From ec16e021061fdd118a7f9b1e424b05bc206dbefc Mon Sep 17 00:00:00 2001
From: moti-ba <131643892+moti-ba@users.noreply.github.com>
Date: Sun, 29 Dec 2024 14:27:36 +0200
Subject: [PATCH 1/7] SWG file fixes and NetworkAccessAlerts table

---
 .../CustomTables/NetworkAccessAlerts.json     | 93 +++++++++++++++++++
 .../Identity - AfterHoursActivity.yaml        |  2 +-
 .../Identity - SharedSessions.yaml            | 62 -------------
 .../SWG - Abnormal Deny Rate.yaml             |  2 +-
 .../SWG - Abnormal Port to Protocol.yaml      |  2 +-
 .../SWG - Source IP Port Scan.yaml            |  2 +-
 6 files changed, 97 insertions(+), 66 deletions(-)
 create mode 100644 .script/tests/KqlvalidationsTests/CustomTables/NetworkAccessAlerts.json
 delete mode 100644 Solutions/Global Secure Access/Analytic Rules/Identity - SharedSessions.yaml

diff --git a/.script/tests/KqlvalidationsTests/CustomTables/NetworkAccessAlerts.json b/.script/tests/KqlvalidationsTests/CustomTables/NetworkAccessAlerts.json
new file mode 100644
index 00000000000..43f31e680dd
--- /dev/null
+++ b/.script/tests/KqlvalidationsTests/CustomTables/NetworkAccessAlerts.json
@@ -0,0 +1,93 @@
+{
+  "Name": "NetworkAccessAlerts",
+  
+    {
+      "Name": "TenantId",
+      "Type": "string"
+    },
+    {
+      "Name": "TimeGenerated",
+      "Type": "datetime"
+    },
+    {
+      "Name": "Id",
+      "Type": "string"
+    },
+    {
+      "Name": "DisplayName",
+      "Type": "string"
+    },
+    {
+      "Name": "Severity",
+      "Type": "string"
+    },
+    {
+      "Name": "ComponentName",
+      "Type": "string"
+    },
+    {
+      "Name": "DetectionTechnology",
+      "Type": "string"
+    },
+    {
+      "Name": "AlertType",
+      "Type": "string"
+    },
+    {
+      "Name": "Description",
+      "Type": "string"
+    },
+    {
+      "Name": "ProductName",
+      "Type": "string"
+    },
+    {
+      "Name": "PolicyId",
+      "Type": "string"
+    },
+    {
+      "Name": "LastActivityDateTime",
+      "Type": "datetime"
+    },
+    {
+      "Name": "FirstActivityDateTime",
+      "Type": "datetime"
+    },
+    {
+      "Name": "SourceSystem",
+      "Type": "string"
+    },
+    {
+      "Name": "Techniques",
+      "Type": "string"
+    },
+    {
+      "Name": "SubTechniques",
+      "Type": "string"
+    },
+    {
+      "Name": "ExtendedProperties",
+      "Type": "dynamic"
+    },
+    {
+      "Name": "RelatedResources",
+      "Type": "dynamic"
+    },
+    {
+      "Name": "IsPreview",
+      "Type": "bool"
+    },
+    {
+      "Name": "CreationDateTime",
+      "Type": "datetime"
+    },
+    {
+      "Name": "Type",
+      "Type": "string"
+    },
+    {
+      "Name": "VendorName",
+      "Type": "string"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml
index 41d20c1937d..9d802d71f03 100644
--- a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	
@@ -36,5 +36,5 @@ entityMappings:
     fieldMappings:
       - identifier: Address
         columnName: IPCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled
diff --git a/Solutions/Global Secure Access/Analytic Rules/Identity - SharedSessions.yaml b/Solutions/Global Secure Access/Analytic Rules/Identity - SharedSessions.yaml
deleted file mode 100644
index b518991bcb6..00000000000
--- a/Solutions/Global Secure Access/Analytic Rules/Identity - SharedSessions.yaml	
+++ /dev/null
@@ -1,62 +0,0 @@
-id: 57abf863-1c1e-46c6-85b2-35370b712c1e
-name: GSA - Detect IP Address Changes and Overlapping Sessions
-description: |
-  This query identifies network sessions based on DeviceId and UserPrincipalName, then checks for changed IP addresses and overlapping session times.
-severity: High
-status: Available
-requiredDataConnectors:
-  - connectorId: AzureActiveDirectory
-    dataTypes:
-      - EnrichedMicrosoft365AuditLogs
-queryFrequency: 1h
-queryPeriod: 24h
-triggerOperator: gt
-triggerThreshold: 0
-tactics:
-  - InitialAccess
-relevantTechniques:
-  - T1078
-  - T1133
-query: |
-    // Identify sessions
-    let sessions = 
-      NetworkAccessTraffic
-      | summarize 
-          StartTime = min(TimeGenerated), 
-          EndTime = max(TimeGenerated), 
-          SourceIps = make_set(SourceIp) 
-        by DeviceId, UserPrincipalName, SessionId
-      | sort by StartTime asc;
-    // Check for changed IP addresses and overlapping session times
-    sessions
-      | extend PreviousSourceIps = prev(SourceIps, 1)
-      | extend PreviousEndTime = prev(EndTime, 1)
-      | extend PreviousDeviceId = prev(DeviceId, 1)
-      | extend PreviousUserPrincipalName = prev(UserPrincipalName, 1)
-      | where DeviceId == PreviousDeviceId 
-            and UserPrincipalName == PreviousUserPrincipalName
-      | where array_length(set_difference(SourceIps, PreviousSourceIps)) > 0 // Check if the current and previous IP sets differ
-      | where PreviousEndTime > StartTime // Check for overlapping session times
-      | project 
-          DeviceId, 
-          UserPrincipalName, 
-          SourceIps, 
-          PreviousSourceIps, 
-          StartTime, 
-          EndTime, 
-          PreviousEndTime
-      | extend 
-          IPCustomEntity = tostring(array_slice(SourceIps, 0, 1)[0]), 
-          PreviousIPCustomEntity = tostring(array_slice(PreviousSourceIps, 0, 1)[0]), 
-          AccountCustomEntity = UserPrincipalName
-entityMappings:
-  - entityType: Account
-    fieldMappings:
-      - identifier: Name
-        columnName: AccountCustomEntity
-  - entityType: IP
-    fieldMappings:
-      - identifier: Address
-        columnName: IPCustomEntity
-version: 1.0.2
-kind: Scheduled
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml
index 8cae3de7ca2..c801861d7e9 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml	
@@ -54,5 +54,5 @@ entityMappings:
     fieldMappings:
       - identifier: Url
         columnName: DestinationIp
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml
index a195c01775c..ce384309e5c 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	
@@ -50,5 +50,5 @@ entityMappings:
     fieldMappings:
       - identifier: Url
         columnName: FqdnCustomEntity
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml
index 9cb257bc4b7..4a72ca58554 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	
@@ -37,5 +37,5 @@ entityMappings:
     fieldMappings:
       - identifier: Url
         columnName: DestinationFqdn
-version: 1.0.1
+version: 1.0.2
 kind: Scheduled

From 03aeeab525786804f72d8285e140a0b1993b85d5 Mon Sep 17 00:00:00 2001
From: moti-ba <131643892+moti-ba@users.noreply.github.com>
Date: Sun, 29 Dec 2024 14:53:20 +0200
Subject: [PATCH 2/7] Fix table

---
 .../Analytic Rules/Identity - AfterHoursActivity.yaml           | 2 +-
 .../Analytic Rules/SWG - Abnormal Port to Protocol.yaml         | 2 +-
 .../Analytic Rules/SWG - Source IP Port Scan.yaml               | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml
index 9d802d71f03..0ec64b81071 100644
--- a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	
@@ -6,7 +6,7 @@ status: Available
 requiredDataConnectors:
   - connectorId: AzureActiveDirectory
     dataTypes:
-      - EnrichedMicrosoft365AuditLogs
+      - NetworkAccessTrafficLogs
 queryFrequency: 1h
 queryPeriod: 24h
 triggerOperator: gt
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml
index ce384309e5c..cda25a0ed56 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	
@@ -11,7 +11,7 @@ status: Available
 requiredDataConnectors:
   - connectorId: AzureActiveDirectory
     dataTypes:
-      - EnrichedMicrosoft365AuditLogs
+      - NetworkAccessTrafficLogs
 queryFrequency: 1h
 queryPeriod: 8d
 triggerOperator: gt
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml
index 4a72ca58554..7aad8a9d9d1 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	
@@ -10,7 +10,7 @@ status: Available
 requiredDataConnectors:
   - connectorId: AzureActiveDirectory
     dataTypes:
-      - EnrichedMicrosoft365AuditLogs
+      - NetworkAccessTrafficLogs
 queryFrequency: 1d
 queryPeriod: 1d
 triggerOperator: gt

From 677b6f1aeaead39814a022e79cfd50474ec93ac6 Mon Sep 17 00:00:00 2001
From: moti-ba <131643892+moti-ba@users.noreply.github.com>
Date: Sun, 29 Dec 2024 15:56:39 +0200
Subject: [PATCH 3/7] fixes

---
 .../Identity - AfterHoursActivity.yaml            |  3 ++-
 .../Analytic Rules/SWG - Abnormal Deny Rate.yaml  | 15 ++++++++-------
 .../SWG - Abnormal Port to Protocol.yaml          |  8 ++++----
 .../Analytic Rules/SWG - Source IP Port Scan.yaml |  7 ++++---
 4 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml
index 0ec64b81071..9da19546efe 100644
--- a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	
@@ -1,6 +1,7 @@
 id: 4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa
 name: GSA - Detect Connections Outside Operational Hours
-description: This query identifies connections that occur outside of the defined operational hours. It helps in monitoring and flagging any unusual activity that may occur during non-business hours, indicating potential security concerns or policy violations.
+description: | 
+    'This query identifies connections that occur outside of the defined operational hours. It helps in monitoring and flagging any unusual activity that may occur during non-business hours, indicating potential security concerns or policy violations.'
 severity: High
 status: Available
 requiredDataConnectors:
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml
index c801861d7e9..d894d730a7f 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml	
@@ -1,13 +1,14 @@
 id: e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b
 name: GSA - Detect Abnormal Deny Rate for Source to Destination IP
 description: |
-  Identifies abnormal deny rate for specific source IP to destination IP based on the normal average and standard deviation learned during a configured period. This can indicate potential exfiltration, initial access, or C2, where an attacker tries to exploit the same vulnerability on machines in the organization but is being blocked by firewall rules.
-configurableParameters:
-  - minimumOfStdsThreshold: The number of stds to use in the threshold calculation. Default is set to 3.
-  - learningPeriodTime: Learning period for threshold calculation in days. Default is set to 5.
-  - binTime: Learning buckets time in hours. Default is set to 1 hour.
-  - minimumThreshold: Minimum threshold for alert. Default is set to 5.
-  - minimumBucketThreshold: Minimum learning buckets threshold for alert. Default is set to 5.
+  'Identifies abnormal deny rate for specific source IP to destination IP based on the normal average and standard deviation learned during a configured period. This can indicate potential exfiltration, initial access, or C2, where an attacker tries to exploit the same vulnerability on machines in the organization but is being blocked by firewall rules.
+    
+    configurableParameters:
+    - minimumOfStdsThreshold: The number of stds to use in the threshold calculation. Default is set to 3.
+    - learningPeriodTime: Learning period for threshold calculation in days. Default is set to 5.
+    - binTime: Learning buckets time in hours. Default is set to 1 hour.
+    - minimumThreshold: Minimum threshold for alert. Default is set to 5.
+    - minimumBucketThreshold: Minimum learning buckets threshold for alert. Default is set to 5.'
 severity: Medium
 status: Available
 requiredDataConnectors:
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml
index cda25a0ed56..8b678753cfb 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	
@@ -1,11 +1,11 @@
 id: f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a
 name: GSA - Detect Protocol Changes for Destination Ports
 description: |
-  Identifies changes in the protocol used for specific destination ports, comparing the current runtime with a learned baseline. This can indicate potential protocol misuse or configuration changes.
-
-Configurable Parameters:
+  'Identifies changes in the protocol used for specific destination ports, comparing the current runtime with a learned baseline. This can indicate potential protocol misuse or configuration changes.
+  
+  Configurable Parameters:
   - Learning period - the time range to establish the baseline. Default is set to 7 days.
-  - Run time - the time range for current analysis. Default is set to 1 day.
+  - Run time - the time range for current analysis. Default is set to 1 day.'
 severity: Medium
 status: Available
 requiredDataConnectors:
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml
index 7aad8a9d9d1..e197378ecfd 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	
@@ -1,10 +1,11 @@
 id: 82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1
 name: GSA - Detect Source IP Scanning Multiple Open Ports
 description: |
-  Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access.
-Configurable Parameters:
+  'Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access.'
+    
+    Configurable Parameters:
   - Port scan time - the time range to look for multiple ports scanned. Default is set to 30 seconds.
-  - Minimum different ports threshold - alert only if more than this number of ports scanned. Default is set to 100.
+  - Minimum different ports threshold - alert only if more than this number of ports scanned. Default is set to 100.'
 severity: Medium
 status: Available
 requiredDataConnectors:

From 12ff3d7c0919f873b5c32a952b257f8f0f9fe3b7 Mon Sep 17 00:00:00 2001
From: moti-ba <131643892+moti-ba@users.noreply.github.com>
Date: Sun, 29 Dec 2024 16:07:20 +0200
Subject: [PATCH 4/7] KQL fixes

---
 .../Identity - AfterHoursActivity.yaml        |  6 ++---
 .../SWG - Abnormal Deny Rate.yaml             | 22 +++++++++----------
 .../SWG - Abnormal Port to Protocol.yaml      |  8 +++----
 .../SWG - Source IP Port Scan.yaml            |  7 +++---
 4 files changed, 21 insertions(+), 22 deletions(-)

diff --git a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml
index 9da19546efe..e43e3af3e3d 100644
--- a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	
@@ -1,7 +1,7 @@
 id: 4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa
 name: GSA - Detect Connections Outside Operational Hours
-description: | 
-    'This query identifies connections that occur outside of the defined operational hours. It helps in monitoring and flagging any unusual activity that may occur during non-business hours, indicating potential security concerns or policy violations.'
+description: |
+  This query identifies connections that occur outside of the defined operational hours. It helps in monitoring and flagging any unusual activity that may occur during non-business hours, indicating potential security concerns or policy violations.
 severity: High
 status: Available
 requiredDataConnectors:
@@ -23,7 +23,7 @@ query: |
   let operational_start_hour = 8; // Start of operational hours (8 AM)
   let operational_end_hour = 18; // End of operational hours (6 PM)
   NetworkAccessTraffic
-  | where TimeGenerated between(starttime .. endtime)
+  | where TimeGenerated between (starttime .. endtime)
   | extend HourOfDay = datetime_part('hour', TimeGenerated)
   | where HourOfDay < operational_start_hour or HourOfDay >= operational_end_hour
   | project TimeGenerated, UserPrincipalName, SourceIp, DestinationIp, DestinationPort, Action, DeviceId, DeviceOperatingSystem, ConnectionId
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml
index d894d730a7f..62685ab4617 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml	
@@ -1,14 +1,14 @@
 id: e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b
 name: GSA - Detect Abnormal Deny Rate for Source to Destination IP
 description: |
-  'Identifies abnormal deny rate for specific source IP to destination IP based on the normal average and standard deviation learned during a configured period. This can indicate potential exfiltration, initial access, or C2, where an attacker tries to exploit the same vulnerability on machines in the organization but is being blocked by firewall rules.
-    
-    configurableParameters:
-    - minimumOfStdsThreshold: The number of stds to use in the threshold calculation. Default is set to 3.
-    - learningPeriodTime: Learning period for threshold calculation in days. Default is set to 5.
-    - binTime: Learning buckets time in hours. Default is set to 1 hour.
-    - minimumThreshold: Minimum threshold for alert. Default is set to 5.
-    - minimumBucketThreshold: Minimum learning buckets threshold for alert. Default is set to 5.'
+  Identifies abnormal deny rate for specific source IP to destination IP based on the normal average and standard deviation learned during a configured period. This can indicate potential exfiltration, initial access, or C2, where an attacker tries to exploit the same vulnerability on machines in the organization but is being blocked by firewall rules.
+  
+  Configurable Parameters:
+      - minimumOfStdsThreshold: The number of stds to use in the threshold calculation. Default is set to 3.
+      - learningPeriodTime: Learning period for threshold calculation in days. Default is set to 5.
+      - binTime: Learning buckets time in hours. Default is set to 1 hour.
+      - minimumThreshold: Minimum threshold for alert. Default is set to 5.
+      - minimumBucketThreshold: Minimum learning buckets threshold for alert. Default is set to 5.
 severity: Medium
 status: Available
 requiredDataConnectors:
@@ -31,11 +31,11 @@ query: |
   let MinThreshold = 5.0;
   let MinLearningBuckets = 5;
   let TrafficLogs = NetworkAccessTraffic
-    | where Action == 'Denied'
+    | where Action == "Denied"
     | where isnotempty(DestinationIp) and isnotempty(SourceIp);
   let LearningSrcIpDenyRate = TrafficLogs
     | where TimeGenerated between (ago(LearningPeriod + 1d) .. ago(1d))
-    | summarize count() by SourceIp, bin(TimeGenerated, BinTime), DestinationIp
+    | summarize count_ = count() by SourceIp, bin(TimeGenerated, BinTime), DestinationIp
     | summarize LearningTimeSrcIpDenyRateAvg = avg(count_), LearningTimeSrcIpDenyRateStd = stdev(count_), LearningTimeBuckets = count() by SourceIp, DestinationIp
     | where LearningTimeBuckets > MinLearningBuckets;
   let AlertTimeSrcIpDenyRate = TrafficLogs
@@ -45,7 +45,7 @@ query: |
     | join kind=leftouter (LearningSrcIpDenyRate) on SourceIp, DestinationIp
     | extend LearningThreshold = max_of(LearningTimeSrcIpDenyRateAvg + NumOfStdsThreshold * LearningTimeSrcIpDenyRateStd, MinThreshold)
     | where AlertTimeSrcIpDenyRateCount > LearningThreshold
-    | project SourceIp, DestinationIp, AlertTimeSrcIpDenyRateCount, LearningThreshold    
+    | project SourceIp, DestinationIp, AlertTimeSrcIpDenyRateCount, LearningThreshold
 entityMappings:
   - entityType: IP
     fieldMappings:
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml
index 8b678753cfb..df45813bdf7 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	
@@ -1,11 +1,11 @@
 id: f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a
 name: GSA - Detect Protocol Changes for Destination Ports
 description: |
-  'Identifies changes in the protocol used for specific destination ports, comparing the current runtime with a learned baseline. This can indicate potential protocol misuse or configuration changes.
-  
+  Identifies changes in the protocol used for specific destination ports, comparing the current runtime with a learned baseline.
+  This can indicate potential protocol misuse or configuration changes.
   Configurable Parameters:
-  - Learning period - the time range to establish the baseline. Default is set to 7 days.
-  - Run time - the time range for current analysis. Default is set to 1 day.'
+  - Learning period: The time range to establish the baseline. Default is set to 7 days.
+  - Run time: The time range for current analysis. Default is set to 1 day.
 severity: Medium
 status: Available
 requiredDataConnectors:
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml
index e197378ecfd..c06bc282481 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	
@@ -1,11 +1,10 @@
 id: 82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1
 name: GSA - Detect Source IP Scanning Multiple Open Ports
 description: |
-  'Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access.'
-    
+  'Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access.
     Configurable Parameters:
-  - Port scan time - the time range to look for multiple ports scanned. Default is set to 30 seconds.
-  - Minimum different ports threshold - alert only if more than this number of ports scanned. Default is set to 100.'
+    - Port scan time - the time range to look for multiple ports scanned. Default is set to 30 seconds.
+    - Minimum different ports threshold - alert only if more than this number of ports scanned. Default is set to 100.
 severity: Medium
 status: Available
 requiredDataConnectors:

From 4e01f02ceefc27021eaefa62d66ed3cb74ad9325 Mon Sep 17 00:00:00 2001
From: moti-ba <131643892+moti-ba@users.noreply.github.com>
Date: Sun, 29 Dec 2024 17:58:14 +0200
Subject: [PATCH 5/7] json fix

