@SUlV&;uEF!%k`rF`$ak5?O4@wc>)kKhfB7-Jft7~~
zZ3|2OGMx7nG!Rdl_7_FqkH)czJ{Cet%*q(!(=1S+%|VX($JD8qntg+N3%{@??5oQD
zugHMt;SMwZRgNX!yINoRLk)Mc%!>a*<0qcB={)RSIQ60stLTh8v~h*RWs;vGNlBV{
z<!6>^4Lw3Ws;n5EKwfw_4T=D0rV+s9hsWE>S15J*_-@XbwE**E9Na_-f&$H0$}`cB
z(qw4IBsk#rm(y%%VZ*=Szj{U0o6B@Wm-x=FjaxfRmG@sj!adwF7Qf096na<1X-HeS
z5fR}@D6r5@-qB=B-Wj!(wm&)4`Ax(4EjRL7IeuAx@wCVNbc_i+T@bQ<bBLpwhw<uF
zEc}?;@w)=YBrf`>6aT3f6KlMlA-o<$$q?n8B_X2Thi^Pm%3ooj&4JW6mvKbhPn-6i
z&%2@a;*82o6`+@hKj*aRRn;eA`$kJL7f2n95QQx?e1DJhL5%wLz^Xo)$SLJyA!A~5
zhsIJ55Sf`!ci`{lk0pftnIxCi!I_@J^R7L)FMqD|MBoddz_0b=9Ju)_HqT&d)-%jM
z4E+`Lc*&1sVYfTFa~PdP{CTWu2XyaFanUzvG7#WAARaT`OEY8v)e<~zzd`-adOYF{
zK8$51-buUjIX&Dboyt@}1Q7yMg+ecHR+``3-sJ<u;+<W=d@|WK0j)%iNWFpU!_^=5
znwOm^h-}_ni_V?P9vt7?rqfAzOeKyeLPE37JFHO6&pWAlv)cTPEaQmVhON&s9baUX
zp*B!c8>dE_ij>|krk0<MHE96mu8ucF!r?R%{1oQ@bPLER>`^0;S_KEz2o6kWzN9iD
z<!CnR<+aUP#!=u)G-pr&^1%z`t*-0RsNW*AjlqVC?EX-wmy90xz^GoTnD6U6!qgpZ
zp7^7k79PP=(BGE-gaZha`fYbCg4ALHe6vXziwPOxr<NCHS*ioC-da*=H|0yx(6zV;
zWPsY@pIW5s><pzY*Tu2X+8rElPybvmToXFg+3VH3_|7}i)tQfZ_Wh#yzVFR;^uF;%
zh}0QsLx7)L7TnLEGR!W?1WzOJ)k{S*xbmMX<6RT>`xNu&&RtpZ`||(86w!gaIkz1v
zxm!Hv1yMi*GXr8g2)xTahAlR1O40O+LUtV!{K)?k&DM@v{BqqT6*wAd?rFDc=&nFk
z=_okPo={i1*t62goRKvn?)jUZ=i#-tBr6Okzd$5EmyhI>Z1=b#r9Uku=-F;BmOZGa
z&q7W>jEGSiuzdFuhjzn}J!+VcfR2~`@_XI`mUM<&6nznf7))dM!@BsQj+U!j8(k+2
zqdN+Zk5}QUu9vFb3Hw^?dp-p|_2c1y*oMeGU(9A!Zdm8{RlwsLBOmbM_GGtI^@M5L
z(w6n0rGF!M_t}TJJ*y+~u?z5gS*zsSSe!5X<<5B2cMI<oo7{LN-!!-}Ddd?UIJyj6
zLkRU}%>n8k#_KdM-M1dCrouJtuh(9RPOmz``KE}@&hC9~n1zY>euDp**5@|i`uiSz
zl^fA4b%9)Qdyoxd(ekKz9Z%&VvuD%?efPSu=Q@LizHV+%<xNDzL45Bwi~Gu7?_O#I
zA5VmAQGu&R&8V#H&Ed^-dD;O|KD2NkEUb<nSuBy5=I#kP?p2HCTTsit*1jP&!JyuF
zW@3wsJ6{(fdZbj9=q%qw6mfLA(07%Jg!oA%8FjOJJjqPN48w2)Hr2(NsonZ@2VgZ8
z$<o!TAc>OO>L?+5!_p^e`&-{ip_kf5qwjEFg&4PNqDQjR@sw#2@OLGm_4PM~d1Q+c
zb1d2UT||=@mk^PSw*wM7@6=CGOP|zJAIy3Cv`hcv8Wd6!B3TYkjU>9g6MoYeipkiR
zcOAdc2{Dwdf~BIcVK>iy;OG#HG2HfaWYmCzfpOa8_@&RIyjRIZ*PDOM=B^N<t~7@H
z_73pMJ02%|?-$!#TT`Mjln`T=twHqpP4lUE3+o};ja|>f_yF=Rm-gtz(l0QublfmW
z9;;5-tf^3cJ*q#Vg5S73qP3)wp-mDiY-*TRf<xAxOXfTELe$c0N_>pqEiA2nx|Piu
z1(hy950iB1N~{(#kSAgWcu;Rl@A#d3DRI>?Ew5_eRqdqrndMuK{5i0QCJ&m4J&g*A
z5b_vDULuP4qU|65*rbXe``C$8)UQ%y|C)$u*7$D|#=hIK245k39A2k<Txo!`2|e6#
z$RKHwtT60UWW1x+-hye|UWefy8QSAXg@Xqc2at8=Lwzm2Grh&~CxPAFen(zTzP$(I
z8AZ-*1hl0%uMGJv)cIfM!Qj6lnizKmUCG=WtjT4KdHh|`vf!QYXrNk@qt>e86v2N*
zOGLpsu8l4ws48)u4Qr4_=7|Kl`F{Xa7;VyFJ~`r1(4LWX2!1WV=KUuFke=a_j%=g{
z--_n<j}z|(H-lssuYA5fbjSK@R^3*gSIx@`;H{VM)o4qAmekr#5UsdQ<~5*|wyy1X
zmk$FvWa@^;A3lGFpf~~_l-c^KeIzlFGhlke@VAyC;C5L^(<>HHvZ&xp@{5U*@EOX9
zYcedoCIZwl%Md@4<slbM{Kq_VQjuOnE}VeI5yRdIgOyU`VD11+hMN?ppc#o}G!-aD
z<le8W!M2CXT!tosIV(FpU`V<7ND}LpuxOTo+aN3j4^?<Agy?H5eMlyzd?lM`g>{x0
zAb>a`CLplyy<n=yAM8-|hPeFj1<*e^cE8`ezE0J!8WsLBm>Va>fa}n!cEU~bhB^jH
ziDx4F|L?Zy@9S7Uf*H{$a7>UFLy{?HI&SCPK2xBhBjdt0&UWxDWk}{`Ft*)hmB4Aa
zH5TNHhjj_xulse6=9nkz+48gimIkUDj&C8m7CaMQ3pRi~B2zi@?Z2JZ7(X@#Cs1g*
zs+=DAh*|f(k@CqP1}o{KFNT6r4=r{MA*($V(?1Li;SGKr&q@sa4IzB+SjIRYyh$cP
z-8J>M`pjt6mhqAKZHi#+TvhICYB_vveBY4S(S<?z61Gmiw8iZ&&yxL}XS)F5oJ+OK
zCYoEfbo-nvC?I&4!r-qDCAP<~i;8!1^8fnD-3$364ugz)cP)Q(N@*XoS;|p&1}?*(
zbo)O>*fJst<pMM?n8A#|&yN{;=daM7H~1<b7@fl4IYGYWRf~aCDI9QSilqiDLJOHz
z?pPa?N*w_Ezf1+0|Dc3-(LvBI>dM{8fAZ6^3i3~M2E>^ZGwDhM4464HjMxWQw!!=V
z=Y{*fxCQN=%e@RnR_|M$<-9hKc)`qwigt9w2p!iOetBM_v3%btV#xd|Kor|hDdFj)
zDKdwfh%|Xqz)O2WQlTn0KDVzFaQIeT$Bw^};~O7)*>S7To87UN&);q0YwS?glfQf<
z`kM5XgAYYwyj0D5wQU|2qf;~2PpNm67}XIIN?~)urb%9r!IX4p^<v(@&N`Ed=#%A8
z>DpJTx>h*X{j@%@SpG_$3C2R$TOv34eVjkdkCLq*r|>IyIA(uXD_Q^txl%`4?L6>;
zpE0GB;#H7oFEWCfJ;A?afLG@PQm??n3=7r(RD<OFHyxe3%V$Fa7Ev-%6!b3BMb_v;
z2AA)I*;Hv|mR?2Q;z(qq9J#_@&<!qw)VL<cABU|K{w_l8?^sU|Svc)Or?dI1nZ$fV
zR^ZkK)WRYzdQnq&7gz`=@5aEt`8TBI&)l3A&*jz%;0&h%(uGsUvYAg&#9#U^M+nvV
z;x4aGnNwQLtDr=4;kc8PZu0i(rRWALo6>b*@e!OWijz*BR@hEg3JX64Xf)E9y(Mmn
zIl5k5@Wk?BewDB8O=lX~jW7Z1<Zs*%f#mib{!RgV|0`}M&|oSi|HRN-m4*GUVX|1n
zq=(SST7@SMF3=Xg!ap{*XN?+66{3%h2eY{XleDmh_i){2Y-E)LqhY`lZbA$1W#+Y6
z2;oA(ook1HM&?Q8o%<>gR^fFSVRvN_wZ9mZ(8Mf||0@VF?P{1ozMkv%Lfz30!#I(J
z<vz5mlR4s8-Ft)~GJMtDmb1EiRl^N|8;2yS|K?vniBMDl`2Dir_xl`SMwXNS2t4st
zkNT=vrs<_6lfm&Xis^ahSJKG0%jOI^qP0!ld6&3R(2$^B=^HdSKk(lEdM^FnO;Koj
zs3MLQVP8`FF9?dSh|S6?KfP_joQ~MDOsK_Y-qywla?oq8i`nD$`~R4_%BZ@MrHh1M
zK|^p4?!n!HySoR1yX!#{+}+(RxVsbF-R<J;<hwKPy_xS1i)J<J-qU@mt7_NoUH=PP
z!F6=F@XvPp6H=S`Z5gnB(g?%)`d25e#yjUwe)fH1F{qPHHHr0csL^5oA?CYU#X6bW
zU#7iK(<@wb#CTbQ{@|SiN4Ut3p3|Kv+vjxsEi7ObJHPNRuv_M#JnaHpr(>fAC@L&C
z&8N5jN=eM)8k}F8rW*>2;#>?IR^N%JW@2oGlXpZTx?xa+Kbs7fip<uQQ|+)i&@h#M
z8_e(j2b=+z%*A7f=LR$Fr}YH=$?%lp?x4;-FE#NY)QwhJ9uXdk&Y9jeJUQ<cvx7m$
z)#K8@i+jVzf%Qvb9qa~6f$~#}S8+RtJ@#o`(WonxnGgwI2fPY%8uaYdf%#owDF2ni
zK}~Fg7-l_k@~~K%z*!~-0iq;oMnp7Gd?Bd#m0%$4A0h|5m^~i&i=e?XY_i8jP?I(J
zPD`-c#6Yy;lj*jt*|0}nlrYnYrwxE4rw-^ZQtJnV_e`)0Y6Y_)_P$Kpdc8*|yu!Zx
zPt8TpJ-lKV2IgIqVxO~Gf%_O#3}n=oVGTkN@~~Gj*&SvyURT0X%|SUTLBKuye?$@l
zu}kc~J|BT$^Gj?506@G&UJoxM@jeo)VRvHS-y7t_A<jDxaNtO6jYKBV9BJ*axvuQA
zKq15pzwKr&P?^S@ydwn3o6!BeB_*}ECUgxH3*{8p;Cty9su;!&*07g7bTQK2GzYGj
z;*x5+CYnFT0gT@HUyf>d;iCVoPB4{;f5H4~Kh*TQG|2F>vgWWRF^&cfzOxP2s;t~i
zf3G|-aSl+>HSsu}aMZQZn0nhavaM~*&=G7xITG8_HzxD7eo(w30!v536e|6>SpTaC
zg&|l1R160}y}O-=avYa#ZZL%>!~J>PLPrHyvZo~osa^B#u`HZ#xgIZuKvCVI{7rQ*
z$Ib4d0%bidvgCHb%y!yG^eeMv<9%WvhKh}t=zH4z=Bjh~)M5(>A18<SdgR-YCV3?E
z1GeokRMsv2TKo<!>p~d^aI*!MML>b#IN;A`+kzj^S1PI<`gtR1e^g6#WtrFu?05WT
zA!0a*qY|Uw9eL>e=fz~&694ix3topF{jLYRsl|OfzaSMy^}83nuJw7oBgRdL+=y1#
zTNOp8CgaYyjX^Q5Yqw6;$;LSkq^akT5rk?u!o8K4D1k<ntdYjvzcG1AmXStF*~(#=
zi&KZQ15tu~hr0nFA^o?5a%K_^1|)5>KBX#t(@`sULzwftc>cE`DKq2Y-f~I=N2f30
z<aoe&c)RcSpX_Jj8l~yY8Nb*Y(S`s~N3$YJZ=Hp!D2Egut+P=+Kyd_rDaG;HmBt+T
z{4e55MkkedC0p}8qfqJ&>0KTvil&Cp+bta?KzIG>yC<4}>9r4A&$E@{e3A~HiTvLU
z_`Oli0%XPEh<iL+)m*w!EEFX?>W2N?aIMTb(Vi}_0ePdntUuSRSud=tBwQ~5vMt=6
zD&XXJJ!6WDx{?dD%(qSeD3l1skDtfGb$tk0h>Z965{*izeheDf6;=&!VFX;)s;}o;
zga@(u@AuXa7<LL^;Kvm2@E>X1%=i=de%|kcDRQ}xBbk=646MY9j-+A7RB-5Ovn&z-
z_5j_EX15Z9hzg7<dW)r-)}S1#;F9D2%n9iV8JCw*H1dWW21(*-*^RX+FyJ2i)kL8!
zSk*1QtLG;Ez=UoA(oWVT8hf3iZGZkYjfWI>*`JxeCHGM|rI0g?hcJ~@E@F}L1#jAs
z4C<!uBO$ry*t8~QuN;plFTIi4=&MWg`;hR7n4@s?O}qaxbj(5WrhrT8_*-qwD)@e0
zA<Nzs5BNuD^0<m)IX4vFfGLGL2jmckbZF30#ThU|LgK5jP|hXnca|UvAU8wF5E8pq
z8`QwH-K`Jp>31#Rli_l%o;D6@>vqG`e6Y6E=7!Xh{UmMoP3jMfXR>fR&kyQ1V;{oh
z6fk8hn0o#fv~u~dAGLSfx8CS5vdjV&wE+bx$U6j0MauG<SEi8CVA$36t$TYP!oOV=
z@E4yDTIL9U>TyD<2YjWd8-uxQ!%e0+aPP0hf=4T+EItuhUx^ZEZ@+UX%YbP85x3^?
zeCWMvYZ4D=%(bzayalcscG3Mg&l{(0sJKNIYBV3EI%F)3bA;pSxVJYVobz;w+LSNc
z%lR9;g7BTW@=8xUP_Anu!xW{9`<+M*KtjADfN)bgBiOS>fQW{F9)Rv5-|cWUyJmn;
z_|(O*_oOjQ?pez{G@1Ry)y`sj)bLOYbx+MFl0!lMYEsU_*~(y)jQAsd(TZX_k0aHg
zeBnyYUv;DsW$>RKIoHN14_#_w)kW0`>B>kFH0WJXandi<edv)4zl6o6c!mNyPCWm{
z4a&SHGMA=%vx@75GWI=t_cHdOb>cGi+}4}m#K-omqBnTfuPEHFVcu2y>^}0GmV&Z9
zcW=}gC}7y$TIl4+Tf`sb5e$?ww>vMOPq&-!>t@7VL^>fiV~tq#R~aiS^J!+&)qn{=
zPM;EQ$0x*-`F;cZXJxwlSf0Gnrw%@b^8<;hmvj?2_ukHU*tNMM2ozq;w5aa*kABY<
z8-qCB{{~^cpFt3VwbOT0w#vQ%c8`2rLYGkRn@zr};`Mwcu)9Sue$`vA7WBNTeh=r{
zX>VW8N3rpx4(WsVQo5KR4z3knMJ8Y=fSJe1@xP8~xUM5Fez}8dcy6L7=r6R_;RTX0
zwZRh*A4by2MHMb`k)iasSsuZD>#vE$|K&eIZ6m+qr8SMZVuyi(OR6c+uywU~^3s~i
z^`cv-G<TEr$VG)PUtc4L))A;*Ibfp3ZHJvKc?g%WEl_inMKN>cNdUNCJekJ~r4^4{
zvF48D#00Zn)<?IBanE~4bblL9PVvLZ>^(fjarv12b(qs2Y~l+L9Xvd~8>}i9O%Al1
zLoGsw@uxEq#i0xruQ8{}oz7}Dhv6T;{QA#f?h7Re3zL~JB<`N(4;46iF6bw%1l{p9
z%~jFB3UVJXn&8k%EOTq#zPnTjYHwGg+ADJZr7E%^jF0@IiSdNI_h~Bj!;frI#a`#L
z3pLUa%j;Wr?TqZaH4lltCLYXn&n1|5Ty|0<x9esPOeylgE`J?bP_W~aH}?EF@)z)<
ztiju*q1aU{<GGqcnrax-v)c6DnTc!@y62Cr&L?1rr*!$?)W7M5NWOW!ls8!k@)GW8
zQ254AZBt$LlIUH3*@B%yfadTKjXl`!RcSjIVsW4Kc~Ca~F<R({_#_nX>g7m_d#-mP
zL{Yt5Om_ewATf3;Wcu{coBMt;>o=ds-yZ0I8!Xjjf0iR}hw|!+*d2gld>F2&0tEVh
zQYEM+8{26q@2R1Qo`FjD4E`VeW5%G;wdv<utpf_Rt@1wi7@yU_)3glUy-H`edobI%
zobxt(ma%$5;<;A5rHu#=5yx%j=%bGchLA?3A^m-aRpaptLS<)=zFNVeuDdN}r@MY1
zpNcA2DoDT2XM&A(*bajdu>07q-|&;C3QR;K$FARqYsq)|Lbhwb#xwNg##a&3PU|z9
z+=GoVa|PPp_&W@4`n;JeLpF(7gpg)}d%{6E%}A`M&JQeitwEW5RcupqM>kM;>~{hl
zzxPFKx&PrzLuVgN;=Y;|uqmw<LX6!6`YafKL(nlJ{d^lJ7KIn$W$|@takhho7y=VY
z{~V@@FlW+`BrQX#VN@a)v`HC0*>GB7Wjic89Yt+T+V)!dSZcNDUcY2TBy*czd!NQh
z9qSQSmc|b}nV~vq#B@`s?K-?2JtZlZf*M_OUt08rA0GA&+IxPe%h_e8|GBzbR#iMa
z9nz~`@RK9U_DcUm7ZY)iC8L<H@Ai1x<hU-QASdG@*ek2x<Fo`pmAgtGQCvz#v<X{P
zO2poVX(^asNWyjyUgU8(9-Hr0MHvw;CHPX_0=EntXd~b1@%eB{cwR3*Ly1Vm9UGej
z<7Dtli$LqtjFZ{n=vNfoszGN-Wg1r+@7-T6dv>bstw%Dm9v?S_H<qm%4C^h1WyDtP
zH6_czQ4zySC%a6|cbs9ydY!&5+#M$1*OanrH%BS6WvRGp?d4q~4B)t`<$KZRiI36I
zyMG2M<@#72um%t4EqaNFoaooYT)VM<v!p3iLNO5kNqEtku=*G<96s~*)zghYr;oEf
zlEBSc7P;*#4WI6gwIq)BZi!BY8FP=+bcwD^1Lp_tZ~*f`$g>!A7f#W?r`|<NFDH`N
z7rCNswk`ZY%Tki}u?xmC*G#f(!24wOq``xnRJ)sbGPl~G@`7*YTDehDaORuha@GMZ
zHed?&SOz{3UUO9-FeUko4?fEkujz;Sfnq^8If~SMi;baLF^$tk;Dg7WYFP`WXG9sM
zLfsmQ2C6%HOHTC%ItH4oPYWRy1<!9q-`tV~0vuchq2mXh_olvgwSw-|feOV4zr6@o
z+6F7e(w##8STAeywA%(Im@9*zCB*iUguJ5ZeIaMQN7J^|gQ{JL%z%zzofU|K<@Z?j
z*3jvec$+#azMIRT#CNsCmzt257Ah(iloEb8h0bUy&X}Y)HBjl6VgHyW#1ps9iUG!g
z3(XDMxcy-sZYJQ@Aw8`d8zKIcNHa=@d=Mo69WN`H>ooX`SWBysjRmY}T&B!coC<#d
z(Vc}yQF8er0LxE<ddk03ij{_wbVst6hd>sl%&rie>I~<uu|}IIWWrNctsOM%2_`(1
zsfc5on(c&i?nbGRe`2?OE99+LM`}~*J$uS;iB^#o@di{(Q(T-EZRW?94Lf7=BG(w+
z$AyeR%2^>Zkg~&a{^IHakA$o$Ynkb339A)UsKa_%3|6zoG%(do_F%mz-l0ov_kI7@
z8M`f$u*2pBk11cq+aa4C+wc}J+ga?7Yioa3h6?2_5}%-|GEXwKPqg6uv-@KX%?sG?
zZZ*qP`W6=&S~fEV*;Yt+Rzw3!Z=!S`sere1>|=}Bys98QCzkYl=}^zdzMrUUG-l&D
z30csW<WSETb&q1Fx0LCWnx+VcE{Zgx;wtw^ZVpO%PpS%QPEj;neO>Al5S>XjP%ThX
zVSJV)y$uuV$?M^`&aL9BcxQQeRt+TNHR^fSpCjASFLZpXXRgnRK&a!o>`>uoEyzOw
zWx@{Nm{k_|8`6{d$&8IjiH)EPvdwy^&gm1)iOcIaG^-w@MVyfPSH+D^mKA;^!7TEH
z#Zv5oPKP4g#JKRy_AMfxI9{SNRPA!aB)9L{U2iu|7!v6l)yNNdR^sTQ-UR+N65@uh
zkSJn`T}8rlq8mRn?b<D5%pHQ_E!SDK#)v61@c_Vg!E*Z89j*}f8>)=*K3h!#WEzKC
z>)&i(r1dJilhU^8isg3~Lr8TPqTYGqNOOi}e>BBbDltmd5AsGTj;SGe(#H^*JJnT>
zU0ViD&Y3%u0S_0vI;E-_W|T9x_oD6in8(xH5QVFk>uL?>^w8XUrv~_Xo<I+*It?TP
zo%H0yn|K>fH<6lU@PTWnLhGDq)?L>PLgnzT7Ufq<!|{My2NL8xOK+QBXt^~<kbThl
zM7Pwx^FD#EH@zl@r`$IRXGx6mADyMdOcGh^+m!u?0@P71CY68gF~)UEDIe9WgNWUf
zm$Lknuo8@V@5`)bV*l)Z7qL;Ag}*=YEe6S^d(<n!Ksgb;*GE!3zgNFf4;na$gMoo$
zpn_vS$9UJ2P22?@kx&)qrVveB`NP1g+(gs_@9|dPRGF$0|A{Zead_{Kh@kMl&>t6|
zqaqLzVv<r|au&+zgJ3cTcE;2npIxg6lDL{E2-5W_iU$^%h3WzfYF8ZFA>cke5OO%!
zY*^oyjtqWpHRKkp{y_-iz<vEIb$sRQHCbd}O-=5hM>6<@DOY{fDAh?7vC`$~Dyl*l
z67#(Vs#<+_WA~1yL{*gEdEi|)-zEkCiS4XTe7$XlV~YB6(e#nqY@S;>#AhK2&xdh^
z`netF*DZ+9AqV9`|Aky!FhicVAxo#Es7u1-ilJ;vL<gF-)*c}GerU)u2iRQ}U+ZNy
zkY6~L$e@pbT%f`2zRj-)CG__R9XEx}6#~Pb=XB|ffsQ0VbM3t81LAMt`8A-V;xTXW
zGpC%_3{|9jV&J<bGO{KKbo9;GXo#f1cY$PND2|<#+c?*~8r4+DFr%itCIu4#)#Eia
zH)~|&;3?Vva{DeL$;hzD;Zs6)^3$Q|gYFW~QX(QcR=aV&7xm@fO)*N|$gugqI=(G@
zn<~yT$Q{7j`yB{adk8=bLZQQ4B;D$DJYGGjc3#Bc4VFMg=R93}S;+l^fn&-)go<mY
zxdrE|<hh&s4IHR)!R)v9h9*Focf=ST;vze3R-Owf&n$n7|2X>Tsc!jY=BAs8KmO;=
z{-Up52dXQx%Z9%Sp$JRb`)%)EexGj|U}0aG9k{029ozL4@}PjlA4l<7K`qRimW6V^
zAGJ<U5Gu|erLt~^-!l8$<VTNm-8atEuE;--h@SD!`=9UW6N%)RIl7bte5%k&`3(X4
z%Tmsn|74`-Im&?jGL9r)2!N>LaY#3a$2X-hi&IK<%;u}Hr%Ws4!R?^X&49Hk{nZkG
zf>~84m}Y0jK#3;7d0$ABIojC1b3DI$H!rxadhf_*vFxI3_1FO-BrNt=KmC-6P;gtI
zn}-O~s9uPWi}YJ~+&H6oZ6H-X%cp=htE;^L@vfQH`ikY@VB>@6DX>$>Rs1c95cZ-k
zkw=iSR5j0o_>Ti)ySjr=NhF9(on|98XQus*AJply<AG>D!SVD>OtS>-d3I`@rD}O_
zv$tHiy#xh*-G0si_cl-deCvnP_JQx$C*wI)-?B>oFco#k$`%B>IaR^p%F>qcX{u38
zhEjjgg6L>H)pU~(a0>_lDyVU9j{Kcc+J9X`^tz%hOrDCmGD(JtOh&*>OvIod_ZEmZ
zUpWGDdQerfP-nP%)jpv+2g&9>cWGEvc*^y3`1uvtc!`;v_EY-g!v{q&VRjM^k*CBh
zcRWvlkV<s~XIkfX#J|=C#t~k4U=Llr0DYnbR8u*`M;q>v1pb!j33T9eeq}DF^<A4H
z<E~Mf#6%-h&s)G_8hs>*xJ#=*F^^GDZu^4YM-Q@{)2dz6t!hq9a0>%tB232VV9h}W
zjXpLb?>O2*IslT+h1IB=Dq>MZgKTC#D?l{&lBk{Mi6bJN2`OE-#m~NF`h;NZfyXz-
z&e@3QTh&4P%gz{WlRVUv-b_JQ-C%by=(N|>dkq@BuLSmKaS@K~hCYX{!A*mWc1BQg
zEB<$WzZ;GPp>g~JENJm;kH_?#$7rRTA-NNuQ@x9<BY?sFdY*w`<lM87NNL7Ty)zxq
zqfl`ClM2m9Svfb&Q}v))v;LS2Hj#uDKVF-Guv}BHK`$YD7oub%GfDr}zMt=d{}B`&
zwzYuk%6nSTE854P&1@dc&;{_bIx)s>gP(P>A56fSnK8ZU%X-wwr$f$*75&0!jIE_!
z9t}hQ-@2hYMFg>uwsZbx@UyUM)t~zjfqaZ82OmtQl7S7FmiXG*Y-x6iC_icxM0#Fj
zv_iRUFdZFqw>f`uW36MEx9D-3^f9<(Jc9?^vzh)!{>73Uvj3TopyPXAKd>%~V%-<b
zSx_&B8_R;B<NYMAPnHAzsYC`cdL$4*AyD_Nm{^x+EcE*Av{~?YHY9&GI9CE!4s-aH
zXzA<p1!+vW^NFC6r310~#x9(GEpufKb^zlxP8f*Q#64OB%%g1z9-+B(KN6Wn#Tx$S
zF<1qsBPAGKVo1409$W8X*CGm3Hs&`TzU{QvlB#k1&?8O#jQ5!rfG=GeY#|r9jb#Gf
z9u)OckJBj#`~wkigrHYQaCF@JFE`ug0)u8WED-!4RkN2zG&LZuT`OE$)#)c>^xM@}
z)PC^dD|(yQTBwWyy4SGz!n^lA>T(m+0S9)Yb8}o}v;%p##j)pdUHc%Lq>Acgrsf~<
zM#ab*RU<s2)5pBPc4riN!Hs)&vdvZLGBk{K3?ez5E3A%-5c#;W{>hzQ@);iOZn_4v
zvhIs>^%Gvd2nQ@zY2!uoUA5LI&K6789-)x&uO!C;El;NhBoZD}2*WXjjMK!eAJ}?X
zIU1SSdR@P>sg!~#f<}||M>jY!t5t>19)*gK<JY){hmoWKR86zOF!ZTCUp)&uMI*Nu
zsxN(_AtVe^AK(>@(A7(VKaaoQ$ZN2UepVwhAG&HmuGQ4r7fNkO!qtiYf2nE7Q80Qh
z5w%o)y0SFV)C>Gj%R;KON~rM;d(=QP#zuS+Bc&L7!^wwccR>vs#wS&L^Y5;vBvUv<
zz(DvkY)u#dwabsxT6H6egGwC#y~;g4*frX09mb7ZmKB5lGwC~#`L$=G{1urNHc77h
zvR6!o9u<BBRrE)ANCk%4++9>30T*HWv5wkd#%0Kw8?$<wx|%B+ENAA3;|e|Ewv|s{
zVwk4iam7jA$o`c16oY3Ju4kuCXYDQ$a9t9Y=tv1*Bb8&&WDMG|Df8LfB$!9#H(IbW
zBBz=Z%Xi3^#XmF84)OhL%vL83R5yO~B-uE)q<p1ypex^3FMfP1BGP~M<yeC$z0}kD
zb5-bGKrL>8Smcv)wb2+I1Opci`nGY_0K(H+`&!dju}?YTEuBOPFQgpxQtY!2EZ=Xg
znANKH;97a7_1CQJl7y{_q?mDPQs8bgPhF6vm<5lDeAS`AMQ5IJz)b8x`AE@2^F8K5
zS#4J6w@AX^FH}YLvQ?FS)TEGq3iGTQTioFP6(13yKA1%iXI0;XGi5}tzz9myI%ZG|
zjg1(jxjGV3G;`hGYXg$d<@6!nfKROfB;rjJi$Bp&l&uZB&7JSpC@m@OFNRYS_!Ok-
z#gFRWRTPe4Owvz7KP5X$BP7|uQV70&q_(TRF6m?1Q<<x*XftovD@{x3&o~pgKY;mp
z^ES5C50>L^5ZBgHIi3Ek*(tm0n(Ojef~$U8o>TJ-XWL=of)r>r4IbtDs&j^e?l8f8
z`B_g4omf<HbPQsbCdEEWG$%Ph5-n`$cSaRY-(KdwF?Dv$=lc&p{%V|qoDlicOKZ**
zx+vw+q7~xmg#_#S_DI^J)bO(PH<#;?7>)@~>a5$5>G@g1ZVPB?ZeknWI%s8!IX%3w
zJ1A;E5C-0xKsFoChMJm+snykMf<9MOy!W%B{A5+0++KlfyGoi8jNqu3Rcq&7+FWN-
z!c+2fJxJ=yzRGfJ<M+U2v-^EkVY_AFDh7GmkGm6EF@1QK#(~yy(B}n86+Ih5Xe!G@
zf65m0(h{0oQE$es2+lVlO8nZVaz;@=hu?02vn?l1Dpw^nL<`{koeyr=_8sjbOa{+j
z3SIdJdqWeqm}=&}pac?z@(=KaCd8$rN+}D+oJNXTiQ%Tr6Wh#)BiYDaXic<SKbxx2
z{~>upI=KcWY(-(HDUDMfQluW2Ac&`A#dGgk`5TWcxvyqY{mO?G^bbi-lmf(E+wMEO
zv>IU4W%>$Y%ZYg3y3{QrLnwx0T0T~&q2RHF*kmPwg9nc7?35+Dx3!x+e+vEL0fH65
zZDuF^JNJU9kIU8f#g&=@!onYEUuX4*>t>nu-2U9<!}1$Aq>SiY-zGe+9Gr6e(jN)-
z^fpmVAGo@k5r4N^n3#h=X$c^I)p5ku%jf!FKV}$giTqXAF}cuQg{(HY-(2@sF%@DW
zjL*<^_J?blkD9(h_?28D|6qv__5@>w51-k7#$QK))JEWGZN=|SB4`{obw_Ur$NN#;
zT19Ln*nd>tWPEtina#a7zGm<Ga_)!(isr#ix>89{dY^zt00__o+cUAP4vF(V6Isi!
z<BQ?Eq@J}o+=+KRSI(tuk9dV-FsU3EDXAR#Xw&ljjA(sPP8$^-EL*uM{<zkAYerp%
z3D-@tJvI(w9M|tc!q9-oh`tikw8+p09+5QAUX#+IH%B1vj^kiVf1=G@3RfjPP#oH!
zs)`O{)3N#q{EHz}a2vH=h=-n19UM$qs7wsx%#j;`1$Ux+z1}y#3D`Pk8rpCa61=pm
z*+%hr(>pyhu&pBNC9Zrv8HC`ECmyw*%Z)7;T4oi6vHOZURRuWJw61ip>ec$E3$dM~
zxEcYS7AmN7OB~Q|7z#$P+hng$E4FwN0Eck^<t9cMt37Dr_Etjmm8>yEaIYQfJ}B~!
zk5Up(McTspOw9C~d@5Sk%Nv0Lk3;~8yLD&FmRZ`tMup31&h9S(bQ<v~$?b}IBJ38q
zDt1h{`SzfuGx|1(d(7>YM%0D&pujWwp;`mXp^QrX$Lcj%mH|=zZ_WhviWhE}fc>r#
z>_Yqh^V$oMXY?;IEgU0{?oI@Awf2V|A!iX*GJXE}H8N*6R-mf9@z;hO*=y_8s%4dL
z^8UYUGK@IBqeq=$J{QODW6RArc^f-AHU6}Wo1<5utSS0VaTb^C;XIO|69S6o*0gtv
z!i$?wriZia-ecSg1iEF9@1^Q(Ex$mI9ygime`Kmxzs<wJ)U>uWZ0Vei;~$T3oV~Yy
ze?Wn_^n`M{vnndge!Lju*c4r1>u}`xm47tIptd?%F+a<cPP!*va`xI?bI>`uS(!bs
zDH`ctgB*7bv;rGsjpF#k4*paVc}|_<M1*~k1h6<XK+khLwh|=NN^5&Ln$~FZJMX>r
z7+{L&Pcq9(W4uU+67+$*Oj)GRoW|xbPfsi_-RT(xYS)U{?=0$Tkwdjx`S@uAtZ1`p
zUj}BWUg$z&)z3zvs%1ozCTPWlVe4&!j2tD^h&S)N;C4`luBk2OX=*E{MPR2L3e3fG
zHL$(!_k5~#*dK7@XLJ`j0`YzH5Y(|eGMVn%SrFU9=K4NsA_^UrUTSA;6ierHo}fvs
z`3!l#^81?JG_gBY@j22ShHPTXZPwz?y|8?n`Co{M_9faIy9Q(XnrF}MecPHez4B<|
z8fuiyFUq<<Owz}$mVP6RHqHKbZ2+*=06(2LL5cRw=K`Df>)L7=wl^yyRt{X{iizAW
zOAlUsl5AO+_B6OTA8ktxO7Kt9W-6Ubj*a-;BN3=!6dpKAV=MCl#w^dTmpaxF;j0to
zw;j&YHudY-&(?Q0PQBDlXS8puYpHyd)P?Dc$5uVBP+*Us#+m&1nlB$X-hko>Zdt>R
zU83*t^L+$v)Ltg$3Y8i~i(uRD)<*@(zCt>GMS*94;jQxPE@_Ac>BEi}dABu7pNFSA
z^SXhgA4=;`?j}y9pxLRgMP}|FM<Tj+ZDFG#^M<*b!O$ubzHWY8Z6pDcl`Jy$Sz0DP
z%cwtH1?hNA?vO^j2+KejD-hT1K=5pcuUeb(j6vMv?C`ITGib_-3-igBi*$ICRA~%e
zPqtVdh*&7oo@z1~h>yBfcp-4!TQ!j3<kTH(JC$m<NlqVPKAp2K(5o}IRprJR8Cx)V
zV2&uU%>T^5VfWEHK>CVjy{^P|Y|Qi5dZIo(O3CS>);;i$&w8lo+^AX@)UHqx!0`jW
zDwdzhD$%ggKGz9*EKc0Xl8Tx=nx-e;<2r()D3GJ79px#iMeZQ`V`&fEu9=2;Opc;}
z;8DyNbbhoMcPcO2Z&(&&t;7ZX+5E0Q6tkSYx5+Pb8>jIKr?)A#&M^8}W*-qOZ&Qk`
zDw5`MD&7He$tQf)OR?->>E0_gsv4iO@ZQv{)PK*&J6OFG<w+I4Krw2rcRLuT`mEb-
zg()Sta97>ZZm3ITSd#~Oc<T^!+^c&OG%9WE8Wq>joTC(_$zS^q)v)P0V#&_0iZ<;t
zv`9E&ZKbxtEv$+L?%Pn*aDJ#wS>?mP5B}ir6MGi;6gJBG`;|FN^eE9)ylEf#ACv8_
znVVV_6;N^%=MreNLX#Dz*G?)v9U1`f!ipVSyR_2~g|LNR-2FP6Q1rZn6)YnDpgT}0
z=U>5Yi2^Yzcj7FB7B~63-AmD^>rbnfZkyLITXuCPQoG-S8vx95OFmB|W<UQ91Ll*I
z?Sr6UyVGI}ElpAh5epWYK=G$jCauH=v0ju3nkcMCAP%2g>NH_C4O}0PtFz6Q6gt~5
zJ9llTm^S*JJ!>=u+b}qHyeb%#C?rinb%!roCgYn%zCnh2rlQ!v+^(j&p?2<g|I(rQ
z^FP~yU#qqV2Opa+BtWW<%1<cl(Ig9RADl;Ik~Gh~Z2WlFTyD^8H~Y}+OkcX`P`%)=
z;=MI9MRQ`YJg=4_)7u@97_ukF*BCx(5Km*6f1OW2-B?98O@cNG)Ei3Vc|{bmi?tR(
zt$)tC1!U;yxYic_JI-MLQRO3{?bh|LC-w1I(dY=QJzrGQ?tyFSLLc74@G+Xafits-
z#owUp`9lP4+*@;P?NrOEcO<7*MVO0kh~DM0lJvLvBm4!+{@B{&^9nAn%+`Vse`Y;B
zi?OYK3}T|NH>(6`_Gm@ad-?158JMUB*r2B$HVlE=LMk|1>RHFHcgB>7HP=+CTZ_UN
zS0w9=e@QJr4+HGH^_^lm7<+EL(JIfw;Jo!SR26l<dYFw%V<wpNgtAg;q&%9$kPG3%
zoLPp!E!_X>sWfQ0pE?f3LC;`^Js(;kTQyvGfE5}Ngj3>zE*ww%-Lv(82fmKUo_vwF
z-!wz0G#*g<-K>X84SmHfV|~^z=xl;ckp}n&p7jTyOJ&Z}9k=SfXNCCX!gjdlQiJF#
zx~PoVwmwSJ!n*5kgIuJ&Pq1P66hS|g%jwfa6lm#i8v|8I2(h+2v3zs?j7b6MuPb4`
zJ~%%;9eXM_UOARm0tH=fdM6(%-$g!^Fg&x&C~`L9YCne_=`mksNEklvZ*bw1qX)2R
z7GrG*w;z(`=mjF)lIj#=DGIl9!XHyjB>QIbA-pqfmO#WD^hq`0&m!lw`^LmD`~RxB
z-2^#$H=lz%;;$XCWmt9LbRT9SdXj>#h6b<^KAy@QJ!Bbg3Ct;@Qyd>fR^6>BBkB?P
z@=u2Z%w?`eG^s2}s1gD5ebZq6uzgXU{PD|3Jj3pD5%o5Nf$SgdsZ#RY^2P{JI-Hi&
z7H@Qc(RwqK56g?mU)VwfMkIeH4~II<Ne0hi`dKS?mnv1E%bv5B{o!9$nSw${#=s`}
zfg9o2#IBivwFPQBBz4vcEW0Mv$-qJbwOL`#nc$1l`TY^m#Ha>V8NCyq4AI^@XCAP;
zTd;Hf4;$leGKS7^@pUdy$#`Bmu)Mx*B&s_cnG!l=W6&xRDbD`Zv13)5Z15BJG@EL9
zK?U{~1!W|?Wd4k1sga0{FW&PSH(`;(Fh>UK4GIWV>(hPo=c2}|`_QbWFC!=t=HCKj
z58z*q<2(U^D@Zv)k_=WRNFGYKiXS3-?Y^`^LnrQ@u9NOBB-$u~W$Rp7G#?tC50&~?
zT{e6W6v=B671&Vyhxg&i`@Y^MUKrNvuDmRvj|8n2f>pGfZ}ox$D&UY229z@{7S<W9
zGjo+IY#h<OXviRtBL=PthT%L+CWK~5gbEm`=j?$7Bc)O(dWH0`s?9Xmit+c;WhwY#
zYjJS{naFF`;>s}i9msI0?XVgwH~oIErR8K^$!B#{tO5kiD@jW6SuRIY32xoC?ozxq
zO87V?@r4u_v)e;gEV?#0vWePaO{>f;5;izn4x?~M+G2sL%&8`RaIc|3_Vh_agnM*h
zrqn>0umI8sGm0s%J)=O=>c1&W_ti{{wwQpDjU<;q>x%*bPwR_LZWS5c{Y?UQ)=I)c
ziKOMjl_?f^&HJq;QFuEMn55`~4=%erNP0A{4tSmHMinub$bxAJJ#rAp_qom;mh1ZW
z$A7F`+AswEplD;f0O`8JDnw&|H3^+AY|b6}HX{`=V$0wgDLJgd8$%n%^bOUHeKWGv
zz5X1u;haM6$*_H5Fp6<%JNEZ9o{QHCEsACJIS4c6?%RPP^#S!64SZYXXk%U%1m`0j
z!x>;tV@~bowr-h&^WnOb6#l9j{eoW1gXhUxuZx?Nk>hxM*z-|_lfFCPN-|kx%>!Nb
z?%TQ5+r`~zG;M!La^P4X64r&sn#oE1fga&d$;tO)@won6GzQEF2J|qoCJoje@Q4I+
zER2k1#BCtd_`UgQPx2?{5zXiXMRw`Zmf+}mNUX5`hX~+t8%-UGhl)}km@d38{RVEo
zAU&I7yt580GZnk7&};kHSU(`s7a_V@pCD5qyh}P=&hD(tTXPs;6KV^aKD+fj98Xe<
zHV-;JJu|HE%m!`X&#IO!<sMGlhXvibV6RzJ$*6nI;SqbcE&%>W=dJLfp9(J17-ZK=
zhm7^l8Wa5Sow>NF*dZo9(O`9z9tre}6m#y95L5!%83{i)yuCpNY%2Q0qum}q8C=zi
z`jPX_<*^#Y;`%FIf8N<YlG>L!pY)jMtS)nKRem0&37^&+sKKcGEUL>qejM0O9W~7@
z8%rfzOxx7-|0Jv!T>C1fqA(hj#=(g)dH>79Sz}gWXQyV9-y^yt?NSr;Z<|?w9N!BN
zVVFe={Em{Uu^KOUQg~$5=9qWoce3EwtLWFteR~oaP3U2k<^DwOb<#yf2ajvw!($@l
z4$n7Dy}KgTc|OXML#k|cH=ytm{xhhZ(ha`q5>&rHK*!nScgaMKIal&LvxB&1NX7ph
zeW)(Mp#V#wikZ{Y<FtJvQCt-W*q=8BDL2M7#D+1vm5qj~4x$f{SvCzVf`lQTaPS2i
zr-&?xQ4^z<32o1R6u8`8DIVnn-9kiqRq}G_S+q{;^>4%9l-OS4E6LBd-VrT}gTihq
z!C`obeY@qxt{{jP%_kZmanKxMxSW%=hxog5#-7fuvyw;*9(V?=1@J#9JMa8R9*>0w
zagZ+c!9jGYg(qRj@I3ezD;W~Dy-m;UZ_12)NHYh1DWHKrD1MKic$(${o3iYC2w3r_
z&84o2t?rT=uRmDhKkeka?@c#(Gt1LX1?pfAE=5~3j~5{i=68LsJBIBw&IW6%i&+wX
zgtDAXU{_rOsr}AcNx8w`PK6nEggY&o|JD`k)~Ch>1e7?Wxdado;%#nu)AdPH3UFOf
z_)vurj*K7#Xg+&IrR5$72ui}&nI-qMp?W$GEE8s}H&|iZ3k@zBUidT)7OZP)u-y4p
z+UmQ*cAwL)RkPwiZf)18j0{7j>=(S81K)nF`KV^JAEf1Ne*s0YR_Pe0JtsU$|9o@s
zFmcq&v0>es!R=w~@^43VSX84bi}ZMO3})9<!r6%(c_5WE374k%rlW-OF;+?d%S3CR
zns$dQkW~KDsK3X+cCnPm5iDuM8l(ky*1tDUiM7O)aQ;Y0lJC8oZvzlNb*YMDOg=ad
z?83@?_{zl@W%-RYA?v;jmg}=X1-t&*kQk@tq0&xPR8acBI<zs*6roAH7H*Hob7YYY
zB`DY2nz2n~sdG(Fb^Luya77Bjx7KwBj+GS9QdYyu578Q-RHdphzh!X$^I^B;Di^cq
zG8(BsZq#{OI`%o6R)3&Nv4j!#+^}F~$C8kM@jU*fn!e5`)%pfS{O#pt<JO>^8?7t>
zB)ah9G{S(^qD0;E66uimd1o1wKe13`h-aoKjswTSB?X)3`qM2h?NNb8uGICM{65mp
zGtkhYQ`?>~w)|ZTQ&x-qpEAl$*!;DS-AXv>AFz(A<*FpB$bWzV6&_ZY24Al0xbM^!
zxO}z^Eu?!P!+B+;i)lS`Im%70ixFbf4%{7l32}|G>u_&YTkC{GU}BKUmU}pX<g4D)
z2+XB%#P@JZ)}1ic)Gw7&;r0>VWz1Lum`i#%w|>jB45{H^g^LRf?~cS5sHP-vDK!%h
zu>Er%7hpwFD~c3jd5gi79pS3yMjJbtJ3=p^SbBgLjnyfIi{cPI(K5EjFKe?VnRvD`
zbLA#5@Z_ExhAXCc5r|@L5&gaaTO&XOJik0|kEV43j}zm0vPVKl(x=<G)k~y{2d{Tk
zce!VQGe2k_mX#5+ek|qW75+TdLG*poN>K?P0{V$WPBtF$+J&vC6Vt3=1_^B!Xmxun
zV9bg3>`KOvP<e=Z?GOCm=#)a$0~68Y)jkh2;eP3mh``>l=)+e3JP?TcC31$8PV_ed
zauKRfW_5We^gsYj=ydLlvVdbAX{Fe|fSGS70h`gw=egi`M}$uy`>Zs2xzYd`9xbG2
zQvB8r;hODS?kG3tgq)N3^TKjH><&MMU84{q<`!Mh<Wgc{>>s5HTv=*YtilGvQalpL
zZc^h+X4OXPn^OBKB*4$9P!IZTTC{P-&{=)+e)l7Ho~o%J2?Hy<1AUaHWUnFZ)S2e8
zPdDU%y7Z2vYFMbTx0Lic`7m&lydHb*WV3FwWf^n}@*9__Q(srt7*IhuX(Vocd3)o7
zs_H}CQ9Lj%Fbt<f+6jyQ@uiYA+`hn2h6?GJD(;JrW-V2!(AIIek-O?xa#p-OC!z@3
z=xS&>wmR;={;z8xa+>KaM(XPbS5TG6^@jESNh3F89o{#9QIQ}v@A`4a*1HtX1tiU>
z^mu4ci%_4UdON{R|FFGw6-G&vf91r=$83*R)=c7fqVDN$usH3|Z2d~%I#qV-Cuv-B
zWvh!Wv;ezmr<&X|eGK9Fsk8Dl8RWRall==4Pu8yW%Ndx3H0i;2MCRmeE5*RtfVoM@
znSQx`l06OFuAH8Vt%cT?DgBh3e|zlpQPs_;!32Gf+>}Q?wtX$-DvKCqu2D-$0m){2
zAngvmLTo!PNl#^_VxL&gcq~<+Ok!PS(B|sT4Wq4k4zu&mqvtwTv7fa2j&PLi>j8W9
zFZ?P-x_R3oLcm_`(<gZ!{r0C?55&pwqI;Kqoi4x+twu{m-EJW6Q~H<6&2UB~yMZQu
zmI3f6XOk|BN#b)RGaALGuvpw}dz?&h$xq`W<)tF~M*VL#1Uw6fI^7}vrAy9-Mf!uS
z2tf{PMS7@XgB4gw!Cb=wDoWHNe(86oJq9R0WPKOQd{5u`&6J!?!v6LN`#^KUs!fC5
z3ddPJimA(lx~=Co;6oDd(SqP%`97{1mJ9Od&kIwUiV}n7h~X__aro6a#*4bu5AmD`
zuaXPV_G**}X!osO#qn7%?jRN$j3k5Rq_XNPoHz`4$k=Ib-o@SbvH(Q{O@e6uB=wLj
zF7HAwqcEtzz_=56>OG_F>Y_)8QjFEAa^4HcMxiUR*PIxe&1ONU$-Jp8tt|T@`+;Q?
zpG&C~Uz<qHmm{LGS4d8@ecI|jR-RsS-4xd`GYfx&KFQFXMnNnghQC}bOE;)~WB6Le
z9vD=M5;B}A#$9RWieGs_jLu)O>Y4lX{0&ahBB<H9?8YRIi;g`+!l0P$Dr~IRqI2y~
zMZG8>r4!tD<mUV1*2weV?RKdyPh|@opYvecS)VunVaUVW`5->>LUn-AgFZG$d_wLa
zQ1gZO<fDOeFZC8^X9f|hF5vsIczM*((Z5^+QkPi-C2Z|M{6<_i@UnE;yd=x%)Ct4O
z#2g3R`834BGjb(FP@Nlzz^ave{F8M@B>NxqZ>J1+U7&7=5^`Cl{nLkmXvvc!`fm%u
z@3Wu*qu>(%0fV;L6yHx>u31kemQfpPV_B6t`w-7BENE8bVt4|QnRK(q0yR<PSn#*y
z->_=7h1)xhj#$7j>Gu>=nTz;Zsy!ImQl)C%<jcUXyQz;h#{EGa|3Y5T^`B?MfP950
z2RRbjDX$MTdZde=@c`HwrCZKU08x_!)icmn$}f5wkx11>4o4rd?kIyZAEg5pf_Zv7
zDhrbKo@TU~X8d$u)qZ1%Db}0XGtY#`R&LHN%j*!yYe)j0-LAltREoan2UGn=dHy{c
zYU>~_c!G<Cmd=?(;f2^`xzE`f_>f&k2u*G^P?dis`QPc~`_@M4q6X7$0#AiS6Y;-x
z=-$Jm4~+ziDiSxIvnaB3W~!2B!3e2*PBL$T`WHUpe@8(8qjUB7lU=+c6jaInXX0oF
zdrYX|0ZKTpdn~Hi)S&R{)uQ}ePD>TXZRr`v<nCYJurTBr&x$^Gv$I8(kgo{Az;MZ7
zkUc-mo=V?VN6`Zv6}Uqf3u_@LxuUY~W^P56c{pF+SG7`=PH>{EoVIW!a5kF95w8Up
zjnc$|F5uVXPx~thHM<HD_`LbCF|nA?#dxpC@{ZjD92obfe)FahG+158>(b!mOM+hX
z+Ww;5l?8a9e9Rg>$8bR!(@iqmZ?7Nh{UQG$ivKyT85gLGIbE;?#G@mhj%+2+T0Rj>
zMD<M0RxCAyaQ|*fu6<@$+fj*H#AI|~V4r0?`E3*@Gk<VPw5)9v8+PLkRtx&|i(=4d
zhJ$OCE`=yCHxfJPk}b>#t%j}wM*5g45=2&cH9LkSXXpKI3Lem3m^UHqlg|%+A?N{i
zk?Zxdwf1=((wWbA0wf=Ldv^3J;M7rV^2E`KI9uD7i4Yidd~+CDmUY{%v*!rxqn;%{
z=<uD!CI(Bp{Rk4Q<P(RfqaCw+9&j#_&jxLtFSF<lI;W1T!E!_i!n2F-AR6*&=+$h8
zQ6*NBoTP{jkYS&eGJum8waIea&uswLnmf%eRK{}||37*>kERK+&bPkZG+&YrNyL~n
zNs~9xyLU-L4E&|vebgaMMn&)DysKpm6;3p^@5*f{*2qkPrxoQy+~K8n2VwG2Hi@AA
zdny&XkogZs#lwM5B?a=-D2O>}R)6Dfp(}!1*zg5wj#Bh4(KFa;BSh}{9N?l&GaCoY
zH0@W<LkHirYOdVHZJdr8lYU6<p34Bx_|D8%^ax=J>Y%>joqdeYX<fEOQe-qYmcJ0q
zv}p63tel*C;w+~^N=+Wh8ej=Ba+l)#hB*NKN?E&RoPR(<==|fMu~;H%j=Xeb32{~;
zKc}R_v7rI7X+?+1FA_zxFy@JKS{wW6&?L@*_607#5?zcPByH+HKvx$0?(8}u_gank
zA#(8Nq)(%0g>=wyPx(D8U39L};hJ4u{>1xZ7f*>p1^<T=WdGXzJ|cx?Vr3QUE<H_Z
zWgJwe#StVjIKqzY%`F;pxz63#`}Ys9lg_Gon`sGtw3^F&lYsmOhTFoC$;^P{;yUH%
z(fm9Jq85zoh(!5Wo=NvCJ?PT+yyY~`nQ@^bB7lLT_)X%A#1!6Mde8UVM>wkvky|nL
zx5x^<tr0TD1!skE0%(*go+ibFCn@0O3)8z_DiibpU5P$iXmFKUpv18|258&sU$g{2
zsz5~+?+TQCd&qqY3I*XOQJuOz2qJ8@R{SLRf|x?+m{)z)kv?|AZ}mN@g#2c7{cIke
zk0nlalmg(m7wSUqMED$1VSdu83{TlK|NrVj<t}wL!%?#>isRH81)$lfYLAe~2rDbw
zgH;KsM3@sIyGqcx?@VQNH&Vsyg2#KUKPV8{hObF9Y|+X|Ig;4vP1Q~ta;2UHOyT}_
zdPmhs1gfx&(3S7S)UpRq2789NE8hVN_T*ScP3Ss<37g!Nfs^)Q+jXV>_|v7Z@L`<t
zyLSRvUpmKMXi&H45TZ{7DtCncDX{tm5fG?feRkG~zn&;6ZK28r%Qtx~C+dft>f122
ziS&!Ii-~lo@WesLu8|&R*R%()pZn)y)L!fMOqFCJ=@@kVf^;a91mJ@kWE(NY6J&An
zII3acc@+-dY+C2)_ip+_#6-lgWYC)ZQ?{=aCX1%Gu4g<?;~0)rqMT^;9jXx0dTw9a
zf0%1;sw4%t6tAZDx`HzK-m$T9H09XODd-+aUN*lTjVg*)p$Lzf{3)?%Xwf}8dnP9y
zUBq4QE?nhG5TDBs0GwfK{MZQkH71S{jx9O((~1~NM+Nz?&F%lx|K_@ZVcgZD7&;2Z
z7m=CIBX1(4Z<dHk-1Mk>w~$93NJuXeCW29$+HbG%i)z#&@iM%&W+;qX{_7*kkTZ6r
z_`gtSwUpD18F(Y}6vxFY(c_bpg+JX(*@sX>SOMV`7#oUc@<kq7+`SJV%)s*M{-A*0
z&pYj=<8GEbAskR|@}$v`?^Wj%>=lX<%i8ZJtheUav-~}`h+Eztz_s#`J*`#D&3n^x
zp46Wv!MLixdg_%vSHi2=;g_PQHSSwTdFy#Q<aJGz#(VPdU+k9!YQPCEo!x|Ss@keP
z3IPfGV2Djl`nN~Hgxxbbt9SN?;ATZ_KV=$2ZMW8g7TFNZ)5g|udpmiIwX51TMunmI
z`DHb^h7ESm^NNaI(Q}2AMx|+)r*mWlO6X&+i)uG#$;%kf?Fv6kFK6zDYL{90U7Dh7
z30-F_Q78Yqv>ltaKX@cOhPgnB%-s1MxGf)d=CjT;h8#uEd)8Dm$vJ1xO4_tw|2NZr
zSXHbg7f>1#<01-~h{r<6VpOb)iP+Nks><Zt%R1GDIFo>{5E2SoAySR?9NMeml>OZ2
zNpAvIRwlyAy%Hhp)ZwE<sl4+vb1{ju5q}|<bo;K!Q`2fs`OlPw8=&R$=6PKjr`t%q
z_m*v<V3vGv524+@H?ZB%ujBk?k%*0h+o>2&A2Ob{<4y8Mo}Ewdh=<tb5Vp&aCu)uk
z#aE@9_Mr*#>(CvYfW-i)iN6>|Vs15>h}-5)I4jci2MU7q33;f4hGONW?|!zCLuE%@
z`{8WkGezhd2W2A}EKu+oU4|S_`14$2&z7a2&OS74`h;(p!=DdTM>thm%-a#}+>lwF
zV~t$GntV3wKBHLrtLGyXmgr_PFM+7BIk69#*($$g*aBb#=r&1&nG&?l!{~%9fK>>;
zYxRlZf7QywP#Je;`W7^#OcBZ|F+wcorqi+jp7Qf=ZUOL@IKF}Iq1k1uqE=gF2S}^j
zB>k7I>c=xjkiNvk-G}Q@mquM%+glj^7`SWtwGD#&ojE?ID)hjBhR`6(7<X}YpmW0p
zc|lu(?s9)0<z7qZ_=--x$EG7??;d!pyOH|!^IdlVLT2mI#O73{PeXq+R@SESPpmaD
zCUR9TIKWDa3O9eKx@^BpO39tq4z6ChGMT(TkG^NhnOL2CQ@TlEw|DcFTVPCom_q=|
zQx3EBKbHov1H#tIhl9STG&e4VQ@WFDa7%xLXEp5Oe4#{B#D^uXa_~zh-ZA3%=RJDD
zj&td=IimWtf)Sp>E8mM<(}^*l03eTx<!bD>JZ!|h38X=UxpJ3A3!jNDIKUB0JSBz4
zvd&4uxT@v!S?Kvcnl!JS*WHbY@z0aBk3`#*WrE7Po((6v3EwMt3j{zO86%<pt$`5?
zsdC)fYq;=oATKbS?AGb-Z7c7lpS0rnYAbO1uvPge`D^jrabLo3AA13Si||GJSqwSw
zC@u4j`m#5?h}k7&jz9kG_M@80R`{bTX$@<%wmup+8bv?29n$~g?vYRn^X#O=hczik
zesj9d+>?Ho(?>UCK;w&Wd-^Gmk%KrlZRPlURNm72)}8+fz_sm-39K&qNoxC$69LFP
z6w=m{e_w$=0f@E!aGns)a#OY+b&kzpU{v4uye)a!gMtiWUuWIROO7VnqEB6(D_Z!q
zO7eLX&fiCZL#;>KIpl^%53hDVzDk`0y$%h+-QQc!pg*2)dOGfmZ(i4gZ#SjqrMJ6o
zRh@C?p9T%n`*{u9P|?r46u;;>W{vq%Z59yy{?6h`2>4;Bll)sXgXjR)?FkBmQ{Q>*
zkV$MHdZ_@Co2??rB5ZGUdvlClNU%3&xUKQflyBX4BX2E`w<mMQ9kNPev=jXE-gB`=
zq{;fj3>m$B!@2nX5kUE9uP7%)W!r&RpADg7_!GasEK8qo*Y-JWv9nI&R_YP3{N4E2
z<Bb32T2mAQx6@MmjeUpIKvC@-oxF7OPFOD!vZ$&GoFQ{RSS$aZ#kVWYLz5CW52V<d
z<n)`o-$n&5{!fM&B*h44hd35P?5Vd-2pw+3+KPr*KHjQ6n|AM6ay2I<bjReI%i3wD
zs<&7cNx>X*;(+o;;7#ol-Y(vGQJ3@Mt>I)DzXTcqKde&R9QA($^(4?L0G&-SIGt70
zhwF)*UiQUfOaH`|%|WU6RzK;PBsm%xd1BJcFE6iG&Vt;p1x)`OJ9Bg>%js2>3Zc4Q
zz1f~;X~VsB<ZXxz8N?AGXRo|O13uG;7hZq5`t*6$I{>`^=d$bR{kRMCJLs&r-3K!E
zMu(c06E+8Yl+y!l6m}i0S9_ePx0~&`KR16CXg86a-gkX);}G#VavKNAQ2=l&V|471
zySHfM;E)Yz)uhYvaV5;}wK!q^#er>$FdtQQo;69Qr(F-YCGCYU{)r(2f{H%}ONqk+
zxfJvwJF^NKt*DBx<XE}VtV+8)ua^Ub%SvTa*)qw^Xq{KPHe>AyiapfzaPIP*@#9>O
z#;M!Sy<!XkH9TUM|Hsr-$3@w6ZIKQ^KoF#qE|Kn#?(Pzn?v#$3Mg-|tTBN02Lb^d<
z0cluLDTxK?hHoFA_rdS4v+%ojXXeZ~*SXG_nR~EaaBGqJYoT`YHt}{;nY8%_Hu_H~
zPFSmmOtsdEURbysUPwJgHAywNRoXI@R17Jbdit7GJO9_n<D1}H0#(3FL$e=kP5!D+
zN5SE;&Vrdl^_;<bU)v`+x@r({IR$T%S@4#*kb#|k>RsUHvFDw3W&7dSHA|m41Q(gS
zSd!)v<Hi^5wHu5*K_{=89bE(HvTr@?rJ2RuMvp{{gd|H2t{xec*o%j@eq*Mb;t_F(
zpO%<<=d~=aDe1@N24)316kL&Xd=nl-+uf{EqZ=)y5FD~KipeK_RM1=RM`S=$-_%@t
z4$D<O8=!y;8WkrBzP4cBrv{zWV+me``D?~W#8IxW%6((nlH0`S9=i9hJ|CQ%cy7r6
zpI*ovG@=h1iYJA6)ZNWeI^4|hBtO)Ae|-YmkT_q40<8h=3-$FISK4~TcJwMK@$nCq
zU5Yr1$p@TuYgXwY*~UksPY`D?R1FqkH)j1;6DAL64QW60PFa=NZ;Xh{)l(vFp*!`(
zh!<nU`JBNzgZzrTW%=RmGnnQvF~wo>B6MjLC3dquX#@6X{89+Mv2`k;lx7HWvO%|v
zJ4O;l2bN?~Ud)$#0&A-?lSU=K^nK|q?VXj*WS8Zh5P1qEzEiouS&~6jz}90nEj?DC
z8QpTsA5?+K@C>=D2x0H|iJ+6c+7{S!DDQf9#*ukT9Oy#*zUQjn74L#jdIE|L*XoDM
zI?K16ay3VLSLw!O>!W&=DO(mfdlFo_&t*#N0no&wC<zBaTjq3$Qxr!lpXk6CCcli<
zMl|wKM~2}#hJurDIObA&(u*svw|&~l+E$B3>UO(K_+i$9G}JT9m3k%mdz%lqyzg)s
zUz(N%6^^rf*ez`U7=&!^Mp*p>;q0aRbqo$IB_i37Omur;kZRJXM?&@9Zo)>P#%NI=
zfcm>RJcFYwSo|cb6bS`=+Nwxhl>=~_M@P2Y0zE(0QFJ`Zd~3besJve3Wc(^-dHLh;
zbLTN^_H}0nUvbcCBfOyTHlntzy1nztgwx^<yNqd+#sGg%L&mJsUPGF+!Eml|JWs(J
z?Xkq~+ox&<9U4fAg}To!44v;3J;!emhk|Y+q;j^LXT8+{$%jvhYD!XBzW<Cr1-N~d
zpFkfhrP93EEhu|5LA*43YOMzkv*S+s;#8kdFL&MNG-i_%z%z|D`>3{m<)z^3>Ktia
zzkX!?jCqv|dtSL6?94|krDlu)LhPkxr8Zg#?4vXUkaBvX;_+FP3b0BSe-u~y9MF-;
z{Mr^t5tTLNjjaW5t1{7CFR!*~f_27lV<vO;gNY=j@-tOFO~d`_js0!U=BmuRS!0`4
zEW-X!(o3PH%7v{{)pZi1<<92JPQKHzwg3#~ikW`NO$Q5IVTp1hEw9<@1Ecs#@a2c4
zo4V!M&?wQx>vNO9p^yeO(_CU$K9DlJB!+~$fv`|P;_+u*<&hu0pb7z^(@@%<%X{s1
zzik#;86Wy%FO_g43nvu}vYx!nA;f3M>M@{`QZq>6j@33Epe+XNp1t(WNBhqL9tE)M
zJ5GLkRj-a5Ej-%r{lKg(92I>0vYf*~UvEfk_i+0w&yKCoZjFi~pt)mtWCQINeI}OE
zGz}az8u7*dXcA&N_vW>Nga{8T$M`MkKb_x3hrHYU%>9)~!q2Ue^oQ?$eRy8mc5d#Y
zSA8A3)jQlZ<WTE<BBXxzd3mlIT>F4+97o$T#`$Mm0ZH=-tGwB#J;NhdH+?e!3ULRI
z3Z45&Wi%|l#L6Yo>F)9KN;9i#*9%Hy%-zr=UW{H2|G1&~SQ}LMFjb+7o3m}{HsRXr
zO1AnN*N6Ru8ydYJ+f~VDXE}k5=x;Ppzt`x!eDO02DpCb=+P2g!Xg+%k{kn)pm6`Ms
zMh)bI7gWN%K0<YWOY4e=Z98c%9`%Zr%p{-PJf}Q<m0H?n2mDsK`J$yeoIBKx+x`}M
zqHT(HKJ$3n{?3PYR2zUCYU`RqYPG{J+ZSXURAiQJChzK4&h{;SrY)w66H_=0i1Q^<
zG6<0Lzf!reE&XV6&Ion9N=qdnXM99;J_%IbSUa&r>3e6gT(<Xmvb43i+}$h-O-Qu=
z4r{~eDhsNniW|%M-DeVukM4gJ-6?&w9;rKQ0@!#4wz=qTrUjbaoUi_t;M4uCNM&{h
z4J&dTaaUm`h9ymVOL-?3OKtHNXH0=8E;|#+mtv9sgQ)x~IcFi2z#2F|q25~hS%Q1R
zswq;@K8@V!QoveRlG(f=@GuoikGXZ6@yyTA^f1~nxRZJmdgI>Efq2fH%GMtm094Xc
z+>O1;E8wkvZ?aOK;WWK$MhO>SwF+-FUV1qrmY#C3C%(Jhsy_yUsZ?5OzWlB&U6Z^M
zSQxtPg8tI>M>hNHH;_HJ6%UPk_#YHQJ5Nr{>YNU8P>_4;hyy$)qQ%iy{>eNj|3(qg
z7o$y?sUK310;D<NIx9RVL}ewa*77Y(;5p`{TYEa693-7%`)Jciq2r;yzu=pReOx)e
z9*SyX^r7ss(txU7JHVM?K-+Ik%kac;u8p-i%-0+%mh;40wrpwc@G1xqZ7&SpW_^cT
z`}5A?{&6(G0LlN09B%%mKuAucHnkq5f}f72^w09dg7;c7$>koy8ua5OhlWToIichK
zQ`I*t-(Nm~9LMC*!V_2{(xWvGNFsykWXm6*F6+iFE;vkf;QFGYiV(r}kJM)tyN|c4
zjRaO&9B(JTb6}6Bs(I{Q7CBjwwnoy5?e6jdMt)8GFi{#L9F(G|8dbg%e}CQz+&@vu
z7sH=g7B_!QAS97NJ|o<<GD;=Jy@y)~Gfm!1bzRH#Q%Q1O?i3W1OrA_!t<|Bil_Enq
zE;(=%owtUVY)Usag;><r#e~J<Yk_zI!4$yN_WH25=#MJsSE`ozonP{sM6Eu(zz8_R
zFM+onr-R1Sf}Bi*e*ioj9UA%%l%pY0^~HCyd&PDvP@8$k*jwq4My1=X*(!alILM&W
z9{$qw`R)3vui$QWzW>1H1I{OO_syrFjWyr69{n@|lVJy`aK@k7fS$8<Oxz~oy}IK!
zn`|AQ3Z;Hsk7W-jyx0O>!xZ+<WSAVUvboza0<-w?$8g{eNExrMLA)l9V*kOyOC+Of
zF<Few{Sy8I<<gJl1Bmy2-d%xAW~+XsZ45&Pwe5eU4gPAAKQk12h)RW)x9eB``)XU*
zG&j{cWSUt;{+Vw5i1|yo6m?5_37?!pa53}IjL$bv4%t6y1ODiZcxJWnDEeRlp*LbL
zw$Tr$ueWu~ha)}8s-Wnw3ssk%hx)}=ZFW=rf|LD{eGZMbS1VI*=3GH`9xh6S#pFD-
zfgu;pyO0hm{>(cxSp@L853@%OKaPMzCR)2`9Z9*F6EWw<^mwphj1CJjk1|?vPxop2
z=N_H00o5}Cru<~df1L1}fUk>ZAO}Ag!m<QL!XY&e!0uUZ4k%#((cxdm>MrEl>CK#(
z5LZ2obt(xRAr}Hzfj6)(F{f3!mAjt;6jx(EjGI~G)f3nq+2BoHjVl!%x0MAhXIZ#e
zFXLbqrdGg(wJ9G!QRpExcmgNvR=in{Vu3$=2-9exEy>?AgndGNq;7?YE~fa@v~aSb
z2}M3^u-iyOzrO?77@UswpF8Gd|EA;`e$}UBo**PNcLtX-^9+f73L#|eShF`NKR8Yz
zDX+`+0}t@bIls#`pWi}fUv)7YjoHOL+ZCU1LM}Uc(P&_I_QZ?J+aEBmI<QIGIp9#f
zx}CKr@6N-ELB7&jVGSF#%IX|j@Eli~|Mk$%AwNmDo+G&pK0%qq%B-G1JK{zln@;Pa
zrEft?z&y=7KG;4L(%r*xZ-)-~vgAk6`2BioK9I+6TS^?WB+1P`;LpD{Xh#1ETpx_l
zf4Ny67tJ#UoaV8lf<lwwOl_Gd0oap`(kCaSj+&D2&TMGCD4HkwCM<w36CHG>T&`n+
z)E^{Zxr?l<#B=VTLHdW3o#24AHt=^zF^r#uOY}sQ$R`)^M46KkzJVlbl`23(WWWOv
z?cX>fw>0kgj*m<n+xpXdMTC!ttO7<&Pq5kHq{S13-<wde$G(rZcHcw{rRMI^Gwb@A
zUlSLnOT05>nfBVVF{)X{zIgf@CA7PMiC4mVk3Ewc^^dIuJfK$=P|9!%<1X~+ts7w~
zErGssMG<Ena8G2;p2mFoLiJjeonI*<<Q~D$eG8b{No?Os=P+#{ZzdKY0x1=L3U~Hz
zB-$RTNS@t?s{JCfiq^~Y<W%0%W|sCHPM(TMb3Y`3|L_>^xLPBSqx=cNP|-(v6>1(#
zh`KOq3jRQrdk1`dKeG6Ssex;|w1k^mlH|6@li{1NcCII`Mg^~x+hbvj<}@ewS&t!%
zZw#huPp(j^RiRcYf9BdKHz-{bm#df@q>^7wfd7GoU`#0iti$vpMx*P{h>oZNVAj9#
z;Xpib&j}8rDBTBN^<|kQSYP%uLYat7VGJs$Dh&P)F@wv=ppj+0pgONA)`iA(F;rk-
z#~D}{Az9G&paj)~pkGB;xCtO37tVHo{J<ZQLh}DXz0(J)1>}A50wGC#M!#E%h{ncK
zZlPRVtBfy7-*o}ZINBMsfyp7={7m<@wwo83bQt}k00ADSE^I3AQNi_*6D)+Gr$J#I
zyLp@fQ_qR(vE+`-Ag&l?+~4$eaBv;GPM;@hzfcUiP<N=Vrh}r%{X2ZcAS4Z3<N|Ue
zxqN;?d`*tLkZIZxTO}#8TTKR^L@mq;z#FHW)imhIJ>aK)N0z(jeW1a5sHDjM^m*??
zCBv?*sUUGh{$MJ{k?Ohm8T2=XB*?g8sM1$S-T7|kDK-jm^T?JuCiA(>ULRx573a5=
zQzdKTXcjx!BH`1pq1(W+VS}EWvg)Lt_$8maK!_P~&~#?8k}O{Fb^?TKD<eC;GmV<!
ziDM|IFqK;L%9rpnxH{ZwVXEW5fY4&sjgz7;>2!qA->XNsK-T6k8b9OTn3NZV3O<dW
zxKR2oS&jEmtGcdb&F-Sw;f<;jeU8$TP!mTg@wfW|A9Pt$E|LNQNWUH`UTrW%Tm>(-
znvpeX0yM}6rjC}I{)LNsW_c`r#Ot0^!Wpbf{3wC#{y|Vw8U7kP5lc463l$gPhHUN`
zBhz<~B>#<&*I7iWh%=#KQW~}dvOdb*PsrQ{%<+qai+PUakR$lT?@2$K$h#yHoS!|^
zqugokFH~4NY8$iST&Q1!v{UKaHTnThH0}<m;taXAW&@}1#wdTkb=JXfA_frz7Peg3
zW?l@9xj-j-*;stVeC(WC`iTx*Bi58;mPw<1tJ`6)A?@GmfwokLJKR|!-v+)B6xya>
zp<_L_rPsLJznL!ogg7Us&RfXqHH;ZBOf$V9@8F)g*yk@|vUl=Xx+fyM2EYQYmrx1w
zXJ<IqjUiF$|BkWQ)T}nie<}QNerY0W3ML)MB2~-P*uJZ-1k=($hPzmSMT}z*WOi>e
zXiL3a3}%zJ7o1DsGCAwU=id1H639wEPhliyY}`F$tuIc-r*}nF)IP_uMsCW!(q%bX
z5A?f^y1g1R0#qQCc6dHb+afve!1)_9_rT6cb+!D2vti^LwT`woGft`Q9siIApAlD_
z>k4=BLg#FA+JJe6A@@$L5_v{58M9QYut*|0B_`(DRKc;O!w_TBIQNcwU=sM0<8FlY
zOqyo&Z7f%wI(J8{yT5L_LA$%@O{SK~G>=KPBKb5>0r!!Abvtu+$-zFi<d0PO`TOFS
zX;xt^eNYRj(>4(<u|b=_sB6wo-)C7dOud&${Tt7b)RTT~Z~-c2%8FMR9NvC6Y>da7
zg{O<Ifzpzl>v>gU^;G-qd#qA$FTC=Dw{!7aXt&SW13fLj5cIuH(J%hW-?`dHX>Xw;
zfDTdm5{^a|pY^q&@vPOvU%l;mbzNJnjkPKSFL!B&>PG&NS^lqIMTx#_{8(}SL|1wq
zj95xK6AhXbMxZL`U4Is#Um|)`H#e=1Q!15)mTQ;WK+0ii<Niaxq-Q9ypnvoB#Eg@~
zOInxX+Je4#Xla2AOof4GnnclV_nFbtB%+<M2Yf?|Cc|Z^i!+hvt;?`Dv%S^%VW&;3
z;0iv4t9n=)X*i`7>-dgV--xvEj{`&;U5G)&9|iK)hV)Pl%DG5oqHyJlzP>z3;nD~P
zDI{_e)>Yc1oHzKt4Q?gHrq1~vpClza<2<G9IjW86T^T5i>4lAx0bg=-(T^uNOi<f1
zuwA^5H(7YmK)R2I@zDo~GppAdrw3!U?7d!jMqdq5029LPwJdjDVt17OOXaxryuk11
z!IL}4?4Tbc18J}Sd1_RwD|7Q^NcwMYCm~xW&rs71^+QX(hgQ@2Ia&$&gPNqa1pT%O
z-gGGH3Y#hKEa_3=7oUSM75`U($=_A+oeLlU`xtnde_Pe^G<VF~6|Jh>BsCBGP#>_)
zzg?eG)%&z|7LIH;-4iDP^9OYIc;VA4KOuUR<Zd2XX_Zf0`0y}9GtwKyip5h2D1K<E
zj21HetFJ6H+d+i7Y{QD6(!}(_${3^OT>VxW1P~o7S|x3;JJ)6<^M2nRTQy&?cm~1$
zvZ&&TH!8VOnmMTxB*pwG6MBY>#R;A^Dx;J~_O)=lQ^0nkdpw)FVLPY#W(9YLJh$66
z?xSC|^X*%|I9{)l#qloeLwiXoVRD@-x*GR`kGxyXZBKxZPzzc?qu-d<M(hNXP(%(j
z?DRNBSfOoKrbCYTr(og2!Y55bVdf7K)NaF26Z@1RP+}>$_d~ppgzEoN=fS=5v_*zs
z=7eHP#K9>QOTKC1L8k%=L8@GljTxKyokLBCLux7?w}8X=B;8j2dOBay>un08<fJ#-
zoPbEwYvGsr9QDr3`Ze`xU#Q{VEwcZ7&8x04T;WPfaQ4;7bPm{6I902xY^<?PHEFLx
zpJIR4IojOGtHt$h#&Kc8>!uX<Fz8oDu|@zJ9>yQPC=&dJjPQ%kG{UAi;Bc-Aete}h
z+Ei+4?GzbW1w!MQl!3GO3r&hO015OTJ|}Otq-`@C1Qizw%D|Kh1*eG>JP@PU$w74I
zybzl*b!WZ%M`w}Mq%Z>)FitO@xoNq_5J&H^_~??KtSX$l71r1^e42{+_T{y}BR98S
z7{zYBYz*jsy0gLkZGeK#M1>|RYfw645+tEzi8rA{BYg<S$tSL7VfSvg#0E9;ejDig
z53SgX^C=mgX7>zaCr{{=lxE4yKNR>-*X^`?)PMcV@oMX4CuRDo*kX}#x^vZY?g`iK
zcJgeutxjf@Q&QfAE1f3{&DYmN<N|XkOBjofV%C|r?DQLXji{&t-=e6^n8@JH*{{#^
z6p_FeA+6@B=GMTkoXTET=BumVtCz*1C7Yow(qb63<8f9H&u&WeJ;Ll>m`AY4-h@2m
z8L2`}Z|HllD~U8gYDP+6svTFp8Y%u4VtEoBEPjh(>|J-Ndpg>v8dn#sVg^@nr;4G@
zbfempb2DVPIUC=9EobPU!vQP+2ykpqTQpl);l*Th$4hgXTQ00!C_kGYwp$l*T^%k7
z?es_5@iS|CJS;Qaaj-yH=<K$~r{@bK`)|FQ61Cv`lz~Mpz(wd^2sOyjkV$0MjEen|
zq3E0tg76&*5apwPlOIM3KVgGof8l4ucAOM7zJ8ip-t@7&z(N%;RzI`O;6C~s?-B&5
zqf;6d8LRAiX>YeT0uSEDy>uMm)ejJvwm949&Qy=<zRpt3m4<9_{Rxg|u~-w<_)59b
z7y<Me#9L6Ml_TL*S`}vL&uSJ@3|Us%l=K`YG=+#Kg8!RT#&Ex5{bT=QQewMA&vu#2
z_7i|A&@Gf#3Xy*LZ>XB=9<?>2C2*1OMVl_*?6@#XTd!Inm=OZK-gkY~M_IMP56K*0
zFVt`qhxRm3yJmAyOZ8%;X@A?MO;O)Pm!cuzL;f#~Qh$Hy0{L~}!o~U|^^;znAiH!z
zgw6YrzO^^GFkU?>vF6rh&zAH%piT!x)BG3DLxrQS5nP&2too?mU0yy)U815hxqa~(
zOnk~~qoGP0mA+0NlOUWdApa!IgM3~va3L39e~flt3cB7w0*xIZf%F(z@2VACOmDL>
z!^PooGsh?L<~y6SzmGqz?|F;rdn`PC+H$=LQ+CdjARZpB6&MAk{Ca-c;B?n!;RQ-V
zI$!;(*(J<S6MURNX^eBCblPE!^vB8*F+E07v{ha41>7-RpNZv@ktYmEt{>iycJH*K
z>eofbE5vA<^#*v^y+*^@Kc3z!h}6)o%mWKJ9hC!x^iUhnVz8={HJ8DP=|4)P?ur3)
zP`C{6yKD-1vD4Yh6tV4k6=cK8;_*|MlG0tt={u%-F|2Cu>$b`7L}XZeMP;zD!|A9!
zXW78-HnXi`>hCPjL|cb2qrWR##<8f@%)i{vSd2L}%KV{X;Xc2(CHrH$aTj+AHeFfg
zHLu#<di|hW8I*xd2AjO`NQ&I&1pce1k2lG>OOMLBgYv3tWiq;LKX6M;JhNGDZ>KhH
zS#k(nOk01mRHbBxrZ8W=XpFl3TqpQqy*=cz+5i>L*Gr6F@%NV1!fMNPI(E1I>`D=*
z7jG8opJI;{8;-R{;wyI!{^&kIkO6_yt>RBL4eIg1ayzEcE@q&#OYq1!>YXV+_C5Dc
zpAUt6+6;wMtLbe}5C4FQ5Pt81sV==wsNaYAR+J%d=pz_UVr%8M4L+t9@!sv5a^z`Y
z%(gF+VO&8=&C{MW*A()&69%&`#fgZT)4$!I7f`ZCbYp<Spe)hnryb#zLIVGQ0Dd}f
zp{f^cw9TvmdL%3uVf*qPJ?I7CV+O|;HZNJ9B(CYXvk%ln%wijq-)JS8J4R=oy}GJ0
z<LiF(ey3FN(CSG*eC4mH5K8KaITu1iX+D3==N*p1eq160A)-!lL&ll@nUxw-H@OEt
zO{)4`q7h5_c8q)ar5BMV7%=*4NA#!P=q~-&2#B$UdI(qO0D9_2V@fEnGx|Zjr@*hp
zoZ0fLE!U@y#0PHZ&slX4Z{my1pncmY;Qeh^RRXNng~sJNS^$Zn`(wsOIr5;As4g`^
z>5uf4w$JSH<SqGFdjy8xeZ*wY|LienN9T5j<Ya6LI2R!vV*FE#R4+RHNPp?CMu_OZ
zB;i+jpeV;xiUoE);dj?cV7tM~5a4Ulq+i);ySLX{U$NlY>f<d8ZmCnvT|z8|yOonW
z3~jy4WI9?p!sdm&S(r<cRo;4VhQZ>!DcQ075&33yX>rVtq3y!Y$l0OrC*n$49>dWK
z;JEDy^;J#GiLfOj1fK<qM(0ULL11X%ne4zOF^SlECdispw7ZC1?C<JS!><F)<BM}9
z)+ZapdIwdRc!3ap!rU&HWMDAGGVBTF)>AA{|I_XnS)94Gg~~;y2j%Y%5NAeiJ>1zR
z-j8;xz`NgW;fC^v)%AAm<^dQ*GofYVmp@?T+xzua9{UwfuZbx-v|yus^^7r&>KHBm
z10)!YQfj510fUFbkuXio$HX=HVL2^n&Ln+GO9DAWN$Br1!p^{~m;Oq`#8`@cIL;yC
zl(uJA`A$W{ZMx!B-!};B+EwhgKVySC<FGFIdI5~ss+`5-&YU(BIx!qOP<PPGEJXaJ
z3pXOm^K!$37(KCSWbATVPmxz~@29twb5CmEp!rnvK1_fp&(swvd3VK(1u?p>8Vt@;
z4oT<6t#?VBSbcDM)2#pMEb}F}Pp)=nL;Q<aN<zIJvpH1(X`@(LjU8yFz1<nu9A)-y
zSb{IU5i@ap-i+%q+PmH-x^X*yUD#~8cZul^@rtB`7rcpvyR8D!${-Y+n=Hb!A9ENa
z{5c3aZ^rBPe;R(l_WrlAd_nlTvSh7=rO5PH=&_-E;upk*EhuyPrD)H-v8l5t;=%u!
zndsR$+oiw%Q{ru*BY-rDH+@vjkTtgkk27U-_M}$-t9{Wo8Z4-#%YOEZ_Q$k6_75A-
z*o{n^t2V514x>5A!7y9M0`nnb{Z&<`6GX6MblbE5hm6mkD|a|K_)n>W&mGK^&#ozh
zU&Lyyo{hnTvDrlLTELY!k&K@c*1~(&|9RHLB&<t`l<_6-zvaZl_WtCtP4mHOwdM3{
zJ?)CpHCdS1KwLolKOZu#8bn;}&)(jN?ujqpEqPWQTesTn!yIklr{IZxWp_edvwgqN
zBP;F*Q0%BI^p`^q&Yv3Eup0?SKD(I=eoy(v>4iZNX4S;Ey$juf&l6#^Ek&*bWpW&V
z=^!qR)!+F$q%@Ps#pCFf2(V728KZ}g+eTXooQfBHxh~kbIGzhl^EwS7cW?8XwW9J}
zcJ_S9%{(3KT{|D&pm>G0*SF^7;+XrLNA_w?GEP;dKaz&rx5HoW!$`ywg1&f;8{q|k
z>QoMW9y~0Y;!y4~&?%?{2(3Uoi1n7fFgjb3V%G|OwX@K!>Suq893Rok#x_Hz5PI1{
zB59_t-;VyBTGJ{{W=<azkjO;XF(z=M|Fzax^fe$5=tkKs{7mpPN;qdYKX|oKM4_#Y
zA14z5yYe+O-1%Tk!z>1^RMa@AQp<a#q9UdW2>%Zr?cN(hVMd(Hd!E8BuaC!TK8l_R
z%4<V>(I!d$J&#P{lN(w>`S*1<yz+5)11d>YrxL(_xf1JMu-)#(YaZ4~i*2L)VX@Zz
zB+{N3iv|IQLfpVbwv@DAEdtJRRVpNjVhJ4OaPOtH6X$*3mWF^gZFZd+a1|VnDdFLs
zW_@q;-YR&#trzA3Qa#Yta%wGz(*)`cJv9$0eOD}?)X4Ep^Xgx6f=h#ui36m_eI8th
z+EJTpm|*(RnA(#=&tR#<B6EY+M-o$gKODwLKMXQI(XdC@;Vs#H8KZ+BTKd%PqjTQ!
zx#9VpxJsLigN2OKuNixJ-~rg;k1^2)*h{nBpqD-4WkJtRiK%vo&fd=LwlM*s-GwdH
zc_A0VWSq$8?taOD{{@bu6;1?{1T8&%t%4~@D#BIervZ4~IY*l|>aDh}>$jsP->gYE
z|I#wiv*%o={_&*5pMzg5lwVpk67HEe<*lRfKe~MO=$CRaSuJU5&nyvBG)t0dlJ)m&
zPbTt6vsa%{hg<erGtLb6O>PYWH?LUHI1HS}YJlK<$gG1I&Y#7vY~OA*QgfFK8Z~_z
zodMSZ(ozo_>__V%Yaj*8d}cF+LB{03!>mp<gvb5Q;l^9gQ))It5e_#yNoKnw3Zq==
zy7mdAv_j+Ahm#6;ly`?nvS~(&!3N-mHFqEVXz+%e6s;ri%o>+6??QFP*#X;#506zg
z<_bvvMBL^V-6W);9GnrR7OrosB^XGfB&_hv@MsdTQ<Iv;)d#h{z1>?L?lq0U`O7n4
z-QQ-9Ko$t%sHwWzr!p|fWgjLEzbbuiT)%2@G33@>U-(#fw1(Vz{PvBXPC;45%Bdy;
zVG0jvOaurS2<3XqOM>=iC1=SA<QdbsOCmX2lkr|ls=m^yLX)7shB`%!D1pel6zZWv
z*O9~qruaJ*1ZT4xr~bPnh#>KE!n8&+@m%;Vj@{DekBL5oH%;i{civhLeV@Y#E=Jc4
z9NW0}<KyCL@aj`UI(_uTDvED5`M3ZuX19#s$pb%LBD6nDtB6M_oCAzyjzL8KGlt`h
zeWHf#-f#_uy!LtwJ5g~{tj3@%T-6?o^|uoSXC>^X{#yTZVrPQAT66poI&Q9Z75FBX
zf7UapE}I?i)FfI6l&i}Z*OKFA6!I9Fsh-xo(EGkNm~Rc3D|q^68$xCy`&O^%c=U?`
zT^(8G3J(=M8~d?-SUFH9C;y~hSSNu!{n0`^X#D>ZJet<oql7mI#k;FYHmeL6u_gj|
zXDqcZj=`4&_UC19c6@yv4s2~BwK)f=nCd+0Hkj2ba_WG9Uj89Bd>=r1Wk8a@ZA^!O
zPqG{Rc06sV2$2kif>biQS)$Nj<7a(FPT*O0HSu3_`-*OlFt<7cr+h{;+)ndhl$8gq
zZhtu_fo)gur|!<^5ZnsBglD{Lf00(7Sv2{e@|Z|+Ocj1DkCS9DTV0gs&0G3ECdq;0
zj)1f%03XbfCOll*_;gd9820I`9!sGT!<-|!z>F!sgOH76<DL<K2>M09EP<k61a+t7
zn7%%y6}5j}rP54G#aD)S?_h_0?M)_p<2MO66108AFX{QP=RkcqxD|SH^~GHL4R1K6
zQ>vk(s^`r!hk7rw*6W5Vax)@Cv2bXK25wi!k(0MDvESdHBHz9;cG@s`<7Ei*?(d|y
z+Muj+q@+}??OO<0ck-%cIqKefu2WX!dGn^ltNY^X#ixe#);ARoZyHkf>U0Tj%787=
z7E0uaPPVDAtscnSzj@}w+olf6i7nc=EgZU0a}TSyaAKl?ajhgULmrSW5SDD=Lu4&%
zRvLTLEMN{6xwou@t>an9`Nb?E0kjg7JKAT@<{I@2gPmF7BA9GjOTC4HJq^p1jU$yq
zU4`@bq|tW8%rI1({4^8YkZpm^+i<>T?f6ZVR|l#e*RyW+^vxOdXlufMveCH2O;i%b
zRxyP(B|sX3D;rCPOZSpilU|dDPFNL1o@Z5IOc=Kmh^6Wd`wKOkb+X{zQCTo3?{OE7
zz0+;EV{Z+w`3=bFJG-8%Wcf|mN#IT<a+{1HZ+N^zXRRa=EuK(Xhdq~c2{hcb!QSuJ
zm6L7J<&fZPfbozY*VHokE~(B2G4Lu5eOIdq*oz%FNqcoeG;T)nvKvh(WeBpx`EMrK
zhl6axf%CB!BdCa)2_@Q&noe0>iA8}~#a^O}d)T66BK|TL+RGmFH<f+6k7RRjgk*zo
zjKvyeYlfn$bm`IR({p`Fy)XvW(?O$=VyXJG9rfTJ*^PieW_a)yLQm`udl~j0=ktXl
zz|j>vP7P+xxK<&+6lE1riKQ`Frv83&((CKK2gvrb{YX@^{g7ZD1i6$Q@QRMKttBZM
zGYgY3=N?L=oe7hcm-xv(DsR~kX5rIiuHUO6d&}^ELn;4nDBJYoHn{fZenyOy8Iun%
z@aLo+ZRXji9o<TiZ~gFQdD^+EFk3O{S7TJS<KTr}HN0$`!j+V2NYWg@wQUD}@9qlm
z=5<0K<|*Ta27ceL8KTyJzfewKPzcIM6b9i(tt!MT9L(-*mPlz&xqiE$dyIJE-lo)<
z5k-abKSc%4tKRJZARGMN`is>sRHRr3naJhr$dkE6{zc9DJ<6SqWaG?or;){66R${*
z+D#$d%m6M1bf*IL_Ysd=?IJ|TWRUw25!C+zJIRVeDWey|HgzZYkiXP1h0`__8bwPz
z%`xDJubwfN&v;`E?_sz7J44s-1gnFi1S>s8U{~iow-^sFDx5?>)z{NQYI_xzy~i9E
z^}3Q5-J?LB;@CJ-$Vt=x`rMrh$*IAy*6RmD7x(!L2qGd3jZiTMt9FZG_~+&*7ynCI
zS!}^7(ICN>GQVmG%by<@A}JN$YaX#P<1Iq-ZxNb@JUnI}m?&RSLL8g6Th7&?F~0Vx
znt`*i8tOuo%BFsJTeo5H?o7=%bsxJei=Y7uY*am`JEQQxiP6ldA4r2Bux57z+U9Qu
zl}CRf_b}og(IAzVGW>OfZnN#GED-`c_et=&OPpqOZk%Sf1V|tTG1$lib{pLMZt&Oa
z+-ZQf1Ugkq+6G(j7<eWORwdH%oZ5AodX=g$@1-NwL>8diVX~X$bf^1X_66K<mxBKz
zUp~?!2n8ui798Tr`zOQUn+Ii8B>B(9t~f|!WQ`ofOxjW;@jr>t@)>!DYn~GBN+DBz
zXe|^2xz_~aydS^ewLd=@F|ggtXJU?|8s!!$(@7bVeOy`@l15j}C<cExALVn#(Sh}o
zPx`m_EKJfT$WY)PDhD?39z|RH!-N-(Bg7k24h#9vnr!ip1hL^dBUwF@7M?_dU^QYH
z+fQKPl=fOvoKUBGX0EhffZjwmirxguqmNx|k|6^^BLlL>c37%ioligX-gz|MIj+i0
zI-9z2O|`L!!HukV&m3q5;4}SJX19d`KQ~JqO86`zZ}2pT$zW20^bih?KPbUv+1!zn
z45w8c#4U8b!bw+2GLV<h^m->tD@RvCPaX9I+zX;3*jAoH>FfDh3;H6W1hD#uD&b)B
zWPfp29T(1@(KTHS95g#vzJn?DI3J#_LBrBtIiP5!3uInA{AbIWI~QSJ7Xb;j;$zmB
zV#FRB6-QAR7QIp;vo@x>(M<A8VsFZR)7=v4sTF-pc<{eF7%i>vuoZLgu)8Ictv42u
zxJG}S5W&u6W_&AJGJzK+`5%^F!7~vr=)`Mc?;JV_yzprh@ve8(S1Vv?-5)guA4te@
zCNx7x|E;X?d4c*^f=R1TKrM%Y792w;@?Dc_PFcla(X0$0a*a|5>!;TjODI+?e}~yD
z(#PT>+J}u8WiyF9%EsRH8<XG<S6<q*w{?Jim|aq$8BvSCyNbgpVg8G0tR$UT_M&lj
zUi*I|brD01IURd!%5(nI&r$|sjMQ~FOi}ul)1~Q9d5S_M8J`gnRHq8|*!$8#{_*Y)
zy#aat>Eg4>Aep(;Z0w~u$Rw-OtQwZn=!)Hz@<)>~w!qf51Ch?gK7dR@`rPSz(QLkT
zdBD~AIkWdgX;wMfJ5=9wm3JO-d5-F@{ZinV-%sV;+}m%A+OAEhIGgW0Vsu-L<|B3H
z>x)Xo##DEvTW7xXZ|)l9xwi`C)KB63(zE&gsGMvP<ed9q?qP(J8eDTfH$-=M=U~05
zLa>F{i7-9N1{uY!@d{w^UU1OqLE{T{*k>!+q(KzTyOLiF(~l5<`4vY56}W=)YEdG_
z2~ZSP^$oa~IlCl?611?yX^CFsfvl!CxRt+ryE76F&f~uKc2W&I1x1yR@ewZC0_@rN
z>WEXvnsvTi@$sRP&V4pM8}iBQYWuKsg7Kv<Y?Z%(5*Jxr=YFS^2J#qop-S#18{aFR
zt&^$-@9L<v+z(}R?3Jlm+Cndbqv}!UVFY0|WtME)N>Wl*-1Hgrm>fxurOlWa>mpGs
zI%>`^m1_Tb_=TU8p&P-N=bJ+s<Bowi9$}t~(XfT@_7?U}@^OPu8eLJlTL+ejfal9m
z=t7u{?vT)FhU?`x{doWS<FfpX>!o00!{)kUSC+LU5}DVmS`Cn-ygiDK*_@?&g=;7)
zx5RMUK|QM@S4?O>o%O*V!A_O-+~26sHm4Y*4E~h$E(V(*N{ujeS{-qlDFaalC;G<f
zy-`}QiiolaM8yF@qk8ddrskc`a_m^Gsoj6^TxwmmqS&6fmf5!wO>Nuz;ffnhUfYs_
z-~}y>jrF4AY|k=Ytz|!M6J1`Jaj+oigA^>LI*Ep!eCWQ^yBpglI2uJ!wj%V#R9d04
z#{VPOgVUa)yeYSFEPugq^hiHRZ7Pvgo?ae0@lJOEVB}!G2|}FZ`)|8(qf}gnq6+oz
z5qC_)^wCvE6gTyxt5N!Xc%Jqe)(VraA%OdXXy6R4!q*dD^0K{tje3fex;`2k5$$3A
z{RYBkle@o=+E~v=c<V}6AcSsPcDFvFQDgj-;Yqe)-E!;8HxT_y*Iig>qLx~KNBei+
zn()F#G-`3?&Lq%FJc4JP4HDH3DwgyTh(6zWc(s5^e;bi#?W#HdOxIP;Tj4{ElmHzw
zhzXOfLXuQ*m}iBJ{Q&*H8a|EJ7CtZ_{~G4A7sBEGu~``VAW~Yq6}4HyQycjpP|y5I
zEx-9I@~^5ng7&&9wdqz0&%LxTG$caZ*4yG`iVft@0S8l;*{$ysBM;G<J4C&Lf;;op
zT+vexz=iLt*`wYOP}736bfpILB8jn7xPYxp6g0H^%@MzFZShEyR3D;^x}le2f2Tlb
zE^QADi5OV+?=!7hzww2@7Um8;7%B~a+kZzhsT}4mz_i*ivCrFmvNjQVb;*#^-6q`(
z{vG$0x0QeQ?F!YF{;}E9*;T6SwS&04W5-<9;cZq80nitf;oYut^f;(SMCtodTI|A@
z>&y#H@Eer>RuU3`<6phUw7v(zcdwg*ZUAIk?@vIM{vmFwMAB_Ax99Dc*4GJD9$q7n
zSkD&|PLxhh3Hsv})(`gvok?atiaDpAJ}y1!WDPwvvu44XrBFIty4_#3YA}?*6R7^K
zDZ@clqyz$UieUc{;h@1M!Ay0yrD}bY)Xi5VpTW<yDHRDcb^4<)8Y_|VgFt}7y={?7
z;}t2XhA@qCVIgdbk$v)jJOA~kk21l=dGh(MpLrFEcsviuzIb9!7o+Nbboj8M;sdVR
z4bLope+@Xi7JbA~q{``fgq><i$vQuSDaNkII`5BQ|C~-;V#R2i(kuAFXgtfpr$ny6
zPKNq3c)aE@HE`toS_Py<c%QJ3e3#^zNKzX<%0dz%Cwhxk@FQx(#VSDb7)x0Yd3tuC
zY#(}ZP2$jdsWRX2WC)<hK%72kdi}bqO<Zz*4im1uN~qun=Netica2!ASt~w?C`wz@
z){Oh*3~FDz!};`^;p{FjR-++~`{!{n<8U)T<uN&{iRVbt-U^jfo|r4K#mX<*(*Glv
zVls*_?3hbUYwG=;3z*YRm(nVHNw#^m%}uCXn0|*+@kB=X-oPwgiA-|03fsN+K$^!M
z|1ISwkR;d(Yrni2D{=%yJG?=q5^Z%5$NTOY?>$YtRL+~CFZg7{Oc0>?%0y3aKJ4|u
zeKz=sy`laOz28tMFb&J$F&$z!b}XsL{|Vi&%~-o*IILM$tbA$mbC9D^u%NzNQg=|?
zar*Qd!O?2-mAN_(S0`-VGD!&1k!rehu{>i+<uzDkl~lr{^r^@?;g4XC%AlsTBkK1^
zv6KI7AQKj4M5vv1gNcNHzd&^TS@u&=8iRTbTczLDkF%Gwuib-Wf19;pir!ruhSC*=
zG~6vNOy0?E35l$tJ$gsP+7AQV@`K(Gm{*{`G24)?x@CLVxG>o5M)mk=E@Qtyauw;U
zt8Jz(TIjgqG@5<+SK7Lr<xA=P(@&hsy8-Sk!8{d9E(<AXaac$MKu&K{5&KR?SGoQB
z>dFuWNcCqXOo+kbq7-VaXAPw(7-h7jEVvGQs-S72duurzH#eRbf>i1~{o48*>5|X4
zJ^MM5nouWOV)pIxeD8p54@B+VDC4s;efABSn?$LcJu1CX=2fSaGL(cWRmksK0wkO&
zbgJm(Aq?=?@ru0YuoEQHQwEvxh+zK_;lWc+kaTt?!Q#mp8c|a5U^nS;*69M`x_469
zllmCK(ZRvm_a4+JiKnOh3a{MEcx5jLrDG9^MwY{?BWg->0m)o`_}SW!h5*~z@~wfF
z^Y`b|gu73EfP5MpRgGpzxm;w~SoiocQw)FYrs2VOYhypw>N|<fwrlm@zD%{Ef7_N7
z5FKke$Y{k?#sn=dvQ8VsMq&p3+c_;WX09_a#8rmSg1YH0gWVIk2a}90HYZQ=!LbC_
zH`SM_XHq9=chw2Ur;yvYyNiCE$rBCAT)Fc_WYXo_v(ta>6Ly=Sgt+;C1f8KcpFFKG
zn3H(0p}Ws(g{VBhoTseiulqQtWR<N~OS)Ae`&@}*VW_91Y3?{k^#AR_|HkjjZ|Cbn
zPPFro5100V6FH&}{3<UrTvx%dKlx%ikI>ugS3=1|XkAt5Vnx3!iSUlnUDvbcN-A5s
z|MR2uF2s?DADw#$&HINW$Jpf*2&%l(4`xi1%Xv({3oxr&s*iM+pU&*agK+N+Afg_K
zKjEL;JtSwIMzzD%3u=gDcEJ+}J#;-vTPCe00dtwcGxK2|(X)$daYO3Xxij!Mz0G$#
zkXhHz$;t~yMdyEe_P%IJgNB}Wj&k#|q?{afX0AAowb8e{$Q%aa3Q>4VdJ>x>I_53O
z;L`$PL~I9(+g4iBm$sp$Ro9ooR0Y1$Hh#9HlOUc5^J#q%N~(Ep4L*`_9K&p*V1zX+
z1!<28_mahvl<+-=iv?V}5RpIn8HR~M{QJXf=GNWJX|i;?h-t5oG2#_=ntlopeNb(%
zBIBMR_g*p)v`CH%Og%jE>5njd&n?L~PW$x5FgG2~kevn{;41f1icYHEm6A&xGvjjT
z*n(Xe>pteP{8BHNTW8WJ$6mmycFQi->r6-IH;1<`WBm>?p1urt(EQoZQ6CF`_O(|<
zRc++_LMC>E!LVU%G?OCuL!1@6XhwGUAJKVk6S0!dJkre_C4lMEgE2wM*A^csCHEPC
z8VgL>{uG<z2|ZB1AG^K;9@Q{gTpVKTsX^LEBE1BNvD2AG3Ih#v&ygsG*)1`>Q8lbF
zUp^gs)<JL>mU~^qPIU>jlFTK=39zyj|0CFs(_ehI&gmO0CuL3yS68q|g>4I|%Z$rS
z+G^{PY6cFz2+dOk?%Pb4z`KO9;RPVtEDA#LwmwriclPA7F`s-Ce@d~wHR_Mk)8Za|
z**{D$D;<LBZQrJWF6=S0a(-NGhv&DPK6WGI9pHbr(zjzrz0>h^OZ)d#hX3yO$UUC$
zTu2WZmnA+#U<hY}6$0V^M{t25(8nVh3c%<5lApAz>QbC^)R5$F@S|{pZNb%=$8Dn*
zeotrZ@!73075+Vwg)cI~*(_`w<q>R%La=ftBrL3x**@RcU1f$YtkW(|lNT5~_1y6?
z=QmF6`LFIi;+>tOxzn3Gz6G-DdBcibFI==oqOYVS{hjOmKsY^Z$?RKpRIk4R%NPFe
z(@IinraSpt7uA<}<D`f>DvkxOe0nFXr6=(pftHj^DxqPOpyFOi`a@ufc1&KO>z(X|
zm^uj-(Kh#qGwXn9BEdbVqK(rqL57l&5pWXx9I37Q^@tR6&8aN1_>$?0?%LPUlRI+C
zU290`y#LeRn}A;^n&&=8Ip{j~G;yw4(Mw8VadO2j^#wcuW9TMfwrzR$^nq}=hu}In
zglPz;2%$g5e*_o!3-s|IXNCK4`bXN>vUghA1sKEdYe_mHt_gw!hTBg<q)PgKH+>8E
zCR=*?3=-@-^und>@Z#@J|4KLACU(LOoE|Lglg(bNz+IU;Ly7ld9)cJir)DubiK0m~
z83c3-gf7c`|6Gtc+Q;MR>6H%Ous%XRsQxmhEGw3_KJRSBQrUB`8A;`9qb+MH@(9iQ
zl7nglYSo=iieqhM-T6nbXQjVzv7$30{@jzJPn>xnmm}AuamB!8g4wNb1Srr40>M9&
z?#=K*5pM)xhSmr(ybVD)KRyUuRvxk7RQ=^;cIpZ%rriJK;>>gH8H{q>uX%Ob7HjU`
zEWb>VIL(58>7w^4^Ce~TO1M7c+UD#B+&C&O65Ve);}G8I7aeOk$ZCb0j(|!lSK|0N
z)YEiS91C1J0MEGdNce}3a>)vhJd2{PmaD=~;kbOM?f2>(tftTZ5-Y1QWKPHsaynvG
z^`9fXhVUnK3+F9kLSCy9h=D@UiP!Y`yir~q8+X(*dp|McJ7b5Z?R0S8U{}XnR9o?q
zO_O^H*2X|ghuNw}IZgH48GTr3<O@}}K@8NYOr<;(@8l$;Q3|uZ(5~Ycw0BhBZ=rtl
zl4id%<6<48T#h}-S^Xg1(iF}<#Ghv}%NgHi?Qqf&;W1W0skceUn=rb;8<~ykKrI$M
zzl%6F@hM4|_n%`EX>bCh7yqpU(q#T}&AeD|MEu$Uef)!Z|M2if*Kb_utE1|2D-B%7
zzrP#`ShvBH^$<FLX4zEpjjBoQ&HLuE!6}{F>h}3Nd>5YOPpvAAJq`t2kqIN$tbYW#
zjG#NpR!mCFk(wNJomQADX_CP}a)FOt4LkIc)_KARxeOq9&-B&^L<+dtg~t(&+>AnC
z3Zomb5U4p_jQPo29r&XGi#80kTuJoKVZ3(KL=+a8BIF*>I&g&c$Z$I)z+f!(c_r_e
z_zrR_a{d*M)2Rtn-JLl7^h7cr)Jn)542O=I{SlygF4@@;T8+~5cBaIg_(UzhM*N9p
zO}g4U!4Gb$c&}~0lUoV>?a?EVdPI-r5k2xlM)ZhmL|~o5enE*UhlI(6+I8@GMrOk@
zTD7yh$1Brj=`dv0T@RmN(UhJLRm)q4Ag)Lxgd+Y3ax{K-l$FVt_j*O7AcY7i8CLp)
z7)JS$_nH75i#lCL`2)1S`^}RtM1l~lc0_p`jI=I9exW4G^)vr9>a!bvHjpK&s>c_7
z9;GF#Xk)OXQ693_js6N($bFw!!wGliW+W}&S>-FqUVP$)Yp2!KRQB)^Ic&+}Xtw3)
zV$*8+$+XEA+#TydY^$UU0VTT)>x2y8AIV;tPE%lIJiuR8mZ6ncTtJ+KUqQgd6yGw=
zl*F8Hdy|WJ=r3eo`xaOQ`e+dDn8C2C50t%;#^1uQ<NLr*O>-NaOibEZFef*}S!Z;E
z-|RPazxP~>P1z7WF?M<7An)8-&vhBm`B3MPTszgm(BSEZFscBz-}A#maaJB&=W`WH
zI=;<F{$`@_>7!_z?j+x!qiF?1NUZmSOcdd3M}K^6LNxe;a~DH=5#mG2gp~i!u%;w7
z=|!JkEOeBiPbownL7!G*yRs)CyHm_dr0_1oSuMOg78sVkYj!|FF4QbV$v#6tC7fc|
ze?(;7AbBt|9X4cERAf?XlD5WBprn!?vrOxk@W>GcBfy%{twwjh9`>ajU3()flDUSh
z2tq}+EOnZT@#+#n#gZ0fafeAn-#@osuk@fa&N%!?0}$N@k8V)7gT0`mKmQ2O5{ImJ
zKX)oo6@mQMm)6<q>GTO20(nH1tTXb-oQN`1cMHvZOB(I{LK|tD00p8cO)6XAgm%77
z?!a)~zC@s@F;|xV)1-#;nUmsFn}Bj{Dcp?BWA!Oqfog?_ef%&q;GJ5%Grw15*FxI5
zf_#nkhO-ss7e4INY?1HX6ypbJx6k5NF110K0sipiZ-_WzNd>|DhNwYY@ka;kKD^pR
zrhksufVKFMZkP~IPlzYoRAXB2Q6YwMQfo+P&};9Cxza>p%H6~BoNQbW^p)ysGh?NB
z^l@*P=msC6qfYSr^ON<Huqe}hNapk~h<`YN7!G=tN#qibb{TcrML9pw>dxr!yji?g
z%6UVtv(6QrkjmSeJ=Yd$&Gi9+$@DJ76SDvUlpjF3ap~|P)G+(Z#W9m&5*TCX26&<|
zwI!kyT$s34UeG|f?@jbOig%ptTAKB<8a8_62lm3Y53T>vn&<#Z_45%FN?rw_pI-xf
zSCj!(4MX0(3)xrG6RVQu9C)zlEPG~Un6a@ZvUGF*&R(?^Zt7_>@-%Q2CiHubakY9P
zSm-xIt&gp`pF(h86<2bAOPW3KIkganX$T?l5!gcB0!lrS{E1mna~+@<043w!$Ns(V
zlB5^w>N4fgwq6~BtSU|2*L_vr`-&TpBV1uLr*D{(YS^kmyHyr0#(MYPO}0(!`t=B%
zjCGCfWpxY#z9&<ZR&3M37q|^xzAxJ;=UYl*hOVXebj&sb7%qt^z9p+ei%12OxDFvU
zGPn~l<cL2cxHbewIHm0qBSA`FjTb+Z3TdAh*j47gpAJ&*;Qni4F`s0)4u>XU^qx-0
za4eGOk6po$3m+8kA`5XZUZ5R<AGT5hLSA~CZiV|wW>jMlXJ(ELJ&q{`o+b}|j}Ywq
zII)@^;iq&^yPBSKi@kMj7GkI_vz)n}mTice&rbgeVId(~9dnw3!54H?8eUL*DnMXH
z<FJEhVz)o7SajSPJJkS4G?B*Nf@HgT5L#QXkwWkBEP@vCY8$B`wN0KW=95=|0Y6ms
zes;e(`ufwh3sXgTaKL#dK3F#n3-r)VpK~{KR$^@P{`{Dl>RMe$=8%!U7kYf&)cZNu
z{rz$)dTvpRw7IH4ze5|MVLGwssx@|#0Z<#FVM}noR<FGBPq{VPVtu7gjPe*2niYw(
zI;@B7oIlu2Fcq+Y|GnE`^VdPj^`SrAbZ@P@5?{_b`KC*n-s)NAiCg;|;v$-!3&#u7
z@=n&*yXmAkz3*S1e>eFsD@*KI`19=1u90u+JbIkri!;U2DkzS*^#-K@Iy{nN`uJ!l
zWoZv-6Rc`}ILA#NX{!`S{9yp}EUBBDUe-p5lI}|)Ge84+7Ad8h&P|!9(PiKFg;iY;
z$<xCP-1oQo<$i3V6zKEpA5a!3A{%v!b!SvA=ddD~tz&0FR#X*YP;27-;@8tS<rSGS
zTiKT3ceezGe6ga=N^kk~tK3tp<Z3SRFjoxCt!%N5Xeo`x`TN+llMd@187~VdAHawT
z$Lyz8ZtQoEN$QTF7mFTSW6vJ|$t2OlSQYIUgmKae4>FE5#>&fRijOO48?2?oN&<C(
zxLg_cYd~&sl=%a%Ms3WDg_V155EVJGTf#Glfi({hZjxJ(#r8H5?OZFP=w|9$^hQSJ
zw?GT*XdBFGUMW}jy9(e7olwl9xquv4)Az-`Ya0sxIfpv~$1oV`e7CRTQ?ZS!V_@s0
z|6XmKi;&!@!BQ1p+3?~xrH$zBB$Y*@yAe#+@As^AjnSO0NC!>w#Vlj)hYxNfWb4+T
zeDXdSftU|&C}hJs;G(+!W9llyqKekFl$5lB0@B^x-Q5UCcX#KOk`Ae%ySuv^>28qj
zkd(fo=N!GiUS`<Ov)6pF*4GOmq`Ke(b-yF}thubp$L~_paiJ@K(kmdS>Yob+j`ZW~
zfCj{>=oo~Bk`2E)$z7`b`q2^?)uQmbCgG8bF@^KMg1?!<hnWjP{3N|#iD1s3?a1P?
z*FU`DJGnSEPo(#~Qn|+wA-g`89Hy)F8$E9pe6gJxeHG-M!bh6-@jVPwLHa6@orQ`<
zCQKUr!6rac+U|L<h<#j2lU({75yqU=<5$R@!oRd-io*;4PLGmfpsn}Sk7eM^PU>#O
z`4N-`>{R*wT5&1c1-;(2UqI!!B7X0^9wxmMe>t1(38|IYRN8W?hnIq7nI89kWzzBf
z_~~7FoQ+{g2(giJ@U&M!c_jULaDAQ%unL9Wku)N%d}qbt42~4bj0q`&BgM?VlQUV{
zj2LNlNlbEX@#aKRl|&)C;g#WgOz6&O0xR(0`Tvww#>0%NgC{xE**6J(3YR(7F}b6=
z0>y~zeXNH%?5qjY9o!W51)Anv_A>4=<`K(u$XW$1dsATq&lmatl(o(E#Q>ZU6BV!>
zyZVC$wEPi*7wES6;=*|H+U(MtoulH8`tg3n2NFbPwuQ3UwRSE0yyV&1QnWmPyjj`N
z&?4O`=lh!1hrR2mi$ly#J;nTM4?k|~;Z1#`jaDGtbi793W6K?$b%x8-MkDGi_vhnw
z7x5S;oc*QP`Bi#;y!xn=wCB6ZOTL)C4$lcyt!a&NCg8C4j4F*~Ts6|S!#O_Zs;nfO
zB&sC$UD#%FY+)pez9N}Ksl^t(GkTy<ACb`-j5Ii^P4&0;#v#6Nj|$6FbCNC{bHPWg
zOAM|pw^cC3Aktx}lU&P~>&uI^N?2tI;%Ry`!tGD3(BYG*(+KUw?p6=i4h_neXHF;J
zM+MH&5>FxueF`2Kem@`IJIXgYTEL_D`TE(-3o*(|%H4LxncwYwSHd;t^Ks2;qUlRQ
z;LGSk?YoXj3>{{ysE^KESILg&3x;|b^IzPKCGP9x!L9V6jt^@Kc+H8D=qA}@MWK1c
zMDGTwu+)zrJ=<RQ8veHvt@Y~-(7L<nMzaL7%enwZ-ul`+)P2+(D&stPdQ6?)BY60p
zOzi|CvZsgGi3=OM`MJZIyyi}A-YGxr%cCWD-~&c9z$?YaE%<9*C9pOUT}~;PGUjJ7
znO{xtOt#d!DCV+&+Z|c3pHEKkg7DwjE99l7<XC&)EFuGUml%gWKrW#?A}5FQD<JJh
zyy7yGZrg2zHEZRMGEC|k28#l^8^!^T%UT);Oz8#q+to$$DC(+)o5?`HzF_|5bK*A@
zUH@C@rqyG%YrM+P#m*8-u4yWPA9b<2pJCuy@kldN2|6uFNXM!A;p3CYSmaJ}i494H
zn@XKkEz{kGp`3l&fKL#R75{CC`-FB|y1Cg&y#!<O?tK~Mwr-Gkhbn<AV~IdA-~o8S
z-k*4`mAt}TIKtqc?nTsP=`P79+L#|DY{beqsj844mrG&(obls6^U!r~=Jeeuw9v)D
z(=@k1N6yG=eeLO_NJzg*aO0|?04lip0~ZEDUpRe=1&|?~EDarfBVremYcArXHUIsQ
zRZfT=ZW-o=3jwaX`#)J|PN^x!xG?`pGpxiMy}j`;aYA41E;GXsWjUOC^A$MkvOwNm
z7e@xkr{c%GsgEtV6m4r7N<I0_^`<zqv>a#b*tubvW%#s27nQZ-#j8hpd7_TB$(P8Q
zIs(AiO0j8KN8)1Sg>7RO{YZf32#l^cSU)#$&#&Jv>|ql8;)-cMVV+}(tu7y-BAq1J
zGeJiWTS<5BCi>97+bw;j_*z@9Li5WH>i^F3(9Gp+Xyo`6>f+l3<57E${JAK#uQi?P
zv?P;9g}X_+dEjk}%Z0x9PDA)X;WIf##fg;=v};NPLT+7j5V=x)&oKx@O$6})u-3(F
zaeyIND0QxMw~Flc;W<9psp`=>1r}gZ=#RQ)ABNcL8-B4fZpb=*SWqkww&e=)<$ZnQ
zjxpF7NrDomyXPE78Y)s6DJkSG*T}}4RLNvXsv|AQtVagLRQXqfFY-(GWU);3!18D-
zl)N6i+UC#m^z4KQ33whZfcri@Y}F8e(6-ijW%*ChU*_e-iFjG6pjdxGtp9*WA@3L<
zXj$u;oZ5|k!SQk1)B%~`IlG>%!w2hT!Y?OEH%D@PT<Yh{Jz}gJXA_umCUM6U07se1
zg<~XZ5Q<}3$!JR6hNyo2Nmbl9V$fmzC6}7!f5o9z0P)#kf1jjUE#e4U^lpdsX|v&*
zwWB8&O5eLtjozao{O%Fk5n!~<yPG4Q7{WHTWv^Bsp@PlTb)u<ie?hv<Wf@8IHoxHM
z%>dHyz`-PS*k~)SicSB_SgutAeX^mx73!rkH2u86wX<zIJom82OgS>bIe{x1`cd+j
z(?`@00NgNN4n<T2?n2;#L)Uavq^9JQG%OGPz7>7mEETNBG$SVAzWb2c;p*G=`?>$>
zP<fAMxuZP^<_V<Z$K1Q3az{*T&%>ZZ1{{*kJ)yAKi*>F<+(8^K0@}-F4GhE2D8p&A
zdtP1^I5bBEX`Vj#iAX)o`OMz00`!0PqoaIbI99y4dj;8JQjN|83h(_4pN(!z=zd9_
z^eLo}N?!)TEfcc)A2Y9f3t@Z2KtcLdbg1~9$r<}l>hF7D<sMOETS9+^tsYa^6rk(i
zbPCl*>9iaAS3XI%h)h~kYP)fKt3&~oWxYpjJ*}bJ<SHXXY7T&T{Q@YQkg;stmQFkz
zaQ$Dz8*t#g)NBMD8=g5W_+8N@3t^HyvQSQP5E>{;$tQrs??COJA0-jx6G1260Y1yw
z{L=c@c%08Y2i$*A&#ipq<z<Qf$sDZ)EXNO)FW}y^FW*|0qP!&MpE#nn0e;uhSyQj@
z!@PlN-O+(c)5U8tQu(?A@BT~w$K9+^6rYSF`F63Ip?Nqm-JF`i-$0z`6@hvYFQpG|
zWhIiTiZhCHP|7ox>!vU&ii?rlA^-gV%-;m-_|@S2{>3)+9Lz4W#HC~gCyF<({dQU3
zj|7L$jhSmUc<Jd{wX9;1z_Q1KJZrnL&||ru)8oMIF9EFbc{9Ry2KXg!M#@a->A$in
zvfUK_!vB_uWzcPDVpxS1-X~_N{|6W_aR}9E_E@$RM<lT4l0{mPC1aSxE~q4Hf=x6?
zTl+q?bm~<2R;ereXWClDfqvEGPL+Bo;)rGRZmf<Y9+oGtIk>S$ME)8s@@6VSICY0k
zVu06`@ka0l=ZHvcT}FRI$vW9onEywB<p`M(abk4D7||cl6JisBTMRuSk!O~Skzq72
zA!RKpDI_XI7RAgnFSR^7-K49WXVnwJ{O?>AR*wKHCwC#tBS^=HyLVc)6a9(Ssh?kA
z0<{sG@2qu~q$agjvra`L`s6(nO1v|wwbUZLG?%I)E!$u*c?V5@8CvG!eH@z8JoCEz
zVT|-nxp;+9Gq`PJz&K~I(F%I2dQ#&LpoI^M!O`J_am7lep{1GC+)Nge5rJ6s6}5I0
z`_a=OQ9kQwVgB_qZ>D+x<DB8GYIQ7d6)gRwhd*2Y@s5!eW;Mv&*miXT-FpJc4!IQJ
zWH4$Z#@I;WiJZyCVEd(AFxh6CW-fI}30BvCRsXgzZg^Dx_R?RS6>x|L@jY~uHT>F1
zKhIo5wSg9HoYeROXm2*e-~v+m;^l<9f=dHQoD<)(D-n?bGDi&KPIzPp>hHTy>Hfwt
zcnV=Rz#3);wwqCez{lcC!TBeZcCg8V>_ioa$c2jjqrv5V(*lpSZ`Gq_`C;9?P0+B-
zVxca@@IBUbSDPsJSZpSixQ}>Z6j+KU=i$V_Qate+h~IlhpkAr=(v+*mM<<hU0`Qj{
zgi6Mgib=)F+T@%lzM?4M?f(o>G>?5tC-*CGKFtw2*PWTIgE)1dEuF(|dz2B~=vVR0
zP8zlUT%3p{GU6=&<?0gRXFclacqsm!?=8HJ8R41r`Hsit;-S|*Ycf)s7{e8I8q6Q)
zny?HIsBnJwRTcOSGnAAdau^=NA;&67YD^TDjnLHa#T#tRyl1#V_;1$YJ?}niGtX71
z^CTZG3=)*N&4-b%T$K3i0K}NDLB@Fq)-O^&GE~R?Ih2%>=jS~K!{JKnQ6MGfb|mBU
zG{PCW0;KuWH>b@aIrb;6{6dLuJE6aB*5p(IkY2u=HFTeny*ZrS4Fgwr^c0=nMm9se
zDG)R5D$>@=;O?|LRJf2KCrap5wMlrVST3nb-cJ-$Nz|ldQim3lZ2C+Eh4!Z4AIUy?
z*jYHabNnV5Z0?=p>6hL_mmqgi%}JMvfF#sMb5j`lwWc8Cda2J3(9@nkB@Fh@#Pb`D
zkGJUcclVLwqTE>fkNM0g)ULa|B^fVoiZO{ljM67OLHJ>W-)T`NIy44$YFRpA&V$o|
z8gL_Z;5ZLOw<w)~CXwutlvsFPz$6Q+B}V!Tp)?B=+m<N9{NFsBFk%*OdAv@#WnZ%Z
z4YZ|CXrLZrG>`}H@eLs?+uH-4zpRsJ!LLL&;lVTZwku^epK0jxg0b(sWTjr<^L&?^
zKX37oIl95uJrA?d+%BG#QWKo$%s3C)`e9iCf2<oBK8y?c4tc#a`Crg!Naf(H<u7Pn
zM6DA@PcLu~o$q%LU0E$u!zvtZ=xqq4X#jZ^lQen}aKRxbBJ?EiA+YOT3j0n3MJo>k
zs|J?-41wf~ZHzsL(tXitK8Vk~xJ=H`{XR7U{a1T!NeosG`U%_(120q)NW>lWnL%m5
z!g{X$!sE@DebG%Pt^J-wR?|F<zko@zzW3;NT@g>VF$~;`ZY`uOW|ZNlDE>tNptupZ
zxaRw1;Au`Ue+zE$Lrfm8om!Nk4ov#wfjKRupC8{XLoJ#(*IbUCBq2x@@2E8YO=Dl>
z196jtL43f-V+MeT41V_Sk))vzWu6Bz{S00^qEK>&rLO#a8>~4`(}-XNk`b3gi<)Z!
zJQ5ze3DQr4J>3O8fRT^3&#poHOmHYZCCjUp`7N_Q6*!3ohldicvEBNxFaLBGOqmvu
zsPvvO&y+C#t(XjDc%l+C<2(DrKq-puxN=Fnolr9!)7&Y0++vEEq>B#rECz$WOwXA)
zBh0_L2&SBaNw}A|JeU#3mM`F&`gQG6v$k%f)d!$9h`4)sUGDX=Z1<v|&j>Z&mPAFB
z3~`l62oyq24iZI%y}yNM#`9+%UCAyx!fYHb9x=Vf!tLf;j`JK5lLeQjOw}kTgX>km
zbtsg6$rgCZ=DV={bO8*Q-InNNETpa3MJge?sm4CHUljkPrJKZ2So6Srn^gcE!>vFv
z)@aG=4)>7(72OSxi9;V#5aW|e+hnQ!ic}`|H<KF07Z@5-IqHe~mo@O+lwYMx4GY1;
zo)0wMQ-LQ&BY;12DL5zW_<;*b)Qw4$ScoMtrP2HB6Fw;>Qx1CQz4@D{7n_^zQ8?IP
zQ~{rW9%Ee!<7STlc%pax!`g}!?uq@o$9l9wwW{hMj>Mu7^2@4w$D|FuwvrzlM?bme
zalNir$0EqgkVmQ=V@^!gZDN*ZTvn^A&&*QHCtIR?6}}@&oIN9UYE>bgcc0SwByX@}
z)Ul`4sF4(=(+znJ#~klOb%hD>Tk(N!CJZa*tn6!C8gFw0x=s}qHC7yuI%+(^BJIA{
znfRByeXVw&@q-Gi5eVQ95Ngvisud`sQYD)t23n|;wE6i&eTG>_iT6bq;Q#-PYdDnQ
zHA>N=l!I-d@<5ghm$JJE-HrLz$uxu~$BLUo3S?QiDakxGpbQYTx9QP$X*Jk6ohWU<
z(_Yuh>yG@K<@LdU&9Wn__EX`q>iON0-?io~2ROo1wxzwUga2~M9(E@~oi<vllxUu3
z%2@W+<TK?+tx|xwDx<RBbad}$DI$Z>2>D)kw79*Z8TZ^opaALrt3{INU$v+aNPe00
zdv`Y1GO+6doHihljMQ4|slitx<$mnV`o$Q<ZpLFNJnFb$l9K^1$;ZEN7U}dj<Z#H;
zChD13?Yo#u6)36dfmtM_uN2>%OC>6yDi|NFp%ojjLnv9t`#?5HSw#HFzC2GZd&w4x
zq3EwF5aaBBE55qO1s7?UKuKK651*{zWdl!p((CBYudVshUex#U=S$X@<tI?0IoN<z
z0Vh3Ow}w9MRxK($)b*}BpQiZ-PiAfgMOr@-uf6k`CvQ!!SwC}^dpj??l{+|l@co{J
zegyQklZvuQ->o`-$9`1CAhp1;A7x*N`QPPvrE=zRz2Ous{&M{qA~EW@Bqe45-X+xz
z>a(1F=RYaUpMugl*nv<3OQ}lqE_f^kR6}+ew=zW8_9B`Z&E|`7?>n5exR4PsEpUWK
zcAKWR4)K^7?Y;d+sdN}AvO|(lA@oJ4ySMUhCF3(m)XcGq!EI@u?_{CHwEiaR%!o>Z
z8moti%K>$)j+SL3&(Axjdy?VD*!XsiS7o0BDFYj1ej;ISZB2h`)UgyC(8F&+mK*%(
z@dmRWT&@A|FW^>$@E-Qh8eD_FnrzdpcKKn^<m!lS-)h9YOw7ouvq&}3GUs!wd0b)B
zT+Lkz>w4nb_T`1k>Zbdtn6|k7NY~F0ZE>0%64wylv^#deD%EA-pfh$sgTope`H=+I
zGv<N`1{z=hCtd$HF^&A%?z4+~D(2B9H!nQSIc0i4uK@2sT-aRNNl?0tuc&3Ic@y7i
zk{qG6qUq;y*#259AgQCaK&zHKq<%Obw!wW7dIdMCqtMCvvWE9;<))f@&{HiH`Xb|w
zhISvV@uic7mOCuZm_d42FCl@D##+pfia0L>9iSm*DFF{NRw9waFn{i#nqLDde|uxk
zP&Kug{}~$jJZ)&cxTEp8H0<mO->S3V7YaJmbw*M&?OeHia@x>)*X}^BReL$OW2so4
zK8zCj%_BN>%M;|OqSsGLPlEmDB6^CL%()l4yIiO(dNpjZ#GXIa%ah8TH=2ndG=Yw)
zisGC6I_|uyz~|C=qz{*N>L;M6oAZiUebYH}q_2jz?|;pkFAOAK<Ss_j`xENAU~UiV
z4T8F&>4gb&#Xd|k&XeRRVc76ej)!ya#07E<XH)GwL$$wubNA0`iS>x4Z{gVvbN-o@
z9)R@gt-O#yW_myb#081m8%~#`_9tX|AxNDRIB@z*>e=dz_#!i;>pEB59eT!>_0!HP
z6X}?=h(%G*!uN+fQQKqwV62v&9GIV_w#|DJUy4RdfkmquP}ea%cNnOa34;1BPm8V=
zbY0wUu)sW(g#q(4->+8y{09_xa(C#l%#Pq=n->R9>M4!H432h621`(RidWT6x$DW&
ziRpt;(b2el3-|5z?$NGZ$tOU^hW%)Fp<+%wISkQ@({?gTCTY+r6x8(={MJolhQ49F
zP!QqU3L}+IJb=E)p1Fhtc7FhQ5&_c|RfL(u^o%ZvFZkKNCb&$l_|NKL<yLj9b#tPH
zFY=6NB(E)q_T~~rA!YDqx02L<jqc1S)jSo~E%y``*{r|o#OLe%K;L9lHfW<B^mV6(
zzogG$mT$)#MI1BA#nw+FGAU^?%y0zX`ojw#jv)z^&w@W?Ttle+TDbX`Mgq((I)6g#
zuL8{)c~c@J$wu+sIq?djDtRzP#-B}PdRgQjH4)#xIrzu2IFD$$7M|SSEX#L7zVP&C
z6MurU?9ldMJGfbPc$yC&Ps8k;l?RV3NB_|%Q$3CL;N_;=U>mzM(F-6~c5In#wFm6F
z^05S6Ijsk;)9o5ITe0O2>&bx90uPwpPa8Aj52MO}mX+kH3MJ_Z30OuchD74OQDG|P
z8Ir}lI)?0b`n#PNVe!g<wDG3<nt#c)aKPTT38v(@Fk&o-KCIgCal`fRo|22tz0UCQ
zyzA<4#}3;C)+n!aZh2%yj69KB_HW2pRnFwrS<fQ0XbZPu*Z31Wq_b_7x8fbs=Uk5Q
z22{^4wzwb4%^T*0oF~^BQlLtA8<OuR7*Zl2ncu^hm}Ygp5%c{J4#^A+Ge)F6&!a+u
zMnx=?%&IK4m8hU^LKZqiQvAdX`92)-e-mhdsX+@53WgRQgmCAdXg-;C5$tOgQ!@ee
zJwICz(X%H?^1y?$gI9#<(YEQ#I$UoyPp+hf+t>xyG8xwv=h>v)Z4*AyEr9DtcidW}
z@TH9(roH)chfRc=!AaNyAIw~ESTT?L%>i=WOGZ<JtqqR&&C`15;oAKZnX)m-CbK(W
zv%2(sX-wF?8Y5)!xabmJ!jElyFguEZbIbi23kmhDWX>YOJKH=9_SnWi*qB{4q#x6(
z;{#gv-CH(El?$=YBIy08oYHQqh6CSTwnC1U@3>HcoD`=K*vssdEm$LTZt-%D+IVuM
zkr<zvl_TWcRzv6p=bz#<jRxOctrqM9pWF8;RbK^KT#z5U8sye0x`IAewI#{&E<tnk
zPcD!vs`PKpYY0MGpKl@OaAq{zq0Lc(x5L!aoYz4O!ZwwnG>L8O5e$;D#|*LLs;7jJ
z+eDTfA9(Al$&rOoNir_nmpr&WMPu~sEQAPssJb@}lHC69;*jFI&wy`@&%?2eGpMmr
zf^7NmeusWa2p5=yn*z1M)#8Uso`(`fo{i%KaRn;6*RHH_+m^_S-gU5(mBldLWzC+#
zmzFx8KF-lqBQ=;1J_y`!Wg$IV5xH>e3*bD~1glS1iQ<G0Wg`j48Ux*<2u(V0NoU-o
zTaw3B!IuHF{@HLnxj=Ato;HqGYOts*^-68OY|$*s)K@&TqYfT4Fv-f0RJJf`efRxl
zULRuWF9}3?S{_;<tLkZDMKi<8k>Y*pgLc<kYdE<R8yeZBy%%s{zrGmnSM<gezaH=Y
z1NOMH<aR3TH`&G?JVu6U5}UeX>AIPyH1MG15(6cFfPfnge*6K&zch)^dB%%8?BI!%
z0yFI5H^c703<G6+m6wMf%qp1t^d`vl(?^jw>n<vF_E&8o@DR>nGklvVKCL4ut8SIM
zqnpa{XNUQ8w-qN2H@>*$Qp6@(S$vT}_of?vfCKLk!_5qRS22+U?J|MK2+&Aqv^uzl
zp?+fe`91RukqogN&s)|qyJ>9pyid~-#2#*iFBfhUti82j3K8-XaM_4T#AffWNFoTD
z?;?)i5;|VNpVcI~=x25*s1{=t@9DhRJXmsiYM8oPu)h05r-OMrMZCD6s?WE6Fuu#}
zoqBdPzWE32+o#EYjS+yS2yVoaB8ntd$-o5#8sjp|(+1iJlVfG2on6_tWBgmmI}fjd
zmkTd)@Jgt_D^Y-<;-tw#U^bWYSh-n#_(XSxkE!WHpO1o9h}^LPzZ$0H)2Y*S&ufQ#
z(Nv@da0H?POZZc;)n`TX09(?*mQg-{`5S=zsMsVvK@&`Aau=y46A8VI=y;$0?*h;?
zh~G)5iRrw2Ibb-FLXtl<nn$E4m6%`M-ww*W><r0R1Ru<2Sa@|G$vX+QKhMy1>j2rS
zs_fPW?P1mTv0$#9mN#+PTal8k!;3PWi^2H47v)%^DueZ!o<Y2mA@q{<$+Q?z`3$7v
z%=FS>T_#BaY|IB+Be?+PABbX(<?E868#dmca|FSxNUCptwR^Qex5yOY4M9p4)2$=a
zKaeCjQ`;?Txf1tTmbhu3G4^?wId%qh+CgwLuvQCIJKBMfxr1`Hysr-P5H)*QW#Ud`
z7O`zZey%tBY^Z#_@pQAY>>1d5<-XqVCIJ!W`TUi1T;ITWRQphG=|KHamlwrU29oGK
z$J>Jpm_M+kkSj0nO))8+P9b_FRtc3vu-AcolO{Yt2NxQR{+q}EAF^n6{yUq`Tlq5<
z*aw0rp;x+ip}AiZ=b+HZa>190`^`XQd#40{R1Tab82d)`Mp3i{AVdAg|2=&<bMm+d
zL^)!#U*v>PrAF|6)Q9}$?jvTT91?3DQVpdTe!=^v8j9cGooa9eA8Ma8pqM0JywVwx
zcoZBHuY+1S<($xZ{&AfC_-#&<a(JP6V9H!0WnHq^(nQYtCs4urBEtN-4X@B|$9{Ub
zLz)3akgGP|)*b=JpT(r8JI2A*gcaTCF42dl7v<%?rq73gScl`|=NX-|FTbkQTc=*0
zI>P9q5ug-(@9c8;acpprxm0{>euzz1$->w*+M89Ua{bcBBiA4NZgfyx`G#i~q|=))
zybvXVOD-5$_zIc*A7P3FP;9`2u>lk2lP_?&Ay$nj1ycxK(W`j(Izu#;h}`K}8PvhE
zAv!{CrennY0vFxY`VBPP@3kxzAF3-X<3(#xJs}w1HTyn>g%a{#pe09`DcipbQ)_}>
zxqsN1#lE3!4?!X$y*v;H*q%6WohV36C!_KWQ{sMHZB1Nx$&82a((Ck(ATf`{tN@OQ
zX91+tkQoE;uGvhL+IwgDh9%$!i7o!aMJdUN9DILJ0e%r7SzdsZj5PdgpRsk?FII2c
zAKU2WPmxw_bDdkrG10=;WS(Z*p4Az^;i1zjsnsFaH!o#U5@c0or-wcHue_%OlV}Yz
z3Zp4m2`EHrf+|a&%EbbFu>nBnz2D;gmfeIe1GH%tc$r}g?_)*Zf6d=BOt8UpZ_;I|
zI2Yb+a_{!bc2bY-6HUU>*%ZH-f`^FY`$tlEVHEE-I(Xh-l45?noD{D{>>ePnMceOL
zcCrQq9rU}f-Ny`Ps63E!-^+{^&<ZzoY<cFPxIQXU0H%U0cBO>%2*IC<0_e9pwu1y&
zo8_@hg?z3)J@*Ub=FcRT6mJOV(asSC$&Lw<DYRsc3{d(nau|QvitEz&0}zqQuc76V
ze(~HIrZegUe{m;`QvW~?n)-PzMOaPpSxmYm^9Kj1#pjKDRvW3Z{BN08cHe*O*h^Ui
zn+pP*_yxJmnf0t-k)-)t=rT}vm7sIDB^#zP2qTlm?%)g&r<~7pwQJC_)l#fOlS-#T
zR9P~1^+RG&YJsEZdjVTv4X@-X-X1*0m!Bzpyd*gFh(lhxOo^jf;M&O#seOOo$B3~2
z14u6Et<NXuk)OU*c7_y2DW)<;<;2#&6hB)1z<tZX0u>2|V@UFUbVg{(kj@`uN(a`N
zz-_PHm_xs}F-h<oAuczrcZu&Y5HJPuB;o@b+JR_bI#%TIok4;(kVnf7&o}5ZP*S$$
z(Iod$Gv)5tg1(AnO+)cmYdy2OFs<aMySg@X`d#TTgSKGLvSnrjmeU_tBryHrpW3DI
z2Oy9gUPBMUUx~gx;8gWVu7=|r=Dm|&kJ=)N+%)bw;k<#w-4^+KP{$<W4Ss0l8I(j~
zRJ1&ZvGQsgb(Kdk`#H$m-=2RqI;!>vmtbavl?=Gt>Du&8Z&LGHEiqhJ4BMzG6zrE{
zDdHN8Sp%#Adu^)s3pYZlyr|y8_?txs2%k#89&Jbw35WBvN)jt*1J;2_IhiR18Oe@|
zg(K__bRJB6$rR2p)-e(NR?|)GmB3*?l1&kn6nhySrWBWDJJ1H1iv0gfia5NF*sVMt
z!H0So<y#C%v+s{p6$kw#>tp~+pxK)XaO2I1kl-5hPBJc9q(_*FiC?a2+l4I5cF+Eh
zxV>4dt4&h5LS@nOzHCilGXFh(&_^tH3{2hfa=^RI?K-jjX`r(;NOp~PP?b<>g3w6b
zmCqb|giIDHl?7>x=nvRUu@Fd1uWVFdcqmzJW*ZG_k%Wumnfd?;=ZOQN8>BamTd&Av
z|Cu4V1>(uC>E)A^gk_{rCKF@Q?+kUPZ}Xi^=`iO3Kk2E`tWUYx!NKLZv6<e`6R%a*
zWVg9}8H`m-GcCj`gv&!}gQi@Hp#AZ0T(8UT!|*?1?xe8@m3tE~nx#CUR=e9cQiM9t
ze4PpdqQor+iv)vPE__>~DMyoJYhH7VVyBA!fgdcE0u!b7RonI-IB4ivzi>+GRIbp%
zTn1us*d*QQ8_^%W{lP;0PqB8d%;tXVn12E*)@YW+;tPD;Btb~M9J--e`W<s){u%1-
znM^}XMb_s5Q75(8F)Mqw37}4XNrl6OHrt`d<_qf`FYnEL=j~mZ!J6#h_$Q_Go{B<P
zm>1NPLrhGiW;fS+`IhbxQv?4+8E~C)RhPyefEeq24UKUGvfria0@*h~nM#pv<t^20
z=<I$K9RpQq>)VlG{<CBBJ!GuTFJx%Ic1$;F1V3PdpEs_v>abFk#Q%5=AJO1>mowVi
zZP5%XW2SQb%KLKkeRRTE<6g2)>vI4c5~Hb|N2A3H+0#?m$(JXn#eq2N5fj58f8^O8
zG;DKDR?1MR5g(Ij21Ybq>)&u*hV8_-YoJ#S{uCn9Vy8$jjt)xa^&sn9RR3!@0K}~O
zRaITXHC15C!GfXV=PYML#Q`@|SPHeGpP^ouyQlay11)qP@fVi9&Eby$liz&__+i_X
zr8f%A*=PH>i>N>;_X=7x?b8jFhyz~eY>Ben$gm#~1~f=Y4;IL9IpDcjG`_H}k0vZK
z>AOdBj9e2K+M&`XX~NOpZV4Dk0A{jZVk`fi)?d5PZX_1YcO=y<f+aUNa{eqwzJ*yO
zTdx>nwS7l<Za}0Rq>ZUtA{XsAJ>)w&$wHwBdZUiTp_J$aqU6|$_`-)BJU+W)#;+X@
zy0KQVIET-JGtH^$5rmaOOAqW%j--{+m%+??pPU|*v?IC!c=(L88c?d^nS5|e2pQ(M
zz3kr5R}Z);%_NNM|98MpilRgy>EcD?eVs^KcJ?#7FJB6=^{T0|X4m;vRuE`lLN_sO
zv!Ajym1RZWT@Fv~OulaQ1X7!~eZD^G%YHaG(<EyHJrtvjR!EKi2*PjhtXi&D>;pHA
z15_h>nmvnNmcf^08ybIraIE1g^g1?O&dQK`Hv;l!g46&QCDg=0Tr_dQac2Dr<F}h$
z|4-<tu71s(@7#ffo>G+{8NFCw)+s|JFiGWTNLgo)e;Z0s)4z4G;|}!wtZmC~AEAm)
zl@PUIo0oGC)O_;P1MC16<U&pGO0OJ7C)&-^>zlN}o##axRy?e|KWENq{s8KLvM_=?
z?Iwl2f9j4jyP={6T)#KF-Zu$IonD_oZ4p>Io_GHw9M;3l;@5>66>D!CGOBC{q=||n
zf()rGaz2a*_qB^n7`qbW)HV4-iky=@sRN)2iNuD;LS>O{vypfce>^8rUsxvyGah1#
z=|D?Ze*smhEyvR4F?wPlh9yh`6XcYOR2`RylK8a-Vj2}zrl;oBZxF_1K!Wd_LD?F)
zjQ!GNOrehXI@P_3A_??!!m(P5j`Em6Js2wguat=yOhU=@fM8{c2vzcX{mi67`jR+>
zhEn`PU?xwic|%p|;2Zjc;@<=SonjCaAr3doXRa*?BVB6q3VG+}ukNQ1zfISzBl-T6
zWN{TP2{{UMUyL{86T=?smk`D!Mj8i2i$aKNk1(BWk9NiR%UCWQyQ=!oWR(j^FU1@d
z>nWyi$^3kW^m!^AdoKt1N09jK#8+%u3uVow$)v6k^$6ry-u~;;ZSj_mZ_K?)U9Lan
zp&cNGX-n@qW^Gu3$I3TNoYR0<#2^HLG3rS<R`NO{lT*dw)q>`Th!Xr8CDCVeQTpfE
za%_<(HRqRo<&L8;`D^}X6JUPtGI7HSkGa=<<ecUYpzbjW`wfgp^ACbFy1Q4#x4Cjg
z)Nywq5LcC;pP8I426a*hdfjFI?iM+&Z3Bj1>BkMh$3olDTR?x|!6X*YKWu0%x|v(y
zRC97wo?WXr@C<Cbe~Y{%lyIx%fdSCzJf(MQ=Bxw;K3crYV*1}d&xApsY!oeqJ@kq3
zKsu-<ho17Pb(X_j-VNEY@qgHSG;+iI1HqTEgkAC`iaK0!2UR2XFo>xf`jVS=^>4zM
z?EH;4cFkQ3sCw`IpBE&$|1)-D_!8^|DTfNMJn4vLHWR<~ZB|PpQa~l!KHF?DnDi<k
zII0MB0-cTO5X1FNC#<Wvo7NpcG4?Oz!puNir;OS&xK*FLcQH;JSNd9`@qHsx*q9>>
zv?2~62Baq0$F*uCvY?(cr|MRAFmMFcmb?lHF8;yLW=x1Lul!_uBk0Jiq**A!_SBP(
z?2m0Eg<?V+1CEb)*kKZxbJZU}L`wXLk4S#NMC+XCzD=@o9}`g_lX1&Z?svx(A+2`l
zMEm!9gn5HKf{nmAI}+C306YaiwnG_Z@HC$n=0b<iL7?t|pbgp?fQ5G{RT6Lt%zYm)
zP}9hqb9~R8K80a^iygG+t%8p1E@-<g)L)D>BPzQu%7POIc3dXH_GuKRoUA4h4XgM2
zCX56Le?(_f2<<}i7{K51^annsY`NJ-)3gy_-7ts3!IJ*ZDgam`uCigJ#OP6^!2Cae
z3FJCG`q)ud*G9Cgv}w0A!67TF!$$H|UDsO)o}?B4v=l1)KDBdO=N3>Lw;;{Hy`XxS
z$6R~VcRXC$51O$df7swKa>D!r0b9{%zQSCD;|B8^BN2LisF-+&p!VTZ<8Ke5>T&KS
z{K~<0xB&X!O=f@fY$JMdcq<yr=`%hU7P+<u5zWI@e(Qa<#a=a>k*m`H>3QAn2gdjI
zlY_R76r4^ILJV$qCue*~@>esi03YOsQ85ByT;K39p+8^;%|wJM@vX^tlk;M^eMGCD
znO-log%2@|WK$=dR(PPQ<ADQ!{C{zP(_7TR{T(z3i{K*H3^T5~Qw-}O*O%I?5Z8=W
zr>9e0RqjFiyPvnGGz#TDhvModmeZzm{Hk!TqK=say3?z<CvnIzj92OP4dw&xat&Eh
zoWkv<7`ej!K)2*TFu}*RsU1O`1ez%KL80-z5z4f104ALxw%c(h=G7#0s?$F^cq#zz
z;C&m<fdmp`9=r<K2&F8+l2S65AsChr#ZXVzFW1wvquHf04h0xs8!CE>bX{otGi0u3
zC8vP>m)DD!iBWXm(vUtlaV&6Y$ZsIV)eeVqQjAlA;u+BYrrU1?5BtV_5Cn{jyWs_n
zDK%z&^oX=`Li@`N3Ggjm23HsRMBpv|tpX=SLGBkbX~`~gVR;FNK6;(H_AYu9S9#g^
z%TY7(vv#^(`tfUsMIr*RmKjSZb;@&5#rV7hh`>TQ#bap5*{wK&kzEwxRQ~X>%|BrG
z%s})@I9-qz=xNnkL6T1B3mKO}BcXBHoRH4$L^1G;Y=qlG`Ja%oMnGo`;EU0Z<AY@s
z9y0!ugA{6TeH=lmgQ3iB;4~)6Tj9d#{$iS#YUVT=2u>Y>8s~cTYV|^%x*ob&``vl@
z4wmTB8~hGHF@w4^M|h+ADeW=wjvV(3!ZlFy7}eJ!S8o0#%`b42{-^=JBC*Epb_dbX
z=U}I6w)%Fbe2I?l7JEU}jPJvTQ8HrU)bQ{zqCa5A#6&bWNa3{AeY>+s;+Q}KpOZ-1
zG^lYvpF<>>5O{u4kb)*B_RrubQiuu<*GUftd$dY~p_HjgS(gmJV64r^Z4qj`Qw`SS
zgo*9qEJ_PP!dqQ_+8d!Yr}#35LJaE!pO(*P!aiL);x5Z@JN>nX7l+Dq%d@EbHzl8v
z5ozf=Oka?=35$wxDvr1h*F)=@Vlvuw77q|Cik0t~Q+mSfkeRu{{y;b9NHBO~D}0-W
z)l0Lf(d`ulkkg#6rZ(BUcb7zM946g_*}x_HXM8_jag6NmfLq>zDW3@8`{AEBQJQ%U
z`WLPS%6Ua>&)n+FnY)gUA{3V2E9;<6uBv}uI$dlx$vG7?6~JfHB2R3@%8uB>Zj{#~
zMDV=AWR0g>O_VhUo05n98gcmt3;8%4KprQ{qMWA4CywC&Qe&k`B4lVsrUs+H1}9J?
z&I6vyRH$<DzcaphGKVDxRKNoEVV(Rp(F&aWiFn{wIjr~Li#W0z9+rVtW$6#Wzg7f=
zf?u~~-d^Rzr0sZ>NV6R=e@ZKA@qEyy0JlX}N_TrHFef8ffEOYKbZcaSS3(BQQOL=n
z(N(hGT<v$4hs8J#&v_Z3#sGrlL5U>^7dE2w_y4z!uQ8~%0;9i36fUb1Y&&WNPS!N<
z4$m?%%~Be@Y4NCkj#9l=*^AYnDe6~Kz!xu{Sl+Juq`_ebIe%5wR6B1;My|u!7BHWn
zskzz%JWxN2gu=D*y9fA)XQHBT|8%3Fy)xCXzWMx4mwvlssR?hY<<}=`w$%Y=_SrUY
z6!^NM3(EIosccMx*j7x9X082G7THr)b6d@KX`YlLTx8B@&@Y<uX(y|1SccVu!xKi!
z6|$+lvC^@*BRf)gc1-<SZbRD$WT^U|b~OxifudfH`F~p=2|aH)GhfJ2DmDEjvw}`c
zgnSIhQAsbRVb@_bKlw4djB@Q;+8c)>fbGC4s=Vux+ZHQz`s+qe_7c4Zr-S}OHZT46
zbf={fL+i}(fz{Qs#1XKg-55RcRm2b%J!0JN57<kvkP%E0seAb1?*OIePr-Ln=K3L8
zRSbBX!^Q{OQyNwO30Xz|h^F{&$O>K(1wBIEPh<~a=rK1QWV96<u$@{8o>!|V<ZwAl
zM=&!uTUNew{cbIaJd@-4qs^6A{^R}paJSk8>E?wGe{+4U^VyKEo|>~(^>uveb%jaA
zje1o$JvJvmjT*zhEgnB@kRaqq$rg=I?0KJ(w75RQqdMuvthRWvsqffWwq45^KJ@JN
zsCsQ%eq--c*S`mm;^OwpMmL^koxK8Uph(l_MQ3RFrDW{QQlSd(50;Z#9yLe5m?#IC
zw6luQC1T)_{ds=<FzpfF_SxlbSv-2ilaocsA-Nf-Ya|#WGc`<2jTk5T1NIJVWP^*{
zmr(3K9WVpauS$iQJhlXXRPqdh+Rs69=nIz1100-Tf1}qV!MqM^d?Bf6)WL7PxhR8G
z?njiN?Vq8`4>Xx6gN=&ZRW%%{m~WMb5Oud<Ddlc2#MXr)1t<lTQjUc<Zh@{OtE{HC
zvE<6bbx8{ObmO48(fP0r{v?0u*k0TNjG5{d0aQWt*U2$eQ?ZuQVFxM!rLKJu*di%W
zx4ADNh^&MYmU>^W`VCxD=cpA*Y>(<Q1nNvz&&jKVXYBY`amVw&8m3}Lj%WV?dkYS-
z!VTk3H2y@cNfcoM<t#u>bYI|EWj9j7FwbqyNP{?PKL>00-yfG7#B0I97lNH$67-gX
zyC_IxD+*?YCl=$2+Ar($uzbbKmD&1i7_~i_-Q;%J%!qjhJD)1`m#33FZQ>9)y@m(n
zhwlw)1r(`t@0ypW{74F%Iq4{e%R+Y6Gg$J!C0Q`!15}KZdO?Sm`ZeyCcM~f`(wcVO
z6~o%z9fRz}`!1S~FyQN51>~S^>r4y>86yb?O!fZ&$5&j8_YPY3HfVi*qLSa3DM|69
ztGkU?Hf%_U@WPDD=P_}G#r_7hrV{YJ;${R8j?ZEu?4-?LQt|HJS`0r9X-zjk9*}^(
zDnU>HD{7i<g$kAk&7~-n%xeM*wdF|h&SUY-i=*1!3vUr3#{wt`u00@_NU3%Tyo+8?
zH47c#Z~X*0i@GJI+7{MlMGcLn%0+rt>`9YH`3E>&a5MV;z}BOq%=vhdIs$zHa<N@(
z@LgnV)d(VQg5y{X#ZW4VSbdk>^9R;4;D6bn5RXSkFZ354wGav~ccqZv{`E4EOL9lq
z_59el;KN+SWl`J9kH6ko!@yqCZ|MzM#?l4Hy>VOJF|cZBT>V)l)w(bpdpK$K){Q#8
zNggGDUu0u(H*S(j>m0Q)9ehi`VemwFG5aq4d|1xBioD`m{6Wf%P?nTHAkrR_i!Utj
zH}q@lC+cOjai9y*A?!91#!Wf%U|urmCAC2N5bP2vfr$Dw%>KGB#G;2)6F((suCzq6
z6?P>>iLikNqS1^IR__!p(P~Sy$yU$hhU=Syc0QIc*oj=q`MqAeyUYQ0luRhI2K+%A
za3tOYV~7!uBN;G78)5_l$2VLIk?QkS4oM<H?HH|lQbjbzbP(ZI*6>I2pRupF(|baU
z{=NR)KHAVvNs$Y!cbQ){CEpQ%Uym^I=k;*!z)kV4F64NJ`F`1rr9(R)7yB#v?HH&@
zsBGJ|&mYPfLO-)C>o%W{&*doqmh^qEY1i7@xSHQq<ni#<IZkvTDX?Qrh_G6wk%@i0
zHa_P_w`g*Ea8WB6HE@J*6>`<X!r#QUgEeBC;lXvF;58K-1?K~<ekfdm^8q6YbnXsO
zEu}PCl)OpQ>bT<4yLJOeD>A{^BDkoy7XL&uCLM1EHv<|xe>5JCN&GPG3N@lb(_>fu
zw?0XEe7SwF8%#!Ai1gm}{Ha;@WT+GqY*W$OlkdY6q+(GLPk+Nbc&&hHzPp~WbXTK%
z|H*TEi4?>29gXwI&LCk}Q1j9u#kj?Cij1aG4;@Xfh@E~?gcwQ?E&}3f_Lr|Ie9mMk
z7N{$ZyT(MoEkZ_o`k7=9sjK>CAk45|rV}w9rx1Z2(HL*e-~3at*wj{fENDBuXpCId
z-{P^Y*uLMW{9u{I?`=V@-=XE8XoohS#FI54>J&fziW^-RrI!k4Mxeu%Jq^boGD(o8
zdE?&q-S~h?N@L)aOfLTnVZ;Tz)80&31#rR8Nn2L=3)Z0=<0#LF4T~4oDU)_cL#y^+
zfr!7~=vzkCP_<<@s9hNo&k>{ZLoA1370v+7<wZ2CK3#QZ!*_W<$H{+&%Ek0nHh7)c
zMPmg!L1vGd-k!_xJ*5qm-#ZV@(-@;H?~#2kYB3U3(xxYNvNs!+n}Kg<ZZ!-0(zTX|
z?y{bRD?^?ig=89*E>%q@FY2Ehv@$4zO78Mjd7eerRxB)i$oT1AXy;|TE^~MLuJ6gQ
z?5a{k360K{x4P!@Z;eh{$f4W}X2W0g&Xw|z-?dGCj5{e2S2dL}y@r)t3CZU>&L#Ww
zAZ8`S?I64wM~Rj)Y6Kp`8=IEeXY?C>$hZhGEHZ+Ql3P(}ZnvWEY!Z$P?a46|RhqNl
z0=#$Pf5@=?vk`-@6OXq^ldOs_&C!Ubrw%t$Fw(TrnEfs9*S>gp$6vlLt6fv&{wdpD
z>OxD*WxXnJSCTdxWZjU<h#Yd^JR$`5wT2qk-FPv1-u%{U1fGLpyhrev9Uo;G&-Lug
z<$B}BrWg6}yCFWmbk!Y_1M+DgRedYBgscxt(B6y0I(;)7nxm^vApVE%=U7`DK65=O
zK_%XX6O+rD=Ch>X$M>xKcXmuTS#ov(T%3p?cy$O7AlWCaM<Mq1^;JoMmP=c<gxy0J
zx4nh4MU)F^v6Kw9>Ly+%bl9g)a7m8>V@6WUCWig+ksruS_5T2eNh)fhy-uS&<iM)_
zuEZz>c(SVC4`D?W5aI@`uPME6;*Uhef7CI#V%XXyWi$j+XOsXtBmcu*CD6Cs#wp1x
z_rpuS<8|9O`^$_yN*XW)#A8+P3F{a1@Oq8m6^h9UoZ;0C=jhlDe!(!^nUPRNXG$TH
zvr7ga{ePg#d@~?3WSHlswf9mZwW-pIN~r%b)5v#=%;pEVeMo9NIfv}ObCiUTH<`m-
zGCA?k>oXt}++QF$$O*^jZYv;EE<#x!xUhKbzn`^w#^_y`7CUUHKz%&9t$Yue0q|ID
zk2i)|RYYT#6!7kJv3OL~MU(9V$Vy^tb_r{Vq#%<}PflP)D<cg^V;ex(#sx~OJB;vE
zTapg_F?xqIpzZxIdg0|z$=?c&AktI0jd{_>0ziO67dDo|PEYK}bx+>e0Q_d>59t3#
zv->N!&23V612E05v(V{peR49Eei3c&|2j-f(we@78+sJ3vm7tk(bRs2JC-_NTdplB
zcQl)7xaT}+a&gz6vZhW&A^5$oo_7WtK0wIdRkTIkn-p*7<NXr^$HxUsAc5~q^))v?
zlmk=By{z3KdspM?y4`fam{BYo<iYh*CmOQrhu%bKSkj;GqlBVJv#<oiIRg@xNg>5O
z{&}P%*+Exi^dVPDY4Xz0@$c?hNH%fPL9OD6BB&>N?v8F>QZoX--!^S{7Wz$S(Xe@W
zdcOMB_{zmbcMrH06ZZyj`_OmN3vX`)ps6C6a_Z#hw2G;D(M73#yuXb0U;mDFCP-=J
z*!*4=VG_yU6NO^zNPYlDD!LrQ*e(0YRT1-|iod`Y*(vzfXb=id+La^U5K~+2ct9Ws
zXy^r1DDf}<7OIjH^opFEu=CK)@#jXgtVJ)t*-1b9EA9%ThtGq3C;7Ntc>lP9e-c|q
zOmi+kwCoa3MKi5+eA{53T;>&CUfH^dyp`M=8~SM$A1m61<*T3srOAxhqrL&9G?ro2
zP&sKWVEJ$brPv9|>n)qsZM0G4N&d21puAV{h4$*qj!z;75x2k(HxL@+OQD=@VK*I+
z;cC;;R&k<QP*@OH9%ZuCyHCFs!8odok5+be^ANPlzt*}4*S_4|&hC2cth0WU(biNE
z)+5GZ`{kWp{1E(z8;&lSt(lKeX5!k7hhfri!6}h-v*h_O+FssPXs~ezy>rc*9lwz%
zgk8*#lwP^rZ5W5p$jjmX?an~5So7i*C^q)j&a~4d?&l;6uNWJHi9^;!-mH}AvXd!i
zTHV(IYQG?TM9)xe(|EAyVdIX5BW-cswVmUT#B*|0RkS}QJQpWOO~@Q3*RicWxI5zT
z&YD!kKgZn1X*q<f@@^}tP*Nr%<3Ki8kUK#9%$5>%&PraN3cU0vBIW{W?iE{gyo&P9
z52Qgh?(xH}${99A&Dws#$#=VnLE`Q8#?FY-il41hFh;uKUeDgmEj7u?gwxk=rr<UK
zC4ls-t3U1xmlU_iw5LJO+#w<~Q!Veuj3Hjok+#46TuL^3?maezdtKL+x6jy-5!*sU
zJ287di`r($T!C~e9|B;UiY4O{c!vGD0kjIjopem4!B0*fFR~l%9A60#)hEj25Fh-d
z^xgBgpGUrx;SCYDM*0sU&cAz_Z#wKSu?8~mBIqIK!kV{dWQZfq*Jgm{ya>9TE^jvM
zjnXG;BX~rN-mETl;6*&T;o}`M)c#;=t2XR9Dbh*}+%_sva=)TpLTJ>p8F!VAFaTWv
zU2sw=u8?!5!QY3jt0=d!D99P!hSjB(wA*M0sPdyq1j3*15=f_<>ey};)h6WcVP0Et
zcWlX~Ac_K6EFK!RpSyb2k+6Z4mzNiAm$dyCmdxGjC*D+<w*w>&p6}HPVAU|zRRFlO
zEbD0CyPn<rhHFV-gY|%C9Z_K%Rz<s|$3eoEVzm&oH64ik?-_mA^@veva~|<^nb;#U
zbQjyUZ|E+H4`{v(tjFOPCX-(nS$^Ke|Mgt%o->_(;o}hOBG?<bShG-eMed?0v16tB
ze9DwT{W5svl^qG99VU2_l)<TVhp}$Df`X0-cz#1wR0@!YGyvDK-P!*w>x)}I01sGG
zcrpJDyzZ7~OV0t%AoZ4wyt$5*syA2mZp|L%uGY+}N2yb(vm&NT9~$~ms^XZPb8IJ1
zC39ZL_<iUjFVRlf_lht?yBM52KG(;|W0FKEYNcpZkXMace0#iHF=xdIQ3l|NfA_A}
zHg*5KL3n)vhVBDs`YNpo;Pm!L$39DRTNQYYK(0%;&0SLku4|^Q+6N=?=h*9!=9>?-
zbKtLzNvC6VKWN5RH?`bX%-R6a4Z9fQXWQ>s!qjy6Svz!S);`u-_`;9wRD9nz3{&xe
z|IXjnzG^ndDZl(ME6;Bs`5G{5+4T0NR>3;7%xg*90FB#M^~M8}`wO96q$M|7x;<>L
zC9Q6ac6Cp+MJW4fv&S3=vrfBe@36)7WgI(-gXan=#798yV(DiL>(DN$l5LB~T}E!d
zdWmN-;t<Euo{u0x;ce4wy7zl+41}9TGqBQU=Q@eviq5T)O;=rWBLESLo&Tw@$~mKG
zxc%s?G}3Rru4pP^79FwYC9W^<#LAiMEoktfL)7f|(d%w``50@JzGUs~B;zNEj<X@3
z+1oUSC)M1($(#;`^q<*rvI{53$i`uGwTL_%5`Cp?RzBt)$<N0vr;fHs6GK-&)dYvu
z8Edj0O{`<X1i<MzZd5-Z9XkkvRndrpbL5}*H+A=~c?JBAm$kj!8rAoggj}l)pK>4g
zIc>fUWt=)5p%J+cR1%BK+U0-BX2bz&GBsF}E%Sa|>Jta~dBv!XjofZ3(%s6Vbhp#5
zYp2OlhU`Z#AZGJ?S-SWZC(VzlRPIk>LP)>4aO=2XT&@jJPVS?w{H-#}yYi57S8^IO
zmvR@Qfm?Lrf^(hmDhyRAe#oJ6@vTR#HklV?vh_)+SA{L|qn<mFR9hAgHg4nnI^VE4
zja<Scei_sjI^Kv?Sx`0!yQo=XhJ5$Y>I1H*`12K{SGl*dZ76z?yihET&U4o+{|VD$
z8X)h@P}myn<rposLMj#axzO}-p}9(XWk`>z0_$k6#=63-%huL)^ON=6m0zf!l*{eF
zzHa;CRfp;4Bz_YstyZR6$&<wrWu!La3Zn+aqnMnOD2dbKOsrX_{QYb}dN6^UzyvzY
zdvhzBp6FGtyqB>Gv*?r%TsYLq5tc&$7_JOS?{Z6L{4{DZ!n;MJ$MV_6O42r+495OP
zm9%S5E>9(qQFAU&vBx)yje+ZmX?>ei<wNP7Tn{uv3;)N|GsnllG~L*?%?6Dxwr$%s
z8eMEQw$Y?<<0frv+qTs-{;qw#_v!Q3%<r<fo87_A?##|qH;RR)Su}{$gpf$I#=8Yk
zGNSIZS903X1Ru^yc(?ba<kiFV`PhV&6;OA?EZ1g?jfDvKLqnUvBn1MGG{&}fuw{;;
z_>*3p{mV-47<N>%AdKr4!V#x|Ye0;`wTPyn8!w)EGD3zZiKkhJN3+DM=XgZ)`9}V4
zsjkO~^o`3flPj=QZ+vYd1J)WP&rV3j3cTtKGF`8Wab2gV<e-%xEg};GtwciP{982<
z1iPNKnYTbsfF-wQD{w-ri)bH5uNE+YfsN^(9j=`W2u(R*BhtOYL(=?T@}VEH_oJ^0
z>4^2CuY?o&Qu?$d!}V_F=|^;VGF?v-J<-klY0^fL*s2~MzK~^cdtxzz6o@4ZdLgTU
zW~sq<95lPn=$s$+NX@g%wpxzhlt`Q?O{;X0!*j;ZfJ)7pFs%*&bH9E)Op%N?y(M`Z
zZ#o<Jf74+$(0A~fvHMY&oUK21uZO>I2j;=+e@1_AOfSV3M2D44FdXtGvW7dOhefHA
zcbrO$$KN1jeBXTUW09&K@vC4;g<|F=@~Q;ZRS;1tJ0jpgm|;zgnLa&Ds(IF#uz4_n
zf}dRnUYYCPRM_Y4++S#0jL^Andqvf8Ya+J~IfHMDYGbcB0UGzq5G`0f2v#VL2x*SE
z5&LyH`T~~8TIs879ek~_?ZvrhrsAB`_r{Sw)6xRWz^E~vrsTZ8+mQ@PZ|f$znigFy
zt>UJ&nt|~Fdjqn7@fM@BK|<F3k^0LVJ2Cn1>sd0PE{iR}cc*aSlzy3pzrXwXE)kre
z_Yi^`LJxi)ns2M2m8G;*C7@pnbV$ZTWl>fpr0P7uVQ}k-cyQLLHOru47)_$ZkR}BD
z>~;p__hII<DF1&xD<zb(BD@0Z{lmR97)u5>P{qk4&4VtTWY1lmlX?w?UPkVR_3`#S
zOr88i1-gRk$s2a-I`7H6Xp{(F?#=O9IezXW_<UhjCXVD?x&|`C<pBh@x*qp_7}-BG
z4WsQ02TDN2%B5NjFGhEeDrym0;Po2uGI#_9I1gME33*9dE27%*G||K0V})eR1OKFK
z4kz9w2gAz$x~CtA5rIy2$zCkc=N_jG5#ppy31*PVPZmv^bm)oo=9n+WClrVB@QOzj
z&!SBts8ZG<B_q)KFa+b0tC~gb8mxQyunLlZEg=K~H|i`W)GZp>+=GvaVhmU0q=`4+
z9t_}3yBQ-5C25$1VBaP$F;-RnXX-?^oV>SakOSM_bVGwPM-jIGjk1+aO0hJd!8TvW
zEZyKlINl)99EH{@(&KvkpmqDr+ra}_r927Y#gT`(&v!N74Dy0F$TuQ8(z-0bFu_dI
z<}E-0d!M;&$pJ>a+|?3&#_@7PA<oj(7}ea-gL5a>skN*fBxS^dmG|-;H9#&I@G`yu
zRpql3QkTHQEt0_{`Jp~L6{4I8koTK{z`g^ttRI3Bjt_Sx)mym3oq)2lw{TJ4mL41Y
zsKjG@1lf6c>Jm7!^FKc}Q^IAcXdnlOv3UT@)5}iZ1sV#@W<6?*NEkRa7go6%Ya$jd
zR95mdR`%iTfh*w8O$r~8*<S0HsMN3zM1c{tz1B2eoJP5H_t-Y53{S~%o^z21-q#Bp
zqE8(g9&g3A;w9bniDmrski!YD;@RRL!LzsxZ;Z=s8NM)~&z7>3dgSP+Y^(%g_L~7o
zYjB4)3YW){X$et1$H9B$2RI|U>+HjSG;!Z|_r~g{!b*wm@sLHED!!s!O`}kpC)d5)
z_I1_S|Gh|yJT_iI4lIB5p*rs6d)=T@rnIqVWm^h8j%j;mwR8Tlg96m6V&kVHIYHPE
z-E6U}82QDE@WDehu&Fr;*SdiF7o8d35mg>fSg{b5&e$)!#|P!1aTbKxaArdRicVx`
zJP?sEYe07kiitxzhZyVXnEa2gyh-vBu=Gm^^+8X$1A5=x(k}+4XW(`Pa~AjboX9tj
z(D1rG|L3v~?+EmraMp)!eylDgHg6ZnXoZ^C5Od4oyD=hQW;>qk-tFHj$krj<Efmt2
zt-)}Cp2O;R66cw<oPGpM*dhg9^f2LWs^=(KetjO>*tzC4pBS6cyYrV&b{pjwOD#md
z9s2&JtT*5N9Z!<H32g2BecDKRbOhLk?ss^J3Nq;pfcN#Ru&kTnr|7}KjejKpeFnmo
zC`jk|US>4%^V@e-lL&({s{I(C2)Nl!Zm-f5_O5s`!W9jsn_44|uxNe&`Jgm&$q(gF
zreq9L6IM<o3dru2+bZ8u4GXl!N|Zyggy6(-lEGF*=@C0t?0@7Fn|%l*pVA0{RrsSZ
zU;*SEI185Ahhf)w#%N3pkiRh6ziuwl|9ePC{CZofe!ytit?_wiG#NWeFDE(Gbx{4<
zyR(yMt~ZzdSjtf9^Hm~~&O9Xw+YtInX7wC)n!61c8LjvU0b_`PcSc7Jlhd(v!b8dT
zV2V9O1O7r40JZE|5M4?p(s1ETD@$6Z4VVOPqQ0E%99;?FSGlFWNE1IrOq#~58E*cL
zcM1*4zGf!t{;ytjv~KcArWoiQ?oPL<ZLq!&mYm+v<NN(-{I+01Kys#o4=rjts>l4f
zx7lBdSZFI3&o<r8BU|;)=3}MbN>?)Z066whaZRIW8bi>DxY<)B)h5Hi8S+QJi70I)
z4_0mKH^aaSn&uE9f`|)yP$p(Or-lNhIjBMABH+gAn>oqg{Ee!cc_&xjuqn6An)wUv
z2er}w%QKRE>Z6Cb$7+W5?NvzIGnJei8xFkN)0ofOd!?O<tB_;j)I}=nJ<2(K0FRyF
z&j~PeM3N+X&79H7-#vD>cbcXE#0+f?cUa^iL8|SuP@A2@b{04}W4~<*TJ{nLbyf`O
zXf@dx?j^^lr+yk0Av~K!#*X(0>?MAC%qDP@>0h1|#I*2REWBi->)WuFjSL>~Yn$(W
z*<Y}_S(oPE=+@2g)Zcjaci9rLqyK1`$FsG#adzBuMl>r=h$*iYx4JjLm8Kb8x=yHL
zHej~>sK*bB3yP_9E}wYNCz*ozFyt&Ra+m?`1H+WkIJRP18ng}E1i1Qv?5g5&1K3zB
z)X`ChpjSrh?}#BF!yY0DMCXGd;1=L=77+pi>MA0l8@~OOcKT`4k8636dnMF2MD#8$
ziXK?pWe*(7-)hKd%;<513JDuhE_(f5%JU>NS3aVM6tQ-yf$H4U5VBJy+58N`!GVsR
zLcmc?QO1%x1bTblW!&6q=6JPLO4le<uJjz|05tS#Z4r=PRdAxo+|TWfadJjMi;0Du
z{pjv|yg*fM7(B)jV3I!J7f)4f$T|>DM03e!WOCXar273Yjos5l{vaA3f796gn?~c`
zG%op8aCXz7n7!1zox)?5Cz$~o3R%iHQDYX>KLk9>MqqDxF>)ZOAz17*9-93&1)vYA
zqIVjZ0vC9+)h+?dB}rhR3LzM^qs-v_2)Sb7=Wq)Rj+JcygTDd6VkrJ^^Dh~fIyS5u
z1yEv&d3_2cD{DHoE_yjjulV*Go@@#&Hz@ATp#Dwhlt9h<xz1*i3R$Judz5g$@37FY
zA=DRTaawxWi6zurjl1dcL;nc6O@L}WlfqCNBo%>0#tGEN-qb*+bP{T^kzJkm6uy0b
z;)Bq^Gny9AkpE;n2*-bN2U5$VW{!H6gH2(4hPG_{F0pby7cfk>iv8~FItl7+qF{X_
z?bQJc8;mOr%MnZ*IEC@>DR1sKrNE&`vSl@jv`1M2kN4{CUveIg9T6<<{NXK2E4=4B
z=vwbUZC8^pgy%w_FIl`OU&ysBXpEgvm{a=MsI5G4Bvn2~izotCmxSnfvOvf7N-{vg
z@wQNf?7Pp-y=*j5AX`crNPd8~Q?SD_aWi6)f!TUO76$}JF8(_MYbg{d&<sdZKr^s{
zotn|Hqt8_*VCebr@vLU(r=j4|J&J-CK6QQbT$H%#3)QlXM?#}jk7sj&u3?V1l|K>Z
z`#XW1p3-I?xRnear7nx9*(ew`ln)rXbVe>8$w~AZL%&oa%>vL?BvOJuDe9GcPXkun
zT9u-oDOb55vj9C+&N(0N2h8+mz9T6;62w_Iy9dtFIXTm&v`M!pj7g|WfxOHay`1hu
zHPCeR!KK|lks}asS;P^@<mf!g_P@lieZTBwHF$IgNp^B~ru<JzXPLKD#S<IZ=UKB(
z(XxnKsT`il7mnr53*ZT=sGc?X?BG<+X4XqiXP|smQ==w@4-K(bqb}yNfv{0dPZ1}#
z90`hhhp-t~xb)|b+w~s^sKqT^P32t8K_BQ7QoF;Y&rW;-xPnKF-4O1(5(_~m$3Qs~
z(!{|?D<@E)A}9S_;UN(eYS0R&Cxcda5PS*)NQVFt66zJjM1wLu^oaf>1d^1Ij*p*+
zd;GG#i=~VtcS6n1SvjWYz;`hnGKzgG*RkcrQYcE8eyephXhY8-7MW`)Z~DS-%2M=t
zLqYxlAS0uX%k-f^SjCO=_cfT2Q^IVz9k^&fu`@b$Zc-@2D4DWbzk2CH$li!nuelNs
z(%Fo;erKDM?q9>0_~TYc<=zrp`ty))_zzV6L~vJ)C)=-n8yBQAU7Yk3a9{Y{UK~1Z
z%klMTM8YS#a@6hm6570;3?Ff+x%z0^=8}CSP#?kfhIh+Q6MwKM+swB}jrNQE!@J)f
znAS%^21ZJd4~cJuq-nT-F#+48l=zj&oeiFB>t9v~bi129&Dxv5W1l-Vt}MRu?p9>l
zDuT_n?NzU1?o9juv+q!EuZ(U+L2==q!2)aNHlxqitTyN5!yrg1Ej~Is4%!w%itgJg
z_;5?l6EtiIT<q>jpx-KyMak?u?PmXW9r!_+3(8dF+tMZ-PX<U+KBqyrf{B7O@w4n7
zUcBWT06_)$r^VPg`s%!;d`i7lm%*@#Q#`@lnKrSM-5Hms=TR=jiebK{pp>l>p5K*5
zEsv}7lSTz%l+5bUD5Ol`WMLx_(%+2-$?$`KQ~4}Kz6wM%i;<MuC9ob5(zTnC0YUkl
zhzSm8)c@XC0O#1zV~N#{U*weNI5I9!kqT*4*vD;vu}v3MUJ9)@?>_OLR(NZky^qMW
zcLOu^nsa43yPl{2iij>nq8PbH(NeQTCftzim`@Ne!b#x7f@=QbLB*!9oS7wyS)Aq{
zX+4nT&t|@Z?PT|G8Mw<%=jOZJ8>YV2ChR4?83v9XbdRhReywrl%Vz!`QFH8{LWvDQ
zH2MCfDIxTMTeD`|+E<>llr=!<Y+?InKD<FjY~ppTebJ>mJEPhctJzrKBB6se6qwV-
zIekRH3__w$<9Pu2K?SS=LUk-_lpdipCl%i}q>?0qC~1PqmvqjXLCCD_EnMJx_qy`!