---
 .../Analytic Rules/Identity - AfterHoursActivity.yaml         | 2 +-
 .../Analytic Rules/SWG - Abnormal Deny Rate.yaml              | 2 +-
 .../Analytic Rules/SWG - Abnormal Port to Protocol.yaml       | 2 +-
 .../Analytic Rules/SWG - Source IP Port Scan.yaml             | 4 ++--
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml
index e43e3af3e3d..f228301f879 100644
--- a/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	
@@ -38,4 +38,4 @@ entityMappings:
       - identifier: Address
         columnName: IPCustomEntity
 version: 1.0.2
-kind: Scheduled
+kind: Scheduled
\ No newline at end of file
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml
index 62685ab4617..63a64ea79cb 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml	
@@ -56,4 +56,4 @@ entityMappings:
       - identifier: Url
         columnName: DestinationIp
 version: 1.0.2
-kind: Scheduled
+kind: Scheduled
\ No newline at end of file
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml
index df45813bdf7..a40a457d7f9 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	
@@ -51,4 +51,4 @@ entityMappings:
       - identifier: Url
         columnName: FqdnCustomEntity
 version: 1.0.2
-kind: Scheduled
+kind: Scheduled
\ No newline at end of file
diff --git a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml
index c06bc282481..74f63b52357 100644
--- a/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	
+++ b/Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	
@@ -1,7 +1,7 @@
 id: 82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1
 name: GSA - Detect Source IP Scanning Multiple Open Ports
 description: |
-  'Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access.
+  Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access.
     Configurable Parameters:
     - Port scan time - the time range to look for multiple ports scanned. Default is set to 30 seconds.
     - Minimum different ports threshold - alert only if more than this number of ports scanned. Default is set to 100.
@@ -38,4 +38,4 @@ entityMappings:
       - identifier: Url
         columnName: DestinationFqdn
 version: 1.0.2
-kind: Scheduled
+kind: Scheduled
\ No newline at end of file

From a5620ef80e2a4884b4cdbd02dae72d18a2a23350 Mon Sep 17 00:00:00 2001
From: moti-ba <131643892+moti-ba@users.noreply.github.com>
Date: Sun, 29 Dec 2024 19:34:23 +0200
Subject: [PATCH 6/7] Update NetworkAccessAlerts.json

fix file
---
 .../CustomTables/NetworkAccessAlerts.json     | 182 +++++++++---------
 1 file changed, 91 insertions(+), 91 deletions(-)

diff --git a/.script/tests/KqlvalidationsTests/CustomTables/NetworkAccessAlerts.json b/.script/tests/KqlvalidationsTests/CustomTables/NetworkAccessAlerts.json
index 43f31e680dd..8ad31260523 100644
--- a/.script/tests/KqlvalidationsTests/CustomTables/NetworkAccessAlerts.json
+++ b/.script/tests/KqlvalidationsTests/CustomTables/NetworkAccessAlerts.json
@@ -1,93 +1,93 @@
 {
-  "Name": "NetworkAccessAlerts",
-  
-    {
-      "Name": "TenantId",
-      "Type": "string"
-    },
-    {
-      "Name": "TimeGenerated",
-      "Type": "datetime"
-    },
-    {
-      "Name": "Id",
-      "Type": "string"
-    },
-    {
-      "Name": "DisplayName",
-      "Type": "string"
-    },
-    {
-      "Name": "Severity",
-      "Type": "string"
-    },
-    {
-      "Name": "ComponentName",
-      "Type": "string"
-    },
-    {
-      "Name": "DetectionTechnology",
-      "Type": "string"
-    },
-    {
-      "Name": "AlertType",
-      "Type": "string"
-    },
-    {
-      "Name": "Description",
-      "Type": "string"
-    },
-    {
-      "Name": "ProductName",
-      "Type": "string"
-    },
-    {
-      "Name": "PolicyId",
-      "Type": "string"
-    },
-    {
-      "Name": "LastActivityDateTime",
-      "Type": "datetime"
-    },
-    {
-      "Name": "FirstActivityDateTime",
-      "Type": "datetime"
-    },
-    {
-      "Name": "SourceSystem",
-      "Type": "string"
-    },
-    {
-      "Name": "Techniques",
-      "Type": "string"
-    },
-    {
-      "Name": "SubTechniques",
-      "Type": "string"
-    },
-    {
-      "Name": "ExtendedProperties",
-      "Type": "dynamic"
-    },
-    {
-      "Name": "RelatedResources",
-      "Type": "dynamic"
-    },
-    {
-      "Name": "IsPreview",
-      "Type": "bool"
-    },
-    {
-      "Name": "CreationDateTime",
-      "Type": "datetime"
-    },
-    {
-      "Name": "Type",
-      "Type": "string"
-    },
-    {
-      "Name": "VendorName",
-      "Type": "string"
-    }
-  ]
+	"Name": "NetworkAccessAlerts",
+	"Properties": [
+		{
+			"Name": "TenantId",
+			"Type": "string"
+		},
+		{
+			"Name": "TimeGenerated",
+			"Type": "datetime"
+		},
+		{
+			"Name": "Id",
+			"Type": "string"
+		},
+		{
+			"Name": "DisplayName",
+			"Type": "string"
+		},
+		{
+			"Name": "Severity",
+			"Type": "string"
+		},
+		{
+			"Name": "ComponentName",
+			"Type": "string"
+		},
+		{
+			"Name": "DetectionTechnology",
+			"Type": "string"
+		},
+		{
+			"Name": "AlertType",
+			"Type": "string"
+		},
+		{
+			"Name": "Description",
+			"Type": "string"
+		},
+		{
+			"Name": "ProductName",
+			"Type": "string"
+		},
+		{
+			"Name": "PolicyId",
+			"Type": "string"
+		},
+		{
+			"Name": "LastActivityDateTime",
+			"Type": "datetime"
+		},
+		{
+			"Name": "FirstActivityDateTime",
+			"Type": "datetime"
+		},
+		{
+			"Name": "SourceSystem",
+			"Type": "string"
+		},
+		{
+			"Name": "Techniques",
+			"Type": "string"
+		},
+		{
+			"Name": "SubTechniques",
+			"Type": "string"
+		},
+		{
+			"Name": "ExtendedProperties",
+			"Type": "dynamic"
+		},
+		{
+			"Name": "RelatedResources",
+			"Type": "dynamic"
+		},
+		{
+			"Name": "IsPreview",
+			"Type": "bool"
+		},
+		{
+			"Name": "CreationDateTime",
+			"Type": "datetime"
+		},
+		{
+			"Name": "Type",
+			"Type": "string"
+		},
+		{
+			"Name": "VendorName",
+			"Type": "string"
+		}
+	]
 }
\ No newline at end of file

From eba11c7e1adf5b2008e1df94163d8be73f5910b6 Mon Sep 17 00:00:00 2001
From: PrasadBoke <v-prasadboke@microsoft.com>
Date: Tue, 31 Dec 2024 13:37:07 +0530
Subject: [PATCH 7/7] Solution packaged

---
 .../Data/Solution_GlobalSecureAccess.json     |    1 -
 .../Global Secure Access/Package/3.0.0.zip    |  Bin 48635 -> 48714 bytes
 .../Package/createUiDefinition.json           |   82 +-
 .../Package/mainTemplate.json                 | 1216 ++++++++---------
 4 files changed, 579 insertions(+), 720 deletions(-)

diff --git a/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json b/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json
index abe547db913..184af92ad2f 100644
--- a/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json	
+++ b/Solutions/Global Secure Access/Data/Solution_GlobalSecureAccess.json	
@@ -12,7 +12,6 @@
   ],
  "Analytic Rules": [
     "Analytic Rules/Identity - AfterHoursActivity.yaml",
-    "Analytic Rules/Identity - SharedSessions.yaml",
     "Analytic Rules/Office 365 - exchange_auditlogdisabled.yaml",
     "Analytic Rules/Office 365 - External User added to Team and immediately uploads file.yaml",
     "Analytic Rules/Office 365 - ExternalUserAddedRemovedInTeams.yaml",
diff --git a/Solutions/Global Secure Access/Package/3.0.0.zip b/Solutions/Global Secure Access/Package/3.0.0.zip
index 6145e17ffcdc98e487c355692dc60764c7cdafcc..b522ab0c58b4dabeac228891f50dc8ca429fc5a2 100644
GIT binary patch
delta 47183
zcmY)U<9FXp|NRfgwi~OlZ8Ub1G`4N?72CGaIE`)l9ou#qv)6HcKfgQIA25&g+<Ru$
zthM*Nze7xXKoI<tgM`8Y0|SEtbF$6X(hb6Y!TkmX7MKVIhMOGIjSpPuo!JwNrhN(b
zb%}|3Fp1;qQu68>$6&IgCF9kb#Fh>TGYnd~<Bs>7U%9(Qo3nu*YaN4*WsdpF)2^v#
z*TxeR;!>ldHEq>boX`2?a!X$}dcUI4VE>hUWX5y{Q|}w9V`X}?5uQ^AugY~*#F(id
zbs0?RqI__0?Nsc6b^%Yv`B`T#qKVgAEvD`tUmyFw6bC371~|TT(G`<_d?)@8D;?iK
z@fKK~k_(bP=2)(pn^jF!jOveguYEMc{|{A2VZDhr<(uo(jynkvJGam69TM)JB|l*G
z2p0e2k?Uh=5>g<?Gcif<d3sf~(7-2~1V-i6D+Am75I{Ys0DiXrdze?Iem)Mi(wv%b
zsxXa1M=U}Eg=rN1+YlZdWJv^}4GmC+GcQ<GhN&JQFFro}6`2|=$S7QqLT!kD;Yr?e
zRd1W!(WOcs@AeTc4fS=t$>WJGDK8m25<f1ImS9abPLfpSLrt#0o0Q3tL#L{|EsDsS
zd!~z()gHza1^hl|fzMXY!9yEg+U@Sd4hMYM?weJKbLj1^O7ir1rmIcYvM^!sv(@M?
ze`i-FKaNonik);><Y^j#F;bKcj_;x_9T_t6f=@V_p`IS8CHLYXvZ;^lo*I2c_;l<o
zxt;sV9ZnjiY|H|N@#;!Y2&wh==aIIl{&#e1FdS7LfH(4wI+4@Yx+w|nc{|r+rZPr>
zJ0@up`9btHZ%oy(WYJ4QrIJ*c-d|$oOsxXXQag-IH$EB0e4p9ZU2jG7eLu;iOEF}$
z4Qc&<!C;``lK0U=?8=uIl(gfcm4<@T<69%};vN3YH_Ir_=13&ZWsz(UK$h)wjK!jX
z8DdSn2DbPozxS5>2%{17Eu^h@ACr(@<n)suOTbv{7@$g#NqN)wcx=W^71(vdD_HXc
z<q(Gn5W`Wk4&9fG3Eu6eB>LTK&&rVATZ-x!G`A;wG02EEp;bW?!<Z-G#=60>CCi9R
z>hD(+J$c7hRL`$6!Ty|Qo){{>hVQ{Zf^-BQ21uDA2CHGbv9fT6wh9`8ewM)Kqt&NC
z&9P+t68P362W~R!yH{TMQ_1tpf?j8jw($EB-oxLKv*wavbk6Ov*Cif>IxP6O<h(Wy
zhmdU?iPLCqGs@SyI}`6O6B&{0sDCtOab}M1CdYy4A!^-$r=1MeuFV*Rq2KX_aXR(x
z@&V&!TxuG7V6BEt`m;9eNs_0^SvP%#vptp>B&vPfBe1|?+<jZS{bR9t#zxNSaiXHV
zkf2@YT!Gme9Zc!HGR$R8*NphEZ!UmmG^^kYf$Ej9o3mrruCtWYRr=Ir65g;9<s5lO
zgT%is8A;%{<~y!yxzrEiS45QsBQVS4H{hKW3688KIWI$wH8sGIjLHk&W?Qk`5Dl62
zJ0UH8W0g|mFaDtso+S0}J1lOUg~EqcnKe@+NmRMQ|KR$AzU^<2GhYy`2~U%>9LS#W
zTP`*O5XnKyv79}G-EMLfvz3~rn<eWwuowL_@lskZNGe=P#m72U_<A8tQIKgO$p8!a
zLa4YNG;zWLeMkwX6*^;KBPTKxrYOy+GD%Vsh`XdCjcW0|la@fmi#ln%DZ>q4{L&S+
zX~6#G_j?ZrI?`FX(2X>+)Rd3t<MyK{QXbE6I7VvdB|xftCI^oO$vd3W{zVt&ZFzE_
zhxIcrk1&_;F`oE2J`R<2&#iN#6R^WQ$!`ywo#zQl<DFi(#G;ZYb~_ZkP`-b(93vOV
zEJa_Ij-BxW3}H7}9xxCfV(=2i*-;C*Wn_L}N^nXqq7{CTQewH9W?)$h9*phc&bL2Y
z^>?mL^5G{CO%vx1Qb7{B!&Vph3^ZLtmG9JZ29o_Mmo_LG-SiF5y?F}p16ptZJ&w~p
z$B1?k&A+nlNKq(2=ORb1fTy#U<7)8lMAqIV%<y#B?n%hJ@izxRSbPQ9l)!ed1zz1u
zJl8l?x{{ks#K)l&wmRc7dBCKG#sR|W(Z+FBZlS1MkLS^_>PLk2;NI*@jMxZm;T}x4
zQ$oMDWse6!XZ4KOBWN@cz#WUOH-y+^5!;PPIgHZQTPCJAJ;nWN@~3Fo-gFSL=_^it
zFjYe(jgdZLc?*P>R;NCVZQ-NoV_-v<w<FR9twVrCC=l7_E)sIveTaXIgMzsJdxTId
zV{wj8u;%%frM&n$YW@(jjtgdD_?JAG=J)D$U2`iGs=Pr(j+iMafKD{NJL2j-)NmUs
zy6I3gD&45%We|UHrgnv)v<XGOQ8No^2G_)Q&VuN=OnyKH&IO%>H1LzWD-De?VT9~b
zGiMSXzmv)|9rTx1C+>c6siie%RP$aUca4s~wcW;E<Jf5H4m?<ukqDHAVj&@;b0gsw
z93=EachgAJy!m+p5Kx@lov30+sT@Ba;S!4GQHRJD6a-CwhNF%}sKz0yZ}&t#uE_g;
zLM%rG2uDUL?HQ{PuDWSmmj!!+-E+r?zzY2i)Y3TZuU^KS$B5z4$S)Aa83GwWB%;}v
z!+MNEZ8KV$sZ$zZ;UEsWIby&cbFEr(aCou@lRyRhppMc7;1*jl5_dI?1~^5uy>7o|
zDK1Qd$KGUc7HitZy2qi)6>K)`2o<P1B^G?K6%w9Uv>21dU{&zQSq#2qDi!^p%#s!4
z2w{&x(I_lT4nv&u=*p$>Rj`I;${*t;quaGbVqOY=&bLtOY~1#~AMqyOGTE*sy8LIk
zU7f#2!s)OHOs#V}EJiUdxazM}L=tYpwlx^%sEpmwNn%=lWfKky+I6B$LrSy9+vZCu
zT|*TKQY~@7y%5wB(?$8;Ekib;4q5H6IPEa2C64U$bmI+ug|m2ik8m07)I30DN0FSf
zCQa)Qq<v&JaryI*ME39;Ek#+Z6HI?iu9y{$&D8P&kVEka@!1PF_Pm`-IJZ@Y^-#M?
z^kZ-8%hYw<yRIEdei>looKUPN_W=-AEPUrEd*477r21G9I1=AnOx$pcYIDW6T`Pqd
z46oCD|FX1<{)m_Cu@*E2dnvL?qVf}OV98SPhRdnk`$-;8(xY!uIVYocoFOzrsf8c<
z1%W{dghm*VX!66vY;7eY2QOug*2(zEwLrh`ze<se5Q%U94k<^r*L1?C!${~K+3Vmx
zIF<+ny~<n5+~8b;2FA0DJf|IriRGH$k-qKX<$;XS=gj)VCLo<qoR7SA!Rkl_f7O@z
zBHPKsv~8mWfjkqv0t_Ztu?!8UtRF=>%xJa%2WVM7?TB*6w7_}m<0Gnl=)Wbri3soD
zPY|OZkkJ8HXRnTzrkzh)2zOuUA7_-`<Y?f%vQdy5p%2DE2%m_wvJEkV&f+3`bLfJ|
z2xk&<=0DRusTPYdavkF0UFTBfYVr%+m`w0)-y)>?H@-bEOQZ~P7zPrKBoT60RzP|I
z5r2(ZU{0}Gvf<P!86F0kekty@#O%~*V}zPV`<F4|-+iG8?%-hr`JTx4Afnm*pv5PU
zy483OGE`|@e=?8FY9xs5n;T-S&mdp4UKHHzfUtoaGyN8E_(GAo$(BUi6jY*d+Y818
z?t9OIQYVJG>aDOHES{*8QoKYkIuqOtDA%EpDt7iLI^y@sOxNV1+V^G6SOi_oS_bx7
z#mQ3zLRGV<j71p=K<Fwv1}~R}9XuSU2n#7jiMzb1zbBZ;F8@fA$E;@@yf%`nkB-Ul
zPeik7foKfp4_>n&yff+)effcY=ahelNqyv`D1%g|Mo4#{M~g7qOa9$5?u#rL5GQ#W
z{|3#sTQQQ2V?cFE?Fg|8)Ez>6RreJpLQzICLhp_Ei5nqJg4mgq1;9d**To@<!`eOM
zt(_w3p$O8OxghU|j)>0)>5uvg$)?9;dnI4#y$5{fOD@UePmzy&5`X%WUw-ow%17;k
zW-)*D%|l)K;U!8)CFXm`NFvk$Xq!rHqp84?2%DZF6nVb&<JF&wb-nzQP!JMv1u{%f
z2Hm}ml=-`ihl98}I0#qE2ABe9Bn@qI{D`l*!z@(hl*eRdf@Dmwxc3pa2O6L{UB9(Q
zxE^!~S75I3NEnLmH!uCvpCo^A>Z~UxP>DRL4)0l+P_X&!GKFYQF>wU~P_`8)F7LKi
z!BIqrW>SI$OgihThW88A_9$oW9=(J6N}$A8=G)hm?MU&df`pniGk2cdvM`4GtZzP?
zl8v-dZYF$RI<POZP%YMP+`!d_lyhPsA1?gBEF%nYW@bY5N*AsVhe7alGpvi4#nJ36
z*WyVQ-J?J(oDF*sWRC<;Zc!qS{x&gemGW(eEYNkaN$a(#RyBYZl{=)ex8Lbdubgb=
zQ~-O+fP_{a$?8D7G84SA0do1}oP9z=#j!?m5bvxdkx<qoAC;9i>I!DWXa{zCnlS8b
zX!*IGj|+Ru{VffGT<L1#v)WFPN60!9+y6(~{i~E`C}JEo2!00e{U_+lDr}(~bv3}h
z9NO)*@&($KcG3a`5-D?ZrLC5hLW0?jL6UjJ0(+nIdo@9szKV*~jacA@?$BL|hgNZy
zgoe-GkD#n4i$#nJ#&0z^h}+Mo1zA5ir_eg0_kxKAv5rCG{{nuqwIB5BGOY+`@8%wv
z{LU~g8S>hEa8&?o(R6=rr5sjDbEGQ|4r=GsH9N~AOC8~|%lxdzLUhocB|rW}C*EAx
z!BZ#mEN66``!*XFud|oMeF-+el)pBH@boCvhW+mF!_90%{p>9JB<sL$7r#*vcc;>8
zlm&h_d@M;vn+$fg^!Qc3Oewjn!9+zeM#(45j)3bbq`(>=4=S;NMoa6|b%fXkpY{)1
zh7|7Q*?@3<BIh|$F|L25RM&KlJ(_}qrb&Xj)4l~Ed2#$)aXcP;`kolfK`;>jl}4(f
z#p!~S`n?RthXwH%{!>|L)!2qRu-3;(GEV0~+8jF6$cR&HU+l~UEa(!&{Xlt0L~K=|
zYE+#~ip~&V1g}}|+!fEAxdxR_gXvglLQsW-1gES(1dkM-7g{Ueog9j8SoZF)t;1g`
zRAc%{dpQf~tAqD0_N_=I&>r|6AUOiPcwkSwx$jAA#3rD_H0jSI4b4oVlos2c3d&Lt
zjb(=66R@eWeg)HI+}^Dii@S+^`i1o-f$#*ofwX{h6P&%T*WcZntrpOmnvdl)-P#l@
z5*;UzvJo*vc$j+j=z+$2@kAsR=l9YYLoqngFxoxdR;N&sr!*qr(?M9Bffe~Y8%*y|
zGb@CABky$;JR}5e=S#D1krEge`guNx?gFaF)pYDp1wUmWbmzDd1J8Zcj+z!9%Q&2i
z3{HRnE~bHT*@^9vLRSin<B_W|O^<Gxwp_P%r?h>}zxk?S>=FW8E?Su!aS6Y!EptO>
zR;bhDA7$(e8|udo1{x76U&Cb7Rr-}Vzv05~LpB**sE`yTwy{!lWc(@^pk8UYj))jl
zoN4iT=*OKYM*Zr&{T+zl><uRM@<ye*EI9*+HT?QQg4~Ek{Mz4P&Hza4=?z>t6o2=T
z4_NS!?V!m>Z|7f}OZ}|GAq{Zq@tW~#!(GlRg&+n+uKpA?n=c=XsempXgdY{Yz}lmL
zXAsGqwCK3owJ5!`Q_Q2gH9#Q!g+pMVD*C0GOLV?;0G3weCSUmXVN5&i_lLAv!MZMR
z)85voIBGn5(}*dHLm8`!DESLrH$=TSWk#AS&q+@b-rRP7l(2wwQDg1YO6W1^RzvWU
zH3L4GK&}Tb^htD-o_dTeQ`HD&wB;2AQOB}Rv6I~+dn$P{q@^hSR~=={<jdn>7hK8$
zs?rO2?8LtMOOiulKn6Qzr8q@gfY3JphA^79M&2mr=UMJMBtMQSk*bghg6jDqX8-s}
zPEZvl$Z}=HUEzRy^Y=3HT^}+lN^+_H==a}ZRx*@-K;h%e`d5dV)MSk4Ws*r6Z{zb`
z*~}tsekx^EH=a~Bd@<_BZ|xLK3{WI?a&UQMiwWd!RC(Xxp=&ysUVf_^B2sSwQtzbi
z*82D^6tQK{TPO1=L2mt{p)Jb?##Op8s6-$6EZedA&HFQa4!SB!-e<?=0glv80%e9r
z#l#y^o{rg`XUvT)X|w{2cqR$cl(01pkrp>)tuPny9QUfd4zjs#jq_xn36;KOhPo5i
z2_4H!4`PRCkC;+03D3As)1XdZ5%MLaWrW`+QP;3)$m(^1X$Sgh&x1SW2c6qit_Ba4
zRcgE9jz&NJ3a4w~b$mlG-Sl>_^+{Fc>X{cKtGwN%8=Y=>W?{4wduss8W)rn$>}J`>
zd)J_V)HJeRO#wj;jxr;4cnO2k!=|TMig$~o6NxgXe3s)n0kX-X8k!2AM(vb&U96(v
zS5y7)NzAjRF-~lItN}Aj4J$0fw=TMLB5!~rA>$#k@-{zPidc$b&(z;lb40>8WIJQ~
zuab58BP4T|x{9T+Q2x^GOkv&E`;bAjZq;4p7{ji2u|vLbiV;g~8LrKex<_FDG$5|H
zk+2+5T=%di?`I3^@QNmIIODn_*V7m3DMpQTam3xct<C3146-)4`Z7kTIuW9IF9Joo
zQRyu*V;yE~p&K+hPjI4G_4qOtpRNkJa`aQJlZ#25#{@C|dK5pe*@!bz-<eT>X-%Xz
z{m>HC?vVeMUNt}rAFQP|!s^`L5;V63{bzbQ#5Vg3`rNos@_Y`kqcmn&CTwF7%4)WK
zs30y|9>Fr6Yp9GUMhv`$a_9b5`4!W^?O+q?5G!%T#n}^?q0P27BDZ}F@k57c?XYGq
zpllSL@olyA;m@QU+KRU=bSFR4W*1Rov$2WZRZ;GudJFjxNcYMXVj5~uy8)_Pc2`H0
z7Ls%u9tsF7Es6z>u7at<lkvE;==rv7Q&08!UI&>Qwrl?k2y!ws;l*XA7)7h^h&V&W
zHc6B@IMY;1xKkIroyyhi*)X^}Kt15<j(Xs>mE}&X+{_o5TX5Ngw+@hWB1+Ws$F#S|
zv(Nm9S-}*Od&zoP<}T#E*?Vp1Usa@~?_@KktMC<+ib4jI+n~k$yUX3fgdk@utft%A
z0(oNQ_`!$L=wvh|(@ANpwu%|V3bg2(Ku<(i{0uaoO>H5g=4Tj&wIC4{-pz@_xN6H`
zGGv@OKJ?nNwKjsWEz_o0x?Cw&Iiw>=M?Q|^a14xD_!@`T_4d}hqI~6rcz<ymHv|k2
zlO1doe-E&lk{kzL^x*<6jsJXxV%x(U;2Z5*5yweZ#V`E`?dS3{YAt71p!}XF-F_}v
zE7ty3mu+VwirIw)1;5t6yfj6HKxN;Wn_#ZISC)1v8_x+;9xXJzn(g^f^w-WlRBC?a
zO&vzY4bwzxmp}Xm$U_0gu|Z!)6Z1ADmb;#?05qUpXX3|R`88AV=HvQ>xhuUt;%BuE
z*{X3|ehlUo@!1gIMEGSrr(dcE*<Xurt3>wRxa+Uj+yrmpbCb9uJAR(0R?P)p&##a;
zC?z^a!M2DX11=ktKNV<Rsa>z-@+%U-6W4`2y5|R^duumqcEWT@h`y)j*|}5H3?;lv
z7d>!~#2|j;v0{`*)q$`q=`dAKe^lFy0JX)*j+ZVm7rXiE+M*Wp6`cwva|Oj9^VKa;
zODi+aEgdpB-u1nO+?BpZNj$wdqm@TyK)<qq2xr~tw833b!Jb-C0^4I!9%|ZY0h^tv
zd0RDfnzFnKxl4L&18YlybxK-0w_>)N$Q-yD-nFUqZpWn3<nN!)pD#f*3HIY(hn5#M
z$>z~^2p4t7rTrvsD@yqITd6?z4La;4NGS>nWEBv_w0pF?LIDERBz#Op`}+PqQVwkR
zN>%*EVHJv8EN4-$1HajV`N2V=zXTy8zR*)YzTcZc60(Ef?}7V8n8_mm@8POglm_@~
z=}TR|Q*nr2c&z-*GWZNohBh8;PPRquQ04-%<U3=^a@rs$;Nef|L&kDzk9y96Fel71
zxanAt+G5!eEK;QZDW=}g;-;JB_VrV0xLKLYOU%4=u&I9THQ2clPZRCsx)=SiaP`>Z
z-O`heKFW6;HzIAShIGe`S%NmOwgQ?7cU&Xcv14J3p?>hDW3<P&`L>dp8QE8#InlD(
zpll61VBomrvZleK40z0>KX{_n3i#lJx|WEwu#+6Ai^1`!dPI+&Zw;%T1^l|luWlb1
z_gLJc$4tBaV3F){k=;UHZNXIkUcG$1Q<Q@eXW9B|+p((-e0dx}&$^y6?g>cq-#B3d
zxdwIDd};ax3ufYL-q+FD5PY%yVXxf!c}`c>L;>Eozi!)cC)`WnJ|V*&sGl}2=e0~&
z9cg0v{39SyW6=}OlD$P0%(dy67S4u_3Tp>UwD)@J1-*JQ#Kf}0b6+z<E+gRF`%oi!
z@k<)#4&NX$U?tsuIm-L};Rev&f)BGS*S^P5+J0@wPL3_Ox9i|lawk-+y&E{z%>iE7
zh2tfb_23Ksc{*@CfsrLvGvH@??do>>`Sfzzopj1%R25<RXoW*0v)#l9V!u_o@T3k;
zqJNU}_qwhU-Nsr98m+qxFF07f^BsqW{V#l*AD{LWh6`r8PGOlf1fXxf<NhzybnAeG
zkZ#>b{wF>pxyF5JG>dXm=CeBdkA)%5nH5zQK)S^5*m}m!LB*$UB;kvtsx`20G;eyA
z3}aQeBl-9TfdBs&Ezs)$A)F;(V9S0mVCetVFLp*&_P@;R9BqwU&6uoR9PBT<KixN^
zlK|?se|e2J0m>_aNtN)CyWDz=9+PQ$H5=|)CgZA|qkk<$NNEcdFl>WTsw<xahVnjv
zneJIf5?hiz$wSx#Fbwe^k|J@@g@dGkDRFaCaZ~dlW(xm*H~*$t-2LHl2-uoD^zrz)