zQ46i9q2Eg0*M+BnVyVR+WPHa@gXqd^`jI+y6opkv=&PL8){S{rFm03xZ|3$E;(rp!
zw{LMZE-X#7ehcpQsN$rzyTXob{ng4yqrP>y@SKj=4T)q6B(m2WI^@V+fd+GPp#}Bn
z*zCT|SUz_xCPF2b6WY*^0xg^Qa<frtlizftskwv60p$p>Z8r>C5;WTcH747hpB3-+
zH=>`s@68HLu;YDQ1E6AAuLR@sa1vH((N~_~&i&qs4_baqA&*gHpEXqygyzteV@GCO
zIiaSuWq*#1U!rB;$pgvVdtw0m$rkMw$^2UX^8w?2eQf6F?1vFjV`l>i22^tFxMsQQ
zRsY!&;1(^zU+wg|Rnoe!6fyoiNiS4>`RIWRLWVhic*=t1PDXgqEdJADxtYsh1m$)D
zRGl&(61%cv>>8ZBUnDM!ML~C4Gtfz)w`96g?0E%}R1&;h(G^cqCs5D$#Xg-YB*fl3
z*dp}Pesl9Ue&v;C{$2NH-Zt65lHEAbkeXAG>MxVA+JpgAj>jPaV-iMFe~zYp-Dp}U
zpjHpyfs8@4SKUh0;qY`S{+JAS2gsJ%bf3s!;Rhzr4xlBC{sw7oKZpPD7Q_ITmEY&R
zjXbp0$s6A_to!MA5GHd|LGH;jgmyiSy-l1f>O=MW@eL4Rc2Dd(B#qwZ47rZ`20YE*
zt`z%y#{ixtilrWZkn`9}ul)6>aR!WA<N<UH!T=QR*iAH5F?B=H1@U;xU*p?x&)+}y
zl!2=W@)fSuG5F=bgUnpD+SACg_sfNXH?H{HDRLXMh6k;KZmt-vL6xTevzELT4G>m|
zNu&W4IJ{DWi%BFz@freoeSPCc1AdM~P6p_akq63%Sg3ya=QI<tiCM|AL>ZE=6|F~^
zamkv>7%c)H{;Z3hjOQwjT-THB0|p+niTNL?4Y{QSNp0aDsSN=!RCX`}_WgY41y8oq
z%2wY+y)1A<U8-SY$bE1foo8lnMTan^hRl&$Y{DH6nT)-qnLCIU0=ZhnHAf|E>5%@9
zWK|*p+HB-F&GT8a`yI&jlxs)b$&d6x&}6-|>p#e3k1FyR^_~s~6jlD~!G#TP-cPE(
zS&C?a<cib!ZW+{lL?koKOfacU2*^P_9d114Q!f<jq+Q7u+%De49l_PiOV)G@P><SD
z82&+g+_S1-u^}wJVZYb07KsFTTv5K3TV$jev_%LlBP5T)3%IgOD*WT*l_I9cF|r!T
zVdLRuGWg_GA3TDy67aU_nYQHiwDgGfeFO-fg6$cnfRWIM|06QM-(>*I@+G4l1u^Jk
z<oC_+@~?rQU;TI_UAOOtm#?Kn0pU$zjAZWe(3y6scR=kQtMhKn3fs}M`EL7KrVPLG
zmg(RI15^D=^BCo{p?NvxP(;Y)A+5W0dC2I##6R{1uB%m<<UqnNh=2nX7s4U<!T6jd
z*D{DPm;nQL&I)GN!$bz)iuyNI3lw5@n0?D=QMO^l$nK?D!c_{>?@$Ib@k34F^?-VO
zK1~bX0x5cXNXf!=m~YPymFY)2LihSj^|3$?A`w6KaY;_g@{ojwuMjcs`b@LKFg*4S
zL@L{KTWMtr65##gU0{JpO861t-2vguW`%SRYY~rR1{<MJb~j{*Lq4Lq<g=be1yB_I
z%R-5$Nl}THJUF}(YPKp^u^kM|Ekd<qn`e(SLxx(b7L5IB_*EOZlUC*_Iw{RmY2<<4
zR7-+~CDTQMLO8&Tv^?TM$dVGxKfWUzVD@N7sZ3EQC#>59D5NXJOt!-imj*SGCcM3C
z4p|$jkKt7QpSSH8-b!U}Y{EISW~Cf~a<>^5xx@*5Lv!4wzn6jueCmz&p(L*3+W&sq
zkfB$A85?TD^<fT$yCbBNK_9*Zl}ga=Cl8et)Say-_z&kgMnraG)&gF%HKZe&r_B|h
zjzCY2Z-n9_rC6-F9*UTn({WOpo!cHu)}z>;jg14UOu#Su@fPlQ=7%;SEZky`THvqj
zRwcPlyoB%I+DkWQY5v;J(%W*yH_JkS&qH#y@O?J(NMeyIQ0A{c7R*d{jP)3*#o!#9
ziI#Zwr2h%&s#wSYHR+2RcX|jKP{^=$>$W4Brz+V#&Q_QjV~-{N<YfJD4_PMk*){`!
zdS$7a|Bn?&-^47BSIrj?4#fWy1?JK9OgTZ?tkp%R&OYrN*j5`2rx5tpEJaGkgWmzE
z;Xyv(*YwF)PZP(Q0+)UeK|309oeE#Hff2;(NCo4ZFV@lOU(MYcMTCZ@kCngU@^)yh
z&f6Rhvw|E0djtN<*r5q9SKY6kFvoHN75ZB0mEvGW!1IC?o$zgnYcnypL?XiTVkSQs
z4~w3hf5<%DbSjJQ$q@ka#7~F@tLS=0tmrd$(N{Awz=kx3E)LW8aB9Ke0RDS}?BVSM
zVsqDTHk%(1=HA34)=c%ks87+o*wXHlldsVY*%m=R{)A_`a6s7tf2RjEi+?YAR(3p-
zrO&t_OoyXlM_d^juv!NGVe&JDPBvr-lc@})MbiH-n$#v`d3+LR(Sq>RqQM%we7E3J
z&8vIJfy^-?2C47t7sbJ8g#Yd$Vug}HAd3JeBX6NYIUXoDf%}kYw<=Mr$58(334>Qf
z#>nI#9PMgJwWhjpJ$h<~u{t(75M(O7J~d=2g)Ifp{LfTwT7yg_={v<>8?ZJqO~%ea
zZERj{RXSc$({KzjNk#y0^KZ&<F(UtunYWC0iZ-k>!%oOEANvPEd^*ZOvDwXThSFdD
z;ibjPN6e{PH<MsJr{U9Z7Eg=yQRgsLWsdl`&#sx?&qcQbUm2e8SFuG5$@kHI{{KJH
z{BTw@tv`Yc^ubS!2CE|LE2P!l_CZ#S<RqPt04A7w<bVeJdwVFF1MA&ldC9hwJ8MSm
z9%RG!8N)IL<dpgQw03G0hkqIJoP&^v=%8q~KB2!9C;MLSnlhoa_bwR$Hm5@k$1(6J
z)?)Dk9Xn?|RYad52PNQ4eyke5=QEO8a3+UGC;DiZ=pUOXH}!!?SF9%;$WX|_u05`)
z;~fn)+4W2tRWRz-rB;D7__Zr|k{%xnIs8AeEP;ZIH0YZV`wXp$hd+PZ(fs|4^1M7M
zZ`shJ@N7X5fha7)gdp>lLr&6XlCAdpu2_SupTIJdH=&`eKCSo@oQV&N;Ct-glMug1
zP@UTi6O+?s;II5bP|?fUIkFqY4sYcI(o<s^l0|<Cpx!%X=nF>z=C|4{mwFr`hl)?J
zpGS{XDsw&O=Uddr6Pbc(1Z^-%QFf^cjzLu@k({bQub=;bAFa~?n=%wzUabv?TDVZt
z=FVc>pM<<W2&4NbYl}Fz`{=~IJCON*Sp$N$pV_j36lk;Uv835>Gaj1RaI2@rs=;||
z4>8EY(dU9)N&$TaYIKyDg^lk0<+MqDcd)bLHNN37(zHAQDCMe7|9br=AD2siy6~=F
z>J16eS@L&jaeixa(@%-x6Z_VH25--i<~c(f&Aqh!kjOZjLyl-om*el`nQS=vNI;9C
zO0c+UXv=~>0MLeydRSrDn>ax>V2vGCs{pUP4=IZcU_ucUjFc^2)%)+hE>SomstLi`
zx-VTQT9}4WDEgIO-feJ%R4hCba{Dg(-K&49qq%!act<SI;U_P$@(u9NQ?2u$Pq>7>
z4=c3Wx@3Zk2pAdPUzhmu)u+m0mA!)}&W~z9L-c0MVoKuY;6!N~`&>#U-Y-tgAEk|N
z$rnp!ffv6#nAuM}21xdVdIsvPj+T#=oo}gjA*T-{q_24%-cEzq(xQ<pT<gHb`=BkI
z{{R3E0ji$eH^f!)IH+iJbrI@ltxv5?J76djXjecj%%4cB?+#4<>ON%IKp!+@vsd9J
zYKI&=^3+fEE;8m|P_8F>#AX6RwaW*A&u-x27f2dIv18HkQAjCV>JOL`$9l)vrPPta
zQ}BB2%iQxN$E?A$myLk0PhE;<4vHO`edi9`4C&ah(;THY(ZX2zOOwOtzND7G*pWdy
zOwJ$5i<=C8z&lA}2=LG`K1na<^SWtylU6MkHf*1Qf$Mrqg=90~Po(|`aovA)Vn_-l
z6baVqN(_(8I|FoyerC-oVgOA>fr-%mcxD1-9laO*vF?Xh=;3aKhI%c^S?U9h^IQJ9
za}~`Bje0|U6>xmAJRV%-x>l1{;JR_5*Thtj?KYQ?06M8*gTJw&dv2v+VU<5-V|A{b
zKR7!iTEdXVi)6)n#M|A3-3AyCb1}9JCZMW8psv160Q>+<%Nbf}l<HIHd_p)v;m2IE
zb-&rX?(YaJjNON(F`Pb77WniS^X(Wq1bMlVpS(_80hsBfHp0%mxuB>*>}~_0)kX%+
zMKXzG0nrAAd<bm`_6Gp+2~Y#7wXlWJKXSi+))V6Sn%(Do`hl6ghjsYHH}azlAph^B
z9i=nB5ErTHr(8;BG3F$6Nsv%(kB@$lX<R5%O72C=d8Rg$E+KLxDXB3gOnL)WG@pSr
zE&ByFsyEud;HlSWmT~*2RLpigd*o1%K&;HtbNFT%81Sbc6j|d$S1kf7J%LhmQ=>WP
z=>|Fw09i-1j;&X$AKZ)L&ARq36Po!&F2ZGO3SAsW826U)p!`&UHiA(JPYA*_q;Ziy
zz{!n^bW$G;;J-Nl<?06%H0c}^O$8W?)-UQa$<p8`Sos|Ja}nu6!AW{5|9_pK1n)x!
zp?y+*>4XRaYN$vnpG?x644IT{NOEDZ2G5GswX?))=C3Q}pHj4vKaWKgyTcWxK9LA3
zz-}aAD7%l0oyTGl75Pkf!w8ny*r@x!2vF!37JibA%2BcfHuYH4B$riz>CA3|8%MF`
z-GG#*6Kwneq&$BB;D7)%+wsSi9zR2dRCo4+^k7MPufWaC^vJ3l)1`?|f?I%V=YRaf
z=^bAP@NGV2We}-Yp&(KV6Vilf;iq2h+xqzlDymFwJj3mMc-B^2U*|uGUIMqTJqG#&
zMt!_-8#!kCdAOo|9<DV}>f3dKg@+@jqjP$iHZO(R38!<+5XWl`_!ruvEwjcYB{sKP
z`5Mh`$g6&$KIJT^Am;ivj-WWZ|H7WOOZEcnD*29!M1n$RS6#~61xF9*O5hZRZE>?X
zVy|1jvZ+G#93n}tqxmMHD9!67Rbc=!|H<zZ;7<mS-W29i3V_6C`?pQ=9hbY1QP@uM
zP3$baj-NH)h(6v-4*>fHwwNB6L^rqyt<Y16qKINL(AoLmd#?tDb+dm`=IFwIR~Z(<
zb=_6<{W;As6pS2L(uNbg(eS1LW9TxxrgG)g;i<S(O+Q;=p;#ppgf0r}*~mW|UaFfJ
zNG*!7cpmnO!wo!4x9)Y!9N~m%SlZu85Z&U5w&x^T2|=*T3I~;dY2zEc&TeNwkm>S0
zhwYcGF%m}yWg$p@j1iNB0<8R<6Rn<cygf1yj{S~(tI#_GovGqXx?9|^|Ep7CQZ28X
z8k^Ru-Y^a`jG)N6Or6iJBuVLe2D|JsWhsw~Vm?RSx?yyV=<itxbSG*|$?RSJ4GH5(
z=y_wRKCkn!(WCbwBt4(C<W(o#YOg5LyvKqEISv=ArOu8;^&utb!W!_7wjv;|;3iCf
z#qtB#SD^63FGTs&;AZmS`jVY`)?xI07?UCNEl39J+)aZ|Ev>eKUI@+-_<sXEzTPoz
zzeI7ZE7GK|3Sjq=dJp8}GP8SWR*egn{a5#SrJOo`<%xD2*j(({*vCz=DR(ooiWUBN
zzxn__tXm)dE0^%<LQzs#3FrcS;HwMfyyf(5Zd^34<ERx2L6kL5ps~p2D8L!^j)!{d
zw71-lApe6aI{j9vOItBY3HUsyk0v5F4o8ez9cl)7wZDlgUG|u2I6#pox9<<w=5v?2
zoF&IRXGLV)zoJccP&r~F9!|-Pz+m2jy6>4J9z)ya<M@3<0RB_oM&-`y_%i%*R*gAH
z=8nS4=8+Y)g#4pTyOgqa97pvxsTC8VzHOa6o62O*ZLr?Lwc8^izm>U28FD`2LKPT&
z@7O!((^eh?*%byZneT0}<pw<2P!stcgIi=Z7l{}ju_|pOOL0^vxE_<0(2|O{i5lgR
z$6_Td972HT!@|UQ2hIB?WR_5KMg>m>=2Ti}8u!ORI#h&Sw(d(r3gpL<tNOFjS@Q1T
zfH|UE@jqZ&%~MKg&3Mb)AJYkY7tK<@j7ISjgDLrKG`T`*bp%EG?UowX-!stdUHSQC
zxDqH`<Q?3Kdwfu;uF`>h?m{>t4*H;kAw+>snS3{sKjwtL<^m&<yCK(8T0sODCeSuW
zA&x-LBZV)JBi!D_qJQ0!qT{i~{qa4(uEOl3y6vEX_^v8LGf5V1S^dt6(MNM_9jQ;^
zOyRSu%u#{*g8?&ne7k0?c2hzWO<Hz15=@M+z<SPb<vMn=;kTJp-XFO#YdY(yStX}3
zdpq{2qKo@J%r-x9T+}bN>Y0|O8-OaaY*Y)^;e#dgg0~tTzwCx%ZyC)G)+FD;r0A|-
zO9_XT2E8LFPPVlF0J69*;gIzXKWDYT`siL*>9x>9;daPjcVc{;w^n2&Ljm=1{~qUy
zOZm<CpUDP!<`Ak&)xh_XW^d&TUV5b$=aRdJOH3iJ-ZV`pY<|{`<-SdMCvNJ1$yJa$
zmH?#AS`Mz~s*F~?1;jT;;vzl{UHM$*=1R_}HJ`B@Suycgcmf8u73_#J<Mbr?*?x)O
z0z7Rv5S|$*1J4ONOw}(CJzkAMbv;WwQTa17Ab7HoI>Q0Kh;yORh@wEzTCf9}$f=Ck
zr^uw*Xtb#&dA0m&bSxdnA3J#Zn#|D+`Zj|<z>~U*1(n`YjVW_s?^Sminu$cJlm%y%
zHH8k#Z%hchn>LZ-N$dC-f={$r7Vxru-Z`6A!6X#^bFM>3EUX1n&CH_cfGjRI+_K;g
z0C*FlAGR(HTGod5KLgEiKb&7hgnqj<MnP(tJS7h<I{3Sbkk5!t^pFJQs&;IWi&B{j
zNSlrCjw@z|=$l0}MGTr{@rd4r99~}3m*~s<(&$7Hzth61{R~BMNJM3AgP|>qJDMuU
z?s?ZacHr&!b2j<$_L+IDHA*j#@!qi={`C&j&>J3cV}RX?)1G+y>qjr_G|Ol(UhI2t
zbPR`6R<W<*4GDTVA3los?jyg%rL{zZ`erxF`=R_;47#|l=c1D2HSR43RZ$Rv_fJTx
zxvyHj5u<YHa2+&_?+_8VHb}ptCRe_J`{~5lMZ68^<AwbPL|~kf3D;T*6xU7=_OF$j
z`7=P#%Vx*GSswL?x88c4E~~@SEdKRD)hZ-w!v#Z(%Dgkw=nBt($uc=ZRTIRIL`%0j
zFFg{HWpv5eMEDVkyr&n(`dM$~%|-rl+p`w9RtWn6QhRMCWZAPs7;Cm1fUt=rtW(Ne
z{rDHz;E9>Z;u5<F2QWL-wXf{0`2+<G?E%F|cU-7dsZtzI7Xu7W@>%}v)-2EA9{8j-
z{9kWD`G+tR&6yFvtUzz02C#>%2vK`pgaj_4m9I!JyW!LbmYF#IhkJM<^?Vir6Z-ua
ziFJI=tru9Ubb$J~5Qyu)99^D=*zF+!A5`s-vmu!BkXae;-TwSjzxOJ65Y3NJ{CwvH
zl!7Ar!FC1IBsWB;4Z9L|U+U;dfIc*8omtQhIHt?wzTe3N>Jy@l!nz$qyDt6Z`KHw)
z7e8NLT>0!y*+BECwz4KWmb*d2&&?ltDQkb&sIi=hAOJoha8%5P%*m+jB)jcOMWxLz
z-&1Ajw($CH8=;ry#P2aI4g7GmaLsJtUf2hS&8#ASkt^7R()-dwd`={0J`%4PJ4u5E
z%FExXJu+$XSqQSCb@ow4${9OGktDP^)c(>5dVE~~s1#&hVrP#x9f)6K)sv`=8pAt~
z?GhP432vc%CY4~vw7mP5w@4i9$90cWD8_f64NBRQZG5OUXGbauZg<N#l5OI_>Ti>~
z(s*){8td4@ls>?AIY&x%V*zI)(g?adZC3PS?PUA89XWRr$m;xl7eAp2o;p^yzZnxQ
zu;Y2TOj<HMN$vBiJuT#S2uWONbF50WUpe*DZsvyl9R0E37d0orubTO(vK?##)w5pb
zl<(#8*-1Y+0;krZb=lb?+e)mgRM>fWi~zer=Y<W05TJa5RyOMBRUi^5p&&*Nt)&|w
zV+Ru|X*;zc<O$Ced;zU<AUJ&mQ~;Wf=iT2O``mj9Yzie3IUjT+;VnE%Ud_S72xz=G
z-{*CSD3Wa9MW!}ff==}gNZA)TFqymxZ3i`V;llg0v*aEtH{vfRwThy5>iMMwl%U8-
z2LoTYtpaSi4j%qBnRRd?o~GBzx=;WCR{Vb8=beO*)$F#xuBQqh%ZE-wQeoWe^O3(G
z@sF!z>$1jB8g^%zr&LeyXPG1%B@&%WP#C2y2p8gAGjl>j0NOn=PVJH~1R60rY7Q1V
z>efFfnlMD`36=CY4#Tj>Q4N+XoslqV?Ie(KZ4|>F)!SqKeRnXl(!Yu3kY8}vQC|}B
z!9czV7{#(d<iJMNNpmFzwIVF;-0OuS^HnW%g}Y;8JEP|`%`#E)kAMqjZ5)%UV~X#y
zEVH(+N?1Gb@?js7f^SBQm3eZiFN`7Hf9q4QQN@|OT{TY1TQ<0DnU6*O1pM+dyy<-o
z{Ff&_LbFV@h)d7;lmkCTW|@U~by@e%a&wpDo=UNr7vrCIKWEC>*Ud(Uwjm-HXz&zO
zE+fp+@%PeN*)Fn>JNN2m0lr39gu{q=c?r2`cnO94gNlW~BzNBxf)64CS}%K6O`Xx4
z`;!<xttVd45TbGO@d5wC++FW25Od*BK+MJDjw;s3I(lqgXL7fcfKfVAPNZ1&1HEd2
zHdv6KG3Zjps~1L9wpA~&I<1fxQ~7AiK{;s+-C-TCP~w1dcNQnO+IW;n04sHDV|Q25
z%X(z26J^;3i=Z|YvGwE3z(^3hFl}Qg>Uks(SW><&lc9Fx+XnkitYKgD*OVQsU^m(G
zA;TX48-7Uv-VO7!GbSoP+_*b~IVj;OCfMm=^+TP<ST~vPzn5DSW5>e3rceSeKO4Lj
zG}tY3oIu8`ePh1Zd;c?5kj!B@gW(kp<Kr81ySFk6EKfoHnapUnB4Zyi@P0r=Co?=H
zH>T3WTFuPUQqAUFLWT*;v7@e2_^FDd+}VYqeVb@#w}ZVasGbW+HS+8;sM0`NTp#I-
zam{6#fshP0Px)}MZUp%n!?jHs$@vOOY&JJltCA-wbQ?y;_^u<>=sPhTVfOl!Cxp9<
zrs>ZaR=idAbyMrB{sSZRz+tjpxTrGei}RJMp6RYxquOiSQ0_COIx8gvWhk~EOA{V7
z*SEp(i-<ue%Xb%mWwktVuHmQMdxFIoOkj6pRDf|ik}ROHpFPtnT@|07my@j96r-@g
z1cRLK4@yqXNp^J&D!`HO5e+4s1mJR&&FDw{JRJ$K5lw-%2;{(zmlyi`3j5H&PUKe9
z1f$%5nj_Q7r%fUcuh6MmZ2hfrMAsh2mR_O=%XSZ9dG~Tkow>3iblG)aIi%hLt91IR
zXXs12l;f-Qw{eNqhAb#%;*v=x(L%Ry3{vfqS(*}B8FJmliwA)<BM7C%rnCO&<-UvS
z>0KbbE}T2>Fbf)&*UHmQNC{`0Lue$Cx|e*gUnSwpO%IOV4XNOKNwaTmF*=&qcIUQF
zWJ3`xIbRex&-*Cy?tf77LRuGPfI~Wt-BIhbIb(249~I@8f(fx#;N`c$+%-<nu)mtU
zTZ<!(_L4vg57KPzVxY^x`!lcR%Ds!9>iR46orXD1cp;eRXLFZ>hZlqMYl%H9hyEK6
z@;nro-tO`bUW*zdCucyCCVO<fl<bI3l#9<G$@;eO9Ih6w_q_3TSF1X--23M35$^Lv
zPBUdb^P(=Tw8}GIFV+L)0npEnVegUD)8uMw$Sg3sAymrz2z*FxQ(p0v8750{h1#cr
zuw+X@Hni?$GdRm5US@>!9O^c2XIXlN_sP4C>%O?^WcfC(fVHCm4#ZSDVyXmZaruJX
zsL`HQ;m_lHyHv$`PIsC<$eg~CGZ}xa{<yMYsGf)g=5DwtWS}7OahkVI83FR)E7@Dr
zH?odb(lsYGcwn8M2lgAoQP)YR{*+}{u~>ts3OOGo70-K0s_uW#LJ<}6E$)xFb>uOw
zbcbY?kt0O=l>X=;;^|_c9U_h);l=s?K0b!?W~QWiBqO5(oq>WBzIHrH+ALhM?I@T3
z%-e-GY^%rN8OzG<>)Vc=H`0$np7JOJE;z6?&dE%T#8x(#HU)o$y6`yeadEqGZI4r}
z<529`Ihn#8kW<{}lkU`EB(_p{6k%2HlT5BZQrXl9*RVrS->GKt`kDXLfUJa0&_Ac^
zHA=70aZ``5R&++o*2(kMloNb;e3y3r`P<P?qtQ~kCw<DY%G!@Mt&W{Sxp|51KyEWs
znDmyTa=r1m*vQMp^usTU>9FyC(1?gwmMdmNAs1*+RdVgrhV%o6PZ5X!mv+7FI+ni<
zkjqkZY^1-G9pc<bu^zg;aw{L(hcKHO8x6V?v55?YxOlKuA1*cVGwHysn`-Y}`o`AV
z2;w?Bs97V!<50wJMs(zp>Y8*SvJ+@&N~vH3z!~FV1y3fS&`JsI^9%PtA-Z&X?YqxD
z;20Mgx71r#Cbe6LSv{M=K_3Wxysdne-T52MTOK(W9VFqhn%B%dH_T-oS151z!7D~;
zALDPo&OB$Z@JyZJ=73zhSpN4C18#ORT6_|gR^9@okv+!mGT8(@d{Y^EsG?nHCLTcD
zYb_lXK!1n%yXl+yfW81Fa;m^PV^*uMik?cKW5L^^9C^;5qDtR1(j!5+rpBCJX0K@t
zYm^JdU1}|w$2XT*5o)nfrN51Fsyp|7`$Zb#6S~OQkr(oU=5Z<WTt47hwc=5+pUYdY
z>5f$w$(Fb8ncJj7m4>eY*rOd5jJ&u11=PyBPTt|tDYal|d%7_a2e+4>&Co03c7HV@
z#W^*icZl?KiHXY#fbj1LwP3Zk!zuMwcu0d%hujd-+|NhFMPFOcix9e-Ik>bBRh*Uz
zn?!4YR|#zxSxw2_8W(q^_z4jSycJb&6)1YUm4+Ml{^h{=kmV;Zlu|*)Cy6xmPvt|e
zva!=KlJ6`})1c?4?i?oWh9V^f&rExi<r~LNh%nV0W}-aO9NXPisJPC$xiq;Q)n-Sh
zY6$ec^YqvJ<bUUflDn^gA!DzUf88;<mVEQ37WiR)?{)idu!&_!G;iT+U{xQ?UeU%?
zzrZJbz0X-d0kZ0=)6I;nd<f^*3HV$VBHiA(bcSsnP%tGrm3(-u#pvU9s7nW-7=u9@
z-g{X=*cUr(%G{1k*BF?IznU0n%j`w{O4h{&(!_0<(CCD1ZwuJ5dpRT4+sxzgGTj+;
z<80m>Jnc+OU@=OJ`*R(4Aei!CEnWwZ#`3l#t+s`TFlvQ_Gn6c7S4YKMomfRUKg#~l
zdBG0l$GpO&NQ(CAjbMlZyK+kKx553JO)Qx!cDk3h*H<<%{)>v!cSjxh!zWFvgtHz-
zo-jr%)sP+0K!1M{Z>}q?QrN_A4;(z(OIw^Q#10sFSPmFF|DYIKoT~`HPpi><)Z`I3
zh&c&;#P?c<H)eQ|F$f#}V#J_ff7R~O0zz{nP^tw9q;|V#_SQqZY=`?k)J}E39v?_>
zqDR`66e~%zzZUbe3!Xc1%o)`BjctDa057)ZbVKYJ{thA%R96B;B!I$9lfR;A;Em!!
zKWjze6aNLUCMW`<q25%T(-~&Jw>M-(MOSZSje0W8bvyDv9E?^*PZbh|)ZErY@L59x
zjP#v4t98PQ&BkcUizXG53-$5!h#ZZ&ChutEGBth_`GHEg=NAN$g|$~LP2NIatso!4
z1}=qnJG2I`?<2zGdWiR~hvs>$`2sfAslzp##TR>EqeTbNBG!p=lKUas^)+o9kV^_P
zd$E!tGdl)jYX~r<Jp@3@{ez+<#!v`acV>-HxswrgeT#7IXIro=IP+ndFe&%6LJss|
zMW$zTqU$P|rHvIaV#cFslVU|S-?M_H?Dr4SFU-4TO1y&H+7AgQ4cdfjo?H*)-d2VN
zy3NPtGL^VU>j+Wd{s1RyLdsK`xYI#=a{9S!o3o}!#W}!V|0Ly#5G;G&C4=WRt$0D2
z(07#uc+C=^Qj)cN2+oW=Vp$EIW5=x6N)dP$2=f}baE)f52M;GQgJD-V1jmV%YlM-L
zVuZ2v4~hoIX^i_(Snb#7fpIS%@H?y)^|la`1cZTD;=!Km&AdSf&0_vEcpAE%Ozbo*
z@*TQeVKn8Ul15xVS$z%|QTVuA755(YGH*f>i|YydFznYKM;G5jYqGxOBp%_xHA~1l
zrUukS%Bunkbn9PrsV0f2NyZ3aOC_$u#}bczt!1$E=jHM)m+Zm7C{C8H14%ur#x0EL
zOGY!!@x6uVdD>ZKv-L*53kkENb9B_L&s}F;Ivk5mBga_fJEWJ)A=%8>XB_t@@_6FE
z`qt8n&6;<rC?&R)nvkzFe>rz&rZ`EOq~jl3s%g{E^(chGm!uh|uY!F-(wA)z%3ff8
z8vQIk&@;rM2antc^Ih3i7npj&*=2P}AoM}}k%XPKC_6h0W6K)Ec54vZ|Db4zVM*K>
z1bfQ8K{33eBbLa~-vAa(XU^Z9T(`mp1;}&5f@Ki&WSr<YWQwHLWqTr-K81;DbK?&U
z<)XP!3bKJ6B<ljiuEPx3!(A&@BD9)cfb`tls$(>s<_6U@Kp4NR{3+AB-Ua+%FlfbU
zh&i|r_y(6yI0QXfpBtrSH-l2_RNV)A)JB0xWvD??NE8}Z&&&_c;Gzj|bXS-_n-hDO
zVrXr(`^!S9rOjnVPd31bc51CC50jo7fd1l=B(`%`DOvRED5c(abE=h=1u9i?*ZD|!
znZltX4zyeYAV@R}Ft+~S7-&Zv;<=XMg#Dvi!qh!_<J!p&veYe%^(DHPb@2?@SGV|T
zI-4p%vY(alLt72J<=ql*@rQ?}K1jyC>=2=^j>~=K-s;|0l5jVhq6-~k)3pbhq+pe)
zW*By{b<8(f=N6laWJ;tta?#cn1wrpNB7NE&1=dBjFk)r7fG)HY1k{a=+~@gDO}k&*
zv8I<7lQo~dNdu0km+9G*_`B2{;TI~AsZH-H0%~X7#T@C!_Ro|#2~R9U)>o1i8>u*!
zmGyrXd@I=JsW6bZpTC`odnQg^b2z9CKtc3<kl>Xd=%l$<*QA%?XGSNCT!^M7kw|h?
z2a@w?g4{1ns%}^H-zd3@df{kO5v{8>u~R^eYgfy~$AlEd(?vSH2{tb3h)X@Jf0saf
zz@S>jEm02(v;>DzF`-2FMS7$!uwu!@j+@Kfn?g31q)%;cwB8)HN5q?QZzO6p*pkx1
zIZvx(%xfXGUYsV`FTSL}3-<ulJhz(go_G^=E}AZzU0C$f)K*4DueB5Pb!KC3QVZlr
z)*cEhfXP-PZnB43Xj41&kyJp|x(`)mwjuh~1J#uF0~K2C9~3Ro5S_Q+tY5pAa3z;z
zf{ry6DyX5vKH3QHWA$Ysku2YL$Q10B<V_WuWC^nBG(&WKAm#UvdKdOyG}9wgPYaN_
z;4+GH=mn6*4%jyfzOGjZ$JU93a_KJ@X!aFoK37&gmoS`Q#LQ2OImfn)IJdjDh_X~$
zA>1!Y(5R!?KV9l^;dwZ@o?O3*+kdsVPw?~!_YNx!*13<DNl8c%Z5J~ZC;2%nj%ewq
z4-tef2|Yjq9DTeg^ngZUMv4sU)#b%TqOlA@WafzpvosI-8YVx5Isu6%!(7vPD>6W5
z5-#4#nAYQAP`g-{HhRxWGrld-Qpdf*)XgTWWF06A$5bL=jfv!wK{_Qp#;aB|*yK1+
zS1#2kXszR&-m`txwNC+kvOohEW?!Ee<Gy#5MG;T|hKA!mb$-wNHqHDnc_B7#VH9A{
zdQ_>GAxd<&qRKygabGC{rG<sI8AX(Aw|C-Vc+12nI@?2$#v-oJqo$O!1qqzwy+)1;
zjUB=x>WN0~>DR_1sxnqx{K3W(_Q@DWJ|(D;f8WC6$G6owZETnEZHCLBj015NNmxF<
zB8U`h;6L05Gp0B<ck6|;eKj=>uJ>TKQwq+?NXO%7=RR0&-rc0OzMZkTx$~N18lHUG
z5_TM!BszXaxV*fT_TaQ#Q}q&SUf~*fTz;ER+I%LUJEE@l2EgQ8vb9An!*t>7R)fRQ
z=ieWR_ECFos0b^;KN}jP>~tK_L3Gp`2RhB;3;6@AE=C5<{1;&Mk=LZ%K##^hr@Zgs
z+`(P{R9{`{o@r_A_`Oxzl&@$Vwe18;QK10Wzy)<|yFrCkrzgy6UM9?nGg&T)v<#L4
zt-hsJbpLA7eAO9n^AR;FL9+0Y)s#K@3KRaX-ZU7%i_0193gV8z+5!iP@aB3UNmUy^
z8^>A9)cDDwIAkpxMZF#gRNmM$_Bl1>Ne9c1>$HXq&da&|$Wiz4Xgm(8SK`^#-?KGX
zu)*ojrR&O_S>|IaWO|AIMO`GP3Nhz<rm^aI0CVwaf|&_uKUab*@mO`q?^Yjt*f6p|
z3u<@4@$l3~P`SY)t_d8Uj)!C3+Owzah4i^BodsSr8^u}8xKeHpaig>3QlRCfP@wJn
zgJN)_pUbrvpTqC>7BJ#?Wb~Mnmym~~hdS>MC>uMF;edvffBjJcnWj?29%bD@7?~c>
z4g655Ec7~+E^)^}X0m*1yD=TSlI}r~`oko{7<pJ`21xW$`^Bc}$gJkBjRK>e$pP5_
zb8^FEC=5ZwzjHGM5eaV>WA@3reOR;BdVGb5eD2;#9fcq(-7~bDx2sGv$rZtbubEWf
zeKTqQKPa^eLTW2XxPrl;yZ)BYVLA)(m>xEhADWp#6GOsk5bgw{Pze+hRZB8{iSps$
z9uT{i<}Mz<?WQF6G&L!Vs9`PwtFpPDt=m!pL!vv6W}4OFT%xCSUk0iZE4Vu%ZUSM9
zZUpvW;A^Ys##hc4wUmibcc=nB%`>t&0gn}8O?~`G=o!2>FV-EBofx1m_8$<#_R7-r
z>xpgQzFTjc{F~BXJ}M-G3;DQ+4<}G}xwSSJJQ4=56aViv>NRQlY+B*k8{Y@fy?o^*
zgy@g5@l^yTO1!A+mf$yG(a>rnvFa~7TSo9{8)wvW@FMDP^A%D$O&YRQI13ZvB`SDZ
z0<+xTo>5W)-WC2DFZiODMZI35`p{D28QjpwIT)a-A)g^F9w-1Do+Q)M4F|Z{M{?ae
z-p+-8pSA6HNfFeQ@v)<28`P^&N8)rn&0N<b&y{N&0L&5RiT?pRYCdvGXXn#QzG$I{
zI-?>-WO(hTe3t&nA6G~0Hgd^ENV9Du|6S<QW92iJIpwVZ6C5~ql4yN3%dnY!))~jG
zR4!s)25&Uesn$_4gLDd9cSRT<3fHmfC>~rAIa_2w(<`cEPTe!)S#uo2$GS?Q3WY(;
zmD%x_<+PV#FjCO_B;pcKR0S%HSe7_%mUe4*Q$&lGSnn_l=C;@B5ovWgI6f2`{(~fq
zgqmH(wC~p2&=T4e0f3V?Gsb5Ca88sL`UmW^c*<?AS3B{O&>!q7Z?ZBY^Yu6Uuv9?X
zZTfy|Ps6zo80)-B@bAt6_9fhB022Hu7%ZmNgD*fCxO;2eP;}Jn1Tv`D-4S(Tr{(<L
zo94}58^f-d%IslP8ByrfznA*6I0nKN;&;X{xgv!>v3l>GO<~U-Y0`OB%5Z4=CC`vi
zxmj$+sXNiV*H2S^>)_5ty^o#<qYj>9LDm?s4EzHCT0|H|jTiliu<%{*18^Cdn4Hl$
zK)e2+)w<{pai+xS7!js~UnKrr_zy>*{}WDlHTppIg$RYZcN3>;R|k#yQPmomVaD;`
z=U1+ql4OkF17r-IBj23bl`*qjM3b78HKHYHp1H+2oz;<F*GkpV@6*lnK3m+qV-#T>
zMz$c|+aF%;zWI{LZsfkyqs$GIvvE6j)UVlWS`L`Tq)ryBde7|E@Y%NVD2f%{%<&7e
z(u{B-_!z_SvC%y|a>q{_pC{!@dH%^))vyh{Z!xiF;_56pTUoZtHQ@P>DGhu2hHD6T
zOq!R}sgKvDwv$eGc%MvM>I^(71E~dkz8jlqOFyez3h`tN5gWMRN`Vpr>UDccg`(J&
zM3443f=dp-g@#gdlh~MJAft=)pjC+5eozUo(7KZLW!U{|grTO1lZXtHhe|=qQe2ku
zOLA-2^_Q*7W!(|(5}^=>Q^UFc)0wQdebssd*BCm=@wz7O`^>K0QB<eVI#>8Mf7-Ie
zD#rUP>Lc+m6<|wa^ED^?`XXx#^S-ma6x5(l%H4)K>*SG+5!Phd$GdOp?<H~`5#9-T
zqUk5;EQR`1Fs!{h1~c)hZWqn!LBI08s%6i3_&uA{ag$EaWNJg$HhxbgFoeM+p3Rb)
z5HHmw&0K+yb!FUc!IPCVdej)svQzp0_k5r=YHH9@;6s?8ArnL5d|W7%%jH$A+jyhn
zQJ0q%`9Q@dD3ckcQ8l-E1EOt+=e`r$_dwK#1t#q=`r)u7OnGOY2d=j2xyt+R-=2J*
zbmY6_K*dKt@SagWxp(}!te>w8uV1(SRpf=lGF$s|_I|@-BScb(^xiRVy7@Tq4Z{OC
za;#E@Ay{z?sNlm^Q(e8#p?u!QAthD6VnnQARj3$*=`Bpd2he%PGA+d$RIxL9yN4M{
z)F^o4bx2H)*n;2Sio3YCjdo~BFmpEyuYNO%%VF$s+K2AuB8F@VLz+TJ`=8G?HF7Rq
zBg?uDN_Cz(`Kt3|b;}ccRSE<dM1$T%MNmOKKZ7|``%=cXdERf!nn&%Jj~D(}1RPmY
zT~!-`5cBH$5n?}K0+v?EOe%a$*T3R~wZIO&zrKDvu9!;f<ZU#qv5-eG=}>Q;<Lt1b
zcbzjNYudez%slV0ZS@uF9yXiQLCV3^QkrZ_DTT(y{CZBQYD6YvO9~_x-@-=xKqpk}
zg57E`7`2LGq0lSp)5;D58r1)<E*d#|2kw2!=deEWG9rVXm=oL%d*@%Kzv;Sgx=Ls_
z9#AvX)lAT;#hr;Onfa?j7R{&ZBw@9DzuElGuEXZ_wKSUNOhIkubze*Lg=b^!>;C@{
zb=6T>Jx?D5q(P;-q>=8FMid0;E&=K8xO8`SN<B14cO%{1-QD><>igsS2WRg&&vJI}
z-kHzLd}ekxN%srR#FZ-z39v)$2LbPK$<|3elV4h7kJ^VXPQg5FywXYK#XMci$`+I{
zU`Lsl1*b4fz$w{6mC%raF>p?TGf2&AfXGpH$a~!}Q0ugW%P#gdrmp+{?Ki18Ly&q@
z9YrxgIBDk!wd@8GL^3{a2q`zuApYlG<70J<G<Ck>sWnZzTp;y)cuG+|oOZWVV$^=D
zNR>elA-*K?cQI&!XGuM^UPJ9#p>7$3d_+h90TlP?g7`Ms1+<nHD74Hrc|{C=gV1M}
zkl9@X6<SEuD{oxn`zd81RUw|6qJVyrA3*Mw+1^xrajtM$aT>PSC1iFEH|UT9RPk;h
zr}1s9RQt3P5Ea-M*;LZ?b4rh~M#$iEw2C#Gt!|32%9*tD+XDX8v2AH)7^YX~uo+{O
zB<^+Ps8ZCVz1gA4DRrU|w>r%Op?K59I(lz}1+D%+j3wT>^qL_Tv>KZ`B^E<Ud)GO%
z(*3(F?~5-STGQ5d>tZPJOI`RLyS*Po($hz5vcUVULWA6_((a_icUKBKYh*AFNEKYH
zz8rud&JpBQk{yXhZVWeHC=XqS?Ixtc>q_c`SyV5nE-9nh#T&2f@{#$7mTNmF)YZ?T
zo7G%?-!`pfRTa%FGs#s_<JC04XN)dyaLX9pYs|Z6Ye|UG>3BGg9-_GDO*R%vKY5)7
zE(7u(-E4pBeB_0dIYvs>r9j9Je-FjB>f-qUELB~)AN9&P!(VN6dt&K(qEf|i8Dx2I
z)BlgC(al{BPK<}1_+-+fN5SMMIl$|!ND0fqbiUXl;9S{4#y0!O+Yhbo)TkLLk}ph9
zs$E-jW*|kgEtv^AahhhP3L`wS7jS;q8i-_LTS&Xy1F3km0~$?JF5ApVylVTC=CGUN
znPQ%?=f$~NiX$;=UnemujA|q86ee|K8zK>>&x+^d)q*shAcECCceia<=lHl&2j%{F
zmKzjIrbiz^`vfyma<r`&bM}14wt|W;F)jS9Sz^-plkY~gA9LdZha#vU8>ku_+aLgG
zwXbe`TdjJawS}Kmu~uyvvrTrLc(VAFcyQJY;-dNreLvY6D2M}duV!Q{Bi8l=77G1W
z2NttRufO1(i^!A}S>j`2`W|x4B1N#<fIGOW|1a2w+04L-VSvAio(hB24;nbCCrW@i
z!TIuBFl{bW7N`rb`0H>hWojKrwj6A!_G#JO(CFVVOi$Slax`6}+`-l&pGi*~>8i1>
z$~i5+!OY3=yx**}gV8zN!+mO*c<ymf+JkbslyPq`HgF&O`GzY;J|MwE+!qjfV?~P?
zReiikq(#lz^?+eas*E_NQ5eNi8o7DZX?z4$a7Mqi$6|n$EhN(spiFGX_Pnl{_yCm^
zA}Gt>9iP@=O=XX<$pX<gpo7$PZ}k!)cDHL{H@si^s>(yy9ndDX6=zuXw6XHEaCXru
zhJ9E(GDx@xK6*Ma)VbyaL2+~K-hL7tTJh+~w8&ZXx&1?SxfQAY2YXP^={l%TCtF$=
z=qIpXL6E1HvpJT+_Yxl&q^XaTnQ>I;hkHa)k?MEnL5kh_>4I0V@TGifzJAwlREl(R
z0AnW3&`F%eMQ+jC3BgUA|EZj>s~`|I8yrF|a0SAq>c}MsqoImL>CBhw=;FLF9-y@j
zw=$$ifVwQrc!*6Usbph4h4^O}0B|&~L%-)+_nCq)Vk*p^OZOy((LrnrlB*WkhElv%
zE*ko^Yr@hGm$&u<Bq4YDNoICBIf{|{BdX<y%*JF#^Bpw64+m%x-hyr(ixBqM4+<Y|
zyGn@hCr#^b^6W1zsKYfMmV=Q8#6;a(W#+5CEqWh)A6+m>eqX*d*)+$$0hr14#iQn0
zze_8fGI3(+HMr@f<unu`eSc~nF4|jw0|S03vJEaA81PH^h_E31F?!XG^iT-W($Hje
zX&QZu1%0k{PLOX>xP-EBU}|4ts0b?tAx-9Nk6-q@LhrouM0!~&kam=ySXzltqVwW_
z`1a|o*4#j5z<Id1<(Kf<Mof(NMUGv7^|j?%)|Pw3;?Mi+0^yasv;C9rqOmOaB5VOV
zGCyRbC*`ftkWALojR=;$pbd^1Su;6-@zPcZ4N=v|_)o+A8$C6k(+jgj-(!sFD>{Au
zLt?-DDAP2e=T8=KO4joKUw7jeztP`E<e0z=mK0q^5kaW*#LD$~&9Oy@;7&;Y(wIet
zL#GZB=Z0JImcB6q$UjB>_ifOS^l;{>GI_Or(>KF18a_F;b=jR}su|;PVTYV>Z$URI
zlM4quIJ_m>W1<m)TV8QePd=P6@#AehTB#7|Vjbc4KgfmOV}mJ?*|Q2HOU|v?<`f{W
zwjYPq^{t=uDkQRD2sAs&ZuSd-`|g6+?LI4lU;ohYJ@M<W33(}20$@e~4dPv2XXc62
zxb*DGs@bs2ezxP2aFw4U`7>y!%TKAWVk)5UGG9|<)HM2dLK0N4wM2N?#O@D$S1ina
zeHlD6>1}oS8jon%N3;79h{8intw@T$>P}*4$N`^8<br2&$ePDdzDo|<=zQ8;B6WJA
z3dMcMx(9Jd@TG~p(WuG8M;*5A01CI1Nn3MIw)EZNX$>VM*^DEzmzyH9SLnY-srO{R
z@)@Df!=2Lj^b)tb2f`g=gkviP)a&cmOp!7inP1WTjbi~>h(mHR@JA2>e+1Nw_^)D|
z>+a^i+XU*n!50$TJ<E-E>_dL*YcM0M%TSFKtxTYq5l$55W$fud8zW-(QbHoGdP2dR
z*pLy=EZdY<9%R!z5WjRN+bZjMPqxfKpN?;-HB-KQD25aBu26D^2d-eFq0nIe3mM~J
zg$y5sdYy`qacyzNR%2tzL!}I!EeIX<gm4mNWor_A!w=%B;%U&DOtfAjio4#UmjFl?
za+(H8DpiUX1WOw~82Lfu($Dmk;yLgjiIp)GC5mr9((F5IuvxYSa?U|b{Bs4QBp|k0
z9bcuR#cBd(hIkh=`AybC?(4{5)0wq$mP+PQw&PNq+Zn{O>-q{uEuAGnetY-Xc@f4*
z6vD4dQK6HL>X0jWq-f6TlPQJ9S-RBs^JhgwjX+wr$lVUVf+o?66nKpGOkZ8CWe8V4
z=qdhA$nL*Dq}z>g&eB8N{B4BJ4y1|cq{~IMu$Ut7I_COHeOGnN)Wa%AD_`()($u`6
ztMDD>J?d1qGYcJ@C<`@I{V#cNa>4xJAlN`v25dLd`VCe8iJsgm)J6Ra6{`LSmW5`E
zY>{Xe_aCv2s#n{vdvnTOFbj|a78{b*O$-}JQA!W82gCrS;Az7fRm}yofj5OE@p>?w
ziJJKx%ymVI&r^?Dv~?RXkY5Rk*aZ(p(2&0xW-P6hkFauOwsoW79#p==HRb*LXiA!?
zqvDf@hG9*yamP%2>)Am{sm4t5yrW-9YR#u7doWeT#JUQPod1s;%`Au?(bi(k^aQUs
zz^cKYx%zL(-zDXKhsU>n*16Wiz?Iv_*<C8*t~Up5?BB>hb;#Jlu*~J4*2K{!tR{G4
zUh-J1qtTsfGf44o8<Q#JEMI&PFCImK;hDhLf0nl)LFPBzG(|j8<KXuRs$RS+S=1U2
zRJ7jA9Ye64B$j}TFj<l+-tskWV?w|K%r-NRJm+ghH_Q8+a&#Hc^^pX;2bu%6pX8IC
z6ow~j15c5Mk;|CspV8>uj^4-HS3!ON#M%mBpXRY(o~ccGys^N(%?URpjt8!*H7>ss
zmcaAX<}o+5+pk!gDten{#Sn$!&&M6Z_Q)9ulKFkeKL{FU`MnNZNrI|B`p;!D_b{zZ
zv2Nsq2(f-k7B_ovQnhm9IlL7<HlGizrq%d(Wvq34dnehH#U7q%-d{_-aS-|ha7---
zBs^^zR_Vnr<hHQ2Ns${V=$2tC{8T>9X)Jg5H@0qg6stn5^_v8_MtUhRw{x-dG*vqv
z%MU)*Bh-LoAbvJgKaUVL02+(bfe+W;em}<vEb7+~Sevi1&mApqop7;%slSvM?e$Oa
zS1O<2+0*_$vPZ_WA}$Y}1B{04^cl14+aV3^y{5y#PMCwPH30)8m|rFTW55Cq$;rXM
zA^8V5%HzLE{sWG@0n~#1!j-%E89x1!w|4`Tr+WMSrMnL;GtT6cGRI3mI~+=gTML=R
z#>}1tb8z_5aF1fr-XdqP#X4QHRN2ibb5JlZFp#is;N^r;gX7Rnj##POX-{#G6YR(_
zwDtndy$vpO&2F-o=@s@14S{VUiCruuZZ2~soVziR%op+{7r(^Zy(j(3FQ2C0AI?Zu
z&VLJ^dN4>*mNAJgT~gB5sMIQ)Y*KF^KU9>tYlXCRT$CS;J4dBz|M9_>{$4BJ0Kv?C
zlq0h3A=mt_NTtiTAnd{3Y*%?lQzOo<a<A|<TRW#&(*=4arq^sNd!@UixKzk=(&JiR
zfzqY+n;g9hAKk7`(OST?=T~70veS;wC{U9s60RmQ==qlK-KpXqY9MI=*^E7s(<{+P
z$G*AKkD}vik0@Hk?AC?*^~rcA3n?}NH5V&-r$N{*P%dNPXAF~D;Y-)E1>|4CSN4LY
zI?i$;5TiAcF=}1%eUPl2@!&9Vl|9Q*FH$c`kwrbGmTzp_YVGCTrMC?wYO0k$<V5s;
zR#4B<@FH;6Jf<i}_t&2SILb9!%E!DTuf$P1h`!SuFbi>guQ=8o?NYTyj$+fo(1pL4
zHi^Y3*)#p@(v<F~*L19b-5_>l8W^jJb`4i;(1P5~i~rNyIeQs1iv_wS6T!)1GnS39
zZC}A{WqZ$l5cQHR-ENvIb8b>_7ZoGl<$7{s`&x4v?-t92@9`iWxY((5QXF4v9XTDU
zU$&u&rG&2j%u%i;=+Q0A-Msz@1}vB`;B<g%Pc#BJ9Y9$cV914q(tl2+n|A0&hY&~7
zZ|Kw=Pg=%j!vO*#(4YVKhd_R(i@W3)oLEvce;kYBi52+MM=%6|xzE7ki5X#6CBrcA
z>BaOw(WTzU^r<ccQe*};W%X|kR^P35zeuBg{Od4W>`s-n<*EH%8UI73WM`c`$aEsr
z(r$^WbdrMeLzLT2#I+CyeLLeQX@nmCV_(VAk8)ta1EYcmzBWqAdDcnir{wd%cOA$J
zEPtIoG$<Dqy@2c8dEAS~wFOK?XWCu3^H-0_*K}vv!TL`Tyi&FJ^l7J0hov-tK-pJ+
zU<h%!+!s|QdbZf=2f+)6Xujw@l^QIxA5*n%?&kF4&%1#wS{d1w1mXbCtM_IN!&8Ng
zT71uzpxmv;LsUW<IQGYhAi?khs|Gb_s*JRIG!OYZA|ap>`7(2D9(Mog-u^>s1(@KW
zQGQORpf<X0#F!Fz($U~6IRp97FIgltIL$u*E^<nX31%?)6z>@y0VV5OS$A*1S8JkS
zq~)>jndr+AsL8Q-e!F?VqX_RoGBp0#vTyL5Y$EBf>GOHLuQU8keOF>g3=ikGqZHr2
z%?cn<CrrHQNo2En|F&NjtA59sX}!5D(Tqn_(FZ4eHjE2<O@iyCD!@wzmD&L=<JwK-
zxJYYr`^xIlBJ@oQY`$R=NNRPPa&AfWWYFCt%#U*Q&`h6y%9b9@S&fomdY=NL#Os5K
zjb*3An%dc##;Kqq*;cQ(axK#$utjoQ;!@(jXs!mnV@B;Z7c`hGe9_zAQ-kj=|IA<_
zncECg@lC0~9nr#zfWB?z9g_Wi<nT1?L+HZlnEEF)K0?E~)JkP@W7~Vh$p*Zp$=BD;
zg)QRsCF^P(3j7W=76^p$kWVwiSsqw)L5+#(#PIQ5(p2%1D(H7OHQ70Ofa&NAF8ga#
zd_?hoya@s!AKd~;+a?hbVN8==n>Y47+Hec5|5At_N_P7v#c&vyc8?>e1ZtKuA`Vl&
zj`u>b#$IOqe5Mlne3F(&23L@3@t<$YIc{fQADoUXjY@t7@`nnK45_^N<t;pdf+ENR
z4SjffI$#f#4$0WdI}B(rr)}cUW)WL^eSAtJ)3U<%dLe%!$*zch_!qH0d51~N@@xfk
zDla-dekeWjpNuv_wqjvsvh77nn>YxdT#S>H8F8S{2%ok~EOm6@u6#A@bCs{PZ(>r}
zxA|OB-L&z#ynj&t^~iQzM^0T71^0XDLvBNb3wz5lV7jeM(;vbG$^yrRXUlZAlj~f!
zMY}v6mJU^qXXw@xXQO$R#HtMIMeb2%p<D<mwk}Y)-|HVI2*1<&Y9)cB*T}c~X%OWT
z(t)w|L~_ML&5z(m)8f=#BKAVy(DxD)TQ6dhs&b;?POGpCePi{gG<0oJ=p>^so(;&8
zbN$+K7hk}1+2c`9qBY8zUn|SE!KB+;Da-fn$U=b(?whn+?Y3rXq!X&cwI{8^4O36Q
zb(f(_HHH5qYEaXqBm2S$*O{SW+Q9{#_%Fs)I1HEtmgm)e=%!qXnwk$Z>zQ76cO7#>
z5h$YB+%D6<0{LjT+I8UqaHscoq6Epg3lGU00flSdsb~gcSw|JD&c?ZdA8akp#@l{>
z^(Pisq^Jq6(}XTT;A44pTa3&s;82U^SRS9Kfk7$oKN{C)1H^YWPC`{rWUtV-#H2*t
zowf$T&UE;!YN2tdk(9Dg>Qi^r&|iFC0o|hBku=fQd4vbVh?FYvXy7PU-Rv&djyspl
z0n1dx5(=lk&WvF&%BCLgR19R$-QXQ+S(U~_7`n?Pw(009*i6rK@q_Ut{ZP%3KADpk
zM&!0N@}lBk*|)V5!wF5J+6)U1ty$8&d--ab3mv2cQKAom47mpc=eoLdtlyn#R`(5W
zfzrA-!jX&j3eQWP2a0*Bz0EA$hKo^3d^*ccl17?M$MP0kxg%`jn;WW;&Q%ID2rex~
z2)lf7$j#e>&Ja}(5{3MJcl!8*>20#E$J;2S@bpYe1r|bG)lpWthQhHTo^FqmcQ|)`
zyJHl~wZGsfJ%fgPFx4*imMzZ*yd<4vfZ2i{$)9Y6OJT7$OAcbyB7qjn*uEu`H-b(%
z7!L+qtOO01$@OG?ZM8JF6AP*w*!DARrn&5!w%PFdW%NV}AJ*0R`Jp9#aA&GX{y3j1
zbiCrY)L!F(^*Fu6yCv2*Ib8CqD!j>ko$=}U9=5%}Osl&HF%1K$RPI^a0hY`c190+9
z$<lr9JN~Pxt9W^Ysg?QS#;lK1HoHX!5v{!yleo3=m)Do`ZsIsBj{RR^-!Y4Z4KK1J
z@nb>j<M?Q91(WLXhr4cdo!Pu?Fz@#1Fgx;5!M@qjMMaTT$@*Uudt$SCMfEve1P?f{
z5uD>WtIOziZwo3|4gvg7_+eud<S2$CEui#E_=Gm6?6nq!m3>;5E^0^MhZ-sZc}u_V
z7{MbcXA`J$@b9*N;G$bkg3okH^y9xFpa%=<2cZlxf$FhNIKfbJvd$Wd<)vPW9`kf~
z41(rUji;00Jizn_^EvhT+CTi>aJ>9r`=}e)Tp$KX#a)Vm2ng={HuO%9!BAGwk<Rk`
z%g~6hK*eCC2o@~Ue`0;b_hy`Yw};5q1uWJzl--K=p$dxgu+2E8Rv%M_`_2j<42al8
zk`DXtVQYc9B4^fNLJcGwFeVHpKtVB;J;J)S%<&ztTw2snO|QWRnX}s<JjN8ch*kEi
z12^O}gHRKtKf-%XC9mlkqj24hQnYLQX=Ypp9iL{tc&Jn}9CZ!xGFh7O3cdM~N3@U5
zO%deyI+h70_>4CSu<oGiZT}IM?BK1QvMcgJ)%)x)rP8;RJX-o>91sM*>72RKX`$`2
zNL~{3nLT9UJi7YX!`AQ^c%4gM=ly72rKm8=&DeIZJ`=k1*Q&VT=e=I6%ojAiuq6^0
zxLF1%oVUQtTXbH>3$#OW0UO(V>Z47JB@%NyTicz=oNfz2S=(E_mp$8e$MtkcIh?O5
z*Vki6?FQ``Zo-Eti&5ZA?!+cv!ySa@^C*hC&`e@xsv)<wXDmE6CC;+CA$L}qw~su8
z2*plsa#-z%Be`&b-oH1+VN32Az}K;qd>gwZnS>2~808E8_ERh!;0Ydi#Zxplzyy<r
zt>LAMR4cuy%X@~f1wRQxL6rb<#G73hLSQLeT|*~(G2Ob7;kvdAUznn<!n)9P4-lt-
zCe@$^E-l1Hr}@F&J;scbZ?o61S9rNG(TD7OM4w}6mr_t2bh1p>UUvqYgo^DA*s^iR
z@|5Kr_yE<jSP^itEr*)w%ZV2}-_53JbP_qZN3WgyKiiN?A&GNp@20^hf6E?57O#JU
zIDhI=J;&QCE?+5O^QGNWIv#=>QO%LCM(?!<!ui6Cp{t4yolhD~<UUk{ZrCTzk-+~s
za@h$JP~3}%P^mwg^q2y%@9|n%dO)~!oWO6VKC&b|B&Ih8Xc{`Ew_m?H@Xx~kfNC!^
zY#Pn#=vAo1isn<}ICgJP5GCAnkn@XPTB1C#G`B~!O!H~ZLA{Co_m%Zt4LQ~uGNsXj
z8_xCJcOiy|K1?5F6R_$C*GsTI5g{YI?c|D}G9c>0`TAmGZhwRWr?w0Oj^D1#-JS1`
z`my@GvQ@Ghnkc2v6ZdN7mLg{Lt)|XnDA^n6m@FH%?id|yz5RIuVnM-0xCb%I?1OEk
zN3u<XkaHk=6kAm1Z?I*3Ih#tbT#>EdQT`dgkUSU6_1(3QykM3z`ZmXEOKhksA17Zt
z<{`v%!PpT1F39J#XX2@?RX5rT!kf?Q@h&2=q{TGJEyOXl)u<_WgXZw<)Kji_HxmcL
zJ|mePgD%Bt$2D$4l|+$0yq)wZxBKGTBB-R4pbSKxi{vBcAVLIhzN>GNJdR6W*H~6g
zJ+IO{k{2C6QHk9f*D&WkP^;(N5TRB}1{NhT0@rSpD*M-q{+Y{7E5!-EU<^BO)1@LC
zuPv$;6#^;H%BzJQa?h&^J`bNn9>uQK%-$&lL-c<-8rgrXEPLHvM5TX>9-kL6D%U*0
z$s(C3U<E{!jV<WxmvRWGJkNdpDsvk=)}(~T*#m;r(%~yt%z+1(clWFnv;-G9r(8!}
zkTF+apKn4^I9D?MO~%(sW`Yk9-3&Qd9UE5EKWf!wbc7E{8DeYpbNs0UT_T=K9TXdz
z#(@VatmuCj*Ul$1(Zon4Im^@K3y<dOD6hN;wVc(jmx9Q*={YF<8EImZ$e#oD61Bw=
zNFy{D?eoNY_N#t>DQy$arzED1<_{tJ$Jr|h6!th$d82JIvysFZ!x5vYSxIh*jo;3~
zP@NMUL}~yc)J+q&d~IPbh2JOqzop1Dapt2MZeWZNpS}MU3nCtAShK2%6r(vnyiH@h
zEOAtw)YrclT%GZ>_-2sI{0Ybp{<c0&P-<WQgUwaR&Mjg~v$&W()(v1VhS^K%Ps?-w
z{wku4@Wc){uHW%1*73%xj%q{p2mj#>__pD2om(?#TR|uHxcBN&4y*<&?D!F){LcKJ
zwdzH7iAZtKkqE1}CNr17_{O{C$N3<Z==+KO$h!wN8Tbma^=3E`TXM`cR#;5I+#S;c
zT&Lvb*m>Fx(l{~wCBYzI`xQU<e5id*wS(fi6P_)cctVxix6O*>+@M;UDV$dkuH}un
zOsi4lET5GS@{153&5}(tBBB|`G!a>S1re_?C9N2+y6$Akaj_X|JA7~Sn!w?7f(De5
zTU;zAovP-J&=tQ0<XNk!%}*+}Iw}Z0yoE4LJ%nO-AgsXVFxIJ`WEeOo;av6mJ0qnO
z%kv@91@Md<x&&FmAqG`XyxTs}c~>fTLkSpwcp>CrElF9dk5)5qUQlzP3O30J>-8X&
zi@;imd?IhVhE;tCQ1NA(^cyBIk44L5bKbk1i&awr7UgpTW0RXeC0Yo$q|5C>h0Hn@
zw(rHbHj-c6S<??PhW}yXg-Qy}`H*fmcoOMdg7o1Kb*hYBZNKTxeYPuS1`WPU!h0}7
zqP&uF<m~nR9}JSEA9|`U`3lnaErs9E`Kr7H_=BO;^LT&FD&%FTwoETt|7uuosR8^t
zW{PKuZA~Ol%BX$@@CAVPgpN$@)f!&rU)wh{Mw;CA=$76c8VhJuNjZLAlp8x(;`H|Y
zyD}CjZD&KeWq-a^cOq4|c9v?cR~vlE!~32z@E?vG40IBExWS*_{=y*er+&81Aw2Mm
zen3R_%DuCxz;D9GWj$ts8r96+LYFu)&)|wH#Y*T;tZ|1w#OY+nBuxlzIM+AchR7j`
zFmej{N|B$`jp)%J;zgC|4QyL>!@mdt|Fm98BO;45SO`wJ+9$p?D)#eN_N+#r>BsZ4
z=g=L{0I6yp_6RO8iiqe?K9o!>wx?8gA;V5`)gD1NEf&CAE!s|cHIi^eH*ZH|<}@dz
zW-8&Gn%Sm71&C18>!r4T3nVDS)rP0j$8(eW=T@ipKvEymeeCOiq(+7P$@?n8I1sM4
zs4oHQHUD~fDpRZ%GR{o7;TA3*euNNMXMw+@edO>p1od&d2fF^TxNBOGs>8sx6@O3#
zPp?<&V_MnRwL{e_!i=!gb%SAlOt<<s-b1agqEzy;)K+E>De;`2AA1;TfTUC`@l=^V
zxG@x*Exn|YAMKwlO&G@Q1id#=@dim+KXF@pEYywblj7{C5Jv$E4?`Gt<{0q*we7u5
zF8R?8Iun6lH68k#z<t!nxo_J?mi!otePd!b%;6z`pW9;$dwUNV<T3Dr^I+6cBs#XM
za&m4#XB+AX|KGcZcm5_nrn4>phZGVi>bR1x!%g47y@vfY5NuHQkU|e5=QI$}ec->9
zBuXev{|_Mma9w>bnaf6$gO2r|u?asV+`$(MSh3*p*!C9eyyKF=((35fb#1lSM~Mf!
zE<0MB?i;DTL{)xLPrmEof2bU_YR@)!+Vhl@esY@aFPj%alBFk+8d~@Qf7bW!@@4|J
zd=I@XjP4?{_mI!ryHoO?emm=5Rb={lf)5wcUD(l|Xr0XEN;fheFgE4}MFm}BEFVnc
zbN6cWKT}<+)rG{cOvQCBpNPkn&&$`1l({#AO>VPI#eLo{(cIcY%`?}ibDff^=`WU_
zB$iEV!gu@dcRg4c#6#Upa{@KN)fA3Sv^b5fR5+Np$fRv6+Hp?yie<HBzT7}!XmZ7&
z7{j$y{eM!cxs;v!fH*GoM{3XH%nxhh*F(msy9YI;kxYXksPd*XhBh^(<|ma#2lP2M
z$+V#QmkAm`-y5rciI}q$EXCcRT<V&fU%kEi@$b8Q?GmJXrW^U)BS=XEo9g<?)_520
zbx*l9%pNR2r^byVS63l5X<wPQmVx$yR=icP+_zY-Q~#h<LEgfg)z>bSJh_l$zF6#;
zoJ?A*;?5G)K+5K++X^95R3hV*w;ViH;muyCH&Fk`l*hM}i4T<$6hxGXt|{No;G+u2
ziLg`BnHhRry9tgMW1;6Kz{hlu0n*I>nF=D8_tAh()E_x`l1NZh%<4ZCd3fueNVR^v
zL@9n{9XM*hy~fe%?R45{_uGPNak8j$h3jeQK_8xcjO4R@B`_cYBfxi4XHvK%jJG^j
z|MqK(kRCeUQBw-LjT1*~Y=Dbni#2J<oG|UBoD+k<;BoZ{aBe(*L++VLf_Upf-x;kO
zua-d>3$w#lghS_3_i_2^Z&bwOxFQh?V1C<Nmxv7~Q{eZMuTqEc_SWV^L{P@>8?Kkk
zGXq&Ad&7pwzq|{T<3$9`bGrlvSfjmQb@r51aEZ1Hq@8qaIx~)8#|}aK<~mo*DW<?*
zU~|TiX1_Izl;Q_BoU<Ef-{tT(tXhKuMAIk*Mn7}t$!>|!g=Z13OY_^9e(wv3mU=0z
zJ*yy`-Ox%f%{q7th)<P$_}x>UE0;ENpx@a_&-9Tf6C^A*6Q){<O4q5=G>^U|LfOxG
z?DGexFGNxt&W6{3R9A3owe*|PF^@BC7JT2*)>ecFmNU#c*8!Vvd51UMaGjns%eB?g
zf8v=ov!42Zcn$_t_a3Xt=eMuJ6z>{wkcsM7CUm7IT8ChwJ321!B|gH(2W@NF@jEH-
zn>*|qPGTD7)l2Z6gw|o7!9H01<FinJzz&Hg6~?IW4hen~vRmkojSnz2!KS|#vH}vf
zvC?dN84YDkv78JTI@-k*OF2V)UM!jaL7T*rug?2E!ovt3$fnY}qoeC|Vh(xo>YXF1
z6ZkuuD(XH9wh6Yn>ZpeKuYIs%U6hsQYpw6>u*SYuYMK`0WdAPPPy=R7-fK}#x6Qpx
z+nQfBlBR08`vtOhX*LMw1w2d}YX(nhP={5jXl9x*>Co`X)ejRI^~*g`Zv<$|AN*a#
zW5Gq%J<*OsL|0mEJ3ucLnTA8pjbGsLS<MF^fsc>*a@Me3P*ks$ji%+UsE$Go@d`9;
zVG<!e<Ed1*xk8ee22`03%CxFJYPsB=o3LzK%?Y5{S?2EPvXR^JBT@yPYih1G7o`<{
z-Qx?OCtrJ9RX>`&7(PdN=3r48>tqbj(|A%*jt|$<;19FAg`V2%QNIz4VLB3n+29wU
z!wl;%t?3P7>^G>cWc3%s-+uu_S?mKHjVIr7`aXb=;59td-LeBI!DiU;MT=g7^Jj1}
z>an5<=K>d(@HO9BQo5w(!_S6T!hYHJ0|_-(tdxtkjo(rsYVK2yqDG<b^~c}Kbo;NV
zY%`RoU8lYw*wi>|X<>WKO#W!oQ+Y>(VS0GFec!@$yc#}hqrw3+D&)kw03@a4TD;$Y
zTPWaZ=^tIf1Oq$%P}%xxs*E~!MSD($*>XwcAXtSs;ZWSmDQtx<OwWH)n&j2$z$*cp
z!9Sh<+vFhUtephtFosr$_n^184&O_Kg*M}a623-hKWR8*ck2uHMQZ;T9R{gynk<h<
zB|uAw8AtGhocp=TgFP9j&(as}%O_%QARQ{p{KEokyfvJ8sKl<GD*KIL<!45P6W6HI
z8c&F-Y#IzF`Kc!aYe8=WMrFp_eAv}SN|nfP=4B!~U`k#Gk$#{|_DVwOCsM0`=1<0@
z!5=5BXw(hjO4JkD2?PC3E}1Nmlm2*;5~`n{YE}0EP)q}?NnPANjMR@pXrvv}I_lz{
zZ`XH=%7o_)BnJ5~ZmoZ*%p~uuKg5g(Y>rs^h-U5l^zLKiZ><i^N5PU_ltB`tnv*&g
zc41;{Nk5B<^m)=N*ElD4Bv0b+v&<V`e4J!z6S3|VLh4{RxBUL6K-nKhIu^VDL_PBu
zKJGUU9-cL3uvQ1-_AJaCNXYV$W$(%DnWzw3_U-KlKRJzw1vt$w934+tF#gu+gK4HY
zg;6jzVJlpYHTx)g4*`0Di)mMng-My8|F~2;Re2G0SAToa;hLejXpw;kvwVQtT;e3i
zh^0j7Id&57@cbwk<{1rdLoILtq%QttNwSf{Mqms{Y$3r7rx4Z~I1R!xUNrClc3(c`
zcxQRUy!8*HLh9&6%xV|Uf(RS=4`&fB-qf$O!x89*hrJTeUWuXdkh9I>t)IOO^wbE3
zKYTQ@iPoBkY5G6~?P4kesiSe0MJ)pD;@)*GHUw*}VE|}K)F^Oi-}gMJw;$AVn*9qn
zG*YS&hq4Y|fg8&?`ivh9jA!TC)YvJzEDS3!zhcjon{8PrZOAysI2!1s=U*n%Yv=My
z!%}B1tU|ou2o;;N%g$=$C`KIIiOF)KzDZAX%x2ny>tYe?Qq;|{8HP-)^8*0m{Rfo#
zzmoTe3A^Z3`LPB9cJURyEh5}VahECf8;A%6(!3RO`UE0p@P0HH2nd6gE<uj}I0Q3P
zTSR)KdfBTVEquQ{e$106q+;|eP@UVxqV);YsR*c<P|18_OVvwWJU2Ib3V*h0x&L}!
zGx=3wTIu5I82HOoY6f^)wy6-Sdw5$yqO`+6!%dU2BZWOC8e%102yxwqKDGy+G5X5^
zl~`-U_%AL(V;O8a4A$#aDwkhaY2QDVB1|5Qy-p(A$=wC@rdBLIh<<p+x&^KM#J7X(
zQR?i}ZuVI>m=rS`@!fRXPDH(V{KK38;Is=G?7CNFYb^xq`YZepL^#G0eKYJ75td<8
z((XFE^7dddElw1Ck>o%9UUY3Ek&ltSmJwTgHk&V+X1wa=`{D_Ke+BoR&(wh<Cy_%t
zj938jksmr!9!fu~;d=eYga<=Ja(C9yv+BgEv@+^K>Ck<kICNXM=h;;?(BfGp=ppjC
zji~0iU?}QxScsld>#N0s+V-Ym8Qage#>pb21qtB`xNdO1*Zb|I02}mkxTHkknFYc{
z%_C&|+bKv~$j|X~Q{eOXWLtMVfi~YZfj&Y4%O4v@Z!DwMr_9Bs{5-eOtB-FC)5{=;
z9t8N+p5>ru-e_kmhot;0JQJOweJUG%%DZ3w{ZOTgO?zA8i!t;x^%yWKeyXdN|A($8
z>MHoPLPztVwcr;--q<TINfYX~ueYbIhmIfxbrCT|&5^dJEnUrkE7=su7cw9+{3`#~
zO1nI+e)yGayT{tlsGdm*FVCjnV44Kd!vb53ryfPeQ{0;OeS<ZwkVbqJO{MPePo<;D
zx;XbXef<Iowv{zJNEQB(vqqi0OD@b|qM}I@E|Yd@#=q<m>N>izB__-iF8eK`v?p>-
z{In@>`tG&(@EH%D3*AtLwflx&zkcuP#_T}{C(H}-kP#ipYPb1PGlETbhmYqve~7Sl
z%pzLenNO^+KUEd%ho<_9yKvJ(6A5J4xL?N|7Dc!3`pz}gbjdYp_Hv(GvxhT%k)VhG
zi#prg%{7-w{1K^<2HJ#0T*^Kf;7<T#9*U;lrXr#OCQha}W!Ynp#<yQ%>R84NG=6am
zF-+9<R6>_+v|XW^JpljwGA-d66c-T{N1d#YiujAG@DOt;9Ae20RDV?b<X^5)dUA>r
zB=UglP_Y)^biY3=P{R*TDLW6My9xr|7-w}u@rW~ZV!a8N_$>*ne0BIsnw)?AN1CLA
zNfQ7}nh5wuL0%X$qP&Lf9_aTb?_VP}q(Q|WYmF~)68O+5$nc+18=_tyFd#XDmHPST
z32nQ8Rax*a*CgPbV#w2Pb8~@~`^{Xt(Gm}wLZYjNtcTq2SdL9UsVjB-q5t<M=}`=Q
z4ck;mzzt^##yd;J&sL0_%mzyX<s@dh-SSJEKSTY~ZbN7~SLt2`buvdC0uO2k9(0&5
z(@ihc=KV5FrwU!)$tWL{@kzc6RL#>(O0GXjs1$G(R5)9<RuONq#IC^BK#HRF|EAL)
zC~mLRE_~x(EQDW;06znQVZlzp>kp@j2hQTW3PP+Tu&)tq7GuC2{!`^3z8RWEMpMz*
zY>iW&sSt7Xw}yoh9Yo`L%@QGgXU$_?cdVfKLX@z4#j;yxt>X;UM9rq=y;AE{D3uA!
zpTeayc9`<l^+m=uTdWAch0{NO0wq{ZaaAQoAwW)%L|VlcT0eF^F%_%1!*tbUU|o8^
zQ5|lpn>Rg>(IKmSL6xGDn)YQKxJ<(<5E#CwfY-sFFOy;Yt$)`oNDiDFEkwVb<c}(A
zwoJ3%^%-%=`lbRaV<L11$w|X$KcBExE*~f>1q3de(-b*`aJV!pHV3(@TVW#pVcd5L
zIfF6Mx^#WP%^IDeM456q9<=+;Ktl9~_<{2WkFMDwZ6;Q^%k>3h^>awmfJ){6Jp4(*
zU<}QKuB?O6W@n-3F0$qzGQ~XJf?1_NPlDQo0fT+mW*F4T{l0A9H~cFAhwER_yWmVI
zM;O*E5&}0?-8Ap93(Kfp@mQ*NFG4hjS<B)Chp?=QWfgP;7SUOCBfRh>gwuLO?T9Rj
zF?@6Da8N!ytEQ9GUyZM7<xIju_ile_eQM3RP#RJ#l&m`;Fb&$jNQy`%cxM>#mv%r2
zWRV~N#NN6Y=dgTpmaX_qB+L?EY!O=5NFvSX3*Gh}|E<*!%hp}yAn$T?^den#;&D6t
z7j!JA0MpYo=>H<mg*tIYUo46Quvy`WUPL=Dy)T}Pw^H9_E$mUu^YI+sMB_Bq1TFc`
zTf@+P;j(gDyT1%8*i$)!?OvAO2PTQsr(b=<Oy?~A7v>nGC?X7J#paI|chGJVa`FBo
z@HRn>Y8@yE_5Ml%$?v2|u`sYT03ZMMyaM|wg}E(5*tk5Uj@No%R)_?J|3A}S<+38@
zsB;nsHtp;>84!%JPZcdmMxCoCnJ#E?{-QNu7VtzI`t(2}+Z?5I&DdzYX)w7~DGL=j
zH*djick3$$N>I;aZf16ze=*&iu%n}q#k}kxQ9@&<wcRi?NlWZ}&^8Yz(_MH87s|fY
zBtBp{hVVC41Ad_44gQrS=5X30({*|%d>eWw*?rw*Y*;dvZ;y}jP>t7gC=(7tlX8SB
z>GvDRK6;&8P8ZI3Zarg(rZS|P>|)+_=!N)RX4Mw!#d5z=2tNXgxP$D~&PO}N(9+c%
zos^_G+p`UxiiB9W8QJLOmbW_^?ybjX|45fPPBV-&Q8n4@yi)SlXkkkLW3$HO^Fr*c
zz|+=4(U;z5@em2or<LSq4FGT2B)wr;HwYT~P29HZcbC-=m`X;&wAAg8VUbo-hLb;q
zHxiv&5*|=GFCrcSEsF{lOpoLvd(|uP5r>ly-Y*+AawUe6P3)EN%Gn$ErSk_!Ro$an
z7y{@i2@LHE`oB7E6bZq0R~}0N?sQQuk@0kN7<UX1?okkh65UD1D6G#S8IvA5c-alg
z4lG|^y+zjKi$P+P{Lx^A$u&@Ih;okbLxK3_+fyD~T;w(aQ2`?UD)xVDZDYNEq$pN*
zFIWnd&|brpc2hI=F=~`~RE*eI7=71Jz6?`pNP5)V*E=fw-clZ?aQovoTc45>P)u7$
z(4P5f1W$wi01s$Z6iAQvebwa2;$87R;vLFkvo=8`=2VN4nn|5%uz~Ur$Mjy&N7wB#
z2Pb5iYj<RVEm*rw#c&y|A}&Lv;Ed<4bVs>_CKqV!X~kP_dSN6cV_1`P<b_c^m4oRl
zcc^gkc(ZF4PO73BQh!?Ih6;5Kz=^br-(u+cavk(=Im&k=-%|mL^3nZS%-N+tLV@K%
z$?acWEtHcJD-~u)HhXtu=0R*}kBuC<H*}_r+20K+Oh{hheP?-N=J%N>c!Iou)Bs35
zVkK_hVNyKjTFXEC%pr8O!+bd7{9i%|iJ6YGEJQu07(Rge-MiNT5&?QnV2I*^NOKm)
zyoYlW#kjKx2wHZ${9&(;-zfZt%dKZdSrRq$bePzYGvr!amE%a%3BL|M(+cjr9^oQ5
zHB31ShN~{^^2D};8#ovC7nQF5{&^U+(Nqz_Px}h|>wi9u!1YY?PP-`)*vBz!2Ow65
zIp-bvqLUsIv2P9qO;sDK`3ffG{B&Uk#WRl$ExOC(T=K(D2s6IO)kPwv80R1)*I-Pc
z7~I)S*W)xyn&h7;gCc1s$Kg@5YZ}L-LO3p;WT!P0T{~%s$?A1b&(6-Cxvke8<Ch1w
zId%}6{?@>}Ccq~Q8S;W9!zTnnEFBq1SK2VSbz46%4x`{>+HlBZh)^-3B=~TVuAC6R
z=pd;ODq#pc66&|Boq&(n#H6oKP}9zSZUtDb5wtz1vtg`FJ??#CP3yHA)f+qzGFx+j
zWLljA<-l5`ZK~!j)$C}0mi;KjLGS&kB#GMIezHPvPGswe6ZjJFm)!wh@&=v}JQ=vL
zOkgC{ZpYN}I{OfLp*)1+@E9@Mj0J@b`Ne0}!7Aa+3-~wBd&6fVcKCq7-vJ)V=Xi~A
z^$+-KAXvEm+QKw-6Fz6U)o)x|=5*Ci3SaBH%bOFviMRcFdA5=6FgzbSm+;H+5l}!e
zO8Msg!(pvq4tZtj{&}bQnOmcYO0@Xf(EhfR`wnagZC+pDu5;la2hieYdkNlXOy@?~
z@*A<K?ybqwLtomUL8&L*lw`B!@4D_}RNZS7q?UTGz+Wli%ki6!s;w8ddu*oO5Jl<$
zlyhNq+NA9(`pZ>HE|-Yw4~Forslf4cqnk+nFF9rX@gx*>lO*U?p(YGRF`0UC=(kU6
zvb;hzY^nVa@`3J-8pDsFmw7aV$-+FjY^>IE=DzBW`0moPe$&*T9$b3TZK{)VYtS!m
zVtA*Asc%oBDh1alkMyg9MCMO}rPk);&D*;3Y@I$@T2)$w$l2Ag^5jXgYCw4@`q-G%
z)ROY^;sb<w;dQvsqFR#z!J@<6VWFcsSc`wKtGgIzCvQ1@$vcAnm2nr3aOtgQx355w
zwz2P~s-Q2|zHjFc;?B^5aR23lue=cD=SfW2$La>${>;bAI5XPQ+BpH{R9xMsk1GeX
ze+rCFp*$-~M^z3?d@4)d0z=JW(D!q%tdK@<x9SoHYtiUcV!BAHSs=fM-u~(M0=jn}
zFJ`89+7D>;!=FCBdF?)`W~)pR1?R8z)k*#w%L|(-?Zz3^gs#eJ{D7oyr{cr(X43=8
z!uh0FbC;CEHi+7{gz4f{`u^c_&^<!mk3#z<q58KX?}26(Gb-2C^!tB?qmJ`EUaCSq
zL;IWg;neSE>L3}djs_-esh`_hIO{5eOldq;bQSnAXqDS*3A8V&!CT{BCx+FnPVMq*
z``v4*;VxOFzO!O=$-|>76*sd-I)TWB<O<%YfGFlXQ}i*v6u8IgQV6YamLwrMz|*aY
zuur@^Hag)J(L-Y>!JbEfwMc!>^2EHM$**NnwEGEt_L-*g&OpJta+%HE*5t^|<$VtB
ztb#6V{8k*xd67~}%$d~&l69qv8QXah!zPw8G01uu)vJRdj2p`zJ`|T0;X6hETJ4{x
ztW(Alt#(ue+8i7g(pZ|Zla>Lqah!S(*^I+iLYOd>5u5gDP$94Ag1F>YX28MQ{|-bF
zMNJN+4;cijzKkGth7e5H;J3K>xM<2Q_;y7G>GzxNc?-31^i3vnlKrtBS0Yuco-K{w
zsT1QL)Qr{4PafG_Q|^COa0i<gliI8Zfp66P*3_9<fgwa^0K8vy>g<5?<$lk!ah6QK
z0=BwzPJ9V_p?LF@$=5oR3EHN$Knr_gnCglC^w^`SoGcX9Szna^*LPeF<r`HWs**oo
zMeh~iWAaMKx7Dfs3G;Np4|6+oCDm-EK{TA}+<)@WIn&s!j03@y0ixA>deV^?o-3cV
zbp~W%3<33*G&s6~bBKwpPIqjDxHv{T#D-b&I(%47+F8WbiXamH>E&k#ZhKmY4J|tO
zIhJ(Urk_uK9<$_DgqVN*<tR>6ywt9aYCkFZz>Zwu->n2}J2+4@-cB$vKYkyE6s)1j
z+<WpE%&@lW$h~;(_1_l&Z>e>}j@%f&F>-1sn%SRT=CWcv_$Wl2Th!skwqJ}hu6jB`
zRn(g213|k^lQC8v>sUV^E!;44U6e<mtPN~MF9iQG(?%r$xQ{cEXd2~grj}ib%(ZJW
z&Q61IZn_ZijKhH$@jvkx73Lu&c^oB7cCjf%US1m52;viBZDu5q{1eTvMvNc$a}qgc
z&616q_O+7~e#uDz)m7cecnQ#;E_OIU*R%O8J^alvjDq)RG4TgGnj$B=q8h%_^ZJD3
zYqBk<Tt?g%KZ3-p{kFyo)1{mUT@W9$&g6<O<<m=nQsnVvLg!8U7gDeR<OAAUWtTew
zJJALS&-p;A8G8{>W*fFx#Rk?Ol&1{zDDGOH$}-_irW2|C$-Pi;33#RJd=-C@`xxc~
zf=z$=Cg>`dcDiW9OS)8*2dlI*QpkHJx%OY7C-V?bx8Z46u}(DEI-~BF)_{e#zGwz0
zv<Fn$OJiGf)~^2gqOw2$@tP)j(&`$v|J#>E+34lNW@=^(k(kXUNMy8}h_pgK6{+mO
zPb_0pH5b~x^iuMT&E@dcP1m|0VKOCpY+h1$h*53a@&3mRKE4xwwO$#~iY@+14<9}R
z{(ae-IxHA#ox}zih>0|-INwZdY2wEAZF3518^GBngv|2=<j(pD-(hQE!~Z-Ob$3!#
zQ>fHh`?wNl5PnN8`no;oo0{z8tLtP9H?z=s6{?WU%%UzaKm%{e7YlT>;%@Rud~rhE
z0&x>{<i08{ePt1nCT`iP*{m;ENF{y?$p}i~T>@)m^G@>r7s9d+A$A)Ar(R6pmXiS+
ztx@|3zQ@KpWS0I-v*=c(qme%yih)poiXxrchIjC}*UKcW4+t5swGyzvlMIu>=G>d%
z{2-C&7Eduf1-~SfAUinTHc^`-`FviO%vyT!*5+(;y5_e<%N|Abnq^6&OMc(uV~2gq
zxSLT?Y#k1Oe>d<i=@;JxUvfj|McWNuf=yYg>$TEHP(JWT`rT8*ain2Z=hQT=d;qZy
zufcU|aG;=<N!s$iSV!LlTFF(%D;ON>(CMrwZ(m^d)KFDYI_?{BOu6|#o9}KO3l|7P
zt;AU5hyxO1!r>fXVvrT{k1+y95v_1(`GdQIz)iPNQ9@R^I^|V6r*5K|_(1SRQtbVL
zo*+H*@;UD^X7wz%FXD^)p*fRXzJ@ri40b;d;i1Hv-iVj~8FbYOam)BS#~$AAw4^aF
zP^*32fnuTmaK4AGukqmBwNAIIizAIdmrFj=NvMSm5+?7>yZ-cNyK&uFxA>}ENHO5-
zj8FnY3;QQHfYy}8mPqGtRU^|3lar5`CA7S)TPU&@XQDaFDKOtu1eXW;mN0^7$1kXi
z7DpDm8ewkWW2wgC9^__8t+^V(x4KnNDV@rcAaW8$okB7*Pv9n6Y@n7Z2_<`{L`j2)
z%@YzSE|C8TEdjn^(pqIg?i5h=yUi-sh^nbE_qa}$>LDet-97<p114DAzcMGCtDiSu
zJs|nhZ*0S){}_=KzFg{N#&Hp_zNCQlrOm1+ko7ar4Ubr}T%%tl$6r+UJvEF!Mc3q4
z0hMBXLim&5?!*4Jv+wPD6t=%ijN3bZ@aP%2;3Nh>X_aq8m3TJnyYDAEu%e8m%I-&p
zn3eJYijZ@mdR2b<AewXHC9MXPj${a%5C7!)DgFJSEdM85&b8?5a<}xKgY^8XPmb+s
za|a;nMOXRQ<==_skoTWQ)*VlO&&7QkN-O>_oh<+O4$Tb#yE;utW<>~_4;|>_Q3t>#
zB+7s7PxgWp^$@A$Vno_`H<Rp7;vQTX;#8c1>5mhPP=|yP$6iCQ?76NQ?GHZZfiURv
z|DPjAhFax9=&Ujo_)FY{3Wl8ETqeejdzWi)=o3=o;*UMTvLGnO8}mYtMy{Hs8{dFK
zEP!A_ZP;n~@n`09?mGCGT@t8DRQSNADfxZFPB~d-gui731ynebl5%_)<k{T6HwvI}
zCWX+Dq%Cn$R+-ZpaQY8%uym+aAf^w%-F#mr^3~2c%~^#x2s{xQUq*s+`IwMD6G@Xq
zo}eA=d33IslZ+?0$-nc$)UBH<vfX8`gLYe+1V9VZxamR*Z#I+ua_!~;)>6f+lgP3q
z1<_y3B`l>rkhQHe#yX|pF`75fBL)pz$J@j86dQ1e)KR=_I<L!|x9RA&mioyzhfEEz
zn}C<4KK^Og$X-}?1&fQ?ZDoWXqr$j&>uO`;>Qq+x+ch3l%PEc9^Sue%IN%#)JnW?;
zbuDV5248LVA^+W%h&otuwSJ0W^B-3PMG~8NHB*&_ox!pQ|CXkU3I@D1O$pd;#%y8=
zcCuxf_P-t?N|ee3E$BLD_#&yr-h?Owt1)t}#P(~pXj^Gx?fFcn4>EHuv-QBml(+w{
z>OwZ;#F=TW;&TXwQFz!}A5Q`P<PNAHrBv<H8LxP3B)hnAhL)$?`l*lT%4YUipsTac
zHuZZTUggoDH^5i1cno|2#6&mq&#Uk4eTtyYNSfwRpZKOjNMe9~+U2s}lgEQ4zfrY7
z$^`LUN+vHGrnJn}-}z&MA3(9WerUQET3FID6(;X->_>6YecC=%rC9rnU<_BQpzBK?