z7tVM*ojk|#2$8N5{S?AXIRxv0Y=yDF0|524bGKf-xx>8KNWDfZJqGqmFs+kx@UAZ}
zDYzH*>lBqA`we`QL}72MH&JHymEt4L?dR~ngPU+u>&_=EpId&R0I4Ti?*pa!Q=i$)
zm%yET{4(^Z5fgyzbMmLaAj%)fQ;V?GP%xX^_uw@wA#-`J@R%N9R)69bK_9~$OaK<f
zgpeNvK8UFLGuO@3R>}4h=|S~;qR+$Dmd+arwfxy6Xa~Lw)4`RoBf#WN@@DMR+Z)oM
z=Jb!;+mkKJC$|qv@uQHE^zJMb%B$D@?1;}h>^{B0VT+3Eo*nee5W&6B)yKY4td_`T
z6ewFE7M+aADYn8P=8BZ%a(pgF5$J{Z7F2OZa`PfJbx#0rIV$|N?jb)mxQe`Z`FSOb
zf^?u^>{)CmYm2MHS;jr|63-9(<;2@SVU^(iH`vyBmqRd!h?FkhrSoD6?4w%Ud5lVG
z2CCo!J&gu<g+^#+RF9|Gl%__`elYeSsMlBilq)HszQKR$(BbmXT`=*efLlV*S`nCm
zyU3Y=18}F?)-Bl~PM^;G&+D(R^p8KIVFDJWYnx@9hX%vXG3c%-vIG48)_I86g5N7n
zpjgtO4#|?5T+k>S#9?^4!82z@T*Bw?KkL#W6_~j~9V9UgzwZ|OhI~}Vl=dUS>;3z5
z|6N{H6AC;*S>nV+N<+uk73fW%<ucKgzx3a6iCIwI)!PY3^PWSOk-c8d^K^F*F(raU
z*dmzQn_8;ZFlwJQqW9^1*kii&(Uh0QctVz=f3&Y`Y7$y3UILemfGB6`DW+HM<4viN
zD|=bMl9;x68xQaY&AgD>C=ts(ND{{v(A^Y#S7)JD+vn6dQ`FNw22Sn|p8LjwdUrPG
zmuR)ZaZxlvR6QKHQ$is7nZk=a>vdR5h|7EB)s+5H80!g<V8U7qC#e-y_x;#v>NHpr
zjCm71naSP`|6Hp%T;jU%KDIaG`uoL7Aus<_5@$f`!}P4DOwMai$+aI`-u;S~#3gYS
z0TPaZKlREm@Igai0~T|nA7cV5y{9|`EHHO+d5uPS`^%m*Fp5K_+)~Z4Wm<LCx-YKg
z4Ui=JT_i=fCC%Nm)hrd3MTkLb8d$%uKk_othc2?hcoy4u9L>hu3V&c(S7C)_rO_-B
z7t$;`O9VdhSv=t9X!$hdXic6>QD)lq6u<HiB%pTp4#G@F0gUT^-%Hr)WDx(R>L#eh
zAUX}6Jyp4<XT*kWaP8IQt=T+RnfIEtN-teK@cZdl%h+4?6e&3^-37>(X)3WWG`!c&
zJeNi)xf)SS1_;Xh?K!3?shG}4DaEQ5)XIn*tYLo&Z7$-bdg|AkaI_7GWVFZ%weez*
zmuQ1wba&Ru0RDSiBp0l?v&~1Zm!>6~*EoH0trsX`%^~&M(>5$k8yxMtaF$<tgb-J_
zh6cQgY5E45ryJ{+Gk6eH!xl{UyonK4z9H(s#_HmfNf6i*9agM!>vXr+aM@NltPfph
zmux$|*LY_)*-|HmUeM1C;P0$h?7fvW)i2W^)H{Bn1C~a)tf34@Naf=Lu>v^ur;RL(
z)@!*vY8Nfj+FSM+vHs0A>&@1)m+E$!v^m~YMrIC__>+zGGtZA&ZGXscmI)-laqMmL
zLYqgLz!16bHQQ)4+cGBynrNJIdsHdZ8ts<~iyy;G+$*ob)|xBR7OFM2!j`5@_m2NE
zRNwpg0XX*d5uuNg$^oI-*%n4MtTGIni>7<(#E7j!`faKIfqrkftuvM%3@~*gOiHBl
zn76{(NX}ki&O7_Kow`#Ywx(Ga<=$L0I@*XaRC7l`Fl??1Alk&rtRuE^Xtm{z4%qqq
z=ggLVl`MXDnw1B>f+mwS(LxK~+y>0qqwNM@$6IsR?dStN${YJXijV3jZ;djR;ocJk
z&&*kj6*$iI;U7n-ddDxxARM<1h4~7%jxrlw!KQo;k*VEVtqX2^_Z90E{3}H&L=W}8
z|MPdIOjFYa3tF@79!^u!LLLM0!k)6ji(zwVWuVEj+2PSfu*&YK(|*#njT6{ts`|{c
zYPB<N&eBt%?v}^7W||$~``<2IhiPg${EyQ4-wD89fY4s8JbvS<42s-%ok7-Kw)V(T
zuUTQ)q6)+=UWZjB{o`ZadBbDhyxt`36X#Lf0Z|nq35(FiU75`$XNg=K0TjQ%U1IPB
zC*if%Opd)O@>PLRuyX@?-Pem*$g6G7e2!ptj~nLc_IpOp+c%v3)C)7}qt%h$8HezR
zX!^zoTo$d6i{U7QVU%)b3UG`Lbv1|>3)^c9%{Gu%2UiGo)m%ID8bQ}feO0Hw6v~w;
z9=%&{IQVO9CG`Va70V%^@w`;8`MQm;j1HxC>lW}A$#tT2!-@XOpJH?uj7+uD9`vfN
zINr?{tOI?z)<*|vz@fZG&s_<Y+{@v!o8|wb%>I8AMgISf(!7BGYix|uPjbd>1B8JE
zR?<J#WZSLnz-`oP(!v)9sh(<&nRBQ|@KxP{Z{N67$=w)>T^)IZr}cl+)c%hH{BNAj
z1^g5!h<Wov-IM<`!9yCGUFB_@x9HTaowYJHf~>U7TMzoe#%kQPn=92?JJ!NXmWPsN
zP-9WB3=b7}Zy&;xLlQ{>VU=utB8mi7>*5kK79x(9n8|dnK<p9)U7xqCStg~eoq-<@
zI$w16Y>}yzbDh+;LNMnk!U6~^f6F#Ky$5Lq#^U?p%Q=5T8)mB4QpBgtnVD+iDCQBh
znsHC_ojn-|-}G_)KHyTQ(ztLd?6vdEoF1dUJvwtO0Hbi2$SmiMA&>ch>+;eL)(%N@
z+45=%VWL=Q$jw@4)#<KXyKLQaUB7q`Ikg5Gwpn`TtXgT=2w0slJp`~lA6)r<1|)JH
z%`Xs0qD%Ti2?^GS9<lwMMymVJ`*#r|f34;rc=-HR4|TJ8(ad=q`oKfb+Ai9ak7%-5
zgCN4Vaz(y#EquqiSsiju!ELodf^i(#?yzWhT37|CgdIxZ@ABU<f_1JM-M<Y!aOyQ{
zfk!J%_+ZF3eFg<{mmR>G?ehC{<wmph`eBV-L>Hgf9HoO`e3zTw-}$1nCAZEYXL*7T
z_EV4Q>~8ID8$SCw(e-X2+cTp7xZL9Uxn!0}t%*|laXX6DPO|?ksp%2RYD>HXpGW6P
zR|r@GJKntHi*@ftDbwgIoa~N8PSmh~%R00>PHe4E(${X<0M4{)6bHE&f3#l3;`F6e
zx;1Y9_Q+P>I^(^nr1HupAg`N2;~3wVpm31O?`pEF0$r&S;1pO@;=DLVBFc-r1+3Wh
zNj4avvlyH?JJ_ghR<Zu4xaEFqW0{(n(OPG^%q$ruKuXky(>o6N$5IIUZyh%sqRFcz
zFymsW?WeFYpz41Xx&Iy802!=Xf|$<wFIVuXL<5)#1}dpUT#T@5TeKCb;7_yM#ge;n
z6=-2&|ED-xYP(kGdA?}cyxf6PZ>3tt^8G>!ry6Z;spIIEj`~uqT4e3@mHq#-Q&9bv
z%Ph8<A4FqAw|}QZ)>7PBjho|tv4h)^6GJ0#wpgjS_1!%dZ7W&AO^kB+TQF1PeY|~I
zPt<=myP1y%%V@gUkRCD*FFK>ernSHaXB(}FAt3EM$y2qQJD2q|iRbwR$4Hf<EhFu_
zTPw`{^+4ICBw6FeF5~I1Y3pvaD_5HU58D<unXU@VoEbb<nH--G%-`^g7z+)b+TBZl
zB(^!HQTc*nAOH4QLXVaW_c=0)t<I9YUiwfr-|$(CX!=n5D9<s}G9@ejSie5V$%g4+
z6dX;V7olE~B_$(QyIJe1#apcpbeiO8Ld_fd|0bfr^~&OOWo6W9=Kl;+3tehk2(IC?
zWNg%Nvui}LoafT46P-P?ry(Ah1gc2?{NGeLCUNWvOl4+UF!D~V&`;F!b=kMDZS5T`
zi0?9^Rsq!M4_ShG7!K#+<?Jwe7$?MM8FEs|Lru2DHr#JDWp+>fWMHJFDAgl=0kP@?
z%{_7*Zmrjr4(nWQl?(s#)Fs|+YOO%VSUb(tR<m5B3BN`XdumAyVEIHpH9=NKX<c{g
z%c_|k&gNVDKhaYB+CS3&<G0FI+mBvnfw|cS5`fMJ@){O6`PJ(nk>)B_?5-3x$`n2L
zOy(Y~5A&`q;T13%8{Art)N`!|q3G#~z7gHp@dogNHPT7WRV-yQYOMVEQ?Zcye|kHL
zzq`uF1Cv1tmCH_>TrhYdhb~(Koiuih#}D2^*N^yyo=e~F{vZBl63;^;Rd*-ii+gbY
zK#v}}2|v*!vzmI`UV6;)gvpBxy7l18Bun0`?bKOc=gkSsHBuxAVI1{W&B;J33UB+5
zf`H3U5+9Y9HEnDG1&*e6-n;~z_)QrJFB-tm>~=UMEXD+><mU>1ergwn<Y1hJ>v%@Y
z=I$U(5uD#wrf)F1QEM?;xsUbkkT2adyaR&%3vV^E=A3)a`btwSgJc4PF%T&U(+EkF
z?d{BCtd?P7#<0aA(ByQY;83J_(`ri>tBGf{em?gkX`HlA;u|3HvKP(+qKtbN;08V_
zhY(^c|L{ES959>Q<zn7oC4KidE*VQ`a)ny<9Cbbt`&O<|+4(yl1ljjd@)sfu_ftq)
z6a=kkt2~R5dTFxl5dFl<h8B{y(}B##SgNAoY8c|QC*(f<Zz-hSd=wY^T@5-Ibf-C5
zc2(k6uG}@qL4wE6@r2>r{I{RiBg6o2-;w_AV;8tIMM}U)V}Lx;My7Ww@kFvwyspV5
zMYo`3NZ7zg!$LOvpYncDn%I5n8G4secJd%xu<V^^k(~<OXyZZp6GZI*MX~3uod}-+
z%kKO4BNW`-$z0s@jGX{O_V57cj?D_)YfsV>@UAx`=tQYK4Mbv>!l2$=URi*s<}+Lv
zkMHg%wwt}|^qHAis?2Jj_qI2h0Ao6;h%5hS6>3co;8MVnltuF0K&F%2C3yata<r9a
z7vVJ?f*hj2oa05bh+_H9O$O;~6JN&jeCK|3$HUXM`HE63g|Prmv4B^mJUEIT*dYTk
zj`g)63}a!utr*xwR(hw?Zvy~4Pf|aX8CX-E<{%{7fV%-=Bqom@kv+@v*G*3*yY3xW
z*Yqu@0^@S<jT}Wt$7sb~lL4IaHOnB}KMsHDtlVe`Px$|72TTsoY&8w_T_*<8U{LY0
z?1%DbW!+X$jyB;ac65|E@v-@rS}`;E9!zs*P-)uK^IX%5O5%CIkO1St=ERmHmUeuZ
z=$<eHRpWwo0>Apw(=iR}fxnB0t3(H<V{Khsn~~&6@1Ufs(sWw}dTnsYq1={0N@hNX
zmn#>x;ZN4I7s2yG=q|4dWJ82im#e%#ffPD0++SPplM(-Y62nU*AyMikE41n7o{77T
zX?`ZA_t@Qy5#E75V*<!&)88d&@!e#*I`UQzvIisP<<X$HwWs~N_uLJukdIaRLIx{9
z-=PX14KEx#a#0Fwad$@$@#ds_TysrDeeK1Wc{VuNUMK~z8K&WCi#Q5H&}#77&vP`#
zPqt!C)Ts}k+XUFGIq<(Z;6G}QWLsjW)->B_3I68n)VgY}j0LK-)sbyCwHUdor>F+&
z)Ow3a1H@lE>MZ&fNn{DDXDffzW0{rAj^(VL1wu4c=dD$n)Ng6mSi9>5XfO6BZCXB6
zGLkMp<h;P+EQ*-7Xu~uji&AyFOc*qj1udnuG|Fu_j`tCG%R|n=vf5FpFFUFQNt}5e
zd#ldn7lt944+3PDPyoe<4N2VI2)eD^Zm-X~<jr>9c3wx(Z{a`}d?EAi%Iq4R=z}OZ
zB`w9|;8%Yzun&l$h(3^EZ3VicMmy^X2iikgA_1e5U0v(?KZ6tgray;M>i7T+M!ucK
zMVeB=_p#7;Ol1iwmq3AEPEjqwbEVW`yzH;S#7L)_v;YVw`P7yEqmC)Dt@vRyridU&
zMZa_Idz9TuF8w!=kP5rU&|BEhF0Q*jKut6DI^C3Fy$DQBbNU5mT-J`<tl#G(wr2#2
z>73=a1(T!ujezg^eQjOh?>0h_t)a3AS9}~&W*_saz+=u<n8}}m?o)Yo&0rpD&Yfz}
zcNB>y#K7v_z;$S>{%W!fTP!N0uS{uR&pQ}oe+|{eb2YVEbT0yb{Nuqz8L~)-Hg*8<
zv^DCkp`9kT57TZc*afKOSsSOrQ)7A0MW8$P)v=QIgN2+r!+>Eby993tS`c)I((h({
z<sRPDU$Qo=X)GwxMAkQbrYU0Qx#G~G!4<;20}%3*>R}!X!s%PO{+s^ylE5FNUS+0*
z6DVW(fR1X+4OWl%ZZ+AEtvCu^rPkQmfUb+?gLn9xjidVfAt(Rx8!KS58PixJo7#Q<
zR%+oew80}52-OY<kQ^pbS>CJ9b9su4bn73EwcB~cIEszw-Z^`F_aj+mGkG4}T5a?!
z1q@yb6L9*cy9~d52r|ea`_|sE-zn`Sz{@Rh-qqc9d4;~7)^^=tSJM>S1a-TZKM>py
zgolqfflV?oNEiaAvyvRjL>x!ZjyXe%0ge4&1VykbL+Pveo*d<f$A`o{ypQeESssv6
z1`pT_Map;gv{~C&p^(1l^l$h|t(E3`m|oSp{F*9d>^w&F2&gZep3s16@+Si`#G6Pm
z6C*ib=D@DM6&_+_vs31djp(r2=L<8!dBZIP^HD2UrZ50t^7HP9!W4z_WNJQ1mvOCa
ztQcMpH-tgau4yGqGi*qN0CV2H{_TIrKcbWM&mkSyeBFHg1j$yEXJ;)2Pj@qGsXKnu
ziVo~x?g~<aXnaza80ggS@`NLk%?>+5g#3Yv#K3GzP(Q8~vh%cWy9*?J1S$W&&ne<Q
zjhAI>u0YJlaG(1dN6#Sjv%5=;+1%|pi0PrT@V__=Y)dcX_a*58(jmeJE|SJCM{>Fu
zXL2oYc;yyF0h-u!m!I&fgnNP>FoDK=y{LwlMI1gvJ=n~c<&CD?w>j#%b^(FYoI*g3
zu*8*e2xd+A@z5Ly*BM*7#_MvxU1SkV<ylbEZ<ivB=GMsBF20Q`X1iQnHU~*_F5F}n
z=i}3YZD7{u&1eE=>}2FD(vap)4qMtcPZrxq-Ze<mnfe9o3-wj_VX4#|6<<=$0_gSq
z=wrfriCWFw7(9}<5u5rKACwm>yer_fV#`xuNwogzhl&s34`<dtQsBqE!yD&LcRYD<
zvmb#co4t?JBn4Y98_!R>C~?(OnoM-*4UPJ1dkum5ncNvc8ArGy#n8F54)4QdJzjr!
z-SzH^g$=zfcan`z;RvEeq}U!D;HASwlniBfvb<L)KB};i9+_EgJ`=eg@9F_7(mP~6
zC7A5ryCVd`>DXm|yp&%<H#2cfq4Ip|Pu@N1b~j%hi84%QMtgQF+^b3s4{@1sGan~V
zi@AtXUO+1mO_@%FL3S;AzFF~NzB5-sym^XtCopHTT&8!qnjnlL^D841K4~`!a-Y5@
z%ja3MS1WiAIO$kNuzxxcJO8D)SbQdE3hAz!V7pk`J`l^t&<<bV%W@C&a(PP`%(Tb8
zg~XUmlCI0lW0DhH!-)zFZj%|krM{@|uX+EjYJ|ZQ`6-eMVLK%Sx)5dZI&VtoYu*^j
z|9p@AB~cmcXA)-?B#I5;$<oxD6aWVW!Ko!a_$ykeY*##(8}BiQN7@mXI<(}1`7qRu
zLnx@?qLYL!HSWN#fU|Rr4E}YNjMXsK)mbXm;3}PlGCohH#YdT+Eyh;!PtM^`^;uGA
zlQ+a<aFIGOL_EcZiOdD!FHNq*4*^O)Ns?SYxIc+UU)7uWsqc->z>~;3`<F9^Sn*`I
zkdMO6o-2Ezsj>sHVA>@hsy@OXCjM+?kLi-mU~-+6x~e)q`8h(--(JdB+~U5{f_nvn
zT}PcqkiOE>hAVqBjy>@9i^LT*>(A$qegr>aBz-#fu5GCRTI@C1cQz|d)ObTL6gG2c
z*g+mAicAyK%q1P~nAkkDpK+H)XA=G_zcEzw2Mh%CW>+9dNSl>_wq;CSjiB3aB;C6g
zp9JWGuzFJ0f-z$*Pp9i*Ju>v?EVo6%-UX`z!a0SMYa%<R@qLM1#wK;lpXiz(l2$=@
z@4wHhH!85#5EVTa{PP|?$Pj0Bcb;^gM<_5LlAe2o^K(sallW2R@S+`~1>DcQ*b<>l
zc{{qwcVVa3;(ts)k+m3_<uZy{;WS3CvP3yXLE#Xbh4!V`0KF_J26+3x@9#bZeeJrr
zp&*SX)YUH-9e4s6SEhUR)n=$-!IYla^94w-9z<Vnc$&5m4dW`QCk#=Gu>yrqwcx8Y
zrui2h6-T`A?KE!(C8DyKK~|~qo_dt{jQ+2<+R24fD!v`y@pS%<s3k4_(eZiCqEn4z
zp@A!JtcfJj<p$}HkxEGL?nZJo`0!rIWNBeVy6aHvp!>$#uWqwk2uk*1$@Vt&j1<SP
zZc$jL1Rw@`Yu<dKn`ihql~aS`FYS4x0`tp*u#C3J(jeBeB02hO%Hv*7=E7W_{=#hk
zO=TV=2*3k!>Tv@s<gudE2-G*c_69!`k;55p^!aoO1l3(u;842-2|A8r;YbMtNs5`5
zs+ffP_iS(_MIqHc&SQ1|p=|4L|F!8U?VAazun$1y00sgOL72THIEW&zZFz$+eaam2
zf02<h8Vaz51V);o@BWU}*L`-stS;Mf<(G4s5Y#1$vEwQcRJ=$IG|u^vKaD=}!cS&M
zm`xQ8o8bIun=>-iH6p|QlNtjURpoTmGU6Xff3=DnCQ(<8wzBSm<_L0KV13<|9C38Z
zWH}~3IN72|UO$s7*jeDhK|W6Z)N72B_t^QNA18>Bo|4Hp@F5)gk_9=~0VQn(xrHO8
zE75Zp`v?6PKJ}rCo9SYWYH-<ru65972Hs>S$5<6fxq3CaY*p7AndozARz=%6D_O|r
z{dKM9y~j&apo~jg7ka%=R;f5W2&(>*N8g%@RR?i5gNbS^3v_<kAbogSV%=wr#vR*_
zOC`P6y(4z@4`PZf`Rq9gAQKG2IY6zYZsCTINW??AK-NGn^Rr<03}}k`qf%fbsdabs
z{dgRajX6dBS1HCxP1F!=>fxeBiB&aAL#R9>#tz=?9tC7t4t)#kR&=xkE!-sHkMFwB
zrl|yy^8QKlXt7pC?b2L-azexruOKH7>}PkWeGp!wisoR7{;hg!0*S-!`)$ynu$_g0
zp13WmodQ>cSNlv`FLD&6f@P)RmmcalIPwX5_e_X&OsNU9_g>sZvAR?ee`Y&V%vIt|
z@dviE&2@rD%bA{!J~7z^As8vQaiVL3;!XEMvJ#T1yhObAvDj*U{+J&vJ#5R6|2eSA
zw*qdNLnFYfhbu@yhDG>EaaL^e-vQ<;C2-BFhBoMa4NC^+!a|jqWgHK(rSX=iV3J9@
zI!~tLq6HUCR^<8y<WX=3eOH96#nMOab0fef_?hI)fN}dA3wz1tWPg1CanhcYn|8mQ
z!B+GjFp{|dkM0f8E7lWxg?=hp!P97PtK&-0?9oKLzLu72^;fAo(&;6M5&GXr@7Kyd
z6W#vp{@18?6ap@m6%J!kQcMv$Jd=1sj&k_vGdL*X7e^riU|*O)$I@|_S<p75?HnuV
zf@8bPIsRvH)IqQ~42m*=T1NZc!s!KE&a|a(39My1eBP;=y;V<cn8s>6_jLY90dAs1
z5NF9PzaLMXxS#YD&7rk*wvAv*sNoT0@S48ULg-mSv^^Ev7GqASX1EY|neXN`-6<({
zRy%GGajK9v;EEETQlKm)l2&EJ3vQ~AKl%6GEVUuy1M4|kysfmFIkzKHeb@xL!<yKy
zXhXXf5&W$O=t}}BiR8PYT?FMP;?+_XtAE4PK0TK73fvIiFFfxa=CS*O8Qfy)y{r20
zL|?bDJ*m!L!#zVZg=#!kM~@>OtvWVA&E++0ErtpM{!;d5fw86b4Cl&4WZ`FR>NSfg
z3M0$mzl!VY5H?CnHez(nmynhvGztG9=wb$RLb+>5NrwLr;~%+u9~(!be+kRFW>Bv+
z%jsST3&yXS8(IxV{lsKhCi=#G+qvU$_1>Ma$5fbDgb%17e-rwa>Y0ge6K4E2cayCt
zj$)My6y_fXiuK2c4<QELr1)Cn(CKT9I|-JlYi0V)-z&Q$Plm5?^buZ(5V4dhWr!g+
z)0am4S@BY?neS`6-T5p(?c4q!oAOTBee3Wv&fKwo!c@P?pv}|1K0Z=JBVsL}hCzn0
z<yU$&7W0-9BnZ6ef0f<LL;l<rpx?{H^g*Zs_6uN%FoXHsUT^<b?PiyIlYMXu!GyoE
zFpoJRy|8aiD6>z#Iz_0k>^Jg?<PFq*qV;VQDopOkmmlm7?~(1!+naYo;>{arUfg;L
zgxw2#&!ufB%91wXpoIz-JYC(J3v&aU$FfQm!kAGrVt4s}SA!IfdjD~UImY;h_+A2C
zEbbx<DH2fM>ZeY0NICFngSxj8ILT$Nt^s8(a6jsmuS4Q&xLe|(2qgEUqn=R`UnPzQ
zp9X<cFI!g1MbY0ISN&F5!KnR>j)(|e7=#eaYo{7=&+endKE4|vb}N<5Sz67vzyZ9i
z>3D7t!e5M16h{{GvzR17xnJvBb(hJzyr_VJqYaXw_A^Ar*O`9MgC>M7ebd^O--~jB
zzXjp;LHJiG4IH$iXtw8~egwtK<W138Z{j<Jp|QX@qL6u9M1De`Uzc7$gQqLeDs2DN
zqf*%7JZLx;cWwzqhmB_ql0}l005bwg1w%oF7F2LO6D1mQxfv)DP+Qu8Qj&EXI}CiX
zX=}^{aYD$k<uKWcg@S+IeMM?TaBuTo=sN-t<*<ajra)W;2j`z!C{x2wn<8~munjOM
zO4)Mz-4=!uSIin{vd(o;ye#A&rW_%;@HN%RkiwPGjGEoTLEZMfjTcn)fe4S#Rd6Pp
zYwi<CpB~e4))ojJo0Js-{EW#Ru>h|3PmyEr)Cacg8g1|p-3+o9TSmo|Zj4leXpBs|
z0y*reXyubLRyEvqaSQ)oT9)P*X+56sWL=z0O2GncTDD44+LfvRAc}U$b*sd?q-L%0
zELM1&FznQT=lNT15cUv3iMMz@&Z#^LLGd_qBR6UKs+z!_f{{Ur*n%{YKJbodnQk4>
z^%YE+bANQ4^LWe*a)(`Bjd?po>pwSECPwpN<BM1lprmlY>FZsH^z&3WAz=B&vs0#U
z@;-O6fqZ{Gl9#1#SSfopKc9-FKqb2N6+829=8l>ATQH<@c<Oj#;i82a_^@mh&dI@!
zA>l*4m|_>aTEz3Y!-(mrIIvt0b*GB|n;1}@qjNwd`$xN!ZiRF{{fdD9=HOzgo07-{
zBWrYYgQ+dKDEXMLg>7KIIJt!4Oe7?6;z~mE*oqP@XA88(*yFhU<C5aMX(PVWxqNqA
z9M?lvua{4`iCLbd>fv`ec4N_ESyFO{?0`<gQjWgQHmv)ZkhWI&7x0g|4{b^)Y5lK7
zSpR9SR?JvwOj&ex&+6pZV$CYMn@dn;tClR?X%j_$7bR~6O(N-})_9+ZUr@gR8aGnP
zk=t9*)1&ME;xVa09?9F{^|51pmhY+0W!OuidY0p8sJ3%+=10DmWj2la45IMuz2OCw
zWn9|~KPlLP$2O%504iJ<m??`N`%tuXYM0~vEK_W*hQ)bhHaI@Ggv*uc=}r@5Q=q=y
zQRjUM*W#D(Hga5yR|jo!^b?ZW@ga^qynVS%#nq(!T*GM6Zrw9NI1_m>rOEp^hbXd8
zIu^m-r6Cl}3@~uyPHr>Bj(Asni?mT;<=Qok#DXPTrKnaEfS9e`Z2-(Nn#n|FI<ZiK
zQ-7sz{4ogK<Qf6%axf1<K6}7%NYUt_17?vJ`nCf?;a!XcBC#NeCqB|dbDgSwEK%KL
ztD<5#w>}i@{%qeInqWM@C8TWVhhwbpNB^!iIHONWLy!{1XT8UWD^C`>!a@k3RGQ2z
z4;I9$%ingU^lGUcRxt#I#$+rsM4R=7ar)0y1ZRtI!OGG!X6@$*K2*ik)i9zVnK^Z|
zc~J6%$w-5L??TnubeWYK{(s%2m8+r8=1s=XH7CI|{@D|2GPe*HDuTLXV)X)|P!cd@
zIC)8x>?_0r*tpxMnKAL&^u+3PLCC+q9J3U0VnX-Ft2Y`rv=KFmS=X*Pp6fLpU>HA1
z*X-DN<SI^HGxWtf4f+m+Jg}KQ1hMN=1gp*`gO@pGXz8|nAyX^DX~Y=1DOMle+mE<Z
zCEpcoPgH^|O}nfXZN51ag#=VAuQyi{hq&bXFI92@4c1!C*4$MW&0(o)B|}y;2&9-_
zTQ=v6>7JUxSA~vJrq8<OLyD*z1!j*^=G_|H1kKt@mmO&)%Nxz!#cNe90kViJ<d3kE
zUFws&&17(;9*S#n>T30GAa{2w0;X@I0x3TEyQ1>Bcd2pT`d^&Ou?4{Sy<mJ0Mj>4p
z+}=$A*rAFNxvJXepLe@)2bz0PcPORk`rz8IcDGR&o%N;zqJhQF9!}tJeJ}PbfBPnU
zOn)9V=j1amZl$zcQk>2kgJ3RMRO&4G2R`Vqcoxt`gTYI|a??q~A^@W!xo=)3Owwec
z<3<zC3)Rh6{)07{kJhkUSS?#DouB%sEjUAfmD`4Wow^%tLbid-4d=aSWT}A4{_Tu(
zS4xP@bkGnwkzdTOG5)~cacI6HgwoWMU_C{Lv9VBX?G2s(+TYAb0%=Y()2?U1*%Uo8
zo3zAUZks~5my_Fr2yX5P3uCe6;cfS8v^6ytvj|duSk=%|#(qQ@F2c5Fqf*xxh$A2Y
z>&L4Ex07)6AHJ7!n7M*zTuBiq#-%7W4aT0~&lIMiXpaQ$dLW{xp^CEQD&E>9ih9$P
zEc3xiUh{I0WyYs<^BKo_u6^D3&qb6(Er={A33M(xy)C$Kw4Rb531HlY|I7s|v_I5V
z-Kt4;p7<1Vo7O+G*6P&W&5M=m8tm!-9lO?xZu_OHzr`RrJ|tsO#oj2P!Hv~P-fsK#
zlC@J#J07+c(ZT2S+iZ#d9{{O9R=+IMBF%QARcku7U0+$RKYe@$y2Ss=p_}ne!%O+y
zoIbZYPP5g56K=QJCa^x$`(~%tYMJeNweP@gwBGFZR@P@>{S1u^imr<?>Ym5(la$p#
zh}wToB-$L}E>(*skM=NcU1dk_@B+6K|BEh=UNC}T4ad{_^o8zdc?2q74ef79gxHUC
zp_H!ul97#u##CU6bMJcOjc^6yJ&qp4`+0hH?7E;YgLxed3l;5YSTX9VxSEX%?PNkB
z2xv8rjUe9p^j+xz=>t4+>dCi)vt~=aCA@#|)X?kLKj3E%B7%Wo<%bCh$3fU4w!(^u
z;Yy{%BURi_iE<Ln1f>)w3xIc>L^jI`zZ1Z2=m9uGTo9O#Iz>90undN%Q#D+z*k0i&
zUh~xnprp)^TpZ3S>0?a{Vx(vFGSg<-km)r)dL15j=(sF_aX5lkf%j){A9x~x(RzOe
zC9QiZJM+V*+g;3*on@USPRFTtoDLi&TMe_(1qV#WbzIYKb=`WW+iZ5by+w>LAK%HR
zL`!+X@Pc!|o;WwJ{BOn0O^H3W-2=bQI`-HbVz1bazN;%Ze=w3KbtTWPCSwXN-{Md@
zXS<QO&LN%C-~PiLQS>8tf$`P{C_{fB$9KBS;bEQG-UH^D3mri8o-gy~xl}hq+rzlQ
zAR@y%503b7n$9s4@W5Ia>n5@laLWL~EUDMeHU`j|_|)*$WH*mON?_#f_=mBrH>?o$
z9jmjZFoHS^1A(8Q*OQlaWmCt*8(z_1HZ;6B>nM8)C1cORu&%r|Kxb(OE}(y~0Z=a&
z{g|{X6Huo3hw!FkecbE!_xMy^sN6JoT{etT76IAbhtI>VFshQs+JYEYbuIX+A%7G+
zfU1wCcX^*i9&l(h126y#DRdQ(X+)EsXir#L9D0eIULc>*s?vnZJ3X1vGcSF@)(5(A
zpCFz+nb`MN12Vdv-s~m&w{L&EG^*0PCEugrijnpg*geE9Ql_K%IsU+ck0!by-RBHO
z_87K3C=A#XFBr~HMAFQdHfcJr9czjf_yZdP(4GrW#F|GDD}y4eBWbEglu30+qK$$+
zVQ~e8_(xObzpx2q{F=s=+;5q}MoetDlZjsGww*&u*puWPQ9&cNJmG&aWNvYsJhr`{
zv8motpa3fh{7Lu1ZFuX;fkC33flD0Va<(YL`Oh29hHoeAzR`(y?V-isMU7n)O{J)f
zCJuHOvnk%gRNvHU>#xvaS>(}P!&oKCm3lRSekCJ;wp~DPo&ITwg_`{<^=n>ON~Q&<
zZx4f5GHZP5xGCRVXElFBe21`(bX6UG5^*oVGDkC`h-i2S0FDxX(6`Ae^0eM7fI)rD
ztViGKscvbQa?HwvUSg%_X*&jk;MzJxQl=S`i)1!wRQfd5L0+|z(J}ryHe}tt6`F@R
z9gW&a^^(3alC2c%VzDXD?jkLj(Zw|5sF#^?fyrE8QXvQmEjWL%s<r&MV0?{O>rxfH
zqt-`I++eH=U)M8MvhP|qjOVReui(^hhcOgD?*RHXW5HTYpq4FIu&4y%{Tw`a&W3yV
z>#O@I>~E8c$4BB2@0MaLu%P%;T{xPBM6<>pjd;z>Q%cyg_pfNo&lwycquw5ZNvqa4
zsD{5(j9O-wlP!OQL(ys_980p9XpqWwvR6@QXxUw!(~ShpT$oopvxFf&V^Lt~+q5A-
zIxA7N62>>jLk~TxOTCohg2y|VcoFMkd;=mN1ky)jGNeYI8gw?NNQ+V;I=VbOX~j|w
z%AkC;M?XXjEIEy25+P*p0*xgIC$|=HSw?eGD5GeXg)b3g^7FMEkF{(j{$x}Ss&IgX
zleb1}1GoQrlO{(i0Z)@sM<;*llVG$v1$#7TvG@Rx?_#}CuQimkXa2x*?rDr{K~?rh
z#TvZu$Jsy*;K!cgLvY$BYJ_Vn-9?HTv8`o_|8RYe6%Ti%8L<ReP{YiuOOa(J5o3r+
z%)B^NPs+5aR@wCja@S|M9)-VNhJ!s%RbQ&@Qf+TUZA)JKd&SZj_gjA_>e6^>h-v~q
zpg;9t=PX(X--s8As&ofPbzoFUcwryoQc--tE4;A814hfc<Y%69LMxl!de<-+O1;Lw
z(Xi2r`&>rq)oiJyY#r;^;#s5Luxi8xr3VwuLOMWIap9lFDvPa>5!#pMf0Zxk@XsGm
zcL_i+c;;YL5s<|xc=CT}f?;J7@El%?6u7D)B3CXJ6X|f3<-|)ys-%aEPR$Ybj)_Fc
zGEtRY8<D(|yXGVcshoVFC4*jOXN(5arQ}Y!(_}zKCYCq>B3_6SSp$5KR6C!Jenunh
z)OY<EfD`A~oxxPQhqhYdM{2U=|6$-C(32o=Q_#9t6VN}`-nD;C|HyQ+;Y<2yw04JG
zNp(`~Kck=7qs8e|DBW=ETnAhse{erGGyAI9Vc$3fWilCozk-91A9|7!^pc~gMz_|q
zs1*yuI)`4V@92^WMtF-dA5sbmeGsegx#$u?eL+P7z8AH$f%p=(RwGyq8Vtiis2!rE
zGxU+!N_BxXdHH|RLEob;59c?Qj{MCxU>Ep{rIibE^P8tqma7_2Cn*<AAT%3H`2Hk;
zeiFN~8$cI|MDRdEf0EVE$ai4_2?gGIWZ-7@hPQVnQ5f1IqmOu}ol+UMpo!oKp=-GZ
zzGCW<=4IEsFVhG|{1k3iJwcmAe9>NL$<A1--}8k!>GOY%md*Exb$U+x@QQq}OdZM8
zbr9<ktEakAov0=sUt>MZ%PmMj4hHfuZIby23!e8LEqt?w*Dj)rKO5Br;q9c90Wx`y
zxzrM?))H$v6viboDUwh8oG5E=F#zd;rd9+A>@pu&NCg>Vlx=>B4wu`ai^Lvj?&gov
z=p(tN)hd7CTPb^@pd$-i!X{Si9Qhx#9-m51&hRhQwld0iId?OOx6#w}L|2kq&GgG;
z!_j9mHkpboV^nAEW>dL6RctL|i8?d&_OtW~@sM>nK52T%D)ZZ*Fm`t%BqBZZ(yCxh
z=K(1nW}o=Tqv}lkF>Fc0usV60whJhJ%*m*VS+qI@>QXCNV@g;PFrZRc<9@s1!b+>A
zg>_4$D&g{i;uI58O4T}?OUg^r##YJ|g~~B;nlDf6WHItbCX*{m8zril;wOFmxqF{;
zGm)y()i?4D*F9>v(9I7Y0M%HcQVeMUBK|j%YfBsm=JVdMNA}N`laEVb3AdJ2>(;Vr
z-FlPxOCBa(kLJXA=0<{t0-k3$goN9tvGQECSqVvKzsf|lv7a(g?E;BvYm+@p9)HK$
zTUQ2Jb$YI1Sq^ItkbySy8)XJsnHpsV+A;&J>Zi;=`%E*?*4CAQwzk>~w6!HN(5C7Z
zSW=#523ngR*YMgI+lW}Z`v>yVWNuok%uKtI%(SPlU4$JOo@tN!AQ69s?QB4kdBeji
zag4SHI0r$P=rCZn2Dd49Z9WT%M1RkZC8upFoAL1gW?U8)-6Xf_v0urLLlvDIex~@>
zl;WS-OXKq3!Ux=SB-Jf?nxscTX5#^shrtTbm*TJk7QH7ly|Jf;?*QcupC?#=!y(PV
zO8VXiqoYOY)VM)uIxtSB#tj*asaIy`k32Z5iP+Npfqi|={<t@0qZyi~Xn$Y~lt1>h
zp?%N4=)!zMQS|lpW&wOH2-qhoG(a{|0$xYQ$v|X$!Gk)%up3}`95c7;t>?2m9l?R}
z9FkZw(Kcja1XhHpzLp3g(o9IJh(VQzvQ;udmcxms*{xJXDEaY|7}<_S@<uZwL+1le
z;~#swzyA)1P;kM*AE)OZzJGt;-T#RtNrCgPviO^kn=UL(6^j{uh17()ou4SG1Rvq_
zrl!=`>lnxH_tUMw=S3S9YXm-=(L~EQ!zPs0<j4{%1A>hnlqCer#t~f(4#b%EB~%U0
zz=!?`aL$n-$Z!P`1jZWtI@oDq4ev)EjB5TVi$1_aQK^?lN&?KeXMdo`d=lZD;}LdJ
zv2%Fr8<86Y6RD{0x=TC?*3F18r)Ml_=Nq=_NdbV+I*R7-#QSvmNwsN$vhCXmf&Y#i
z%D-n9)?c%Wo`IdnryB6=qSjCs3<#{L&<!m0SJ3h5LSXJk_&JR9gr|R)`*o@On|x^m
zga7q4nK1JD6RHYmFn{>T#f`0|1g~-dwk!Zk46ymCvLk@$o}psiIli?$Kn4$pvb_mU
zM|u*ob*0x#_M_19v=y$z{R!K|ALE9C?sLcqG>$LsRbQudLt|XlM`<aQAY<r*R5Ek+
z^F{SIVN#~$lr+XA!pZE<&M7Q1umZ5Y?C3TMo)CJCI=kHqtAE<=sObdnta@GdTWr_)
z-X4Sd^1AS3!m>PY^D572fHuOMrDB0oNPiYT(AwetfXW1IC9AYzQnTnH(FPe#>X@?i
z_=a)=REw+A0tDmvu+~Jg(=#=>6wH}?R62FIQzty@;r2h<vy*>rf-}P^Jw7UzX7XTa
z74jZv4WXb{VSm{pm2^UiO+*ow!@@^e-fZcLkf~9+A~xxY$WznupOQ}ht}tQ?Q}H>s
zTt8p)`r=9|X?D-lQLD8h<l5u)M-(<;<=N?%Z*v9ud0XuIwH&*Ct+eZ}#IFAVPoKo7
zx0)bs<QqWT0Eu^H&j73j=oJu3dh&nX2L2>33P0L&Fn{pZG8KJt_*-S*KaH&VVD4mj
zOx|$mFsO7OxQiO(Z|nf<tx!e?O9iTU&JDH4b8|b?85y>Vf`O^;5MezWPcZ@vxwT<2
zbLl#VGK2TF?#DJ9Rebm+X6WscQ9$&K?{7vE_&C^rW0D>A{TTZW)+Pk$GNazI=68%Z
zMn5IIfq%xoQUo-$d9ycfZZYH%7)j#=;{n^)JM_yBeA_jS{?ovqO|09Pj58J8jb*VM
z{im^a31)(!hgf5%bK>wn_E{C|-)I0t$EQeNzLjKuJ9ap6@p(;jPOOovU*}|M(ys_|
z!VabHU0?1bg2DmPIUsI`cSaHb_Xgw&)zV({e1AVtFV;4<zKWzI;l<Zv<Dcta4tQ>i
zSl{O~hGTh)GaU6i!i<NWlTT9zbABcR2<=zUX(1IzW`c(TA>EPy^e6&6z{|r@%;?V|
z3x%oTX~3@2vx)(z<=J40AwFi{$%+PE$sS^ouFOV8k@hUX2>VKuYhd>;V8KY-Efzh2
zcYpLIaYgEV@<-X`CH%~3mcHI+NjTZV{e5-EKb`$@J_9-VwrKC^H+FY3n*ZhE1OTTX
z6-UdAqsqSl&NJ%QV)`gtu0SD)nF?f8Aqs}dVs6bii)U$#g_Xuy<sNLB{3^g%xGWu%
z%Aklch&kl4^n$D`^Jre`kVmXTUi-rypnn*|mIm<<;Wme>3wA5sok453-(o6-*Naq&
zyd4qUXOU&&+9$mj+LP-mTmj`pv10tVui#jjPg(!ZxP$vGxTptc!5Gh`m!o*^l96HK
zABq;*${JV8(6`OJ?a4)_lAL3G7q@ky<>AgKCi}PF6W5y!OAq&B_HfT#xeK|uD}PH2
zj0rn@ddblwPB(jEd$GR>hy4jV55Bpz=^=ZS9{Xmi_GG>CO#Kz`E5Dr$C`u>Wv0Pah
zR)GGwDvZGDx)tj60)30>JVOwJSX)c@LNUJq>^p2!wL11fYAl><FAVLL9DtxS2hz)<
zb1bC0m8IbeNvkkeL?0TyP+Jndpnn*`((r|12IKX>7c>p_yx9`IAXB4+FO=|wt%on@
zDygO53(I(776340jVZb=SRBAmw9OT0=xqTo)N=p~^%B6adH@3k)1RP?jpli_T^GY&
z`o;yZhtxvo4ToSpf>{86AeailV-Og9Z$O?mz9Gq~yrRsZTZ?a~XRZXv;eT)61;z+<
z;3eP=;1nl9lx8SOP&$+*o5>S+((%860qYrysT|zE$pZ>fk>Vf-tVqu;cq{E5e8hNt
z5kr|7doQi(KCOq~3iga9{vHDO(-mQJf*VY`I;JLKdV><I;0G*4_z;-^pcmL%j<bM1
zL789{j6KKmXZUSqwObNC!GDfl@DxWDuz}L?pib~7i0O#YYbAFY@mu_okhmg+*9EK0
zr?586MJRW4c9TBTghTW_!30>~T*GLG35SsMPWHq}j!;%2KzGjpSe6pLSGj)ZKf2uc
z!<+wc@rUSR^5sGCt;9t_$zdY3$$Tci-uR-HaG~J1*#$oKg}?j2hkq!=M;_RhC*U~_
zz5goOE=J#68h>PR5ih?arHfKKP4N=~9Jc_?qk3wp?_*j*nYm(|A%FR0H1jK%u#ces
zCoTmEVBqbYbCmQmXm5&vu);y9W{vryMRcoAlL1ABN%PIs<!e-z*jnD)<M*-LC%RG5
zntDb|x!4?9%%jJWG=Iq%kx-{uRhA=V(sdhsQ4s}`5rFLlWXj3iNjC6OrJAFvly_C_
zW-)b2g;it@pQE&r;uJ~I#;`XJxO&XRcI@vTaGm!!7ncRcB&vs_nIqpCb69j9*StzC
zG^0gl^&u9q)y!^EU!=Dt%PxlnS!9XTaTV)YMX@j}M(9*K`+uvRyVWgcxof!QBrZ9T
z3oq$>LZ8;ut#0~??MC>1At~uA*^y+lov&rqwm*49xISrY4Ai&qpo)O~(#kH5P*0#F
zV|}{Z`3u068B#LcfQ%H^Xaz8xi9X3gp4+K7ZRB1lnwZlqWjmSu;>6eKSvXIMzQvo#