z*`T6;23MiU8!TUT!b?ABa@Nt!iq2(s!0SLDQc_LWd3EWn`e3VHritsX_j%~ptH-pq
z1An(Y&`WApjmh_j!WT(1*I^23SGmG^uj}lpg6{-P_NTMVYDKO?&Fe6j7J{ey?<*>f
z*cA7_QwD#<DmbVFlgyJzc+BuR%q|Vc;L{$%DiQh%d^b5oOHIUQWUUo(NAK9)%;q#z
ziDW+1oRYu7lji?T2>?sa`Oprz%MvA;em!{qxQlTh%Im!L0Yu;7S}M~mXeTBc0u=vt
zgBGzw`j@e9?PkvR`<XSsW0%51C1_=HVi}cZ^Mvtm>gb;w`UJ9@^!d?f0Ta_Q1xO&)
z9~2OlSI<+JD2w@Z6@4~TA1tmoD$lbSF~LRR0PE<jEOudRF86bwn?A$w1Jxc|6jF+d
zunQxnyFnVBScw1GSDJF{vmhw*fn^J1yi_95rvLYRQv~+7p7muJ#t07|d>{vIW&8G_
zgL_=lu#rUbY9AUviA)x+_0O~;7j5Oe7yuG>HuO^kf0Z&+N<A+}ze@+T<AszXz(Zj1
zpUbo_D+Hc~Gau6(Y}1pBNzCuhij7MO_xMAIZ>Pmc$|5h$x>fUi+Ulwwj)YmzkKl5@
zMUtR78Ikc=P(k~>sP%NXOUc&^DQ6pSef6^TGL;#JqdD|1#L9Q4zuqkmka(2w#G98z
zn`_%Y?|NJGwiyBA#665RarmwcvkDJ$&e!73W;yp?97u&FYoA@c*kZ45j<zVOg3e_9
z-YB$`&`g`iHi5JX2kV7Qr#H_t>+e8Lj)g}WL?S!Tj}s~H5}@FMq9YxgDaoqaw$zbR
zur+07ilR0DkEyGUi?Zq3B1lN7ARQ6{(%m7ANJ@!xEuBl(O$yRTE{#Y?cXu~Z(%l_P
z=eO!B&-X9f`<pW-u9Gv9-zoIxsuCVf@vl6sU_V0UnZa}nP;^P)5WpIHeJ10~SVdt)
zA3jdN$;&DIb?NU#l)RO56g?I`kqO(A(Q_GL9-WJXc87{xS%{=WGn+jphrZN(MQ&}{
z@C%OxW>f@vDvwCm1r#&OAAw!GHZ0dsViX!)n$6uS;#N=WAz=)_uIJ&rbS<h}2yJSf
zs8ylYd>jtn7Jv`5!)@~j1?yLEIhZ8orH_)sxeAf;^*lpS*aB1IlefSE<+7AIv{?u)
ztBH0uKQ-*;%qbqa$6e}I+UxC*ODyY^c7lggh+H`QV;RaTb34jcyCmTVqeu%8zTuLO
zzsmEGpmZ+<d_t5zc#_n{v5$E>TXCMpOm?qh0$^KVBh|)Is1e@L+?N-T5tsFh*0Z{?
zV^k@g2YXKK^=uNla={2%9pat<t!O67+F1JA@Gx1lq`8nm#YoDyksrtUdvZhT<Dn)X
zSSiW;|Cf@gITM>Jsjk`d&Z~vwN!>*;1owy9b$e5LmNKR(rz6K%xZHtk4N~hlSCy*0
zXABL3{#Z~gNSyi3cy^+b&Ig0b$YDz~f%xh+gN4<eS)xCjS#9ISHeOLkl6`CIvLt59
z_!P&`5xGK=9OtsJ>#+v6Ci29&)@ovisO>{Uc)Ub{ZH(1FVMt1~OLD&SNAJ2k;_+lI
znf>R1f<BL<LT5japDb(ajloV0bUFC!)9JX%K))`kJb%!(w#D&=RexUoiyOK+9cZmY
zJ>JH0jvN1aM^p_D?0BN%*Ph_v5nWh1uK!r0Z@Cp6HAR%^M}1Ek{UgpVY+b0URop?(
zVW)#Q9`Y&|TTG2I6ngVgTr9_MH{j@`g==+jMOy|ft3IB{^Ww$**E`(neAevo-A_kW
z=P}X;BeQuY3kM24p9=kFkgR@kfcdJ2#{&xA&*BOCr^w`_J3&jLWWs`D@3twUR$h4F
zl|K#@!!B$6>}ZpoSkk>DxFSp=LK56M6e14RXp`vbfMZeqbEhmt*B+ccz^U@WJa^@V
zV>sXbUrJyT=~hHsms@k!6#MV-YDQC4nDqr>{k;(B^+%)mekQ*rn?Rja^Gr%~x{tO>
zZ~QW4V0#f#8)rZ|(_=&MS43spE})fFh-`$hX1^cdx(^C<tP*Hu@Z<UwMjy|HI-ap3
z5d@3LGKpU_6Zqd$VdT(RH(TPXJgRGYn6?bb{neJT_Qg^6*l!2T>Q&!dHODKYk8??t
z#nWXz9-HSC+gyf?*Pb`ho@+Ghp}!loNosgma}uj*sSA0-NtivEqrtb{8uf<juaNwQ
zTlJC+?ereAuBaP!6-JdgL%Qt7>9m0OfZ>pumJwXxO4$2;Nl!s55&xB~HLH;zQwV$<
zQ~oG*U0TjpzX8A&H|vu?%4#dN376wiR$RrUmJ`RbRqBuT2;FKstO0lPKaba>ak<os
zNYobZBEqy78Q$cuirHOSINB$D%piG`swKZZ^|S7B@*NeIBwYaD@U>?EB`N>VxbVQA
zr%yoM^N09q@uZ{Io3gmF%w#D4TiEoy+(TQHg6m+(kkk9UtRuK}e^@T)U~9%FmX0s|
zCs|n;7Gh(d84CS56<26eru8GRt^RDim19<(^t{0G)LvtS*{h<Bg^G_m6mQ1IiRpKD
zv@U5*!~p&PKgF6c&xlm}GWivL0*9_@dHJmI-vmlynO49;-aXrB3s}4jqK|c43J!#G
zZG9vdX=S}ZUz%ajX^bC14XWx=WPQ-?8V}6ZW%uOKA*JtY1Xyms0fvdmDR_5zH<fm1
zaCNT(?vK{uw6%mgVmOAN)b^0)z%i3`lc?p-PZe4mT>+!aWsSr%_ivcy_y)|1u~c}J
zyL)_c_yWZS;0Wxrk|o=YeyJS1${&s>Gfm>nup+|5iu%EJVg<9pt<i8L;{wAVI0Oe(
z!}mfdJ>ss5xIQkC@jW%3^u~|Xm!3poA@H;P8iTn|gGX}7>3=c46L^#@nal$`caWHR
zt^bH4DG+YVh8$6$&09c-4M8E!MC4JGwrjyRrD<7iWVrg|E3UVuRa9PI?hzr{`~|sl
zDMba6jMR#R>50}R*B53KE0=0ioE^;U#8$(2@}I+b1F2Vw@E6!@s7B2<Z{2q(Ma6_O
zVYRzJ8rZDuK#-TDHbCaCN-uzWhNj<1%%op=6OHSshYFYu%G%nv{x^RAJX5j=Mr4D;
zR3`aTmZTt>b{pDnNsgy+-eTgo250?4--k&<$ZjF+HDqF)$m=;$!#bVuZSY~Ok=A=s
z&hcn%>F2*eVhJu_iHPVk7#VNy2wsR0c3g89DAm=*<E0OS#@AF@@^!#^cT$mDNC8U^
z=@T}ID{~SQx5Xw}i<V!ZVtF+VBNV;;BQ2+bHRZdbIWe=t)QI#?KZeQ~=O@3iO^isY
zI8S;_Y*#`E`yc}+@)Kt0B?Y|<O+sQ{yverqs}`_OSFLaG@5)GpwR>iMB?4hZ3m>79
zIaU2!d|J6GOj3ezP4V!L<$fv32Nwz@^=K0RaX;7?Hid&NHM{|f+c(Vv_2ih4F43IJ
z_$Ty^T7yp$hxGXtg%=@Z+C)it5B^7yd(+loP^W!d(NX9v<QBaYdY(cwPlENaXnL0s
zOUDshN(|QJ2GC3SJZInHLneO3NqZ(wENi>E1k9VLZag>pl%FPva`R)#Ils5!#CjYt
zy`WttRhGze8&%Aw;#9hmczhGf;v}3;8FnHs-lbt_6wLtsD9za-US{VnCYQivpML7W
zCPe<kRGf?)_6jdaxcgBg5`A#T*B`QdR9b^Xgf_q@%!i!4Bwca`CglRjsZ9O0FWtoW
zgoDE8IW5^8h(Y|62Jj2GbTppusZKE{LP0N`Z7x{v^C`Ye4cS(Q*P6}_QMY+)&cQS+
zDs{ys)wj(91Mb|xLx62=f~`EjLtv$UcA|{K;si{zFZ%a5^)ZxWcH>4Iupu>yJBDJR
z2#gF3k=^FBAbfj|eqa9KwW&iJE4%|HkF`fW32jqGzn3r6W6Wbwjt{agda!Ol4N1bu
zz9vfA2P4-q(YCY3HTDt_Zuf2tru2pQ!=5<)c-SwRE5^q?_t4j($le?F7}OCvS9E-n
zE%1DpBKeGHEF2(kpYDRt&SnQUm?OMZs&xg;_eDqU&v-<7!@a1V?|JPCeP^BH6SI9c
z6UO4k8Fs5!<zf+T#d;P1yBb4|^%C|M9`3V^XOpDLdRn=j={%Hm;_7g>BF6OHYxc8H
z%>~AgTM?MsTj(qi`k&id*w+IFb^LB&bSwx0k#iIt*F=aB1Tr2GZ=6e1UoXBt%~Y8q
zut#)#y?<`5U67g?br8MK)|HSKewx?mphFj5by=q~a_@?+akDLZ$iX_$`9^44BK-2y
za1gU0H5?WSm?uHOHiJWC+)dRqMB`-2hUxIcB9@!a%yux+@#o3PVS<2t@<$Lr2K(_2
z$p%akNxubQu7A<v>G6%YOb5&N+W&hol)DuH+hYS~>`OtyaY>$S7Gbq3mAx5Verg@>
z?yo!{L7nlU0<)&6W|2BEjJ1BNFkfIyU<C`>vj}^l;dj`!$~`_IO+`(eBPjIrxc`eK
zm7PXmR*hCM4H|+*FGqzj0Il!#uURbfRq}WUnCy;8#$g00!w9lF#>%T#FG@J}3JgzG
zq7QTDn3PPUwN}%pVlKN=8nf%sJbFzzOs{5sDNAA<#4%+TfpMKUrDl5-RvT)Ny4rI?
z{5K*f;09o1SiiogV|Hv~?t@(<oX!+COqAOQ7_m_~KSyXiL#=un)@FN$@y{AQ&u^by
z@SQU)AJEkKReflaKl!CJfY%U1a0AVKv2fu!=N`RaSw(usUdv>(IkZm^>;b#@j@z*3
zCEcsDHF{0=h1iOeggk<9=KI*9<<L`&mAky!FOOtnoNIdL&76hYtQe0A)xc+fub_C7
z)%UZhN7oK{t<%R(pGt978Km@Ml7gS{<ZyX;uFdsC|HYtZTz_Kn<xT}w!*!ne?%i1<
z{}mA?n?}RPm5mU$lw#jW9epiXt)$ZbFlcsD(Q#i#Y)aAbN42efIv1@~k`fb)i`{A|
zL`cS3wVHsvUO}Im!xh7vyZd^@wBeezOMMth0B<C5>OFaVH)&U(Mj-1PYxC{}x3HuD
z*8WA*CC?v+*K=g+IoNT@6Sug5FytR+%t<G<F5G6DDqd4(ShI)H!p0S-1tpk=eevL%
zc|5~Y!T02zVWsbR?!LTSqUjRK28xL|s>62^DIU2vbmW{Qis0Qe%^pa=EsBqXUB)S^
zW<P<eC@6Boh*eOooiDW8T)x6d7|9V*zrnNFS#~GBL_B)=nGaGd3cD4A8uA!XZnB13
zZ{vkuG8U@ZTRt^DpV3pARr&;fvK6`Yu9Vc5vusN2jB=9?)lnKi_XHUxW%6B`I^||=
zNHHG?^B~-AP7CeC!FrY-Lz7N>p}I*#jX?C2OF@X)O=#P0Bdrs9Y7t$3E-i7@LR3}6
z@dQ13nma#26zA~5?hH4n<lH#RLW)fHUzgVyie*<|cx>qt0oJlsr#DDk3)>MMa1J<X
zcKW!<C%g-|l=b)Z2OKiWbw3c*UFGJNbdCGmE?TR%N}g&p?D~wyi|Ep<n5P*fS))cp
z%DBg6)TrXgDuEy(iBxT+>v&OP{WY{gIz+KQ>GIlhE~P=|UT1#Z|D9Fh`_UUZe5_$h
z9+8NzPNjTAgr&LmQ{@&$A5sPQ_y~z#0Vt|#G<0RWOvl+_p|^X%@Y+G|me%xG@<5Dt
z77hNQ5t--D5J-rA*6ZG8xIq;Umn^Rr9GeW}!s;T)n&he0bOD?KLnt5B8ox}h3)-8F
zmnjKdjnuO=^nM4Utv9nMVzF_BQ8YTdi%H6uQFaQS^iBOU$7oM)=E>ITjmg)lf$F3M
z$tXLn6SAADA^GORxCp!5vUI2O7~1h)+KR`-giE!#up3e@B;>!vd(^x}knFP1o@Wx|
zkR+|ZWz|7I%unnovOA;lxCUG6S&syz1Ss<DGk$g#!msqbRWJWKaE@0AWwzL0Dc1VB
zp$?lnPD8)E$`G0`xael`kCyuy189Gsgp1#6D<+PP{rE}mO@*|;f|D-a0YsONk#XaC
zxR`k5`n@jS+0-u7o5?earD1QU=W1NTV0O&HlWk$KoKNogSFi!eC<VXPffwIQMNw4u
zo@3S2T>ij*O<C}?Z$2hScDe43CSqaLRdlMS(XzAchU6UK^GJuGC+3;)Fd$uN?|mtN
z33VfBJGk^DSu44tm$KVJZW=T2ZwGIBO*WshZC(0XOFrW7KM*$klKC?BL*CeXTw>25
zH!9EY;J(b@;Tw`DM#iP{$<Dq7#E~bc_Yj5(0E!yqH%ls4{-K(RvnoRJN7F6z_I%sE
zdf5<!>p=3n>ohr`VKTpI1fb1emItZkW9rli$)!H6T`6Nyn-FSBXt;=Nyu6jk;y|9W
zu#6CKnI;lWXy$(9w9&L@0T>A;IAVbjKyU*6k43hW=%(xt+8%d$+i7;a7gJRb-?P{c
ztRB0MMaV@PpFNK@XYxPL!+9qCp1z<s`ctNM*k-ZUJX?vErY56g2mpeE5ZR)jb_*tU
zq{8#~m|8flR>|#Gm(RrmX{B0PYk60m&NPQL3Jb;y-R<L`tLwR?;$PODbr~#|U8h*Q
zuB;bGd}SuD6Ej#YCZsqe*%nhzeA+{kKISOYw5B3m-5z|7M9w^JW42W$^8Mn8cK5(T
zuszZZGzCDpSy{FVBSF7o32XGbF-S#cg;q;@*xUQxO*7?UecuGhoj*~$3K$iz4Bbnn
zzN|*^S~qBBy-`a%MR!>ctCzcn)84^*v$~H7g^ThQnM@R?n<{;T_>{0G_6c4ZbA-!s
zT_GL+nsaM-a?Rl5dCm4P8F%XA<VQwuXxJh!aRR^PX`k}s218*}2uq>6!>F|RV!aIa
zoY3WaZT%U4v-on*RhaABRHsCTyW2JT@gjYfjL$UyqyD`ZuZuhz(ly8HKp~+m%zM6C
z1Ecxtaw!{Y#`zGW{8+)JRY+#d{M+}}QR+g!=~Aah&y+7PEIFw$gq*4wQ3liC>Ma4{
zt>^r=`k2R3-TX?8sYbL(Gv=!o@u$8cFW%G9XR7`%-on_~5W?E&>R6)}sO2#?r5cfL
z+Ayq~Ppjg)_Cg~~D%{=oXum98aLS%4V1LbtK9aq#W>&{HH#>L-E$8d4&BAHupGh4n
z@|f0sUvx`&+s7fP^|CDQRG7phU|$+oJBe>h4BTm03fv9riXe4DGNC+>2i@oz!*GR-
zA9Um1e{qSnqSpRyE0_C)BDRvARnxOC8Is4g5doPpKJ+Mi3+sZQo3!%wk*Du}sBGgm
zwq0BfwO`oU^0b9p4HBf}Rd(Tf_QRJpwC&+9MpE}SM(v;{pL))2-B+bgd(Ht)m3MLz
zTskp>^-8^zp||}qJseCI1s@)*ow6i$oxW(AppJ4W<_cCVog#{I5u}2;f9|JSo=ok^
zq$cMY5p@s>7k>fzP<=G(aPtbn*Vyo(FuaGKhM}aq^@CZAE9XIk%N<*!i>Bt_dPZUy
zr!hH;Kg-mH?@j-&0k=c&!0t~#<ElDt$5MPtC;Q&R^6Vzb1YKvwQLUbGXCm`-M<T0s
zP4Db{kGCm#&h&cA#^@cj>&MF7`qFD+sOzj28h!s|l#9S*Dop8!!d)69N_kS2PJLQ~
zRTg7>a8CSn+S4Pfa_%EHMnZ4C{(|m>b=8wRz+9J;v%ozBa29~!+{N&KdKX(HcUQQJ
z;D8(P^!@X$k;*pvsrr_+`QmFT_}P7v0@?5_Q;G1;d%4=h8GV4t_WbUnNwWjk1rUgY
zuTPtP`Xs-JR`;O%iD@~$P_|e2XnfyY=E#-{zUwUNx!@!OM&XA?5*O|vhnHxr6N|hj
zjT59$m!v>|yC>78w-}k9I*r5C?P)VI=|2J+uzw0)+!%{oR99<0#hXi#g_HSSHLdIj
z4TrmUyW?cBQ;ByM>IvC7Z*V-D6D97;T9$LV32Px#yytPq(m-d6o5^wwnA?b-Ua1v2
zsZ5pGYq_KU)B|#m*}IINhT@wQ30oo*Q~*0e&RtlnbmWmn;4X%Ykl5)x)vmGsxRmFV
z1LIN-j7i3)Fec@JUvH<4*HE)rIK*C<r!_RNR%{RKUsKE}a%5VWjW6t+pIkL5$2`q#
z%ZH7FvY-`)r}GvD92N*ba(t72`=j3Y94L$82Ai0cXgl&J!wEn&jEGDn$Bz#)sT-Z*
zlR=dRK9<9So6Mgj+rBX-->$Asijm|pE^tRt>JlVo|6n}bP_QvLFj>p^K?65(p{S`R
z<3&?Jl}??p^zJ4_!yROSt}xbX&LK=<KHhnSm+M3#1+C%l{teI?F7aHU_?rbSx(Eed
zft}~oJ3*792OuWLb?==4)5uvX*e4GtS!Rpm3Qa|Eg@Gg|$y}1JVYO5nCx~FQ#Oa2S
zfKj?37-W-&M&hbAHk+Cn{}pc|nfsh$w24edUSi>IXuu({K+v;pj_3hh=|`U<$95r!
zZp9>0lj1rQdy!Y%4Sa14ep;;id6?_LXd3s^tnb*;tzkwp0W+G$Mg&iTRJjIGM0iFS
zuR%tL$GnxE5dUuU52vPtnBqS7P({wdDAC3gw6Z@tTsKE6<M=u-f!6=)k-5(^yruWI
zNAzv2Sdkk%dJ&Rh&66IXdYu0j8w5Ov?R6^`A-bH5j4L}w13Wt5$oNaUvr8{;u8BfV
zNu7eV0abvc2+VfvksaoCTO_-cCu#XnplKOmTQk_~zo*MujOYe)K*5&jCqH87D+S`{
z-QF+T?Z1QFW1xM}irJvqP2UH5c*^QUH@!U3^$vG)Gr>O<7npGbyebwUUK}v>nvr~D
z9%9MFhaPM0=~>C{{01ysICcv<pL6HEudIVKO!W>p?X9-$4uno)yv!iHq{U#4=$t3@
ze2EkVVgCaG{GpKYM{K5WZQn0*rPlqGr$=36g4G(ON|~_~cUK|wD)I0iUpLGAx4gVl
zJW##}iD!pFz?LMlX-GB`Ux&jO)HJqmhG|R3=<d|s`uv=mwxG;MYxh`5D_~GLX>TmE
zuis&s!>WK&x3{^9GxafZLFcI_%@djR@jnuO4;Qb7%3OrQT>t4AwLhuY2TH4G)P?ut
zk=S7r>sE}x3es!bXT#23E*!sw0Q|wpH)(BoPlnp_Y;9|>o7sW7QHhVf>uMIz7J2i+
zqsv5hoB0q_anh;X@9OjO=2cQ_h4tn0{Vp4W$%4sBs8nFHVj&nn^ALm0LJh&ZZ9m?u
zQAMs8emi`uc2N`U`iS&3IrwXJg!(RJ3h@UN=4`~w*RiS}r3*d`Z4m=<49-+?p}~DT
z$)<xmw_jcDb}5$72gR8c5~fHbjFz_G>kW)^;odV~u&HB@zc^FiEUv=?gETijYx3iB
z{Eaa?@HkMJ&2X4=)Kj8sJcW(PgO_VObpkS_qDe~Q)MInV<K4VTr?f&8+5V}WE8~6|
zsD&*ZqzPyacF@1#++BVj)Ls&fAREuJclR|Q_j8~2a1cjwY;I%EKu>fa`_AZegYxUb
z*D`0@onyYg1hZl+`JXcNJMqur;^=0D?69YNOq7XknTH|Vx`|BmlXx0byl?bF9zq{V
z=r&F4m-@P&Pu1ItF+z)_l;2Tj%n*luVf{l4@Y_v=?LRYWVS8=_v$$b;B+lK<_q|Op
zVt8B;#6Uz^8R-MUa;M%50aL-EPh$C#=FVJy-8{FX9!_1p-u4?$HNKSS$xYj7<Eot-
zh<~%f8#2d_PwU(88|?=0Xi=G!ahMg<cWZi`VzTFUSCw<gaO@a2$ot@p3*F^;0hV~G
zE(QDti{NrfD_w-7u`=$%msmKlP1N5Om)Ai|2M01j>v-qyTAt(#$uh1kanAI3I3$Tw
zfC@b7kT?>C2Hht~Ov-TMvD(D&C)joud-(Bp2foEvV07}Ud%2W)E%lg1QIRukdL*q%
z8|tkG=5*_GA>aH|Tm<;=p@t85OEkOG<72$s1H)V2n)MK0$a<1*mzGC!i;UNF%T;>9
z7y25->y`9`yOB18Tc7#O0~3K~O>>q(+e2$x)pb!I;zUp9;^~oF(cAc`;HuPnmg|Yc
zm8LEzFnoLK$aejG-|_kY69An#i~{0NphQiF7ida^`Zdqe$RS4wv;T=6Upz(}Cg_QM
zhWCu2Uti}(+Otg3m#t30V(qs1l3Q}x2>uz5b$tB1gxMdI2_+r=+mj)LZ!qieYvwS1
z@pv@pJ@QJSV8pXd6+QDgYZ)uELWqnWRp0jcxrLT$O2Ow%%e4*}%abD5yS;ZtSxu|q
zRpw<cWhzf+rrkdzFDTzW-gE5oBXA;|+>g5aOVw`JWw}J@RPxg3S7xc`I6v}~JgM--
z(^qfTzfk)y2L{z7#=NE}C(;!}{}<<j>jH=c8QiG^Va7F?Y$<5rRLEm+9;w#lxbc`>
zgD3A?P+(fy66n}2nIIGbkw(udOl4kmol0IfI*rBlED6*fI4t#dXda{mxAjyL{FWv?
z<L8lV)zaz<&C>evTMKQ<6sGSRJBseBpUIUJ$%B|t?c`n4Qzx~E^fe!-ND1bv{&XQz
zO@JE*KH`=}tG!^Auv{INj8<DFZ?Nn~1rS%!t#fsjAqm7|zv_pK*gT7h<i*t;v-ggc
zuse3FuX;SWji_Gp_b*S~hUsyh2`|Q!*s%5^UjNQHR#^IR^y3)}bt~zkA@uyWm9gTl
z+?j^NztTuz+v0tW#1(VVT^PjIkN=OH6+UK-3mIlY7&$l9@G|MZ3KPYogtkZXri@qk
zTE4<|BSa`e8ugUoE_Oa~S=zN<YeJa*&hqSt`MPrCz-s#Y?N0|+@1|d$tuhz#C{{tF
zJL)xN0aanL=3D4%XTYRZ_$9}__D_s`8`gTnKZ(&AOFfRhGlSt`1!c$$zk+|DuT0ab
zub775G5>9r6Tl`}tB51M_&R*)4<7%4<Jf~{^Ch+xa~K{R$3;uk)#hKGRtFsCeCpP0
zue|um%k<@A)Q^+gJLstV`p)&aP-A>*UO4^My$LjV{)SqSt@lR#uHsWvMp?oVDk;3>
zEW;w)onaFC8E9CV^S~gfAkt#q*oG6r4Y893<bQTz-`2)8cF)!`^C^|m_nGPh&0XUe
zKO`U<w-|#sf>?u{9c%T#yOQ#}z62d8=97lCt{63Q?X9cP8>xy&&K(P;^Hl}cZhI@p
zk5WT9UQWo{>#3U}h!fp}Yrfug)vlZy9p_==L?jqhK6|RQhn;X2c96(|3g~3l2sEvX
zNS`8T6mL&?KR&AY`s+_yF%mvo&bZeF2{W=GrVr7AE7kr_izT*U3m9YCWx#{&aqLZ?
z#MGuTB*#P>Z!@)tkeS<kT|qJBih2p_E!Ti|bp?K&sOzsN_6|oQ)3{rI)*alamF-l#
znHWj2P)_yBq4)rJZAX_~&skB>RAY##ak1=OK8mv0J#c<SDg#>j<4^mL;{8!sP;pu5
zHATAvDVa2vy53QhlK1<Ks=HTh!1uR4#A<y=#5j!ZR5)S5eQWSpJaL$erk(>r(dlgp
zHJw69R^2I@V)wS!0y9OywFqLisz#x?;`YFhvd8cZ9RFcp5ZnI1!C>PgiN0spZ3D)t
zR}TX5A0F{M!m=l$+7$Vm2G0DDLh39+I~~34@+I(=8!HPBZQKWih`G26;h}!gK=hMr
zv(=b<6Bf5)R3mu*)*g-p7e|tVlI*0gUij0;?o3aTtYx!1YPN@V0J&+|u;+Yd^GGs+
z_@#gS=_+0+DvKd5YlPM^BFRg;7ydFQ%?rU#$-oO(>Lly_N@8DRSnGON43QrE_$qNX
zY~$UqjYDo;Nbhf#u20;E3eSV4J!aPvm5yk@J5Hrn8@0J$ZBn<%ANlTMD^8>JY=ifb
zr+|_#=7mR5-UjD}rvp4^YRKT<Fc};&2n!<D(ReqmmS!i~oXJ+cVhDWuBu^V8p5i|O
zEp3fij4peY0e)~D7W2Xzt;Ql7FxN4_q_<GWXzn@S)aVfx&V%nAe5TM<5M;PbX^s9G
zv;IDUYWqpm)!v-oXj~Z(Al|nff4uHDc4mlOcgZ5rB^U(<l}FtABYQR>#4UmzkSF4I
zF!{@#YN>Y3+?vCf_v>nf%ymCav0NGVH1tH!M*eAlz13X~{D}Av!icRcJ`_BF57imF
zNw5?&6AnYw52FB}*LCaFie-eIM8>m>)h$fNSM`7>hX(1)`YFCC;F(}K##J$VX`sZg
zV|iM1`$S8M1k}{@o|Foj^Mgddf^&SL;mt1pO$^{EZ`|Wur&aBYE1Lz?wT5Nt@6Z*l
z#-wA%Y#7yX4oYcylDKh{okcF>mcMYzOY2ou8rRm~PRlC>GABO>jfum4vwjnRZ1OWQ
z#u3D?!zZd1F`Bv$2tBKO@dQ_I8p%`OL;S}?@>T?r>%>;38xvM<q(7*e$Ks8v_n1i^
znLnW#^|5>qYq&t}>&%5y+x4Kq_GFK8QoYBR|C~@t9v_1Ci3|b>?)gNOTBU*4!ZG^r
z^wi6lXug4H51jsKfOw*@5?mp2UVJy7KPamOgfk0totku)M8Wa?&8vgqYLVgXpTqwg
zFSGGabKPzYfBNS8fzdZMRO3|haOSrU8yYGh_F{CU@(K$MChlXuSqibNbAiz0yIhJ&
zA5E=j8eF}yPNBIh5n!k%NZQRCVV&A{=HmlQ8jjB{a;-Mvgq#jfa;=69(J)|TL1|7T
z1GK_O3ygI+QWZUkid2M`z{tUDb2eDYLr=Qb56l%CnVj~88S%f>TZqwMtE2s1y`P<E
zOPA{D&LT_9T$(SW6I01-1Cg^c6LXDp-_}w2@=t{_ex==<DhmiYQk0(QpTE}T8cgO-
z_7A2iv-ulM<Coby2Q86*_NUv(6y-=o5VpNatVR~YaVw<BNkUVJ`jR}kZ}|Vv2W%JM
zADr^Ve`Q&pnhjl&7xJZ**QFoj+s_^ugO%0XFh3HG1H!6#>(w*nYqtWOmfY4U$F&-u
zWai6$9NVR(S~@dzt|A$x4kr6<Bi~xpNz-{<n_jYIvkBp-rRLC4(u85<Uk?HpR5G+$
zXtWnwq7Ts`+hH|+?^SrGjm#y-s^W*wV&w??|9}3riO)jgM8<*;7xy~RlzU`B2K(27
zK^VIK9f%;Rsi%qyFq71f&Xs<l64N==pm~soPF)Viv0#b%qd<q9YmN%O;<j@Bpwi|Y
zU#m00L__+-i6KAwANdd(@H4bJe`;SeMgL42s5A<1CG_lza!sHBlkE;$-!5mT^M833
zq0?dcCgc#7W>vC`+I$a%X+`MeiU^WLKRZB0ST~(u^y92Owfo!TXwQ6r+q<rN(Dp@D
zZos?)%C9&O=+mvzhzrU+CwRT6|K4NI57aXKZdOeWj|&((+{aYQX`4h3SLE22IMi@s
z&H0myCeE?s;OHqZ=)bK1Eq{7eLUlu_O8&->y#L6z=HPiTsEQA9{C^cQSRrSs0X`Ro
z8M(H$C3BF^6nleWdV7NcvG%8SXV<CL+YY-sz<iXRTHWX{=L^rS&g<aVuXT!`1Fkxm
zrhYZ)ZEwe{T>tIuYQMeMTvmYMRc0c={`n4{Ye!<#hiTl#TilPS;+h4P#Aut2@q4HK
zrXBf{mZl%m@1g6Cl?7Em?v8M4WaFd$6csRijR$abnVe!AzJ;L44)OZq4Hy93$1p><
z^d(zNFtrz^NjmgM-BxPP)LYVj*&)_C1x2D-e5n4dg=4_s3Shx?b#z?%noCh~HE1sE
zS6*3PqcA$L*-oOh3gB6JTOgdDZ4DH?K|dP6&jcC<EF8i5BB6Ej5j@mbe=|u478Wd%
zWTO_%;XuxPr3`z9tn0~3bJZ)<xlkBnV%PDor2oqyM{0OhFw${^u+lp_{MQW$!`P{D
z1K6mqb@9M<dplq>%SMa5`tCXq`@$zYY^Q>Sah_F$!8$O=yf7QSGK_i@F#2O{lLXSK
zpL+Cnz&)&^s%@F$mlB>5Y?l80emu)Lf^R#_cJM}x{&O{R>3z$_-}<VnCx2<Sl~jV3
zi!0aPu+=3)98=Gw0j@p^XoKL?cUP$6SzuJgXkK2G;hJrp4hyKOdLPZjk(KXn^lHq)
zhhqRZ(t{>TK3`#%r!m~H_W3D`zv}mvIDP)caY)}0?EyxO`F20v$n4_b;=09}bN?#C
z^)cM_6;4@uTJ`*es+t0O1gDA>S#MNO#jsw>`Yc78-Nao1sbI2BmXOz0^%Cgb>8znl
zeibS~@?*007RuG>g+F1SoWhVI1H`oq{!Us=W#T&G8H0Ih^Vj7O7%WG>_|`}TiJ>SR
z`_ndF6gDJ?hHU*!SbyiMDf>T-j@X8cG-ubXb<4`l@2B1RI%~}2w-SiM+yvU|;c%Mr
zbqTNIBibO22aeYu^{b_NmQTg=7SqeUrQ{7;&oTl?A#=&)_iP;iv4#D-H<*dd!&f_{
zAM%$Nqkag?`S+n2t6Hx{lQVj#U5I0kqWIO^NtQ(_`LJ-T_djTyOHCW3W2hZsYb)sn
zX&dZxy)1ofv1=fr4Vorn8vTN_o>Y3KYm<;>_3U5@6bEn^lMVl(E3=E;u#aAfq{@W?
zxo5d|9O&+vsj_}EWsf??s_T5zby+k1#O@k6%^{yc@GIi=#<q!*!2+DAqsvawN(JL$
z_Kx<`#$^WmIsaV$Sl?q}2?kFpiO^s^UR0Y~bM>OUbS&<o$+wyW@y?WQCidsrY9w>H
zhY(H!s*>gks&@GH4$4eR0JCAbI6|Yw<`~+ae8d!{nj2|})L5p)Y_Nh#4L+7B3)P5z
zm{f*rJc_KVaS2H(bqbx~hmlvwoO+!nJXTDpL<Z#lfo&q6*ryvAF#=qt^2D0EP)DfI
zlgUZXS6pm+h_kbv{s)0#85C0EyF&7OVEe5ElbB?ZPM~{xtSmR>c+tC+1vFMIC!!{g
zIQFOb59UA|(?`qcKuc4#MppEZgU9t;lvMuIg9{Q3G!X3GbIUV8`)~VT2PB2yR1}4k
z<uFH%iKgMg#{BQoIUDUNI!ivUf~!<;!m7TSl!abVp*uQq+Hj3p4%ixVSc_NzaeG)P
z_;#=Zt-1AM8yTCD%ysy@o0lF3ID=q#uoE+vOxDyNa{AEYLBT8oIBe`14IST~DLbhH
z9Z1qrL*o>e0Sr`*hytDLg#W4-4YNPfr(hO3Rb8C{hM#EqC2h?Y9VfuYoL;@#d}?^K
z@m5ur0I(4JWn2YN->L}lDKb2{6<oksZ(lB`&kJVOxd)4bn&$Q<?o}>t^RBD}H`hK7
za<WI{@w=x&!mrM5%0Qj-H;1>TKoeiiL^k}P5aLMnwbxy$OvYaY24pf|3Ve?inl;NW
z@6(EFE0<@XxEx3y2Uh&-@(j`To6n>CQau8g<bc0Txs-c8c9`hce~a$E=1!pXKJKNd
zf!l{`0AZ%rpZtSmdgD+d1WU2MJ4JO4L%Qi|rwyHfr`dv2Ajj=p6lAX^F!g-Lvhmkc
zCINrBf(6I1GtKaoXaTOr^L2^&bE{Q;CFXNvwhlvf3`bZJSSjN@TrE**^b|1^Fqh-a
z{%U#hQus8!j~^#li!oh5NtYetAM!wDBJF=xuR?xuGwx5yw47PHXDy1bKz#O4@F;Ee
z3YCA{uP#Ns)rdD^G<BQs_4TbpB8~&)GXILY+}YdBaMyT^Bv5)W&sjuuyA8$3v(S}O
zb_?wjBKFeFZ5j`t!4d<C)fWo3gstVB)GJhCzm9-J{g<aD&wCRT2UA<rC6-7qdue(M
zX)%A39UJoacLS}5W@98g*^>4x3N0^%JMCSP(K|9;LepKsjTbU&|JfrAF)fn|6>T`o
z9y4ri-NYnncH>nmscABp_hi(iJWO2)s7%Y90Q)d_6Qui;JEtRY<M_m<$jll`YawR!
zI|orr<`uYuyAoWt8lJ$rj1b3TJ^A;+)`GxyWqWQ~b@t(eZO-pgU^v9PYC_){UDmxn
zeNYX?=5ie$(<Z<4+l1*4KE;oZ6v%4lu(93^rJyqJJw%I4xb`Nn{-B8vz_`Du*?d~$
zASZ2Zc1GEJn#oEYA6K`2{g#w;>kZ%P^{Id~)xjh))tme+{;F?+5s=-R2!j4^=|2|`
zm<HYrfClZ19cxsgLIRZ33s2(>-4NRR&8EIh>AP(@Ru>5KG}f#5Tng{YAr&tgvWg)8
z4&XJuH6!c!Ja6?AMkXu=q@KB?A)$+t>*rDx)I0iyd9<>&Ad@{<lGv~?a+I+Ma!qvx
z){}`QmM=a#sBtt|Bo}5wxH9Fom--C??{OtBRZfRo3o!i)5%G8z3kCKBlwQkv*-OwO
zDalfIsl!DD&fcOK`S&oB|4C@o;o1U24f~#=g-oUa5<bX?w4}trAy3~qot=B-d+CWi
z6xP(!;VGzw5Gd?yC5@jH0tTgzCvX|*WGJ84IF1=8an^!euO$G)Bw1#5C9EsV%~8Du
zj|*oLM>vQ&!nBl*;ycS~b;c^}Z;k-$_1eL(9X<{>;b#T{HMY}4rYYc9YdPipML@4{
zR9joHC7Rr+OB7$9HRmsjJ~yZ7`v`aV!M!AOfA<WX%$+s@qUhZ}XhrU(H-q3C^biZM
ziXkb>q@XCTE{6?1%MkAHMr%3s?|X(tCSEu<^Z8wtxW6?odc1EshR{0tZF_@<aGC#H
zhC!})uq$ry>_*iNkkK1{vg4{K&-=mKoY!p`IX~>VMB$F8YN`xN>;D>NEL8FOGTcEW
z_CEA#g`U@RIu~|@erU@dP26fcmumH}XVhq4$guqGX8##ZD02<amr41e4<o7a$|T6P
zd0SJ5J5Qbxug39|;0eB#r32>ix`P}lYWB*m9B>EraH`FVMb1@0Et^PFQYvzAy~b`i
zc_o2Yqm5DH%G&XVA&Ge`9r3zBEP6DZt;xp1@kr#o%4tG3@RHpw_^3>0KKy}g{P4!_
zDC710{xz;QwlO;5`LQ~>JBatThp|_@@|fW9YSwol#hPA7GF$sg^;NfD7J<hC{YCfr
z=UWT+>^~vtm%_KttvLxtQ)BEJerzC){dy~ZoMIz>JC)Y;lxaF%X!P-VL)iDXs?CSw
z*UpHgt%jb@e`f=g`CgYD2+&}ZHYQ&2eT0#o4*sXnhbkX}CY`=_L+g=GaGkJ0XJ+mw
z>$vIvI@L!07)|jZz%uTF``si@fekYu^HDtXTlIR=ix!|M`%B*J74AhY?l-7O;br3O
z&9Emw(L{t71?_xBrN1XNor^`1RMA!eyKy^qwxzHbt3Y4=)f7}kWKj|gt8~b<IXucm
z1eU;3xR`_<M)7pYg`3fP1Lp8E^udvB;2s~M0NYJO=-X;QT!if+lIewztskMAB4_IR
zA=ofh$cqr7|HNs5#3Lg?77$*%Yb4oZH_-JFC(?N0X27g3C3(l}`~X?^(CM9$0nj_}
z!<A62U$?QYE~6}UTPUmH$*KJ(sG=p+!o;R!5S-9i31+nu>&ovW{`-&p4m@3oso6e2
z*9*)9p7jd*hHRQ8aQq@t+$epaR-FiEM4o?0yOp8^@6|snFy0T{z{GoXd#zL(7s|D(
zUFo6`O>G@~tlYtHr7~yPxi5Y|kO*MJl<b`rO#O1;;U`e$8l4{ZC8iM#b-VTkdVl6;
zZBdpj-_aA8CaBLe3nf&<cmnL^@}>QLZ+?7xH4MM<?I-ATR>3gyE`T(~R@vEe(fAjn
zn5wuV|Kq>GrT%UEe%_#BH$QbIUfCE+&vf<Y=?()z0eWSu1?FYjYC95Jo`Ye)!S=hN
z(O9Y)jB_{NhOHDrS<lghS_l84DPZq}cywA-Y5HqcJFAja9&l}Ng13*faWcPxbm)EG
zfqntdvIhKN(OrPD7Twg%kb=WI5?ndFt8dJrd*2VmRohdfd}`=V@1Yxw*5^Xsw~PO2
z)aAn71%Rz`j(iV(`*P*J<mE}$C8@XC#0}WwMo76WHq>s;Vo_z>cEdI4mieVBZbboY
zCjfsh@-?)9omZljJ!w<ByM$vz`CMeIAjV?fNTI6QCYWBiB+ys0sf;-H6Jd4D&w~?%
zt4zYzBsNT9a}NvGOzc!UVQ-%ypW7{Bt;`=Of6~xIoG7W^?%+G8bJ{RyOqinCD`n42
zPJ|@=07y)AZX^KmjVgv%2`0d>t;ne{r7BmG)OgL)$=FkstBQ}{gUJn(!D1+Xj7Zz9
zI{S#SJX?Wvc-M7XQ-fy#lGOEHUfufSh1%u*{;4g~MEgx+<IKzQ=tEZzr=|&0?e6P}
z%@7v^Z_$$gr*EF?->%RbD($zF+=?nSTOZjOy}<GRK3*oZ*2-i=zB~zJuuaY7Bq8l<
z0<R~*C<v<$n_7F(6!l&L&Mv(BH4%Bo>enOsnQBd+#UJK(gR+b@S^CbTa#MO@pY$Gk
z(wn}k^IzbsBfMg-9=G1yN7e@D+?5ioS_DV^@lVqS`Ol&smvB@X=qiPna<Qbo1r<bQ
ztz!jNRKU8_0NO8{x<P&!lkvPXHcH>wm$qA!<bleId?`f%*T1F(Wp(q4$bNnPi>y$G
zpGT)O`FqbB*PUrPCst6(Z5t)Nk8uDSE1k%i*kuL&Pq&G}L2v3HjMV0%#=V|ZEakmz
z+7q=3YNv`i#B@eZtlvj27FwGZb!lTh|4}jkR$mY@vq=j;6uTehUVP=K!6sF0e*eKI
z{Zadh>sO<mS%*^A^B0P}G+1~1DB`iskO;pCZgs(-e0gX%RWXOrTYikcgF<nvt#ZA1
z{#^p(MmEJSqgXqmELJ`swiXv&@*(YPShQ80@;W~$;27&Gfgn;I?(s|hRQ(911ZLZw
zA0;M#KjqHde=>>VZccik)B3hEUb=qix1E}GdMRkqP1X0mwN=N7)_w+Rr89hUBlV$0
zE>nz1g4J;yN>7(>z6Ik_92s`N|F~o~c63Zbv;SOs{n?w&KBD*MADJkew-cJcn@0Qg
zvu2$4X`GqWbHpb5h4T}DRe!Cu>T*yruLUpy?{+B*$zbW<^=O<T&PBJH9zmxPEkpWc
zhkJo2bl4OGCn=vfZUf+ivX2ixGckt^o#Cf3oRzi5sZ;q-qWa69GB3Xh^UIcm>cwB^
zSqPnFp;$PuBTN_n9R>;u;|ufrlolF#?wNzLs!@6Q(xYP^*q3Eujg8*&=i@p-uC{D<
zPWf{DwzzjsX79YNf%CA^8E-n#fgdd5?vRv!DO2T!`_<Bd>2p0_jKyEeI1nj?+3LJe
zcO|*Bd-h>wV5ve=sP9K0Rx*rfmX&eEorJRV5!P9RMcad4ocq2qm;HKX(mBZqvJQlw
zGJc=EASB(;qLOZCl*k^Bzq~k8(hN`F%J!LWy|3lDbIa-)D!M;izc^r1Q75i<C7bSa
zH0*9v8s?mZ`4`y=Cb1dVT#XKfW#9TG|5JFySZzvoCK)l-p{Gkf`cLg%@=Ou^{?X_E
zRqID;Jd!b{*ZEndJ39<^fj$o4yT?#l@>E>IQE#KQT75u`f>`daCqEYUjI?BeXa(G7
z3Qz?C8`Vali@5?CDiN7X)TV0Z--?Wi24LVK^-3-g-Zh`uH7^bt68)~6N@1bTBUIwm
zN75q-#d+3eq1g#_uct`y6KK?BzJO#1rL3@KD@|ljLNw03xV$X^#DIT{F+Rk=*x+Zu
z=;~NO8x&TrE8zY0T6-_Hvz^c_Zxb4C{;|kvn5ynNG(U(##jPo)C|8h2+U+>gkxhVy
zE&gt+5X>a|qdOI3uPt6EFw1H!`es+4aRKwDjL7E1u=#h<P)dn76pjlC-U<W0dQE$`
zofSna2UwVDJ*UuVw~a*2T!?~@;*=s6bjfpg7ld_s5k~)=QWz#~9&pib4h`<&NmyB#
z){1fzGVlp)P=p2*uFQlEjF^Ka*2X{0TR0(Ewzko$NV?)D;+9`gtH-LA4FIZ`I64Oc
zjSx%=wO0e{zq48E-};*y4+1j}tTO}bi6KEQyF;1XE3>$bK>}o`F~P6mgt7DbQ?GyB
z&cF;yg=GNoe}SD@00^8C4_aBaRb9KF>&(T|Hn5JaqQy$Dq%Dx;+Te4aB`G)E4tnZz
z!d0mtSu_94S6|RKT-EGMpfM8jhJwI3TTWsO*4TippHm$BiEb*S7f92$jpxoh(O*K!
z{h6^!`F!M*LNT{qYPl8lsZl}ZFN8{hml^sBe<yP@92HnLz9_OVk{Bz8u^WU0^)R1F
zxMZ+C=iO-~6t5U|8vk^V?AbDS+;I18U=1X(K31erC&04bp+(drP7T$D&GAVjn923K
z@x-6o;my+__qGC|r7~ja{r*e?E)3d~Cw)pCwh=#=gLl{4>v8`D9s*!TXQquWE=-K`
zlHd@92Fw*%l|o;2gmn?^cVLtB7U#t{hV{ltY6V%<VN?2vnU(o7acCI2-5gIagAj38
zU7dQu9cN#~mprzZ?G@#IDs$fV6(r9_e=q<EN`M9i2<5`9Z00J>uE4rc>7CLonu^2S
z_ErjQ`qUBg1+rjqL)Ty`S^#XegTOQws;5#0n{-KSsjP3u+)$51p-$__BzN);$@suc
zJ4h@Ef>M?Y$?@UM`25rAjT?;0HGY=Lj*i6Tn@F;~*e=+MdOI&$L+1v`Kq{=jH;3<Y
zS`M17p*ACNj0_wNG%_R8-33=Qyw_=-vuch9`U=52sAv0zGN`cjt&~zjFbe~c!6yt~
z(;w{)-zdL`DSYNhE|pM_#15*qH&T><Dy%iv;f?;c{2WFWZ27F;%g@1<pYKS5Ee}JU
zvwM?p0v9k~g!5JIs-jLH!HIpGdx|u{)#ua|GCdLSbuu~Fo4$}*G_@_toBnqsD|^a_
zSW1Lu$b%N~lE(6rP!zfRy7WcKon-!f_~A*F&5QLle!7+oX2jC}s&iHFhCK3UhPFpp
z&T%N0E=_lp^EreB4hde4SO%QI9*9Z67s#3QKxC)!%X_P{y3t$AI{L-}%$-_t5sz;_
ztQ3=uDK1<)192uY$++Yt%Kz%_0N$_}Wnv<}SYC+Av&)(nR{Rqgo0Q?=>$xBNN(f(1
z@jD)mxDF~{O>ToiOoaaqywA=GmnTt6lvg`9<*h8#-A+u!&D~m+)d4>=2Z(UbVnY)~
zCMezU4dj9w+*VeE9J2Q~LEfdgX2S(P&aJ~pErW0GYvxJi?bysox`Ty)raOIxiBRiB
z_!(ca2|22=zl2r9_rnM?$7iKux@oTW%wUG>9D&~=ckyTFOZ4z#M!AzrwMZjHssGC!
zlk0u~dlBmUSW)Vl^`?bu-!N*=>W?7iQ*{S}N|=*z!Adhu8Vfh+`&Lj|&m*_1J7ZTe
z!uA!L-pbr7k@+2Y*cEPoP-13wZg~+2%Fj2tsz95@ZL_0o^TNI%GwL5OzMVs;yr_$$
zzY~n3U(F=^EcdLA9Qrf><J3;<gBYY+6o7D-ByEh8HN|M5fgXw{P$#5*yHvdX<z?9u
zE-Z)1h4^v(gGLX!rtd5DO<PMx);oJ@bzNQKw0UitWNx-i8WU)snt6rDOh=sjGn)$W
zNbL#bF_XMGu}smu!A>uni4rnndBp#TZwl|H9ZT98tCuR?r8Yo0_pv%MFPULZ(~y=)
zjL~Ruqa;uK8c`e<{?k7;ohHq}mCsTm!i0yFJRnBw$eC3+Stp52HF0R>!HnF!p;S4H
zVYz>WepL&EyIp!W;3a)^q+a>>7j9%i3~KPY?C^>5kfT20l-IR{8Z2GckjV0Z-+ZMH
z1ZG8C-@V#<;;k8C@UVS05K<Rx`(3c@vs3A`njbFiX?uaeVaw(7drmVe;~0-#X@&$$
znPM4Bc+-jnS26{<j@syH_v*UBkUju&_cUNWH|jaVAEV)5k|@^<F{wfO_VS6`w|eep
ztYK_RxG79unft{yKfeQ>ccuqL)y&o74L{hd@jS-2H9?kd9UbOF%`V(gJs0QF9@j8b
zYjo*zvfX4)&eMj17s8q=cR_0yrJ4(K*1y)yr$hxHW(DWaed`K&>v7Pi$D{Ed<BOKT
zB@BhQqOr+nR<OQ048V+7s@L>w`iz<jYDiFU6`28CXwo4%WXROohSDzcxJKvMlwMKo
zioOl%zY1WA5#M6$b^9U?u62+RB;w{BUc<AEO5zU7B@W6$kJJ3^>zzHSTv~^b`jeS~
zedYdn?2#lcdADZ=${hB;;!<y^^4Rk4k%&d#`);8pYdqoPZg#tEK6B_^`NJXLH?DC1
zV^PeGnw{!)k%rKlQ=xC%*d?NLUAf(?LYU-3NThZDk3$<r|2UMmY)iF@7jB>s?C~h6
z%SB<w%D5VXm(x>i@J^G|MDdM4O3<ksAcvjH%BpfaN0MN7WuzjIMB;u_Y&vaaCSwKI
zCKIxr8an>57A4uxDF)m!4aPPr{~GE!siwkY$`K|ju72?ku^-y?egrkYd4V$c(}tz)
z$;0Tw7_noYhrVNQFjvQz#XGv6C%F?Rv;9hR7Pjc5W`|=;=4>wyk4|UkL@N5XUo?E}
z3$4)JbDQ13+|3N&=Y<RdK7SIdaD9osj*!?s=1<y-adLv^Cp*7vPiMH$#E7~@R-rDd
z#^Q>#DF){>pz{B)wY<%wM!w&~_6Tv^ci}j>1UJ8Wn}h#+8TnD)eg})whnK@SeTy53
z90JLMssW5jruW)F`1PIlUTXw3b(AWs?In@0{SJ`%1glg>p_#_`H^yCjkt~vVbCY%=
z_JZolw+hWyhIVbx;IJk59o<7sE@d}D6$V(Un)Q0}$BS5pl%Ib{v?HVtfvGXaDa@m{
zMF9P*pq;@8A!;_2ziY_%E5nvZMN?YqWu_%sz#2>%^zPnpl_GR0L|y@0lKie#DiFpC
zHT#wS8KC{Xd{LXS3+#um&E57mB3?r4mmort?d8`|<{yXHZ_7W}*XCB5c$D+Rw5XF#
zC^I;ob?I1-46Sc*oXgVbuo=r$tj6$@kOVFK+~jIfxty3<D4&bK2+QR>8+~l;tI<NM
zb_nOLdtlHEOwJp|Km7xhp)jb#gF$5{3@X_MA`jez@sV||>@A}E#c`^`Xhgb>p!78Q
z%&2R6@lPL&qlAw+=DeNxC9d`4B>xOTNT|z?=PceOkk6nB)u#7O*R>zUr}Q?F`i_4V
zCfy1%fcEM3c9T7I5>coPrmRkl>i`E9hK^JF?%F8RH-GS=f-x(TU*^3F8pBHjD9w4<
z$L^ev3Wwl`Uk=2#*0w3_k!-0OX9PSXS(y)-pk5{V-bG&Kz3tKGf<AW7y2d6Iw?*xK
zv66G-xjuHv^8{aP6Q?`dv$d+|yV}Hex}wavmW}tG*17LT7JxAifhvhQ_;WkAkEA*S
z1o>u8ya}O~<5V6ZGGj}x&KG2-e6$*8l)<VlrwF-+zh?pp2xsyJT9J;u8<+xhT%wNX
zU}KXMvJSkRMf@Q;E@+->IMQzjoQ->udh0g|r8W)M`5F0nhu#ffU5CU39Q~(BatDiQ
z^8nV08cdb4*+RRNcMq9OI_AxlO4_X4D)D}a{s{B!JuiQ=)NybuS9hK`n>4nxu~9e%
zXMGDl<FdQgV~+!yN{q~MB^*^J$tvUjJV<Mx?kc{Fnr*Y?m1)ALFGPPT^n&`!;|VAD
z>$r-5E&2x~p5OneK94o}e@tC<RF_TDR;0T-B&53=>FyHg?(Vz=1f)Tv8>E%)?(XjH
zM!LVB`0Dfh!C?>Q=FINQ>@~BqGqWJ83+UTA=3%HUgwN=e&2->ndL|DVFwCSa?@TE)
zB>Y^^c`EJEeZG!}&?@$BQitNZv5`|#a@zI)y_T1Z74uOGDhP5dM)D8RS22)R@yb}Z
z!xvz@ix>>yL{k(gG1=lGfoT`%Rf-J=(GpO;8j>I+ulgsrxf)@>0wg&LkmQaASc}Un
z8eEyex|Xxgj&*I9ryzYKyU16bjjx%|LcJbp`ja&1SayH+YvLf-JQdR2*wMIZGRZKv
zTc)$TZRU0lhTO|}oqq|%ar53S^5pu>g7^brTA1M<$2FQMVoM)?z|f9%CUwV$UKk~?
zvWpm&B^s#HczbcLE>;FRKwCZ2f6f^3AGGxn;1A#h87{2|42~hrB?Plu8RnMZ=mREV
zvlBdaLjs}q_ZOP{jIgHjF?~dVldPIz8%HMZZE6m_L_L;y;C--Zsmb=f+dU!2;&#71
zwU{;++X+4({`_Q-PH>Uj7q+`q@L>X=XrA}cJeV{n=NwuhC^X2jcDkFZB9zS^68ljj
z?p(pa@<tVf@!U19(CNKtXPS+TtSw=2iVmHbrqeYPQ75QOQD=-Ps#?+?=@6}5!;;x{
zTYq`5;S0w(<IBj<jpflI-hI8U-I?#*gH{*GFuuCmd2h7u$>-)bxhG7vz~4jyB?e1p
zHx^rbTXuF!rm?^Z%%0frzK?&_8T5ngCWk32a5nEwI-9OVMU^mX$@rq=r}<HVRVT#e
zuJqvKyw|A8!Q-^oI9YPAd%zz3Fii{&7ZQuZvS?UJ(94Lhqj!(N=N+F0G>0qPqXrrZ
z9Tp_XHDHuhFdm->#uAYb{V(M*UY$EEg(D&wFIk<Qc(b-U`&a)3qSpC{A07hJQJdM9
zI5O@<#1B-fHiMtDevGmK46NRaRRpgjKh+`1fyHDto=c}u_=aXQl9$rK=uw_%mCMRv
z>L_6<0SKa*r-n%jy#(Umis+lgUj?IpIXEhJ?Ee2qgL5mSaUk~NC4<uo{sNKy+WJB|
zOAc(0s;Jrn6<JRnO6GfH5CNUkFyac5xU*~iH1!2XaKVvVMmTlPCC8L@Y^5pWv5k08
zI)ROAo~+;i!9k&Iz?05hc`^pK>XD9;FV@nj&UoIiM$&B~5WOJ$?7w}t23M$qHH9Pv
z*c{2mWqoLHQ2QaxLdm7Hl^?WYZXw1eldYPQ`@TJCn93uDtLr>8E$>GtXBTLJ#`<z+
zTIGi=(E&vF=N~9B>bPy)o1=WtzsPXgYZw_v4O+9+J(+=NDr0V=XTAi2hLz)1*3cjA
zQ`URGbpfJyG8$SNOjHMczd4*Gr=eTeFFOSl)Z_r+$-tw$Uy#^s{`E_Ne=%CGi8w_(
z`hmao{w*KgV@-7(7g|oTtXWxHvDOCe<(*{-l=D+o`oMgZwqtGoafTDM=b79N#-+R@
zPxzCy%cbq}IiRNgUE%rH*2E5QJC|ly>w~ljU<1s|?mlA`_#3*PW!Qb`xN@Uuxwf_L
z&XTC%VKIv8PW#Ewe9|yTU<}niXAU~-1^Oh;MxtCWF~j_IK^S_Rq9g%)W-j&~Eif5}
zaO<ti6*Y{nN4F*(rp32AN;`PGm+hjAETjvG-1x@T8bme?6Qt=y8ViMb!(RYC#Ko%R
z)Syhs#dG5Vi&fGgEryAlp*zdG;|H7P)038ZTW7GlaJ4k^7ze<i-iikCus;NC$kx^5
z$&JG@FTQAQYvbr{R7U$`4>zwPlE}vv)B)n~lB;$8wCL@EY@W<x-?xHDD&=RA{>h$~
zQF^8f8b#k0ucPR(f^0MJR*}TzL53_%{hQ!s5pPXozL!kmzq^kC7lQstBJsqCA(wc@
zT&)dp(}um&y6tqh^rPBxZ`Dg#<#3VVi2I4m8ZhG#%Z;pUmB&wrKlY4*?xdVy9%cCw
z%C&BcW5)^?DR2*SaotgnW)1~TCaIH`N=`5?x26u^i~(xL&-a<fklubzbVUxC2muQR
zqA~CCM-mI)96bNH_oCQ4y<Xa5oG|2O4C>;;;SAc67c=z^8@|KJtl<AMg6EbtWaSe&
zFE9Zpz4%1Xl*U{31e0PURLSbReFuAXY5&GCnl7dUO&{%d4`(l&VK@iae4Or*faOHX
z>a+Lr>o+U7p(C66sgbzB+Q_Bc@IHAx0w>L0K0luUi!{Q=JzeS|hoysyBZ{QbtV(5-
zGDNl#={b=gp8O#1ib<`pO{_<8Q>j9NayBZts;Q_w3#3Fj-F;VT9>a26h|&1;y%9y@
z1pPX$1n}wxbxnfrAFC`4ceojsfRrbysE%Bc_9r8e*`6<@01C;W;mc^`ZMz`TwIjzh
zczD<65^+P4>1?L8-L{169s^eNiXFx<XyLy%jsyAxBC|w6(2+y>@vquJV%jNv5!1k_
zkid*rrw}lJw19@^=-Xlw`_#nNS|-Ulc<Cb{WDVss4cvZEBl2}#x+FgyaID|ADl19+
z^c+o{j~W9Z{K59pOab#PpDds8Y<k%Hdu-n;2B8e^KO-FQ`de6Z(XSZo*UVJqjZy6b
zV7kV|{o9m$`rx>K-7_7J{kNk}oZuc-9`)d#ws8fx`D9N9*`BqQiy<e_)GN*_fw_bd
zvVwre*WA--NeQc}7KK8^Cr*vREVj)yS0YW;^gn@Qj)M;S=f|zXv^y1qd<EC{>j@!R
z_c76yM5HrMqP<m-FC%_`Ev#TC|Jm@*XjsLkp+b?C+tD<BlrrC7J36CXnp=B%+5YK4
z=a^veBZX*jommGE>~H?CaJ=39;63f0&CetGoX2OXC8Sdk`8`e5V#F4=m&i(h63QhP
zxT3Hg<zZVmv>6PFZr+(o{<-KiL!_zqsbdN%$354&u9@oykF)H<K=RRXhVcIDzUV7;
zqQRLdVF8_Sk(ygIZUrRsl^#V!nD?prKD*O0YDDIBSv#e`Sh_y<#nsw`-NbFvQdLWh
z38F>C+@m*Re6|JcrM}9LVbrDM>!#x&#Jq<%`unwk_>pamCf?-olBdn)f`Jc@J4Nbm
zk7P?w_vLe|y=AQLu@o2h|BT?PWO-E&xte<kDBjjnBaf>pAuCKF!(Vj<6<GiC#DL%u
zVe5N&DQm~EKs2I>8>ZkBRJUYrvPcOpD*=z-66ZToW+G37M;PalAOV4G9$_~nEKpg_
z&iFIWS4~IWVy=|tnDuG_S`2pGxQffO4EA@ux)U_{cQJc*L=$UIqE5AuFC%{8AT%uu
zcOS7J%Y8tC0#hS8)^E2kFajvuVUP*>Pm^^CxEBE>?vzmWl$M0<AxR<sAP4PHf6Hq7
z<T9V<b6H2ml?D&-B0hlW^)n|y#ge3FGnZ#Y+JH|hE7A1uVP9z7`$tik0P7!E7W_xQ
zmb9lgN%<rShbhM0LypV3(BP?j<zR9KFC&Yl<XOE{4b6bmg;4>=A8HR5dI|zfF1xBk
zUsVJ|ma3@^&Z2fHQ`rPgC)$i$qS|Y9SKh-W4_1S^I`al-cUFT!=Tz_&N1#lY8L}kb
z+!2VObhwps*l37o1~Zb-?XpIhxGVI)IhTKoruxxQeJ|f%4dS!%Y_D=#kn-$1JDvsL
zO}|!ZhseG8;a1pHVlSTNSeUET#eAcK2{tv`{mopM&HSOTGmHGf-F*nCA@hK@JtK@s
z3EF@RW>=cU$){*s$IIuUr`aE41wl5IGc%8U%`=iE>GOpS0?z!b>nFC&l>yMu#6`^N
zL9Y(J|2%#ljykQgC56=MRO(q*LjD{MP_rL&L{AIQ*j#Sx#LLF9hK6ygj?<g?Zwb)y
z#hKKadON9#kDK&4suRZIygHteuXNGN8tZ~{mVYzl;gp{){Fq;alGks$6&F~ry-j%Y
zWTJ6F96f<jdeq)#b+tZ}OPxLW<LB}W)F3}?!F0Tr+glUr3<I&<ZY7Vw`k<OSU_w*1
zCE&RFhzRiatZPy%u@dhE^qxZ=O!z*oW`nK^pEtt6o<#8=l3J@DA~|4Fq~jiRB`Wxd
z&3uJ!9Q&Vxoj^}vj5`@A8eJho@Gn!o`g_ab{)EJh2jNGtMA<5eH~6fzp?Lf3N2qm<
zl>KzGJsh*W?zO1HZnp)jbG(_UdgRty^nmPD6R0ahD#-hBJN|Xv3G!}D!HODs?(kzF
zL+#0DbL#G+DIjh7KFPw;L|irCheCf5)y7>#1IZ~ja<Dh@03UX(7ply1keyFo1v;iy
zB~m7gm85>Sk)-}_B}ox4)}TVER1wNa_9o`jg)M{<+<NPPu>iERziC8z{SPo<4-SQ)
z)0~LFu&g-)n8JH<N~PI}N|CY!05d5SXSqW*h#!X<)`P|17T!8;`@}`FjyPyl%Q);Y
z9ACxc2->UqY<lke>m)6Ky}>cMpecCPgSNaJ1+@mWwY5flKHht>mT~Hy$d!pZOelez
zI?Z-K!|d17r&lLP(Dd^}$g7X9UoR6OGv2>p?qTaP0ar~%X+8nxhI5xvxP+!A%p@79
zG9_*lc=d0(nEQuFpy>jyK+}Z-P1iV6njOL}e55&3zj-Z<(i>9sOVKbF22#3rOT3ED
zbecuNCxQ-j`n)o!Ce3mfne<j5S^FtgNw)0XbK$j_>%!1=ZVo8ppZhSftUJ8Otnz%L
zwLi@&cl@EvC`kZR8Ec0!M5OmJY8`!$!%l!@^^+Qf7Eq4pU2jKI$;r}CsiMG>Isb<z
z((D9D0&Yr4=^#9@O6cDBI`j@&;GQw5p7lb3|Kws}1;E@{`XaYG*5lF8%(Il(&vZ?W
z&b8uh?5Ww*LYqZA$enI9#PPN7-CHci8N7rJByz{I*W2s<p|v-!K%+M;2S`00q#eS>
z8_)3;c*-`<J|!kC4?sow@${{a>uhX~`km%Eo3{#~jylpU#bd`dqZZ3vVNa-1BrK5F
zRJ(El92aOsaW~#oF8j>kKmA}ge>@mETLH#e%F~@23}izmJX-7Nb*jVZuCIAK(K_7~
z#_$DI9X}HpHA@(+!GZB5b*XqRw}T7(vu%x2#5evF?`}Z0%{|ndm)=&}@2CPPdsx%X
zi`8#|f|G`g6wTAmK&a7r+juzC1vno3d?|cr0xJ-IH-hw-zI5=TB2S*PLVRr1;7(rF
za!Engrlx7mt7f`|NgyRD6ZL1P4bpYP<JsCtcPP?c{Kd}IgJwnWSGnTcg9HJls)Xle
z?VTED;`9#M34j5q6Q<_=>tNb<kK>`RHRemZFu_Yj4d>}J$GohkHls;_Rv;fF(|sbn
zNdY~#C+eE!jLo|NhU&??7@W!G(KkB=R|5<c=}sX}!9E&G0&WG_X-~Hkhdb%F;9j1*
z%S2D3EycP%T*vbJ(FO5!ctR@qH<20p0`2nKb-nEw$esDD$-+kkSSNCy{$2;gd+;=%
zflwh8gbH#^8~s29OTqP5IvA@BUt_J}Bi#ep=;W=ghKaRVl?5hg;Ns`qRV2s{=#p8i
zuSPcRZds6KEr`rYi$vB{n_TQ@rylxrbajyI?7VAmzT~lRd^>sk4lTL-m&)sG!Ppb|
z`+M!!$USCIKbf3sY7RCuj^q>7e%2XAfh8TkaT-O}{dC~^vY5KR=<+N~K!?C+rr@5~
zukW51tdWSM)=WU;)3q?Tn}A5`VNeF$zKXDf0t#`3uy$v#ir-Z}hv)mF0@#zF|CUzB
z4f=12C8Rdc(o|(O><jk4rXuIt-#e|8owcM~vEGUp%@gRO1oX=VCRFVZlg}4oZ347I
z1eZC~oQBp4U)R5>yGf*mnl)Veo(5l*8El%ppD{p`C9x2*y4C3uZhF)rjAVY6nsCgS
zoXe`IX*Ab3-0dm4e_V4hA9;wd;8F{gjuYpbzt~75ygM2@oS!uK)wXF3^LjZBS*wzc
zxOD*)%;co)9FSKBii(qTr!M1`(E$^^5B)=HWgR@*F1Tv)$fLv$w5OtRbyB0b6DB|+
zpXvHf^ndpd4ko5FqNm?AscOwSxMD!cZK_iq?B|Vr8Gji|xMKyUa1afr^oU_?sN&!7
zI~3k|OH@vifkr<WJm=-r66Ja){4sBRU$5k@^Dy1{F8gw#BNBjLJUocQWF*8?A!=o>
zh-~IBYuFwcMm%EIoy`~ib{M>1X;~HBR}}cRPi}<|MP``~WpxRyO|*dmtkILC74*yG
zTEssd28?s}d!~pHH9Um1tM%}CX&!B(C)huj?B7331Ht4qI0z<<`MQpS;XLey*qiI;
za{yCK3JaT!yX1L7ft2!&R$gMX`aTAA;Cm`}W5oq!)yg&9mDE9|les4%-erT;m`Z)}
zTuE-kSO-jj$z(p7s%#M(nkySab#wOg5RTAiLR<C&JikGi((0PJ#`rl8WdhF+qO+8B
zd5WghJY(;jOIUQ^!WR$hbC{_S<Sudwod7N#Yx$s<r#hLXep}0R!C?l&>iTIY8c_KD
zB=VwTNH?ZKZbgEPe)t=Ljpe7tpdn)dgIs!_+h6+0K?E8FQ5I23c_-V@<R{ylExYbg
zO=cY8XtQxjXEqUzdp(xywaIUB0}vIR!Bc(6c5kw`DbYNox*E9tMc{IP$zhv_RY_Mz
zJCI+ruY9;&n*lZR(2-G3DsZ@6nx{an(gN8RA*b+2%rMJBfp+%`mdx3-c`DW1Arhw}
z^VJYUWDpViyGly>vAQ9h<@BfeC$`6%tvdn!=Z%_`r;Uv~j+2t-jYxqK_2;vllNntf
zFfNO`G4Qrc0;nA<z7a(L>xk0~Y{3D2*&bB8=b(bn0ps`K^GTnUgzBANgp!5a$Fd#D
z#*Kd#?;Ib)#RdPfeEr6!Q1*oE+V1pNcIl?Jz0f%)o0T&_kfK<BV;GzWOZPsWe7>^p
zgolrRpHNeI_`+`J!)Z{Axhw1Q3O)A4$FcMidAy1aDIhO8`EC)_Q*D)-BMPIv5Bd34
zbfjF!4W)AhyxJ&0tlTKzg^>{B;Ie8k0$;Qr39zx+y@;njx3JNC#$NxIy%CSWjSSp;
zM-~977!70iGq3eUQTbi(%`(^Ud>Ssj@2%p7jfLL&jB#;G-%vf{)IH4CQqur?AUcV8
zb_b(~Xgzs<rgLaIoo9tx-clPQW$7ri{;4PSE|=()YH#z3G76&G4arPh<_|`kLL?>?
zA|3FlAncbBvx2vB;>XeQ^o#(3XfinxnRibf2lae3dijL^Hh|jh`^&W$p-ZjGwI8jl
zK3ZzE;KkzM4H~{cu)Nvqo({gNpUi^V9(QAk_2$*Kh%OGp(BL5bigjUK^c6JX{nalf
z_3ve`36fpRiWZVl+SZ)pi#~DdI^AV5_+*#3i3hh&=fyY4`BpMvL?BUgoDm0ZbcC+n
zAis=+5hF^Z1>vZBsq@K-qC~&KRPd{vxK>jj!1oB71AjY;;SzB2<3sf@jJIjE32z<k
zUKjp!w;93L(ssR+wRXAY)L=Y%Hj7t3-1BRQ2?!VW=&2?ZKe%pOOz!Koa#Sj@y^^x#
zdABN9_`dZ9>MBXN<hJh>4=CF@I+q*s&0%H`!GPYHBL1cg)ukmroX{E?3jN+`d$~|M
z;3xol^ug^*nccsWLd22Y+8QTqial+la-<6_T8K04gij9pfyZ~f8d}X!f)8;;Qo8(B
z4IH7>cfn6p%b1^`#x<QPV!HIN^j$f9ijjnl2F<4r7%3_n=tWe1K~?MKmr8KrL<gq6
zq!Jp6a9@<=;VgeJ@x|ga1}Gb6WA6NQFocjcV|(#e22x6UAL_i57&;r7{`wSr@~&<h
zcKEh~Zb@*zpyeIi=yuGD;p^s;WBh8=`ZtnVFgDF|Q@Pk4@AikRw3Ygne^Q}}gtlkR
zmRvsbV=o+k6lw6$D}mSM!D$M3nZu011$*bNb#F$^I1s)gssrgq{Q)+e9oneOVfV{O
ziVO7TV7z(l&@s(_JSjfPs9EE@h_k2DZS<_POjP(`nRvB0o7jM6^f8wp@k(m>#2hgU
zc}Am4jve`6RkrCwRN$IcvxUITg}E4(=Xb_!T34+Fw!sMVZXRB@{fAn|=m7oVl}bR7
z+$f5(U9y~6%^qjdw<*Ns%b5H>vS~*d=^(N(XS9(r5m&Tm`y17Z10D82e`M}5F#(@J
zYD}|%Fz8~(26isq+*FEZlD19*W#L4Qqo#tRNWP>cK?)tbm`GJrKrIru`TQNZ?F-Rt
zGrTvdd?2a*OB&E5fE@wPgpb2)N2cnk;3$BWI6iz8(~ee7ONP-GX|Qq$*Ylde0ABoG
zM2^K7DgwTzEjp|q@oh^pTSdM)O+zFXnZ5TYJNu}FTv#x{+FDlWO8cV!hwlugwn__h
zjfQx6w?C=n@KiB|e~6vl*(a!4Qfs<8&iC@o@^}M;_lp&S#%Go1MpuY087>5&a}A(I
zT5<X(jf^7~rZ#W0$WoNw8LN|ND28y3XpcCq3k6<DB@vsP{6lfB>W<}rjai=VG8tsh
zkL8^whv&I$F~_XEx)u6#nH7$P#sf9SMNXpt4X^1Bt$2YF%+W(0mRh*c1E9`hUY72X
zJL%^rUbw*Kp-IKSris`}U&W8(<V2F9kh&46$3e=TIhNN3{rsic1RkF9CW|lG9&A{8
z-Jnhib)WPXQ_PM71tmR8y^=<+P@{X9QFC@gY!1aG!3*~T6YT%S*7ta^L<qX+aC>SI
zcEIR+?dVrOMh*ZFTIlpxrAT05t#vNl>#4&dPdzq8h^$a9jjAiAUx#n4;$xF#e+@}I
zK&G~O`Ao5pIuhVAI<VqM`~SW;79r*Er4zFu+f=)U9IZ$qLJEbP`rLicuz%R$CA>TO
zq_=>0H(=#GdmOPaVKT9VNo^j~v$JG#?%qN(gXetHvI9Ji(9GR-C9m9XxCA-4VvCeH
zrHTOjpA!pRg2;6kv5M1cZFX;M*5|QiNn~dJUeHbsh!fP)<BHEP-F|^--^@l4RTSSO
zC5KIptcCLZHTGq`CYSfp)>ef4yoCE;bYfAF*s5}jU&w7PND*lu&62#s<|Q{H$&wK`
z#AFg#K-<QexAD30@W`p?*MYjHo#~Q~l);lRCCxh}*a~P*+_@YyAbFJGY-VBbVt`ri
z<gdWifB09Uq%*&}>N>{x5Fv>tgG_E6_O@2+I|67j?6pvWy7acLYRgXq3-do9e<0mY
zG$qPCT&gTiLVZitA9yUz0xXDXaj8cumW#(ackY)lMwH<ua4Ln6Wy#k;WoO~6Y!!MW
z^z9;Aoyhie8{PKXTO{8E$sQU9Mc40}q4BpQN=_eID@wY=6TbWvbHUCAA_^8C1WFHt
zzSm$S;hrI=65Q}ua5U~cCnTusjCKL_VkoW7yMd@=349S4q&%GJ@PkeL?9K{I6(RV{
z-@4`v*?YH``{2*w$2b|L)hzAAaB;ufv0id*?~)9TiNcHTY$@)(%cLN|0SC3Fc`rdR
z`sS%F2HY1*oVxdjzX$(cGYGzPSI+ufDo$>C=nY3qZ<Ys~Ea4I{a6MZ7=u}W9;}{K~
zK2+WClTv=6kzTjzWKpg`R~G=s*BMsReM)FDixV@^-K9JdD1R2sL2NEaA0pNAK7Q&n
zt*E<N6Soq%2UV?)&<RwbnzQ0mfI1F=GQ|fB2kF}rv^(`&G>&hS`V>apE7~JNJ5xA`
z9cF@6cRlslYf8|>uq*y@3n(zXMKl4i%cKV)Gy3R|?~!c@toi6DAKRrv-qLMo<?b}Y
z3tXL|W}C-BUhc%k)jI6y@|*cJVZ_ku0IsI<JtP_Js4PCn0}+UzBbV+Qf*C<hh4io$
zP#qp9+a;OF2TT8f-r%%>+2x#8E%D2F9eVR*iNhY`-OAUuDoWj=z_GtCclUo#Qdj4{
zA}a5@VlOCG=Pm-@ketWXxNYk_J4E`aL71MSkh^kg*h(kIpO0fdU+3W2{HS3H^_05%
zxOPCeM6UbzMQ5gpup2@dU9gyDQ+3@$6Z>Syf)5TjN_L=ex&tUf9dtx&_JZiKtqc!A
z8vM8ZPn~C0`vQHI0L$o`x_D=)r}M`S%ctp}rvA#O12t=+s{(~4%X22$-5U-M=-k>2
zAB2g#tNW4Xj3o4nZ!6OkEucif)`)}Q(f(zl)|WI~<)hHo4bX2~P~Ob$MXoX0eM8rf
z6Q}Is9KWKIiXIW(GZkc2$0=n1AP@h+=v>X4SyB1dv!J!lxq{a2{lB$0%N#@^-7An`
zxVg#3I+|S0hn1b5++j#t)~m?c0$!<vuGcOT2JI0C;9hHTkcWSGP=;M<NtSGg(>gpv
zqCUJKGw5wf|Ii36$}G>Dxvfv@-{?dNp_a`E=>4mS1NCocrT2hsjez^5r^X`6@&VN^
z^s-t<z7qF2#G3yDxWQycJ|YiZ!WbdKxN0;!O3f%y)BR6E_T)&dDmEx`_N(C_8&Kh>
z-%doDT)$|HB-fw(D>m{i+&y3-tA?P6DrBiz&_YM@4ny5^L=`Q@(B~HrTPRg2&*c;3
z2`)+h_+c+v44+c{rubmbHz-6@Efp_$Afpn^7lj<`Z`}~LypDYkbXd9{^rjy#xx0N?
z!e$p6k&Mn^$E(|rmi#ByjL4f|BW>*;DXaM9qdG`D#~cnth1~6|EZ29Z+C00%Ubia;
z`oWKI>ksp$1);#f^!xn~iVEMCT$zOWq}I5}DT$G&dZ+%(0Hl5b1pOPI7M`V+#eSa4
z@rRE-IO|{|!U<wK_LL&cJl2sdy^lIR&ynHt%lNjs3B9MaWw}FPa&9SH0-6;#*DCGf
zFb1lrHmSQ-aSbHO(Wo}gjMn&l<2nWu-MoKl`~XnL-6pH)HJFXORhYWBk^LqzwDif^
zN;#3<*p$ikM<E7c%}fJuf#Cb^s2%C~QZ<^$N%Av3Ls>X>VzX^}_%?rE@B2=CI0$ky
zP3UECyG>7*=i*fc?Yx=4%HbTy=aFU81^A!`lhI$6lDVct4Vya0dM6ThYyE9A2}tqX
zyVN${P}TC&_hugsbgmzIN^<dC>BBP#YHjQz-|!<EHD`xq)2!wx??3-UC~{kA7_RfJ
zQ$B(cBZ^7n|C5-?XmV#Tc+mwvfd!sO)ZdA9=0ymnTPR@^{Yz8~$~(|K1w+I98uZaW
zRd=uLxag8^yRZiY3AgmgF?ZIaBR-iDL6$SPDpGq)F%|yI`ngn+Ft}07wK>ygMfl=L
z-(gg^Gnt$l1P;NWJ~rtR)Y6!H+9mF~+I)u^(bxK%8Ma<p>dy`O;vbpYs*Y_CnQeOz
z74@sb6a5w)hYPNIMl%S5Qzv%%_Kr!wSQF>w=aZ4jy~W&0%9*3txBDefF(S^E75u8b
zH?G5#5%}*m#S+S?;V6yRq;5?9t6O!xHs+6v83lZap`40k2|<$BZuUP=EvXU&l3LYF
z4Z)G5UOLC_93uK*2|)PuK)8Ra(8#ixor_QTF~kplL2fedEUnI8dU3+<15^{`5*QXo
zG@w4LrVdX1flW~+bu7bTdXrl26}k)PI+gZI1Nob=6hyHc?qAD|l-dH4?Snp(dSP|k
z|2$R9BRl6aWjklBC~?pextoD>9(}>%haK-RjV;e`gqpcA`(--S@3pu;Kfom=@GTB#
zHQA7t>C99Bt<`l?*G-mb_ip=RgJ(v&f1JSZu*?Q*VOOR%OBiz47y)Q-9Hj5rT`#X~
z;}o33N0A0*L($9ywmG{;|Fd+Yt{DwCR2e)VH3}O{S8i0-D;oGx{f6EIr%?bZ_h&6l
z@{-w9ilg%zq`V=z$?LiFUzJ>HG=N!U=@t7UXOXRw8XKq|{?U|!LD;(e5-#q0d9kxU
zX}y!!U7<`NSS*w}8I4)+2D<qv)rnZagi@Xwl;!)Sp!{nDV-7a4vwu=gtoL8<lJ{K)
zN!{3jd^)4xw)#!3Nnaze^0}T)l|U6&-u<~x)6mSdgQFRMl>1Y+o8i*3VX>%#PPLr&
zqR3NLz^TN#GTS(JX#4)K%j8jY=;@s7`fi6~rR@L@%}dMn?7)+`9m@0fsY0#?T9<S#
zW%#X^Q@bW{hY+~EAl}%9NT+Btj42_8Q+u)saRPY9e_dVq@?4QYyAApGZc7<vaRX-e
z;!iyfW3ZjLCu;A@XhYi@%ZcQ^TRfITxHBm)cs(znr<L+xqj_pE1TIg<1pjV!3(DAJ
zB)`J#+tv>>QdT4<mG>|p9Bo&|84=}0l18ajjCMcQDgbxGj<Nb1IZO5A+>5g6Q;xFI
zit2Go2xZ$`L$NLknxkL>Hua0`ZQBn@>EZe0PfluBpH*98O<9%gxC^&=v5JC6N}Np$
zit)_YX%pd#U$isJKe-hXisNfn+Yac*{fF09gTe7_^J%ITeK{w*$a-yBNX%PWUY^h-
zJ&*sASp9h})PA8~U}9}5B5t429Ii@_(p^bTA_69u*|m(eBaaK6%xTsmIyDR&?-CZ*
zi@8sqWXU@;|70-gz}vpVUY5dkqmfrZ{g#8OugKXRFGse{OBt{+*u>dq{I#yN348fp
z0`JZ;Vq+{XL}M4kt(gu(&q;TKt%D=x>}q1Jt$0vn!wtx=d6O8e9vs=*0vi|0Wkcpv
zb>wlTQ<gLMMluVEv9!D36GQ^}M>^feSTj&JY$-BgwSUS+`mooeu;mVdubZ7doz)xP
z;}zDOso$FX1hR?X>X-E&d%s349_6>&lg7Ad@mZaA3{K5a$cQKnwR*C?u^r*Z=K1S)
z6~udU&uaWa2WD}wjHIq`aK_WT>GeluDcX&QKvgZ-^#$xzDG@bJXwE3OEcZ{_LsN&M
zY=s$n4eYX0;TI!w6x*nSdG-XjxN0)n6MxP_IQsl_`fn@qWW}z$-OBUP#z@hST*ZDo
z>GfrQ2&NpSI_p(XkhP3XnCH|Ns<J-}hB^mz?*jhUkRDY&C|x?uFMY#LMv|9Qcph!!