z?_IJjsefyb5`WdiW<8fsni*3!e?l@y604X&tu;hC%8E%O0YTsScj_`_oFn<CM1igc
z1xnZa{q2g`)NHk$ECN*0h>r~hs#fBU2@yJHIVr)RdL)$B*2l(x85@Gf#DVj+CM63N
zq9Na<JyIr2Z!aGq8)j^Dp9&)?*6`$`GJM^#`0pfY27eGE4~_q>FNyzF3}I>fcQHWC
zdhp+xfF|B-iT{?VQR2T#{P))5zjc+=8t~uCK*<(Bg=dX4Y@%Kq6<)N>73l44L4`MR
zP~nXd6}~=HIBxFg0h6N?PDj*;_q@U1Nsi<dWk%du@OL9~8AuL)o5A0hS_Tu=5SBd#
z4i7L{h<~GwL%?lz;^e7qVAV<?!a0_El*DlR;NrzxA4|uulP`BLXb66iOEV_TIj3lG
zbi4JDj4Od*Qyl?c1DgQv&XKYAVf=!*2lszR|6dwLSrh@RgjReQ%da^4iJ}koLQoU+
zKmOAg-kRjw7|FqlvB$z`diIO#(&R-#5LFl;3xA3!ThGYQB1fV*`y~oO6ZtR2mHErj
zcb-c}B4;?wX@cfrTJ%wC8kC(MB}!nYH3=V&^`+PJ{$rS}WzjRr=v?WE4}~ZtSbGUX
zsA4#UK$r*|69b(C#f(L33VSMxdv;GlyrZJ8`mjQw!Q%bRh8L=P3>}mtN+D;DjlP<_
zeSc&$mU_#Wf%S^Pjgk|QL18`Eum%Z5XF|?Qbw;9SCi$|-H4mF2bx8~x6KJK-ilQ47
zX!gT^z@{$7L`TLC6WrPz#HV|d3vVrixw(oMU?C(<w34Y{TcUMc_?9T23FAsMs0Zgt
zwMyYhj}g-KnBiO{n5j(K_RK=sZ4S%?pnt!>3qTb(WTj9htG*RbCZW+En=^m@()XA=
z`WkEMQ*rBWI{sY=aatMqN)}v-h9$)5xkH>btqaRopo=+Mw=))K(uoERq=&|WHI~GJ
zDTc5#7Oa?mZ9P~pP5&luw#0(T)F`oFB^GS!v0%DNYAvxqm+@#XfCkGNYuH4iIDZ<f
zXqzk0+}nZ%Yv!QAnk5=+^=Pp7wl}x}%q7ira&_z3S8u+3xSCGvQ2_YM>D2@#;(0^D
zl5EK<%G|iMkg#UvYLFcMR_8mlM^T{a52FDF=?EpnKncN6oeoWY2mDDvV10jbXHQ&%
zZW@CFa0(;L436*vHzN%y7VP=o5`XQ$IUA@xrEiV?#2*^N*<k98;hQlW+LCB8R0FWk
zGBsd;8h`<RFfPJDW}ZA&mK)WNy`e7(hU+|<lk6~pJMnCXzmPjK93GC2Wj@4|hKa{v
zNDII=fzf1eZ=BqN^mtApwVunK%6UxD#V>^?isGy&G9nJ`ujHy{BiP9K8h^ozQr|k@
z=%VxsmhDtT%Sr?a!Le{hvSSBC4g#4@>X;%-Jbqs#v$B$^$-&YQNNrs1d>VZn`FCM}
zC7I$JP4<TVCqXhL&ExZ)u1CKvxZoAYvisT}-(UD_{)Gs<2b%&cI{27H<@JJ*Ptz3N
z?<v}hCz=%`=WSj1vd2BMHh;~{`x;CvDE6#yqCsJ0qveqR@O%Ou#VdO-*!#=w<>lu;
z@4a}@ho2Ywf8P7^*`H3&U>6O`OYm~<^3wg|<>f*8Kl}gu{O^~SU%vctAO8LG-e>d0
z7p!^)6Zn$8-~Th1egvUEU+#pBGKyir%N;}=i0&Z>A<^@<sJM>OoRddg9|2aAXI+60
z=YvTB4-TM=*-HlE^@9GB_gz4LCho~9vmHOKq`;MJ&D*>pbm(hl3qm86a%8ZT?t23`
z64D|o#gAG_hdO;%tyP~awzN!?Tqa6hJClX$egQO@sIeX_+38ssDQjcssH8s$d?^o&
zj%qH6j#3O^X>?RESJQgXQJStk-fW4EifI`1P^Hi-^eH;!()9bD6|Ne8jznr!$K49o
zk8r}7!g(ZPQzD$3QBH!_{shAb&DlGJ{Rb!6IjYMM8Jx4;{ACy_1aLiP)CW((SJ`<z
zAogT*5UY7eM&>Mle_@MucunQh45*x%EGyt4;9Mr?C^heH?5XJmrmB>RmU#gU<v*o8
z>URYONg#U8Iq*n@Q+lp{=qOz!wFY!lQ4j3`c&Mz=g-tYz<DrVSxdL6iEqJI_4j!si
z;-S`ohZ?YCsaK~XKx14X;h#7DDanSsqRf3;i+^fm>igvIw+jFCp$~(k$%O;MhTkVN
z9+t;4EdV5G2n`OsfY8VG6zo=C(GB5D2nv9Qf<s|Z0YVvEdbNsw1EE;BES`+caG+E8
z->>8zhT?`WDGbPkVX^|>uxT3uZ|F@8yXV2_>K-2ewrV7G#N`>2Y3tCb``ugcArKNP
zb6~t81OJXDVKxFAc!N+E!#%Htz6RD|j0FY{J?zj&(g$z!$RRHbA(wY|cL!jJ1xp|m
z#mQlCAJ{H<6kvIO7^3_IhwZQT<EniKYc>3NHHM~cz@Tsiv_cF?a5cQY0^cUOH=t$U
zF!u^~e22?|xVY{zsP0+~Xbb)Qf8+B5z8uN*cS8naV4Sba^Jk;fv0tN%)9mj)xV71D
zL(xO_r=Sb3HnxZCH`g}+ZDTl4_-pJ5u<?jJxbgmuT<5ZXzutmDcYuD!rL#fLi&PdN
z6^vNXv=^MxpLxJ3dT8$>2>`ZtKDDPXJG9sZc(CBDKQYqp&S$XECvsFG_9e;X$C9pz
zKrpAkRsm}*Rp$SmjlLRhQ2H_outqrINkj?b{@0LFnOH0EilHA@l%#9nk8})FgTCf@
zCxMbK_E7bI*x3EP`{TT}Uctwc4W*vtw!%OCVWMg-`=!(_&w!^I0+15K7+fDhR>Jgo
zK=O2(bBoXEi@IJ4Ar|?sV?d8EA{m?b0~DTwb5;~Vsd|z0?k4Jgj@5^MhgZQA4(5PG
z`~3OK?%cM&@V58UtxGVFaA176Fd(nr-;=<2s>uL<^nvPeC0RE`UZ|LQR+%#$iAZ%Q
z@FxUb50ZqB<0qqJtYG&`Q7M77#4`JzO&LOv+1e%iXf#NRCE8TOaAdDJPs|APz&S>j
z@TaMRprxcI9g4gexl#f9TcQ9>?kL6I<A8t!_f}$>u_AZ?kVq5n+8aUT(e*jlOUNVz
zP?e^Wn_<0Hq>li!PP71k8O2KcAEN`3bmjQJM~#}RYz?q+4bdUhPUsUbR*nKtU3Rc)
z2w=6_$%X*7J0%2grEwY`Y52%8KH6e*ODw-75U>oBmUgUyQ}LmJfUT3JVljVO#esiC
z+gyQe-WK3rI|umJE`fh*0RHi?N+LfGcu1akF3cnw@`^I|Z7uMxovGiG!+(~!Fe#=F
z4DV4evMGv<NO5T!u6-}Sd}wH6m^&B&#`%($v(S=>(LJN<8sY-RvQf=M@2F67BqB{O
z4FEvsJ`bX{G)4~W_UGV8Ktg|kBgGrehQ?@yi8ex7VK6t^2Mi4dR5c=uoMDIXGxSD4
z16Qod6*U2YKcfEAy50XpGDv0u0k91BwMQi*|48VsnD38LI-@EEZ<tLakCYRTX--B-
zDI23ztyZZohPg!IBe5qF`~GS`M%UAuJ^54n#>>=<h^i0l$XX89SUi6R>*Jc|DD~Vn
zOk{>XQfMz4^GIkkCZk%8%6YEJ9A~BQRI(obq~(iLdLzRLj?ZP}ik$0K+=N&0ov&D*
z`CUY`)&f0GX8i8p+(;!+`8WBC2e8TYHJLEk@~Qd$XNsSnT!4pZXHJ!i8~DnNKfvaz
z%8pR4E<JAEf+rWdqHKS!bSXaXY;&hW*g{TM>LqM+GRQ;UbxSW{G>N5`@Udl4QV2rc
zz3NKwW9u_d4wSSiz=`^yy<Y7ly<UnTEba9wW^h=K*Gtpj!<#L=UNSXGuUF~y+Ip{-
zu98}Z*Q>ZGZvjVG)&RpM+Ql7VMcZ6~y51H?SSQC3)+rrft9O5du|KXb-ppH;!~}1y
zKWk4|k`H-Bnf<ob6V}Pp`N`pLbqb)+(X}`9@n#~}=nQ{E_F3SGU6H*917^T$buJ+I
z6<tID8kpg8;NhYjJ}_e0fqE=25Ra;1BDp6R_|=u`6welv43@F7%t7J<Xx|OkHAsUi
z4%Vr29Pdfg_f>zn+gR+5h#8oXoIdRfQ!yCHEwpBbZ!qSDk9X19?gM(&;sLZ@8uqon
zCv_*0reNMBTpA_)(})Ke!5fFR`}Y|pjRDT;!}R-i=$EBAs(Lm~HZTiV`DSn^rm;<7
z^6?(2XiAlB1CwoF3W)cN$5@Ds#5G@$c|&@X7{z?gT;h|rWf6bF={U?hP&8eKcGotU
zy+h95aSJbSVTIPOW+U2uvI7-^LCynksrSL1G(Fm#z-kDZ@rtc2yUBDQl1SoA%Q+8#
zi^yazkt9UAeaSv`<@L!oFPH}DiGw+T5$Y7HXnr8c3Rz!Jl+*o026shYlds8M?gUWi
z1->rcQq&>#ATE<fW)FX#(phnyZUT`o4$1ud92#jkR_?wA2JlAC6c@wS9KPYQTe-~t
z31!$XvU6LwMr+L~?{&=gO_N0Mmvr?JE%WQXcnXfxjhbVkE1+>+OLzFCVQ~jE8>qBe
zh0Cgf0r{wKj{~ck-``{X*?;0_iDE1F{HRe+YyFPLiF()t`f-2c&nj2oas@6|U}Zwb
zas@6|;HM08)88(w3JRy*m`5S;QX8=dF-JFq^49O6L3HghG)IY}lYYw397%~OQ*)K6
zxnzDQ<8o*r?lzs8ODw--K#mfcn0E7mi}RtOiJc{(iHadC4NWZO0bUO@QPTs@n=PS<
zGBrwQVhK&$dT4*5u98|OG;tvW!~!VAtg(hobc&-Ci?+D}&Alxs#cmEtv0I`PSC3Nk
z8A@^NgGupzY7fyJ_uOHMNk-%qW&Yb*m|{0m|0jpPtuRHe4+eFxYztWkvuMErM1b!R
z@`va&W8hzd&G_OBmZd(yw51jL+c6>zZ;&bBEi`(D$(esD=%GFtj14Ae2vs}=f3%CD
zV*~nbXx}56kS5DA!W*LWlee}@q*x;8>Av+n@MqJmu=Y&m;&xfs+E}`+Aj-Gp`c9C@
zq&h}`QgA~CgTo;#Py=#ExSRbDI%h+D*PPzqeQKCdpZDQ#LWce=F>M$fO+AG<%KnVg
zeI#m|<7I#Gko=D`IzHn<%*HA}j}*axXwp3BA$m~=FY;mh4m=Baa782SJCVbdXT^h%
zfB_#VZ5avxd>J^f6r>=k7)HXs+zEM2N}fSeDJV<FIaRyLJ7Dubt28jXRyj&KRs4$(
zwj+gMZ&s@;7QH+(l<tLKq#r@60rmnEt8sKBK}&y*G5K6FY6tE{X;E+VpEyCh5S<@~
z|B*RAv`(CbvfyJMMgZsFITIwhEt;<)yNMO2tVkxU0JI0d@#16T0I~!Sa*?6Qc^q;^
zrs%z*2?P$NU@8h2+rkMTq&xyiyjj$XbZ!G=xpdwEs4Vjf^Jylt5G24rni$;;0nDgd
zIMRQ}NemeZI@_a$3OIpBD>d$eX<RlDT;I+^`^gISKNnT7+WJ-IkHxgBRwlo>%5~{n
ze)Dzf*@C*Y$iS4URXr|69>V9QS~saK1s*5{`k^o&zH1JZBis8hkdGJiXTSY+e>9!I
z$wJ;dRV2Z_9OX=r{75xJ(F1sU;ZN;BYL0)P{k`}@F<-iKl{Y!Lz@C4Cb_4?#elRvh
zJQkKIdCK@%s-H3?&ofNP(`?nsU|Z32m%+9kTd=JX`jem*ppeR_WSfdgmUNwf+u)(0
zKiwsvKZ+qN4gD$RRap=8N7Jjtn=PR~F@20!gcLM`K1KginttE20^7o|Ma}BCS>b={
z37li5aKz2nlL$Xv6y^Q3KY?~LV?xON2Y-u*34hLd^Ou-ID5E}lw`4!<fY_5!!j(iu
z<}84JrxW||n#!peP&qYiDyN6w)|jA^$h^A&caj&Fs!}Ri<^_+G|CAz4epdi&1YG5u
zqiR$joaYMt(N$7wfc|JW`xe0WWDS2PY@%Bn-&3^B6{zQJ!S`6z9Dt8iEfGFzi$nGa
zpfZ3YaIfBc1ARNCv-G@SJ}G|WHDheJwLl*_dbPSw5n!t$l95mzjJ}5%crfxjjXpNx
zB7-m-E>d8JzJ>n=V8eE94DgJc-$2PT-vh%owZD(Z$;7)QfWV>NN|x<s3ci0QZ{!SS
z&=ve%1^((+jO*V#a7#NwFl_hiDf>EgCm@j##1pw}(I4R@I&K@+@TC!pLI$uQ)?Gv_
z0Wt`%MA#lplw*$=RtO93LS;c%ky!}AM=V+z%opA)rZ^*jK^fq>x~5??_zX}N?a&?o
zB$uFnk+lmC5-E6=#Qyw3?u>s(O&PbIE#AL{F$ql;xeC@B32iF!M1bp}#$%u{T7MYB
zqg}aAyF3_LIExtJ4p;-D5rK3;LzwRAz<`-OWJn(t%?@T^fcyd+b??uB&2ajr9OnX*
zfCe!FjtKX&3(w$Gz6)%G|3OB={{k!Fe}I{Gsj~=cQ}5%HMcV0z5N?0qvEq+tRJXN-
zc{!qSUijBCow(p47W9l4Ij71K=^GL>f=Y3+Bptr8>lwU(HpqZOq8KL8YxLsod>VZn
z`FEq}DR|mwJeW7508I>1Yc%y1YbAM8JvQnJClLCp;&E&$QgfATN7vuTy~^W-PmZrC
ztnl2M!h${-R5*n`5?Fr=Ko>}lkZ34qqN{%g6=k44J{pkz6p?#!G#J&CW>0I6Oz#LN
zo;{r0kiYhggM-*~htXfO=6u0<XVoN+Ws)Fr04N2uFbfhu9Ogxn3X7b<LU#@WSA>mH
z5j_>82tyOGfJ9{A-%)Vq2ox%)HGC7Q8M$^CL@4&@m#V@T6o`MvkW!3OPVy9!7Zt%m
zX-U152^E&&5xHc!fxQIt=S=x}iVH{jQ&GSx)-xKVC{9ZykH=G1iIIR*z*~Ix7AOM?
zQxt-anJy!_L7U`fvlay|<882pqbA<^lOgEus38#xa6+!hw~$44|MJgE_&GrBdj-39
zWveG%zmGYIVjX{kXJNM})MED#WCV7%_TX@r(kDHve>uwNCq~wr0mbNor$Ai9#h9}?
zt~+sDg~am9MR5yNRuKD`q{+e$37r`)8EMj}M@epo*O({bf~Dd$63i|N@l<!1BMtfb
zH5kC920(V@r2ugYD^&H8eosz*C3EVtm~4|kl}!YN)!ct`9HsUgF@+dke8QNH7_SoK
zd=G;&9vpu8<Ngnbi?SqW6zm=Ya)sy9`QcIb_YV>b#}z31P~tR@zc0dYbs1ZtP`?~4
z)=kEPsaEGL9EGVMuQ8bul4RP&Y5n*%jVM4X&>nE04Atv`qzdcruVJUDA=hi(cqRq^
zsR(~@1@M2M;`%5z;;U2^<#xW@&X?PH&Fy@0BVS|-Klk+cFq`?+EW}&0jTd<Hg7GHR
zQ6&{%bX8!=BEcuasSKA7nfR)0oV;C&7y$<+ZQjso%c_RGN~6XFWPByzEg#|WQIa(I
zK%axKUp<DtQzoD;6Hq_uz?qRNa3fi$LEC^s-93LExvyEOqYNz9JIsx458i|C39ZsA
zMbcZ<?6lR*cC|#(N3&ic=_y~7NcyK2M03+u4#fVZ0HLt-dWiJt<GaU6rEuF;fK0UR
zdgz4RDKBPh>|#a=?1nI}hrXI&#bARA+|5vqV(Hr%MWJx(xu2m8N8}BcH#B0(ro5q1
z-q3&8_8S`difRpaG?oEnE^v7xbF5(-$sy}p-zeVdO7!>ET;Z_tu5ei86^_+k;rIv}
zB=#WWisycJ!^#jgng6!;?uM1U4kQV%t#>!LfcT+6L`Zv>3>1sOy)nT*(W~RwBZI3<
z_<d~mJUB67GqZs7X9Idmf@g|fHgM@j@y&lTAE(5l9r-Kpfceo2zKXJuAg|)`!b-6F
ziKuEADb968@>B4{484G&QE2E(=@s)6B?~AMr@jxh#z%iZj-mMVh{Ye(ORXv%T}<pz
zfVY=p8CQ|$BVRZ&BgFXbFBit~r;ERS_;`BpKM|*U{y)zz-n=*VB54%?>OgGi1)pNS
zg3oXt(Yyt!(pYuJWAES>GJWk&$lUsO^}8`G;DP`S`d)BD6T0%-H#T#p?aFb?*!`j+
za}=9`{hY{np_g>^*{d@XRVR~UE**nXq89!<dgy8?a;3;^OytIoP2?U;nv>daDSziH
zwvIf~3Gy3^<z&Xq0ode)_1C=eZ}N9Oz)jcJWWvbhQ^!RavhewZEPR}C3Z)FD4;7=(
zvKl3_BAV(FSwZ=tL{_Ab6}U`3dUS<CYvcvMsuVX*X`7e9q+_FY*0Cy4lhRzPQfS}W
zv^zX$KSayfgS*46W!>SbQ7rEcFMnuVT$4Lo*TTyiF5TfWHA;7Q=?>q1ceu8qT7x@$
z88iPP?r<yDacwQ&4lms5O7!>ExWj9C?(kaa4qv@HJi2Icb>iQR5O@+?_3puabb9v8
z-Qu+jp_BP=d)?x-?DZf?fNgb)+an*t@lnq<M((4*0ej@ezV&>1aWNoM41YlfVJV`x
zb{L!qU9r#vILfC6b7%$_Qh-JxU;z^jT`p`Q%pZQGKk<jg2%ur7XNJwr%Op53PNxP5
z5GV$YP3)C{2})_~E59%N^I^9t21p5>df<ywbj44IgW)SgG{Fj8XZr&i9B=3@<^F#1
z%^`%wJG3$LsXZIWvHIXUwSVT4u6!xDBVybncO9bNFbV-iJ%n}t(<s2W6sKp)d-GEf
z2b&_0-)~WOus2dj3-tA>-(Bv6wWF<w97*t!0`r9$B`)(E%ZNVo87X23T8(+Z1W!nx
zdU9g(KEkV}g9J-vCH=!vuXtrXDMdmL@=zg(NFfIYiZ~(aq;;9(o`37XmC2lF-U|Sm
z06K1ZAKjQ&#OPAQv=Gi9$v+fb@r@^llUq8zy%vqxx7T|-(Uxv|VkUovx#03hCr$`u
z=ESkWbcp=<0@L?$P7tTZF;A<=UI!zA#^=m<blrRIT#4{$Y#CGqo(xB_n1E{JNtWd`
z)TT?s@mf-Vj}~E!41d0m!hWnKuF`trb3KH*8LwE~jJ4E_1{<ce&nlQvR~?mH_vDo4
z7+!~JbB@9k;1s4DxuRnsLsHvS*xWiZdcX{~t85SJMyM9XuK1Z(T+`B%DtMP+H0jMx
zI=Y$%F7}DBm$lr|P^yJ?4h$o+r&Q!x9~PyxKRr%r!V^I*RDUA9U{9W7Gt@Bq#$ot-
z1iKl)87p;?iH-}GBNeUVq8xob6=7Eqw*^>JX4A@i##4o7Nv_w~>$ie2D^Yi$buI=H
z!BQb>SQ$JzN=a{R{3}`m>7N`w3%_qD=+LTxOpSab(|b5c&XnnoN-)zxn4e=be^Jdq
zPP_?yala(|XMdZ)OdAg$^X40vdH{yHdgM~QjQb)@SBXxdd{Ls4%D6Av8TX~cZ#@Kl
zE9vM$7te#^w`$Acw^XB89=}!44YnrymaZ$3H(cVkV!EabXHteU*?RnzwxU`CerrkJ
z?jjJbS}xeCwg7~yaH}g(;adaYs^>wt>LrBhAt79$eSh<rBf07svM00S_9D6J*(*bm
z0Nan`^7=GE;Al4Nfh8aO^sevBkmE$oS6JJ??;+q>@E1j8q3^>Xd%-?f@&n%iR{^}C
zQe%TNBV6BRY<*+iR_fknz$!#-ML?uIfv^JqRCAv@vxK)qepze&U;8VAUBz)uxG=Lp
z1#BGiMt`w-B-WDzVkNB1rh%?KLtID4TKIs_zZZvD8IK)jl}QfnP-31~gXK10bP;bp
z9fx#Dk}B=ke*5V-!z0aocFMdC@d1QwygW*KAwh@$z6ox~l!H1oG&&;T$(7vA@Z_Bg
zs>>f$F_6e=pdp#VVlGZTUoqqvd$Wb8Ggc(RAAixtlKi<Qm_^((EvC_BtPp>hDos<M
zONqQv#ls;fvUx>;MSxM}q(k9?70-+!N9Qoo?(`&+%@6i7S81*g>$b2KEn!FVbbj9C
z>MQ}$ET^abQ7r>`qs>_r3J!FWD?{E$br*^fAow7#RNiW&mXA_k(uI~nc_j=HXlq&v
zGk;b=Y5mJu`PR1Pfsmx3Wl7MYkav;c3@Inr9~R0Gt|%eO5<$4K;fmotE4{hQ1TCs|
zYI&%^9H^jztaA{9S%Z;ufl4cC4oDXWxzZsO&eNBHJ<XouI8byR`4Xs1><G&<$HSw2
zBmtNUpg;5al8w!*9@Lr&aQ>+~ADOuOmw#P#&^n$IFCV2yTL6q=0uyRZ2t!%U$A(H$
z8=uyBN&HeUP6bymOlPDN6DZE8F^1_Z;gy&I4bvR%%n2`dA@*Eg3#uwT)>C^rL%ZJ2
z@vZHZ+4;hs5?-15DdCkWKo?U{1>jt7XM@4o;g!)+QlMuK)T?lfDuRIv>#PR}$A3Zo
zk24EenN&}cP$jss433xOdq%J8gM%yU%YrLaqgWnXS<o}RCUB)LI)FD^f-7Zel;Fw|
zT)F+=N^M28R&eF25FCr(E$g|+$oc|!%fhX$M5}KN-m;O0w``Pn%hls80~E+H#am)T
zud690Q0kM(mEH4i;ZI@fdgh?ZMt_C?$~?Kfpvy+~ijgG1wt_Ch%iZ$*02%{NNDROt
zQDgud>A*LD%_WQ={9zkb(*)<@48((i@y0X`!NKL|Y(Nl2g1$|bs*YJvz(+{!9W-=>
zJ(<||0Qd~B7&tG-nBxpn!vsFMLGWA5Lki!)@P3$w)gH_U{ql%auNZeIr+<TiF$QZH
z`xGlgQK5(=rRBgE5VgX*9T<CW>_asaZY;>V2#<MRQk@1<I>;$o&7l+L_<lqN2S(%-
z9zd5kgq3|5x<3T>k4JmuM*a0h;~6+Fq|N}huoOVhINveY=zaosFQ#|9LAuZZf@{fv
z?_aZqka)fWlClaQ>NvV1a(}^jz&NHX5P1kz4mGV-t3N$l8ZrTl5-IccWEd+0qJ9{W
zlZkg5CEH6w+@i`^NY?ZFkrO>fV{ZJNK)S}?MEKXN6m|+ILFD)sla}qYNBIs086NwJ
zVZmfn<F5I%yRMf`8)Y?z30lRwqQdp?fl-3kpwQ8q>Gk`2RB)~aWPfx$z1a)<yN}Q>
zs}gxD!#C8;necK#8N76hc>xK2AV849TQs>|A+f_oP_QC&NAxlLSu!9@qDKpchgns^
zOIqlhF2_j7IMXM%JO&_qGIEkH1xZAvS{4$~iAsrhd=gO%`?2n1c}WHN)3Uko(i%4>
zHD07bD{<zRcszxzh=0R!ahs@*mbkE*@3q2FWfm;sQ879oS-lByPwc7vS_EIp^aqyl
zsLFU$h2l}w%6L@KPZ^Jj@kI%lC?OMb*AoR~BHCiC3@Ee|5C{9C9g|Aw2cHE~e|SQ`
ztTo86ouLYqcT@P?_yc8McftcFRtPs>ir%Ue(vCNBC>3Eh(0})?qm07p4muMAc%Je)
zP;5Gxsq8OM^m^jY(2%9oFtttkUwh!<i)S@%Dzh5X3V;kA159_|2gH?nlw}g4b%ZhN
zJ(=FHJ>xmSoU$rwsXUHX06YhN@NxoA&ckcX<uzf?LUL-dS?W=lx^n5zXGtdon&%%J
zozqwroueAX@_*=@f-a0Tp>uTINW9?^og-7DMCX*~ob5;FXe+99p>qnlwHCqOG;)zL
zjRo*Gg<D;T-rgGgO*0RF(=72f4~W0%gPg$xmpGicOezFX=FRQJ;WV??h9m)=GY*Ht
zLBdcNOqAGF`o%yxMv2iWF*=V5qq8_dXJfd7`T6ox!GA(NU+#ouF~}WjCGs>=iM|qY
zekE`SDlAXJovsJ%N!0=>UCF&iswG2_D4g693~4SPNK8%ExRSu2^}>Qy2Mk&b2x23k
zAZ<v{vVfosie(XjO2C5j#7c=0T9t5>614$|S`nxy8&b3|pr{h(BRzaksGyQ)xD0_{
zb=HAMN`DAIG?4jVr4p*72-Lz<sZYJDKU3FV8QUefi!D><J;~I0B~(eCt}=BV<%<%k
zR6>>5PYG2jp-LrGDZO%*P$lkX;9#STWob<ManOVD;83OJvQQ<}D3*sR74-6~396*)
zY2yu-P^FljDYG<|SsJ$<s-&%`o-kCYnF}gvE`I=3D%|Qy^!C<3m0EdFrB(@5S_xF?
z{MVl`vV3oZG1>>l2^rlRAA!)%JQ`3dL&jvb+g=n>D_iX+39zjwBwI)XJi0f~??a>X
z1fYMQfMc-9Gr;pd_3^eic#oJ*7oPO&0MjzkkUa)(#s(1qj;4OJU<&`*6FH6IfY=l8
zSAQ8UOzP+w!AtyB5<C+Kr3(y%<JhApG|t$^S@EEGBH5uUPym1y_)&T)s$ho5*R=|F
zKVz_<DcH5Y!cq!u6c{UvfP4cv@(|@hi~v22x3dAdyLuj+^zLyiLmMw9VM<CiE`M@u
zkG$Vl_j@y%0J2B0^F5f9ubA5E9z0kRa(`zJ2F3(+$N{E?2(McK_Zes5q`qKoOB1uR
zc*EK7L;rm02H_(A0!A;V!3^Lf_Inl((V+;S<M5;=(6a;3XkmUz@Kj@+`hoZsr8;z(
z-OxuT-wWd%f5yp9XI<Gee%H0{1Jx&*;U~ZinP|5+1L}aUl%mg|jT_)3Wg`}Sb$^f`
zj6{<6?1|Jp8b}Hi!Te6~re4vWC>k83`l|Z{-JnY*)CNDuRI&2VPjDOtw0RPft(AmZ
z`X$9);EJvDOq%avJb_>@kz?}}n@Y^FdBYz8!Q?iY2i53>Xoyickg|xvP8K)16e4zH
z{6eOv&zJ>+zmnl1h*iP7FbGKjB7b=Z>yY0|Ig=z>osL<iR_QIHDZEIG^nBu+j*<M7
z`bTp2<nPSMTbH2O9}UahHx3SHN=5iJ1B4RK9VU9G1bcAO?^k4YU=g3>c11t1Y;07=
zx7R$)82dCdlvx%S1ImJeA-C$%(S$0yujnBopsJ0R3QpnELl^W^?-rUL>wkt$$H>3i
zOHYRSJBsXX8AF8bs+(XRit;55NPp@B?sj5?3==C)Qzp%&BZqK=gp@>YXn(u%`+IXa
z;EyWF|8XuSRAM3?gK^EH+skwx<A9QkVOHj~T2VEsAEM^3dJ$@B>Ko156rsj?4k>+9
z%L=NDO`s%B*?yGuB_m2e41Y<XE&`}7I2XFdBNqrio%jP?#086$ke6NL0aKF*@h=cO
z0?^YaCu@oy0XwTlnZqTf9SczF(?rD_tDw}UkMFbtZIlrZR_<0z8fMTW@!)R7*0OFz
z)hL#CD;6}{tjVpYYdYf%mu^Lw8l_vYbSrMZTTxq4E#+2Rg^g(uhks%#*Y($0z@b>U
z)s<-Mt#K%}^Bjup(xJExhvFG#4ge7YHl6ygw}0k-#de0M$=tWSe#LgS-cJ%>Tm6a-
z*r~1~FWQ)k1v;|axQ9`8Dq{W(@Z$lqLU(C`45$keg$EAstwH19m*7DWgewufkOT18
zf!AlA=P>NS&<oI;27g@;zDM?L-s6LLt~)d7He>!e+AV<XfZr2+j9_Bx4ZHy48{UQ8
zQ}~hE%&~^;ew+cJr~@t0Aks=uz~*V=)m}7ctGHiE=quwjpD_HMyiY*I7Ocb_mGU^X
zg~tg7FFa1-5lu6ns-bkk@Y=%N^Je5m?O}z)`>;L??7|Pn4}Weauw3UksWO}os@{Sl
zBI?S1z9$R&lX6<fHhYDuLVkS`Oz9$YBu^hciF<XV0aK(Iikx^>QQPa^{=*$5oi(eZ
zo-|_#?@eKPh5b_yD||PHQqlMpCQ}B9G`vLd3e-*X0~R|-_x#BC0qp%Z(*qR;pg)vV
z6#bMcgpZ<9iGMLjg%fWQlQJ6&VvZ=O=My#0{mW6B!f}UDa;S<aQS<YhNr^etPS0M`
z5WqB!>^)3xR1M1}UZz@FwI8Z;QhK3EFVsrCP_Q>3qkz1*wdszsbVGsHM;7bS8I>3G
zJ)s9ne^dc$51bWj^jzy4^XM6G?lJGtTyskv=<z7~;D7$8_Okvc)hL$tM-@EougM>!
zYjWWYm;NZ38l^v~^ha&KKT2Cst;Qc!+_toc8>*e_FlsO0hAQ0ZN)+|hxS=|EZm3S_
zhFYN;io1AE&zK+T9Bkmv+yT|e5HgwXw$}mG$yW490&J@T%9gIK1t1U9X+v|eV{BQ>
zSjD_eXn$o@9zNdkJ6);^Y2fko9M7KxQPX~(w+EJH>FQa<m`?6_s&}9zfzL?aR^2h9
z$=>m6J-k3N1QLM9iaX8X7vAVSr+N3xOr{R7kIbcHvKwSEcNOOQqK${dVSS?`Bd+ph
zSrvW*mU3Aa%<w{$>-GC!90tofYa_Z(WwP5;K!5GQz2WtZp%0XXq2hR<;poO&?#Hca
zwYZxrQjq6j!rqJF!V0=dHx~}z3j2RW>3js#5?5V@-sp;s?@Erc4FiJrYTt?4bMjK$
zIEo5Hx2JZG2Lu0(xV!i=@{G^{(!moc3U1P$l6n6HZ9>W`OYz}KJ&JwsrE2V0Hhob<
zu76iaL?m6<9B-XyS>rQ`m3KlI9m+c)3s~d5!0};wb-&uMnT=L?DdZVl3PEjGn&C?`
zeDYX>8~O(~!*`Z7!>dNIycxdWp=V8Ic-@01Z@4tW%hV{%@TD1k`_1s$ifT1x_~K{Z
zMa=M>T!VRM0W*BzR#&2^pQai92Jz9OYk!&(h>sD5C_hbE;Y%a@N{sNwBY)@*z#K?(
zoX|}Zko*JK+9voUcn=V_p8xIYuhCqfiIV@xvN&y(K|Y@qg|s~ubG%A^1N)Y^=YTZ@
zDg}CY9;*s8oMX3V`|B&VzrJFuBG}@J66VU<h#{R^*w@(lkGiH+bud$u1REuRn}4X$
zVC$nC;Kh$gunU%RDheukB3A*sU1LlT_=qeW*za7!Yk(kpZgZXbfWad8$KLMmzf*WV
zS`tssKYahbD{cY+99UT#@aXBnXeRH$7J`<>l0f#+-kxZ~j6T0_{AkofH5_)_+WQms
z{O~Xe>`IOAkpVoU5GNsVSxYSUXMe1%=1)2;@tSgb%Vm<&ip3=8wSRCBQ6^qHN)UJS
zpT^}5YROYjfB_Q=5&tVH|B(c+Z#ky{Y*>}^85AXMy66<t@g14$an1YT4*K}%?3aB+
zpo@1byH(hy2%1l^?>2CsvBzHGkBST$qzK1;aKKrGe{c~(6ePw{1fkat5`U#dMzA=o
zrRy1Q8K;Fb9p0Mc8_0=^o+%gze-B&*N-Q8(xU!@waiG57S}BuTtdWB=dwP?sB;~2}
zy#5~h^Xl}BN0nhh8qlToa_2K<5`>BqFyZb2(ctIv-sgYE|9<)M<37H%MDnw!jeW%<
z(Tm9463sxUd|33Zxc>wii+@UTy@TbFewJ7{aD<7Z+H!J2{)lHqePeWGO%v{kZ9AFC
z#I|jl6I&BboSfLUZ9AFRwr$(S&3o^+*4_V}UERIc>RnacRb5s6tD>mPZZ+cdlk->c
zZ}u0u>R4vcgZgo)j7aY+x2oUr?iuQ;b~$<O{Tc0{HGvGpx_***^mdt}x0FOUwZHRG
z6Az62RdUVLVuBJBoRvC~M^r%?oGZxbl}Gs){i6FJM|#d=odrmLv0edxQUr49^_+)P
z>;Ee<&c{fpkfa_@w-p+aU>UJUY9jr6Auk@<IpdjiE`7eKHu<E%q+?Plfj)DGfKTj&
z<#Msh`ox`vwkv<#_G7_7r5zPdO>`jg+@SxHiqc4)^QQ@u;fzz=Ntvj!o}ubS|D=X<
z?fzu6dwI7RNu{CCt7JJafvWuOQ_z7^=ZQ|le_P&AxsGj?|2<2*YsfHP+1i7pxw7#h
zRc<K!Dp77|hY-eF6)3wIc&yBz$+_a{nXj0VY&hopFPZwu;Xt=)eT+A=<F_}JV{Po1
ztQj5VY(>H0u2;i%#<awFh6H<R1+;7{ao3%gKB0&L?X#FEfEya9C-dI6Y&J`+`h6Lc
zwVo$T>_25dYVV9W?t%|eEv!TRN&oqd0WUSBhYCR_<hDvdGtUmk<UGx)SHvB%7lMC(
z1gMAxK=RUsQ8O@PpaT2vy}9J2R#xBc%F&Gh7g)z}hk)~77f}<T2UT|KuI;W_%`^8w
zD2)y&SGGxKJSh)QhpeI8SWbj6)}*dxujo`i4UDI>)CdGU`i{mEr4Ef6j>5$X$+Y2`
zn<Kv#?)QAml+B2}OvmhG^dN$$L9KG&ToiAdWmp&#wa<R2FKmeEC9&Qc*foRMK8N1(
z8A=v&GZ<Eq2`ggRf)<Xu+e-OmT=fH={hUq<to%mD1}Gs=z?^hx!0i`*ls>_m)zI;P
z*N7UQkS&-91@sN|{IjP|_Bg!gwHMr5ty}%CR{0{a&`atWFYTa9?cd_RYP~e6EH{?n
zSQn$K^OUa}FHBJCXTe=I=qf7P*uQ*$cCnc=k%((jS2t`-<#T1XHJU%em69L6Q!V4w
zhZ@yF+16Wu_L6W|w6(0u16qjAwQ7b~>V7&-A2>2Ss$2fR?rp%Ayx$SLip(uRHAOw1
zo?RBVLha+TZ<y^gK=388_Mfly<hf;n#f;Vvmb7VRn;tLC&Dn4lUat90<(WrL_0hR6
zyA8u@m>l!-K$mIPvkKYD6%7mP8v%IlcS`!`Cuknf5ZY%flb$5vCY?FOH~1k8N5N39
zc4)5)+`!LGmvSf+pVN_mL2c)kWKu#rSs8zyGlRU>aBwpB2zZ7}Oo=+H6WN{kU?hQn
zGE|NUV$Kid2!p>R_>02&Mc3Sf3S1Xfi6TOliRcN7R5V3G<#sIUS_6F}1qHj0o9rYW
zgp!27rKvCP>jQD8X2R($Z-GB0YC^rE2sLm-9FmgMwfoQr*_6C_Z%{X4=69pp1J(%;
zKEwmdmhyfi`W7^fprEYRHn3CzcX@dd;7Sq#O!v<f*wq+^&AmL$fGvz&URY1$!XKq3
zgYIL`SSe2(EoreY2t@65Gx1yX)z#Oeknf{FMYQh1b_^9=P;{T@fh$ZKDu<|m=gu0!
zfd^mmpRb6tU_@(s(c1^)%LvPV$R?E@4?=vyVrKkCsAG>M^WOq@OZo3lWTQwAk)Yla
z*P#r=kM#r2exAl36G@CKE+f5Pa(Ck9A<>;Dk+zNy!VY=|&Xm507kaDjZX^bgbY|}W
zId*OLs(#)$Wi?Z1qP&YnuP53MPBOEIAZy>F&>&IAG57T&SjRKit_gHt#;ywaqFu^f
z;^*2ABBbZ~Gv4tG-v9H}(F*Aqn(d3^;6&ZYWj{DBSyV-#8GVn7ULR2$V^NtWTpdwd
zONlokL`iaX7`J%O&A?AH)BjFu+>a>*Dspj3kq<3$b2|N<&y$NfIA@a|D`X5#iaXhI
zcc6<59D4X_eySX^`6=1@CExD`)j%#Mv6@S&<l<)SQcmmAU}!CEFtUbbz=<6LE%`eh
zfJIDe<<ex7Z9-&|y>D!)1ES(f3=#_tGbAGnUIweGsfp#OXS(>rQ8=T8D`n&YgfFbs
zR>mz<z<p-L7n)LL2|^UW%x?DvthF)c{9NbruXUTMVw#Ip5zkUw66!py;F_z|hA8qs
z;c?s`tt?iJE9YC$1U2=QiwzOqFz^~X;OgdiKA&`h6`Rb5%Lxggf$xU$`vD!KkG!WS
zfeC~Dl1u;$t+n1c>5A<Boo)ysf+iur2#b19i^gRFZDa{1#E#UHe|MFCdBI-u8l(e~
zHZK-+MKX-4k8Ywa^>cqV=2z(wNxWZS6SuDIv0+Y7@Vm+gQG9(kE&re#AtcEhsInNs
zP2fI9bay}y&xGFQ$KEM@g(c{m$c4e_0~bn$dLv?t@D9h*kT9_l+%j6Bl1~cq3P^T8
ze>_nHFQ~s`ylw;oaBj+lrG|JLv8o&q{JI}@B<W|Z95M@13W?q?{Q*14I?&mtgFN3h
zL2T;p+J9lput%VqdO0OOkI%Giz3E_C9rQ%^y_a5jJGrg)y<PqcdnF;m{(Qm-oPzx~
z^&&eIUK#75gZtg;=aY2w`cY<nk@#i!4)Q|pC3AtM#kuz>(3zIjxr-gLZL7TYZMODp
zt2gIs#)Ajx%7XA8EV^e`UW}I#oST@=%d<oMY0SswuJEI?e5VUz$u43L2u)h&(=ZZj
z1hy#!2plfv7=io?a(!Vw<`;n%b%x``vxpCE;v7T>wI!5HT{T1!w>{6^IwNeUe&E+9
zC(P%YSsbDS5W8v5k!lb1rv*6QUtf%0gB*V}e+vtPc%6HLhY;`d_x|R_(UeWL$0d)*
z4YUcu+|35=Xc)Dxw3dgcRgm1`V%wZi0)kk}K+<0sIbdk8$o^8`&aM(N-nen`v)@m7
z*a|ys;d?|jO96krAQS`{*2PUBYNc;3{%LxFGqU%b2P%I+jJPoU8b{1bGqb$yKc^=z
z&I3`sn^c{vRawp~P3>o*FBD>Cl8qc{8Yk6n3UIKk*vC))$z;2jpzdC=dE=;Wa5~5H
zmRQBf)}e7eqAY_s#^e<ht(L;9WT2KHq#V%&PCK#tev(H{n54=?cs+@JE*INc`U6*N
zhcvI(0*JC>xN$}2DZ!DaU2m~SaTEIkl-W_fv=RE;<3<|45=Gw!xmgNYmLaS=g}m2%
z;X2_UP#(6KOlK(D^NrPwI+kn%MgGmewts&+esv&f^eGp~Cj%y4`ozRUa*3BZrj^}l
z_OI=q0;_Mnh_CwQi!i5&(9s)1t69}#G1=BdV8PjJe3jc#$*oZ@hG<;5=#c5KW<IS8
zmH3d{Min?gTRn@@`6o7)b61g(bgmI&yE|S)e;WyO$4AFm)7A%vEt2q3^mmBU45B!%
zy!jy&TD_##KF(j(ed*aUwE8zyGE;jFA4)VlL_~Nf4gIN1YDWBw{eS0$uBr!Id6g9V
zK)j(pTOay_N_!=M?kskbv)Y>o<d*xOk+s)U^-F!g_9SJvk_$;&`pqDZb0*57s>KL_
zFgKQLuIG7sxkf3I7J6V&oSj)2sP?)Q>BqJn${nh?11jnOqyqzsJ-!j>K3j+=oS4ak
zDY`>ls>;(dN+_T2P#zpYa8#|4CTi~}a0|kIK>|xmbvNwR3aP2V*1u;?wOd65J`agO
zxVt~HnLW-P96_`$O2QdHe?}#c*=#Jej}q)RT`wWJYSq@U`AToKw4~>)3w*gn{OnkN
zcKbLASHG=UVn172%IwnBvn`~@`|3xV>Gb|MgM5EFdZ16I?=oD3J8ovb_uMlBE>~FW
z;F#pfP^2Imu~-%tgIL-+)XiR7ExZQhBet?;#Pp?&ngcwQ#c;bnAS5yG)=<kfhwrh+
zL}jq$%2IEw)9MiG<&>Vo8BypCGQ{I_*Hf#r_DwlQbZE{=i|_RbmDiXVswsFR^7hG1
z{)J>zoI;ajj8Lu=V2*%BzV@>K#ZLN-&u!Mt^FYPjGbv{=F<FnPI~O^R_|6x73KO$g
zpA)0eY2l>dvYo*({cc9`@tpDfuJbFcvY`!Pl#p!11l$1X{Y{2GvflS1c>&tao0z;N
z+XXyCG=~M;M}6J6SKjM?J%|zG&eqreXnRDKt2q{H27e!nA+_6z+I`zZ6JS?Ukx-MU
zLI#8!`PZ5^-JF5~y4Dk5XR{@4+i6g`?t~my_^NzJJd}1iw43b0Rf&gQ#ebG&Z#$uk
zT(|two@j%g4z>)8k$Vm0D;xG~l&)OGbT*!q>QCP<1q)wvK=|##9SP?VrU{mM?#4J7
z6zK-SW3;wDW=w6tIBcGPwupge(u4i;hWduX(%7i-?Rhi)0y@Ttygp_;E&8mjeB7<%
z!Fn@fxq2bc5Oo!NNg^oRODeoe%jGyfB$^eVhL5{a^t3_ff5`NK9h4@(S{p-CDq%hk