z9WueaNJ3`^L4SR-CXs2m2eis+VXda^!B_Rpl|h}w{OsLgBxrpfNF)5gA$vZYeooMf
zTrb)=#F>yR&BzhYxR~N3y(Q-HDsz!D3pZA&Q|CQTpNgWG<aSTl5&ttNDTp8(sN<r1
zX^Wng&9kWW3w;qE%P1sUJg}1I4%IEfo8)J<?yy=*v%BRr+stFd>n@v?r;=qiFcF`X
zP%j((?JQx;G!SaOq*ezosmJRT)9crA=Qs$!ENN}(sO`#wQJ`s{$F?J=X0#7Z1W#3H
zVmtoVUYK@q4cPyhx4K{ZR+*NU`TJ6Pe5<q8#(YzE-)uW+;anBjQYL@izTINUIjJ{{
zf>y<jOeBr%Zi#!INzl@4Lit9$9|bwNvdf=DcT1VMcM0Xvoc+TLO|790Yi>?ns?ihf
zqc&tlo8NLA$_)rVaj@k6KX<QQc<vn_FF0o}m^<rXB+>AbA@c~N0AW>$+b5O&0?+nr
zmg#*+BOU0&h3WTGhb4D1*FlhXMdJ_Dt*dw}u39sJ%Zo9IJTE-2;xsu%9b9||@2FmD
zp#v^Twi|{enAiBFGw}e+9oe|~f`xm%%f^0i@!t`$!Y!yyIt}ov1BtxsrZ>tZRJVP(
zO#X8j=fs0{6~8TP@5IHTP7?D;#n7=y6CbwcL`~JL{P0jh;f4p(<~HbMpckWDkK^bJ
z>N?BPF%^49pdHw!#hJ)4lRmCUOctAqFz}(DG7T#Ye8X;V>K|c8$DksRsuh9g+Mfd;
z!W_EoGa$nDEE6fi&BN?dq&e+lcuADmQi6J)!l}5ArGz6=Wybyp*^o(eM&kK?<|$-9
z{u1voZF#aKm&*8{mZx{yK8h=chPOv@_tagy)15>#F1GoEvy4Ukin<Oa@bRy8;FhNC
zdw6}74YY8Ul?oC9=^w;`D&JvNpD7rurT6L?=qI;WUso6Nyjp!OcrHFr^yeI>VwU|m
zWMQ!!XX~N9w~bf*=G6_$5&1j3#Y7MkOS4<A62-{UJaY2xN($&qz!}F4h01Ksm$x%K
zYLVIVV(IJ+4T#hS^#AC!L7QDSp#9q$o!*6;-Ukd=jYMGX>H_UJZLiliJpw4*UA(8J
z_Dr(H2QwOF#YmBbGt-d0OUnVn;k-ZXlFd2BdZQjKzZZxF9_oVX#|Fy)9~ATJKoY5P
zr5iyeET!Q$(M7d`q!dbWdXE;iV4C6Za{~WsaT2{05uN_&(a>Lp=@-Ny(SqA-FIE`<
zXr0dqoUlKen9KpUws$cpff@TPshPJ%%PrFj2G`eZyw@!UiFLwxQe8uN7ej+Kwi4jw
z9FRwR7|@+B!8}jlx23UGSKF)HJs=d=67oo+@QS?^;x2y5Q17Q%>Kup}zrz6qv*+>J
zo&Wd3gr_Hgr@(8i9>_!k-~?`!yZWrOiNWt+cAJ$-T$JX@+In|c4R4Obx$<+hV$WP_
zQ}c=T$>K;%8TW)!Rt~Y+jD#{BLRr09xkggkbPBTrKF)1B9BDlDh!II>#RrL*vkj7q
z9no*IppV%8u{-XHC(Z}VDjeZg1NXS6>6Ni-3n-U|8n8TI+MULK2kWv_stDvbY90^q
zI@@S-g5r9NK~=xx^NO1apY4I?Cx(U|u2&^<S5MoIJv9ubT{hKI)m)4HO<b#E;M2lq
zk8(S0UaRm0AVCfBCF-%rQY7J_T7e4v7Nhh)g|c;Z{k9q?1B<ajg|t}Bptm7z0?_56
zV|Ai|i8i}wG;@&S=qT)m@V_Sqjx!98Dc;V`zC{}XmD?EFkb_$uo9C>~x~Rwc5Bb&l
zRN8VwRTR5W2)8y;!JhRzk1Q{+*M*ZF_yGY8c&-Z(bhGO`b9m=%M};;#lMHd2dv!G&
z?CkGRe~gz&O`^P8m?FBWVL*LL`8B`@D5P9+JP}K|Wn?K9m-zISC0c?PRPtYm^!>Uj
zVHbO&K0gr689S#G$E*-B8@(FyF0$d1$;DM-P>24Ed(aS#*OA1`VSu$9s65q6xrMe?
zei&9IVw;5i1Fau?e``>fxO;nsQzezUC5JAhCsGh5XJuz*ECy~uNxoroaqBXvY=8`_
z?&nFzK`i3+nAw4$dr~FClZZ5eK`)depJNetxiK)~p-mGj(oad6oI{m;CG$323f+Wr
z&j}37u@ym)rZyP`F7R82RinUsSz3I7IoMl3p`HYh&dw}Yn1+V6)X=^sLff}k0yfdC
z2fAQqmPrVFFA(Jjh`rjOXnxI8D?Sh#rS$15JkA$8QQNlbfb-*-^c3|*m%^pu!W=;!
z71$BCrr}i3i%*lef*jrrVqveYhjYi#&&CE3KvkrftX-IQNaYq#w@d)qeX+*EKEo1V
zBw@?F(z8EsR&_YtxEY@#9TORMR=a9X{vk=o`g9Tj`#R=RfM`;;`*vQjEgi2FxTY+c
zR7GdzJH($qMq63m5llEiB)y|D$}%VUo@SUtzpD8){P|lXn?WRHni<}uBFn?mbtFf}
ztW6ocbb+)2@==0yrVADRcEUh#G&Zsn&_pKAy6q~PqqDw|h-X$9AXE@fXB7GxWm0;C
zh9$aHyHkVFP>@zCZdgm5n@D5(7bCp;w>dU^(D$QYL2;aw<w9=|<auy?AohPxA~5C}
zZNV0k0x#l#ZR{qd8UA4A@=6+QVJay?n^O)Jd?p)Zf6+QryGkvm+trhJ$`fFK-SYcg
ztry{Cc%^FH7pMG2!hSkWKb=#TYlwTkiC={w$ED#DDsSIf<Xk`jxV#sy;~Uv3ILfw)
z04o<?J-Kb4<2?7IQp$nJArC_7_HQgR2+Yc-vo=@?+hl(QJ6Qu~6U4Qr<Ig1tlW2lP
zSwOU`@e^z+Z2pS^aP<6e!PC5~9KPl8eERKZrtpKo{mpQ_O#v<kb@#e=i>4o6t>zO^
zxj@yr>3YWQH{Dwg|H$X~He?TOxo{hio~6D<DW~6anzSdK&Dwx0-*qD@KV?JZKObN<
zkxYTyCufKg(|Tf|&eBK}bH`nn@xj_r&HBeXfZ*hmddc#Xnu-|BIVDTY$KyI#dmuRQ
zdz^d&LcG=WQ)XcjwlE|Q+TIw?klfUqbwm`~)N<imi{tmD*S#$R2>YayI<$vtP*{1I
zN*lr*NXJIa@3@odd~>NehijZ*l(v8t+Hk?ywg=^=k8@Z-H8<^_-dr+zsfpP@cWJ?)
z0OfCGq`JNJ(!T$GeB}Tm@lmFy3nz=Rvh{x&M&^v2b<BpH^(`uxJeVXni#*s&B6U;Y
zsD~6`vy?76(BrYDj$bqYQ^jSrIjUuzw@Uwu@>uoBLC;2Z1s}i3I8uR>sXE4fHH7m-
z&62`er=mq;ZD!ISzNk10$Eb=h5Wpg?ox-(`IyhFlnR5`FFf`t3Du{DS3-f*66XJS&
zaRAf|tsx)9O4T!kD?~^d|D#5x@4Rb5_Ay&RHfT;3^3mdoRTQ{iEd-8~^gLRtN7wy(
zTP`YboIYqfY&TMi6dX(cGW{~+TOn3Zw%X5|$PyA^0)m15Fh?=%6qbDeHAQiRrsM6o
zQrwwPY3ojkak0dQV+s=aN6HWb9)!g%uIzujc%R6VqIiv)qA1lXVw~F>m(Q%L06Hnj
z(5~*Finwxr>E-uvs1M4rrc@9|t|hHOveRRLt*CDS<Hw~GXheJD5Sa+he8nMx5u~uE
z-=KY@a_`w}4M<h?0kPu&F5d?lRhPUy^Vyf=GACmm?r|lKJkP>y*)Q>S&O7SWWcOWK
zoT&Gqm0Bg*1Pbvk5e^Ie>31o$W4E#TiPoylWv$qUi!NF2ukXT1DatrZi3IvE`*B-8
zS5eS;q;SYpLF`!=X>x%P!-CEy35;Q0#kr2P@=EIFKpfJ!+;HWhZ*MAoNfF&=S45<T
zR~jy-%D3xoiicYj1$T@7>RH_#soXpFTJPIv_tLk7h~Nl_)_kWO8fIf&^YpVLKUmYH
z`!IwU(tE_|z_Qwt+AVWu8tjB`(cHZEf%sq%$&*NZxUQmqO;T7IsvMx5LVbv;qCYcY
zTEQ5i0lby1TMUOF-VlW580~KUB8pNM{rGmatDyZK+go#8^V^Tv^4me;W>2NY4xYb&
z1Kne!=s~6ymccYIh>Dpby327N9o}B)TvQvDOhc8DUdPTyst$`yH62;li?^XvL^y^N
zl&vE!8p$#J*&IB>R4&3=a|OUbu6Nz*WC*77MiOJ+Mc*<Jo3;-qI5YGWn0*|6Kl>xl
zEEWG42ZbxdvgszsvN%*`#W|P);P7)Xo~@~u!cfmrZE)Df!ll!C9t^jFW^2_!^`5{Z
zi_jRe0{XFc9?brj1cQt3m8&pKN9$3FtH8rq!z#udH@=FBrj@=0qG6M3+YRkeyB(tC
zw!n1et1$DT|AU90N23x;mZK6Nbf}7pk}{_oO9}fvI>m4lB0Y6*xMDx^eE{G#Np?mI
zt%mU}9LS4?#i1X@&Z!rVbz{~?f1w+TO%YblRNM)^#@zcrd%pHS3Y~)r<?tvgx>n98
z&)h#MJ)TH3XO2ZLS1XbUfk<a>W*h)1wMeX0Kl4^gNr;@9sVk1RF42XKd_LxwosBIa
z{@4x-6W|$bNwp<0#DOBL4Y6=K9##@Cix47oM!B<j>)WPi*Z@_d`6?ww62Utxo+&XV
zIO4bM6??T~gxhNZ4lQT0O;JH6E#1A;`0eSMR<ALkZg8hyXNTmAKiHb_YKjc{$JJ5P
zAT>2JJ#g+68PJ}S0qr@`_lh)Br0**!!e40vSQ9qj!*BKX%^x3^On0z+kXLTdI^l~p
zh>Ic?)>(GTLh|}3z`e2NweYVRX=keIzqG(}A6c?95jt6?%M^$}{YIavZmL+w@&Y!|
zg29SWB#}Wd4ph5y<2KajJK76xm|AmgX`zOX8{ee<&L+QPS|><pPupKf5`am}o&KgG
z^|RpW+s7DX|9rM7#L2rW^8un9;bG9*gVXpT`OqyF14Z7M>K>r}?pS#&uTNLHuAzK>
zlr?NYrCv`a<IeQ9AIXxdWc@b0S%G+Mm<SwEq8<06=lp2IN`$Yax!;@+2yK}Y*3o_;
zU8`p~7Gt?@KU(|zG9BQBI~i*PLOHGoLhs&zOs_lxhr6fb2G5=QlUERtk5V|GWBayq
zNjEIHA>--kR@XMij#GO=E7#<kx6c;oCK%!7jP1tiBQy4U-M%~}>ZZPLQckQOL#Aq<
zqO|uoB2;i#Z%|&8jqXL0@t`qAmevxbBgvP5R0fe&Pm2k-cY~pj(GGkvOT@BQ^dRYr
z>TM31piwmQ75;<KzWbvzO_rlHAk9UXykJhMiDzxjrhurB-C?GwtC(PFb4};x&gz@3
zH$Q3g@VP3Hc+ItfoBPHj*$(p^TQw7u5pyIe!3b#I{6rhhzJM;@jQtt&GpySNVb0B<
zBvcW=waf|CV-5B`shTyNVjZ@f$DDX&T&~+~iDhCViQd&CFU`qUtlKgwgUXTurN17i
zPaU3J87sI6*S&QdX0J%*j=b4Ea%csGl$ZVAc4L{#%=Vbc$Ofr>Qs3T|ge`-)m$*Ev
z33;$fskmjnrS<EMX;aVWqQG-Np@3<%c;1MR`UOvLg;Rp|QH&<w!ZK~{P&*7cK7F6K
zCP_AH0Pi9m#9<OA8965jSKc;Nglr}>HOCxI=;e(bddOOh<}2v#fT{Zr>r$Md>z3J|
z>p)nyZN*)3b@jE|bw{>8PpaNpo^)Ztp7`qSU<uY@85oqEl5uAlv84a-hWo&io~L-;
z31CAkAn2zW1V?s<^OST!%9iqZo9;G9ks`As((_y2S-vQ9@cE_Rrkk9)Iz%|2#1nqY
zyH>i@6-*Hi!}4Pxj5S`T5XBU|x@ib<{P3SBaSrW1G+Ekx0Eu#F^}=%IH&+1H<?m4@
zQOFK?%^&NK__a3|IjrU7s+2M8bj>@i)toI&i##|rV{xI5w`EO=va)~smfjt6g@l5V
zO~+|77Kc$*rkC`(wM}G%<T4?g@=B2yqTBli^b?#?TUX2><0(+V&{355!zH5sFexy<
zqvW!<tt98O466t*0aN~4rFd+WB!r#1ht3J`CNcFGkEb%f!X^s4AewFKk7!6|_4GUq
zWGpmGCb_+CvfvyeTT{_GA)zh~Qnu$y2{}MfStLVG+qng!ukK&PA2r;AKkkB&=Ad3;
zL}?D6z6}C-9d;=pq5tzb{9N;Em)Y`bL85`>2Oe>67o>4l#$v##CZ8^kO&bi-6<cD3
zExX2U$;;)e_tl>tpo704dzYZZgHfz05p3M?BnE`O_#Stm6?S|n0S73wT8J_Yi!=#e
z0-&5yqxuBi(QX^J8Xm_<T8!vj*<sSd{ymtCt{}qAG(f_|gKQ5#g?XI+1jyNXiL*C1
z{hT-WvU}$RiG{VvNuwN87X!(Y?`t+=lp-U2$%pxrAd@TlB6{uazDme;beFmBh%?r_
z!qym1D_Axdn>MQ}n|bplB+um~5e><706GT`<@@_c8`cdSD<p-u>2DG7M?@{mXWn_r
z)mtMxsLsvjJ?lh4uyV8#HP<DR49i}zz*Louz;g33lws$_@##fBEBNUO_3d7xP+C<3
zokdD(jqYVUtt%KI^JO@pm2Fazz$N+4MNNF<_V%p|`}*>a(3ui~x;6F|?8CX?!&kwE
z8o*s7z$x%PV;?Hs%N2|iSmU+*3&3WjgHCSC%WQ7TAR!D4UZB?h4^}ikesSrbmA=ut
zz3RI?y*;N8_sLy}{z)*rmg~{UxwveE$ibZea*B(|IfEA7Ki4Ha>{$GI&Yt>wW0B4K
zrF=2~b*Lf%LXd=mP86MKMb>NWjO?1k6M+p$o&k9OR|D^gf>$INPD`S7-oqqTCn+e2
ztH;3oRsp{s<SGr<9iA?-KO@8y1@f`M8JdM4_14T5Mq3qHFKgMZANeAdG#>`^kejN4
za94Uwy3<qiKK-_d!2^*fRvJF=MldoL#BedBvhAe_5b*sK!itmM&L{^!-9>>kyj=Xk
z3Qgz59yEA`fA|{ViVFW=NrtT;Bvx^@GGRE|dS}>lb97bSeA2t!qPlRIiCYI1f_mC4
zyRmbMt*|1EHSm=tEk>G!RMnL<7XM2_)p;Q%*pKupo0Q0L@<jnwtg_0kq|1%jH<A2l
z+V8{B5qPt>B@Q^!;I&tEziF>-%t17V9>l+M2crdieOzyDpV)40zadMt1aF_<tqgv&
z+PErTKH0_jr0mDTnN)GW!RDsA>%?#ziPyZs%XaH?5>j&TasLPC*!+r;e1G<mieIiX
z5Aw4$>SG_RmlGq%?o1h^1e|!*VxnExuSEKf?(h$sL#vtJ>QY4tZM*ZjDn}1yO&$l|
zb9w{#0e?dSX7)k+$GZOfaxj^d31)KUXYZO;##lbljfgY^N`Nc(L<WUyty+95Oe!F~
z4#Xdty0o|9oT4bqj44>#)!T+lD$L|$TfDYMc!xd4zjH<#W@6Wh<sV2+i{{ft!myS@
zWTIo^JuDEWR}{D&W`_Q8eY77IffcCi_;OX!_9geT0<IKm9_z)|-wSVL{bqLU3k1a6
zm;?k+#uQ9>E-sz8k1f)iZi%!<7b<m_e28$>7Bn`<U%cO6iS%NKUl^JQ{}|ilN^dIM
z*zD{7VCWbf!t_SWf$B!EnWN!#tNYj{X=d7$ks9lZjrsU01>*>+7UFIEga;TS@Msz3
zOGW$*;%$;L=IWmr(7qZ&96oKqUrT^MzXlz=Z?x6hEGJcBmwJ8mDd>EuEfBVPobeHS
zdZr^EnjfpQ6YXIc*|@b5DU?5r{SHy6g8ooSwB9d+Y>~}8?2mu(;j_a6zK8<o4d@Th
zu?2=R^5varC3_p6KcasG{^y`&3=#<a1Q3Mi-hEaw$>PcxjKA;^A9<BKh|U+QHQW%J
z>s%(Su;Njg0-&uA*wNJ#vCHMW>j^2mGNPt?SymzF5101TKjjt7wQB=dWlW+9Nw3Fs
zIyJgYsRpDu!a^&<{5Y$B|J#42pl~S@7{8mz7*`UaoFY$BF7%c>alL@oE0m3>=W4Il
zB`QoE-xE4ypF*3gUHq}2q+z{V^wYiwsbuqnC^EU@W1&NGjkUUYineq(%95u%`AnAo
zZv!Q^vH6jRV&)FK&SiUe^J+dk0r@EmqWH^)I5I-CObWkV$50ZfL)`Ef(3t@E>*$EN
z_EtTy^;UuQLU!=>H!<Dudjh^U31TtX#{^Ox=t8ubs_=6@KbxVUO^~GNW>qos#+3Zu
ztGX};{W%w?V(yIM_U4v@E0%r9o*iiV(ls{t#sWqQa`??QWF}U8qD1?s8vO+l>1<&+
zry@$gpO{N5aD<HUXo-vgQh|QdA*$G>@7FvYkc_eK<^}0KEd|=vIDncn6;e~U>xKeQ
z>32(t#nm;Q5sTnsCpjg>Xp$jMMqf!@AhD1}PKh;2RvU&q;RKUuhu6>^yTgT30%znq
z9KoIF*AOx~(B+6Nk*Qzi-=KxJGXl2^P`ZjM!zcxvS*+qHq|LDZ7?Ji`M7zMHMoFAw
zN^WV`LDxGV^mr4kmo0V&%DE4hvrCJ<@=~#@D&;{ic2P;cIJG%f$if5i_W1PGRCCj=
z>``ib3unm<*73vJSiO-gfu9%Mx{w=(RJ@nayYyTMgK)yXBL*Vj9Da1Twr@j$?rUOc
z)`o;wh)C(}IvdCwI)gZ)Xg%b<h(~5PgO%p@P@D|#|KWsJ5EiDEKb9CwCTrSvwQ$P^
z<3UCTNXBrAc|lg5_%w&heD!rTVS#Gg{a2ZD#krhKq5D{x@&0{>^nb8PDP;)*8NK*9
zqRMb<;G>KA4lw+zM0E3{P&D5v@No6??5<z+VPDZe;GB=p0kV=6^HimjcF=1(&gbiW
z4$=?S2GzDXv;W+@LZ?}?Hnv%_Z^-?HTHRs|`7gpN5~^(YnIz2cnyIE~bmq*3TKRo3
zw;SYs=|fA?{gL`=NQtx}(IMW|E7J@`zz`=h1S&?-Y}XBhV-{9+s2@MYjDq=nHrdUB
zm#f!^3UWYG_{O64nfEFbEF^)XKQw0aKkM<!MFK=$0z_ZRoq;q{d-6qRf1w`n59I8P
zs+}rd-W_rWI}Yd5k4^#1JMb?jNetAT6bQ~8+P9phfvQ0JYURh{{&SoGFcfBvFMi)o
z!8m_Z(~u2w3IDa1kg#)WDG)QODT+dr0gYjfE{ZRk6jrh_8LrH+neEQ)7eOk4z$Vf#
z<kewm+_e0{w#65y-tFBCm&-03!^uwym#H$?!Y@a)%Ptth*K*i!(CrCp(TtoeUlk7u
z>@=u9Gdxp~M3WKX>&{JKQH1?d(KnYz$lZRH$la90-|lq8uzxeSoGZ~w6y`%);Bj<O
z#kQ=o?m;TMR?@3y4}>;0z5!YJc&SfdxUYBOjX#0H!ms5-;pnrnAUHATS_{lx3yQ*3
zFs_S6mFmTPqeU+3Q4;v%P@&k}WTdv4)6{GANqOu)-X`uUjQLqAjDbie)`o?Mag<mS
zf91KGV`@0{gB#Z$fT!p92H5S>txO?dR8w>p7^y_&o5-1b&3wTilXaQ$SEj&M2=EwM
zSlD<9!OqX|c9`#}9=_f48ySoGBs36TYc+trV*ck8Wh4@iYuF)><GlMkF7q|USoP<^
zz+F>zIzc&g^f170I5`yT+!SMxfmrT@f~n_e<4axbgZ=~amwM2px;^!fnYv~Qy%++x
z>O!9r(~GvNY62<rn5#}@pE5$Xh>=(rE)r<`K0)BGe=uKT5|BO5_)<Yhbr_8MS`O<!
zVOuO@hC<9_go1=!^)6UFVO~cJoiyEB%X%ayv~82^|CqYQ=(@J9-NtDe+iGm9vF)U3
zY&J&2-3E<q+qN3pjcwc3ckb<d+waF785w7vv)9^d;+fB!Yp&~{nj7zx!E5%{4WmBK
zP&9`-<6nZh$`n=I-UGD1A3Lp*LS~Zjnz2du2-KpADt?hAF5&p7%Q5}6=(#+?Et}yz
z&+DzMYhkBXA%vZXn2b1qzdn{L*=3bL1rZEsoQYsZ6z7^<gps1JD5R|k-XHW_A%}0G
zWeabDN9J24Cvs_09};WSSa93y;7%C$E`=gP-7mAWJ*(3-?j3D85jT;`zHKc%%U6=*
zYs|N*FGkJKb|OWUSK<@(rrkt#Y9mGj_`gFw))aA5qU1wCRTZE33U3f4LIi*8ga?))
z?k@y~_b*hqj^#Nz+XJ;E+oL4*wO1a2-ERH&v3;@0C>7l8`R}A-w7@vzf#BApV#>8(
z$EWJKfJa`2)s-)tzQ=0br<c&pt+&v#lP(rZ1+D(k8jgErAYCsw6{`?kg}>qt2Uq5u
zDf&sVUZ0Szy-@}zATn^u2Yp-{hI<NtwA-m>l``D<k%;TBL+)E)lP8oy5%9l(!P9>B
zr@+$jp^$*hq+M`jTT%#i#+E-DUJ(cV2bOZ1{!+-dE`I*$I6Y-kzeVG<lx4T5%J^wP
zn22~3_d|2v{Ks{p10wD;5TZ^ZPvOS8xpU@K2R?i#_)5+cCdet$MAB)9twpfitAi$9
zNSRGpOG7W$^H)@Y7Be^eW-~TGqSBKaVC1`@Bi6%HeT&?~d)ws98-EJCe%<`YKKP_7
zVCtf}?(vj^>KG=lxynX$>Wtru?Yfm6vUg@AM)2?R4;V-L;q1h8Bp87UErJhT{SI+Z
zX?<V~gh9bZz09+hrh!9U?X~$;{+y(Uf84>It$!q@j!&dGY^Ea!HtwGphkPu$muimY
z$3Mi)pWfw>2!6C3w#Z%JK(NBjIW?U<za$vDH-z-sz}#I8-zcDLu=lTA2`laQT?@B)
zWeof%cGKhxb603oLiPQnH@?dkj1@w=OGGmM(HD#o2)IP;3cd>@9+iJ@=Vc&qh6>Ih
z<DqN2bJ=P7Rtt#jX&qal9QI5zHTW?VhhXPL@<(tP<?+1?zQTKvkohvpPoYoyx;BNR
zOR&Axf-06gz`FxI`vjg}cAJsQeIlqzI|`p-8&-v#@Edz#o6YWg-g*9feB1?ERM}Fo
zTyog!4O<?sDa0*2axbCP+S(pzTVi-S{bB5cNV!f)sreHp1OBDxsKXsVT*f38O8l%J
z7y<CkPLA}?a1`zl@|k`@<wv3j6+XF^2&rr{Y_g`!KL&Uyr-<!0NKg==R@mcGw7VjC
zkg{o7w3g`<Qy<6dL<pmwU{P`48_>2PUR{PzUKq^~|GRY5%%j}z?Pl~PDi91CLAeNV
z+K`D5$d7W^h=v{S6k`gLM}UtE;+^1}he&@`j?&)W2_(2qAi+gTG+WV0Gn(BTI#`WF
z{Z_~@;KX_>_y!z#;#5V!rrJx3P!84&3A@0BM0`d&#b3fHoRCF^oa8qbQMDn`jYL86
z0|J=|4m{G8#E_+pGN;NuJ+}~(g#$T_k{Q#$&Dj{}2@Lq-v;{PHM7qy#L`0-ua!W)U
zgftioNuyA|QPGT_$ay7IG}R3qwGkGB+n5DBDNgZN16jIIS&!UOSKM_uay$6{vV28x
z8$Y{{cJY5eoc<D-#`Zn_wC103&U%KmbeI-w1f|H+47x%1uVDvr@mKV}!mkj6EW1(`
zS7vT}B;o+9LI>yZ$_XPAf3(3#U6ESYXYs=@)?Go1vN^TBN9fYNHGx^KRhWEkf~!;F
zn%sn5=hWW)z^RNgCl_XZWc(2jr^be}O98^1;}Gg&-E-I?O*vx1Ps_WImk#Afm8ZfP
zLuKQf>i=j9@H+u(=ICDxQkP<oy09iS;i!A9eblt67(yz%Np}pT`cMxl;sv+bCtG-~
zZj4&@6khu7?IfiUiBCIPlkJA1X-(m9{OkOm@Pf;(EcN?~zrD?t<>$iLDMm}3wg@5N
zkHXwTqG%Z2WS!R<3VB?c8psut*I5CkT(=~^W9~As+`B)#^n==mg9xx}%Lp(kVqf&k
zBxN;U3waG>djup<%Rcw=cV9|ht&7&L4`qEY5hvXS8LE=vya;(Gg`C34$V8&KJpYaP
z%+y2lg0-1`y?$y|!hPf)sZc<Syt6(btL(d=jQv4&soWd=!Q^AeQV8ZpC<&Hkca-(`
z%K$JYKwfqHTxpH__Diy{6$dRRRrrBdw`m}G^u@oEo32~S`3Xa@Eeb(ZzO^J<tyED1
zBaG4BGQ2bf9@k_(x;#vy^&uOydC2vzKpFDn{M^II`3MrIN)ZPo!@!%IUb&J8@mkAh
z)O(DR><H;0FL>j_=>uJ9%ymF4HJPwzaQ^JM<=bbXv+##Vo1<%w0s;V%>G4PC<(HOu
z&O~k>;M1ybSjPz~@&Qanqg9#nf#J)VK#9RE5y5uz0_8(EAH|w0J^R^<$huX}Ta@(N
zeq0KkA{-L=Cc?%KCy+KWDp0O)qiNE?nZ{^YKHjz7g3G7(7}i^rZ8HGkR#(>BFf-;3
z#!lED<D#HKMG7o2&JIQrm><NLWtc`O_kxO`Y@$%yw&<ux61rF1$OTEYKP_pB-e13S
zr0B1QrR}2!Qr{zF(evyh<ngo`an#@!#bds>QBsdwe`xcF&UvdDtamGT@MR-@F4y~S
z1r6)F++F~^u^<C@7D`!2rzt}Hng+zJfbr#FqcDPhqZkX$(eYs0FdY%wtEUf%BO=|{
zm@M&-EGLyU!}j-M5o09CP?4tP#8~Tiynoee9Y0LR5k8Cnq+PaIT!rf*?n+%0YREYY
zsYMB_G5Eh`gmdrv+Ky)ZUH~UtrGRg1^Q2zej=qz}1(_K|Jc*Y62>+xKi-H}FNm48^
zk+qsxWu8EpRoWynd-v0!*FM*n%B+xep%TX(6KA(Cz7EHKLE?dPgY$U2OE8!$gfGi6
zNqm1W7{lAF_`6^*YHX4eckxiD>6L*gp5MWTPKq1m`c!j3JWmK14iG%IKE?BQ5-s=#
z+K%uC_@GJXWO1dfI!o7)vE8O{e=~%2j(G!9lMbdYOO2P6#JL@I02!_$OTLu(FB@yU
z;oBUbH?3`}RKKYHN`57{*y;{93V%jqGqu0Z-?ZzbAPp{6lmv#W)V-+=A^?MI3l6CJ
zLwSI2Erkb~_euPR-&Yc6%jxI#-$OLLh<naS!@WqsZ$jVr5Denp?SlL$zluL6$p;g}
zBIoWzR$aw+n2&ymLleJ-uwst;Cun6*EO%}Q#VV#f)>B0OqgIC1{i8wR5e*WLVa#!l
zDG%f?l9x^xWOkqm4=}G8Na=Z^H~@4C3qqIRx6AWzd74zPjBvP+K;_ncs$_LS3if8?
zdja_fQiZlJatv$l^*tF!<x0t15U~V4EiPzP!K0|m9{dupDB=EOOAvOOrA%3fL>5ms
zrT%96*X?v>WBH??^R>d4h^pe}!u{mULaPBYW=)iTE#?T*XdG+Ah$_h(5M@k|QyITI
zJO+noB|Gr-W3a{trH*PMR7iV3!MB?1FK=GDUqO~_SwRL0(MvPuq73VHgz`SzKjoBi
zZ62)p=P$3BRnDNKN=0XMoIE)=%yr2^=ouH$MFrjsWwf<|$^V4lOp+=1ovC{6fdyr%
z_8FXDZDo_7C1c<k&WepXXfHlRVGuh+)4~mr$aR4Qa%_AQ{hweIl(*UW=VR&m<V(O3
zU&UMS<+Z73N&y3{m~Cl_3ce{l<<m{JtuXPKVPN=x+pWuFHD2GU1?Oq;LuJ&;56-Qd
zAiwAJE5{U^eHdt}v|*cnGYBGVpy=DenkYEwmUyUA2-{yUrI{9C1FY;m_!A0QN{=<t
zoxWOwxqi5KFQ?^Sr(NLc&juO^8)#XlQVih33h(_w1TXF-;VB>-2fd$50O#J~yu02J
zDlzj6dG~Y5*!Qe2biU-ktA^{v@-=?J#~artW5$?PXL(bs-e~L}|AxFp%bZ<|z1TmP
zIvB6K+oeS@SjMEceyoP)I{QyhAa2sG3GR?v>$!9qrs)5*KQ+x=j3MP6j5)pv3$je_
z`)VGAoQdz>Kjk>LmF%s48Cr6`jqeEuBLu1!@CbY4EmZ>!Ip&Z0fb(m?rYHXL+w1j~
zGNOjr8GT((?OFSWTIkGWfXW?FHLUi@qMRKJNTk1Np*Eqt4nrh?`~}0r^i@^JqNrD9
z*l6NEw2YO)inW>3kw64b?uA4CaUc=1gSR8`lqt=RX=v!<yG|ne=ZHnw_kbMEAEyUJ
zo+peGQfOgwrikB-0oJM@rTOxT7f|l3EDZAq8zVavkeRr0=lrXIh0rBuskwAXcd-<D
z{32b`98ZObes>X^pHnxdRXA6{;h4yX>XoQXiRg>~?R+-EuX;ygF4JJ=m8ab6!pqHb
zvdi9(>cfqWL7s?c#N1#hsD3t1?d>Q;>v;=kza{j2(DmZPQn!J2oB^VUzr8N6H}?Fj
z%~9Uld>p0AZ%}VG2egF$O(3$p=bUBiZT!I$Pa6rw05GYdo{0YVj>K+_mB-PF&w7Fj
zC1U*;ojy=zBTDs}<y58E%puoD`;EKktZiKKUK+oxJe-Genu34oS|47Or}l+f^7g`0
zg2JGFT~kKG&YqafNK1pF8tyk`sbS}=A5slx=&ikn-m2SRpN*7j+xYc!9<8*`w{vFH
zkLiH1PFjq!anHQpU&pJ#bJUqo^ms#JOy(O(b9mKT@6+pPEV|_!8@tz3Tw;Gb96Lt4
zycat0F%vGbWE<kk%<bY1XKC>~KWlEAOI}dh3TuM0rHrZ_7%`ikmMR4c%<sXd+Ck}u
zu)r943-<HQI#qu#bR`hgQ+OFNH18md8=Hu7_d;n(Y<W@#-SgK>6ggx0GIj8{Cl;Y}
z_NqF$Z7vFKwic1tHy24cE?<`THEltwjg}%6K{(SnYvFsjOe=dOqi}Qm^k=(k8a2Hm
zjBktrlYj_eK{AYoj0PjbU>X(pD?1CT`b51dY>k-l+|ghxfMofef>b);6hcEX@B8o7
z<sNNiVYQ@m0X5k6=(D+fNpw6}eVpo%9+{+W9}`P|hXigR)##g8vxeS5@uNZ<gHH)|
zX`qa>{pbXvkLYsj!pO2&++6sqVM@@SxEKDaLAWOvR&HwODglYTtZx!`6#?h=Iw1n!
zL18ET`~uf+Cu?SfIIFPK52<Y(7)$c9^_&AfKeAO@$%>y3E&Dp6pr3j>oz42bafzR&
z?fe<jE<$rhi-<b}b*Vp|E2}G-%KEnr=;G`d5n#v9qqNpX7T0Q^O%n_pt9p+;#yl#;
zv0JI-zxknBeI(2-2={jo!v`wz`?ZeHLzgEt(jwsxt1n%tu_?)Q%3uZXn61tli8#85
zlDqqFispK{O+GRdRve`!qBVYY>D}Ez1m(!$i(<f70qp*~Qk8XH<lQVvrJbO}tCYrm
zEPps!Q){X$)-5lbxkJMqPEc>c|56kOmX;I5HDqWVAbczZn_Y8VbyM$i!~3O2#HA+o
zprzU!D)hPK^Q`>nsgQ-JnxJTEms=kqbmeO6+rc0yAHV2>^1}^Eb*1W5HE6NJKKwC6
zPLu7@^aG!-Pl6Vg>aEs8S~2;-Uz3p<R5Qm-Uj+D&ihd0k9pL;!QIJ#DAX_P#foq^O
zA@ZIo$4AD3VF6aF?<hE({tOR?($T*uP9Y@^lZur%L}f2{VHIKF799t9S=B7-R#UP3
zH2Jt<nu~p&0=IAkcW#PZT*3nLeI(1dCxz*0=;h@38rt-YzmKw~AJJUPQ6X^_Ui}2N
zzp8sG#|ScSuerq*O%MLQ5wk4(zqx!iY#_goj8m2_)67C6X=mQ5S81QWnrMV1uF-l_
zDm>mi#%-Inb~hJv%ij^2+56|kDNJQznllrJOl|!hAsaUG^0ZOb?auom$z`L^R+9+Q
z#usXf-RXl_ehbh0M!C0&nA|tO=;^IcU;Enb>DJg{arOdZTzp;}D6IAI<SJ*&Y;jvs
zt@UsrTGTS&<pi@V@7`}U=?+;_VZCt2VIqw#{Eu1{v!(v*tvrt69fWb&k9a4;$RQ86
zk7Pu@`SJEszc9a?l*>;1&CwG?KIojk|CL0tOk`$}&E{k&c1p0=D?Tm?KDJ^Dinxrx
zj6a$x65=d)M{KyFEt;22D;&N)=!Mnd`0-h*8q40l#_Pv}kpWD7gr;$dV}U#`(TT?Y
zl0HSdoYk})iN>%!v~VoM5DXfL{#0-#cGUQ<Db<v;opW$sdmEogjv!3q{tklolyNA^
zl6i<yKPOFh>c#n2Yxyo~TgbulvUUCUuQ=sv%y`EoT_zqBuRPFYF7V?uK9x|9a!4mX
zfoM9%JHowL)~a{%c~P00|KvuTH&m)1@}tPmVoPX+?+N1vbfrxBl0<3YMSH85r7u5R
zW^)Ru>8D8j_`@;PR11?ymr0Uk`<9A$i3DM_wdI^2XV~d7m{Vg<*Um^QG`4lO+Vh=;
zD}k$Oz`Wf~&UN$Bw&`x!qXwwAg4?5p(!WL6=ecccF<AuMO>iZC{PDYTFEF|fCFNrr
z(pF{nWwgf*1ub%7UrzN=<p&y}#@#eBR~!hPlLenOSUG~fjMLyeaX8uRhj7Kt-dKm<
z7S<lc{@l>CX?uX|N5rSmdi>p+$Ws;P?)@zFTA+eG=A@3ZWNK%mlJWe^BrlUB`p)YO
zH1;Pl6B}AwE5r)4!-~eimHxB^?qA$SFO;0N1MG(kohgyuxy<Swc2o%v5pA6y2`kY!
zr$dskmXu`3lYWEl-1a~dSUFZ{m@JKh#&MZp6I!W>Z;)j*Xy&wA{L2+EB9RaG?=^s4
zyDaQKv`YmVewK#4Y!)_|73i02Jb28O>d{!oLk^k-_??Q5J#&{VD$)J(>}fftKP$rJ
zTmPVBYk9+fi_ld$LNA9-syh$>I&FaZ$G`MWQh;&~N(yxxk_r>Qi!lEH7>3krA|$rf
z5Rz}i=&^Cu@DnH8Q6qp2D~JB~<t5E!27!b*2=wyU?0&yIa*%sUl5kw+sv^kK+9Uba
zh*iNaPg6-<T!mR70RC1*`)8HsL7lI?#l}m+y1&Ki)|4!y|Bnwv^akceG<^c}PvJs%
zNYB0IMpG;shet*z*#A<h794UUED^HJ@jgjl3=H<ND4;28HRt~e8Z0@8Z*N@O8%>Lr
zAHz=JA!Smt+_vnaOUf)}KbI8Ic=E=tgJKl`*|y>Mtn2%(ZiN$0e!L=h-}P7KmiPZc
z_-m~Ec#!SxQ)#KeW~g#htLSFPX&dJ4$Z@AmIPEc}GWj0B)hX7oZ~Q-;pr9K*iO@pZ
zLf#UB!d}#e$@&j?*=HiJua;8Qe%1QIZhtat=h%YU_>||c`_e$a(3wk4;Vt!IG|TH4
z0aBlDkNx{b^jQCJUE~(&$X4Tg;2JgMh#FyD@hQn5Q{3IEDQicM^=F}fwIX1Go`xBM
za?@IbI7-;u^-vjDFgJbnPRSZt>EYq481#%^tc65$?P8R?$L5mf7#XdAdwJ)gSo$6K
zbDVgLJ2UV5f9-56ZoYpmCoe78p1vqK=4{QdMpEO1Xj&}arhOsgj&rwXWVf+3;1a2v
zLhx5#W158#rOPD|vwc$wm((Ndc_Jp%PguAsXgJ0z0u7SiurqA+#u7q&9rvb@IAG_2
z%v*GW)S5ntr@s|Lr{Z-y!0ng!7(48GDag})DeC21+Cv41pu^lo_KgNH{+H>Um$DmF
zlTxUQ`gQ9H?B~;74Z;-piihMkj-hZ|e#PoPE>D<O#m%?+Ys98c6zV1{mFg(<O^a^O
zbCwWtu2hrVb}X9tRNPfZF~{u=qLgY+kGIUHY*JiO0k%qpee28XyvDq<ig<VJ(k6}v
z!Z!tgr7XX7Jqf1M$gTXSob^xD5y1urz{e&b<-Pt9wC^k{vJ9aL??K=AvOtUA+4;5!
z9=BKs#ON)_u5~wf!tkBY@A9edEUii@=dmau<sV^}t6;z|cFDA~qNH?*w%*cY6TJ`S
z+@ji9*$iR$UkqlZN6sBmew7r$AeFG(Si2Zx8Q6p$aDe+h30e$(3jivl!=t+kzHb)4
z7zJVdenl*D$kKK}pQIGJO+<;D*tdp<Ov&I3(kh2lU8k%&vUARS5>wj~H_({=JR@Ti
zKj@R2Y!DXN5!rzUonk$>qNh{dzTuR>T2jsAb;m)wq<=e4PSi*f+P!isa(+?fG<)$~
zs{$Di{H}6QMc%FQBo3+79Pb&_m6rcR9ENlc)hlE5w4a(cQR}zSun3JFQcBT^L)ogT
z36UnaRI#X8DuLdnjqv*EcsR)%n|#ISEV{lpjYARtcin1FB8Da`qd?AwLGkeSyo=ei
zYeR7Q#}3IiKhK_w0(W`vL6%OcWUWqTOI#=K8j(-!hpG-VIy!W`)!aFCJQvf-IO7nP
zpV709IC(-m4oL_35($3~X)x@vODTmg4&{lFX=qR@K<L1g=u?Cn<j@3)HH#by2QAkv
zsmQ#Y*I(rVmGAO{l#3svTqwqEaRrOtfr8d5W%+WBmYd~A*DtZeUn80=3#Z_T(d2SF
zmf1ai$$96l*$2)}hMF;s(qu#VKCVS;{Ns%2u4KT0p3K$H{dp-6#vzZ!%y7%T=-=Zj
zh|*nYeVXrrqJo(Nf@v{s-1(JKnE#)CRSRQ-^b0%Nw?%}joa_K_CMqgVnVJlzq8PvN
z+{A)QJ%9;R_8`4UI%z3IIJ}UY-TQ%Ke0=W=I!RbXX|8<Rp~IlH>@d6FyKWxwrw=&x
zcW$e2Z8kIEmX1!nT*g~kAtj^#jPUCYozbLq3bP4OvNI}(ff@!YUn8bLZRq8I_lyft
zu;2(E6e?=PZ2%-#-{=3ol<Dz_LN7?udO<5Te)4<8EIG78L-6`v(rjh{j%~o745ocq
zXLkBWeV-0>G`1pd3Y1tVn64VdWc#mwx46*tn(KjR3UWd4Ayd~QI}XE6#CHt{;!QmR
zwEAf<IW9*#Bmu{{GD;~>pw|NYmn3tXOdXN?$Ovk)YfeFT>~Z}wt7I{=q|AHcIfXTb
zAegU{8?rD>Ja?39mDxqF{<<~yMj)k_oxrL5jZ&X~s~y2zYd=j3Rxy9-oJEU%L65ug
za=8OOm;06`rMELqqvr@gVh5rrsKHKA>7rZ}0jY3O{T%C~9m+GX^ev@g7sDt(Lq;OO
zzZ0DKE0hKS*BG{ZG&YUls6#xo{dv7upXLAtF0(hCSj9F>U6r9Q&xZ4HKRVTynwn8r
zw^41XHv2P$(x(ZU!6y7coH^vGGi+XrhqWQTg<?F9(2pz7ZhHwphNhgVUChXgL9{B~
zc6BOaaS&=qoqZh8Xsq@jLMyTQn<?LruO_2T_c$&6PiC6Z`jfh-W9l&bh5tPi{kDnP
zOVj|D?pT!Ciw<;xhz2-11x?nt;e7!$aRDy9Wut|3?8)W0^_1u*3qSwEnhe{9DXqq2
zomC%c#sX_<%v&vYv}F&Q2GL2|4NevQm}NW%&lO;%<)W(rom#-fM1L|8`$2&JIUqJ+
zFc=s6*UuhuP1qP5m(CJ3Z=$|N$%7`>i0UcCH6{AAif(zXV3T{=>#vD$t5RW>WQ(N`
zQsKBAainvDVeqBCtF<WVTm9n`I!0t=WQWd_mU?6XUSif~xwxzE8cn~(07svpwJ~IM
z36%ielQ3vb(b<+IPEEUSPHnujv($X=NehJU!H+0&1Sx$}{5CW~MTQA7AR1U&e^i!s
zsJvV1kJzDOpC`$nZ9p}tg@Hh%-*CkarZv)O_r&OS9d3{?*l9A4!8B)uL$P$sjJ2wV
zp+vQY&<xX~;bE_V5u7E_ibN2Xc8?Toh${g=QubYxh|2Ej(}IIT?dfUpDWa1hSW-pv
zBqDZN%})m&B(09d74B&Qqs|urKgMDC?bTQa&7%!d7(S2Pa2}$=lp>nyo8@b1-tV@I
z0y`Mz*6YT+78e45ku(1<7LE-E8RPBH_hu^w(RA;nhI#bW;Di+}ArQOt*l9i`_Cf-1
zLZccO&DfXVV{lc>PNK*}7*N|gp?bl{R$ShtM{~bAeYN3)rx}zNsw@g9`SC5qZEBF=
z90buhny%?$Z0>5x1r(9EUljV=6C%2l!>Q6y&KXDb4ilyO6UYzHM={T*RLr2VGo=)4
z=hUX4#gn?9qkl{>8Dx*Jx7_<3E#Ct#4fmBR=UPvjz_R4|g+}+Qg)5Mr(-;xvvjc{a
zbrL4zMz{R7)s9=UEKcDA;hxwd_t|7EYX)>fegiV;yG2Nu<@s;HLx@HF+KMH$iCtbr
zHUgu*stsTARypGu9|hVPb!iqcpA|V$EOr&r41#6r97HZbTLINy?{1F8&Ypprk?h0;
zj)|UW!2R(PdS7V4YG+ttslK2$oA0?0cfbAj$ZG1_zK82G_)V@4zCUZ<@6=B^e1@k{
zb!7n6$!^9p8b?*N%d^Ct6Peh>z;N_ybA(hB&<}>;bzqRr*+Xc~S7z#mHvNdz8*2Gg
zp`-9U+}bluUlcoX_kB2H$>wo9b1o=pKjz+AIt_WyCd4b-Hym?$a9K{HjnqcB<v*vr
zvA$;AxLHTlM-e)`o*Yq^!UNj8KUytU`;ZhQJbLL;E|u60?#+vj(|j)em4&?QM@Fop
zRdUDFgPa!IyR%OYl`ji(cCim++gzabWCW(<+LIikyHa7|@{XQ!<qqaJa;l?AfK0_h
zo-)PwFOw-ZeL##0Mp;Y}a(Q@7Ossd?<SF^6>Cptxp4VDIyu!s@=9bSb3Nz~mX(z5n
z*8M${ZVOKbCj*vBWeK(ngF7vk$+9Bz5t2J!5u;0o!w<K<b^tLd$`}@tmfir_ND$8?
zvbM~EX5M;Pk?#nm4zEMa*~$!9-Yj#XNQhymIl)ws&Cvu{r$q&;R|;d7?qwTgDz->_
z35>hbSUwvb+0>Xns7QiSF7v5IUiWIeT%A0_W3j=&?S215<z_luweZ!Fw6Q$LONu|2
zTPnHur@8rc4%6}=fBk()z<0va-qweNW=Z^p@wGR_5z{lvZ_cc@k8&@7!ZwUir7#u#
z8>v)-J$2^z75bEq>;rs_O{1bi^b4BFpDQQm`TKQGr-r!^mwqaKIkA-WWGr2~K6MY}
zC-5rh=<h5oSQJ9b|6C8fr}(1$PF;9r+oVH%HjLPoI7k0vgxy1(JK^o4@AbN4{gC;-
z`zGhB%IW@cvt|a9Pk%NZuymt0(`&+CHG4zAhmsIJN~E~zWnU|^>|9hUo;U)sH4CUC
z=9X=n{{9biubPPulf}iuCV^~Z{<B#ow@BXJBr;%{U<!lRNY$Ko8fmeaj)x9!IjS*9
z^gVXsX+xtq;j?lANHimN_&*Qaki9Y14%Zt(wlePfAuTYW4F=N*9K*%G5yGj2Kq{r6
zdrNux5MsJ|tfqU3o8OG~bf2t+umjW$wclwVjDN3cZI;4mdM{KcY&qH3TSS$0oIoU~
zX^9I~PXU*cGGSUS11Yfe&ORG!VUU~mto)cP{sFdKiYC)z^Ji4uOWw$mg~h{ATe{Z;
zPD%C&jLb{=Qv(+z@cC}$ZTub0YI|O0<hK&_&1fG8Z@2UfbDIgJ-I;^8@{6eV2#e&)
zg^&}pRyM6=x6nlGycbVz5vF72F*J!r(2lKeNwa6N);lyjmkPCI6=AF8x|CD~xK=Ri
zkC_hh<jfvP(hhKWmE}hyQxK&4F?1nBX8DB`_OA4%)ygu6fGTUX4g>Ylw=_Y#td?PC
z&65|n4Y0S2xT!rT8cyVw$4-ld#R!89HkAX#2;)yrygxKtKDoDu>SLtjo4f^U_Mzi2
zLud!dd@pBUkeON@?cihp<j;s9Su6}Ij4hoV(B4oH?5d><jW?uo2LCw%E$fLBd*O&-
z-G(JCK!HEbn%BHh5cTaS_OW@QMq=0FG*j{A^JmDq!<8Ly4f_B&q6Yq-HKIKfM84FF
z9c>Zb;&qsV&$HV*n&mIOoP!8Uhyy3LS})-SGK4qNz2nzbxGXTY47jM~noE36>~NNv
zpQO+ce0~NvbCq6N<cHQYHEcLyJGws=o@OK204J-QuU=^4_v8rE)~P<*Wjy5&wZ*8>
zRE|T1YUr~0W|aeKv1VSas_3gOxbv7pp#8-fo5WKTU2b0&U|Ge&cdXwt!O^kUcTvi`
zBkyF?7fgJhz4neV4m@otQ#bPCb<GAj!9uf#-v1O{PkGrI%3pe${AYij(nRkUfO`6&
zzOE^5+3RNU_INk3DmVP4nbWbwxj8qddzp#?$(}5R2C_^Smr2K_t<wqnR#xFnNKx80
zJN9RFN>qFwrDaP*1-GK27c72^L!XyR8Y*XoHlV>#X_XZ*Udwy4ex@&|d8bC1JM(eY
z`SIzZJcFM#+Gm2U=1qI(<U>C^5Glh8+N?8SZ-emQ#&@@jYkL3GVc)7uhH?M=tg}>1
zq)@qYyC@aO-@bH|oW#i3qI>V9J@DOWCcF2n-Y3ezxTvduv6=h!m*S21_I1$bFS1Q=
zzRN<<x|0FBhjL>Yg8XN$!LqgEDwhtMbkB2xsL|!_PkU1zqep0OnWWj>fqgd;`t>Qa
zAd!b^fh6Pdh}T#t-Pw`g{%Vuz`lwP9?4CcqMB{|KyFsM28*YS|IFxZn<Zx9ph|(ZV
zd_sqEK0PO$itQCtay>*8L*gzf!=gdm1Z%ig(Jy!V>m)Qbd+t-%Zgt7V&%@92bIVMN
z62enB?8{<3%ksbg3k+!})>flP+|dA)NZ|$r(wkiqnThr!I=+yv+B}5y?QN*gb<j{5
zIEk10^VtrnRWBK1WD5>j=%1_R&v(J2WY@o<fLh+eomPHM3E9<U?x#01`Wcyhz^F%!
z?mfF(5L(Zha4;z_i_}n%!HgwxO@r<%p1nDR$z)NQpHB#6u0H>R_AImR0hN@_k6F`S
zQ48g$Fco8VQXm7rxihWZP>)?EFvM?t7}6T6pM3xUzR+8VBGe!{@rqb{T%1$uqG;)y
z%Adc!qE5hU%GQvBJ{3acW$p|lKlI{=`|Mgh$X+PG-kN@jL_6qt{gqnEo;jciY#_}h
zx88ql2mV~2xZ@qnGj*FYL+e2N&k|6An_{O=Uf1U(q8TvnMI1eN46m2ooqmKbKZGY5
z{8g>#*)mqeEp)cUmLS20VV|MXQxKSv=I-aEeTk85MH0BP%UwfZkTHKz(f8N~&a%ig
z%p8{E(kSAlKH6oE5lat;`qm}RHvN2RC{aD&(^qS>9X@-#J<u(g{}~7X1QkP;uju2c
zcS_M7#(Jk4(68f#YjNwte7n=zhrnARdPRyl$9;`#a!udj$y0rVR)=IsH~Q`v%jh>J
zmvw&O2;L&vzKlJ2y?b0uRL*UvMTZ>h?(CJoP5;n3X}*bM>$tMN=8aQU{cxSS;N&9L
zb5QT+rCVEPf9*q}dQ=RMvc6nmFx6d=)_vD*DYgk8EUHrZzG4qgackLw@fK4V?RY;M
zq5I;oMS=RM_dY)F%yU}u*dH8A(#y<y!Tf>znSneYD}C}z{D?4be<yuNH@UiA$1s|R
zM#W>^^_#(i4{28uS&$=m*IGq!xe}jLUb!5H_N&Rl0LPgaf)O<EGvavNG3RbZM6`By
zwXHOZ<EMCoKW{X!G^Og^Pz=5pu}gYm&u4jWad<J%xT=zP^epHFQ$pc8*m^I}X7DlP
zSZ-|HLEQdsX$W*h;_<nB@E;?yzw4w#+zj!jby|*r)JUwLr4o+wmyGEXO~P!fbyEky
zk{i%h6hP1y_y_wQxj5Wuk@Q)3&r^KRvA7v<Y+|aGpUKZ3=3~>=yXhFMhxTmf$QSwU
zqQTP^aBx3$1$RJw<IUPj*dFBRJw%7(BX@Pz)r`02AoDtg7`7B3g$f_WoIql}lruoj
z8ZD$9M$y9Xh0EnY2)>{2v(Ngh*eL-<8pkLPv;h}z5r4c_<I4{eUyH42;C2NcMIQ3S
z<@325KjYUfDHj}`9I|6VXTfvG+O`bl05Ej~N=4r_Uus6Si=bg+Y;J`Z!kc)X8nnO@
zyAoEK7CijI0G;R0%jIo6rySFjwkt#C-;(`4KOi_l!3zJtBY91@Y@rOV*xJXf^D_zU
zLTLp2(uJM;$+;xb^)c)zR0@pC6?$+Z?d%KA8(cRNX0IeqXr|n8T0t#^EuHl&=c}Hr
zbOy@L+1_U?FsH(mtxDv#$L>^Hrco#ui@dbgA3iAN``h0uH!|C(w712DXYQY9KHDdF
z`Hae++QciI2+=RwDs?)snfL3(XAzC-0iS?fTzxq~F9o&d?3x2x`HP*qf^aAFkx7}h
z)>FyRER`a{)Jl9I4Poq(QyW#t(B;e@D#W(rTQioc!{9?WxH*hpd@9hR2JHwIJ!Qv)
zoW!dXmWM!BB&~|e2e@gnDh1NU`}CejJ>#TCS{N+^vI-@P-ok)vT1mt2kfCB#3V@;&
zllO1yQWm*Pt8!aHJB3*q>Dw(mD<SlBha<_FH!ES$q!-#9FUky8SC~n`YcDEt3Ob80
z_?Jd7$u+eI>_ZO9QLGOTe#F_nXHHs9qHl{sd~p4Ilb88WPWW98rWPqDQ`cq|x`oc7
zFuCcc`l-I-`tpm8tl#uVbsJ#!qUjWa8%MFLN!mciL<xVGt)o{zG3P>2Y;E0xLY*`H
z<Wa$WIZBJMlg+YIo%&uIKJs)yx|E5Oo2_j+HEs1EY^%O0e!CuLTn&yp%K89hKkp=@
z4>FvETqy%utkc+hUAVN;JKrwt(a(}@Y*ngG^H-#!GTMJpY6h_EsC--EIEksDAheN-
z5i?qZSD7JVxZtfcd9Bl=?u$((;^F<-XwAbo;-D=)&LSHQfxYKV+A$S3ABllPAi-(7
zUP?EcTydP6{paSlA#KzFc|YB5<Lxyb1?lbHnBLS5zVX~zUB?g^cMZX%LhL`CxCL%!
ziIjK6&vJOc6<Gl>&TWXOU@jca`>ks^*NS|oVsf)9L2ar2j$4(!YW%RV=C*Giji4$f
zl2Ol&T)0CUxxmJ8Ni%x3z(%2_L<5RcmISB20DC7apEn}r$vxeX1bknMdCk5&0-Ka@
zdD>15Hj>Zp<ovdAzoeX)t~A)4p;ze6rdsJwx=nL&MJfYe&*6_72QZgkP(K-xSKQR$
z=5@xs->}39l#!K>bP`uGS{_m|3N<@SVv6cMK#?rb>1P>(bHFI1(O#m|H`hS3cj-eV
zFtXEu@l`qr`%szn7x=L>NtT>wNR}{sW`PNeFT?h|J7@DTlPSlZa%3CwLy&*&zGUbl
z!mn~vh;r1E(nfN6CtSGZA5~N$0}{OwXbqN8w?4Ouc)Mya46tC@_`qr~QWA>Fa`fDb
znvwSR3y`iECs!X8Ts|O9wa_9?1=J<gMCQoE$B$NnYHWC-Vge2R#P&H((ag)$QOvqV
z6QGeKu?jskNRr}Al7}YIqgwgn7KO^<UIxOtrr%WH{`hj9=iO4ZG*<l6$nMpb(tQ<E
z#0qcxa9O?bIN0WBX28dD2W^#AOKkIO`J=Sh>r(}0)`(#2XDfs1e1Gq5@vlqDSw#o}
zDp$;>#90-{@S<YJ=-<c^?2aRff*Wm8ws-kg==q;Bha$>`)WY7`rpSQW59^9@9KMdN
zrtqsF>EB&sUk-YHi7%)DqXuwyV{e<fK&>59CX@0GTLt7w2>_m$-Rz_8^ey(a*w+PD
zn;=H39*!)*$;cFrdsNh?IKZ8TKZ3t*V+JpR|AIl*JAUvR3N#VwbPFrEcC_Hl+}$#W
zxwps6imz^>vzr`hi{IpWV{Wl{@^*VSE3nr64rWRb7LRAi=K2fPGO(?ly2qi3=@2x5
z=XO;#q7YkY+@?!hNT^B2(68GA>vUzo71eg26W3-TqNzR<nKHp=!j(k-H9^E{(Eh{$
zBPVhw$}x_KA(Vt4(T_*CXrh^vDwnbj>p%JmbI4k%&|OVxKNv$Aq<g_+#4C(K7qzh~
zU!|op)MYG2f#IM+Qi%#&EILPlfkz|ig;%97ThUyEgibwg8?zFw^O|SHF(jyU>#atm
zQ`rJ$gX88Q_wL4tRLD5MW(t}abFbKVpDXBHSG4?Hm{atU*^~8SAi*e{a7&q0M{r*I
z?nUdq_4HPRL21TLP8g=Gp|Kv^cJauM@1Kf^Z)YyN0(IZ~nR@V9BljFx)6{ujx_HvB
z=4n#i0h@Ud^MQ1Jq3+tksd(0$qCXmQTvW%#-X3UK5!V;Day3FXx1=c3Nn=XiQOmKG
zb=40xs(Y4o1XeObML>SPlQ<*w-FK~j=7TQoFm|mMt8rq(8u)Q+IMz(}PJTG3LeK69
z!xn}n0nkD=p@n`?Y6m}o!csK<fQ#`5A9vWVIaTYoR9_J3R^ch2FlZrAo?qDuND{?^
z+mDKcBL&Pzki;M$cpgRLzPh|LJo0CnNNeWj?tSD{nvcS1(ZXcC&L?&_SaUAd?HMer
zli8jJ(`XwBolbnm5yXBUf@6VF2sHsLfTcl;4la3%zZV@xldR^|J4XM&=@-1xKep}I
zuY_<ItO2FN;XzWCS7Vpequ$B|hPo5VXS-8@Y|g1CD$RAAN|Ju^gA=`ee<IfHYQiM&
zXhg!nKmm@j2@aQQp5Z7$b;f&HOZn7#7`V+dUB78Q*0egUqSYc@FsXz$sh*4Ptp}A4
zh&2C<6wyG_4EZmX$7oKbJWP$Hd?X2$mH0VjpxoF{Q0yVikr&FwrcIswEhje0pyvCG
z6)L*G-kdjiUYW~Y#$`Gyozln#VT3F7)Dkr}KFVnp)SJ)m!^+FX%7)w$1^T`P4G{aQ
z(b1Y1QPXB>WIx18$^T^ZYo8v$1ae7Rh51UKazdhMztoUh#O1@$%XOgL*Qc)|6RXSe
zO=+s$D2dK}MeX(Wpwsq|841L;Vv)NGr9NN6dX2+tG6(zUbPWTG3(ZMkcX7?f&o=`d
z;8~FUqnCAeLOVXynId<+qKGdEzDLKX?>di*Zw5Zuza&+?C7*|YUG-XY5Ev^uWemUz
zDE7;`YVEbUfoyD8xzf_I`G7gwOp7@iP`7Xt`SdBgKRh%l!L*vw<Y&JSMh=P5$54~u
z+vg10!4G4+z6G11TYY~mbIttn)2Gvtr#Z}dE0E%`Crdfv*Up2So{92gF5Z!K?D{A%
zB(i%Zg*DyrdjyWR2Vvij2tUhItWA{$$D1{RDPY;?Z5mjsb0cpoV%=6h(W<_dH0x>P
z@5sjgY6Qbn7_%VL9@vjhYfc-MPt6jp#qK%XctggPoNjY3ccPErcACMbJ(uU??_88H
zZ+ZVt&6x~K+n8R$^d>K##hrA2c*S^s7^D=j*aK`g0a}~P@jOjncr;@6q5lu7FfVHv
zo*p#z#&k=oCk}A%uS|sQtL~I&8M>JY1jc(efr$d)qp!wkPtmQ&WB02|uaDxpF4{^u
zKvZ2KCwy*ON5#UbZd|eTCT=pkXZa{p+{2v_6}RZYx(Cka>tfrWsntsJ<w5zj)VUF{
zzAex>5~2HCWknyek6<N%d*{?RAr2q(wgYXu=F+4&y7|Y#<iXj~7l)}yjf<J%x7BD5
zkAy(_sn^jM^iic;H3>k+<3*FcR*IJ^SD>72Yg#?V&xP9>kEnORluR;eVI|Ar<U9HF
z#?9k}n)jaiOQA=VWlQd78~J)%M~wTG{gHi3^TNvf%V6~+2Be>S_@jHcFk3i_$K$;R
zez}k0Yy3~uhlMFWV>~LR7B7CnNx$Qq0{aH|UR&E%ZR#a*xc>?-)G-hiobe5a-SBd3
z%_@@hR`=c9dFK`#R2I`3@4V8ctkg0&>GI11N*fR{7Uz2ueaxhM+g3Ct*!66)A+{fn
zy%Y!!j~4>$(;UgUxx4u|MT1WUVy5t|?50OC@aOWcl?w7=-A|n6cJlJ$;>PH4+OYw8
zR=izTb<0~WA(19YDRK<yf!^)jdx%;%L{7v|$JmE~TGEs7>N`}BdX_!#+}rLXCyS7`
zFK&~TP+v*ez<&-|{Qeu6^p-%8g@|sGF~A|dM^L4L2$3{S1lF_?7s4w6y}Cvq0eeMa
z<jr3LaiUpo^3CNMNO}trj%5yzvww6pA9-`JE+erf!x4suIP754SevrMK@8T-M%wfy
zyNoJo?8EAnORX@Fy(zF)o7sn6`FVmcR<WLwzKL3WXi<T@l%1x>;$^IN0q1r-bCZ;n
zmMzwjfuFqV@vCn@>A(noC9cXZ!LU%L`0!B@rq;6MD>Z!JTG>+eEicRQecESOz|1w7
z|D)-5_C!T+%n`SnfVm4e`^A?1#^V(U>t+`X>t>Fq#govjI(HH4W?hI}!Uv`yZGOFp
zv|ZXz6M|sZqadY*i6s93I>Lc3;*~xBBb0}lK|e6<ut*gczhF<z?=cmpo3tn=H=D@*
z6ao|{C5NWzdtBeT3OjtQFcBn~@f?&L={Hj`FkHM0H0BF{YFAXdwJL}G_LAFj?Yx=i
zWoeOByh>H9U4MUC^cm)(-Q+7`S4-TbaSI)-cZVjsbXQ9RecjR$`#9`wvFUte?R;{O
z#Y@W9S(KD}b4aWw(BZqHgZrkTgXaM{e6)btbL4~4*+&T*x09b7Q9P&GaXhD?Tchrz
zjh6(8Jh~7hfx>FO6ZFv5YfJ?B#566mD8~EH#!*BVZXa9-{&>1fzmuI&clEK<d{Ahb
zS$G&HPIr~tc)8{H-OpP4<kIZdRR%Y`3q#zk!C3O%{`;|JfZ+1vHeHto(8TYul6yDn
z#KBGiWLP_uS$cw}T#>6n4;EX=Xl&BQo8BMpm`qwPgj2KIQ&S>{V#p)c{V>h!OgnO&
zn{>VQYV`0FOKL2OZ$XD{U1aJZa$Us#GV5;2Jr;26+qAb4dby%CWtUB!LuX_zciBY$
zq^2#GnJ-pm10UZU-ECM7=-Xy%JM|nWV5>hs=f9_EB;RxRl}F#++&1-gO>9{b{z;6h
zqFjOCuq4NQ$chzHz>(DV{S0khF7tFOb#GvaD5jRyvFzC3tytAX%Mj>_Eb*}UK(m@%
zb@ALT9ZYMI7T-X7wi!UCpT;8FIl3fLCf{$t8WkJ<AMOQ?=4{yxOtwMqZZQAD23Owc
zKBxl}T8Oc1z+HArHk5|#UbnlEDltwP^^4GbCqeEk8jn?Reo4J4dNWDiLNQ-1Dar&P
zsFBg-&-oOy@3(HBRoRCYAM#2CzH*u+C7PH$)jizl%1@oTymOQ?|GJJk4ol|$%*{g}
zr(Wk2O}Y&*t9Euy#3dZLO*KI`#?{fho8yl?oCuoEckuTwYOj(ixW_s#%g^6(C#AYy
zF$P@{Qmq_OQK!gM_mVMo43S~AxW1sWJL~p|iZcxoAs}wYRV_#23%|_=GQz*&!F!mu
z<*qJ2kpCfUktOS#>m~$AaDj#UkN~JORmpPq{KU_myPtA=&g26sX-K0htmQBpPKK=@
z=?xh~X7B#)g-92B6Ei%nbG`Ur3zP^1T1NAqt7)U;JCxXP^Ea=m_oYe+>?fLDBYh#B
z--#)c^xn}tqhZmfH=#+Iaz4H+WHRVI@J=zaag%dwTm0VGL`$&%3Pp+|Q=s-hXxQyC
zp1%W(?rn4Ymkuy`z`VQ-kGL3gZee-56UAjCq1e;-{j8g&%Bn?QDwpmd$1%T?b64mk
z?ka!`-BJkg<jGNuQ_0gEAbvc0b+qVJ58mvcaZ`%?rIv?uzTR^f#aG7RBu=qIXcazp
z8JSqxJA{Rw(wh<1Z&x4kV@u?b<{zU7<=l5_vI;z?kG1B02wT7}I>&bQM-g1Wx0iAg
z7X)5RID}$irVAg!TJN*<p<=(FyK1=rT#qf!>;)BiL8*n58siGI#d-Ea1JC!p=?8?d
zuT`~}7!7t))BfCNDrWm~vCp_4QO>fPh|u0zD9c{g><4Q$T?ZJ2%kH!nu8d{Kce`hq
zfB|$wYx45q$G7tw`Y*=&1!6TLzSzSioey)D*1{*}B$xI(aAT(5F^z4nb^GlJAUZ=Q
z3c5c@zesRX2mL7uK%J2lzb;P;laj>a&==WskijDMUf7Rh@phF{>C#la)6z|gDP$!x
zZ=M?Ywwpwk<zq^w|4<Jc$!OpJt;br%<G6tvS60MrVvOgW+Qn9R?7k3A`b8~{WpBRU
zsl6I3^qNmhTk{3?;V;RKTcch3=Lp8;<T4<$f{*7axq-TKVlcrr^dzN)?1z6ae26DA
zd>|c2c#&YvlmB3tr-5ubKWwanZAvR4+<`)wN&wZlxrC_9AZTz5x`iD0JB#3H+1{)2
zv=B*2y!ua|S<qq-d)It&Y$Y?O4EO==!(2ge|4(bhrwE<G>`8bTYWvbMoQZcUv4Nks
z4fN8TG$=FZg>dfUOG&J5-DmeXM%I#$V)U0C4RuFsX8?{y3ZxXJ>x!ZsSSLx{?WOIt
z8#ccV<V(O&kR+X-H*$<na_f>odh1dg<^CyBgfCrUi)M>J8^X1BNob1}<{}`sddZXw
ztpQzQM;vb+<AF5L<8RnTr@|3A*5*b+NM^Srgd93nsSr<o7^&=?M9EAj*ApBYMGb7~
z2~8mZ>@fyIZ&MwX(AQj8SD+0116F|0r-yb25cETU=s3F`J5C#?Xus7TVO)4LNMi-p
zLZ6Sr9cfx1K{talzhqZ+2*!HZYr;rN`{0JdSj>JeCIh%R2lGcQZ|KG?Z-g7w-;vJK
z@kK6^1To5+>I?^UZquHD>$+)knP$c}njg5fCW{2f;tp5~{_&T9*<{l^-3zGKIA!1_
zd#IU5m@KJ?2a5YX{YN25obJ3-hr{iQe3w(?Au-lAOM3#GBwOL1UrZ9%ScYHb@Mn5m
z^wWzie6Xs{M~{wn#t^9sRK8$sUGduXpT<O6Z0P1MFMej(T&p=9NP%(ICLdV`qv;}6
zyA@_JyPKwB1SUTN3^wd=S7O)m&};=6w+Ca3;pM5GwaEM_bGo9jv)~uA9LsRZh;=|S
zX85!q>uXn%W=3M8|J`wG!ThYj2-FIxkDU|euQMGz=V65UgP%bQu2b7t@<&K);4)+1
zTF?j#+yhS`R?p->=QD^$DLxH>u1F&^-~)CKMU)~613KVE#Va``>wzI6Iea%9sxjO`
zE91jR^YvT83h2H+#^Og_eR9Z#E-$uU6sNUYVDD~%ju1rSx~E_(tbqqCZ2o1h)Bcl*
z)c}?M+>x(~Jx2jOX~YVFQ?KMTmCIu3Qy!=0th*&8vi5Fiy#`(J2$b{u0S1k>vJMO2
z5NoNvr<9uC9bSE!R_b)_&4G{r-;Xs=tbHlWCFQitYZc95*>L&B0xbol)E!EZO#hWp
zUGqAf2K`m@owlH^@kK}WOUC^?V72`Kb$j;mt1{*bf?obNN4w#X9&lU7Vj4y(|JpqZ
zWjaas<%mr$B-x_IyH=m7Aq9sv_h<niQ(nc9+K2<uv~cFV-brTb#grxf^L`=Ki-biG
zpkWcjAC<Hbo|AVcVi9x(r#l?=4N?b02f{GNZL`GtY3R6FQ-g)6-d%|+DJ%S;O&1QW
zL0`U}LX+BPXd%Z*H!Lr-M3q!el;amXVjV}SoJ@xVO7gMIsp0kjBin1<oi5zAgOySO
zVK}QGji191hlg#eoHR~6@m>we8W=4;r@zu?os@68a5#Pmj#z&ZfWz}e%IkX<fZct(
zdSwIyTFuTjTI^0j$scFpQN$i3*d%b#ALNA7{rq+-iR4fkW}JJgC<n7SQT1_1*!G_z
zjbQ#PEb!x|Jo)`PXl1=YEBi_>|06@>*ZNrDJd%;{)r?@*$`?4lFLyUDoc0Yeh>FO1
zAzIo-I>vWt1q^wJ#yTpUTAMG|bUEwQXX18)hHpL(HIdDuMX*`PnGh*35{cBa&0lj)
z^|Mk*AVc`oVCIkakEW^kQOKrpB^qj1>8!R*0V7?Ono{)_!8kU!`L@&WA5^`3#kuCs
z*%t&;5s@cDH2d}o(LrnB2U-h1{;1FE;W=ucwGd5t^ip}imi~x%Vj~41ebH&Gh=y5)
zI~v5i7T|;@St{^H!OifSK|e69Oas#InaHd$&8k==Qb~!dR1xl;EMa`WcM%>rS+c*e
zbgC7hz`hh6Cx-iL@!`hV!@L>_Q`)BXLRT?itP9lkzKWXNn50h!JX~U}6V^)71EQ+1
zy9xuW4Emhd$U2j2FUJ>4W0G9axW@}ptF1+MCU*HRkaaQzQV|nms@KO=`E{&4ef0pR
zZPklvlEnB-UupZ<Y(5*1r;AiBd5<-d_H?`ns)8wLkPLC(d@AlTVdY43Df&8Rd2rFx
zSUGr=+iTxs2b%?%MP~}l!CaI-^;1gQOX%|mbjNx7A!H)i%hhlc2n|?zYM2Cq(7+67
zBAMr~5PQ-H3O}q6DAP0S{qZt!sbzOKv_W%tLn6jJ@Y7-BFbeQT5`N4yC2N3GyxJEe
z2&IKNK9{9zPX74jrTOFu3h>EQ$jy^)7KEb^f}zvUDto4STs3{i9X34<eI=y1paM+N
zf@IT}vUXC+xL*86TJOB}l!J1%>BF1CAU;y;kn2QfZ^)0)@BbfD-xwZNv$fqcwr$&K
zY#WV}#%R*m&Q4>yv2EM7(b%@x;LCH)`QARi=FjZwnzd))UK|&mD!xRMM67AG71mgt
znZXRe<pjLKan+%_hx2ZapL=5S4LY+wdz3Zmz<QYZ$GxO8^#2)1&=pk2S{dKc?}>^i
z5>|-wkDe<cQd%J|O%e|?yLGp#qMX3sjqDJ#QZ-AQ;Y@puE2P0-%eh78_2{YEQP~m?
zmzZg18K+=C1?Sos%EbD-j@3v)IuPnheQ;6C{WcZ92caj8JQ4At%zfVCf-PK_6!Gj8
z)#8{dYRzu-%h+qFx}~a!gBEyG<I&8gk-vwH?ndUDeK6wKf!LvXKW_8o$g?Tq=L>Ya
z>)^^1d#fsEpMO<W7Pv0v50*HXzsLl1+t0_v9ZG96Kw5>!4}iWbh*<|6;CbyH{)eq*
zMHsRbYY{{(_8k9x+X@wmwFVftUmhj~TJm5MBk#V4lA612lEZ1um_FG8_+O|ibhh8}
zF+{*An=BGn<=C|N2A+ls?nL+LJe<0_t*I8mrXg>n?D3Cpx73*OBpmVY*l6$Ad5S{M
zU#SvHVI_>V+`#b}LT_47mw03A8o$W~8#Ohgxv4XxL##D|sJxO0lzR`sav7|gsEUpN
zL_~|~aH)-U^`Pa<oJxYeJB<ue><G%Ygb|eRyc#glVmgqRkyv!^-Muu{jDBiZ7LH#8
z1d|%u1s#cnCK(t>LO4<;e+{o$bW1T^_dKAi`5~APAtO4R8$>!u)57v_KN5li8=o!f
zB-*XlIE*TgQXMBw9eFvkJbK%=26#1EPg8nu&Btz)`a^CFC+wMFg~Op6iDs4Md}CDN
zHfvPk^vUMQu%x~~2dl)<$;2iTCeooP4fwLed5B)UPv2MYS(8e&T<Q@sbuB~0n*dkx
z_nZ1#6*X(#g=-8_UP}%g<ip0l2571ysg`tZPBy~ZqNPHUiDkGo^c!@t!`mc1v9OU9
zMA75ipxU8EsHBtg;ePC9rD&MI23a0Omlv2AfiV|TOwSinB#CqQ>U%NCOGL|HQyva$
z5QC*_J{ICY8+1jXKg3p4)PVC{b^!9@@^*$CNbUYBvzJZ0Zn~@&LYM+En%F6(4>Ib=
z@|c>(aits29S`2E-&+sXTF_1Q%UG0%LW?ZcsHky|%VyfwvYNBtr5*W|$n25Caz=wm
zV*IF3xPnQLh0&l<1cuCx<J@)skkOb!n<QZsztWg$VpUO98Fz{y<OHiW*aAZd2unY-
z*u}}>s8Dp$seH{HNl||9_E8C13+2eTksOBj^o|^7bBB>%$5??D>0KL%B~>+d_#Cv(
zk5}po^Mlu+VaFGqY<nuBYTM5cty2GP1KiG=(6g{_1^rc;HuBUJ3o7`!@uO7vY!Gr{
zF;rTzvLzh(gGlUcsd7d+(SR5~5o9h-G~}LaeI=AYA-tHWNkf$JVg(q1q_~{Wxaen-
z0sAmUzK`u?H31?Gjzem*HOw^0c%g^KcrdcLxWB5L@i}RTacot3xX>^}g*o_(V6LBT
zW<2OEVO%GQl5gH22wou@7NDOtYt11H*v%vdJEs!P=z;^vz$rG00qFeF7b!Yn(fx)I
z6C(olGRenI6RsypYa1bZ<}O8g*p|{=^~IDjrY>e#HJSH1bt~A^wFR|%{J>DxN!(|a
zlmvy}2Q;0P1pY$z)#h2h_s&T5P+PZ34GA_T)FbTxIsl#4^|MORVnzjrS{YBGCsMis
ze=y#z-yzGj&@K@nAc}A;<R6V_);~hBiP=*UzK?f!oHP{+Vaz{y@MW;8hmk&?i4^jw
zi$<H%SSHBw3q3Aqx)gtKg*^Yq)68ZFp~U9h+~I9q8=K^93l|)Yt$PZw;FpRB{_}%g
z(igC$uTCr=AXE7qZvMoi^tiB&2Bj=Co+36dL?D(bgqoWyK=8#?>N5ele6c_6;VDs7
z=%m1_*Q_(vX6x11kxCDS@un~JeLHfiIdJ_blaKyXT?66{8cBV@s1!ZBcp)2{y$uU_
zm6-hPRsFsvTSgTAskRYA84>0)E_FRqT57$8?JrdnXi9UGL9~!K0~9V#4?e#`&sgDI
zB5KjZ7&H<{K#JHt8jZw1FIr4WZGf5F94C=X8jF;TfhBf|W;CbB*ubEe1f5F~Ms2Bw
zSex6p)O-nxQZ825(JA(G0dl`o_^vI9JjoB+UL?xToSQRzuH4AKzkY5nM8ExrO`>#S
zXo#sH^6mQnEbM|x5xgl(knX2Qcz{h#(XB?m%~vmA2ZF_?6-g1(e&V5-^U!5548xYV
zwOV7&ec6b&=JU??&TEyvvn*1L)jDbajU%xBKHZPTxonlnVS08KIj425ngN-01d`N5
znzC#$@6&RZ!MO|#=Y98P<2@W$A$eAs{2*Pw^cJ>Ki}$$2=yHm?;&Xud)_=b@jthPN
z>S5#N0&L9tUo3os);g=;c)dedhY}Yrg_>_*%<}jWQnzst4#d9$uYpQ?PPgjWsYB56
zA>eP5*0#v$lRd$Bbm50A7~;G72BHWU;{H`kBnjV@2pm|s=$eydPka<{4yHsH;BJxv
zLF(C>K6b;ET5d(t<JZjBS;D<jz>>Cb!-CEN!94;4+nmU6$Y0EM(J2iyq6ydDD;f!d
zoUdh-8^hfvSbAk+mmVeP^rKkx8t&W+Q;L6H6DabS3Qp#N6UBWpndngSaq#i*ZneQN
z&m3vs9YLp|hU%H}3cR~{2!Xi{jVg{D_K|(ZWYSepc3l{6O~?odosaLtWOHB6f?cWs
zUVQ<6QUlHdsAdKuGPC)(p*?*vI1^Ol4JO(eHU_A>(G<~cUJ|y<KV*5#gDe>NN~#*s
zqur8KBNzxvGsN0*qXR=GEGRjptSC$oRQ3kpfv7PjU&TMWv#1>kBkC7gw=!&^l#wb$
zS7v$UlDk5gWYWXB8Vpj{N13$3HifzX@T9c4?X4sN<6z-Z&X|xD5GX;d&*N1TGnFCM
z1US~W{QR1XgF`*1NDlm0`X9$MWFRH@I405#5doaZ;B11}FLF)6CzGa47bD4p@sm)L
zPMYH?n(V?z`r<wz-oM8bM?y{Q^Lsq*1C=F(U|xJgC5BM;6NUraSt?qYy`j{Sezv(M
zqd{PsM8)eB_$P+pvTHNKwV`A@nkRLezIxftqJ(BKLB$i8u$p%Uza*%8f-|mM+bvjr
zDbz!y;>xR&<0xvsT5o)Lqi)@Y2}&yn>e)lPwGAdwl==aW(qb~6y>^Lv_x)KFIiE;O
zeFuLv*oottwYM99+v33#PTL#71^;~!q^YO#>M8lX*E}c~LoeZ}QdNOCB|(mOS&`j@
zEgz)we2;7-H(Jy#1qEj&jS0|QkizPB(x=YG<Y9R)|EryIl9S)B=2_pFBdBr=sQ*xs
z;N%R*<qJoFm*)nVCv7j|ZvLkF-LMG<LO-Jn^mA%o+^w}n#bOx8e>=g+ftlb(RZSNK
zL4v*C`g2ms;^Nk_eGZurtAQ>{ss4%DHD{~!*$vCepgn5pTCsfT^xGn&swHjb)j7_R
ziHLiZG>wu1HPRa|znVV3zhNIC+Hw7?gHXiRtUYD#*?H)p5@X#$aoZ=&N=cpQ{%ikA
zz_vy_%$lhbyoB4QKe{h+<J>fCl9ICz!B@l+yPMb<3C|F+n|J^U!2koDx-?i%4Skb=
zl#Pn^tEs9=zn#)^47>|I8025c3U8(8Chp+w2AK`sW)P3&M0WWQEO!=nmd4R!%FBmW
z=g!m;ryCG;L+CO*5cQP@z$-sGVFt#u5cytFU!Uw_4qlsr%X)@YF?}YIcE;&8aZhjR
z-K>_rA#bKa`6L}#&WQqT0-uI&&z3-S%Yyy{tB%0#+8S=Xt|p|kd`aDpoBC_r#_)(A
zH$o(lNs<A-Hil+CDLb;@V(3m`lJRGjA@dC3T$vb0EDHS&#y5_@0*Ebki}ezaBP6#L
z6lMDmCHcQQY|qjt)VQfl9^`|=;~T^Oi?~1vP0|i-P0-ok9Afc%PGopSa*HfVBZoBu
zP&+V7k561Z_^@RLVPAfUV5#5s2DbDg2`342EIS7Xx!Chf1{u~`6FMar*u>$~J!BfU
zqv&u-0fJ;?cxp5IYBX>XLcD}(pOEY@jJ_DAv%d(lTRFiD9NcglLROM?gfAfTxZ+p)
zEg+M&MW*aKMei|(%tWW!8|Wfw8He|=F`V#H&2ra~jrAeu27Ta~|G^pv#<&G!z4V2j
z=AzxOI{|4>y1_VjZSq?#S@br{^s}OffKEn5MtH??MgL;=NrlvMlTt&r2}%=?AS-;B
znQ5TXdg1Z$c<onJkujNa8qON4w!65Y$bD_UYm)Ngmuic{xKF&QJ{4B%kl0+Wb-#2r
zc8L!Uf9RDU!nH^=xFtlyt0auda-;mJZrtIZtFOW)n+}$_izABf;(n_5X_w=P3~ZzB
z>?MhvWg!r*mIh$Fg4nTg(B!hi7#p~_$V5)?G{vtNGA*hb2d&&d(^mUcq3DTggy8%C
zS`^X<LGF=GLid&r^B+T{dW%0;RfD?;?z7{ctYLaUHLXR*_ecMGb#RRo2IL*w2H>;7
zJ@f;AIFYRx$t$ubcYyG2BEQ6-@=cpy&Wd4C<of9-doZ!F#uE$#|1Z;Mp09*1=Nt{8
z0`aXX-*{A+QK4Ba5vf{&$jm<Fn!=M|L{c%;Pn4<+m9Q55nv5i{Itbi|6RQhw_Y^rP
z>_u%;`XLz^Z$R|(p|yZJp1VDN)D>jbt}E5;)p#awLqidMsS)TUcID?Icb-z-9zCS4
z_RB!wIizM5Rxs$efK*kAsmpRec>*DI>o$m(hfb9+M`!v`OM-uk_AkOLDEK}I<NJrO
zWv4^xB%IYy-hlk=$bKT6H~+z1G4_Jpfn=?STi?5KyQTXT_XW!{Is;=I^>QQ028dRm
z%0`5^bfgp&Lu_a7$3S{0#q)*xMY#K!eZ1`0P8>gbYKiLWp}vuJ1EfkObmF?f<a5c;
z=Sq_uj$HPtaxy08K7>y^nH(rQuB2BcZ83}8xFPs$F<4s>wjyPhqcp^-iZ`vcU|)7;
z$SCRZq|RBbQ%n-B&#L`641dw%)#Qr+4Jio`AY;1`ed-4h`Z!9TS`lo(l>Jsr4(^+}
zAQ0SN;K~qw-BvObb%j?6VkBH_Y?z3Nz-DQf<<tB!S)Bg<@jNHFRkG%i%M`+4pY_&a
z&*?(jjT=<8Ul5YsfJiVtum57VNH8*iaB`4TY+m@IZ%`MZR;)yTf(Ai9Tj&iPAWJ|0
z)esV~`!Bxi4H*^*uAC6*V#~3$$0zt)01<?m7QETCPwcnlYofc-RQ_qH&h#wb#blU~
zhX>jGMJ@$#HuW`F;Q_NVDkPF^6~f(`(;FSvwAg=Uyb_b*les&y?l@Ilx9T^xJI3T`
z7N1IY9U3p2{x!7l41keVXSw)nN*0noJ2AJ!dg=kK<_le|&`Pstz@ukQkL?6<osPK5
zR0(DFxR46g2!*{sPJE!7<S=h)&=hQpwzN`8T-oIg8|`O-#`^LId{OX!v4$0e(uXcq
z`q0I~xCwThny{vMWli@%<dvrg>i&K!%_`uIK-MYbZzWQv#EJ+e{RZFCsbK9yswVh7
z1+rejSS2eEKU64`(8jy6b(mN=CzXfdivpt3;1igAg<G2~9~Rb_#ytZ{&x38Ph0`N(
zt3udCXXjKm?A5lh+XH=%c354jn8~}D?%W8YvXn3<{tmlJ4cL91sd{4mOkU<RXE2XM
zAcnH;SZdKBnli8kdXd&XGtfZn+D%HT&o_38?nWwUB95E>z{KDL3zcUG^)Cj7x<`rQ
zjro?&`_sHn9}yQ|IW-7XT<k@AaeGgdc0cLKzj%kB{Mu?+U}5gXxz$BJQq}oHkK!rT
za-rI6s;tNo;j>8A3H!M)8_=lZwM^};FdkT?fyTO2&zrpu@FvG7*`~avfvz5IiPE<x
zRm?kGhYtM#THemx?sWh*%^(xVsO=Rvo^UDRsda;0S6QlhQ-nTI7X+83FR}7^u6S<J
zsfDnpeRYHM+WN#nCVnk7W;38MqVL-w?@=ikXhPg=%b4^&K$6vP2sC&e(H6Uy$ceQy
z!6DwT;yHq<pE+->L97kywyg7h0L@3O$ESO1F6*^iZ7sAC>(-aVZ_Asws=pxVrlMX2
zzfEPPO|oFi^Z38*vLuA4@qxc;v4g*gEM3(JCgy@fNa`pNKFiFJRgR>6(yNdiWqY8N
z8DqDrlKr1I3H;+u-lo#U?H<#i%96soVvX(^A4;HYO##-q(3V*=gLH6pUo9ak8X)2G
zNxF#MEh|ZFd$t`*MUK64S0Q$pK-qs(Hr?qiI3i{*++pB^pxdZ8Xc{<xDo<2>X^v?N
z+S&F~!QM}PNKVjGTa^ubcWW$n9&d4X$o0l!=@4=PGDV&SzQ)Ns?zq^$%^n9kw@~I#
z2^aApu<vp=!iw4ROOe_|v&D`|;)M9+#c)dEKnu@gd8ez`ecb<d=8)|&A~sptLpj_N
z*K+U%JhFcoYdCERDbi+csSjh_gCRb{iQRxC#%Y<p68sq#Dug0F^-JR?RGkt4qLF>5
zgSZCqcypk*lwkJj6j@z!0UgDM86RizcLPmynirHAD`uTv)`ZL|`TEN(J(0t*Ng7rf
z`>tVi1Z>f5yEDdniS<IM%-i!0^N39`pbA97@B&@czk!koamzN`j198a@7sRqk>2i~
zw<?uoms$_-_^k-pbZoUB(cE*u#B+&ZJMQMdpX7G77qA!Ci5RW)+tb6apR815CYom(
z5OqTf28aZd2dIK5kRW8u;h$nTp@>5KKE)D&Aq8Vgh(*V-4P%E0rwDQ^g$qt;Nchr8
zo)G!`D;|^g1)6Ah9-1gg9L=2h^U$zl7?nM0%(P#14;{NAp!*iU`V}1uKcT2}UPpy@
z-uIKi)lWlK_&Q<ds%u?qU1QZlUngQ?COLAHyFRVpKbEGkP2I-A*V@B_K9P~_M~iYo
zE|y8je2=mcj1B(DWI+`iSn!LrJ`2q+QM;aR65E>qS>lxd3gkPf-K7AE|2r~<!RK#?
zu`@M9$YCtP0BjZJD9!kZkBNDTM%8Hd`(KY?VA14SAhz^I;KQ+TCf*UKp<kJ%4qC_O
z$7=kT+8P926a7=XWmFCPyR3FTK6n3fOX7@AGDVg*uX%fHC~RO_TFJxy_!xAQc@vU(
ztca;NA7AZi;pO2kTz%f)l0Pf$O!ocDguu~Ft!6NyrxQDxF#8r$_QZi08G^2;JvJkW
z-6aVMBqNECE3#78c2?w9lt)$h93ooctZ&gY2%Z>XY(vHQ9bVg;V*mQrSS)VH!}D&)
zAOAWq`pO!s=MhR{naQ0%4NDl}p6RylKA!LszI~D?PPHf`?B*tI9MHc(EN?LO+2xCB
zs2GMTio**kuSGdo;+Ix_W{thZO99@heFKS1LOp9v4X+@!6ip7(_W6pJ_H%~3>DyK+
zVf`*#EH%SIH3oqO*22nnPZE)BA{MelWNZ}37-BmlY!v??#VH!u?4NFU3FIL&u`y-R
z)Y)}VJ9AMvX<8$;6aWH=-(R>mKpZy|{VjdS$6VA73j1OpTjmJ%&@D~Wx4&*ECF$Do
z{UUp5_IFtj^%LADdDGvx#%<I;d@g4#Hm6i5zVDBk!{R7Fhj_3?-Kk#wuGilW(;y|o
zEUhpF<DV{x>V@I@VYLO>8#E;MHgK=#eB6t3TvrM7r%!}R4}Cr3sJkhK4)IHg{w6Lb
zi8trpCnP6{^h20Es+VSz3uzBs@GEj`n?6W3Kl}`LKG!JyS{^Fomw#Dpkyt4?$qIS7
zkEoC@<}n-DYDQIt62BjKG7>!}OZwcTuYg&}97<13&)k~yB+Qyev~nwE|L*~S=kEMb
zE@)?pz7z5+t9%mScx|mA$2sje<<VF6qOpzlXqS&p8+_$DeenAUWn4$zy3nnAmHS)u
zdgJZ+ds~cg(6M3-zk!I|p|&*_AFrUOLA$C9{w+4QFqeT80ckoE@9IyKdm_{?St8SG
zXGGc}CYBdR`?N2>VvOR$Nu@6E)U@t1h$xSpf-59M8<Y8Y!!H?$bqsI1J(#T&pd9T9
zo~_Adu%DCHzVt+q*e0?gON`+}feiW3ikv9neOnUo)A2E6rr04RX|ZWFv3g3Z38DsH
z$7ZKKw;`bX+Y!)>>-(^meIJg152p5{c~_WOH@8$)DIgfSVzBdN>ONs1Q2;D2qWgXq
zPvF6Sw(s{|o?bd*D4+7CMORK&_Qv<>VH(9=1>TA$&GV5#%r%6AQ9`fZ>~jIf+)6Vw
zyAM9?lAs{2_)}Y!b*iUS=|oQa_(q&(P<afwMjzn<qP;AmkEq75xhnFYQ(7!92)8(v
zxWAf{JTSrnMJiAl+SkZ*feMM=`xl1!#Y+u-T<BmI8wpWB`2kzBa9tKr04nn;Q9!u*
zllI8^AJ_MMeD+cHukxKQ2D`34(DNb#(KlLz4f$i{=sK13`un<zY)NbOB1k1nokeiQ
z<`sM#Q*~;(#$j^G-d@_3-5-g~1Ar8Gd#F*iDR-u1O#|sfbL>_NB!;Dx)e+2;oG4U)
zE5z@fGr5H>cSk9}yA8=cbzPoAjCCbI2Rk%UG-V)j%ovx#$`c~U=c*c{W7^A7_^S&@
zlceRIMctjA!3w6~l@HzJeW_((A(Rhkkdk@^Hjc;qD}uEWzXMb1FANAT)j=KbI$|Vm
zeK#x92k%$+r_lCV^f8}qaf`}1jDJ$w@&(W)(<g43T?y2g#+BRbH2vtd8(cCc>vcXA
zuDSJO@3LJcj?GW32B|xyCY!CHCc_<xEQI$Z%EpG3;w?lDF~g26D?;f>BAndeOdIS7
zfJ)$A{PYi;0{$0M9F}Dlba!I^RDdkRV#!xXyd(xsIrYVn(=-ZMpS#6_7+78)38#$v
zs34I-ITn*nP?Ev4-Q9o(MzWW}*$na?hJ4KyIhX^KX_OjTEACHl>Ez}NcRHbroMsR}
z%^emIQ^21cs!xCGLpkRCG$-S!7GZA?q4Z5x0N^C?`+RO$3<ZygAo36l1w)ZQd#K7s
zIFsXua;ZaJS|}9%1V7rTg5R};YW^^fP2mm(`3nQFx@8SNj&1nQv6=okHdYR}5K|h`
zW<wv-50N0<nNP<zUp)j8k~g^8<oQnz)j&e^e{+xyCgy*K?;}mT;FkwftzLo|+@5Kk
z&b4bRcHKq4d}=02Uml@vwrUOfZ7_AZzm`7IrkbbHEZW@xd~H~b@p7eoz4zRz+*n%+
z?HZ<jCA3smIJL0rS$kS~DkkL-Xs6>5a56q9j68io8=m->PVn7e8?}=zd&~_P8Kypo
z1kk+-GfSHu6W)-;UwQ)mMa=ow>C5f$(o>Q+*m>1m8iWfb`F^g&rzTWLhmFg^`+nnd
z9zmotOk%hsOe(RJQv$OEyUXN;vj<akkayE|WdId*RMh(n4-=$Km{MsdX`3m->?ijr
zY-te9V9_m())-c;4?2}iMVH++MbZR6u1cKWC^gXOW#6uU*ezTyL}eKLS*4K%S3a>^
zh0t}4^?k$92IN<=$Ik1;K2b4LR0IrxNR3P@=4<^EkGN{@sg==?ky1Ys$2h1)#8)QN
z{A~U<?Ibx{vKXK&7kw|tNsrK~P~OWf$DIc?AYXsfgE7qm-D}HTeKl!q3SaR)0<CK+
zRu(v4qOPS1U1{ZcHQlp#H+*S$Bz+xp9#^;>CA8U{5dG75p6aujy;QXWk#{@9QjlZU
zY+~<s*Zm#6)4T(UwT>~Z441~tEa*TQ^XUSOy&jMK?Ro)*|2AsmaSN@?TICf-N2^eI
zP!&r6UKL*G&CEFakRG^iVpuskWR$Iwu>s7hk@Jhr6ijRR-eNQW^YX_i{3?`k&CNyS
zACsRICMk3C5Ll$$v9ZaWqLscvVv~yvQ3*xwiD{7M1<%HcIweQ*Mxt!9W(LxQZ%1p9
zoEQ6r|If4i$FbF$|9BLmog4eZId3bezDv6=>8L}6Zh<?s_l<Z^Y5r^j4ye6Zv;3Y|
ze$@uA=FWt0f9<f8IojZ4pQXPrG-ihIrGBU!x_92doU_V4ssvk}ZJTkj*qqqp>p*L*
zr*crXP7(Q1C9L)4oz!GeW<t*TX_EeS;8Z!4V$A=X-%zNj){Wuli8pbs+d+zPr#TNH
zL*{t1IS*=*{QkAAh*i9X8<>zplTiHLG9ooBEg&@#x&cDxRG<tw+5cA&lco(jNL5Za
zbhD8_1=$hEyOmtn@(nrd#;+3=8rvC$KKmq@U%>Kc^Da`}rMzISpoar+MOIO^O(Rz`
zvd=Vcou=?!v5o?yuvCV6+n2sM6@)WAtIQ-&y=U%|+yI8&XyV*wimdMXg+Yr3YbDh@
z{B`@jJAZ5Tmj?tq!tUp3WS;pi=8K2Q+!4ES@*p*~LDa44b2gy5+5C3bHctMgBjyL}
ziN@xxT#o&$kA+goaS6G_mggjT;3k;~7QF|sSb|4Sa9MNRpQIU$KIJ1oC?4y7%7+3C
z&NtUmX9h@3zKPUVf>ovL=P`f+y2jYBy<@&p2oTYKQIWV=97w!wI*7lyC=yQorDJ^>
z{TDo2_@q}i7-+Mk9{|;|eWQ279=|82P;ooG-FF`v->E<;)DP~mX;AF!)bl-TVtcyv
z;x!=VPWR4IVg!M4gx+Xdf_j70`k4QL#x{~iqZBOrTE~_K&7~c-9JMxxqvZI_r1_!N
z$oXZFD#Lp(LI7Oe>jz_07=Bi7314PTJU5l}kqKJ<oRE?<K3YCnHWfKJ?KTyR)F~u$
z$Tbm>8=8<sYmTHZ9fI<Y;q#9z<bR_A;mH(Y)a~42(6hn%6w&~LFf;13&th$%ZQM6Z
zXUEr`7=9{%^jk>!2@*5M<Z}m_SL+uuky!Voxq>sb<h?=T?6B-^s@KxZmX51)lc3MJ
z!=WktOv&1a>_Zaw$=^(S5+;1G(gI}*eAKdZ-g#$1myVjz#jkV=z1CbCOA_Y?%6ctM
z&+jI?CqJbMKsEw4q7b<8_ea0s`uhjcjSdT}p6_8_$_ku^7H*n01R4d}y+##`8{6Gx
zsyuto?i<lMq8pFL1yw+28&_{H=-=PhXLDZlaxhl*3D?j>-$^7n65;!+O}U-X1Trt;
zxgX_^Ogszcx?QC4Jqyvcc+i!GbJ%XAa0aPEiuB?vCxie#IM9(7-pZUI3@WF~^nc}8
zLsLBqZ;w4GWl4RvhYnE{@uq#U9s^`49oy&(A?6pdP-O|Da30L6Z9$k`bIMZl)SQ*D
z3}nAvZKfq@TuF%*>w=`C`N%#QG{-dAw`e=bmN7C=7s)9LWGB;%uF-#WMT3(rvPS`K
zsd$wyeo=}yTIp@qM1A>L|5ig!=rZp7O6arajcE^x>XC@=rf<Z0rD+7eH)Pc(;Iz`X
z#$<}a$)d}v^q9Bl%xk3WWO_MIpzsC?TZi`u$MxBc@>yOL`M$VR)o8wamA{>vv~3N>
zMn!%1NSvMc=f~Vk23c7O?ACpbiAD;b1rSLyXv7f3;=lN4&;Zq5|9H84Z|0`hzSmsh
zqH(myUh8i6&qq7oKY*hArYFiXC5AWmB>`n1Tu<@q+hlycx72KCLBcXau^-L%|HkzG
z(R>>=6sipE+^Ps4nr}lf7W>&-<coerI;@-hA;{c144k#Nntmv-<PKD-monNIql8=q
zrW$a3+B-TQ*BPZn-cX2=@g#?_{N=JYq;viAC=f*)FJ@;aXdXB0WOs4g;Zz9o4*kBy
zDs3y_V!8gVnX&+Ws&QJCTJm@56g&s@oXm4?XlJV<Ey~4;*5k<I8tgUe?=OQ#___08
zg~~B(3j0&`oI&<OUhF_vB<ZKcNJHq7J{Dm1Oh1BU+<%hynCsf+GU*7#$oAgC4EX#p
zq*KG^&*y7>cYZh94^Z30NQ(GlKCbJG2ob>qRcMyGGR{(7O6cIl5CxozI+T0wP$&Op
zE(*1?p)O4Ze^=<Q@PVx+OA(A!$P@Ijwfw}zjQ|BW3c9_Rg(i2vTHrf;D=J!kfN(I#
zWcB{=)ibi``6+jMaKK<z+`cgTlxWY54wvTEIV2;5NsyKfF-U`V($XU7rCgB~!ZB+(
z)o0{sccM*@zRH8e!`Mnl!INpgndS)PvSb1$Qtl3OUS|n&9#|6sMK&Ji^UOTh$V;O1
zRY@3_tsyh`NZ!Yy2_b2dL?`<hnEk!PtqEf+Q}ypyhB(MgBHDLZwn0AxPgQOuk$BK?
z-)qN8RVUyrV3v3y*<DuemDR?^W++z$!DQx5E%_QtZWKn@zqsXSKX=*n!bC|__$Ws!
z#v;~RJ5FL$aW@VtI`bzoIoLu2wWCe`$$m0PTuuJiJ>;^-!Ov2saXBS4D9qli1xg9A
zHHKpG<lahw2|P~wn<!d;%S_5xn*EpNoBfjpCdZw}fx8yWv+q}+5U15Xm<1DG-Vg|*
zez^)FLg|a14Z|A*lN@?^f5Z5x*2S}*$aG{o+mEc3`@8ns3NRQrq$>)z5Sv_W`Tkb7
zM%ch&?BZ`qc+q)?TXqZkAhL&EXF&s&p$S0=L2jwyjJbj2sI@VKVCUDAyMC;&E<r`r
z&am~|jx1}X3aLHEndVk%4~ei6%O4g-yD_8tyEQX}g0xh^8kB$bHJ40>7EJXB2hZz0
zN6|1fRQH?%50Ih{po|Qahm+#$^!gY%qM$>vMjEizsC(nJqK-8SX;e!VQ#pz-allH*
z3VFla8vc~Tl@yii_mo6DHpm%y%^3`XLa~=7TCX6L012KgrZK}-x>Hg$2Qi8_Ch?c=
z;3g<OKIXnbo_);S3@`5O!p4sBy`g3s0ua*5)y+jm`E0u)L!TqMj*3@GD4F8;G+H_h
zYO%e<e{_S_jgjCK{UlU-`m|MEot-bJ`o!#~_jYg)L!vb*ZD2t~#C}Nh&~0Yb*3$m^
z;_UQi??#sRZADu-?8W_Q`2N*j8^K?#_X*SU!C96klO%zQ%5cd9t$Iudc@z(=8i30V
z4lux)SKORp^otga$&4wJG(<7Bi{4dYV<buKKFSK#{CnrJtki}}^VEh(1BCr-viO1K
zL#}AE^2A}qe43YV)0et;hriXn9n2DTt;AVm5?*P(u~0YfBsHbEK_GG1HsaS3y0gWh
ztqo@mR^jK*FSwkp`vKB;+Q=$)X#pWEG(GmG@N=>6&q0Lw@29dNkKgYn8F<dDqt6OK
zxf;GTC}^i&5Eo#9Ej{CP<PxDadgQa3mY3bB1zvK$1&}J8h48iO$P`s(R|Y^`SS~ki
z<X`xPe_hN&{M<7C+Bqd3nDX>s=uxUaSw=b(pFTPEaY1dTEP$!*zW%-mf~jsG(@kvj
zM6K@=S@I+)3Ocf@&W-P!0n+}L{ILi6)t#~KvD&{me@2YB<V2nH<RJ5xX-wDx1dr-(
z%W*J#*)jFJH`ZLwn(NF-49U1IXkeIR>lLjOdH696dAOXt2o08jtSsbU`}GV4cn=kD
zHnV^yCAn-VYP!$)!|Ipu84w3Eo_W^|RaWC^cC6T*M~2_6AYO7fb2)X5`#d83d9SX}
z(K>4UHOF0gNJvzuU_3<}p9PXIynVo}#OxDYCJ)uG4j7%}`UGHHEqbW=uM@?1P*aj2
z)3_Ap;a3SVV5~<)3|W*_Z-`c1Jl-MoNag^Bm>p5%_TQxl+mI`AIgSo>Zv|lvq0%lv
zg+~4EC*_SimW@3;pNW=gU3HVjkeUu8s6&-+Igp^3mZ$!F{;liGZ^7tLbzd{8;gRfD
zpU9=*f!(t#^ZHRdp)dd9rWhOi1Wm0m^gfJ|kU#Y;dTDB<d--3#@z4sWxvwd$y=RIL
z2whL&hHI~mRGn4)^X8w6-Nk-r*Tg-gT2#ZzLWwzM{q|T1W^6ZP(V(+_dTV4Yb<$IC
zM)5eKP-XDq1fqgEKP%ovuNWE7%}~?P@Qa~g!SzqCb!jMcM70*`wMu2+Z;x@}(}=P!
z&#y5d%#1YZk1>3A(H)q8aCTD#__-4ykbkXaFqf65oM>*zQ}^A=>~iB}=&@`KcAD;l
z4!DX%{G8ct(^0#29Am}K5!WInt^5Atb)r-JjJa{^yg7Zi=EfXI_PbBi5&tuaSJycv
z^k)=lSr2a^gm5l=?k8bfQHHwzzFiM<QoiahN-<3hDAJGJ-+uxB$-@0(v4s}$UQN^s
zUkz{oG)HD9tV2V&?$a!fuP!x{5SIugXIyaKMePpKK;W=UH9n&`1ZShWSxR4o{EBjH
zwa)ZcdUEygthiVqh>POo#xN8Aee>gUs$Oz|(;qN<eTqvbxD+v3<p=CGjPY!Az$_z^
zYZIPNE<l3^h-)sEW>vRb%JR{F%q!~|seaHQEVgux<?3!AZ?q8mW+V8XrCP7%G%JeE
zb{XyCENPukiNaKAvexkSB?nI;sDe=&2#NN;Rx6lBDas+1&bxN$kDz?wIm?yb3=j+B
z#<f>{P1rT|Ycz+IPmQIfk*nq4DNRN#mbk5@yJ)-v9>JyCaQmB_D_4?-u*&t#Epe}C
zepRYUY%|>VR(0Y}6r!3Ua2q&dr!zTBL9;@pGl?Afo6E=18N{o&9gF-JO6$Zo6Zaf>
zXN?%)rLoFzhfJUP>pFGf%YJ<8#7$gqC9#2!#C>|^6YkQ69~}d%zq7|do4RxY<&ohx
z4}eIAck8ZV@7R7T(EexqdO|QH9zQ)zZJf2Ln1Dc|_2Rn6yAZKl>Cy5wT~inCT#9}#
zpAtaDiT{nHs^Pb^#>JSYTws-IFZX~`E~Ye+JTWvS0I6ddr!Y{BZ@-cyxxXcaLBg_v
z<+bcA$Ovmu#>G4G#}9^yH@E;8_28<z5Lz$J7%o|-fg9<Ruj(4VfPZ_901RrCQ-Vt}
zK~@rd`ANd6?C~o4l8RY<5?z#EQf0COy3`TYqEkK>j{m}50H><3h(}1=Yk49=V%y3E
zORQ9<ixPCi*53dlRlqC5`ob+HvqWuc-%gVm%uhu!TG)1df7`9ri~9$-Th=2xxVaB>
zh}8Ya6WrGw4`YV-HFCtuePeye$#asDil=x1YEoj`hP+}am1Jkh#!vLE-C{UhJ^n^c
z9>ol=Kg9UvA2EI=>7FxSjD>Ao%Z7AJGdgTDBsy-&ZnmZ|$xReLxp$dwbQ&ej_c%nS
z6$TfhzW_qwI&{iYGI#gEaXLpo6(!5%q;#`3U7fmYb59F~*WM&S;oQ1f=}U5?+K@<G
zNX4c!C%^OwT{2cVn?P)vP01!OWv{IF+khqhd61!>$O$VEthbUnNp_2PlYU}Mc-3Kv
zyjlI0*{wyalo|>I>(jlbSYoi-+dJ#?W@2)rIRIeciC5bnDNudK%k2+%7M*{gt{VG`
ztUyU9hX_G(ASZZ=v(OFO-%VG`)h^i&^Is6#hnd68?rGl5?!y{_iL2m$4qtSI!<q&a
zb}(RqCuvl;rNS!kyp%g55JkNE-U8WJ&C8?;v7WvaH14({hAWotnSM#P1H_yuh^LGZ
ztxTNEoQVpVq`UOId9Me@+DFy+987_O{@x1HYWO7cLn<2^<3Q!AJ+fwda^v|;;d?yi
z@i)diZA_)oWc)qQJ5&|9C0$k*(dL6Tf!&9NckBMf=Y`{_UysP)BNtwp!$jRD_O*eN
z*8t)V)iise_R7QZRgR<D5MaHeap?YM9pg*Oz37<66K;(9(OOvBNPF9oC)cU=7XAuO
zr{b&HF;H@rLKq<Hn#s14i9@wMt%|y}tXtkFniti9^F9Dy{>=C)h8p@Q`VQ3#32}%O
zc$&GMzHSle?nB-mpDYwdD8%o$x*jcx(Yl+%RTwQ;cl{?rdP4;d_=ZCGcdkF;BDN&#
z2`R>L()hMzp~DvEdpe(IiT{P0I~*BO5o49|5q)fLhq#E!LG4!zCek^S{+-u~)`ogX
znQpYdGQPT95PaHsQ>+Y4Q6ieuShpQQ>)Z+b^H^aS)@vZ~_@jfPM}jQ06z08A)Og5@
zIaaDA5TJ`Czr9_xG<n|9Ef@ogw0|ys08x&0;}waeiz^d*_AO}vUV+o1B0o+zbw`FL
z2?W;{2b$ddCr*=t0e7eqwL7zE0;*{$iFxxG)#^j<ef$PoMaY9Z6xIGwJ#c3eLIN6<
zUZ?$^XY<`E+f)sV+hF>kZ+^$S$MEqB7)=b#Ko0vNe<DdrrULRfKHBsPOQ_j-R`5PT
zs9B_<=%`!l{zrikh94s3FzeS{a#91OJ#UNvI(T|`2M0*8xxb3es6h&Oyiy*ypY4sx
zR8JDQe;~Ipo-ikP`KtpHy$<Avjbm*>B%F29b@`d@`t6iiw}t2fW4i=)4p8_hJ2fIt
zR+tG*dh+PLt|l6{^BZ2_yr8RHJ0H2&JL5i|{q0u4U6I8?A3;Ps#uoR&S@CVUI31Sf
zCf?2QUBx^V4M{l)S3o~)<hxnjbhJ!ZUX5Bq^R9?$6yuvr9*>f%@rq?gwV=ay45;?3
zFcWY7L{=ADuA9-Ov}V82WPqnBjjLy`%roJa!GL6P5VXWJ8F@2df-!$o92<>if&_-1
z!uh8CUq&!O`_i2DG~b-|A$4NYu+3?Uu4rPFJ$rq1x2GfPDQwbdB$4=*A+Z$87HZSt
zTtCaa%iH;0uGil3KGLaVPvdPaqmz7^x~+89z$=;cJHVO@vM3C(2}dP$$@7!Vahgc+
z)^16lL_BuHpw6bF=4|Xw`k6CY+YE)0G8bB&d7C$iTOiBX2L@4{E~0DzEK3?^CK+A{
z+JlC9n_qV-xOjO}nwc+4TVHSQ@8#u8K_pIH4n7awNM$$sp{3}F!;ItSO|1&Sj3a-g
zir8+017@SE;#KkRUj2;?kYmXTnlo!^^kec3zn&8X{EKK?HmU5Vd8zCVqQM7YrLsSW
z#shrNjz39=j$Y6Nxo<)T)g4qY!}=_QC5{GG^_b8wK|DtD{Fa~p^2fDj8yr)o!2N{1
z$;Yxs+sc#;_NHbsg5TKy7IXq=Lvsj#oUT@@R9trY_NP>h9{(EJK>PTDBuXpqW1>nX
z`N|nrc(5@~wO+Rwjvrk(3Ptv#Yz6NA+n6*AH7ZGVG(eV#$`E~*FD_?+&J)~8k7Fk&
zti%M#G64cNzcm~d3FcUdGYs=byUlWrL97_Ly6QKa_U!@5wRsb@LMSFcf;Y0-LEnj!
zfrhK0Cs;Q&NvXAukYnPFJ<Z~RMDGAO%_0$;P^NFEqDEbO>=Q#p3nM(rM3GE5=%%#m
zjVI5w(BYU;*u5-NS2yzCP67yvIJ0EEbh8li7o{qG&2;cGMslqWMe)ZL8U7-l@v>L|
z>wDyYo8D4k`C-=rP?E4!=S7Fp^f`=1^)e&6cTT*mGi7Zd$GoG20(@28%eq~mGmOCZ
zIzag6W=(k$aw}#r0m&J*6K0*@QQ@x$mq{UI(T$Ind(ru)rkBf_qY7*U_kCX6IMP->
z`wxXImwN6Wuwpns8Zmc<S10jcg*E$CCy|EtlhK{D+{++%19tK`Y4c>Ih9mF`C80DJ
z6!|v9le-85Ie){SfkJWBNqXtk!5;)+@qQ2l!Dz)3oH1oCPMaepWKds#sBKMqt!=K3
zQmIyyhx+{wo`H8W`;4hTXq~2AQTp(x-PXc>w+H0Y4-cv@3nrUdM8Dg|2&EGDF^qV6
z07i{vTdo|(wM$4L4$H!ufJ~zM*`bohny0NQ%;4aT5EP)?{^&O&-oc6=Q}n#5E;_;$
zkzhmV({jF48GinZcIlYOkia6_@f0k7?eX^-z7hjTCkLbpzQ%8mx$P;|w>-j|UTZ#>
z>S~aSwU8a^5YQ}ZjKIE^z9P9ea-6X}koky^7#P8Svwq<WziY4|+_2+Ni(!KfTVoUz
zG1|wMiIvO~9P?z-H?%4gK8D{nghwoH>YXxSt`p7T+v7n81ASNP-=~RgY&TLuc1OQ>
zPV_IMVPwe>67w`467!G0dLK8hS%q(<7;Nx|`eg`VC7rL6S(O{OB%hZ1+U8_*9EnC!
zIkC+;GpY4qMglqG3~OXk9TrX>Qjh$ef*DM42C_wq`ni8O_=2plA`+)jz^hsp{t!3;
zi?^uNJ)2I(r;Hn)qudD1SbNqpp4>|7Bv~0OKyEe_mJXLSp+z(7WWhwsnEX73PuKOr
zf}ww|53-Mdp&toUee#pUY6*Wd*Nvr`aQIr~CbrEBF4AahpwH@nPbc`V5JCV2EK?^p
zEYe2^LD98_8x}2Rmm3bI8nwsf&w=8ZwFKXpO25kmrZ`7QUA5&Nh5oFs^U%!rvUpsr
ztmyAw$k2Lgxi3h+RuOd~tgkU0Sj!11HrRUrPVo0CC_6dFO4U?PtLS@E0*@REB`%{o
zw>wjc7i8h#DbOwEit<%j>voMcGHXv0Sub5m6{&^l$6%rm%MRvJk57M;TB2_}msf0;
zk?nQGJ!VTNV`has{)t!K)s7*~x(OfGg+p<W(Z<#;9$?|vv9h3;=7DqJ*Kzzq8}Q$T
zfbcYmGx|>MGx*s@ZHc6M!9DVwi_0rc6%rWt^;;XD0~aNqekg<r4^3IkN>av29W7Bl
z29w7A+$kSw4ZUs&h5yei4#Q5M$kgY&b0=BS$HHgGgA9;l^~8BvL>>@dzq6tgXGJYZ
zRPAsS&)oJ-0+ea=Pmno`mYD!mS0^-)U}rT>2qv5B=p<zgd?CKjnu#d;N6PsaPqZQ1
zlBBu#bA^^pOdS*pimHkDHD{z0%9vk{sZ!cvOYklNN$Ouw_2&kxk(M?I7Xr9dNIyFz
zMs)TLZag#=N)`1+iJ~EGkJ_Sn3;w#jWal-g=ehVIdnpe54#3pp?h*W4xk991jxsC1
z^m9uoeZ*<TiVM<WCl%ahNyNIn1*!9SPto<gf4l*3FFn|&^~jeIu%+{~W*_fOsZXHu
zo^SnnT0Ggh?J(OhK2WMg^Q(}awyfQq7p;=w*+729;ZT!PP(GXwaaVj6K~R2l0<2m7
z4s6J&209wR9j3V6tR)+ZqatMs0Y$KvlB!ASHzwGX!ZXDVD?Msz{LKq)@BFv<W!DpR
zw_;pJ_)89v%kU$QC$H&bHcTDgcOi~b!Tf4c?fz5>rOBy6p57+pZv(_Mn$hEYS9SI5
zRAXwFxZ4j-<R}at0~DPO)?z$d9T$xkK;l4QN2%~POW2rS=ME!JjXMxY&MtG`mRv>z
z+IcMJAe_EOB{zPL_Ny=dC=-ij0}IJnx$ZYi$%Z@?Ew5eT$u*ZKazgefROSoOa=xFC
zWH(3w7t&Jo7WMVj6U$|}%%*dfw@(q3!Vl1tSBCwuw8Zl-TIxTe0`(Q+>q1|0ik$u-
zrmgmY!JA<1OgROXaPG$JCzB)N+8RQrQ2U-)%|^M5kn49I>pj8t?i?;3#vc+V?mEtq
zJVJf%Hn2X~5=>OoL|iN_(hpU}%`b0v4BafCf;$?J``eosoF`+_UOg<f=k0G+cUSN}
z3))o5trl<I$P<D91ehelj9LPN9+g|T4f;EBQ^-fpR=QL{yX7fEYCp%H0yM5;X%lsc
zD<X>^Atyhzcma*XllI8x(wb<V%FRj8_jisL4tnkyq1~ZV#AT}|0$ti5%A;>+49Ztu
zmBvLJW$ua*Y<J$yT5N)*T{Wtr*(PRd&>9~KfbZR&o_{=nM8Xt&ut;x#OWbF1jA+8P
zTlq%S$?v!!)dx8p=~j6r-*Z2fxnT+=LId1+llVd*&6ujPrt)LVFT=BLk|-FpdBHGh
z0m`YbGv*oMUOX#94F9WWxD!FWs~l(lV3Z=@Ka65sy8S`|J3tD$A)_sSSBl0**Zl+m
z4Cs<8%aOf>1`$5%YBAxjW%<JSgq_nfrzwHRUa`;|e7;dHxkH-6{obmaGrXh4Kwpl{
zb;@pB3z4wLqsmieA-Yiib90EiYTM+{=G46y5yRz3_$|9y<wcAxq${=}q-aRpNbVku
zbh2NWM@VXPV&G#bj+5J_7FLwrX2}Okx+T#t!9z4yDC<V-ze3W<%(8{~4h0rE`^M`0
zUm5?v>`>pV1!}xv1XYGE%RjMgjp@S6m~#zyg?Yy*TxDi2Xo21gj6jmE{F00IFJ&i3
zRh%uYM-15499bM^?dpdYArO`dcsS!lp;=pX18RBG&*|vv3EtWQKv7%2nhAyzhD)i&
zQ~mzViFYr?E_Y@n=|D!9j&nz3LVCo<B2Ssx$KYQX7bumYh!I0JoE_-`(T%Nzi~}x&
z#3C^Ea&%p)b;IVo^u+D_zow)`^wdQss}6(`<o*hofsL&l<Wuf|bcYtmPvo#6%d0iL
zNe_c-UstVxEv+)SCVtCl0vH4X_Cj)&>9Z?18nWC{qoS4>i5vJZov@YS5?OfC$QRIU
zGq9W4(gj?ER+})n-m@+SQ_`R6^_AZmS<r7d9hL1%>-a6fIFuXeE$j4D;!Oew;9I2r
zAeWT3!;Nn^m2wLo(vc`VeA`Fzy5NP}&alCYJ5Kuq9EXc%e$CC0PbbSg!&ybB3F+m!
zLkeQA1Fws*Syr=?g5$-kKAR(<=fVA0a^%@V7NP2?5QGJ8%qJMn&HLUd_k;0&f03e=
z8O?*4rAm_*SV$>EUXiD-8U0^l>1m(nsfBXb$JH6?{pad7))lr;G^s=nH(SNO0bt$u
z+_riXZS%+K3W1A%VliBzv0N2KE8)iEsYn+zjR&LiKJ|S*Dop=zf%6-rg4Fko4DX&m
zdHGlu^rbTc_bBj_R{l$=CD*`ot;j+o2-&2cO}Pi?5S}cj-*-2NlQ+0{L|4xr`5Hla
zJ&lT<FH<SzIpF0j2x*&>dztzqw15}Owq6_WY=bJS-`3j5+qjb>wSvST@t-TKbi!NH
zC)~o{atmE=`+t^LwZ_A5;x4!}ODj|5t<*Z{_KxR5pbz{S#!cb^Ks%YcFvkGZNk!S8
zP6Mw|j|ucPaJxafwu))v8aQ&??k3;*G>%miI#^D_^J6SYxUyw6RE5I`AONxFZ8Bo6
zQP8iyh2rPD<NF+2Br|{WzK&F}CY*ls2mGgs0=xKWq>0@KdOo;=g#jA~iW+3ClDF70
zbu-b=BRhKDMJ#6bi2C}ugny+ZSGdP-O;AJvUK#MdS9^c%y>{me3S$dNrm<3SWR7cS
znAZNzotW*CJoaqO*W*SD92eNH`d_6&1V2qJt22pELMgUnruMBx3~Di*{qaVWD96si
z{l+nf3MoBpXBB+_a#YTe^Sk1mbQwuo|7r}w)Nr%8$c&QFd}-;Q#i>S0MRZ7}Ix|o6
z8%16L7n#82d$wvqj9JFK0ZyKQiu}T_nUq4MX?flM@dv;z-ajVVZxNUH!5}pMmF*^e
z`D_}g%E4Fb*N9Z9&Wc7orwta&FjUpGd<7|>`0Iv;l!xgQWEQ3UPMB7SLawq`31o^|
zCXle)LPxg+fmFV@^%Hfo>@lzW!Ah<ju~aWL=x(Dn8+b4quDsajRMICS_wv;Hl%G?8
zumwEsH!&A}OC+!ik3WK`n|(jh)efZhGCU4rLD9(<I4~0ydR#DRBs8Z@4R&5?%y~_s
zTDk^<U~A%<bLk(vu5AMZ4uzqEI8JDN&DCXGXmT4TE!J#mE=2AJO#3qwQc#R0#VmQu
zrAH^kKbDd>ITCi^6ho6}HM@kkRRu1208&b<rUXG!hw{dasj`<VokGrhd^XsMQf|rQ
zzwN%H&ekON^-{`3;%L>3q;lCic0Bi@Gx6YwG1H{q_Bk8dS|8M+#;t+M_R5-9sTHxC
zpNR++P)7{q#$HH1C?=}Qyo*C$!$}C*58Pf<Pul7?Y%aR#uLjp%<vI<w7y*p=61G*L
zZ;?CYJ{;EW!UwKOV9`H<pwtEPyjnM=t!QD=Fg$U?p%H#s-_6tqYSt8*PCoAqO)%wT
zWW>zdf_k!gS>}u)T4Jb?O8+ni#+hV9(vBYK+83t0zIt;FLc`jquoAWFaN=9p`9--G
zD*NZ>g3koOuLGs1hg5oLO+ea9lZb~pUz}RzD{up9{hs)&iS%mmIH-Ov3}gMiV4=-N
zf7`g#_g1TE{DCzV0pzf<53KR(jIku?%xi@_HXHm-SiH|qu9W_mcS%j|CRoabSlU)m
zC}V6fKD%i1J?8)aM}tnAnxU7{+99S01dFG8|GRMRPWc_+9o)hd=)tjUih@_M8_qqi
z|44lfZIhAXu@jYA`|`sd7g|@^9IXHFM>$tXvPoLz0X=1_`6ZB)=e;x`-CAXkuh`lW
zzzd}c*02iV7#5s&*`$)nzg4EyXz~!NG;Xl|-frDb8&R3}#V8*G<^M7Dm0@u<yWhA&
zad#G%0>z5EyK8YRUZlkqcX#*VP~6?!-QBIY^X_xbdH)ZeZrGi@?#xV*NixYV6;;|t
zGT`R0S;3w=-69K4$nn5Q<XOuz6qOeh2?L#_!MBYF?{ChgMWQDLh@wW+XTFl}9w^J8
z<VMk_B!@{*a%1ppHEl2<$hQCOg<HccE0tInE}Eks%Ug~fn;<6a=bh+f>u~*qf|B~L
zQ5+~4=eMt);TLErN{Wuh2%+l76o?(o3&grm;KBm(5+JMO#CjaLbOg%#!5+0@zI)`R
zU2N)Eq>bei>VU;+p<)=DI_sge=&~|*w;<M6OX-C9Sl_W=+7RRzGOzGma7F*}D+uPS
zCj53#f)#?TqqKu{iMpIFc%oM{I951!_Kj`wYQXJ3bs-2N*SA@&S?l&WG^~fCM{08Q
z>%ims0K5Ar#jP-~9TD>D6<aXQFMDXH&75gcF2!@ZI(7A(ly@_={k<>O#dhs}Py71f
zp4UXPoEt)(*J#H&ThErLg{bhQIeXIQ82F}SA(kmY<o7mLMo+(Ic##uPjzP}Be<1@j
zQ)fBfk7qe$DIgLHoea6589tMD<`e=U3?9$*fi7>~+@q1yD0}2rkDrDaiyZICOXCOw
zQX+YCu{T8vT6V5$zb*JkM>BB{YM0>fwOEJ2O7(~@@TE*m=2hHTUFv*y&r@N@zCZa%
zQb0yW2$oUPxtr2e!Ug4;_pPJF{Q~Xc;Py?!Hm`b(AVrn+X*Tq%ZNc?I<0TGQf_H{+
ze)CGbE_uP$u`bf#Up2BYIXk<Y#dk%Y#_y=t3NDQyePngp{`qgY7yLB#d$p-6Pb1rn
zL=Hy6bA9hPCm4X&dVbUAr;N_qH=;M3qg(X16VlfaQdy(vxvIKs{wsp2z?YZn6wvBD
z?(6q^Toa9QZghEEqwTM>R&)bNvkCzdq3Gy`tiq+NR8E=kY`1wd;fzf`K*P=cO@$EJ
zFlm3(FmE@+N1GgI6e;w5dn^UXO>w$%D8XE=w8Q)On6Y3NGN1Lx0CBWHwGAmcvAnmN
zNx>AR>UWKebMvL}Xo^`1tR*<TFzY><J+8jb@7wF;qw>HgenFhuwtM~e%e<Q`v6>)j
ztEomYX9;kjI|T*pQt^b-Hj9iaxd#R9H+1h?doJ75*9CTf2F^<d?_*YV#is2Dhe=O6
z%V7r1IZAXWr{tny+qbQ2g04L;MMBj5*U`DLW|GT``>eKwjfeN)1-MBA;$HFR>LiYQ
z-j0hz5Gsqp_iLhBj(1k=w2SPzM-=U}sLADS|9&>9@5-28DU`5q08x4ICZJriU;ETz
z218MopwS<K0*O@RV;$V($TPv-l&nuCm94?6ftjK74oC#N-GlmA-a>H&>OPB4QmUme
zN!^I=lQUIat7{j9-=<0aiph>vbOG@S0!ZVs$DAu^=~!=kD4@&8QH#K_uIl}RF!XOC
z?r|RYbE0G^Pu9a%DsE`aUun)>_Ut|#Y6x<|C^|;(7ZxrUiSV8-nBK#sD+F8<sdBxu
z(xqQycR!-grGupEg}I`eVM0pPpFbp*4j`5?XF_bEbvy%Vs7SE>wa8w53HX1g3Kz0;
z=|E>X!UD7|p0cpX;-9W)WGH-C-^1ba@+~vVeoBj#{=&<kJ-Yrj*RgzJfTU?e9@woE
z^a;a|_TlV8l~W0g=yUQZG<o34ODQOTrS|+wMBjv6b!&O{m!Y1q3R)jp83z?Nzd%JP
zLh6gn9L(|n41Vwn5K$BLB}(CY<LgMdPyt?<(!LWov16Zh0^H-^^X)}Ae_gf?how*8
zO09*ef>7fbLRNK|C)H03$XgD7o}{n)SrddHhGuzZ-A}$Sh<rrZPmW?9u!z_AO;P|D
zBi&*T=jw!hAs($7`)t*La1cQ0Iqb?j@FB|$*qH+Q_3<bRNH5sqvh1mP^ZZva(s$<6
z)~P3wL_0)9BIXwxC0xewO&yr)^q@I~D%8<sQg+M8R+^d;zm#P~?t~;GG>Y-W2<0=S
z0n5DRS@4GBeN7fL82tytXe886gJcUcM!z3-A09`p!?vikF$DyDiZY^feBN{bo<<52
zSYNz*tzQnfn`8doVn&cjh#T1jel7kbTfIgKMm^{AV+?{hRV9oQnkG(-sCPt2^d7uy
zb7JMfiT=d(_75sbr65!Eou%d5aV>az&2r>{YXHdVfYyK=814u+-s9m?Z}&6aqaZA;
zH4)N+{t??JCYsBQD2Z(n4sb{Z{x<BUOH@Q`<mOWU_d*d@S1vLE=p2bvfCjEn#uwE>
zdrMi<A+W_(mK}<O=_*2`2`&h!95deHasM(}P8A&F!DZbH3Y36!8h?8g=_&1XLX=!y
z^;ty0oq}8+$CoK+C~`naW}SSc>LDds(ZnmP!FGqAQmgJV(CtdO4ehPJ9X#jIp3W%+
zh$)7>yJ5IcWBaXB?5Wo0$gRH2R)KtEP;mLTlaI24fzF(@b8QiUh(N0x$|Z`QBqr?l
zs`&`I60XTIOvp8`)N(qKVs7NMh}1u2mZqUe7CdWqqk)wNoN519Vw$k}BOT#?_IMt&
z+x`CRQFxRCgP|P~#_`~<y(z3!CGsU>Q&pw3)L!)26hsiaxgWGYtcjsqdm_-e9UGKu
zuNfZWOLi(|&3MBmFZo^g$Sl!Kd)x3L)asV9_z54%Z`D~QL)-ePLvu>6n{r^?o)%?V
zbSv(@tsy&qqC^);^N(cztZYyN`^5-Q&sioq)8s3Z+LEH#Zxm$lNH^wD&ARQ8yFx0u
z$<WwZV;D_yG)OitUP1ouqy!Gxfjz?@F(T1h3AtG}u1TWgrupH3!%vIQB?l@cfisbU
zx2)0$>U{7eDAIF^974rc*Chyf!BAi6CF5bhbA*!7j|aT)aKw7ab;gVQlubY8Kg{K;
zK57)If;7BhUlB2GQKrE2GlqPRRlSjDNjp+mEga8u{_gvrjNJx;)?e`jg1gS<YX6F8
zF4lMbGFUvrD)q6uxpj9i@96Tggd7AJ=Fz#T47$xv{dQYxlfTGw77^dI8}Xhzd8aU5
z>ByNC%-}V#h)96G1xorSm9P)rR{YopU5L6;ua5+Kq$C=h@rWc#GkY0fi7aT+E=|Wr
zO5nnhMa$qef&2cDc$BCG@X7+lUAtx-pz8;R5h2*>|6M<Hmv`nvLTeO48se`t21NAR
zpZG3qWZC1h(v+)kKF*b`mS@e0DW{3S1(BqQ^i=>E_vg<FzQSEg^Y3Bs-ZQ0-{s}bL
zl7l3w52eUfVc87nJEWsOyX0cqEpDNEAJMqm_VhDR+~b@}i6x{;gM_O5bj&ou>Adp_
zeZS!oV1XVRZbW|!XeZ)Oe92b~Ua0$fa!tCIfX_iGYyH%_i{(|bKj{X1w(QraHC};L
zDn<pm%m%}JN_&$`)AoJgie^g8c_}<;bIJhwD|O$ctR+?&+p|zwLx*32g{ri5Omafa
zyn^S`hkDdO$w<?%$@`@Gm0@<%LwyEhB2L35Ri%PV#QcS7+I*5>s_v^4k^rq?NnPQo
z9#%=Xv9M^U+TgGfra0aP|2;_9(xHE@FM<DaGTMf$5Guy4y4lDjqgb4n^E-ma{4@JW
zHLm$O2<0DV1U5r4(>1<7RqlDWGEo*DDLSMtvVHnApNy5eI4vM^0Oo`doZZkoX@?7|
z1@@y$`s~=$(pb$Ib+HOrE#R&Il&aC9rdVoX&rL8j_FE6pt5k4S|8e)C-U)c!&ABFR
zN6WCFE`jjM*T{VA!K$=LiUD$OLLgvMXzZgyApB)T51O(j*~pYY)kdPFUuk{WD8iwC
zX+DYJ_4`2Q5t@+ydmx7^QKir{a;Lz7vb!<o_h5U9!X!lxEy2VYfnKgBFhw&DBI2;d
zhSQgYB&<fNQZ~Tkz7=+Y`5z&fy6*2kr&~{8EzO6>CDz2+?nkBGP&-B;b8j1-ZaF!w
zv)M8tx8STE5{+r&Y=xVqQ97UIHhy++5@uv_aoi>SfU8Zb3F|VTcl;T*zrH(R+hZOu
z^fqIiVy`>QR#rENlBD6VbS53%zVJkUp#nWcFG+G?cl-x<A>irtqvyRlNTq4(&&vLD
zpj!2}@KL4ZFHZoXjI%GJ8Z^SiMZgCJO(9rNJd~GSlJoaE#R{*?%^z`O8^fLw-Y{;=
zGh|Otb1Lx+IKr#W8G|nz6Q;1x2Q_{Wusk%4;Y65Ri$XqrM3|(f*}lr!`3}-A4BLrR
zjI6PHhM-;otxVU$pF?M-i?qLIiaWsa4AT8Ce%L4HqG<2zf(lZ14&nYjIS*oGq&IAr
zU>F5PmN4<n=n`j{8+xXxC^<o|#x*+cu*41&Pc}lf_f9j3<`=PQOR^a%cX*xRZZz4k
z!MY2i>d51h{9Doo9L^PiuCEeg5pv`+`mWwU*}UYqe#VeQ@*T^<P&nKc^?bFdZ-P+1
zC@cIw|Cnny|1O(9hVISW^e|G`B)x-5LUV_Jt)jL^b%*d@RM`zTyJn@h1`IY1X(#zt
z0{~vAD)<RM@J$kxrG5MsjsLY@9mWB7P#V;C2KZ>{Jx{34Ok##iZdnDsKxS8*^6gjn
zLWrLS)fz0eQA^~_rG@uev#Sq+J|u^2Jl=?Qe^_>I4?bN0enjO-XvC=W1?g|JyU#4u
zLUb}@|3uh>n@m)oI&fRqXh;Ziq;9;1F5Qyy?-*&E;%cxQ?kig4#iBQLGf%2%#}LWS
zmG2XMkp#HAh#%h%6ew_N1Aibs#k_Yvl6>PejQ`UxU7*fI_eE3a#j4OFm2<tNy|Gx!
z7l<3?w$4sj3c#6_<)~!$X!{!p%s03k#^2m%V~jUBD_tbUns+OI^D?IghVoM|t@3AO
zV{*YscbP){?i5l)AcXo2Mn<#erA+xtJ0^T8RJ061@|!9ar$*dzA<z^RR?N1`23F`l
z>fpcHV5eS65urj}5u^<oBf{SVtQRDi@}U2GCa20NGz^<FhE)5@0|s5W`K{H9gxsfH
zSK#D3r6@Z?otD5hhQrB}A|qWKerCAV!sD?7k1TNcd*`<JStj4esaF*iuF+`@UKtpF
zT^$$lQ>z96P>?Lm8DjPkDz8(B8G(rc7aGMEB>%Y3a9uQT9zbH%AF&gbjL0M8G|I7R
zhGX5lrZJR4U+gc#KG<;lDKEL3$1mivd3*+*?#GUzAq0s0WC)YnqlXBc`A)EFXvo##
z1o7vT6FkBG@yjzutE&>aUtp<ImT1s{KiPT;PPx+r!?-&?X>l~Bfv(?R0iP0DoTt(h
z1~LS#vmL>!sJOB;F}Q-+yG(miJB7;N342q)$mZ=!sf~V(3k6hri{f=O?3?1olG9FG
zXJXZwVb2?FlFt8I3Tdp$62jg!7s3vL1T0CfCB!MwU2cZc>pD}82YPT?)e427Aa;@t
ztK#A=n*?7)D;Btpa8POCX)9JzzYz+ze^FUuBjp9Zk<-(Yt(!#6WTK(rANvi;D@f|m
zxLVQ;k-a=3)aM2Rs3S7UI2YecGmw75+F&;h)DhvK%7rsSL-Yz*En+=N-67{zvmgB4
z-t$DVFfrNZWW|u|2;AFA^@J1v-FTf6&`t#f5vjmmlkXJh9NT5tQu>CzNLYM>`VGX@
z#S-&rP?PFYd%bn6bIYS2hHu27cpRsP%Pb4?bNu4*v>ievi+NsPBQSOLN>V>7efn~y
z6n$;U;p1n9p(|bkPso<mDO3ZGnktuWrW6w&--|T-hG{BS4J410Oc_v0|B@OQa+Y|M
zz4T$#TG=f*y5=l7K&!T%S)0DGn7J{RUKw^Mlop<g*cI_r6q2)P)Dy`a>WId#wzF0e
zi+8qZj_63Nal2XElF*jHa3YGjT-v^zz;KDLXgSf(>$|JW#bYI;v_5^-4NhCk-)3)e
zAnjuC#*&$_NH(GcZP#OM{8lXmYIAsEu9|{xv|l1?yqx_jX%r74Mz>~aT#>YNtOgmS
zA^KFKq@_^G8QoF#?+^5%vRcxD=%oeG3zt!wjv)v)<>!Yguh<3pV-t)Ftz7kSw&9|6
z0d+>#?$c!Dea7GP4j>xQvh%F!vPAS_6%1r~`tqWLhn7cs0ezVatX!|Qn237PNJXa2
zP*SrFXS5>n(Actk{<=!d2~KSi<EAQIv+X%#D2!*k7|+igUF$_>p~BQn536C&Rj`Ym
zxZG3;b=8QF9NsWhEVv)wZw)VnR;(g=f>vME$bq`5R+3hCHPD)PvAYz-D)irYQFp~;
zeu2M6VSxdD#-j7Gqy1_3P4;2{Q~t&0BT;5qg@vuD0ORFo?$F-y`ImD*w=;$A*C&&W
z7;9YKbQmtDdz}&OCvqOJ-|q7m8oNyF`eGYD<h%x44Q=Jp`%hduJb&it2p=PuOLrjU
zgwg{YS4hMg5KPtX)_E(28+A+fTUJ*wm>}*r=|AZuz*$(#45&xpha-FV1%F57QQ(1Q
z=FP%oO?L{e*)r`#1=V$!*I6T&2UYJ_#sQ?YG7IwQNcBGF;rWPuj}<pOD^$wVh@m{<
zc0v{TpfAQ#d!sLpdr?8?k><ddu7;bGM0@1sjmfk5Wi)gZzh>AeV<9<F*&e;5pweo0
z{Y){Yu=5B~Z8D_gBdcESoJLO8M<?`+HnT-3f~waLyJ$b$HMRB6u0}1#`lWLjMd?5O
z@Fu=&aIQZeNZbLQqBO{-#59`Dv^hpw1vs9GD64~di$=B`e%WRm=1~KE)=p5+PPF$c
zRCB}k!p@f)E!$-l_Z)}hTYtYmvvY~*NR!+-H(ATmYiD=|pg>6f!~>^vLRA!o1*a5+
zqcPlmHr@XLl|J*8>&z&2OiNVw*qrTiDd~s|A~rW1%?IxVQ4aK5X9$FXsfd8VO_eHC
zB|qaWT3H}wZ5(oeX?W1`EQ7@(*7Ty&#UEqYS=TxDIfGS*kVTg8$xmRXh47_zX5s;c
zEhW($FFNe8O=$0^o~oo>wgOXXcV?3W;>LtP*rMUaS$7M3(q*65{xg0h(*yC(yOYCA
z!I1A;f#;n`Ljzwf%CqaDnbNCC%rJzb@Ji6{ML~(ch2~yEb~(6|aV(#Bh58}#G$E;4
zgnseAQ#f4;bdNlc<oLa#aX*ldb-x>^DL+`MMKc5&ql-xihI+Gh=W?OYcC-fNP+t8r
z<il)5<=!NII={h!O3!mavlYTr^7A{S6-8|j3bAPXp5I1EKA`6eeMpxLw6D4zQ9IGr
z{d7M~@4CT8Kwx2XX7S+nIQ@MJM;DGrq|q-AA=$pff2(o3XT{DNU>~)gWHJO{T`#+D
z6{c6qxlTe=EQ%^!ROLbR=|a=KUwYpDS#3QiWY@$p+og-Bk_#4L6!TzgMAlRzjI|S^
z5SDL36bq?wFKqc!ryMOUkPvF+Ec<)JZt`HnkZ|ML)%(ld`PqBtH#Kf|0l(Wpg8@BK
zZDMteSy#^5{5=B0vG+$L;L17YXO7E$eA=b1XAfnWL()3`q!?{s*kVejXl-HtS@hXj
zY2RG(zaGRfG$=CNf0WUra_M9s66aa!e(H(97Jn#i1^P8eS;7C2x9VbR?jpeRp!-Q-
zWnXwgTZYZ~lLG%O9(;p|d@M_g=n~7{G{k_fHKkmiVKSl|&zDQ&S$W%H<ZsxpK;%qB
z^KHs6Za*eA$o-JA*`B|{*9Yr`pYQ2$3pJ?`kneL{0s8&l+Do_p!j}3C5<(auXxVLq
zzHbmVA_H3>?)&T=QM}Kd;8|<aj6T2S=*1BvpM|`&d2O4y+zVSTyrWUsCh7O(2bpf1
zcHwyZq<bJq)&4>swa&`P8X|3Q*_a+9C4U+U=sL-HM_=IkI~6!+em?_0QCRAa(hQOp
zJxZrZHDOpiO3_0)DGqZ>Y{6zT;#e9fqgag}wm_8yXH04(mOqX%NCKd7AJhbSnp48%
zu@e?ZO~h1ru~Cz==E86mI;;;%rKBYjH`4lvY=)3jfV+JO_=Zqk_gy&9Bbg7>_880(
z3QAHj0aq7Z{4lVC{X5+IsjHkbjp<N$WG*bFXZ>DSwQr6*;lN&jZkS*)uq+IwI6~Bv
z>WFmFOX53oq$!vzjzNtO*1W|KirN8&hA^xHWovjNI(IOAj$b1>d2d4abf``^rPPl>
z7IQ7(D*&=odZI(`J3W)J%$Li_F5Rkst7H^SSv9&#zi2Q=*cJ)Hlm^X0C|c;?kD9!I
z&kv8fH)v~L!UL7^m|pECULYpuFxb&eY#Z;NM%IE>I1S9;2E2>V4c(BzQQkZ^?=ttm
zpM%E*h$KPv8xe=}o<Ylh7dp-z$3QXY4R1jz3+gZHDeIcgqZ1oE)?!&OLO)=Vl|K_3
zIyv7zXOWE%^A}8)I}P-;ILoZGS$L7*ueARB18i^8X$KymXMxd0HE|B~Xk#^gUMzU@
z+OZnbYan=7Yg79SJKaVoNpWZSlCzpP;jYt(aPn+2uyXyCFUM~N<6Hj`JW+b)WY-Zq
zn!JJ<2pmrJD}41RwbE8nelUGjC0DLcX8+e3H*KPH;tvjD163h)D|aF6%wfNdNhOfL
z?z2_AUnZ27fCSqijFs%~g&Sgy=78al7D$t=_%soEk1#XM<6F0pcN8`wpYGqjg#y4P
z_t$#@g>Ry!cNl<o*+iy?;Ln%W-UeKnHfw@)1WVA^S|=<pC%r`ya4#n)7GNQAzr1xC
z!lE8_rt%Q+XZ;Vpm<z-HplS{Oiop#`{*vSO6@z><g`q6Yp7=Ka4wphHRRi#OJJw$c
zcXX#n@~V3pg29Q|`~zo}q>QFq9*^RIICCz#%T`qcM(6xD=r#wMa7wX6UL#wmv#;V}
zVW6a{)cTaR#sHIb?-k9n3h}5CU)ryy*0H4EuKRHyOU!{8ZxP7vOQkl1NcUQn^&Bsw
zRio?_lpQ+McyNdJ4%E*{DznI)ygGU5FIuLdP1dhJm9LeWt(7r#4U{S~e5worS8??q
z$R(55uACmH-a?`#+FCLN5P~wdCI|uP|A2)wO`xZWVR4R>q>3tO#xP9y_?;DcsXO>Z
z^kMV<h_)}Q2L2zWb7l%4{qh(<2%6LcXi~f_@xT0t#Rr-b`LNT$f|$g?(!J!n8s;F-
zJxo8drYc9UMy4{Jgtcm-qNH5QZ!Z@4iYWYvNrtYgc6FB^V=&iCbxW6-Jv(G<*d?`z
zy*(>6N%WdZ3oIdwJpR16u!4>?kUf`Uas-T@%rLl~PWcs!sKw8rnAIKVY<?dHKS6y4
znvLO_X+9BXHYbGn89CP5;`rj5kR|~7nQ+n3gL<7<008;5GJM}5R=gfc8rE{)-*j+8
zJ(F0M+|oD~<_P(+9vGe~6oPOgA~)P3_#i7({`U$5a!&IHO0C_9WZ)8+_)wswVoyPn
z*saUZIu+fLt`}!!j(wRZpb}}iKL_cda$xM7)NXPT*txIHCS1E*mR4Nr5E-P_qkXvg
zJ4|4cx=^;4$!I2}^2-J3@a*(im_~&wA>#_4Xs}7_UVMqxdxZ0GZ3<(}N>q(lAvn(S
z_Ng~P#>6_FJU7(pA&~Vh5(Jvo2m(!O{HG*<Wu&HY&?q*^QaU&KcRn0?7C=Zd-%|F6
zK%KuXIjsAKIYL$pt%p>MuY(Q_a2&i-m{pmtJcowq@r99=TX#tuv~rOlOFgRJ=(1An
z^u`GO#+2j%&P`wE1O(jO?|RXKuR7p2Qu`i(L1mWQ2*wrXU}BWsd=%#mwQ6nXd(ES|
zQ`Aq}e9RWV>w=p3$n7vx5w4YfPhFZq%CB8+V3=TbQ@IZv>jMX&<Qw}&FjCe_<fC)e
z8|p}V!c^z@4cjK}ai+`-o4ZRMn@2N37*(75&LZw>%KpgE2QP>11eKBg4*L@j!eprj
z#Qere-}1E8jci24Ib_Ru%m>_o2b+Pm%OQO<pfnP2?$L)ME?ZhVmI?CNT<giaXH)``
zQXT?~^f{{0?+EG=aYDz<>BLY9l%4QYXdRgo$YE7zg_EVl6d!#^RJtF`rBo-Qch!jE
z7|cx7)PE^0r80=36vY0YwGHIx_lzsX)XOOLw{+U!XI+eV#vL0v28bzuH-LJ@j<o-@
zHm|)!frdZ4OD9r&er{11xo_wIK3%Phy?eZ=se8>(3d0~H)9jkr(w*JRs)$(a82(`#
z+Oej%&HUy3JVSr$^>_W=CyN+*OXSqfn=GR*e}#+Lfcc0`9Lo|%y%dO2=IR5`Y&@(V
zytBS0FE@HKv!q+|PwTPzUios{Ql-LN$I<*KudfYW3JdZ<J?_2YjAPqrjO3vgPg|gV
zO4j>257{R)dO6WEZyQ`5?_}js3Y_%R#}}&*-kQH68azbO*~sgky1NEc<z8DV#`wWt
z>52P=60#Ky3i*Yi;sa+}gAXXjn)uE&z(b}h0b;6qfGuoymOnoPimVfx{9sJ~jp3jz
z=L?BZPi3#4NpsRsX!Cnl8I~qFghdIk=wYZ_|32wA1-Ck7c2Pn3^NCuv)pWbR!U~N&
zh^S$S*kx?1iLd0(ymeUMxqlN~N(y7P|1r85xP3U#5&CQ>xhUUc9JyFM2z~h?G$f02
zl@*6{?l70mqenDRxum(zf=I>u0kIu>!1Ue2QGS>7K$OE}><`M)!8eW&9Jp(${erZM
z=UhA?1njkR6QQv!iYU#D%3ql3iQI%Se!o6Mq5gK8tcy~!*eSLO)@J{7AnHa27Ql22
z8y8m5XV{oj{_PN{5C0t|2`VsqPs(4TDar1H?>ns|4T$*i7qK0;@T)z4L{D=*(7C#1
z3>-Fs!f}#|+`nHa2h%wE31AFQp~QUPTE`YFmAcCy9lL6t^84L!H{0P~4|Qi?CEr1m
zdWvgufWVZVG>Vh;4VZWNV$JZ0ofVfIqLRYf+|9H;rh#__cglO1eptC9PA%j(!|)TP
zpkE@IVSOA9!qhQQ$}0u`^M#*(%i3T3`f#=K=ENKNhvH9t>n~Tzr}J}+9Wq3B)@E@0
z#1FRz^Cm14RDnZ+Jq<^Vv!AKcv(}=yvWn2Y2IEheibf0y%>si7MI+$ItW=RC+r)%k
zLa_j$!~VO@c(Khl6#ZPPlucvv_NeS1&OY1}(TGDpE)0S=ZU+P;g-I(xcx587OCehQ
zuM<5ena0A-qBWJNIid<MrwQV3qh6*M;vHb*Q+td3oq`2*H#@6kB%<M}`@aOCg;3bK
zRe&9FSO})vmD)>FxqWMvis>?2xbG(PE#?T_&_OJbMSBZlVTB&oC$FP<L7vx8?}yE7
zGsq;gCBA%W+x2F*))Yb3_tseoR>6e%frqThBD<vQqA1ED{?YiupnN#y8!7ap7h=&7
zUreRm_aMsaR_SYQ0}hcPA*=u4`~m+#Fkdu@#m|kCM5f^|)P+Jy0|Dn*3&Z3EqPsw;
z`wPRoL3^3p%68AZb=yQyTgK4%?ZOo?B>T(WNYy{8t$nph*rh_kh|$sIM`##=d=Mq&
zUD$KGj1myq?@#nJ_vHL`+5FbLPW(0>c5u&L_aFr1Y!CmFyB%_40eMol1`H#X!LAgl
z->UQ<rzQ|ZsTOj=TOxIgMka?{A{8Elu}n2nLQMeNVMKCR>N?5<?*o{w{MEIv$G)T`
z%?ojSKr6H`jz!Lm8-$@*HXsB?vH?w^RtP4~!jH%Y%VyH2ti!$wd9MX&6wV@g;^{AB
z#Tog}P&G$vAn)*ZNJWNd|FV78r7w_H{70aE8bL*hDcu0$W&*o8UY3gx<F0R?e1>Tu
zfDa_0fdW^x>tVT6ua(5f_&ze&P~2(6pq2`saOJs$vquiWwQm6sUk}0mIm-T%aApFK
zLy*oTEtTs3!w1NEHbmDj>^G9}j2aaB^dH)R|HY7pGnt0WjXMOVfiTp1#f2c-S%Y(;
zr3d4Kq=zz$AeU9nr;}b-!Z({jMl4u#907I}y6`p~P`Bvd-29Puxr;lIbXlk#qQ;SN
ziOOYVtVw_PHI${>Auovr%O64;<|#Q8LMKyRI~W6Mr2BvM#+j>&vMy0T1!<RoOkG*T
zyIl}o*eUTL2>2u|kVh91zf9=Uw&(y;frOZj=^oLSPC5l`Z21KTbq%&#3VxhMhm}};
zPTs!tJNz9|Q^CPx#lUoP5!fr)DsLD=OPOJ~dg9Uz3Vwk&cdi3ex$P0wrn+NVwyA1b
zHoX4;nN%~BFpz0Q1Au^BF)52^(fsk^EF9-#jivx9Tpre@4`}YG$tkOUrBYUDQVoVi
z6yIl-Ly7hLihQhu&=~AiwK~Bwn!@hKTlXd|Y#G6PEiH3AvK2SaIx}(1I=Gj3l=d#l
zWjCYezL_Sd{T%MnGjiV6Muj<hC!LgK+OITR!vc!x`>Ye2)=nykhrOA65@lU_O3*#F
zIdFI^<7LVqxYxU_U9SjeX;^B5D7>V{<5$KSEzeqIC)oGAXkH}rCS!a8I!nxv*>C6$
zq?}Fv^=Ih(DWo6x@M3+i7;{FbpLj;dQ=MTfQU4>{gy;JUg@I#CFoB-GA33a~?GH7U
zT_NBK&1@CL%F@5Kn{i&s8DUoZS-25JE_9c;H8PWRuVd-jV(=K!BF*7+q(83g&{-v>
zudQ%RqItDCR-q4G8<U!HxNHb`@+>FqtEk=l%ku5#yX{vH5=vzUZT?2LpY30N55mv(
zKNq^O?KmUH6$<Jq4)illt-<VpfSLYClVx0~g1H4+2rb8#lD%iZNLXk-bjGt#hHz{;
zG#KGf?T5$)*r>_!1Km(<GBy-g^puRN*gl9^_KU?7x|n0-n`{k_>+6x4_<$+buB{a;
z*~=JyhNQV;;w<l70fSeYS<Of)YMl39)`rMcmwz6Q6gvXL<e6rTG}AK_2(q#i2zah6
zcSb_j1|s8E7GoR<C}<lDWk-0CAkh6mepT|A6gDhbiaGxng+Rp1BDz&15pBZ<($q%d
zS03nS8$hI~O-|p?lo&wYt@ZZ}h18FS;pB>~Ih&+lY019cwsb|5dhYNEzlF2W03UkF
zszFug^8sa|cNo9MY*Oa<vQz@w^)w1T6MYx_7MJ}pYpX~2w4&Id8KbYlgAF=|1rI#;
zUraU^V~{`_j6}#2>tigzY99`O3?eh8Ek}nKV(LUjkV@>Ol(N*Sq@g2S=!4*mG%@(s
z2SnmEW3~54Ffout1VZp?V*TW?Ue#lJdWC-$Kz2f91QxMHAFR3Qgpw1!EX60nzt1$>
z2J$Ul=`hb-G;kNqTIXo#PzvSW(@KT!{LJCy%>7g;CApoY#4C*3v<^>GMG8}mOKp^%
zRYkzV>asJ!>S8R>Z+kkp7!eb$m+>f0Y8W7@go=j$4F7Jf3#4KnBh&Bm#f=OHb)NkH
z{W-#M&H8OU62kRl5q)trSzI`c(gprY9!n+CH?KPd#X;EgY{kdF--Kb;iV!4LwYjJ;
z<bQFp7?CxT<XGyZ9#S%CP_NK+v*D?b9%T;N8pOejWV^s;892X}1f)v!2Q4T*Bu%Kc
z;sWJ{??6d5cJ%734-gzD@4<uuX9)G)_>N%miaY{yoG$rK{Yk%{`Xg007GsVHD2hS7
z4I%|mkUD^3&^eaf@6?0Gol!=TK2_eS6mtvzN|9e`$}xdH<s8n8ulMq!^S}iY{_C6n
zYZi=EaH77?02iym<Vb=`p(?NpYm+5ZR7()~PY%;mKqyx_6If2-Z+DZ7NZXQw?O^vd
z!;M8Vv&0Ep56M^(stl!$O&$C0>Bp~KRTR`*?F`ghF1t_zk?EVbL-6xju27(W2wh3|
zu2yukKQ^WRE*ZI<52b{B<^S2+9D$TyK);igXD-<LK|&t@WQds<d!JZe;cO_U|JAJ@
zz^*b8QDfS>&GWU;tijRf;CK2%ue$uzC~sXIbZqt*f!1`eGJ2N6dp5YQuL*}>Oe_0+
zRQYn-4<lS;)N@<5X5d;|S$(OTtN3l2${<;)6+n6sbOl<P8YOrWA0VtFlQaLN5J0S9
zq9B}*cz*p0XkLi&c#PlWTaHso9rE&9XNeqZ3a;Ld)6#zncdf@XimjU~yn=kK7!3*Z
zZxu>Jr)E0#Dl7btC`S>>?LU7=!z5FcD(FlW=tU`TnVSz6%MDM*nK>?qdFJ7`#W~ZV
z^1kOemWUt9p-jOgKB`9;z@9C$`L-o<l%TnsKvcT}QB4iVkTP>T_f7<$X{W%O9Zq=J
z5(CIgi)m%+bmGoJJ3U0*k;LJHdX&0@!ibL|9cT>2npIqJ6}y9sCz8f?{F}r^$6zf2
zaQq$Qr%59u33tipMgOYjOQ~20!si(`1Xl6%EVjCzO1g@2OLL_{QCjCY=AIuaROq-a
z?yoojgKibs)*P7hX|puK=q}tO+v?&@)B&dpiHNPD*UQym*7U1H&Mn{5mWKrXtiF8Z
z@;`FyQyUTAlkBmx%fYGa939+fHxYQ#TtM-$aw;85l#YP3Cs4Y0&W_-Vzol=0D_VRq
z=U8N#ve*5)RUPz1jUPm>p5Jm4g?}<F5M&JMzeauc8ve__8S{A3ltoG;6`j-A_J~?a
z%SdjU9I^tJsD(Xz4X=NH&3NERVgO4bZZp(IRenyOZHVk?fOVq;_|zE@Q6CoJE4PPx
zhC|>`sUQC~__g>MIpEH*8fu?7g2Fw0(6b0D%DTAEsH0H(Ps`_F5ndgLnJ<a2+v@Uc
zK*AgXJk;hXE`M7S!9#Hv&_n1DrYQ+aXg7{`gcW^P3JPv5dXhm#55JN;!`btcgmKT7
z(OB>>*Vr|%>eu~ZRpJy{^ArG1k03#%PS(ybII(K9!77EnQ?DlRD{|dRdNr!f1KS#W
zvz=hC0t!2Tly)Wf&(UMhy4{u!<NP!5s%5!`-uO1LjFW9cScVLc)fG!<@QRp*l)kmN
zIp~cX*>C7a0m;F|YT!qK$iY=mjC0^Mtgjj%1L4{)N0j>GRV2l#EfDl2B*(|aDv=m~
zk%%+!11**sABSVXW76HD`rHgGowYjOYrEj!nQfEdExywfFsfh7*YXq6+tYe`c2_WN
z<bW8b(^@2Qq6s81C+nsI1pzVVcrJsy*=le$CA?;Q92){gEVfWlK4A=K1kQ);i7nf4
z$dkHk<e)2*u8v5Ti)Fknk6ne${+?(;&!u4^rhHKK8vjZ!q^jcE&TQRM>}biypneaW
zCaQAcuV|dB$`31KM0(S;X%AC&3cew*+SQI)a*F#D)R(K%Y&!rm(gBW5fM-w@1C5P{
z!`0FLqx+AYG=vvWq)u0Q6O_SYb|3sgU{Liz026^k*aUJAVRcGh)!uA&t*->CttxI6
zPp>v0sYmqRCdWjuIHQ5I0*VJZLr;NwNVfNW`cMM>=&6CBxKeL|N%zleW-{P`aDGYc
z7Y_SWrp$zYLv4?mi3rM&kb)Nmy?;hn2WxzmS{)sOcaq%i7sN$9{*4B&vR`PZjP2k%
zTNHs5tl@Mz&+KB3o8}rtL=Q>y7hlfz=Rf4&Ee<Zl`<S+?;Q?=ax>6H-0=lzoMuj;q
z#q_gEY=R4toITk*uUdAXK@jFpaBTP}5MmAg*_9uVaBQsJf)t2wY*N>=pL(K2p@B`X
zT0@ff;^0GOV%xAFbYR>#&?w9gJL6d4CzvNCm<`&Q;U>_|j7z9{*Aa*6joWC-0=<Po
z8^QDhC+xf|M|9t>hWrtrO`uFx+ZU~n9n!c<FA22UG^C(?6iJ&Q{Dj&s{!+6Xg>DVX
zI>{`YEgI+<3Yv+-n3$OenUzR@f$w-jt@4t_r@{8_&4c5@8W4~+cYBYD4%j09e_^SZ
zj7gaS49bFp#W^4#9Zv{on`SeIndgwgf#4nn))mr#2BW4?7h*%~%@9D+g{g5^6$Vpu
zd-TgG8=h-WBE&!D^U_2lyj`|tXa857k?pe2pLkv^aVx2`-882LlNY}~L)1!2u@O?b
zHSWi_;0K|r<@40Vfm6D1&Bu&)xAH3ZrhAjb>99Ho$MWXon<x<jMGYZrWkq@L6mvhY
z&b&OgG#f})TID(R)Nh*g%uOZ#M}Pv@Y7<LsjKYcr>rgm1lRPxB<eRkktomjMf81r*
z(9*m;@V@WXb$Y#(VI#)8^-C+Q!rAM$m{Pjw2P3r=XokpclxARAo41W%tDSp*?bVp9
z0DBao181K<>+?@!)O@z%=gB>GMt%5<CiVqa1s{1Jo|wrk-?HCO8tX`2&bTw4IFe6a
z{T321sTK}Zj1vbiL^E7xNbmawC)bDi&-b|>6#h&vcL7@_l!{fJ(F|MOzW(yT3R}c2
zCbOJz+5`C0Lm6kOzJfF`W3q>Bxos5DPlSfBf|Z{{`d7nw6{GDmpIp$dfR$)dC=;#k
zo-GIRb$rL0kR6(*BL~D@x=PmBhoQ3~pAYpP^Zc7eoWZ`5Q@1YLV1Mo%K%|a7?Lx8v
zV#~36KoOfgo6O8G5~GOl>E0=t_U#xHg*qh-D;w+4o!FN_lFr`%xd4hzA*Bo(6d?y+
zwx5QqvEBG*b&u7xs=xz7BiHcz&ykF;&#R0Re)lNuNEsAy(5WY|o4x(^Y*#bA?aJ_a
z_4t930PAHRw{2Ya;&rb3>O21JcFk%b#r$eszER22x8Mg1*91k}uIcx<vc&T0XZ>J=
z8U`~JLuF%jeK=16V7se@+E`*L$)d8`moKjdn_B}>^3N!u1Q9ee1fPOR`(YZbcu^|w
z2{ucrz$@@|HcLvH34Ekw0l}6+)4X)ShrBQm0~VQN%Y$GVVjmctV|uIPFTh@n0IQS(
z|I7O{|Aww-ryESsqe;pG@;6Dlrnd+9%PUBb{<+~%Ra2$2pToQ=pXbsm!v|B5OeAu)
zE3iC@s}k9<-GG*SsBiw}dLSG?<U;tJ^D#g=`V6}8_F!!Q=NX+Ln7`VZ7&zY7gH~1r
z-i03}QrQm!_1#*qvL73&l<rYHdl&;=ItmSc;6)BLV<?+Ni;(=N4>a=suPyMO#kI+&
z(A<$iEdwpC4cmVfSBzi@yfm1jTGm5kkLULsxGsZ0*g+ISb5>n3o9^51g$D0ji4v%I
zRCE4=9`jqp?Kr?Jw32uta>#CmXXLmNe)hDWoI6Ve;2klQf5gE;y;f&(Y+LHF@ZN{x
zZB*w^iS6#0`*Vfjg%gmMP?vz9v+ggKy^S^4LO%@X0lrW|=Kxj06hoR!3Ai?n3f?!K
zbRU(G79GOvtotCP>a5(29GOtM-}8*rSdIT-aGm&YBAGB6yp`Spd_m;Mjh80c8arjc
zkDK|@=8Ed^Sc;3&(qfd$GRyfXDgxlrq$wk?b%5juqoHiplFMA5e_X#F-0fZsM}4==
z)6kEWmC%=ffVA;17o4rN_hvr~=;5<jQvDq&lr)CakW6ZXjXIYd&50@(&ny&|wDALJ
z^XS}AoS9I*Akya0|4UkJFMRL{qy%y<kF}{=+8YQ%a5C>)8n|AUzGk(AZPlXBZEkA3
zuL~D-7U1~U$@7~&{ib5zfOsD+D?}JN49h7>qY+p?rZ4nrYcVo9kEsm%K(Fu;fs$I5
zIg%+<?O1VK3d5mwjb;`3f;*aKz4Y032uT8F0LH|g7X^=yAiApx9FI^Zx~l|+z^7gi
zAQ^_q>JLGl3S<%fEZ!h$wbc(}!p!aR9k=C6_*lz8q;q^EQY5ty%t{drk;8c_WW!E1
zbVs{oRb}wiG4faO_=O_jruiPUF<)zFHEY#3-V$r_-KMd>zsFzS28lJG<0evJmkg|<
z;MgF1jUa6o-Fm5T&h1y3n}46USXW{*Zw4Ae+H%!z1_H?>;8;E2^B=D6WxE=&X&@mU
z1QU3?Ex;jdKbkYzf&<6{ahriQs)65q*1b(c5yM4Mb)sNBk8c>a>3aI;nty;0w0<2V
zJ@Gv-r3>s!^aS@3Om@ugut~kx-+cb>YybJA3jCE|WwN75;*~~HDq8FkD1cfkMMJ6R
zsidYQ0$BHc`zXY{Cx;t9(Qp1l4BLlXAk&Kjya4EnZoIFyUWf^$Bu-T-nG#cc68^TX
zw=TDbtr**H`=o=_fqirgh?n+F6e$fvMN<1g##U2|dJV>Yrt99tYQ`C?c3rc=Q@zaN
zkhc30EFHkT>u3`(kRJ!HqPBz-^9!;7`@_l2`p4L6M+$TWK-XisuI@J%OKp;7m+&~n
zu4#iAS>cZNU|&y=>h~-bNIxr}3UNsh;Bq9>mcl~*id%H!8I{K_^=_X||KG{q5ZG5(
zm8m>2a%rHt(Zoq-%hSO(j*0*cW~oVU6~~#!w{c^<Ajh%(eY?bT)*;t|33_^I#IV6p
z16uw4`AJKi?NI~qC$pUuDzDs)doOOEdF^^WuZslNYFp_5?|4v?6vo3uVZTjefnEsI
zE9T1O)fv;<q@3#Gt#2sK-p*MtMA1mFk^eF20*}GOnt?K~MO92h_FQ)!T9WTUH~bKf
zo~uX({5gio=!5SXO+9Peq%2?(Q&l=Wiy4O2>wGR{kWQNxtnl`;;--x#l^E;HsxR*6
z2x#y82Ga`*`e;OxdHqGaE1nc~hQ~E>D&V`!Jmboo%w3yN7iT&wp^x^WRR3L&WCGNb
z5O82jiY97`Eq<tW4peA>BTE(*)YTCjV79o~Ao!mVA7mQ)2T@FltnXm05+2jOOE(M)
zNx)2PX81g1sLXTImjj$HXQI??bt=#EY$cd9gS_S^<=(W6C9wpMa}+8|uXPUw%qYEj
zpUSsUy9CPpX`PRQ=FDWUfmoVoHWU|mwm+S=cEb>EB3EJ6lNal`P%I<^jp;EU>sj%F
z%4LxjhkL!tWf>Nwi|Aq#7)T8<FR6QxQollDW+PV>E;p09^?8?nw6nfVRV54o7NrRi
zw%q#U7qd0Q$(YKijX6l3%GLmBL$Yxfr$gaZf;T}xn=~73M21dw4LRVT2Pb$~(ecH>
zb32nq^1HyB=+ZD;{_NLFnHSfqu^D^?PzidEMLyDiA{7jhDJzOd3NCYe2)Ia!CUgAo
zfuQg(V*;r$)6ffmY*Iu>O;F;W??OJD;ikF9G;vbQ@gQza7_ztD-78ws0P;n`+=^*Z
zm8h>ka1I4%?59m{S81!WtI`H=z^p13pA_^!Z0xH)Ql`4d&EGNA%Xyq?-V~*|)&y%}
z%XsZX<=f3wYre)is|u)(to?yGis-DjA^3vJ+=B+%+?bSb5fdsHQ8Ob!6DkhT0*3GL
z=taLIeYyU^$z8{LZ;0S=0)xj{NLfF!*AFLAGgf%=84!Do<Dt~G60$#+3`}Kn55SOF
z>+DYt%*oHcZGFy=WBk$CtUB4=P{Dp|sPl^9K59_D|9h@3_0-8dU%r;eRy}%a<Sf^!
zi<G<vs6vzW1Abb!X3SVkhL?Jy$_jgmZj=PeX66NG=(>1fC7LpC!iD>V#hWG0!C<r(
ztX~!h^nmF1H^)-70w|U!wU$T@XQ@H0t07eS6j4LsV*D$n1IJRZ##C|MEFj%jTDWB}
zJfc+d$Bj_#q*16g-t?{Nz=U?$NhHN(sZ9!BtlR@f&S$`8&PgZdyO$HX?K<#C;FoJ_
z0L7m(I8-xMLjREecsLBNFsNomV1`uKs8pm?*|1DLRE+?**Yrs)L#S*`gk~Sf4sidE
zTYI!1lsp6=1=;mm(;IQj<gY#E`nO#8(Qh*9!oP^2(hMmaC|{@<(a2`$L`0okXO7u8
zQY?{?2+)Cy*!0@7B`)}w{(TJCBjTj$PL*M$RCsE3KOdh;AJX*n*1z6bRjJUHM||l|
z?66w#Ra!xU^`?RWvtUI5OT`7t4gm*CT?ET!!_uRNuPp}%4Uvdho|{6gGEKTNDda*;
zalnAld^p(ZB2d8OsKC9Ki;xyL_~3yQ%VrO!rNk0``~eIYX(eHD5ewS$Xc!PWrMt>+
z@m#{d9!q%DWOXj$DF&FALYwd6F(i@iq76=MB<@r-B*?~Dcg7i4*5IzfY1Bm#(%D>e
z@S&stS~)%l&rH?NxT2ZJoAMu=z>yl1b6F~ISJ2y&4l@1GegTR3|HEEa)+sb43Jln#
zSy1Qu)>XqDabjwApXk26`;%5CUN6lOS?i{kmA?ih28jEwf!)`ht<aqIY-JuMR;*NY
z-M4_B7x#1D`aqu-pW8ziprV^-4R2t9Q%v%zV`+%r_<)~(*enXq=wthdTAbBuiX=VY
z&yBZ(&<z=?J_Cw-p4POjkWrH9m%diN7NnbQQ?(iV5`PgD*KvM5@~3|JH@h2$*A>>%
zg|(+G`(_t=4L%ejuLZ`}`j900shyOK;gn$M(T&kP>KVo{8V%$}BWixV<^4?!&C0M;
ze%6DNLfahij-5779;zJqpdHSC&PAZHNPu?CIl2}5JmqYVF%ip5wf}S$-s}sKlpvzC
z^2BxUgd>bpYUTyGxVu%S-3R|hv&i|yY#Fg*Nxz73w;!P{pjEDjMRF@4<3{2Q_dSED
zlXxker!jb?GuHi-L$z&N!D9>g<q{7f@i^7?+)i_PD3u-UF9&dwqg;n2<lcVuf5*a4
z0{gUL@P?FS`!qJpIyR}~2Yz6jIe5<KM2JSb1F4nelce6ptoO=CZTs`2ajX`{wx;8!
z&R_(V9pbOFpT>jjrNpo-9p4R8T{}9weyn@uwb!XwG5sAl);L+yNsw1cpj;8WiB#9Q
zEGtK(I6p5~)unVxpS6A-ZZfkz+eNCcS-huvcq-<1MKDDS23iV1JP3)@Z)0~)?0snt
zUW+1Laep4bcOJA4{~zHfECy^Ukm6tJ4A`#2lSpMCF@fM~@yr-q-cuiGMVVqrwfr1z
z1|%{f<5UmQ99(gNgE?$Dc0jdjL`ms*vu6F|rkdps>3^l@?fBDi9x-)<5G908Q)H`g
zAuHoCXhdV2=RxTVlm75Q{ZEdbZoAgs8u#)r{ue3H7+F3kBo&xI?92Kwf`l%6U^wM}
zk6Kn{0|phye%3kzhMsPEOWZv`IB7mE09-0IHfAyGmGl#Ok!lDHBxFDO2emdVIG|b3
z#+>*HijJ&mf}*5$DloXy=OqI|7BJ9O(l^|rMtxS%7ak4ZkVah>S8LkwG4YWQT!-^&
ziYDXF3$XJ6Kz|l57{=}mVuC%92OE9F$alK<YAl+e+$SY0o|sNDuX3-wR{d9#T$`a8
zD{7C3VS%nXv@8|jjiZ4zBb{;_Sv<ykc5O_eCNSrD%(6K2GAyV$@60Fn=MX%#N&CV7
zO%8!okVyq{m$goiDNZY9qI;I|7d&ktw2b6F@aaqJ{;zNT4##4e<C0e1x*xe0`Y3v&
z7H7A*0|5j%S?bHMYeNSoGNZR7b?>ZoV<D)J@t6o?Tf>~D&l%*tJ`oUFiBC)DH9YrB
z>}bf13U12jX|<6NXCXn+1L-1Aybk*Zq!SCfAdU*66U#&~P7o#K>~A0*ymVqL0}>)D
zqNBj4>{ye1awA)BrjJyNIv*M>BQ`JUkAh?<v<W0bqb!T7YEgb*GI>LE?2GvI7y33N
zY&Z~_Xxk+fB<d|<;D5!IKC9Qm<V>_79&88veOarbo=gQe-zJ6sMQFT!8@M7sDV-u4
z?(y~j)_N8z{X&x9|8E43{uAUC3p*)^3gQ*ZHR8g(uypbXv|{*p&{Z6ol(0JHSDBjb
z0c$A8E3}VXAR@tE&=wu_nh*ryf;~eJ7ZBqj{KEy=>OQ91$Vu`{t>rw9J$IRdj3Xq8
zrG3Y5QgL1}VJJ!?pxT<Z&N1joaB^5xC9t~OS(H0A=Gp98n?;(t9<t#7s!k(2Z_)x7
zI3p_`QnQ-Y!50Pq*$6Ls<!XQvtgY~a;W6d6;nwk}*Sz1WjCU|_<lO%Y=7qJP2+6t&
zp+1MTfyk<Ah;9hs3-oWPj;sGk%UB~&BiFRd+YS6q%-of)jjrTjG~-bLh9^+&LU3t}
z&9hXeIP~jml2PC{^;eDbq-YPJoK<hKN@(vH3gZ=R<)-JW0lP)zl|pt6p0K{S5>0&`
zdZolq)pDF^b1?X8pOb^DL-94s(0?9K^}9Vj7dF+Po^gqO&l<CGeJ9OmR2+s-X7%RE
zjYI-oO0MAH&rR9?1pHSHxmihR<}?ert4V3TOhmlWM8ah=NTP;3eJxfH)}HLV<^|It
zJs$MV{-`gwr_tgqKSP-UolQXcf=Fv{Wfm=P4m8s@H^>WEU6NZ%xc9BA3Y&?#b=9bN
z`XG`yGsJP(xu$I-Y@pi`E@gM&a2EcmHChU)JsV<kB5kUUShdu(e{HbU$hX;XjapYW
zH;9X~ECW^89`Jb3p4=PjSy(!q&Ulrn%rhQJLMM`g8e)MpZ$?G*QhTL9gEfKmLX)4s
zI061W(@{*<(ku@p9|ruZZ7DhB=gW7;s=e4=1%dPB`5j)%3q8V6>(Y?Au|Jq1&oqY5
z-LIg@j}4DIg9~Ds;RM(mUyd!f{n-z5zkU5=J!Rp2Cj|NXM@&(meKMQW9wVsO-<sBl
za_(y2m<K6%awx1%SbY~;$0n^;CSSufyntO9V0j>$IGH^;3@QMLo<QyRd)s5KXn4Kx
z`4KqbikiDrwwZH_F#i=N{qLaNebU+m-OI(}`db6D1rv*F@_zR}mc+@V?!#i?t7gzX
zH~z^Wx{bX7ls7Q|t|r`Moq_WIG4+knl?6?^v2|iQ6Whte*2K1L^Tf`?$;6!4#!Ni1
zZQC~PdEf85>)y4_&wcjpe!9B4>Zz(O=#-Zt5hR}Y9}~Z6Jgu4h{vV@k%cQxamn<q=
zy+3GEql`9PbRv~G=7Cn$(eO~s{VY2UL_xnX;Z<YN>nZo@z1B>sc=OF4M*|Ec7A}4e
zNcgd+U~bJmfN&mg#<k*Kq}|2FEeo~=1Ue=JhQG_8OQytlp^qmef%`xLoC#r~<NqHS
z2Y7M=<YB_tP{Ee#cG`PxrnxsL1Ue^_rgESY)K6mMUwo}rw=swU6=-2zv<jCmZ5o60
z#%lA#2{D^~MS7E>NA59P@UzHl8)Z{<{XYB9Duvo59rdVEg<vF=J@BX8#vlzM`A7NN
zTt@sBdf#BWkRY;}##4?IrEp;Af9XK@dw2M3OmS<fCy_<;MD8<NWgDo(!Q4<Z<AIqZ
zjZs*mvlpgH;GIJAV5aq-3$geZ%Ke`RNjj$d)krOYN{dH7s+nQa-2Sfi>hadtG)Lwc
z_r>l}R`W|#_C;lgN#IGzRMZFk6gs<)xbV>bTKo4ecxK{u!4w*8UcLRmF@6Z~lN%eZ
zIfj#4=QO4TkxcnWj`)hCRouMN(CvJC?sJdNJsLVj8;Cv6m_K5XSPB-3fG)b1O^@9=
zd{PyA%W_)tx0c5943jV>D*k_iTYOa0?xV$8^7QSWe7~v5#7npH<>(J2OUDg?l5Uai
zUGrpl=0s;<U?#OEA6+NRUtdBeB}!Nf^zPpZWf8X<?*7?m61I`Fy`Vr=QfWIbn?eH;
z*nunRT4n*te83eL;{EdySW8RQe9v$UAIC4zA~IH7(kRFOMl<{w=6tP50tn8rtGbN3
z7ZJM%m4U5`MXoylPDv3v={>%0@eSfM1)Ud=i4vXC$&vBLbc9Xb9E&?<aH>nly9q2p
z=1S2vFmi{*(*J4e$-s=Z-d4C?UFigz{wDap`tqzoX-Pdfn5%mK^{fK4O!{F(?A0mN
z9iuIcEd^J8pAjl-t~ClMbVIy_Bs@re9o~Yv!Ko-T(!Ngo45k^O+@^9Cd6NY=?Yj=H
zHe8egXWeJH(Ah({XBAhuz!Tgr4{L?|2mZwJ?9RP5OaA4=z4`CdfCN>oP6L+wi{%sy
zkyAX`Ge|wT>?G(Dvvs7_Jr^0@WdwwMCwCzlEu99a1^++lOT73jQU;Kx;qu`wt|%J$
zv!@_OV^o94cuhO~XPfbwW2{R%>2@qbb{>P6+TfZ^bGc5`*C6m}BacLwb6J9D$Wn*f
z9`m9187S}f-zbT4t9;(DxJ+AA9~W;csZ8^FgRk_abrn`-NJIwag5+|XAG$t9q)&_x
zhe_G?@Jvztks(x>GPVzyC0W@oU8rq3bK)DlyhDabwxxa~EJEJ@e=Aa9p2=FN?3bnL
z0jcJb(F#MIBFj=6)Zte=9=Cucp-xR@?sJk<9Jq|pjwe1siziOaq%zdAEHhE~C86EO
zh5Al`r!&iUwKCe+Fwl(B+2Ty_zp|1!9%*Sm7_uhb*%a?Ci?Jozbvw7g)cyW%V4Eqb
zM*kahna;?=5|aQt*($VDp$@HXbBy^XkVB?iJw1(g7Bh1d&<%t>aLnP{uuFf3tvF>Y
zk$0*pb&r=cXTv@FAIY<u(JJ{$*5Tkmc(AJKS2+KzOjw^Z-sV9jLW~(|kvle#$&wBI
z!l3x)k{B%7rFF7bx$OD>l0dF1`bYB7qRmNXwXQzsqHZWC+|5ANd*dcLV#LH&`f_n`
z?JJ<<QV(?qRq{<Yl;v&7@K<|Hw!<b5@NH?pbz>{rwq*ntCp+flD67&F$Ya_3EFfaO
z1$D8Jt@^diu<~J}D-(Z95n^zu{_#9Z>rsg4)?7^lGo7UF{Y#L#z!0-oE=9xtpv)if
zXyWUQF8g<dcF`h#+7++n2V&0@qn})Z@C$Hg!5>r|myyRWL{jk%Zj&CBMrk|woei}u
zXF#*TT7!_w_JabK^UP?O;eXU%hDEsyU*f7f|AIw&UkVjDJkPDPCDTFa2duk|0%9&s
z-5;jk;LdwJkmmuyvkmfa=FR{da5crV!8^Lq4IPZ3yWRhdvn4LNxqq((@-yZxN!GM3
zp39Z#+7eF+&Sx$%UlwuNi+|QGW=q=^0!N-6g@R>lJNn5w|7#8vJeHAf9LQ^$>c5^j
zoxe0F=bCwIz=)?fAQo!NHiS+_PR+KJuVcHPF)sz4{{Kwr=dAMI%ce2|g7(kXN|5>j
z;%#?w0Y^0!%-2?W5gYwAK5u-6)PrX&-(bHL69`jz9@}=(!hL7Y+y0kvb$W4nGra=c
zP5&lBH2VxmC)5f}%Bo-_{J7dRQU)JR;rl-XDrXS*`x$;ucMbGAV$W7xq^#&%WcSx>
zq>DmA=zzi~DZqR!>GCxWBq`rm0)aF2{J{SvK4@VaZyVzDN90yOu<(7DZ%G!IuBIAi
zsu#{YbYx3h8E*Z#%)i?d9-<M1G;UvVIaLC*vsTIPkxqU%NhXmG7f4$FP{~UhQ2Zbt
zvnD+11;mrwrJ`87v)1jF`-RP%Olfi<z!@6PRr!S}*!g}o=fhpgS4?d$p2SxGFQ5i_
zYfc!?zgL}BGrajf83$0sO-Ma(Z+?%K+s!tF9DkYq{)G8y$5b0GMk(njq~y0G$wV9}
z{Wnc@$ceSZh1fDBOj`y)r-U++BE8rfH<9fjX<lI#4;Y`>t_7>yfqQ(R#x!_*e`G=c
z9U4<_t-&<-txMokkoJuA92rv^2!9LEIpq_g)hyHty0l4jM=q1;;1O217140CZYev3
zRcgfrRZX(G90?EXHfQsN^Vg?p_q6@pmY}pu*da6nj5N?tXv=J{&?m8>__KSS*74$m
zaOI5V;O2a;TNed7QFBd<<{bO{9xmBnVXV4)OP_jUJIU7rhbbkVM*iXgZfyU%YBfY|
z;eWS;Tu?u~Kkq+#k-K2s@*y7xHu?}F4QAv-$_XomnrvR`+uYuAIbh~q$b6YhkC2_0
zORdPo&=#h}tiM@u6--2=XhX@DzE>T3fS~8(G5@rUShK!Me@1ysS7T(tP<JBcQ;#vR
zn=J=1G4jFn-M^HBVNITZH3##o=&{v=CA2_$u^QpbacQMPG^kw@LLYEsYut%j9!|MB
z6dPC8f!T8O*qIaNUM_@4DATzr^w^pubAMNW<T3(<saa(ZPrWU#JCd$3{hU|Yp)w}g
zRvaF@9(F>?3wYEnc}_b(p>Wou<(P#Er$0Y?R0D*Loq17U9TpG-kH)bN5l+7!wZ~_g
zsI<7})TrT1$G(1WiJr4=7QwD4ID$Pa^5ZjemrK`3AxnhM3n2&fvS<@cHr3lnos=?p
z@&Y6Ao0Y%1Xs32%xn8Q6tKp*C<uWJJ^@2k?)&h@i<K~MPWmPX`HEwJ6o82NcmY&Ny
z4d#Kp`0TT5Ah3<&l1pA4>u4)az&b{>Ixa8EW=tA}QH+3@)3<m50(6Oj8!Pa$d6_fl
z<0JO=JDQ6-W9iRCOS^*%P|5|i7{yj0We`puJLS*(d5_By4thTeZ~3#H{E_!2FBI1-
zXxa`*Y4IGYi`%%MeEZAPiz2~V9t=TFB6c6jz`}X0WMK2Z0QKg&>0JLa{Im+UdXC!1
zO}B(^Ttsk(?H~znlc0t^cfxAjscp|p%(SJE)X4JfsQN_5-y<h|i`5}#vxv%7^t~R7
zls6uN@@GxTI6{{W-Ssp>>nF-U$9`p3ZWC<IFyOm}et5{GQ^n2cWeWqGQ>Y%VcbS9&
zl)9(_fPmgP;!CPeh3WXq?JhKb!qv=)-JL>4Is+~t4Rvr&F{)bnh`hK2IXrdyDS5ZN
zL(w&B@;}_?n2Pz5rT1t(${%Lca|#eNXpT7KPs!6JRR5$?`a&z*ao)q3bD6M{^hXS{
z^_k5auy>ZY{#vn@w{H_ko8UmM<4#JO<DyHm0?9=VRYWcIUZXh}`bgu+`iE)!b5ZiI
z>x6HkW+P_t==^DViD$XJE_MBC?#`TV93L_d&$qtJC%%3K0-n>qUI0Ed!klh7Y|B}q
z6#Sqx0^8C)p&i14A2zy;!t8G53m(sLkgQ=`Dt0eLt5s>cP<XAN21y1jukM!&5;eCK
zKpvb2-5iG#@py>zA8yh5e1Dyv!PoASYld1p)(V>R-<iE%zfcx7h+oRF=SjnkwaW+v
z$>|zl8SbSKQdh`EzQJd}(sEhQ&KrXfKmIF~CG)u!`;A7iEQL_tuB2NRPib;jn^wqK
z$?%}cxML4Jp?C`O4JAHLjCOW2auUz?A27^ntdvR3H59tZI+RUh{XP^ej>fG@)hlWk
zyG10#4mozwaID<aY>aIq;7(@Xsf#?)sC?qzrkYj2UeCDQ`foFE|63Na{>NgMd1<^O
z+E%VHJZ_GSgqSQvbv(DmgcE>=V<8;BtYuw-G1ME}%5=LUvTK3LRdoWB@DV)NI&fp*
zJ?1&xNt~t?W+1tZ7T)rAMw|+p`3<9Yi*M;mme>+XH*w{xHk*_5^aRFktT6Yh^TGr7
ztI@9+vB|-(hnZAY>=cfWB=@c<$5?WCcw}qY_r9DL;;a{jv5E1jh=;#XeXle*z2mWf
z^ZxPW^)7ChXcihyM8r)&sW|5z9iY%rn#SC1mTMc$((8!?V|eDsE{ib!s;z0W9bM;W
z=W!6bKMXkaC+40f3cW#Z4M{JIT_-qKL5}~2jlRC9DJfbSLTvxRC97#6;#SraaCCUS
zQK8aHJ4gn_gFKwxh9|9uAc9I*bFwiB+aWt~7SV$8x*<uaRazP^MPyP76WHFq5_NQ<
z1>s1}01iUw*a!+#L;7Eo2*l)WmIb}&P10i>JdN0bG<}%S<G`uNQ_(o|Py6OLnz62a
zEpa>MxO$J;WtqOm*iZCy_s_s=w&6>+oKR#V#;0DtaA0c;V!;7lMVR0zGs{|Xi+MNa
z40ve7$xSvHTugVRWPsujIxv)Rs_7|FRoBC{tTA~a5z<~5B9uyeAz>&WIXd>45b*4>
zv(naRU*A2<CJ=GgbPaBWiLNdZagT7YA#*tKSKUw9qD|Ov>R#nA*a(4$YOpHw0{h6i
z^KI7h)6U^fpVsxDpFEG9vl>JAXs>EvCW|q<^5%J4e~b*`0(uliZBT8^nKXwxf36wQ
z1!(7p916WJwcqK`*T4vQdp{Qm1u*Tj@~m_>`uX<b5&4=UgEQnO`_KeALx<VTef65-
zIwEZmvn(m<eFmWaC4xv-NfLF0WtN5PX26h!WtVG0$+-R&ET8Yj5e4((b71RAcXEBq
zS3H50ue-bb99RJtV6LN6<9_-6<L;`n27kyAxp7O(Gx*zxOp7GM^lew2S5`_Ls@<6T
zJamkH_;K*FIS--nPF!V+X;wfIvm-P71T@W0x&0q~4{cgAg_kvOUKQP_{LH9&Xxo92
zp^)T8g5Wq%iPg*d>egvQL^!(&p@<?U*>wE4L?P$-azOf(8J$QDe?<T<o0tUtTRk9!
zpyi-7@~&mquHMlI<`y)tUPf}O_FkaROXt$)TDzO-xd`PdBjq~aK_fpq%}rmZ3XHl_
zhsUz^%O|Hl-XOZ~Q%OfJrZ&+}sMg_dVZGS?aQGY5L`<#2W3yxR<2d5%WQbfR^z%(=
z{-#(UFy1<DD{=7rN&$#F=g&*nz7r?rkWc@{9`8d1JbiIS6U_mB9^Vxu>|5`saF3QB
zX}?qPx%6kjwFk}es_&k=p|y)q)3uASY9G%Z=D;$(iEqz(7q7hsEieXRhe|!3VUW=!
zqLB%z{_YzkF(&l(iL!T-MGYVXpJ`*QBJ>IalK8GW6$-}5pkY&u<YVQY4GPA{F-vDq
z?G_ag|A|sUrO8o!nfU>`Bjr}OE9DGJN*JZkr6;n*ePiJqUBR#-={Kz0NwWj$mW~W@
zH0@@V)Xr;<SYkqzH7sD^hjny&`6TB|DLX~n8dISzRw|Zsr74sljVR<4P-*D9i4|=K
zB#7hJ^MVAb2kPj3=lyNPHWx70sGl8m^gRRErdG`NCi0h?=&#Hi>X3ogUL8)$2_$15
ztdEvk<n)1RVvg0LaYWLaw|t|YqzTTgLI@?f%<0`%CM&md3=NXME7a&xFZQRn5n{?@
zl;~E-kJjlujMV8pCKNXZTTFWoIY0#?a5+AP@p)7oCKqX(NwczBYmOHJpH;-u=UK-o
zQ$UozWKe<}ziL5u{D<gM5KQVcp2y6M6c~jA68#*hdkh<@^l5}3{P(3JW_0dvv8jz5
z(qkNvChWjd7AQC0(pyVZTv6uFra6&k3?a)86}Dwrny^FV!qb^3mY)pRVBD}k;40#8
zkabO;A%c+M9^o#P2?-6g)gNt0S)2PIo<>!c#b5mJxAjDzdGsh5BfY^}I}3W=fEw*$
zl^Tb2p`>c#7Lmy4e)OfzeX-L%*_smZxRM}ENHkgp(^%Pcsy*n}+#zww1s=D&o2uPx
zNha}ZAx=}I;YGB~+q<fPa0{jthNZmPj8N%Lp&0c;!XiK^hM<2meZ~Zm5ctfO+nWbB
z6$lbDoeMWKYYFO0efY=}6ZS7V=)Ea-aJ#MN&7hB$v2R~YjND9V{Jpbp&kH}^yY3mU
z$0XGbgG+fReYu^nXB5@65@fS&e<ZI_Ijs|Tbn8wdYoh5o32&G(2o!69^OeKO#S3%#
zH7N>>c)U$6X9jK^W;FgB2F@}6XxyAOwdR8kFTR!?&9hq%m7~x>t5(gI*mN5X69Vi*
z{C2JQvvNXu8~&rI18uq-NV6vw0v;7AqNCY-OC)^!ls`?Mt(`N+IhQOlDLAWm|6AT#
z<rDgOrfcVCI0L%94-S3X>b8%*P>z@<v9Rm#v1Yq*!gLq&Uf>ADBha{wlZTLcC;sf-
zJWH@Fpg{CVpr%D$j)+$oy`DWP3*DfB%CV;quRua{M4o=fJWZUacSkXFTNtEUqG*Wb
z2I%_-UM_}QOCxwp?w+0u#mo#R%<>$&cjIYzX|j)5RwY#@)v9w`kAl{U_rbh5zFY$q
zeB_FYZ;<KXec?Ybfc0&M$1s-9g1lQToW|-gn01Fzr=Nqxp3>R~ZYrqY#ITt43M5zr
zzINW1BxodJQ{(oTCW&Zly%2+jMKYO3luMZ=8PIxCG0zwU5=wlf2t2Yw-?r1DUd85(
z4o%c9J+=Wmizf@UjJk^zA34WPuo{<@m-R$$ts#}EiwXGy!05-+l`fLrZyxvt&Y<69
zSAb7B*1zqhr|}Xblj`r(P=E5}VQl3cqH5LJ$77(2TO&th0t@}j8eFk}b}g&YPfsp~
zW(`0RJHOU_S@WBwC8{Yw^f}CB<=uKXkO~rDMUgYf5@aEfq=RVj3k+d)3+tVyMGuJ1
z7yL1gvMdAiR^Vqy5-HJ9DkdB0Bc-liL>a3ha@&s*0^CA@7T%+-N80Ja=wF@{=yoI<
zVQIJ0%8LmI8PzVA-yHOg@hPSO<!Yi#+(^O8g&lpp<AdIF$BBb1fpjVgnXS2o@&UJ7
zZZ<8@e9iBS0O$F>V_TUtY*aLykpr>9VoscTn`WRDCIX~1vf7$N!^Slv=L&c~E88be
zY^;5UOxM3D{CwOErw=44v1c8E0E;Yrlx4jJpeLCY>-}1Pi6<t!godsX6s3Zw<o9aN
z6m1jtKQTgpO=!@t2XuPq+Xi%$nYrx{zb$bCM7UQkacR+Jxo^wq8MX#x9c*Jc=y@j4
zJAgz}2cct=s=gT&h}~hi(#+?|xTyp;wb?>oVjWswX2=1hWv36pg1loE^#bMyNr=?d
ze-BX4z0VJcg5^X&n|T7zmJ<JXBFojjEYPz6SKg&K<mu!!Gtdx9TSI+}QG?Zf_{VCJ
zFd&SC-})!fXM5G+?$@vonDr-^_!p#}88D@ad41q1PhHOnnvlPz&Kf}&A}|ofASG#@
zSuV*+0el>yrr-8GYMT>uLO`zvC-p-ALH!fHHFn3OwXWO${;|M+RFO#{+O_-sR;)V>
z!K%dAss^oxtAFk3q&gPS2!quV9G6+KOCvklxsRXtZw|nFoI;$$Q)3lv|0<*51cV%;
z(#gBplf%eHjf>M06QOe7q+ab?_QsOY!M0XGo3hlqZZMLxI%VDUl^8S}HMZ(+e&PE$
zoChZr3Q}3u3{Iqa*Ht{^cNlnCpW0olFSd`}&#Kt5YA?9zq7?Zn$lIj~n3ffA`((C}
zdYVQL)Gy%+KoS$tKD&Tb-&#z2pbTPzM>dx&Z1OnSFJjP+TOkZO0kIy0VvA_|ND>L`
zm?`kx2BJD>iCpuP<hbqMr-Rsg#e48TM~&Xkxq7E|dy_9dT^cHI|Dtv}4*y>U9RL&x
z^Kp15g|WP;BsuUe?Y^xqW@QrTu{{jsd8`z1{i*=Ex#A4S;NKr~-G7CFm^$fB+-pUK
zA%@b&nEZ3Fd!s4KC6$OLxo1K8-!92+E^yvSw|4<wq^>ub<zXvNN7z69?mo?V^e;ne
zf#cKy!T6Ko<2Ihc+#xC)kYE9v8|cz9bD&#Rzesc_;o+Md;4SdxdqsN1w@Fhb%h{}Y
zpSRhppkX;r5MbC*e}fYPwcBJbwe&@f$e6G_`$7u61y-T%#5~I@R@&A@!OhO}-5$fY
zxcK3G4O*g5Cgu`=9ghIm$HTF~*0~hElV!=?Q5)JZxzWs#T12|DvOnr4WpB^)-zLSt
z_>YT;Ap~l;K+6oz>pSc4K7x%n>tn7}V17%^7RyM~#;&vfo}&pg15Y<*rh$*U4ICFu
z!(l+Vn>Mw;TO<?f6;B}h&xq|rKDXKI!jL8;$`Tooh;dVfyY6ou!4X<3%mmSbLqOT7
zFB;8y1Os+^XvjYcDxSpj6E(w}u_keLj`l&>27x*m?KGbBtq`A!{|O4#t;!H3l^1XP
zJM9|Hd-24+2f_nkc1x|$=XOYojR@gJxIUU9wu6~u-uR0hJ_F1gJF<ztgyX+i%UYnr
zB`5W`LpmU{=N0RW$Two12^SlYlcLKWsnND<M>)~9KqNZhwjZFi+#3WsfhT7=vp37+
zF$+J27DpycKH2{Un<RNxE=xUBbuS^ny~<_8@9C$Y1g>kwJ2lT8VA}|A0|2l!7lY9b
zo2d(ITlV>Z;qdW4Ny24tBSI2_ok=M{?rLb_-P-O6v*f@Fnl?k0S?6x9J(dG_ILuzs
zv?;>gJfsuENI9&G{(mCgc(mF&p~kF;E?eiZ@NRl4EC42WkYX}2aTC0Pyoxl_K~rd>
zfXM;EFOjO5Zza^`J?@15eQI1EViqP?N(E~=6Lgh#s>4z~Cgv-On2)uU4ypN$*bo}V
zKv|P#NjdyIewyu8S{frQ-JAE$e+;=`&oVgbnjNGh@Bl@omg4k*gXi&5M_;NhdpETl
zC!afQDMo}$|G502z?#!)7cmz2J<uC}ji~_vuLI0Ikh?hWGA5ET`<>c^I2`*|7L95r
zZOKOD>+m3S%lnR(e~%)3U-3nqUcy*)KGf`5#v%`rL5QyKRnb87xSllb*6Lb|ZbEeU
zzH!Ix!boPYURV*JmX%XhG>+AMXAIAgWw}I=^4$<~y{xD&ch1->8-@A_juSgHs~hO<
z($x9fn_=CY7$7S=D1Ah;zt6^W62tYD-fIabz7j0d_fsW0D+z_sbMbcR9}2UE$@Q*d
z%!Q-7`ujz|+Zr@bwg;x88)XJwtd0RB@_fd6Qbca%ndSh-f++Ld1Il5!bjpAXz?Phx
z4mOjiv00i3kqo+gDCK{glMq}YU?-AJ0cG2<v8ry{1F^<-3O`c><CEBE@-?kAcp&~R
z?7yfsqco@TkziK{8~2`PomS6)en!prQ#Z@a@fZsfXQq`xbZ)Y4asv33+K77IN5-}X
zE<z0S*h=-_n(V1RxTm{`Y`>tDwCSlbu5bnvV}=pS35pYWXK1E-F?+?0fC!*X_WkEf
z{aqW8f^oMc3%-<u8-BQNwGS8VENr<%?NOeA>@)=qf_l2;S5tb;i~ii{6m}#2tS?N?
ze2Di@FOA)tqO%K5{Cl3!JFzLX4lDvm0`^8!8llH`bCI!eMzLM?!8R%!n9y(DvIuEZ
zH8_n7tuMXq^WrQ38<1rOtO(VfMudSEBbc}!BNaXBwkKw__tH`~S5j}W@*NpoP8|kI
zVpZ62_YI`;Dh$w+xJpN(zigS~i27LEuZT?0M&<|ZlD}PCnumy{k(zt`{K${VsUv9K
z9Amp>zzK<~pi=wn=twjxCqK%v=(?!Pi~-~Q+IRGv$ox@{5#Or=^g=86A*UZhNEMWv
zCUVVLv?Y<$`A4ntq8<BUjO$urHwtbQE<i-Mr1wBw^SGG@3O4x1X@TD0f=9gqH*I>i
z>g|)eD%cZ`)8g`MabZ)}^m7CYO&Q&8WhA-C+R?MO7KeYiKYB`Iu$cr8#msn4s>Gzr
zRH3ve(J%BLQ1T)tK$^O%^aY=0t&K6scm$&NqE6a5g1N3m+khPz_G;atUqUj?A#abb
z)n!Mom%6P6BISVw0BCvbPSk1Qt8Tv+KQbTU#Rh{sgWp#~8x48)BQHB6mPOc-M{m<b
zt}N><i6MRScJMY3^zlD0XDQ8}w?^sAcX+m=>|d?DLlQ1$fGPJ>bapu>q~<Cb1Ob;Z
z(CAH)s1PnN`2dulA3P0o$ooiWGvh_H#nx%8L|&jVe-}AHN@b1RJeVK^Fse!s3XVB}
z+TI9BJMJr2Y{uXpi_9Q!)`ilUt0OCN1=!C}4fJJJR{NhdUzC{d=tlm$Nd^;jBIo<9
zL$xP%xSd=9grix1qgtqF2!gIxlKEtFYGF=;ylvNEdUpGC^!A_4+l?^C;IbWo*Jd{R
zYyFE(gbqcoVt3d7x262`)LuCJm#9`@aB!yrUO&lu9=%g1hhSMA>UIBNW4;Z|*X-fh
z06bB5Sk|;*^TE*CDhgXkn{gi#z_Ph)Kn(x8DnXYy5S+pY48lu?UD+P0qFbF;4MW5^
z|9ESyEF+x4s?Qk?f9)PXykj0?-2oSgAKabfWhX5TU6@z5k;1|FuAPR#E!P%cA|lz)
zKqHefvCi|5%wTSju2vRe(-$QSGMNfq;fo^9sO<(dyPzw>*%o$JmiVFI6NQzTNW$!(
zJ1b9tuu<9zSsOVE6?6La%p9o39xaPDGcg3+A5U^8##l|_^yV4B@qhz)lVv(aT3O#G
zdT!@tXAPlr6u&D+6f^QZp9Rz&@N@1@IEju>@`+!~o&X;PNfF|o_3%T+b|B)$7YdIb
z<&?@;Wf0!k(s(fLWtu`;UKQP<kqz#h1LYk!&M?eZ^DP@rGX%uK4qIX5mD;Jg-}I)Q
zm~O7;@T=rIYY$fL?5mZ)Z82-$%@-VoKEI{gXX3O9_w27y%ZRUrbHZcCRtCk{X^d_C
zD;&NS;kypV?P$vSS%Kg2uH{9`V*HnR>bH*B`ksH$3@V50fm59V4~m^>mS7!P4=NKd
zsrY3t=de^PUbOjuLJ1=es&SaA92M)z3Qw30&TC`>y&MvRCD?zkM2~8rVw0ilh^nns
zXoysJt5bjUQ?)kGDO70pV;SS!(TM#C4qs@6`jr6@|8-%wVfC05N=wS->cjl)J^2Ei
zy=LI2eMb`Rr(4;H4jckh<0&HZBT#=Shs-YCAC+=OlmH9DUrkzgr=9=@JcvO@{cUvo
zk<X7h8?Fn4&FG`m4JO7~5eXztqWmdnN5U8fVE7%`-nr~GHb*<XPV^X>$vxg>Z;@sB
zuHY87x8UoFe+PddynbiGvvuUGVFwTNa7!GqJ>2$442yVbFaAj*LEU2moaDAv747di
zY)EeI2S&T>oA7E=_)*uDadu04+BS25p{t2KezY<+zoTerr;;;kDluT6syn>IpOjc#
zjV$`t5+PcYqkxm`Fj%Bt|Hnvh^KIo+M>wO_KmAg$8bl>l23tOIF`l|@yOzF$RkE2i
zrKH^m-trxv!jK&M-ntI-<(s9+hO-Wx#j60DMiKu89q0gYDZoMsSQ$EO4%+fpR8%h!
z<#ioUfDH;><=q>bXI}GFg0FG<u5PY7j29rcT;7TQ>JbeT%xVOzVRgf@t#e6+61Oyf
zxyngmZUjY-ZuN`|KtD*(hxVyCq;1GGL8elsT`!eo@(~H2>5TweoNnQdXJb}(m=8rm
zXCC24j23Rj^l4&4LTe74eXE37s92!fL%+f<WR3KoiPr8_kxk12=hN1gM_c@hLn$?t
zvA{TP%c<_B`!f!zhS%B1Q$!qt=EtOy+F51VX7s`v$Kw!UMyG?6cf@;WQYMvBgJ#$(
zklZk2&83Ta&A5Q3lx~$GhZyr4s8c@3spG$U(tQ>Ab}-<z#-03YQ~%^LYF?ynuJ7w5
z+C`3*sCmA8Jsllve8EVNH>o7ciUQT+JBKu)IPnb5HZ-ab`AOHX0E!pk)TkY~G{2wf
z#<nHUCbQp8b1ks8o-(7X)@(-9S7EDX9=*>pwuGwH6_bG>)B<Kc+_?dtd40b<I25#m
z^@b&a1dT7v-lc>pgXxK89`yT$(cIaKY0xH#Jlxr9Xc9n<(`oouyZCMEcB95gQ}0!B
zJ^OKe3dfYC3^71*E&)opXKUZVAR%c|1$$7Ck<IntuaZ=07)HUI5}z0rvgB32C2Z0M
znnK8gjR4Ths{)bl>5genv;J;p;i#mqgf0_|aRVP0dDt+<(|YqpM;<;oeGc(y`^YXm
z%{h`CWQG?1HgZZR*1^!hBmmoCxROX61*c)Zm(DDNgAejkKo=ggfWXUATERwG6YVI`
zR&h(w<^hZ%{bpBFVezq$>9vrN0o|KD?fn)YR0#Y|MHrTV`*IYPes+)p*-f_BG+KuB
zaL9+_>!>wOO42W)y2CS_V*h$_K(avP5;;1sO|Trn4L?E~)G<Lhj3}GLlMN`_Mu66f
z;o#W9NkmDE{uV4<;07ZLE;~g7ea!Gq6hqPzuddE<Y+jd-{k}j~Y{U#jKxc%+rYQl<
z`ws|<u(DkE4DP0^hjtCwf*{I)vSgO^x#gjpFNF@%UZyXf@5Ksl;Vh!Eg$SP_uYOG3
z7<mj=YDFH3A!}I{nV(Nl6q!#$ZLN~w1776XEudy^R;%TlXtne2S`+}k_XcLvi+yf@
zIZ@`hl4PGX>Fnaa^Bk1?{gd$q%%q!c_zbAoUGrk_Fxg+5y|l*Y3srU(;Em8_aWrI8
zzlU0ow_vi9(xemU2-gD7Tsf2)%E;8YB(*3C<p(DWXNlGs84n4!QnL29nK3fZRtBOx
z)O{%au`BD*Iv}&h^ev=i3;d2Y2#gy3&j4gAGR5?h?m`DU;vW<|5JpG^Zs7>ub$|fa
ze6O)dg3D2s3wuaXiO`MBzj6RD*3Jlil`wXVPWx}uQKMwD_sx}=ak*pjTv2p2X}6wt
z*c8j8FEwq6Za2sk+q7)iF)g!q&Kfe9g$BcV-hS<(D_!FIE^wQ$U;L{FE`*yyTpyuT
zq*14fMuH#XO809qq0x`RP_K|6`-eVYs6$ykznDm^X>4vd`w!8{cCHn<6DkPZVdHxS
z@`wNwqg&(vWw+ftg~c`Qw5Zc91$XDf8Wnp4K>hL(kCxijKTgi6li;Y`eZ98NE?rqj
zbxA^wre6P$?OG0!Vka89Au=#??&e{{*N1(ppZ#1(FUeOi$>LX_#8={X5HX+DNzgw}
zE+ZZ!0Wk@M4&^Osm7)yskf)YT$i8+8_sfbL3Q5+IX05OclYOl)57H>GHEY4ex1G<%
zk1R<6&7$S08=ZrQl&(vDKc)-{5Hy{Z(ERPXwlv8t>`lT)(>04DJ;tLva+3%4(m7T;
z;=Z!)EA&y$gz(oO*T=maP;`n-*;;t{BhbIaWf*X+DXg0Di@;J@Jbxj@hQ}0}gUA&_
zA+#N2bYXGC=1NT0S;OG5e{(B<>Q*{_(tXb#W8CMik#!C^9_{Ab)#<hM)wY^_QH@DH
z)2I3g)ke=OKU!aw(Kbb~mLBIKSaW;zzVPfCHF4+&2{Yqs4js)6EEG;6xdO*HCR@hK
zRzHUjK;bvd`b3qZ<iB7I&xv;tMR)2)3+OMIwqv50mXzhJVU_DbX^Hv<v6k-^E-NTG
zMgFqf6i=`7{sSkFVC6o+GZsm&T20H8FS}`;*hXnV5}Ql?meNeOSfSqVEEOq-<ol8V
zZ*4kT+aH@dj?B+P;DSbGa&UfRn)!rOpgmpqY6T>l;(5?#U`N?I)sP|STh4(SV`Wwd
z4Em#OI+xNTll8g&LNYqWJDC?=w(5DX5DGJByo%({R+@A=kuVTYd~gY*&iY9{U2^$}
zalzY}(1sD?;us<pAk_y=Qe+A6yLa^gv!5CH!m;A#oyG<V*cMIVqWDA&1{v7RmCC@o
zTJAelL1o2Yt{;k~KzWcdJR%MvgQKSkrpSA~bduha_vzt#GmXU*vS@lmy0yu10M?;F
znoTC(38yiMWlvvl%xoxr;kI)ee5<-WmGnM>)h<N&qhTrt`{9Zw-Vf&>*W>L+ib4QY
z743}cwJ1>UdwEyN8T7^|iXi8({vL4E@a6U!PI17Itc306v{wR-(xmn$WRm`KUaX?h
zzk<#B-<~Y5X`&G?)av_qnOY>5cQ)EpAb$|!HIV5v6-lC*-!YCjjKYqzKU=TyB}9P4
zUNh$<;DK3cKa_~lM77Z2L2PI;vk>RP_=f1iC`O7)`LfRCqo7dmD7s^mWZn>&a3gMJ
z@m>hs+7Eqe9^WxClR$+85eK6)lORH)L4gD_)WO%4TYEs9jkAY0%cm4sF58OKxHQcd
z6ibkXWs$%D{{@2DokZt8dZXW3l`{2tlw%?EUd+-TLcgI_a*jh~7q|z_VQ@fRw)58R
zUkKGm%Zeb-Pr4yoo93Kd<oTa0?)DhS4qnK4Q=UUw{0Q#`1)=r@+4j9c^3UU#Ow7V;
z+Y)&=A~}Aw*}CN5S*~fsbYXTqbh8>MU=rIT{CtaYuSrqyKR#)?TsX?GSv(qR8iCH@
z0#$b*@z%Bi)%XDg17X<e5u1s~h%mzDB<WG*lJ0v3z1tyclxkhlqf`=l%jDm#9=zSY
z@ah!##xdtwjJ<>egLxfQ)q2eO_%@Ic0Z~Qo1gYwjEss56NrX*0{I3_1+~)_xK!ERi
z0@4!wB#B0E{E+b<ySWRj-CX?!r(<#Aj^mWEyog}gtTuMAn=oQD%12RKJ&3=~GHB0C
zGDY9X5>^O8wFe8eZPGl6Zm<+XpG84#mS?O1s&{Kom;4hw-;+?LCwJtTF|WUaO~~~y
z3X^5+(UrkycKZvzCFDAp>W)MzkS0}g?uSh*%fb!usqa<t$E)4|ieat8qF}`zDr{_K
zhzz}XwNzzW)4uOe6JcLB7k%GRCO}b-I^r-0$MSyi-B86p^)sr<2h?z00Fhw-B&cz!
z>1Z|gelAdM&`vaUuoLLakY$mqjeyD;6DmkRciTLIo`7y^KTn|}lYbKhVv-uJqiv=~
zCsEVpP3?9$&N`5BBgY=%f6gp+^-v<N5jqg<0nt14;>1irr<QUOZ<8HmQ-U#O^_5Z1
z-Ox~p&cbxecJM+>_s{wyMREd0ZrA0w9j|##X|Q$)h`isFaeLyzt!m6Fje#eD)n4R1
z*q}oq(D>d54wnxLi_s1UlcF5feY3ae-pH+>{$(wI5P;%QV!*6VOtD=JX8QmY(4wbN
zm8OG}TuR16|L$m%Ugn&dY&Z9&8Kv~Z-(4GtAoxz7znxx1TBwMI!$PBgq%u!TZyn#<
zK8}{rhawG51m80%z5R{qekL+XTGh4#A=6w|D)}Eq!3ap?%@Ke_OJXI{<z@02h;$q8
zHxl$^P^~{>ZMai=MQZNbobP<rx6FO{XUbn{?REQINd6`XW6$XHy!b<V&-PW>iK!P#
zFs}t;fNuJPAq4d&@>3KAn~D8^pT6Q)_v<IKxZ#P+uzwXAnus8Z&)S#4Zs(QhLz5rV
zmTriwgl3KoW-$Yb;1Moe38kqJMPn;MNr-_YNChN8wEs$M;>G?fQS<3aS5*zTD8)U2
zXSx!*`LBBZRQne_C9Gsfj_j(w=A%yg+{3g1>$W-zH=QD@*9rR%gDp+ftDWo7@$VR^
z-Jj~`97aBU*-Gr_<VDVbf;9*<DKe5@>*t8X{cIQsXFq|REx@2Zv+6Av=f%#na%t9b
z+?CLzTFoU{CEew{Y^|LI)0swXX?Q<<V}^D%LB1((6B6jElfLg!7(4bTaGG?n#RiE^
zbEJ=|LI^6|P0J8`=Zv{<kKrKK#GJ)Ppb3d@;n=Tl?dIbN)^mCSZ@`wPgMm1LsZrs}
z67e#hniDA4R<t+18|7pHau$=qXU@p1y_UFaonR$eQztk*a9aUOr$aXFZwKpFr0S@A
zU`l{=YX{5ECak~2VJX37BU>8jMC-2ccJwjTe=8P+f;HFtK7iu=L5%)-OFxkwda8N)
zL46)f!eVxudNjVH)R|`m;14&3v3ytRtL1X8WCe~21sYl^N_Z3w7)PLwf6x3TA|5@B
zY`$TH@LTP!FK^;mE`7@$J8Diu_eMOQ5#)?S^&dYZ@YoiRi?7#tSM)AzM7%8gTgZAb
zj`1~TrBiLGh)3|^&cGlQU4b}#A`#{Zo38jl^53l8y)Byzz3wLg>wlkFo^>761uPFD
zz(%y2<i=NXRUK!lPO%a5+%V7LqJO-d8Qs3#Ott3PST{G$t!hhG6|_;~IMyWa4MSS0
z0SX#=dY2R4;_OHwygPp8OUM*TKe)qFlX>L(c;aMm!<pdotzFXot<Nh!4nlCpe)Q<w
zQ!OTn-G~o^==nb{rg{8V;yP_*;k04bz<Sz`s7O*tXGK_mu-)#)RqYms;xaFAXC$C+
z1OK`@Xq=$;bioiz%Al^K&nP5FEpe1x>+JV)*ema?7B)lGgFs}gxUxmKY6XI^3~dk@
zK?|Bim7Pb3+Nji%ZQDzDQOqvjxDXV%-eh15b{kyb1$AE#7WGEQWJ*+quPrtPrVzCA
z&&=?Rh+7e*Od4HE(yq1<<j~ML5cdSnRKoneDKKCZM@&`xYOl4UzdI8iaR^m!jR*AQ
zG?*VTvXmgw`fY;Q5L7u~*gE>LfvT{Y{UPO`@h&ag+@8Kk{3OXrT}TFaWrDtMEFMD&
zZ}I-GkEc=$-6s>ap;(`d{#G0KtHVNLDTr=FTo@~5(n({8Mn{`y1EEQNfdHKz?t9-Q
zE|IzRMV7-DF1YStR%x@HE|i1Fzk)(=PgNnGFa9^5X~jYhTPYicCO!2J0?HBQg!zV&
zhB@?}mD<Pq$u2#Ezxys4(Z}A8O%WNKGS>vi158SX5Dln6#4h;K6yaB32u$qw$N;!Z
zY!+BQH%Z{&-i#`H^omol92>-mi>Vebb5WfUJVlL=oD3N4F<xt4&q3Y+FJ-<iF+<eP
zZ!+IRlR-9J44&i+oyD<+d<JD&h>|ry<}a&U?#Vf5`V)s4EGaKXQiuJ&J5~v1Q26_U
zb!_g|8Vya`Ek3Lv=oEs$R$CQK%%ZXPzA#KH_Nx=&7&G#GXjx01E0Bu+<N1B2eOe2t
z=#~4m?GtpjqW<gWU*p_F-*5_&B*1V42-fij2pVPSXf|1Cw1!|aUO5?!XKk*rnDHr5
z_NU{7U^8-QQ0f-XlM!b1y6g9wKwp*$u1h?XTWAmw?JGI3=Lkfik6^gdx`YX3m6ZWo
zxJIA38Z(tR6k+_cjC3n|ujI+5Tt@JlJ=+%vliP0XA+n9lf9gSVzmMIWC#lqFA~(C%
zsS^Ipu2bbuo6(cpP++~pl)Ncc!0|`?T%oFu(^e$UMVzsDO=)N*d44I+lR23TuNeBa
zw2}0&pyi>U02DA&9uq?11nEc+QUda+U@OFhM8{OzsNkm&7Ri^FYjpv_<tpJi=QiVM
zj*~_zzW|9;9RuUa2TIbxi9mJQyQZgH$C_Xj*McF}6Gn$f(JCP^xPqj(up<(^D;6yW
zB{-H0L=7cb7a)<wy^-`m!WfZ#?-cOQtT2)s1j`;i4G<p}=Og#57S_E2jcKq17#?A-
z-^`T%_nSI0kSGxn`L|c=E#y+?gut3+g^D8Lby4&z>N|z-R85*sHILIjS^TiZ(a%X>
z^uN2AYWx>(FB(=nfb1XEs&nt$DVH=foZ!8nt8bJA#=`47PW=N<V+?iQMee=y*_8jF
zfKbgt24W(=#|BIRg!1^eXQbNjDQ-LAkgL+(ymVC4TB0`W+gkLM%1owt#22XPwyZ9)
z%g6sAKFWO#$wly_qfr6(D|v;U0@J5tF?FUZmK)(j;aXAiHTYMq{_YUOo(q2GON)*9
zSwPP&^c2m85_u&_wu9;*Yc*&A#YU`V*E@dc19W4^py2}@7n7GT(J&rT-A8zxh_$Cw
z^t~m*VB|EM3o^CJqdLfl5=u0?++Z`Vhf>f!lQ}~I*|yO6WB+QF-;Cn@nibq2GLNGx
zw`HgZmvjS=dzz<HR+kMSe)UPo!TzE&@`7T-!x0hF4DZp-hSFQYsX>I17oF{+hZmnz
z0}l7nfR_`C$Wce<gBS?8z$kJi@aLyMs3yR!L%0;RAr}#Z+9o(7alv#09H!g{{rIo$
zJCXz&8L*jo@mPR`xF#Db1>eYI>`5CgP6u0POTIeB2q@VJoWr)Tk(?TBP35OIJNqeX
zjawlu4rs~Q@oDgX0X~S0B(st0t>YSj`r#p96RVi^W4Yqsp>Hs8uod_DZiRh&967d>
zja)ZW(5t*)2Tq-40e6SLl~&S847&He_VvClr%;*Ok^cHqgecxkacf?IdJRJUGdO}P
zMTKWCNcM4hZDYacU=vTzC&GZ=OF1*J8Wwk*yhJllF$QBVJu@zGD`WwYAv~o(0vdcC
zq7UNjdwPd+6^#BY#XWZ>@`eUkINUkQi795o3d}J@5~8aGJ41MRb&R~JuY~3viLY;|
z@`a_QqpcRIt5vjcFx{^GEn83>w||h4^IF5Ywy9@3Ue?FOe*vYl5kWisW$0h~bSl}O
zfA;oPKhH#CIbGo&5Yr>kyA?2j{p0UG+4MOylOVHy@*N}thf>``RfjVy8nz@MaUVVQ
zN8cWfah({?kB}Jy(=+Z&TeWV1&8hBT1=+P8F%T6WGE*ZSa(7qu)&v`ygGi}l^<1Eg
z02E>zThM}|=?+H+2kvENO$usmvDZwH4VIA8TA(bN+MkHmbAj|d3Xn^Q!-?fp;8!<(
zjx+7vXOI0wV}i7r){dX0Vnu{O^LQnv{xMi^!-<Zl1m`!ph7+xr?}C)%6@uk0SGZRw
zQTHIQuP@uANje&$OVO_NlY2~|3zX!s$o;lEVV0URJRhVD`IL)ML7UAJR^s*gO2m5!
z^Q34>e}1}CR}ohihzO^Rn1S<^wvfmwNjRGV27(JP1pP6cs_qvWIF|v1WW&(5j-9~i
zD@yZjFUe8jGtHbsa|}wqo{S6$4tRdbkBywD6ULqPmJGlrj*%PsxBH*J1_x@U8;+XG
zt8B$d|9az?T1Lw5un3qnbq39wCk5qay07Uk^H*Ji44}rGa2?#6kt%cLt1sj#cIyQR
zK_)Yp3?k(YRY=`JLIN(|$YwiYj!q8&fx&X%79}{)1jEY|<7U`lliZ?f+Ek~Ux8!$|
zct6G@fwXa`tQ(xC(Y(&mlkUN*BrdeQMt8Y*B2zDmpKjqkRf(-#=W!}Th>G>pK61$Q
zyu_P*9I&5cwSfsc0*?t!(O7QV3I~*bB*Dpa8d}3p+rmPYUn{+>DmlAO4;KR&DF*Lu
zZXqpjnvz-cqm+$OvYK1W1nP&0G)G5+j)tz4i}_E^f;+}4n!ehe7!u8=N!w31uT>3R
zAhB>|45x&v{PY2m9q)I{l%I&u1)yRboym6^Qeap*CgnCWq-bMo<pibdAC_Wmhe?(j
zOC1`xPgWw`-Fcq|svp}>ElpR2$ppxAJ$Jda*fB7Uvu2gu+t>$tHZO(AD^51yzF2u?
z=G?6AJe@oAQs8psSuU;<axUnUB9jx%4CLC`Z8ASB8Ajs-F@cAt=N2fB*`p4)&70@p
z03c7)hFz!d@<hjrKTi%L$@Y%Qc@ZB~k&=(t?@xvl3-Mn7UBm^y=M>^99y<Jx+Vgf1
z9ViE3D+K15byOL;S!qjyOf10f-?lS;xs%apdg&P2fTG1LtQoeN(z?Q%EKG!fzI2+n
z4G)P$ggIDUl~&g3Fn*}~ANUq~RWIG~oj@P@UX=}n&Ks<_3Kypyae1Qtyya1b(WJoo
zggUnEcWp1)0)qrJZjWSghIKZExW5q}8MSw%yhbi`K$Cf&J8H>o%1@2}RmIN%D?Nc(
zn;iyC-Oo}@=dN-dOx?S^im|-wUX~(Q-=ERp+w{K1ge9@`6EqpD!+lTEvUe%ZN<h2v
zU*68zIu5tOmWr+%`)ZFI;@GeC|9S0W(*?wiv{~kVYYTQoZm+%?4m~-I);<q_2IWg`
zAscA=)QfKhSe&}Uw{&pyD3OlaAjP*=_6*b2aF%+*py1CI<ChL)yqla-|EpLcMJkNs
zWpn)3$o`aQ4#C7toN7A=DPR@>D+IN3kv$F^x5?b5Uz?X}`5n>zuO@Y3mN92xOvt?X
zkPS%**6Y-Mh7vq;aCjO<(hD{+jvsh8TIdqW=bZr#@}2jViIWb8G=t^m;mT(d4!A+d
z%g7Wi(ACGAR}HH^?53ETRcU@Z8#dHgEA}muh$8blYKF(O`>AxIM?gmesomv6l9~=W
zsV;5?ORsq(l!(Z3Q(O#PZ){2DUlFmzGQVz~+=t@^c~GSB*o8bOrl!ziW^m79tx+Pf
zM}JvW6)>CbmWxoce8VqLG8p9Dhhkjm8_mc4jRGU!#u%Vl^Uu`d;PB8`Il+P+ZVUyk
z1%wjIMcF%r-$6o&18{sjDUdx0id_hT$44|e@NAA@tOv*1VpZI7mDZG#r+HJJU!-cV
z3o%rz-g*{wUhPHqf@r63Yqiw@m+8kuJ{jzg@xVOmczAVH_9~QK;`^sZd$?Kl$}QzE
zq)<!`hP6eDnq>>^9t-GA<6I(y|9R8Ow22pth3``d;>t5{Q+T4sE~JRw<P_IJj6jZy
z$sS@-5*;&WjAW!->U|y6RJtp}dr;D~t5QmHU8abhrnzf89Gxd@MTz{veVw#>Vmu<r
z8WBMM=Sid=)#~E5*nMtBl@y9${a4x`ZB$`wyh~*SR<C*e5CU4b+f4Bt#|3;Yq0T$c
zZBM1$q{A~1=hMGz3@*nw9mZ4d8djed2a9Ah(hMA!2TPWdNNL8a`8W5<oVe9S%(NGF
zYavAFvbdKdMaR*)2X0;4me%k=i`dxr9!WfTE+mX-n3jo7nF>>7z4Eo^oCDJMCRM)W
z8z_qw^=Hg$K0S_k=20#Q8h213MdBD|!<hsnLkI&9(d4xB(B>L6J%7;j1ZkQ#zefU&
zheBEo0K`oPsJwUCU-h3J-5-p(A3{VNn|M~|4_BtmRm7h0lW7i@D;ieDaB6f`tu*hO
z3SWPN1RWIeRsVA!MWS`wGGx3MoI8t=|G+plL%X#Ue2C1NB^?Eo$_4@E4m*9shjTc{
zfuSmA6P+#cghvm-_GsG-f}JEDWlyKOxg}UBgoeVzFBKM(0=irR;+dDEwmObP%ud7_
z{FCXH)td|RHH|tw8RwnL2&dA2;J$d0FNuiRT!zA8r&Iega7u_ZTSUO*&&}~<{(>6o
z%J)yZ&sA|)zP{Fg9->CZD*!1EW=Sw$w!n(b1JT~Pu`;<EKDXDM<!9;N^b<Yx1<Yrz
zdS=VN80ueH0q$%Re-Flk7g1ND9nj(hJ5VVcQBX<S_aLN?M`iH78E;cjGR<ap&%4Z^
z{~>K$E;7$-50aY@q|pRDlnj%gWb@Y>19^8i_F@tnM^gY>(hEcXhkM}myEG6e>eWz=
z`5D6GaUo>T)alc!ZmkOc9<-PcOkc5Mmz|A`#KsE7->Mt)^CvF;*I#2HNn#>mcb6fF
zoaxjTbCOrGnD##T9=PqV)P0U`&~fZ(C5ck{uJa=cML#Z!m8n6JLd;pR&0;N1ZfB$0
ziJG+GL_EaeUTrP&xKCIRV?Gc3Fn(}7$!64q#V9y`)L4Jb8BXvF7idblix}SuLz1En
z(Rn*Vo@m8Nhc3iIx?-q#+!Wq2f<;AjY2ORhJ0301gHjezML%j+gb2K%GEM<ZAtsk0
zl@VmP4*O|>9!iF32hIKfjKZn47Ro|iu=BJYUL4{&aPh9fwCC`N0C;Rgn`<&wx)_p=
zLpv9fLH2)md+VqwpXhH?MUh5Iq(tfN5G0h8&I8gSaL7Y<Js>3_AQA^SgoMO7NOwwi
zmv9IP>F(w}eD7MnweCN6y?5RB-hZC;dG?ywd(WOd&+OUrJo9jPISX_7DiS78leb9e
z4t&Y{AdtcE?jsNFGhtY47o*;eWet_O9DRf}Dy(=$LHa%DupHKNQGxk|-UU%YE^WCF
zY#ljq02_ZC6G?HD!SC&era#bsDJ7l9C)iq*R;~rnrDVRL`BS6x7T`;zVt_c8W@sUG
z2nVa?21(D0iV>A(3K)`fQyeE*bhxd20%q8T;+iX}l&sSE$1B!fe;X7Q`hT)qkIf?s
zaH@dSjxPjsR8==Sj!|&>Oy|b2Utlfav#5uuZ8Uo?Ekf6NtOXAJB)hPxZ56&9Qc1YQ
zelm~Q>?kA;teWWZPJ1qV$OJ?pGR7`SpDX^L-OL!ZIQ-p+_c_+O_K^^bs4j81Eo2uj
zTb^Aft~9)9Si$|~q(im^46m{S1C+=wM7@UkI2aXHLY<_<_tuin4Wfg+V&z&ubDvXf
z{~U{M8b0RMJtR3p%Ro&u#uC?pM|eundq3d9Tx%hP1)ne;iWTpD01nPnp6}i6mvS6@
ze?nahbsr5fp38pA4LXi{D^`8r7n<34LeRA6Uh4qObGGtCjvvPygGPB{)RmoN8+!e3
zniRW&?Sh%_lMw5xJMz6Vyk|r$%s<R3p6FtzjccUmb%R~~LE(vWW42Sw_xi3`mLA-_
z-^oc@(Kev26&z!L{dC$smTjh<>R+e9RKoO_ANNEx=Jx*tVIw9|MGuZgBlI&3C$`;x
zyF417E6rlRh29W!zj#|^^Py!SgVn*%3dcx<<@fENv*w#q27j_cUA2^bK*~v&{7aoh
z$Cs|g+_0Q_1!=9PHabi)E=hLEpH;?QTwS7{{ZshbGpROM0}vi9(oaT&w2JIy*hGv~
zCA6;M`)oCO%~K@UY!AdY?+8$(J+sDugAVWYpTqlW41Eq^WnD}`>2L6Uw<uIvr2CQ;
zCq?nfY}IgnG{_J%9v7}4J3LE7Q;4gRDHAVJ&2w10k3*-I++bMgt>w-~#sD3{qsOCw
zuTI0qB7l0lwYjG5isSdA&!ad-4dl^OdRNOinqa`iA;BdVTBsZp93p_Nu<kX~8;m;Q
z=;mAWzTxP$e&w<>(zodSwGSa62hD(5I0+E*17UkYLej}ZR&~Tnnx$s%Akr57QlZA1
zoWdqmIEOtzHruBvmQS2nv&WJ9KfgK@EWBlP01VY}jHd8OR`~Z4a@3dqus>5s+9lSQ
zW({BG=<1u(R3lXMipBiNF;?(3tiwRPqZN8@3H&|X`?mAqKApOsnD9C9+>7x%oLJe^
z+l7?tf~T?rCMVqYBL&ID`>6-;Be>i>E#JG>ONfgXholFl{_1>GITWA&*m~Sr4u`UB
zh6jiu`R?^r)lm3LEYGPTrM}@~?+?8Qfnp1=O|}BdpGpOVT7OT3%BGClqq`?RV6tz6
zvwVhzw4QV9eeb<rdIS*G>hr%tnSU>;pruTu7mWAUR>lI`Fm9tSAJ>geP~uZ@U}0Ry
zQ4I8R;VdnhuJ!0W8y0v6HBT^C-_QK4@Dy$xk3j&e@AEi}cqWD<Lr907JYmE6gBQf|
z?5PM(6xA=zCnlYgehojoEHlnMLLYUM?X6E)olQ<tcp7Ts8;SHLS>;OSZNeGe#Rg|v
zKZ(iyOh?JALDb(@SyCiFex;CQ^VCKNQ!Y0P@9V&~%959d7r(qjR!cKadm)^B4YnN>
zK4o5R0Nrl2lyUEuN2C-DOOwB;{Q2+cD{EcZXbp5u&eu|q%_b^LE}EEGKmfx4JfkEz
zFPtB8-$PB`exew|?hA@rwkH0Uq+6Z#Xk%^jKA)>k>-%x#{vPC?BT4SvCpzuWKWR=m
zKQF|V?nU~vXc4SFAUVV*gr6_9SgeUDX3(m%{Qy!tv1A3FWylW9yEtuFIwb^Y{ps`d
zuI@`0FuZdv2|LjNU#sBFd-ef5FNDse*RPoGl{ea*jr$UOt#mzmYD_)dDCP4Btvecc
znJ_M%(z1(h@Vm$!TuOmYaRzB!9bT*lT!zFl9LpROs|*=KpQqiLgKVJ+;_p_}C>hGs
zfwEEtAsR~sEmu5KnN~WVqF+33>k?Ic!xyVUXCLPJn>-kzD%}4Vzk6?GI`!@4Kyk?M
z1gqjyo=4c@g)67GuUsw2KE3$c7INiipPrB=Z|<?dfk9iC)P4LSMbi4ofK-3avK8qT
z7A(Y3Oq6ET)0XG!{57Lr!Beu?t~V)HaTdTOD;uQ1oh#-1p9(?*Gwso{LP~YImiXMT
zz9Cj|PiMm}JR`k!JghU1muYV@K82|{7k%K3jlb*{%Ma_jQjms%kC!wV483bl;#B)G
zMHP}<A*FeW392H`FopzhfzESY{euErpsPLEJNf?NSc}eE;4OS@1lQT|Bss~DFc~<H
z#q0-%m~vF;?+e}<)=#0u!hDbJFWeifl6N*N#ZbokWhX!Sn$)H|2s~zq+t{Hy2ier*
z7@!*Y#&sx~$7*rmz7Xgd_(poNR9I)GBC(j*3Qz^P_l9j8T^Nq7$w}IT#h{2kcOt%o
z_FnL=uMZ0?k*@MD0jB=V!h%4ZzRt{juJ4<D@#eB8ww(7r_GogEqtXwAPbYX<zUMyf
z1kLc?+0YR*gV!~-r%p|?K93dOzgRw%@2~Lb91D{5Gzp_X37wz>j_}ahi<0H_7``Ra
zn_~p6<4Y6Hh-0L_JtM*iHx7-x`U8i2D{Vzh730+FW;64}>z1!TZmw;HmN(B*^&V+$
z>A_!;z0~h7243;!7#j6d_P)g_)B;mj3#`D%UR+3WJjL(_ElH?AJ8~d(5V7&N$rwDl
zbQjAqc?Gqen!-xS#9ghUJz)zTEH4V4<r74BKeJMwWJrH?3G+pV_x|qsFe~VnH#Fp_
zQo8QFUAXjx$`k-@^QPz$_pdfwEK9@rkhBMSrb1E};-X~Al&PiaW&7Ns4YaqJqv%Ds
zYMpjC<{S*mYF4*a1n=i3muI5w1E$T@KZt9cllo=S@4YkQRCscJ)%0<Y{_BPHf(2Jo
zTff8k8$z~6v6%6ob*Mu_KVLW{I=PK2{5w9L>9Tnilk*7(D<$S{B+H{JHYRh^O3`Xq
zk$p@S^Lw^Zea^zJHSBzFEY-i`G|;^5hXK#t`rerq57$j_;Z}bO&*8{d$reaNU@)V|
zzE*+@N>kt&&td*^0Ea13QZG;MoHUZ@cu7lu@9?-HMo{G~N0^%X0Qh^8JUxvjy9gZ7
ze>N}E1TJv^J=a)C?Qi55CUrRmZ(#KGp5A}4Z^d47N8yTrnTm5fZ=8n=9xr*Bu=u}+
zvaYuOvE*f!QM=F2y%CuEVdQr#*eT@0Jepttn?Su4#Lz5!Kcyz@`&QY5=2|-{4eYHS
zc8b@>qn1e}?dh8;B`raY`7~mmcG`cJv}V0)u4W+yYMoa)Gc)d)iu^wM6x{UrnZPT~
z#Y{U&oJ0|wXu3zSaxr(7i|BBrl<y}jkE0Sj-dshvtZtBdGHkvM_)6#drT;dz$@yqq
zefj$+DL3u;O3Zu*@b>owhr^3tezj;u(77B}s^5d1^n{VimG*_#h7^%<q53+Wcg9nN
z=MMp|b;~pgUE;Np><=UFzk|);hm~YI6gfQUXoE_<_`Er^6Yij*bijIh&y}P$E%0$z
znD-~AjOVWZ3f@`mXbiaOsVe-{xcSYMr}U-ZD1uI<;rGZ5-H^0+b9TmaFc=`5mJ)wO
zm?`pZ8xmFavX-ql<GCGNEp>(W$R8e<W8MTLmp47_dsxqQ#4@vuEPHe4DrHlaWx(UO
zvUjG+!_^p6hzC=d{lw4s>eIU?axa^z^xn0Y%U!o&JkDt!8C!bYoV`y2im}Wbt%xGp
zT}yDe=k7<vQhy2kQi-s<p+8z)&!7RF-kzF#`mL_cbNL6V^o7j5i44|%WBCp&-);e3
zfBE@bvYt<4GvRN)&(o_RN}U7q5;*!60S-m;X|F$ZK53M(at-TdER$lK&@oHU)>c06
z=F3e;dwDLT8G?}pC~G+c>=yXFdCB4H{RS&_Bq*fwQSeZFyi#m{WcWi0fp0mFNC+6=
zj3U*seH;akgFh)?NP!Q{r*gTcP}8qK3oFOhq2dxp#O7_Z`NF7~6d0Owh;cCm7Z%i~
zKAchiK+?w0Z<HrZ0ezde@;8L9)G@C!xJAJX<RSF5Blpz8l;qJ@i+&gCmh^+LdTh7J
zCf^j3zExVndQ~bN#|XhNtJRm<qFBBfXZlAp@1QnVPJgm4o2N)qKU$7D8h!w<jr2sM
zu+P$}{Z))w+-y&7C*2DToT+pZ{Nt%3b(M^jik~p=Y*hMaWU`cSPEihT8}r{fDwXQD
z_iPk!<ge$ZW0^yV>VolKa9?-ku*f_-_<;MF+r3Rh*0QB`C#73SZIq9OQt1TQF{12H
z#`m-PsuEE*+uI*%zK?Ja7PJOZ?HhXfZy!SoUB|F_({`Uv_0G_X9ympob@i&Or&^;j
zMJMXMS`-}EjFvwO+lgsF`Us4o3!dp6itr9pUiv;#wY+E~HdQ?-Cx>#`@9z~`pZEw}
z?z)WwB|aXpc8obRYF6M$pIyc)PlscoQHdc0Y`S^K30cPeT5ez}K@re(>fkJu1`CXH
zCa=SEd<xD}PN3+(lh0dBucvx<&f@1#9H`={nO_cbIfdPY1k;<rD+8xKTNeI=G&Sqa
ztm8SX2P4n{veY>bBkya7CdH@@Talfrt^L~RAJm07e?z}blwkVkjL5cee+9aC>(&0{
ztLE2z#|LeMGF2BGz+)zId9#rIHBXWUV)GLv@F`K(<)u=u7+oIRtm$m=3U}Ei1g8TO
z_n+$nt=HvlTM$@k(j4?rSMngXW94iLx5R9#@t5rv!!6q@+b_{A0qF#1N15qQ{F_9y
z8E&>8siAhylV!c0u5GKZoci*28ACBaJM?bI8gFwb8&t^xhLaY<yWe{e%QJm}O0NZi
zwjljKKmqYewo(mOn~3qwRAQN?`r{RRA`aVw{vR{vvAr&T=IXq!mvRYF<CZ~9-q-Yg
z25I((Lrk~=9!dS+sheDB<X&EUeub}fWmsXuyPmyNb4Z)e_%Na924ugqkI(FiaLd}<
zmm=om>t8?}YNw;)0-C8|vYTS{wbJVk<eH#DhH}cHzTY6&efGrP=WyuP3GJ5QD>mCb
zKh?&0+WFbry!u(^GUH#g4ulpxb*HCQ2tp&{h`umiiIc<fkf5_~M<+}Vy&DhBxLy3$
zx~8j<751qsv2Gs|k90VsQrX|?a4lnOc>jV<P=^5npi+m@J_sTfTOn3;n*(L6xC*bs
zg+ecQ<Bag_nhx#v&pIlqYe3xJFmcAy+f2z-o^PvR<E>!=5x#1&9<{pC2#zPS7RLBA
zHGHb^FZ25#b7UQeMB!iUnJ357tXVyp{l4L0#*qz3-8(5XpcGM?UgghG72O7-Y3smN
zH&mgl-otvMx)wb{)=6$`EYhb?H6n9R;srk(y#CG<huCgiMP1s|^}aatx>faM6TLaN
zG5Cj3BNEs}b9KH_SmU>KYLV0AlYUxuy7AoJ$H$wK-y+?90ql@CzoZap`9f_-r(r<0
zmA0na#a|^2VTi$6?f9Jgacxp}7qAujJgN>E2I`g|1QTL}O<PG#m-qKdQ|u$^!mj-@
zmr6<mN@fLWB+PEcb|X9Nb*cMOvM$2^u2~s6mUq|xow0!8(dbdZd<QOPD=Jx)x3q~`
zr%6?e<k)kFXO-1>W{18y=?a=zIq-X%^)nrJP^zp)R;~YYPc)F2sc&Eh<fhi^!X=or
zT^l17xm+~Xx*F|9Un@CxXLm3Q479IK=#XbvYg<#!3qfn8;8e9NJ4h~^ZJ3;Ffu2OO
zcdYS?scG2!{LIh5({=UF#qTAxS~ABIggkDKnu1tv2kQieFJCG6UXY&hx7sZ?C>>0#
zLPch_f3H#b>qy!QsL}2LN5diZr&@i{?+$&x*U;KaTEFs7cR0g6bR7*9(tB~-t4t;8
zyeEMa1-FG&c`T(SpJs5lX;hThPkhv-$*rob$*^83w3!~7gJ!GZg4;uG6N7PMdWc<z
zx%sV=w4<d<(Oeq+qQ-{VvGMJV_D&y#(f)!pwDFV|lXduss;~oK75iwquCG3WzH`8B
zldG~_UkYHT;`-R2x&`Z1M;=i`Z(9Fxmp<$;8n4f2=(mcVFc8)7DZkR3m>b){p60_C
zMyHr~N{Y|O|7-6ZcXvUI!d3^p0W8b(q2gYb9-~S2lPNNp@40A^^6m!;#?aNFn7YzP
zuJU!Q-AU~B@mhe3tt?8Gs-PhL&>NO>s#cwm3btnzY!8D%1br$?cQ>uej2Q2+y*Z7q
z%jvh)n8{`YX*7bVffQ_^uGed|#u91k;zoNblW+E}Ui=Nhr_AoUh;1~R-(IxBEJ2zl
zeC!((Q?Gd|!oRi%94g=TEE)-DMEn{?FGnqun3aI)atk6vg(8+Vq_E;`OJAje@R8dL
z#E)hg{WVyxOpCD(Mp>vov9g&pnMzV6Zht988K$saN!ZcqZ#K=1NOw6XFnq!Rf4Es`
zopUi{Io>1qM%QaRwQJwCHw^5*&Rz~$QD^wzeC1EJ9v$6~{1NRkoOMLHIx+@1{xUd;
z4ET}p4{Y!`*x==^<Wx5KiNVqCGFBsJ+<XA>UD$d+N&DAD>~`I?(9(17k<}Zxf9Le5
zYWF2G{K(Xk5;o&<ZNJf}oZXro`E>1=@A2m-YFVUQyBkrw?P#{ZMJ9m}B>UF0eH@1R
zgc#l&y6>#(7H~HdenJPFnoc*Fg@JD@$9S);PM~E(x4kN=Y-j&A)OpX>eFsUB=V^=1
z6P*xiyRPh?h4g+j_7=PlJ=nKWjUkj|I6fC38CTIevVP_Kl)x-kExay+Y`M_p(eNB}
zOx`H9edBd2c{1(srhs0-M*q#D)Q=^D#ryv@(4F-|adWZgrPZqp^gp%p+$P{!SeQ`l
z^<dqJi6mo>*lbUR%2Sp@KK8IEUoj`G<wJt-uPF@gCmYvB!T+F9L04YygsDa~A!EVk
zg$@&}@_kZ$n22&Zt&e`Xut(DjgBYNQ=Q6amG1@dY>%S&=;rQl6S}@XVs@nhg5dAgA
zFnfbwq3*P~anTJQ^Jh?mH=wmlPZW~BseHgi>PH-v64dHCii_}Hdw7l#eOq2d(V!Uw
zEioP}4tbB*4~i-~5KmNa@FA0Qt=e4tpnTFXva#=f+^gdDjwwZUw#kby%JPy`WbYj?
z8EigSm3n1SNkVh(`6joEnH49?mX(c0n`px(RZVj_h;;Nj&9v$b5~w5rpC+YaT>2bS
z{CK(N8cCx2yV3I}&p$<#1(07;YTe$5GuTK{3%#!YSZ7GE;urrRqQOK>I0_uM9~=5!
zWzy5C9g&`6$<47&l0s%fGu3!v4}0GUZpU0?I4u|1P=h_vrih>3{!zS@Z&A`uvUBEk
zIaheqpWDfpeU^I#Ac;)XBKs_)|D&{*gAVLpJhhlXJyJR6IiN^tm^ng(0Y6P=YKZPY
zx8gJCIBbYw_bAkKkQR=zbu1>4#<UD(O_*U!spQL&i~S|ye{j?_y3jIh#Sv1}ba^Sw
zRh7k+Hezm{#4xoM`(13F?f|YQ1I8EmX>_zdSPqE3&;e{3vgy1l-z+@!ze`7SnT*qA
zHuS&y{+d7copUBRo5Bdx*I5KLdJ|tgedT?sTxgwE!>z+x9YCg>A!(+WyL$QNhL85H
zCtJ0arO89qk@fk~8<}djE?s<LzeY0%my0$qKohtsHYED1?QHz>pOano3O$!bAH`iO
zx%rF&C#V%Qksw0;Ch6_8s&gy`aWD!=PkfxVyL;AqMFSe-k7^8@i=@2G(5t07Q*GAy
z-3u|!vW%vsqK#c}(1L4$)QyFO$^J@}R>`kW#0_+ZoTIqg`msZ3u`f^`f8{(wBfbMW
zHHj8R&n?}Ync55OUT#hFo#bGsuI>5G105zS=pisNT#_};Qx-j{&GVal>Sv!It^e1W
zhQN;sfXs)U2xUo6*u@YG7TZ}N9(D!!*}_z1As(Ao*#zv7UY8xMgPn#PvH*ear9VV`
zWwEi&OfKu{ebp`@;Qxx$a6A8kcGi6>5D<1!i%nlTOr-&m%D^b8FoxXAv=r!4ij{3h
zC|nz@p#F}bw&}9Ab%qjs4SK#`DKz59D>Ppk{X=5jqt2tIzHI^Ksr)3)B({^P_mj9P
zPWX<h2MqK>WL;lH20g8AZA5)#B2%DOU`Jxk8cD^n7^j=y_H=NDElJ@9I78(?<Pq0C
zp<}I@bJZ(WquBk!LY-Q`tMnV6TO7LsisII<4iNkg;RO#y{A(JmV!ixAdJUg~p}1ac
zS8t%mc@k;Ky4^6dg-A9cZDMlB0$bNj5A?{3kNr>AHt~EyD$m!eSo<+ww>$W+U-Yqq
z(_Pv1?QKTS+Y9OB?d!%taL2nx82kO_Cu*mvpwd$HeXl{K0eDJ8{l~;Iy@H58mFo@g
z*fQ!;B{f{9wbWpgH#2C4m!(kLV9!u%DYRI_T4Pg<l2-ksN9UnP5OKy9qet!dTLj0@
zgoVyyn)B)*!{wh%ZR8n!jVVXAK<9?*=rpB1%>q*AF*w8x3Z{On^$nBJ6C-{FxF~1y
zE7X-E9MS+tP4{kjO2%rtk=td);KiuJ$3CUtOU|z(tRanvXO>dotLT>te6NF}d<{*w
z4i=3~CsfIsJz34w+wJwkrC&1`juU|MGD}QaqStk+j8TgNlfG&<tob}8_c~nih?(G`
zJ+Avfc=;$cEOpm5xYrk7v@~xZQL#N!k#?Z|8yvVPABbbifPJc*5KWqx7@EY=Jr)Gb
zI-MzR0<CZhg*Q7KTwiY+%cb9}nl*W#=8tdJH_8B?>#BLe6_3qMSh~!j`=M>RVrDO-
zQux|^M?yrcl5gj+PhWJWxunv!%S4Z%Eu^1Fu^*fvp0r^QyC%)SA-H!7RKv+OOZpR_
z-z2oIHFKsuCLtiZ&X&ur5g$G};P`BsY5{qI3EHiYL|$bY(Q2L3S{Oh}*v=R3%M1*B
zl3mL;5J~a2#uRq@wx{)IkUOd>iEADvT-8RLlcmhE@B5g+a3x?U#%L9J^hH3H(L(px
zzFRVjB1gTZn=0JEWA-Qz#pC*>1p?4K0cUz*y|U4G&wLs_fSu5!(BFGHICbUoO!kd^
zW?lY2^J%NVHLkMPYh6F1EATToYu#c!US=zN7+=e=k{!3*Robpinw%fn!P2dG4O%YK
ztY4LUc6m^bPIUTy<3yw3FMrSD#eAU_CrcfNFHf#h{gp%hn@;=iM4eXw8!eAtT>5pY
z)E^_c*?y`lpgU?crT&fgl^zWBVd)C;gB&+Nj=J+8$4rUoW{0uU(YeJn$e;9$Fo-1G
z+llLC_B~$*dczgiP|Rd1(!c_JG++P^v4+9fYgZZiQr#5=Bf$*N&&471XWe5VD~D0K
z?0(g!3rB-`FQg`b`}qz6MST)qF|wbNGdDQg_-CuE{G{M6lU?h|;d4`+d0!r$b@;`!
z?=tfzR>{OK)GvpLQPi-LRYV(VnhqQv)}_!~C6|L$ju@uxzrt)+8}6f5^%wr>w7Z>V
z{$g|uqmfUh%>$3P_@&mmxcnkhdvdqja$Wk}Q*XwCTh`Zr@}h!xckgf>g2->45c=Q~
zA$swNE!TCGn-s>8EE+NR-2U~XyPAmnW=fkm!lPT8kk-S3h&OE~1zcXVc_z6?$)7;T
z>ySdSHL9_)^d%f0@kFTd2;Gv|b$%ke2nkYSJt3=iT;(RVmexNoHFl#-=p?*5MGW4<
zPe0HI0}oc{70_%A7jrF1|5}|F`e|z=vzwGm7P*}>bB!*V8ahue0UC;Pba+hDP4#|-
zS6}+E?~@OiBShO)HaiMboKH?H<nU-j?nm)XBQv#l`(L5kBs4ziju|uL9i>6sy{k;A
zDS7via(JLG|8eP$8b{3wuv*D1TE6G=oyoNT4u@aAABS+=RMsf%j!W>Hk8fQFZ}ZL`
z^cx|@YAh7RX3N2dXl;*gG&E}FPpwd@9yuFJtZ{KOc?AqfC$N|-FcpVPGsgTPJ<4P}
zUJgDA*1ic|+MpqlV9@_-#N(uW!AQ>B(;CS)*KF^GhA7zAnT(#+H)T{^<BK;K&T~SV
zmMIHoXORlG-X4y{ghl^s5L`Bgy%$h)?&3PhT-o`W$YTwwtVfg$efb%1oFeeMA%fIo
zPe^X)$;m0Lg!}j@@5#5uv|5_PC&Z~-rPen$7)0yA^0A%D_|avHXfE*!zlCVOM5~6H
zU8ajvPyV#sp0-{?3Q^~z0JI{_XmFWx2zCu+h68a}nA;ObSYcXzFhy9Qay^n=+Q*<k
z)cduPcBeeElo`JNG<u*(8;w8$jWzuqephD_u63Q4(rm+qA2M#E93~WE2}OdI-h8Vw
z41C$ZGG(ww-5LspHJ!b9;0j6)GUu`QWuUx9*-@8lN>F)Mns<6Ua>Cx5M30(MXdfAh
zzYQyS4nJp<iS~8Pl=oNunf`q7X?W}0mj=Apn>q9AV=AVLgUwwbzobndn*8P{PRjR`
z%dc?0(ZCNuA~*-}z*iW1w`-}HxmqW>&!-y}Wr+3-K>otXax)gyuac#KXnhu9d$(P1
zmejpGG#;+&=4Ry(!Kf(u%w%vNy>>jp1c^W|MMPS`=bsMmC{)F`2sHuqv$G7u8z!k<
zj1553N`G_}0y%pNnFY2l%pUU#U(L4RtJxg;9x@w4Z-!#pWzBk~N!@Y}?JEj7*s^}^
z6$-kc<9a4y(>=5Z`qHlmCr8<KVHrBskIAjwHYz1d8axk2^FFB6!{L`zb~ih_eDS)d
z`qHuV@F{l{|7idB;&%45m-GQyIRC0dGSug+bTa%#56ODuje&?SsrlN&<3ickd1_i3
zFtk)#*k664343B6<@`{bhMdQ3V9yQ3e*eU&!_ve_r%D;W@WGl(RH9~io4LZha(z^|
zLB_VgsIvAo6)fXp63TN;T?YM!t~w_nuU4+6+w6T#T*gG9^~K)YQ`<;a$Bc<H7}2lc
zJiN!30OGY2A5b5pP?8GUI8xyzqN38P_~|h#`qb7!n=UDb6Pbd+VY9oL({H)WJlUv{
zANH{>C%@IlfJ11cIppI~m28{)2<&RCVHWXYlTGC*N!tulwQ6-sW3go-PyO(Nm&WET
zdod`{+zn%0*-b;;#CkH8%1X9u8(V8vW_@U5F_fjv7D(o)uWFZCW`<m}ZJ{<`0|I3R
z4Mq0Aug@>}-Kb<d$08NX{xw97&+e@7ERQNjHSDQYzW0oM#8%h!ae-dfmI%EZ`!m%!
zB;3#GZzcN(5R{V-L646znkrj|vDM|Yw}95;Gp1f4jo(L~`5u=VczD377`?NYhGz?X
z>iQXh&mE*5Vh0{q;eN8uGFxJ!>-Ly%wLN3PTjbp<?T%^{=Fx>HTrJxw$so$tvu=@j
zKa3J}GN_Py$xJxAuo4`-$Culmrn=5fFB1xg0DdnF8MlJw^tzo!6DzO!U2^=go98YI
zy{-6o!aOI$VsXRXGqAZbMcR3lufiG4Wt{Oq<2oayIsGM4drnt#Ii!V-n`}jp+{miT
zeo{lwE7egy$Um>yR-X+t5@ohTs}z3P8gdAeq3EO$*$d3fREY4qd%tYlKCuNbfS;#n
zhu~kpYHE)wZ4XSKsDDBR+|ie4%h(ov-=}j{f$z8v^v=2>4RnXcOB^8xxRJ7+HXKog
zfd^PT`*M^lfeSY1UH)jXdiE72RC26fU2XhY#Rm+ez!aL<^^dIS5rc9d{e*j%);@WA
z#k6cr9DhRTY}3#=zUyH5kgvY`frjyN!Cs7#Mn?yqUqfm?YCJ=!+^~agwJTiWi;D|t
z+=->fR+JrVOXhM?ee!nL<?LMX*`)`-oy4Mcq@IJhMH26N>2xUI<Wig!`!KvwRrRnP
z3<)P??XhTU^4kz@5Hhxj8s|64CQx*;FGnr5MtcgokEV&uT4)}s_GNk1&x=eNj<Lx$
z{I8o4f-mGvrrnQMcUm_P(a7H0v#Io^^TXX!<_BoQv)#&z;z8BZqtL!v`xp4*PJSbZ
z)eCU8KF;TY7nfr&07!Bv&~?<(j%|}9^e%UWA(s$0gziD5E7dcHo2re~ditw{!dk$y
zYTaYLT$oT&^5+h<6}OU8T}{KU!-W0I&h6`!z+WFn7jjm@%ZKl>HAzD;mtvxB<+8dv
z<b<&dj16xqB8eGX3uB$Z)mpEN(Kug5182grLPEDzPK|;e?<{G*;Z7#i$|>FE^pPCl
zaZw&rt+ol{a+%a!eAc{RN~a3t8sSAHllFe+uy!?4tn~rPdPk%hdRbl)#&Wq#FAR2w
zk;w`?y#kzO#)eWgbloh$=cJooCZ}^{A@gRn@|yRKvPKg>9rK#K!-0)v`W&+g0pH8*
zIY?cK_zUr{R%m%+V@EFc%>f{3v>gwoiOtefvT3`F2be8ImQ<d;JL5A6iz-lLuf=0y
z{;t-wJbK&q!>z>l5_ueHTQNCG{QN?61KCIb&IS^}3XgT+d-(%|usv78UCBbfmAEWI
z)S$oj`O+#%*rD<AI&k-Pd*4)dW`+#tokE`YNQSGcRfXOyE*kpa9+eo+0ZM)84dlcV
zke#|3TfcLl`gtUAMk%JG+pchvD{YuWz1$)D>B>6C6d=*qWO6LrFk6()gijKgW=}l~
z=Ci$%oMhw)h%Z0ELy*ewvZVxBBR7RC6`sib3e<I<?*}XDd=#a8IXKW5X$+0Bj^u!=
z-Zr~{3Q??MN2)4B6>$Cbv+HXFv&GJQt^&d&dvepCX-{MF#hNQFs{Z@l{CSuJ!&je~
z$X%_~Q~sB0hej-JNw~7|Ix0rLUQaGpj2(?c{!%ClVtcwsMbls%&&GVHO)2P_F$OVW
znMQwnn{JL{^uo$L%LGDLGZmbt*SmWv?_C?j=)K00E4nr*83kw-Rw2>}dv7j7N^*~j
zug9wW><B8PMg$SF*C(Ob@BVu5y<9!KW^+q2k(IYcO+X;Y(s={pQ$-tJrYkoEwqZXb
zi9aE8RUm>#s4>Vj+ca9H@L!P^f2n^hY;JbBf$1DGTt9#NSZq>Ym?N@hd)sDm7IOaA
z{=xyO%Q$|_1Z<Qv<&N3wb$6CEA?l)jW-=*?&$eZPDW+pSl8C68@=8c*zZX~5phZG0
zogDd>(!;k>10nX7&^l=nC8O~+Fc-mcoIUzVDbBmYuRhu8B+g`s7xB~2e?BaFu>ez8
zCeEX_K^DOQZWf<BrJ1^@jPp)4{vtG~itMe-D_@@kY=Yd4R+n5=>FK3?lnQMehUaqP
zJCjp?iQS+YZ`KdTTgVx=mleV!=l^Xp?`nP+H9x*?oE+b*TVdjM{AU)2R!I()NY(TC
zZZjv77>QT<{LSMuXELiSub({@a^y5MxVGp&f4_88mGG#bNt+=m!*O%&n~AY4Dzt6i
zGKLv-UkTQN>jy=P{+kP>LfJppibtLuRz*z7*B1QWrdAs3ls0<3hUXz3?7Rvw(G2s9
zyUv;htFLvOli>0-7_<N$4SNmJOx6c6{Pb9@_9$TretvzzEAIL+HI07@6%JJ^s)^P!
zd_GdQQ&^Si@1lk>0>6MMx!*Yd^?LQdn~nI;yRJ_mlOC-joMVHcyI_h5w}%k5>&T{_
zw$@dw_at$4^0|IrMye8nv9Sa5x%}--zb^Nm$&;`9CMp7(VSsnfulYiW*C&VVB{+kf
zlD^8#=?0PHUVrIT8jl7}KP~fde~z-NtAy3D!8r^3ZhpA0t3|Sp)y@+*)D|WuUEnvo
zs6mp;fV&<qZBI(4A$kwJ)}dlPhr+m+sfu=j<N@R=ChvDFno`QAPSy>Rqmg~=0_pzg
zM6Z^1)r>}eq5!norH8pY8f_!?^9gN&85XScO$2;O+;w@NU8tPbNq$mL_Ch@@)4iD-
zV&rX7Q4u~WavF)Z{k#S_3+5+>>1->NBV2-1ZJk8#H4QJuhWWojxaQIMlKG|CAA`%6
zBd?@!aCan&y<#HgebuJGTRTeDOjSCVZEl?I;^MS2u<2rT+y(jd99*GF=#^Pqh?x!P
zmNnIrL(?~L+B`T})9gn;Hrbv@3exgiwpx(daar99zJ8i^@)AKeBI#dtG;A79p+R9x
zk%r^h;L_k-jGzHid(GR`0h1wuoB?e^mAG63PB1aAVGOMpijmGe5*1R>sA9@}NUGb0
zv<JQ@rs#FD?WU%4jG3ETRe-8I1yx}IRmn`DIyxLj9i3lS)LJ<7tUsfsGEoW5y<`EI
zQ5dge4aJz*!VHpg-g(mCW_{HBf&6I|zbt;Bm?Wy&>$sNH1@R*VIpKkv_{0VUGWw&!
z7>c->M*B&@wc-^QzZSS_R&EPW+35<Xj6P+WfDvsXIh<D#rjrX3>@PS%pC_|kAfezs
zjJ|*Q6y13${~D?r8a98`&wc$-5a|HeT!oRZ_I@Mivv`N->s2>di5rShnyrK|R(@WD
zTs*7#F40@TrpP@}_vcqC!XI}dLrcnGSBxTUHEsynYwnq5$~TN>@gCTsJql~RNihVL
zo#0i;kjsy0=PQ`Um4_!~Lh~M6jQfQM^x_)_GpV>$1C9&6h>%LHc<gCyl|^Vw%jcah
zNL&jIl)tpMMdZO~Cbd4t1@b8_=;(0;Q+yg}mc_~f^qKYGmfJ0Vi`ca`A?RC)a4%lh
z<qu{{e&5Z~rKVZntMwR!ESX`(UmKC+cbj)iphG3DQt*^dje1^wbi3UT&09ah5CUy3
zXat2nZ@{1epp6aETCyhN+F*C*t<!1!OL+^9C22vwOF<FSH)yrIbzcJ+6KDk3K@=!e
zDXoX2Yb|TjWbtaW{l)XSFqtF@L3|jIAH)D$GiNb*lc*U;0N(W$b;JV{M`R8{_Ns)H
zY+_>Dn%AB_XkVXeVVB>}X@!TLh^N^H-FY<NnS?JTZyz}VAvF@1zGz9*A<KwU*H)Rc
zGC~>_`sqhYQ^}Z&W8N)OV}#KTI4`8c25*1#V~)>#uig;~`>F*=j-H+Ie=j(Gtr0F`
zA~1+<%XtXqUs||agu#Twwq2c2trcU(5s_d9mIM{-8gspZWHTr7gSe~k5o9(p37BJ=
zaA``j@||&Mah~zxA9nY~_FA|u^q+Cxjg=!<AINJ_6=nlx=!@FEydU(Pss>aOu!V-i
zmNurR8my3a2474(m~smf!31O8kggyb)EhBOZd)&7Qn3BC@qO9t;rj{{;EL`iw~m@{
zMa?eF8bN!Ps*c`YTby|K3G;RV!CM2uOh*<S4{4^#BZcFItydDX<gHRqFCZ2pX{dUB
z-nen|aJsCpj^IWlFYhS&>z38h`GHLRzEj_zuB6}bqHU(c#4GTB(%1)V9mY<VS4`te
zJF`%q!)S&#I*KQC;r7gu*{eQ87ku2Gq72;^r6>RSv58c`QqNv0<_sf&6Cpnh72n3z
zlcdGIp$Hz`V>+-2I@GYMgB)+4DzA4gN8?8`ktchuab_0{ozt<koN86aL`<Q$_Pcey
zL*;{cS|w!;582KLlZMz}0!0v)B-6L@1Qug3l1W(-biw#Ed5K!99sBB}8%>?N_lRX^
zXh;px^sXT~dP})A;*%0}YkxZ89GH@CueoRKb$*Tsc@~_WUG(<5pPunfjrv2*{F^X%
z(tBqJ5<W+#Z>`44(e;gT;)3IzgB!lv1kO4X`cGGo3GK=b{H5lR<UP*LTV}9v#(Br-
z(Z*QrXjvV^HOFFimFIMCdL0w`$a<cHQfxkz2VO(sy6iSJ-LqL~MM9Aqo@M)G=wbZc
z&w>dzv*c35oTp9bPH+wK^_{AidP^acDb$xWnBf<yqNUDp%h3u!e#tqFTLL?8fEQrW
zW$FhQBkc2821VIX89g%j7174)<uEQv8Xx60tkdB`E^3jy&hHFevr9yYQi1PSu*3)&
z=e2d0kh8_;WQ%;};tprdn4Q}ZUfnebhE=J;WB*Z3{|jCl5Ps8Vfr&+<r?(1=CE?UJ
zAn&Mt$iq|+;g%;le=#ry^{(jv@bI6wKrqa6swjp_I&fu$MNXuKhaU(&9&WhmjcD4Q
zcM+Z?Zcnv$0>>MvM^gJ+`N|4gsoAmi=^Qx1T2!~KQfaqVvnY#DA~`8532Nn(h|;IN
zQ!xruvHDKMsADJX8IuzR=kh;LGLMTu0?_!2TxDWwUB6u73E|<*;A^?N776;D;Hkq<
zD=)DA^Sk=?1C@yyGs}N)$vQ7QAAG&MJPPxN`Ic;`3QK_l3fu(10ymNWZs=1&mc<`h
ztLADG*`mp6jSL)W>w~<!Z38JNU#=kKy1;%#BKY~C+QO4phet-#=$0d!OqdP0I|$J|
zR)7+mhYBIC0nra!JI-Y$_T81c3$)=!R+WYMkD3m*pSUE^fEhmx-NJ!!6*m~Jmb)8K
zZLRX6Z5H@_sUQDg49zqs#QjdlBEm%g+9o`ivKA$HiLQeY&$5wU)ipGDp=SkW;a*N+
z+(J#&+m&_FBa!e~nkgc+x-`$JREN;S-o7WIfb*uz#Kc%gTP>S1dOZ`V4{^<i84}c}
zOZv3nZWa0mmHd*wL1i;i$T+8JYGuhgt6%Q;gpS#G&_Z7mODFw$b*YtWSFurVm9vBP
zVh}cKLBGtKYs;-8Y{Vr{JZCq*nyq8*6g_tz&Ise<R`N;OeJg*Wzh27$TktKM%^W%6
z<4*1&6%v}>9Ps#sFxD)Qo^LfCKTTYR$tA$gpO^KAb6D3T?9MCire$(6FS|CHm~z8q
zTfxCIonc~Hw4vK~Bt)Ovd-Y{%MMkw?Y7;Iwu)glP8wlo|b9?I_i#i+qgQfN4oN7Q;
zy_qXN8-10fKo;Uh@~Q|MakLOLJobU?nu7i(ZnPraC&cV6+HLQ72qy<FofE6Ruxz_J
z+%YQet$!ry%vnKTkrz>2sO|0Y3qqs}*hQ3XRZ$72?vHZ8X}obykaI0yUnpi-G8^9<
z_rE|B5K%fbc=1;qy`=(N{sey?R1?F#xhZLEu+~9MO8P4b$qnD+{D}n<cNM)HAb$g4
zH!5V#H{`}aM;;OjGUsTRU%8QO{gGP5`L?~at`Pl?pBuP<Z#Y$Xxw+JB0+lFmxMd!i
zH14MtG`?$f*qKIL$)M1>UO4DoX?^jl$(z!>e^iW@pL{mwMyC9#)o#aWaqzNr(hGK~
zgb@V;*&Av)+dz>?6>!B+#IlOLzXUtZ9rQnioaLftC2vRXE<32imCjBecBf+3Rb%yF
ztcEcaIOw*TH~D%4v?S5qz|IcPCA4!4%AVKvPUD~0$FAIt+sCGvft!Hi+oP#He^n*D
zjy>xdYg9yU%!M8_(J<1cLbKKuSfrEE1i$IuxNx0|w}ffz`80Yu>D(rtnh;#xZu)r$
zi~iOtJx5(0MEVpa`Mx<u*}SfA@JB5!>|RRW07dq+b>Qnvf}18nVF|kqJ14i11UJZw
z-BzHosz!AQE!rSzB63|pkaK&<P0+w~#(3T%u%iNg(Kih}^sGXM(cX^lPc{&ktO%Q*
zl#FmT&Digl*!ws1dd%LoZ`NIQ&JwOS%?J>AUGzFsqWj&?;C_&@B70O_`XzbCjqbnb
zsm|QYn<ME?iRXm3n;s_Ds*TFGOKEA}M6cSSJx&o#@3@;i@+V>5(KljOhd2GFt9#ux
zm;Y2onorzN7m4CcbOeRphS{B+MsuqeJ1`gsu-WCSCzf0o3^(DPV;H=`@3kC*Z7~X1
zU$s=+pCF}Pn7(I=6Xgi|oy_?^WJ5>!YN6jfLG*@HAO1Cy6yoohguzY6G4kNg$1#w=
z-%mbZ-OY|Ch4}A9LcyxjykJ$G=$D36#r}8;(*b1WSd*cag68kGO1|9PyMgzZ1q{+4
z(~Dqckf~n_$h25uL2u#t`}Dm6SHc1{Po4V56U<`l^B9{XX=HnW$Jm34XJBzlSzoYt
z8K1;m@t3rJ_0>$2&fjcV^U{76XJ5rI+|+vu5(gD8?oE2@j6JTNC@YotU6Dq1a=-An
zpq$Y0mu0(OfUP+DE?5+MQVy(NE%ad0yQPAtdV-`d5-jQnYje&HwxxIc1*#TkD-PeE
z#BhNV{K3%qzg{qbiFb^KR3(aR3)7$7G(lzsaf;PKAAf0s%uqjx3nSli$2-D&b$H|3
zp4;Z!-3x;E51--}45(rAP`=MdC$<tOR+MD?YxUu$zvAEF-!|8A_p$@YE?EQLVW3X5
z9(>2t*~xv#gkLbHhOJKdzB!#ZPvA)lgz<y*i_ZuyASm}u#GeO=n8qDX(;je|<62Q#
zu^N0BeG@VDAO%x@;OTnY({fp{pNz0THTqxHxB-;b8U`=Mx{%We0eLa;6`X+@^e9_{
z2ibBue<~j;Mi!L9uoEfutkJ};1WTtY83Sz0+hIyC#=DT{gaBkrd=+OPgdXK!@Ss3W
z=WpdheIT-+1%_QssTYnW_7p6otYW-pYc6ZA^kSk5Ig=1j5EEa+8K_5(axr*NE~m3r
z`Oqe^U<8K!hf*&eO<XNls$azzU~AqER+#KU&L#vD#>Cfg1{%?$JPaPx%jxV@KJ<<(
zScGApQR;Q0iO&Q}lR*h~=CTe-FaC5P=MsQ`;+Xgb&OlRol#juKHaVTM%7<Sf3l3n|
z&#3g)!Bz;BPJ<%s%-g{lQ(egUgn-hR_$JOk3wjh_@Ssml=U&yr<j8^t_Smne^sr}$
zJ%vgss~PXX%w-*wUQBl(|0V>K$HX^t23pgjf(#yv$?0HKJw!$p5ZhzFr_y5uW{9hW
zO7*K517POuU=4H^av>q0GA6#2GZ03P3Nv^xBd7DE>S1kU0i8XzCzYPU4Dp#zX)-9n
z-dxs6>BUSJaxo#GIwroIGth}16=CpTSx)C!)x)010zP}}L@GV&8RA#MrPH7Ud-Ha%
z!fY3EDIuUXCccw1(2f2XD%#+|mYmLus)yvlr8qT=e?V4UoPnuu8Z?F+{1qC55%6j<
z7VxI|edyn8btM`yS@QV)S-lA#Ws~ZX+m^<?H@oDK9YtlHG(OJ)hAu6#_BX|hJD)#(
zbL77O7WaLQmlfZ!+Wbo28id(*@ZEp#=N)|iAI!OfR{z1=JLvfz%!_YcZT_rJ;R`&+
z%fG{k`V?RJgKR8#2EHQWn_ux4=wL4ORo@XYY%S8-lf(%loS;^}I69I_DoUSOVovsC
z?ob%9M+^onRFs~HJu|t3_bcz9=^cFeA2eeR8w`3|=?qdW?x5*^(DDuj{s*mrJDl+!
zw!MSR|3MggG|0H}0IcV52k%$iL8m+T@;~Tu2jBh&-R_|2f6xOJ05Yz^0n2*b!HoZ)
z&mC<35BlA~h5sOc3UGqnD+CtHUX`s9@ebfML)u>PW9kwu^}R5Z{mP%^NCpyH?}!9<
z#5abrW8(Bqtm)Ur2V&X2CqCVW--rS3ASc%SQ$9*KG4Qz6Nh6QEV<}Ue8?Q??!}wWD
zM9Ud319`~4nKIXg-qoK&^})r?v@od#9uD#lC#WIU;Mw;;h8nRYCApP@uiO;Lz5I>l
zc6Zd~|A?!1#I!pi95#nR4R@WxAp4)o696;)@si710?60FM<Uw166DM3?PrGHq{;sG
z6S?nrHfn={&NV?nryK)YUN7)W*g94}`Q|@M$36H7x0}PD`5)c>Pc4CmzR&-k=*B1!
z!SC}NwDg%F{F!CPYAtAaiAlzer2QJX8?cpv2Sp!!3u6FKnaC^Dv-C}3x4|<*dS>>!
zqN~jyR0AQUmp-q=WY_4IeYnv)1~1%f9!w2fP^f{d20fEOR%uWFEA%YgcG=n#<d+-r
z|2Yx(e<|t6?M}y?JH=}Z?i9DbQ@rkfnF#!^7yaK>^4jE1$H6-tB>?h{Rm^k4XX#YS
zE~dWr-|nbyCI0^-QvKhEhreCKpoH@*VzB?ug%a4rNC);^7h2PA{xy1|uhn7mb2H)v
z_I1ZQ(dltO*Kobp<<8ma>`LRUmW`2vdtLwKl4QdsvJ$-lD4v$h*}1FT?zJ~A3D55A
z`&UfOxq8&uc$C##E-{}Xw(SjOw<Pptb=SG(X0Eb88tcsN2;}xpcCWq3-2Byk?9mr?
zzTxvF_R9zpVRSm}oZIY<+AXcR62?Q)d-v{P-D7vL)_ucG69+fHckf$673LDgdtqQI
zA1j8$LjFyMoW<?+*@E!?!funC$}jEUmo7mgqokyvWDm^a3H-FXIv_FMs2EY1_k3c$
zrhjCU*ZTP6Lx}6|OZ%wse-e600l9B0p-|p}Q&qZuou4Yd?ZkC4y>wb+yk8++RqLGF
zwptl*aCYrz8f||t;B(T$q$Vn#)Q`Ilth(rh2nkBIkn*X0d?m<g2L8ky>l^ht2|h7R
zhK)s96~A}PYG=Z8%zV?K))<ep{36zbUfTq>DFMB%fxc*okR#^g^M2m+w$4E$X|+j_
zrb~I4g#!V(8wRtt$EzPa{2cf8c%YC;3(f?`BcV+Fj&7nS%>%{Hem_;!uGe_~0qB!1
z-NFSv^Dg}@WYUHj++T{0_u0hMVNa?!xl*6N=Dhz~eH=jXQuDm(=GqgPZP=Q6Z`?xE
z70<fg{`#GE3YOm4r{FBNW!!XE_sVZ9UZK;MZ_&z-@bV!RZZ&CNM4wfznL<iR7tt<B
z`|k%$KOM{rs8O7S4Akn~LaS{fo<LO%OwT&vU4CO>9I7nknMrtfjeNsBvOI}a^?6CF
z>+jlEfAOUSZ+>W@`t5MPoYk8$Rt)-Fc$y#yU1>?t3<gOg82@H_8r|x41(sfYlbS0Y
zxmuka8W=FjWjEvu%_9)vV)h@Xb1Hd3p^q>W=ab9}av!4#Wqe$DlKS@h))_!XOnDpo
zrs(m8;veepZ=)0eSmf(A4F-OAXLMJBuRE|kjPQ~%m+(j`*x0XMv7UleA5?xQ(u}NY
zu%Bj-ebgg^&7Gw9$xJOAHlLJ%PYBV`nHb19V8g}wQfr#mMk^J0IKfkGdIraT(#oPg
z66MsYUV0mor;we3wds#xHVtIw5O~%k)bi2S=q+}Kb##Q&Kc5b|pc`y9Z4t)%cNr9#
zI}7#0w&PqZ*GDGr$g2v33)85$I7Nu`sHAp8hDU0dpfs26|47Md{{4CRM*=Dyg@XJR
zSd{taDSSJOqb*$U<@uhy;rkawelnvOds3w}BBjGUtGR@<r=d>63g;h(v%=|V{Uki`
zl(_L0+*(?sHi>ZQot&}};)Prvo=fv6J4!LF2hnyeVo0kC=@Iwh+6hpHwbgTe{q(8r
zRaLiG|AT8fVQO5$t<45b%c0Lc-=B%_4Lr|6lSPfR*PFiA`alQ=KiQ)K{{3!5__x)4
zR~IQkg$dyys-c@uj0mKP`ItM#2UqQJXwo|uG5LPmvtYp;k97XGbH8u$&#I|H1#v?;
zN5?F1mkhXjODS+5m~B%tjvQJ%nnMBN?fpwud73f{i|?a8%-0){Aw@bYdrIVf-_uQB
zAR#N=-_Mo5zuX_}9q_Rb$kxD4e??^Kpn%1Dl&)NRyJp|k+ej6u*(4d8N0;9t@LQr!
zqx|-fcbxEBO4=&$*Yx@mB#_^`0Rwh?+b*rv+4ZbMfnzgYgS!wo_$nAyGwWZTE(XYE
zNrp!YXHck%(`$*Xb90bB5q5neN@P#WD(N4aCsL65M)FtmFT2?NpMdFZ&U*$<>!ok0
zu^AG;_qge5p18Ng*J6LdS~ZL$udL`IhF@k!_&DKbeE%DSC2e{=fG2^(dt}0`?ij4f
zQfHbMCP|#Iu`%D$t=aN2J2Z=If=poyrx*?~=}466L14LAe#fc!@~CgDHY8S8b?M_f
zKPlv;YZ<Bc@!WWbRx02k_pUT?0bici_syq>0m{#6H4`88+8J;{?K=P5tB=={pQU%2
zANae<{#Bz!H=Lm)^~*X#DRTZNBV=SNG~+=-grBC{L&?enri=cN!TEWcAK)9y_jP%5
zo1ymXI72QW8Cc>O&wi>~6(O~@Nn0}YP{T#G5tBKxo9vodfl~s2!jCR+ATM|u3Kt+O
zb31x@zdsYE9^cqKexCZ47)#ptldVsPLFo`h%@MD5I$-r}p-5r+tFmFEX&!IWrsf|P
z?1936#i38aV`*z%&3@{R&J1pgZgtcZy~Nxz%{xW*xo^ra1#y4-LqTc#jf-kn`EO!K
z*8)72<!ql?rX)`vsA~8bVqfgS@`74$wd6Hr!Tk(GDe<GL10)B(bA(wQ|80P44Lm5|
zSC-_%Z%@2Nh{Q5#)RT+TJ}SyZg)~Qh-<qmbAictRN3L%(-uyW4ik*SQ-)@QG&3+d6
zl3Ak4W5H_2ipsK1Qp)&`1gB5myo4qxUg#?1iRrbxtlW*n$_Kd0UI_W}Rh-f|X~D4r
zd^q*5+`hQI{4iNcX}H#oU5d#c=To(+q!sD#L{k32LMPo7!~fCNR|VApb6X<^cjp|e
z_`%(+h2rk+?k(;IJ-EATad#{3v=pbfQ{25kf4*<#KHNKh9+EvPJ8Nh1lF4Lcr|Xv~
z9nV*|Ifhz3%`tv+@Tt?9yeJWZeQNWeHqdy)UA!2``nzmIr9byN<{r_vO*D!4=_=Og
zbu&tvrtp%Q40(7E89QzpToT~?{UgLZvtyTE&;?#%87NosAhKg-*pMO;x$DRgzJ)S4
zw-rc7r5;g$rZJ^X1Y+Peh^DoL*$2mo8llpKReXXGTN^qZpu`!*o-N|@v)remeK3n#
zInw{=@AOG)Bm)c@wIspD9ap9FN7JF0yGCMnSHA(gV&=7VA<NF?e-GBnpob(B+dUKd
ztQ8g_B;jA!3*BFRc}l{rqS_DoThO$n`Xf2%)Lfev6U_r>KXePX3$^0FhRTEUlWWLj
zu25X*eh(x2;2|<U)jYcuwYokp=i(VN-m$%1QKJksk+iJqp@H8LI1?!KMJ5F(v3$+4
z-(Ai`9%hv<3KqE)9#w586@)k#xS<#_qZpPvLyM^dY}-#*+x^9xC7-`xRJXegs^s{A
zL->4fg~7n6n5sI0+URztN5L;WD<^UKD;|57ct)UlHO7LiD-3DbYosYHr)5gjD+_KB
zOZUh;giPdqRjZdo881EUAC%ZYH(qL-OAFHYBeVdE!3(1%MPO(kJtULA{hyuw)ErZE
zX=<Qz{Y77xzk2K4)+^vyKMr@vgC<KRqR;X<Ej7v=%RGTtfoe;d0+Sgf*+PAcbf1=!
z8zHk;R)FYmLXs<pF-;~AZxjJOEZbQZg%6A0KdUTO<-m_2OK*oSQN_yzF=bA?3n{BP
zX9R5pj!|{e>=Tq|9pZvdi>Q%TC1g*A5kl|Xx8Eb5hF10d;z-5zaYn^!HlmD-+(}>p
zMvRO=;%L+H?<{q)v$MeQUmy7oeNS?Y$Z?I|={Bb`R$afPi%(6YS-_Lh`bg`E^jt4|
zQ2S+!+ab<?Q6ODOCxX^S%Hx}?SqWSGmx*v}hy6fLb>xS>RuZHeo=^zPi%=ylgTKMT
z<h|Oj(df3~?VbZqqw;GnEw%D=D<gDNlO#4=x6Zwfe|MY+9h)g|S}R&Fse`JGG*veo
zW&gN}CI5uWzbI4gn6u{r;;)FD%8z37!m!7`2mWn`+2tK4{kvHw^}%B4tA_QRIkqnX
z-lc_}awnQB%Q)m?ihkU6b)X$<Z$fVlrFGw@{Q;S7T3VYMfy`RF-im@v5eD-M&2S-b
z1pzvnSFB6L=JlM4BqIDIArymc7r#BWT1Bi9t}`tlY@uqtpAMiUUU7c7d+S487RE9C
z_wdf_m0*-m!H>sp!YWFiK$Gp;_UY%jhkqQePR}#OA`pmkZNk}LvL*j9IrgaAq$<J!
z+u6uTEt>9;rEFd?zg-?xWX%K}|K^{x;=ZG4Y17#dS#0!W@ykfw`G5h{ncJsNoO?j(
zgph9mSPCd6yqkwt6Vt3$V4^z~i4HaAx*xQpE%knKnpMJ%uE{pmc9az>FX)1@|I&)3
zj?6>0odh72i5n#DX!xWo`qWjG7K_ZXG{Ou+>a?~_z{(g=G*)O*5o_Ieyb#HEL+L>m
zyL*edDK~>Mt(;-$R+3R3SvP^oSaQW0V!1F7w$_J*>9u0af25Y;@fRuTSK+!^tQ(mz
zE2XSob-lE~-J`euZf~MlMxReCL2SdQysNh)3V9IAWvfUT$!=!(A360E!@uoIQbUSC
zV7K}7RtFepk8_K9;~ZWubNkZt1h8HFvY5yY!4of9P;pJ-FP=E&J?WhoQe<^gqf_Ym
zg!q~Oz4}WD{KwO&l=30|bzF6-n32I`ec_4VNfmgvKl6ztptMfJb4d>jb)Yh-o#W!X
z8Zm^K1~pG%8#pB6oN4DpzPEp0AYZg&8}>U@C$}8|ORDg<HxD;rTH)HCF<`fix{0Kf
z25)7;B~KwQ7ZffZz^QYpTHJRwl-L1sj(MXd)BL3}c*EbWnLCofNQj(HiRCTZj&3`F
zhG_+5EYJzo<I$v372-+`o5scDxwLG~4TltBAC})h#RoyH*a&3%E_~Y&l{<f#Y2DqN
z1>}M-KMiCkFfDKWlB%<+<SSA+GDG>3UsFb-25tVc-2twuWDN>}|A)CQ0<?>qHE+cm
zYTd5C<-9o<`&B?+qd_KX4P=ZL6_Zk0D`Q%|Rb2RHbIfaU=67O2mrjra>}_W3+kv=n
zR?MVVHM&o#I&ym@VWixA?Xk3tK+7m*K2nw7WpK?TEDAiQ3ul&CP=h=5Sm3~=bXA&j
ze$biQwsDzIt+;JR(2`wWIX>?EDN*9_KIbg*hAaCzGH9<!!h_;~)s$x^2MKLsViC>c
z{)UT&xX9b-W(0F?l^5PzfI(bR1w<Ow!&{O@DL?`22le2fy0o|0HtS~?B5lzO!Fd>$
z8tvHUKdwIC)aRHO5Wp$=#9yHD$n*mzduSquK_s6bqWH(LYkrl0T~*H|+;BYi6ML3!
zv<FMgei4&0J2<N5Sjq0rXl5>jLUskKslu{wCZ2(_1DH~ZQyI7!iW6m<2sv;(pG%b8
zdTE~z*cyCK1{G;E0a{3|QEMcc<Jcst_8L(6mWtTRl1~bz@tahscNfz+l@GN@fkRyB
zn))tgKlcMUbjh-`c}Cxrvi)_vyw#-qp|h98uV?LYp|*!VGKu2XO1w+S-SLKa@UC?A
zVMn%>8D=rx=gGT!3%y#cM~Lqv)H%c&=0)5pams>dEDh|xnWEV&`0rH&SUssae)s8H
z*d60n*f)JI>93|{g!D9GqM7$hbO~a_(T81^zd1YF=<$NW-t>x8KBHCbTA}H?x)+SH
zgUP0ZB$o;4rY#ClHO(8sOv`ly9)iqXr*MCklov&xM4ue-WP15?>Oz)@POYHa43Y$t
z4}T3IeBY?yCS78c9e%QsydWw6+}v%rF;^6#9AZVABR550o(5u^o?8?(vGFQhDA9fF
zLYg%&A1|yEt%AYauD>Gjlr%rJlr&IP%IZoUpXo6n%8i=u{!pU+H7g{+inGU==|Or-
zz@4<y9L#iLHb<SqvjTZT6G<}R7sqj?v*LL8mE9+EFBI3=WOc@>0gq&8+P{<SH%ojh
z?cQSTz(9$kg|-t{$a!{eFjtAgE>2{bRz6_Ynppn$HSy2K;dDzc4b2+%0tU&0Z#617
zjTV`T2DPN@cKX@t*1Q8ixn$mUp%J-OvVNCVDJDjnCjv*qZgU9OqHDdvN%E`iEFs0M
zNh*Su{RQ#yn&_a0#W$Z5-4dah$4a|%PLzF(9~LTuFKyp&A)eo_$H|5u>YVYdY;V>J
zB^`WQ|D>4I);Ur-*2x2UdQX>7U|Nl6>#KjO-SUIz*Y!~?CpwEwyEuE8n(i}hu^VY0
zXR^-HYziiMc>8$6dm&WYm-MW;#G4&s77aE(aj*_~zgy)+^#JlA3E>l^LEF}c<?Ox`
zC?^^(`<AA;3RDkars+OR0180k<>pm-4imr&LLbg15xGHKc3iF`NZ4J*al=(29CEsC
z(M$9Ob{rCl6YRC<i^!+dpQhg}LB<vA)ye#$GhTD_d(By`swe4qadd3a6kqWMwTep2
z>fUZH&|g?l3{9&;M}s9Yq7H3x>3p#K7~NNf_6_vx372gBzC?J=o_b*XxTK-@TyHT5
zx8=*L=iILY-b>FD%XT<tuLq>+!GCakuWi7q10eIJtU=q8!=-Ga$kR=ime9f*+=@<n
zE6vy3sKK+?#q|w)!LHavIr|$Hnh*C<;FFfmuUmo~-vpSd*=7E+D3?Zc*HsbfqDX&A
zB)ri(E_FJqJ{P=13QX;je0?SK!KI;w1h{>emg7}>r19vSQyLD$-0}9deC$eQprt?*
zS@Z4ujL*?sO`V^JKmPvLA8a)hj+RmA=O3FsmJ)P6AvtJ*<YU{3AArEBO1+xd#<R(E
zpKEOIzFrf~bvn*c^laTWoJssK%3A>->9|~wH&Ygzd$e?UFtsr;Do1#@Jtce}<Qw=i
z#>=^d+0Xu)naNgd&4QLQ3#y+;l(FW9{!f%7H^)nAl%^;PtYtx=W1DVnUVexNO&c8e
zc9<t)t-4YBR$66|y~rgz&DKxAV50)-r>+x3feF|+P3X!G=~E)Zh8rhjUvv2Hi`RUB
zSYMZ-IkTVx{AM|7<0aa##6s>H%oDfsag7|Te5D;k39w^2DJwu8avH%CDwaPJTTRk%
z*5Z0#ic0}uy!jxCevvJ+yTVB&RG+t_m1$Yu%2@UZC3_UqszQ17Io48YQVtED+!*<{
zo@-;|V{)++tH%y;_jWw_j&mS<CW0(ol}0-66;Jqu`~Y)PbxB^lo=Yw?oGT)M|B1x^
zlE|cR;d7sduF0`FB;xd7eSAJAo~N_cB5g%=dDU3<%gbRbLk!AXO|xiF;abTmZ!D4a
z(P{Qa)Nrv1eZOt^45Q3)f|?XxPtMFgTX`7B6xQXd-Sjh)_#X6y^*3f`6BJ{Tu&zw8
zEn^d5H5!}K-z3hJ=q6skO_g(+@Nt|G(s=hO3RIRC#V)pWkd0;Jm~Kqs?3ivfX?~Ji
z+Lm}VDryp9J64J&YW@;9!Ihy8*=Kz-cWwkGMk1Ln*Hxa}LPlK5_AO9zb&Ul}t_W7a
zMdB}<HT##eGE=EGCkg<K;&yY|sx=Wjq9tvA+8hAXGO_Q8@U2FU-~6*B2a{#4n?Jvx
z;)hQmn|JUd5aIyifm}e$3bSsRo8ZGZO}cTw@9VaEn1MPHqH!`E&ilAR=ru2MOhR_Q
z6zp!DZj#rdt_AsyO9+gm7@usTD<{X^C4w6YbzPF1GsisV#(uF<$=czZath)U#@_+8
zz3VC*CS|lgo&D9CzCDU9f4H}UH$1EH<3sq8K9R+0LXx81T-Ws*<lwm(865maRS3MD
zhkaovmPjT&BqXks=^|bZg91LlI~B0mS5j7fwrFHA^Qm;*krh??@;$UJP|{08Lz3hC
zV5R-^kYjSQr+8PdLVT#vE+)5cwg9I1Y8*d_Ld0s)N`RSZrtcvm(MRL=*7)ay{ASF$
z1&8UDZO92Oedq0t$rE1Lj2GQyPOn%d=JoDT@<Pjo1m2fCkUDN`7M?1qI9a+bR9bnN
z&Nigf)(!_Q;q+8YXtXgi#+KMQ?!k*{`erGJ4o=Qwsbmw=#Fa`2Yi0SSqh#g_m4Gj!
zixAcmKbGQ{W}n(X{!aT47S}CJ&L_M4W^;7pWJspCu}iG<w3mkJA^!~_Hv;{N1c{QH
zXp_{W7sGbBV>8JQ<sy4D*hTe*_gr(TvnG$Dhwa$NVkzMW2tN|&IPw&1GRF$mW<~kH
zo^am2`q<yk@)bM<44g0(-!DoF0ez;w%)V$Y12eg6`99i{BgKe)?JrkqUPX?j%%U13
z$%KeZvoeB`kGmAr2MUb|Q4Goon_Laaq!DZabH?I+StBqvRD#w+8s#U4Lialrv^U#q
z4A_#rg>7I#JoHAps=m=-#FlLeK0J9-HmrhMuK2-qVb37z8q8G%VuZh5dqTed+Fv}r
z1j&3HjeIyInS$3)I)a`zCRgwx1vRR|Jwlpm>@DTXkkm<(CVrA};&tJh#~w+?ODLgE
zQKoj$!D|{~^oApj#h<np{1c3GXbvGSLs7afPv64zNeM=Q`6CS-2=p9aWrxuMYZC>g
zCdY;&Gb?E1fFN-VzcHc)`CJ;1k!#_bbIMh8e%&wE3h_kSwCC`vd@%6(tC!V4dJ2g}
zD9Aw<I<`;k2c8B7jYgYCE{`n8lOS8U*O(8To=$$@LDQ)gXeg2}#4x5q6E6EUjM{?|
zOLP8B_CYPZm~PRw>6EE#waXiaLa_GWMTCjqSVD2uoAPDGWH#EVZz`-PO%LfW1u>(l
zbM`Q)H1H@Q#*>YVhvh(^Z|%s8*A=pfE2%3ZOY*opq29~wxeXRogz;qZ4=#NXUNE&b
zfXdDJE(#Gjp8c(_oTE}=%2e$B>GeRnJMoob=sP)vQAWN}8?qRk=P{wTufxSx*KNh=
zZUsWarASe~6sb`LjU#Nqx<e?#kK|Upc}~?41;^TH;!QYTS7K8(-s=og^JGXd;a&g6
zjUEnl%z*o!8QFB0JW4VyVx03WN?t^a14Wfe_^KZzdU7>GVV8kuki62i#N-M&^*%%K
zFBXf$WU*@b>uMH&XhY(xBHNpBi&6??#IJ5974Jth-|TpQr<+iJc>q*7Pr>>*Bhg`F
zH9yn<W*_xNDfs#x_8_}Jj19tJ`gBzo!mHRuxcb?2iE)O%9ZfwpmpKYqiy%bH3$1&c
z9*R}tKN!2%yh@`Qt1!;#0`r7116C$bYy%+_cN+jFzmM-bOi#;GTYb~?e~d`3#ire;
zn4B#r<e*WGC+!WuvbT^)&x^9ISvp~vm+fG!zc${Z+Y+j%suL?2e}HH&X&*w%628zX
zjXs#DPl{)ww<|b7JEZ=oCnu_nz%J@SahG7J$erv56vvVhhDgq8T9JCTSYv2JOcwHr
z8I2)2q~Doc7MSI;k~mX-7!}m?^hNBBRbI};Nkc)u;ql>Nheh$Jn%D3HcSqY~zWCOm
z+J~0Fa+PT1&g+FHUeSDHHyMwL-Ba)q>p^(7P-^~y`uRasp$Qo(xAb5~t=0Gwq}`t$
z$O9mR(1tE49vv)@zl%a|Jyw5dxETeC*GL0(>bDo8L~q$sx-qYw^!Aro5@A87`diu?
zySpb0_@Flvy-zbmG;A126t<{Gs!UcZhSE2~9IRx}iREym#_@KA2-F&O*bh&MMYV&0
zZvz+W0jyiR0};wd#OlCfoA8*mjjJHNW&3#|@j0uPsYcEoK4sfObd=e9Oid<(Bxqwg
zGcN!LnfpN5m^85=CTolSf;@Lc+|HRjqavSDA#N^h&>o+ky5*j3D+<rrIs}Ro^0yki
z0yOHZ{k;@c>u;N(A5D(bzW_bVO2G@nf74Qpl4bN#$1|dSM*o}Fw-*SOkXH1>12NHK
z-W26dM2>cYRRUtHYPQ&CBF`&nW*e`o5<&+d7QepOxH$(l$Dn@pB5_Q|(A$kk)l?o+
z|E*8xPD~<}nZ}Fth)&Szxn<A5qbJE7=Tb~rNn_XZ42A{Kh*90beNY}wv6AuK=&$3w
zEWP;UT=c*<^E3~$%sBf;Gm_6zKl@X5KaTupqZ;qU_DNUOgXc%g6S~}8Z^6$vdlsmx
zkYB&MLJSVCNEEQyLBxkvCN>;C^}w{o1Zi|<rRE7$wBN2X_7Od1WD6BqgWo(kUH)dy
z#2Q9B7x(8y>9K5Cw>FWR7irPOI29Hdi@gM^`xEv*fJkrxIjHeW_A@iA_XVF<l_^AD
zU*@`UT5&n>cj)M9fVGQX*EF96OyGpgAR4`}*OGh^{A+w4TSvaQ+vC<B;2O`f_gY&<
zOF91Fma?ZLCv&t<k!(eAMuDnrA%#$F2`4&GtySQhwKb{?7E4iNqxL#tR}g9KlIaCg
z3Xl*AaP+rW)r?-%8>M9)>!QWR6}}z=XReBkj8__icI#g8DpS#9_#5amR26BeAovso
zgH&H(r!k~F_#G~<v6?`v%)Q~YNngiQ^9%hvmke$FoF}tO5qt)N<TKO7U6qtdH(r@5
zF1dvR+!#JUG1Cd~nEBSI*f-zhm;G`ztHF8Wk3BU$RH5hJfS6h+-GQwb`3gzd*H$qp
zWcz%;6F3$*8;;=y(6s&^^o5Ri2(So#C)j9nLqrb#kF?1M{hVc|4r)h|EuFRPqODl8
zPX(tjDidwI!yo#&!;Q8fEq4&f=AEC@!0x;pcf0*8_)#?t9WOi0vP$#I^p1eU_?c?0
zl4C$%%@>1l#9}4GS0%`Ly6`=nI8oN~`t9zykV2Y<*Xm`lz%EMWxB)5=1edUxAdgGq
zTuR1}k?uUeY>$|4gw@c>5fAsteM&Xnciy^q?XY85x_D>QB#*^sJEsu0?U$YIZWO%z
zbOCE7MOuH=*!bsm3gW~s4oIwI)X<-gy5U&kX!Wfghzd@+X>NRZ3L(BG_HQOzug}{=
zw>X*fJKEGp77~|l&LPdT5Xs0AJySagz0d#3Qe`YfSvCEX&G)Rs3c;YP<wMKlLe4e?
zt%?zm{x^d6gY&?MZ5*#UX}#_-`|ROkBB|p*n8pDdYo}e{_9Uv93vPNRFb`7T$+@@a
zWhl*x(3^<%eqT~vswguP>8f?TN?1lj?AbMR@9G+eeaZ5^i*!^%@XU()U98#4`Aqx>
z?)UygMNhXsUZpPy%;hUMk_7nL9V;HtF^GEe-81*7pFKSZaf^IsiUtIHO3Y~eL}u}f
z-!JFnD@@<zL-LvtMhUWR7knB+_WdN2J13(oX$K-;gEib3P+4`LbgC`tY?;Hxk`57O
zi|s~w76{hWYpw5wWO3LFpBll<2T{zw;-EroqN-BscOnI|WK|`J_~xoy(NBs&krYgF
zNorVjWKLpOn^wR|FN!7?cYQV8RQ5JUx&`)vP$!sxwWCy$K#G|nWSMXH=StEsE&((r
zlpCLRw}*<eKvS7xAvd@+iGrX`iPnj!8cUp46Muuv-9%wX_-4Ww``psFMt3|4+r!=R
zn#!=%Rq<k5(DJY9@aGH(a%q$c)6gN9tHxXu!_<fA3;X#CP<L$TxJp_!@?!(FpM1(B
za(dwt7Xn-|4NqDY=GI&_ey1m0YrGsU>;$87%k1htkK#+IV`2lrc|%iPp~i!K98$oo
zLmjo>-z1szej$K3EK52-7$6E6umF#L$H0sBw~#vJ!FknNyDMptU1HRg^Vu~855!7~
zb0h=vaE`CINTAJdxH!TNKvY-fhcYorcY!fFnhmd^S*a~~*ui@Z1qN+HC1X`Hs*T&%
zrv-v2eYM^Uiv49yx%qu<W~QcobV6tQJ326Eqe5nUS7=YeVE5|X0pjm9(~?E;4LSb9
zx0$P5A}njCqzK{(<%_5$MCTH8g0lQzC<TibDk#7ssjOgo6g@8(n(w~DVDkv1@gOiC
zoVldN4xfpz(oI)P4kK0q+Oc2Y+><Rw*ebjr4<vJZ$ACSc=D4CpRURFRXB8&H6Pvws
zQ+O#KoO=hcl}B$Ogf>GB85?k!{DgR7<X16N^MB9@qT04Q+I>!jW#$bCA}eK0(A^_n
zo%xi2coJI;7?bP+p6$=#j_MxQ0%o-|Biag!^2^9A;_43YV&cWkF(~TVk>8y&|I~7O
z<q_H{$&2Uo!anUv$H4~Vgk^R8MFPa8P$U;7WEI9T5K62=bahfCO?Y~5l5J_l$ZtT;
zEzjG%0lw*@y=CJMy~N{$S53Wh7j(rJ560_d0skWGhm2{Do&1?^Djic$$ORa8p{Wzs
zZ(5+bXns_+-<7d@(N4$si|zceM>R32Kdu8xkXcz)8W*T5{JW~dP#$x*@O1-lGG4rw
zK1PpgHze9~lL>!6qTBlQ^Pan(s&wvkGdP12%9&+XHN#Fkv1oiJ%1(5?vi^&K)QO-J
z^~4dnGU?mKmHt%}U<7d)+L_4bcFZT(%4Jn7rx@c_3aGYK<}(BC(+r=vE?C*5x;Aj$
z%!B{fH5B2cE0-oH{Fr7XFvFj2Po>*x>HS<O8T2VGPno9pC9_rojgCpVY;N_0q_Of|
zK%##SbF5r6+_{(<qme%O(?(fsI4xN{^hhiINgxOOgLG!V!dh&yH1X<teT(q!PxLAf
zb3<Om(HpZo5$Z0^A>x*Faa_HO*ydG4Vd=HUskxrJ>4WOR)Rqdn%s*7%$;-Q*SRy?^
z3;=?>;dCgVx1{G&P>TiMy%0Yw=jM^@rW7J`(fX*`81ujpfNeuxPGte&EGsm^WX?XE
znfu!CWBFUcI3FNBHy`>U&EdJH)f01q+-#hQ8O`$>^0x*xP6#u8E)4TLPcqQFc*kHI
z61HSj=^=pGm4I@LVr?+9DTRHUVKZNy3Zqm@7`G$*ew<Im_iMO!iboR#)cWoehEbb?
zTf5iejZC~x1TkX8Ogo&dFRKXT&OEtrw6jx058sKHlDVd}r-v1t8wiKxX4#*T)1<Lf
z0^Ih~JwF0CAbxy%qju0hm49|De7T%;A+{yfCMQG;Kn5<6%%1BiN{jNAZmhyZU4D6?
z%u1JtTb$Pu0gluS6jbXDOIB6Y0hj?hmrT_GavK5n`;Y%BaV%DCgE!x9%oFNYQVIpH
zjWC!fuGGxNu}q!B&3C1(@6GH_&@pd#+2aw1<4aEwAgLuTswp61-H*~&=8S(uo=1NA
z=LkV2<i^`W!ut8tPR5p4@@0(ufATjo6^G6aN6mf^xJnuPaEF+tLtK2smwHRPdMCxl
zh;=Bdq_NK~qn)&Fl|K)k(R#@!#lSP!JYwhPj^|QuO{?Qa{J_k#>l;*5eI*qWZ8?qo
zbd~wa#HX^9J;*3hj9|NChP>{^i?A-P7f4ILa<o@OYRffAgCzK2x7}eT05$&X@FHtm
zIV4bZDjwx5G=1X}U;%PFWDPEQ2{w6}86*NsMxyla|K{s^M$`*vojP3Pl??HN=bl1%
z8?T%V5r_2cD2#MtQkv1vnFnZP#I?-YY{K05fQQ?q#Tw6M+kt8oWNXwX68SO5@duq$
zErzA&-wGIVCS5RMfHP#OA^{UB1kaX%ocPhAU$l-})pGg{a3L7y7%C-+v=~bU)jJk*
zhKQqrpkw_HGT#X{VPY@i7=yUhaIO#3p+$3D)LMmGQRMS(=lgDhC&J1=MzxEN!{rnB
zRtMAGGpj+xj6abkanhQR4^0DdY?VdtDEhFc+oM|vl>_uK+H20IC~S8RLlXqwoSt#m
z=8xs0=_uO8+aLoZTWT=uvR9=x3p|Q}>1LY1Q++lRB5J4MYnvD6K=rf!{M0yAkGdI|
zP4cQ0tN6u~++Rm3noyS&%5}Tth3!v{j){~QeJZ|xbwPb`flm8ntJ@d}P14PS)4TF*
z{Uj!izAG?o4b3NxZkh-L9ocyb&m;jKqNEO4hDI#y@gdY&j3F1*hNt%)Bn5wZLXFMj
z!*&s!VyNM>BqSj48cx0H5b#gQ!9D49Oj7!;0?ETZkmN_+ph`G(DAi7UT{WjAn8JzP
zw8r2|Lh@N8D0T1(7Omw7BW9+Kn_H=SLUuF@AOy2prcGn|)Erj%m$D;OC<)G~>BrVH
z`~xprCq#XTJp(S>8#DG3+JPdFF(KZs_www@AF+OGO7N!|m)Lfxs8}LkOeNBfZuf7i
z3xw2IZy&_PULf7nIJAeW7Ggi4!oODba}T!@J7iFL__0}#Y9Xo6=Mniw+w9ig#dNjL
ziE?)>Pj4#v?Mtu5oe0D$ZBX^5{De#P5v$*QTaX2#a~y;c_^Iv~_n}c?nSsXaNe34A
z-@ix_UN>+;)7?WlH%E0$fOY}C!A69t`m~3%#0fW-!{HP}D~5Vxv&8q9p2QUvA#Ahv
zdwd@*SXy|8=NlHKWD>+AI?i)h<<<PzO!}+&cuo1eggG@%H(>vGonemEB2EK@@KNGB
znjv>_zLM5~T=R#bzfn6AQjOAV-fDTj`vX>>(DC@EjB;~@<C`d7qeP*s7F(-s3ez|p
z=<^y|14j>R>bYZv1RG)O1^&wccDH!lOt=H7omc$f3t|{cEIYHFjq08zY)`j~wNvO(
zXs~JUKz(bFm|BlMuYfLz`GiWfujXCFd&ZYht!P-oRPfTeNro4pI2Q4-dzaBQB>uOc
zfErozR=I=nD<%k2ENiYGs9)tE96)RCo}+;%kKh>2js!~9$^@C9fkNrke`5AqgowHW
zS1sU-qr~?rD<p7BbQ#TrzUb6pEfm3ZMo@Eo1$Pdh#qyxC?K2KDgFn`zOqg1iLoC*V
zT!UpqQJf}aB_wuj?7mJLkbMfl!Xp(@9U6yy*kR{tMqv`=w=8$`H-LZtTZ03?Z3EcX
zRcOl1JhB&hEL2A%8DgQJiy3n3)Txp|gw9hFAGqw>uT6L5l`2Q+${BGKTsXxOn<X`z
zF)Iv9U>-Hs5ZKac+VmVeGMKR-3@J?K#{;RWjuK4G43PY@Q7GF1|E)yS?M=8FU9^M}
z;^<#_Yg(~DzYw9gX@_LU|B(6k{a>DaGy`zgy<cUvQ{9uh(8=+fDJ$7J91Xg%K$gM!
z+|G2i@1o+Exf<E@I?kG0%DPHtg4$DaY=u;F1OGL#cHDrcX|jrmCjYYpJ7m7=Jn+_#
zob|xt3Q?mrUt@lI$3k%F6v`^r*klNqUXnw;FbD`OJIUz`%d0-d72@a{{nD>8^L(ZA
zm}x>DAI9N{a=?t9S|Nlj8x;9HR^jMy4GsD{ClviVk1>n*D3W7>`y=#vP8v3+k7SZ(
zgg%_euzRaq`MbYxgywpQtI&^YG}xhE2G@so@x=$tqeW=8)NfZR>hJ0f3QOV%1+i?O
ztFYwkIOyT+zqfy||4a1RW+?+0fQNsVzqT<d0FV&=W2JMe0uKHQk*NV@VgCzVs{@Yy
z3vFlslwsi+-@Vwi075A5hBkQ&#ut=yH!T3~fAJbE01512`nVQ=>ccym_Sr~*`}YNS
z7;Xz<7~*%a?f;a(peE$xX=D(yiaabFKK%brhYNtA{vYr6HW0RSBVAP+z(M&R+HW3`
zZ}IRjFyp8&|A#g}0+2j|jGx}74Z!*D<R`TOB)SsP02nU^Hdi-q2TNC0FGq*}8@5gQ
zB&zQ{3?Up04BGz+tEd2gF?O+ZaAjltPyK%eri<wSNZ@!C(+zY0WdDul_a6XFIXzPc
m0RHb1eA_0`p@4;fF#*89;QcS^2j%o_9RMw&wCZ~o%>M%nuZN=m

diff --git a/workbooks/alz_checklist.en_network_counters.json b/workbooks/alz_checklist.en_network_counters.json
index 4102214c9..b7ec6132f 100644
--- a/workbooks/alz_checklist.en_network_counters.json
+++ b/workbooks/alz_checklist.en_network_counters.json
@@ -778,7 +778,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query9Stats:$.Success}+{Query10Stats:$.Success}"
+                                    "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}"
                                 }
                             }
                         ]
@@ -797,7 +797,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query9Stats:$.Total}+{Query10Stats:$.Total}"
+                                    "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}"
                                 }
                             }
                         ]
@@ -835,7 +835,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}"
+                                    "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}"
                                 }
                             }
                         ]
@@ -854,7 +854,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}"
+                                    "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}"
                                 }
                             }
                         ]
@@ -949,7 +949,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}"
+                                    "resultVal": "{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}"
                                 }
                             }
                         ]
@@ -968,7 +968,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}"
+                                    "resultVal": "{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1063,7 +1063,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}"
+                                    "resultVal": "{Query9Stats:$.Success}+{Query10Stats:$.Success}"
                                 }
                             }
                         ]
@@ -1082,7 +1082,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}"
+                                    "resultVal": "{Query9Stats:$.Total}+{Query10Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1120,7 +1120,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query22Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query17Stats:$.Total}+{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}"
+                                    "resultVal": "{Query22Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1139,7 +1139,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query22Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query17Stats:$.Success}+{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}"
+                                    "resultVal": "{Query22Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}"
                                 }
                             }
                         ]
@@ -1213,7 +1213,7 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "07e83af3-57c9-40e0-be1c-1cc73dfe8820",
+                        "id": "ee2833a1-a75c-46d0-9b99-90995ba5ac2d",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Virtual WAN ({Tab0Success:value}/{Tab0Total:value})",
@@ -1222,25 +1222,25 @@
                         "style": "primary"
                     },
                     {
-                        "id": "b6f41a58-ac9d-4e51-98c5-ea060e0e09ce",
+                        "id": "b73505c5-c836-4793-b4cc-0236113e73e0",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "IP plan ({Tab1Success:value}/{Tab1Total:value})",
+                        "linkLabel": "Hybrid ({Tab1Success:value}/{Tab1Total:value})",
                         "subTarget": "tab1",
-                        "preText": "IP plan",
+                        "preText": "Hybrid",
                         "style": "primary"
                     },
                     {
-                        "id": "bcf151b8-7eba-42db-b445-a91e287845c6",
+                        "id": "ea28203e-7116-4743-8e69-0d185dfce42a",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hybrid ({Tab2Success:value}/{Tab2Total:value})",
+                        "linkLabel": "Hub and spoke ({Tab2Success:value}/{Tab2Total:value})",
                         "subTarget": "tab2",
-                        "preText": "Hybrid",
+                        "preText": "Hub and spoke",
                         "style": "primary"
                     },
                     {
-                        "id": "286405de-f504-47d0-9a2b-7b1771b5931f",
+                        "id": "aa790c2e-0829-4799-83cd-0af9e9c94d32",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "PaaS ({Tab3Success:value}/{Tab3Total:value})",
@@ -1249,16 +1249,16 @@
                         "style": "primary"
                     },
                     {
-                        "id": "10ec320e-1bdf-40ac-a43b-ffbf9b7a53cb",
+                        "id": "fa4f2eec-c68a-4bad-a29a-c929d9772e42",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hub and spoke ({Tab4Success:value}/{Tab4Total:value})",
+                        "linkLabel": "Segmentation ({Tab4Success:value}/{Tab4Total:value})",
                         "subTarget": "tab4",
-                        "preText": "Hub and spoke",
+                        "preText": "Segmentation",
                         "style": "primary"
                     },
                     {
-                        "id": "715c5a5f-3938-47c3-b862-ec58b694f66d",
+                        "id": "6617fd8e-0e9b-4e9a-9562-06263cd9a56a",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Internet ({Tab5Success:value}/{Tab5Total:value})",
@@ -1267,12 +1267,12 @@
                         "style": "primary"
                     },
                     {
-                        "id": "9b3b5315-4c94-49df-8e65-9bfde53efd4d",
+                        "id": "41eb4342-7f1b-434c-847b-d5f727276038",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Segmentation ({Tab6Success:value}/{Tab6Total:value})",
+                        "linkLabel": "IP plan ({Tab6Success:value}/{Tab6Total:value})",
                         "subTarget": "tab6",
-                        "preText": "Segmentation",
+                        "preText": "IP plan",
                         "style": "primary"
                     }
                 ]
@@ -1372,22 +1372,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## IP plan"
+                            "json": "## Hybrid"
                         },
                         "name": "tab1title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext9"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1436,20 +1436,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
+                        "name": "query4"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information."
                         },
-                        "name": "querytext10"
+                        "name": "querytext5"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1498,42 +1498,82 @@
                                 ]
                             }
                         },
-                        "name": "query10"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab1"
-            },
-            "name": "tab1"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
+                        "name": "query5"
+                    },
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hybrid"
+                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information."
                         },
-                        "name": "tab2title"
+                        "name": "querytext6"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query6"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext4"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1582,20 +1622,20 @@
                                 ]
                             }
                         },
-                        "name": "query4"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information."
+                            "json": "Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
                         },
-                        "name": "querytext5"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1644,20 +1684,42 @@
                                 ]
                             }
                         },
-                        "name": "query5"
+                        "name": "query8"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab1"
+            },
+            "name": "tab1"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Hub and spoke"
+                        },
+                        "name": "tab2title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information."
+                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information."
                         },
-                        "name": "querytext6"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1706,20 +1768,20 @@
                                 ]
                             }
                         },
-                        "name": "query6"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
                         },
-                        "name": "querytext7"
+                        "name": "querytext1"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1768,20 +1830,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query1"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
+                            "json": "Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
                         },
-                        "name": "querytext8"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1830,7 +1892,69 @@
                                 ]
                             }
                         },
-                        "name": "query8"
+                        "name": "query2"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information."
+                        },
+                        "name": "querytext3"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query3"
                     }
                 ]
             },
@@ -1934,22 +2058,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hub and spoke"
+                            "json": "## Segmentation"
                         },
                         "name": "tab4title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information."
+                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information."
                         },
-                        "name": "querytext0"
+                        "name": "querytext18"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1998,20 +2122,20 @@
                                 ]
                             }
                         },
-                        "name": "query0"
+                        "name": "query18"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
                         },
-                        "name": "querytext1"
+                        "name": "querytext19"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2060,20 +2184,20 @@
                                 ]
                             }
                         },
-                        "name": "query1"
+                        "name": "query19"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
                         },
-                        "name": "querytext2"
+                        "name": "querytext20"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2122,20 +2246,20 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query20"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information."
+                            "json": "The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this."
                         },
-                        "name": "querytext3"
+                        "name": "querytext21"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2184,7 +2308,7 @@
                                 ]
                             }
                         },
-                        "name": "query3"
+                        "name": "query21"
                     }
                 ]
             },
@@ -2598,146 +2722,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Segmentation"
+                            "json": "## IP plan"
                         },
                         "name": "tab6title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information."
-                        },
-                        "name": "querytext18"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
-                                    },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
-                                        }
-                                    }
-                                ]
-                            }
-                        },
-                        "name": "query18"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
-                        },
-                        "name": "querytext19"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
-                                    },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
-                                        }
-                                    }
-                                ]
-                            }
-                        },
-                        "name": "query19"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
+                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext20"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2786,20 +2786,20 @@
                                 ]
                             }
                         },
-                        "name": "query20"
+                        "name": "query9"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this."
+                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext21"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2848,7 +2848,7 @@
                                 ]
                             }
                         },
-                        "name": "query21"
+                        "name": "query10"
                     }
                 ]
             },
diff --git a/workbooks/alz_checklist.en_network_counters_template.json b/workbooks/alz_checklist.en_network_counters_template.json
index 4a5f50c5a..147b5451e 100644
--- a/workbooks/alz_checklist.en_network_counters_template.json
+++ b/workbooks/alz_checklist.en_network_counters_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21Stats\",\n                        \"type\": 1,\n                        \"query\": \"Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query22Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query22Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query9Stats:$.Success}+{Query10Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query9Stats:$.Total}+{Query10Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query17Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query17Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query22Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query17Stats:$.Total}+{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query22Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query17Stats:$.Success}+{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"07e83af3-57c9-40e0-be1c-1cc73dfe8820\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"b6f41a58-ac9d-4e51-98c5-ea060e0e09ce\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan ({Tab1Success:value}/{Tab1Total:value})\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"bcf151b8-7eba-42db-b445-a91e287845c6\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid ({Tab2Success:value}/{Tab2Total:value})\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"286405de-f504-47d0-9a2b-7b1771b5931f\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS ({Tab3Success:value}/{Tab3Total:value})\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"10ec320e-1bdf-40ac-a43b-ffbf9b7a53cb\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke ({Tab4Success:value}/{Tab4Total:value})\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"715c5a5f-3938-47c3-b862-ec58b694f66d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet ({Tab5Success:value}/{Tab5Total:value})\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"9b3b5315-4c94-49df-8e65-9bfde53efd4d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation ({Tab6Success:value}/{Tab6Total:value})\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/app-service/networking-features) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over protocols not supported by application rules. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium for additional security and protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21Stats\",\n                        \"type\": 1,\n                        \"query\": \"Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query22Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query22Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query17Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query17Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query9Stats:$.Success}+{Query10Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query9Stats:$.Total}+{Query10Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query22Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query22Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"ee2833a1-a75c-46d0-9b99-90995ba5ac2d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"b73505c5-c836-4793-b4cc-0236113e73e0\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid ({Tab1Success:value}/{Tab1Total:value})\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"ea28203e-7116-4743-8e69-0d185dfce42a\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke ({Tab2Success:value}/{Tab2Total:value})\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"aa790c2e-0829-4799-83cd-0af9e9c94d32\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS ({Tab3Success:value}/{Tab3Total:value})\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"fa4f2eec-c68a-4bad-a29a-c929d9772e42\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation ({Tab4Success:value}/{Tab4Total:value})\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"6617fd8e-0e9b-4e9a-9562-06263cd9a56a\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet ({Tab5Success:value}/{Tab5Total:value})\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"41eb4342-7f1b-434c-847b-d5f727276038\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan ({Tab6Success:value}/{Tab6Total:value})\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/app-service/networking-features) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over protocols not supported by application rules. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium for additional security and protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/alz_checklist.en_network_tabcounters.json b/workbooks/alz_checklist.en_network_tabcounters.json
index f1d3ba1a5..bab6ab57b 100644
--- a/workbooks/alz_checklist.en_network_tabcounters.json
+++ b/workbooks/alz_checklist.en_network_tabcounters.json
@@ -70,16 +70,16 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "34d85edb-5614-41cc-921e-6d8799f040ed",
+                        "id": "99f6ced1-3725-48ff-9c2b-204ef4a1e6c8",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "IP plan",
+                        "linkLabel": "Internet",
                         "subTarget": "tab0",
-                        "preText": "IP plan",
+                        "preText": "Internet",
                         "style": "primary"
                     },
                     {
-                        "id": "5b00ddc3-d5b6-4b3b-9940-58f4b0e1e31b",
+                        "id": "48149b48-5e11-4480-9f9c-10930e974e00",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Hybrid",
@@ -88,48 +88,48 @@
                         "style": "primary"
                     },
                     {
-                        "id": "10700cc4-a0e1-4175-b40b-a1ba29983df6",
+                        "id": "dbf08e56-7960-459d-bfb6-940ba2d85825",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Internet",
+                        "linkLabel": "Virtual WAN",
                         "subTarget": "tab2",
-                        "preText": "Internet",
+                        "preText": "Virtual WAN",
                         "style": "primary"
                     },
                     {
-                        "id": "7f31508c-63e9-4612-bb80-21daf3d5c7b7",
+                        "id": "8db67660-784b-4bd2-8539-1fea260aa601",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Virtual WAN",
+                        "linkLabel": "Hub and spoke",
                         "subTarget": "tab3",
-                        "preText": "Virtual WAN",
+                        "preText": "Hub and spoke",
                         "style": "primary"
                     },
                     {
-                        "id": "37e10656-8c70-4bef-81e1-63be8f4503d9",
+                        "id": "5b9d8901-5308-4fe2-a83a-ec520bfbdca2",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Segmentation",
+                        "linkLabel": "PaaS",
                         "subTarget": "tab4",
-                        "preText": "Segmentation",
+                        "preText": "PaaS",
                         "style": "primary"
                     },
                     {
-                        "id": "6b9db623-fee7-4997-aa68-e3871ed06131",
+                        "id": "6b75031c-69fe-4b0f-a48f-046c6aa0147c",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hub and spoke",
+                        "linkLabel": "Segmentation",
                         "subTarget": "tab5",
-                        "preText": "Hub and spoke",
+                        "preText": "Segmentation",
                         "style": "primary"
                     },
                     {
-                        "id": "85482b61-4c03-4527-aef7-823e11ca2196",
+                        "id": "07aeb181-fba3-42c7-a108-4dceb64b3198",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "PaaS",
+                        "linkLabel": "IP plan",
                         "subTarget": "tab6",
-                        "preText": "PaaS",
+                        "preText": "IP plan",
                         "style": "primary"
                     }
                 ]
@@ -153,9 +153,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query9Stats",
+                                    "name": "Query11Stats",
                                     "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -169,9 +169,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query9FullyCompliant",
+                                    "name": "Query11FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query9Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query11Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -181,9 +181,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query10Stats",
+                                    "name": "Query12Stats",
                                     "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -197,9 +197,121 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query10FullyCompliant",
+                                    "name": "Query12FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query10Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query12Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query13Stats",
+                                    "type": 1,
+                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query13FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query13Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query14Stats",
+                                    "type": 1,
+                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query14FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query14Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query15Stats",
+                                    "type": 1,
+                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query15FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query15Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query16Stats",
+                                    "type": 1,
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query16FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query16Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -220,7 +332,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query9Stats:$.Success}+{Query10Stats:$.Success}"
+                                                "resultVal": "{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -239,7 +351,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query9Stats:$.Total}+{Query10Stats:$.Total}"
+                                                "resultVal": "{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -273,7 +385,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## IP plan"
+                            "json": "## Internet"
                         },
                         "customWidth": "50",
                         "name": "tab0title"
@@ -314,15 +426,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information."
                         },
-                        "name": "querytext9"
+                        "name": "querytext11"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -371,20 +483,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
+                        "name": "query11"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over protocols not supported by application rules. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information."
                         },
-                        "name": "querytext10"
+                        "name": "querytext12"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -433,305 +545,37 @@
                                 ]
                             }
                         },
-                        "name": "query10"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab0"
-            },
-            "name": "tab0"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
+                        "name": "query12"
+                    },
                     {
-                        "type": 9,
+                        "type": 1,
                         "content": {
-                            "version": "KqlParameterItem/1.0",
+                            "json": "Use Azure Firewall Premium for additional security and protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
+                        },
+                        "name": "querytext13"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
                             "crossComponentResources": [
                                 "{Subscription}"
                             ],
-                            "parameters": [
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query4Stats",
-                                    "type": 1,
-                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query4FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query4Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query5Stats",
-                                    "type": 1,
-                                    "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query5FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query5Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query6Stats",
-                                    "type": 1,
-                                    "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query6FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query6Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query7Stats",
-                                    "type": 1,
-                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query7FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query7Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query8Stats",
-                                    "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query8FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query8Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Tab1Success",
-                                    "type": 1,
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}"
-                                            }
-                                        }
-                                    ]
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Tab1Total",
-                                    "type": 1,
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}"
-                                            }
-                                        }
-                                    ]
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Tab1Percent",
-                                    "type": 1,
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab1Success}/{Tab1Total})"
-                                            }
-                                        }
-                                    ]
-                                }
-                            ],
-                            "style": "pills",
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources"
-                        },
-                        "name": "TabInvisibleParameters"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Hybrid"
-                        },
-                        "customWidth": "50",
-                        "name": "tab1title"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab1Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
-                            "size": 3,
-                            "queryType": 8,
-                            "visualization": "tiles",
-                            "tileSettings": {
-                                "titleContent": {
-                                    "columnMatch": "Column1",
-                                    "formatter": 4,
-                                    "formatOptions": {
-                                        "min": 0,
-                                        "max": 100,
-                                        "palette": "redGreen"
-                                    },
-                                    "numberFormat": {
-                                        "unit": 0,
-                                        "options": {
-                                            "style": "decimal"
-                                        }
-                                    }
-                                },
-                                "subtitleContent": {
-                                    "columnMatch": "Column2"
-                                },
-                                "showBorder": true
-                            }
-                        },
-                        "customWidth": "50",
-                        "name": "TabPercentTile"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
-                        },
-                        "name": "querytext4"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
                                     },
                                     {
                                         "columnMatch": "compliant",
@@ -763,82 +607,20 @@
                                 ]
                             }
                         },
-                        "name": "query4"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information."
-                        },
-                        "name": "querytext5"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
-                                    },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
-                                        }
-                                    }
-                                ]
-                            }
-                        },
-                        "name": "query5"
+                        "name": "query13"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information."
+                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
                         },
-                        "name": "querytext6"
+                        "name": "querytext14"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -887,20 +669,20 @@
                                 ]
                             }
                         },
-                        "name": "query6"
+                        "name": "query14"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information."
                         },
-                        "name": "querytext7"
+                        "name": "querytext15"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -949,20 +731,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query15"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
+                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
                         },
-                        "name": "querytext8"
+                        "name": "querytext16"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1011,16 +793,16 @@
                                 ]
                             }
                         },
-                        "name": "query8"
+                        "name": "query16"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab1"
+                "value": "tab0"
             },
-            "name": "tab1"
+            "name": "tab0"
         },
         {
             "type": 12,
@@ -1039,37 +821,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query11Stats",
-                                    "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query11FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query11Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query12Stats",
+                                    "name": "Query4Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1083,9 +837,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query12FullyCompliant",
+                                    "name": "Query4FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query12Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query4Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1095,9 +849,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query13Stats",
+                                    "name": "Query5Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1111,9 +865,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query13FullyCompliant",
+                                    "name": "Query5FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query13Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query5Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1123,9 +877,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query14Stats",
+                                    "name": "Query6Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1139,9 +893,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query14FullyCompliant",
+                                    "name": "Query6FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query14Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query6Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1151,9 +905,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query15Stats",
+                                    "name": "Query7Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1167,9 +921,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query15FullyCompliant",
+                                    "name": "Query7FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query15Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query7Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1179,9 +933,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query16Stats",
+                                    "name": "Query8Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1195,9 +949,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query16FullyCompliant",
+                                    "name": "Query8FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query16Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query8Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1207,7 +961,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab2Success",
+                                    "name": "Tab1Success",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -1218,7 +972,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}"
+                                                "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -1226,7 +980,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab2Total",
+                                    "name": "Tab1Total",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -1237,7 +991,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}"
+                                                "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -1245,7 +999,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab2Percent",
+                                    "name": "Tab1Percent",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -1256,7 +1010,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab2Success}/{Tab2Total})"
+                                                "resultVal": "round(100*{Tab1Success}/{Tab1Total})"
                                             }
                                         }
                                     ]
@@ -1271,16 +1025,16 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Internet"
+                            "json": "## Hybrid"
                         },
                         "customWidth": "50",
-                        "name": "tab2title"
+                        "name": "tab1title"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab2Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab1Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
                             "size": 3,
                             "queryType": 8,
                             "visualization": "tiles",
@@ -1312,77 +1066,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information."
-                        },
-                        "name": "querytext11"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
-                                    },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
-                                        }
-                                    }
-                                ]
-                            }
-                        },
-                        "name": "query11"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over protocols not supported by application rules. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information."
+                            "json": "Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext12"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1431,20 +1123,20 @@
                                 ]
                             }
                         },
-                        "name": "query12"
+                        "name": "query4"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Firewall Premium for additional security and protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
+                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information."
                         },
-                        "name": "querytext13"
+                        "name": "querytext5"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1493,20 +1185,20 @@
                                 ]
                             }
                         },
-                        "name": "query13"
+                        "name": "query5"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
+                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information."
                         },
-                        "name": "querytext14"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1555,20 +1247,20 @@
                                 ]
                             }
                         },
-                        "name": "query14"
+                        "name": "query6"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information."
+                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext15"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1617,20 +1309,20 @@
                                 ]
                             }
                         },
-                        "name": "query15"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
+                            "json": "Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
                         },
-                        "name": "querytext16"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1679,16 +1371,16 @@
                                 ]
                             }
                         },
-                        "name": "query16"
+                        "name": "query8"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab2"
+                "value": "tab1"
             },
-            "name": "tab2"
+            "name": "tab1"
         },
         {
             "type": 12,
@@ -1735,7 +1427,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab3Success",
+                                    "name": "Tab2Success",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -1754,7 +1446,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab3Total",
+                                    "name": "Tab2Total",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -1773,7 +1465,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab3Percent",
+                                    "name": "Tab2Percent",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -1784,7 +1476,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab3Success}/{Tab3Total})"
+                                                "resultVal": "round(100*{Tab2Success}/{Tab2Total})"
                                             }
                                         }
                                     ]
@@ -1802,13 +1494,13 @@
                             "json": "## Virtual WAN"
                         },
                         "customWidth": "50",
-                        "name": "tab3title"
+                        "name": "tab2title"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab3Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab2Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
                             "size": 3,
                             "queryType": 8,
                             "visualization": "tiles",
@@ -1904,9 +1596,9 @@
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab3"
+                "value": "tab2"
             },
-            "name": "tab3"
+            "name": "tab2"
         },
         {
             "type": 12,
@@ -1925,9 +1617,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query18Stats",
+                                    "name": "Query0Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1941,9 +1633,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query18FullyCompliant",
+                                    "name": "Query0FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query18Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query0Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1953,9 +1645,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query19Stats",
+                                    "name": "Query1Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1969,9 +1661,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query19FullyCompliant",
+                                    "name": "Query1FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query19Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query1Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1981,9 +1673,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query20Stats",
+                                    "name": "Query2Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1997,9 +1689,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query20FullyCompliant",
+                                    "name": "Query2FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query20Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query2Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -2009,9 +1701,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query21Stats",
+                                    "name": "Query3Stats",
                                     "type": 1,
-                                    "query": "Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -2025,9 +1717,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query21FullyCompliant",
+                                    "name": "Query3FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query21Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query3Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -2037,7 +1729,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab4Success",
+                                    "name": "Tab3Success",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -2048,7 +1740,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}"
+                                                "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -2056,7 +1748,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab4Total",
+                                    "name": "Tab3Total",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -2067,7 +1759,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}"
+                                                "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -2075,7 +1767,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab4Percent",
+                                    "name": "Tab3Percent",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -2086,7 +1778,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab4Success}/{Tab4Total})"
+                                                "resultVal": "round(100*{Tab3Success}/{Tab3Total})"
                                             }
                                         }
                                     ]
@@ -2101,16 +1793,16 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Segmentation"
+                            "json": "## Hub and spoke"
                         },
                         "customWidth": "50",
-                        "name": "tab4title"
+                        "name": "tab3title"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab4Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab3Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
                             "size": 3,
                             "queryType": 8,
                             "visualization": "tiles",
@@ -2142,15 +1834,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information."
+                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information."
                         },
-                        "name": "querytext18"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2199,20 +1891,20 @@
                                 ]
                             }
                         },
-                        "name": "query18"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
+                            "json": "When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
                         },
-                        "name": "querytext19"
+                        "name": "querytext1"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2261,20 +1953,82 @@
                                 ]
                             }
                         },
-                        "name": "query19"
+                        "name": "query1"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
+                            "json": "Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
                         },
-                        "name": "querytext20"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query2"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information."
+                        },
+                        "name": "querytext3"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2293,50 +2047,206 @@
                                             }
                                         }
                                     },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query3"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab3"
+            },
+            "name": "tab3"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 9,
+                        "content": {
+                            "version": "KqlParameterItem/1.0",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "parameters": [
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query17Stats",
+                                    "type": 1,
+                                    "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query17FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query17Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab4Success",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "{Query17Stats:$.Success}"
+                                            }
+                                        }
+                                    ]
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab4Total",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "{Query17Stats:$.Total}"
+                                            }
+                                        }
+                                    ]
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab4Percent",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "round(100*{Tab4Success}/{Tab4Total})"
+                                            }
+                                        }
+                                    ]
+                                }
+                            ],
+                            "style": "pills",
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources"
+                        },
+                        "name": "TabInvisibleParameters"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## PaaS"
+                        },
+                        "customWidth": "50",
+                        "name": "tab4title"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab4Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "size": 3,
+                            "queryType": 8,
+                            "visualization": "tiles",
+                            "tileSettings": {
+                                "titleContent": {
+                                    "columnMatch": "Column1",
+                                    "formatter": 4,
+                                    "formatOptions": {
+                                        "min": 0,
+                                        "max": 100,
+                                        "palette": "redGreen"
+                                    },
+                                    "numberFormat": {
+                                        "unit": 0,
+                                        "options": {
+                                            "style": "decimal"
                                         }
                                     }
-                                ]
+                                },
+                                "subtitleContent": {
+                                    "columnMatch": "Column2"
+                                },
+                                "showBorder": true
                             }
                         },
-                        "name": "query20"
+                        "customWidth": "50",
+                        "name": "TabPercentTile"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this."
+                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/app-service/networking-features) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
                         },
-                        "name": "querytext21"
+                        "name": "querytext17"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2385,7 +2295,7 @@
                                 ]
                             }
                         },
-                        "name": "query21"
+                        "name": "query17"
                     }
                 ]
             },
@@ -2413,9 +2323,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query0Stats",
+                                    "name": "Query18Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -2429,9 +2339,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query0FullyCompliant",
+                                    "name": "Query18FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query0Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query18Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -2441,9 +2351,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query1Stats",
+                                    "name": "Query19Stats",
                                     "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -2457,9 +2367,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query1FullyCompliant",
+                                    "name": "Query19FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query1Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query19Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -2469,9 +2379,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query2Stats",
+                                    "name": "Query20Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -2485,9 +2395,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query2FullyCompliant",
+                                    "name": "Query20FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query2Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query20Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -2497,9 +2407,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query3Stats",
+                                    "name": "Query21Stats",
                                     "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -2513,9 +2423,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query3FullyCompliant",
+                                    "name": "Query21FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query3Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query21Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -2536,7 +2446,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}"
+                                                "resultVal": "{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -2555,7 +2465,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}"
+                                                "resultVal": "{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -2589,7 +2499,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hub and spoke"
+                            "json": "## Segmentation"
                         },
                         "customWidth": "50",
                         "name": "tab5title"
@@ -2630,15 +2540,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information."
+                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information."
                         },
-                        "name": "querytext0"
+                        "name": "querytext18"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2687,20 +2597,20 @@
                                 ]
                             }
                         },
-                        "name": "query0"
+                        "name": "query18"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
                         },
-                        "name": "querytext1"
+                        "name": "querytext19"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2749,20 +2659,20 @@
                                 ]
                             }
                         },
-                        "name": "query1"
+                        "name": "query19"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
                         },
-                        "name": "querytext2"
+                        "name": "querytext20"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2811,20 +2721,20 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query20"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information."
+                            "json": "The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this."
                         },
-                        "name": "querytext3"
+                        "name": "querytext21"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2873,7 +2783,7 @@
                                 ]
                             }
                         },
-                        "name": "query3"
+                        "name": "query21"
                     }
                 ]
             },
@@ -2901,9 +2811,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query17Stats",
+                                    "name": "Query9Stats",
                                     "type": 1,
-                                    "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -2917,9 +2827,37 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query17FullyCompliant",
+                                    "name": "Query9FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query17Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query9Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query10Stats",
+                                    "type": 1,
+                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query10FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query10Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -2940,7 +2878,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query17Stats:$.Success}"
+                                                "resultVal": "{Query9Stats:$.Success}+{Query10Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -2959,7 +2897,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query17Stats:$.Total}"
+                                                "resultVal": "{Query9Stats:$.Total}+{Query10Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -2993,7 +2931,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## PaaS"
+                            "json": "## IP plan"
                         },
                         "customWidth": "50",
                         "name": "tab6title"
@@ -3034,15 +2972,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/app-service/networking-features) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
+                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext17"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -3091,7 +3029,69 @@
                                 ]
                             }
                         },
-                        "name": "query17"
+                        "name": "query9"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                        },
+                        "name": "querytext10"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query10"
                     }
                 ]
             },
diff --git a/workbooks/alz_checklist.en_network_tabcounters_template.json b/workbooks/alz_checklist.en_network_tabcounters_template.json
index ff79fc7ed..ed95b3277 100644
--- a/workbooks/alz_checklist.en_network_tabcounters_template.json
+++ b/workbooks/alz_checklist.en_network_tabcounters_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"34d85edb-5614-41cc-921e-6d8799f040ed\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"5b00ddc3-d5b6-4b3b-9940-58f4b0e1e31b\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"10700cc4-a0e1-4175-b40b-a1ba29983df6\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"7f31508c-63e9-4612-bb80-21daf3d5c7b7\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"37e10656-8c70-4bef-81e1-63be8f4503d9\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"6b9db623-fee7-4997-aa68-e3871ed06131\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"85482b61-4c03-4527-aef7-823e11ca2196\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query9Stats:$.Success}+{Query10Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query9Stats:$.Total}+{Query10Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab0Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab1Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab2Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over protocols not supported by application rules. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium for additional security and protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query22Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query22Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab3Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab4Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab5Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query17Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query17Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab6Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/app-service/networking-features) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"99f6ced1-3725-48ff-9c2b-204ef4a1e6c8\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"48149b48-5e11-4480-9f9c-10930e974e00\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"dbf08e56-7960-459d-bfb6-940ba2d85825\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"8db67660-784b-4bd2-8539-1fea260aa601\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"5b9d8901-5308-4fe2-a83a-ec520bfbdca2\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"6b75031c-69fe-4b0f-a48f-046c6aa0147c\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"07aeb181-fba3-42c7-a108-4dceb64b3198\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab0Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over protocols not supported by application rules. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium for additional security and protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab1Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query22Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query22Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab2Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab3Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query17Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query17Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab4Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/app-service/networking-features) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query18Stats:$.Success}+{Query19Stats:$.Success}+{Query20Stats:$.Success}+{Query21Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query18Stats:$.Total}+{Query19Stats:$.Total}+{Query20Stats:$.Total}+{Query21Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab5Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query9Stats:$.Success}+{Query10Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query9Stats:$.Total}+{Query10Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab6Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/alz_checklist.en_network_workbook.json b/workbooks/alz_checklist.en_network_workbook.json
index 317091a56..8329e8280 100644
--- a/workbooks/alz_checklist.en_network_workbook.json
+++ b/workbooks/alz_checklist.en_network_workbook.json
@@ -70,25 +70,25 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "a5f272f5-6396-4923-bc6a-e75b5a8bb6b5",
+                        "id": "cd3aca28-b016-4a24-947a-643a4c2af387",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Internet",
+                        "linkLabel": "Hub and spoke",
                         "subTarget": "tab0",
-                        "preText": "Internet",
+                        "preText": "Hub and spoke",
                         "style": "primary"
                     },
                     {
-                        "id": "0ac8752b-e9ea-442a-9522-f02af89b45a7",
+                        "id": "8edf1cbb-92f0-4e3f-bfd2-8aea041199bf",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "IP plan",
+                        "linkLabel": "Virtual WAN",
                         "subTarget": "tab1",
-                        "preText": "IP plan",
+                        "preText": "Virtual WAN",
                         "style": "primary"
                     },
                     {
-                        "id": "5d8a00a8-c917-44b1-bffe-07147e5cd0ad",
+                        "id": "eb378e76-01d3-4a51-8062-e160093995e3",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Segmentation",
@@ -97,25 +97,25 @@
                         "style": "primary"
                     },
                     {
-                        "id": "4798c0eb-6542-4fca-a5a9-5a7e938b8b64",
+                        "id": "70af1a96-4073-4b33-a445-e6455bd95d2c",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Virtual WAN",
+                        "linkLabel": "Hybrid",
                         "subTarget": "tab3",
-                        "preText": "Virtual WAN",
+                        "preText": "Hybrid",
                         "style": "primary"
                     },
                     {
-                        "id": "b6f69f78-ddc3-4368-8e45-219b5d9abd1e",
+                        "id": "05c56fe5-649f-40e6-8535-f06d61541ed8",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hybrid",
+                        "linkLabel": "IP plan",
                         "subTarget": "tab4",
-                        "preText": "Hybrid",
+                        "preText": "IP plan",
                         "style": "primary"
                     },
                     {
-                        "id": "e19f6153-ac78-4d1a-9cab-bbcd0fbc2f7d",
+                        "id": "3d874acc-5197-4c39-9f23-4ab27e25f2f4",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "PaaS",
@@ -124,12 +124,12 @@
                         "style": "primary"
                     },
                     {
-                        "id": "91837681-a4af-4db1-b731-6602704c9314",
+                        "id": "5f031f55-207d-4f9a-bc7b-1450ed966670",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hub and spoke",
+                        "linkLabel": "Internet",
                         "subTarget": "tab6",
-                        "preText": "Hub and spoke",
+                        "preText": "Internet",
                         "style": "primary"
                     }
                 ]
@@ -145,22 +145,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Internet"
+                            "json": "## Hub and spoke"
                         },
                         "name": "tab0title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information."
+                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information."
                         },
-                        "name": "querytext11"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -209,20 +209,20 @@
                                 ]
                             }
                         },
-                        "name": "query11"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over protocols not supported by application rules. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information."
+                            "json": "When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
                         },
-                        "name": "querytext12"
+                        "name": "querytext1"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -271,20 +271,20 @@
                                 ]
                             }
                         },
-                        "name": "query12"
+                        "name": "query1"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Firewall Premium for additional security and protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
+                            "json": "Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
                         },
-                        "name": "querytext13"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -333,20 +333,20 @@
                                 ]
                             }
                         },
-                        "name": "query13"
+                        "name": "query2"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
+                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information."
                         },
-                        "name": "querytext14"
+                        "name": "querytext3"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -395,20 +395,42 @@
                                 ]
                             }
                         },
-                        "name": "query14"
+                        "name": "query3"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab0"
+            },
+            "name": "tab0"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Virtual WAN"
+                        },
+                        "name": "tab1title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information."
+                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext15"
+                        "name": "querytext22"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -457,20 +479,42 @@
                                 ]
                             }
                         },
-                        "name": "query15"
+                        "name": "query22"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab1"
+            },
+            "name": "tab1"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Segmentation"
+                        },
+                        "name": "tab2title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
+                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information."
                         },
-                        "name": "querytext16"
+                        "name": "querytext18"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -519,42 +563,20 @@
                                 ]
                             }
                         },
-                        "name": "query16"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab0"
-            },
-            "name": "tab0"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## IP plan"
-                        },
-                        "name": "tab1title"
+                        "name": "query18"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
                         },
-                        "name": "querytext9"
+                        "name": "querytext19"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -603,20 +625,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
+                        "name": "query19"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
                         },
-                        "name": "querytext10"
+                        "name": "querytext20"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -665,42 +687,20 @@
                                 ]
                             }
                         },
-                        "name": "query10"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab1"
-            },
-            "name": "tab1"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Segmentation"
-                        },
-                        "name": "tab2title"
+                        "name": "query20"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information."
+                            "json": "The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this."
                         },
-                        "name": "querytext18"
+                        "name": "querytext21"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -749,20 +749,42 @@
                                 ]
                             }
                         },
-                        "name": "query18"
+                        "name": "query21"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab2"
+            },
+            "name": "tab2"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Hybrid"
+                        },
+                        "name": "tab3title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
+                            "json": "Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext19"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -811,20 +833,20 @@
                                 ]
                             }
                         },
-                        "name": "query19"
+                        "name": "query4"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
+                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information."
                         },
-                        "name": "querytext20"
+                        "name": "querytext5"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -873,20 +895,20 @@
                                 ]
                             }
                         },
-                        "name": "query20"
+                        "name": "query5"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this."
+                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information."
                         },
-                        "name": "querytext21"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -935,42 +957,20 @@
                                 ]
                             }
                         },
-                        "name": "query21"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab2"
-            },
-            "name": "tab2"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Virtual WAN"
-                        },
-                        "name": "tab3title"
+                        "name": "query6"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
+                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext22"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1019,42 +1019,20 @@
                                 ]
                             }
                         },
-                        "name": "query22"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab3"
-            },
-            "name": "tab3"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Hybrid"
-                        },
-                        "name": "tab4title"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
                         },
-                        "name": "querytext4"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1103,20 +1081,42 @@
                                 ]
                             }
                         },
-                        "name": "query4"
+                        "name": "query8"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab3"
+            },
+            "name": "tab3"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## IP plan"
+                        },
+                        "name": "tab4title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information."
+                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext5"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1165,20 +1165,20 @@
                                 ]
                             }
                         },
-                        "name": "query5"
+                        "name": "query9"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information."
+                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext6"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1227,20 +1227,42 @@
                                 ]
                             }
                         },
-                        "name": "query6"
+                        "name": "query10"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab4"
+            },
+            "name": "tab4"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## PaaS"
+                        },
+                        "name": "tab5title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/app-service/networking-features) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
                         },
-                        "name": "querytext7"
+                        "name": "querytext17"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1289,20 +1311,42 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query17"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab5"
+            },
+            "name": "tab5"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Internet"
+                        },
+                        "name": "tab6title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
+                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information."
                         },
-                        "name": "querytext8"
+                        "name": "querytext11"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1351,42 +1395,20 @@
                                 ]
                             }
                         },
-                        "name": "query8"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab4"
-            },
-            "name": "tab4"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## PaaS"
-                        },
-                        "name": "tab5title"
+                        "name": "query11"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/app-service/networking-features) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
+                            "json": "Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over protocols not supported by application rules. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information."
                         },
-                        "name": "querytext17"
+                        "name": "querytext12"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1435,42 +1457,20 @@
                                 ]
                             }
                         },
-                        "name": "query17"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab5"
-            },
-            "name": "tab5"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Hub and spoke"
-                        },
-                        "name": "tab6title"
+                        "name": "query12"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information."
+                            "json": "Use Azure Firewall Premium for additional security and protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
                         },
-                        "name": "querytext0"
+                        "name": "querytext13"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1519,20 +1519,20 @@
                                 ]
                             }
                         },
-                        "name": "query0"
+                        "name": "query13"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
                         },
-                        "name": "querytext1"
+                        "name": "querytext14"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1581,20 +1581,20 @@
                                 ]
                             }
                         },
-                        "name": "query1"
+                        "name": "query14"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information."
                         },
-                        "name": "querytext2"
+                        "name": "querytext15"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1643,20 +1643,20 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query15"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information."
+                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
                         },
-                        "name": "querytext3"
+                        "name": "querytext16"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1705,7 +1705,7 @@
                                 ]
                             }
                         },
-                        "name": "query3"
+                        "name": "query16"
                     }
                 ]
             },
diff --git a/workbooks/alz_checklist.en_network_workbook_template.json b/workbooks/alz_checklist.en_network_workbook_template.json
index 2a6f5a4a1..48dd01399 100644
--- a/workbooks/alz_checklist.en_network_workbook_template.json
+++ b/workbooks/alz_checklist.en_network_workbook_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"a5f272f5-6396-4923-bc6a-e75b5a8bb6b5\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"0ac8752b-e9ea-442a-9522-f02af89b45a7\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"5d8a00a8-c917-44b1-bffe-07147e5cd0ad\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"4798c0eb-6542-4fca-a5a9-5a7e938b8b64\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"b6f69f78-ddc3-4368-8e45-219b5d9abd1e\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"e19f6153-ac78-4d1a-9cab-bbcd0fbc2f7d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"91837681-a4af-4db1-b731-6602704c9314\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over protocols not supported by application rules. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium for additional security and protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/app-service/networking-features) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"cd3aca28-b016-4a24-947a-643a4c2af387\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"8edf1cbb-92f0-4e3f-bfd2-8aea041199bf\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"eb378e76-01d3-4a51-8062-e160093995e3\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"70af1a96-4073-4b33-a445-e6455bd95d2c\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"05c56fe5-649f-40e6-8535-f06d61541ed8\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"3d874acc-5197-4c39-9f23-4ab27e25f2f4\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"5f031f55-207d-4f9a-bc7b-1450ed966670\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"When connecting spoke virtual networks to the central hub virtual network, consider VNet peering limits (500), the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Consider the limit of routes per route table (400). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"The application team should use application security groups at the subnet-level NSGs to help protect multi-tier VMs within the landing zone. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetName=subnets.name,subnetNsg=subnets.properties.networkSecurityGroup | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend compliant = isnotnull(subnetNsg) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-routing) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuits' peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use VPN gateways to connect branches or remote locations to Azure. For higher resilience, deploy zone-redundant gateways (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/app-service/networking-features) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over protocols not supported by application rules. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium for additional security and protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"