zwK|h2w5w!YMlMoI>MI(LU6re{iR%4kc*T(yG17FmH<IkWV%)X^f<7EnGhzNAC6LD9
zjOQrFa^}ohvvb32ZOS-|#zUWLVW^&r(V+RH;I~o<0<TFpjT2m{RbDBH*@s_qnszf~
zKh85-Bd;~rtKkF*5EMJlf=hK=4Awcc`?Ef=Im2hi?jb(J>Y~hhdDtD+i$9*$#+icW
z68|fpcU@L&r+)Vj(7}8A&d};oELm(~V}5;N){*^N8JKPVA%iL`6WuZnX_~#Cn7`1{
zdOfs*_j1&jV=tU#50K~(zH8k|sU;Ls>;M<cc1LjnJsF~!<NBZMmrs|?aRo~Yo-qU@
zK?eL32cM<lAj7v&NSL~wj&7UwF9*H_9EFoG{mS+M;<tjJk_BhtD8bsNoFWhoG*zjR
zGk2y>unz9yfNLnui?v#Qyh0><%%aG=A4Ur{C4cM)xFaU)@N;B>A-s3#G@&5~33Fr{
zuKdiFl2^<1U7X49B<g^OKhb@1es-q~kVJ-5O_!y#k`&NT)?;~^$s~2}$;YZ9=lRPb
z&;3{ibbgwAn~4lkY)#Gq%kgrHV|C~xUb$*w$DTd#3KUJ8U(4Zsvw^j0K_vD757ph>
z8<C#vh%Q)*<pt0AR}Akh1;4~ZK9u}LOJG*-7ZrJvh7{KJP~ZlNQ;RF^97pfN<Q8Iy
z`^2v#FE5DTBTTe=dxL2YlvpyTz>X%RN&#gA+KXfv+Bsj(`CAg4M5k86ct|*Y?+)|V
z<`aw-v42gqR25Rc4_erB1+l86pB>~GD+p{-X^_}EqOMogzm5lfQN?m+SZ^>hMm8<T
zYYUrp9%B5(s8nxtFDzGYJ-YuRTQTz>#r`7YQVUAGLBj(K<T$c!Az?S|HScR$!NAJ|
zj%4~Ys@r9nM|i<)Rm+~iRWzkz+=C^V5}u8E(q4BUV9vP7KHmyC@UShNqeb)`_c;ET
zUy6!*NHV%bCG^7?Vy9mhxu+AUUW>{ybJ#NIM$Wx@(^)>A_wEm!tojI{CXj!fmZBt>
zT*W-F`_n|BDMVo%9;f(RVXf#;huXdjT*VYk7PARgTFay9pq1L>JjJn5EHa!eGf9dg
zIgm;(l-Z~%WR>Q`HA-?&NiR$=OY&2*?t<)7W#g7S#hWTA$I-J>+c@7Z88s!(IameJ
zK+VGDo3iidgF1c)2Iwa)P0FqMYw&i0F#8~)ipb~uj5-2d1^GsEO$zWi&0CxS14sJY
zp5E|69da4r_fHXY9)cilZ~W<|ClT4*I8jy1cDz978m<S%(bbI{Zy>>-v}K>o?2^!z
z`F{i-x#R)Z;Wvt%r|zzTkyJvMz_xL&7m7*sSuRd|bQKf#CZZBw#jap^6RA!o&P4d}
z1eN0ew$?u%5kVs8V7PP<=>MbxnczfssLVO3IPUt#BO_^JH%xhJ9gOx>dBtXpj5|eU
z_Om*aCoGj`crhMsy{_H;C7xgTIN1+*;qX|}xalwIGq$6WV%@SwR}^Zsj<B*Gu5*0%
zr7m{01+@-_VMFmJ($qN9@G9fJCB8xGTjKLn9lZa33%u6%tjm_qHvmUx=cxW${w)&Q
zB@`Q>6X4w}MTE;8z(?mVq>w2p3rQ5BhL9<SSbde~d>uZaImW1zDI_EJaQ=$!g^!gf
zQw*sVDIiCK0BXT}&@6dC5vL~d_0ju$g0OP=cnGNlW&i!CQ)&c|8-PszP<s=Y&l)nh
z@M#CBzP_sbJt7^v20Y+nY|{>-E)}XORr-l4#WP)?_Qk435;Vr^^WzlB4A1t~f2r%H
zS6*<+Lz-!>m(Bq{xv&PXd~Ogh-h-)ck0<xzPW%dGtY}>aXg(HZfr_ZhM9yF)VmDJw
zz(9&<fQt?84fR|P&=UAgwur5HfteBrE&eGqOcf)LW<rR`1ynvuCjCQMXZGCP;pBZ6
z)QnW3>57l0We7LW6A19gIvW#q>Gp&-lOIZ~0C7|YB&9Fm<Oga&E{o`rR<uaE)rruZ
z(5L#(r%k9ZSLaO69pgWpPE_md4L54aa_!1Yn58&5P|hYePG>+bm?%fy%+07Uc8q1l
zm`)Op#xevg0>`i@G~&E}kJH6@j|eg+2~^n8=%1m+ZsyKmXCQH6_dXULZFpSeX=Cwm
z9gV=VAw{3obS><GM^{p8-BfV)?ESO%`<AJ37*ljUYB>h-i2m?OPQmXjKe>jZpY#;W
zVP^j55jeRYU%4o}DRkp(ma1~Il?89P)&%3Yez~SH(7#Z@-v_7vqEG#`eK2A3CWG<s
z9`!^ST0o^~B2F({Myj9UJXpCMzYqgx5J(Qo<OrY>Q4@iYjF!3bpF81XjA2L|HTuAw
zf8O=b>niZGI0D?s+3i#Bt1$>WWltYdU?T#@H6+jYRu|c`%~uwsK%IWgNz20=LLPhP
zN*|s8=o7H59T(9;Nj9m0pD6h7!wk>yRKg1pe-TslW)P3h(4}Im%+{u~)e+#pgsl!m
z!%fiSm@&I1dMK|d5<X`sHNOKgq=LZ2O)OiSN=j#;f%c{r=M%rL)06@?3aT(4wdWBn
zg9;EOC)Oo{l(?qBEf#~82taBWP~}j)m4~kfvPX;2Zbjr*rFqO(tkg+|mpWAudO}7{
zF8pMabJ6`EF-I?%@jp#oE|52hgvNB#gK_Y;A&51WM37hz8*C(PRp*^_Bh62!uxp&1
zhdZ3`nWK}d`*SLq<d3Tiadf*A=4MaZml_FUOLtraN!blZApG->cbP2G)5S;6e_BEv
zcoFNf21S{JTf>}R$a;$}nX%eu^;+$@T-{bv?R4iQ)=l1dLJf2SJ(_{a#YwkdHJdm}
z>1;6-IW`{4Whji-e6NtmTqpW!-%eYcDO8-}Vy&#dZ;<<REAuogCN@;1EhAT+P9*by
zZLoGb$y(%SEmoc5Eu7|kCb@Lp=3X-a5;f6%HR)N*7MrX*ok$HW<tCDQX@$$b0v^H6
zh>u$YZ1GQS9YV(riI8eqxqvOPcPN+&t%VHFn{yc!S)meHwdnF0tT7I*ksON}!=9F(
z0><zAz9()+u$Z~eE79}ZOZ3o&Ld%g##K!I)e*8kmxA#e3+a^>M3XQ{d&#B-*=-P{1
z7dT~KOP3unZ4}d3+qB0TEz`zdn}`kgU(EnrAEKUWkIju~h{Smmv)DMfd(@s;bXcky
zxr>1tCgD{a*N;ndIrey?JGX~lSzOfxXiOAmPW+YWDjj&E>H#F9=S4A3<n*B0G_F^6
zBDx@AkU1VMLm-|!ZN|`6miraJ570LuxM8Fz4o2cknYdqPDm^L#VEzE$&Pr~)$}8@t
z3A#+Q+lrP&QS$Fh$d-Q;k9kGb{kwa2(HpwoH_E^_hee#w5?_&wrvyxbjYpl~ZT0sg
zPT58`H1PJ$iV=lybn)#ffZT>{C^Cy&S)8r%qYTvgxw28<7&QbHRKz+0&t6^k5$CJJ
z!xe+WE?&17HQsnP1cGTRG+DwRH?-d+FjV~>>=p4jF-can@2*4gIxZHn2r%|RwI1o8
z7RUejEWWq+$Z(<`f!2j(<6y-+rN?0Xb_8i<v82m61Wn3@8|Ial9fL@KHdcZEm_oHF
zH0s7MUzrv2wYrE9{&KMd-gmLw^Sk@d?gH{<8@PM&qsd|v-wsQ?oNH(CyQ56HipvT0
zfNEJ_%bK2u-E#SQd7pYYpI?vw->~!Bjx$gmD#}Nc{N*XSyuv*&Z!h5I<JCp^7Jo<E
z`^WnSWr39qt0p=c&h&{f3;cUdw8Z3rGI-zS3rC)U#^mdFdbByvUlxike8Lfo_iaM(
zH+pXV*kwl-j5<cbfs4dFb<qpBBm;Lls`B3t`|TUNl{8nX4Semz1l5FvIXm1?9{K%q
zp-e;|2D||!_?kKntRzq>F$l@1jJhb7bffKW&>mHed)LbP7DP)bR?2X<fT5$PC@<$G
zW&b>aMl(w$P;wDy$o&}A^1I>OR+pSxi&XUzYY>-F_IbaDZ20Z62U;Lq7d>R?q8|h=
zqFrUmsH^TWs7rqt{nE(s0{UE@a$c;=rVbA;b)q4l-#=AQm_f7Nga%Kbke+{coWY)$
z=O;500;6GS|G9lRwy0mI{7YW6VtEX8k4HAtuH0_N`|md(-00Nng7f6mJP&LG!lv&6
zhazfpB)(#JzlJY?bp3<}4pWFqd;mduL3TJe9(6Qoy8RRqX5JChKX>mMXmJDsyuc-?
z-#^Lu>_RXGM9q`bev-l7fe6ooVAx6j^MoceXeN1B!-@U#C%hW{h}+XsSUE?hrG0qX
zC*6SkRcveuh$+^sjO6B?Q_$(F`>;W7Tr1YejmrlRxh2XNzWvX36UL{h2|NRDj)CAZ
zrYl(B)=YF$QfZq=%P1q}Y&3#OayFHdyBLqo7)=nicc3bNPK{M|>w(p^la)J}Eg30I
z%h2+6pnBp_?aY@V38*v_QB6uIzbInz8cSM|HE{vrD>iDQsZPnM<f<Nx@ZP^j-Kn-E
z(dJb7dP-`!by_y}da5oOuKHTQn+g}5o+Kv9p@RN`;4nJjs6a9!n&R{PoF)s~L;V*=
z26T9Nxma^aPG<Cm!^{QmDjb2-F}H;&?Q0?Xokpj!gTlb~+PZ-cnI3lnupAI_DD1Ev
zHTnnKFE9f&(4@T*>$nm5uF+o>>PEX0E~F~qQ~Ulvc1WdDf6?EzhaiXbK(&z#IVjC~
zAS=W?SjWQ=;zo>TZnQ<P$+yiheV>n?WG2}2xgz+Y<dwi4(LIF6AQz<j=D3WupcEyc
zL!{g5+&28C`H?P@#u?wO^&&y3$;NZ=z&HR*^(%fIi+=!_@p6y0=p~e;lQEA+)x}I)
zI_h5bte4uyx)NP^r_6t(yirW3bMX$)C`D(bWjrNlmQZ;fvA}Roez;@7*#3uQnSr#-
zp|@+m=UQbzC;qY<lRhHpsYYt1)GwB6iHa{A_G#0jIa7|@6v$z=9i(?5bsaDbxZeh%
zXiOLYOzB-*814*8_@0+BlxcdYoE`~1bzaZc6+S0w{$6CiOoCw#2pAA*xe4mh;{y^;
zd$PCM47Smbq@sLQtu`oN|J?i{=#+mXaDfItVwdO%Bg?}$be<m955N(a5t|vlSV*wE
zB^v6x2kON)qguqlUpJ8Soh<`7OZtI2+~BR;j#7VJyb~;o@WYhLGzX?4lqSN9Z~UyJ
z{_|0lE+(AbDwq8`DxIZVxE0(Eo2k&ut7e<v`sScy(+xcF`pX3tD@qpXl(D8SA4ynv
zTacG0p=I=4aDS$#NiR0Aok(fdfcSAK<|>aQg1o8-&jBsB!N1kL5!5)bcZ`ZVAqIlO
zoN{_7hImhQU@GZHp!qg6Oh>{6yTKv|U@~wWJJr?UN^FhC-U6otbrH|;&$;xV{MYf6
zdAtVIj4=Dex+3+(28v->ZhatDjMegE<j6I|u##9)3fp-Nl6eXDR->e%5j@=KXOuy@
zJdv*3@At(Cg{%m(azX>Xt<Z`0M)Gkl@j~w>Ak%YaSVZgENAF7f@x$nEiaZ0r_@O)=
zCR;(I6}<1d6k|6+a&tH64D?`_Zzhi7(@rpCPZjy2&$Q6KK?_o#czuNDysNn`S0B^y
ztogJc#qmb@BtWQpGe$@aZzi$YWD5iNgYW{Tfp{_&*)hAt(Bl3qWTd|k#%KfNNMPLF
z;)-OaKQQEzX!xxRVFq+kkr&kP;g>=J|3(fue6&3!2-^C`7$YcoZPYwA$QCNKvJ3Zm
z@Eq8bZ`3nvH|#KJI))OcAu?AwAfn6{*)>{sprvoB+yb9xgYN#3B=g40#AWTE{WAN*
zAhoQO@=NPb*YL-S9POT2?43wmmj15^b12%})K-=m%T?X=g9I{vcV5}*;-bU^gt>ip
zs!O@XvLeE09o;=)vZmp|Dg8{R(ghkZJhB75Pm?D@u`#-4`bYu-t7hKtY@~DpuOu5F
zTL(m%Ga2yQ?NnxYpStdRdY(>wYcR<mRBZ!5fS#-?HWW%>=LsoS22k>i<m$L&myf;{
zG=qQJw17qn3*q9o%g=Q@c3LksALI0A>3}|815kBB==c?4z)xbAj`aG+1ma>>lDtC$
zp%hF3E<#fEkeuKx>)SmyGdu`Xkx)gsm0I+K)xb{+IyK9j-0nY4a_^Jc`oDT}*qe`u
zDi6I0KJxu$_#e+%Za2qe7akAI%91F9cZ)2)`F~u6mL6pUu1a>n$zs09vaxjaHofd1
zt9Uf}QxVrgml3UzCRTk-#O5`LwmNk6lLM{sV^yRwLxR|shzB%f{d3#dgS`g{fZO^h
z1zgL$&~5^@4&EG?A6!g7QriS$KBpJF0hD7d{c|xXx&o-mOf8F6q)>E+gQ?SkZ+aq|
z8N>Qo>C-x6Su$sfeQ`7uYTH4}qq1enl+7fM9HmN@)aAz&wOfduZ4P(%5>sI?d|u{;
z8G#R+qbS$IlzK4~zkXp=LVO=yeE6ZB0%^U1?$ns4G-Op;au*crAK(x!`H_kVi>DS8
zmEt3WlGr&Rv!hL-=R^X72z@6U)fVrrHy_%*1iLhrWQ#kosE1{LX_nymybPc;N*<21
zN*q7M%OnUk7w6?OaWPCPKu`va-roKeQI$g&71b>CA5~9o1l0tS+%JAqqVuoH1#&ti
zF<CEp5N4U4`v|;kgvcy4Ux#$$1{<?+f2L^sGTlaeb$Xj1sR~VP8TvV<eB$^czMpX@
zG7y?#3p8Q7Y+=2$Z&W>2W3}0z|BabE>G4RM#$+^?qc%bHeLSSFeHfI!g)Hg&H}xyY
z($MnPCU|7ILmFCua#R?uD<-Lw1HIO7?rF6*_o9#n?Zu&3T~uIQ3ObK_7N2GixQXp^
zBdBFb2sGH-TX$~)%?>CF{Hc^B-k}gd#3MmmiRX2WWd=$L7@cM_EiF01M0w<9C4W<7
z6E6tWNsd;>i3>airQ>hy#XO>COhQ6}6ZFnwa9T-G)4lb9481S1N%Za#0VPz*q1^c@
zeG{h+Q;`}4Ms}#8FqGNZN-WO~<}au;`l!%p&f}L(f*4)|Eg-*sQlV{_-C<=>?Omb_
zxSsC7^plo3F9mx7EZd!1H`>OltVz?BR+yaO8R6)TPb-`MjM!la<n1#rxFSmhQRg?p
zaB7X|G@dKz|FJ`9fLt512U1%(kP_-T?B?$5mtr?AD9~$-e+_89naGa&>Y8C^K(@GY
zkDSAcEZuDrBys%mH+Sj_ce|*#gY@0Dpw1#w)=<Kx)?ROm`kdz)OF}2@p8bRD7JuI5
zl<ys9NpF=>#?5`|>ynlWeHcqe^<#yFEq61BP}aRqV7&2}{8cY-7-)U1UMFz&&Uw%`
z@-lu@%EgmNn-;>;i<e2VF|3_zhRQ6v8is&J#&Zxp(HJ~jB{E1~8*#nmolbV~ptsoR
z`O=!Cd91EW@fgyQ{ij<L8L{5drrgHL+6IAD>PSZY*kzc%5Tx5}IdICFiwJAa$DWNt
zwKdhfpB!QFG~n{K0$A)#8XPk!ZB%j*l>62o_hlo_yFA<vJ8&~?r-fiv|4U3fjY+y+
z02w{CYSkg6f4E^jL}9<&>B~^KM6jds?Y+1t=R2@PnANqG^Y@BG1!uu`rSrx>{<$}W
z&yAGWncn9P!e}F`trOa?3BOM2=ed@iwwNs}h-Mq$;byZ*2QcnxFhY`S%c#_lY)!tB
zoK1ytrtnc9=Uw|Ntissc<K9G^r;J@3V-ugVfv)=X^4ReG^0>E!yOpAeyS3&#iq7F8
z%CNC%p^3GrDG0aFF=~sT)=&wLhz4m2jp@qxR2JFV@6=0<bJ6A)W-4+mqmAL1*^xce
zC3er#P#WA?12~F232J-NJYi~gh;BjM(*Mcz2gYn!xSY8S)4jaP#&xc3oib10T~;WG
zZH~XbyKqFuQ&=m|KU|LMyP!KJmmjpL#83yw8E5c0DH~dwbJ+SclD-F&^!5{7iId)S
zs}n$l<zB#2=PSyvNr8O_xn-!a1&-RZda2{d6B{9?8_410iV}j$=emLXsSwnxjR;Xk
z+_35fP^uB{C#Drg*<w-ffvKR#s(0EmV0DXBWNrJjK@u=%foU9E(bKN6O7B`djIQra
zY<%IaiGPG*ZhqlT$)3>r-l?p;n_%!Wr+2lhFwnO&z04IVuDvg?0mp3bl0CAhwhnD^
z-vYx{fS)Fk&8zl5i)>eJ2O~M~&E8xz);<#r-`Km&8)m>fahm*VE}%YTv3YvcbqK_J
zi^2?#imizCLe(~*uWLrde6Tps>Fg<piT$!-JZWewe}{%nfH-FK2|p+Xrt|pSt$tzT
zhYqa)n4H+<u|v@*otOanJ|`Iit9|DCJyXJ*Krqip8)*1O)^-5(;GZtFvnunU#lQ^T
zufyRXY~1rXDBYA=67{UBqDbPwCIOT1g$-m_qdY^K8TvR99;P3zDR6Q_7Zl9zJ|`@g
z5GmA}k#GXtUPBMtU}=!p0VvG|g0~5dgQF7LSj^>Pz5Uhpa&a4sp=<j0Obb>asK2$>
zfGJfd*b{tv5cerv!ql{9ChBoC^w+&)wh3t%Xu&3=MLkaAVC5Dvn)SL(ZsW#|*?i2U
zBWI~(WL_D1UC-yhzHVa$qlDX)%*PfqeY<mjS`Cp7i;B@9AnI&-1RAM!`?enMer|{`
zG>|Y>sS4_A7s<PaEZx;814jRslA|vr5IXdibJ!-T_BDEaP;_Kg+>a1)XrH`ltN1dH
zN2z2rAm6$nZ${IwHK~WjgKQi$o4D^xp?+vr-Lc3uW%LHo*D`TFB;zluYzpm37|-Gs
z8B2-LS(HOLmk@+2R~NdOXZCy&xV2uTYo%6UUj4DiBbTcKb%c`F-+8s|Zy@`az|v`m
zM=0bK0cCcTh@^jkCKi`OMjA<b`H+F;rTL%gF(teWKP!Tn$t{tN#OF=FR~E(e|5ldO
zb~}RamBsR}#k`1(>^vR6V){2%WtY(UF{($@OvE`f!mOQWH?;>`%y9HRmXKLXlUV=c
z!TjSh)Z54nsF+##LrqX{FkA=RnZt;p7oeV+B2-PyUO*J-cXVKRe)Cv5=#F=E?ztzB
zhZzKe^8lp2pnzV5m~x(bj{akAM!RiF`JDlSaI!GQmbs`a{@nkLSRx7V^G8ys8w*wp
zokl(<8=P%?_Jd0OxRca=6rih8XMjI-(jsgXe#CZ8@uT6iiHQ=AVpIlJ>FMt(^EJB>
zTmqn<_>lSuqEMm@v<imdi_McozBA_JO=@BLAc*A#h$K41?s13VADq(&;V94Q?$sda
z+59J|geVWrEqa(re8qT#Q`7*EuZM~tu_Yfb;AKfl&@*y#77v3razh1X4Zk+y1vV>P
zeqy4E56(+GrXHLJ-P8ls()46yl|8)}9BUIZ5@qIw0-c*29vciWQ&qyL!l)g!D7@a&
zM0j^vSf4=J(y@!qO)mvU<IaRtsxOyw-C`Zh$q=Et4xI3w>IckLEByKQ_KVt62gFQe
z810*9M9nU)vBh;D*1t`lwu0UUq`#Tk{}=~aAXdqe<ec`49c{n$!9UJgTR1y_kYh97
zYfjktYAgXFcN%A#GYh{ntuo@kN@K;Y*<jTHgtluBYg>_YzUh*sv(3v&<NBS-%lYaZ
zaRA2NM%})i&E|jmJ^CwWo+uaYDz|1O*JkRe3vrHe5zrnDi^YrOI+Xc^NO~FSsa68@
z)W1Iyj~F1r7l0i7u>#20{CIJ>cE8?)K|h^NH$t&(X<#uxDU9^(2P<kx_oq|*QBz@G
z8t{wof;k=n*0p^n=l(+Z>!HVHQ^Y{&?D^s)9wAH!Os+vCU;OzI8|m+se6JWT&y)c=
z1W_A>CFE*=ngTDDQ{r>&5dIb#<(Go2orSMsn&T5hcLYoZp8x$eZ^uU8d^?IE2#DXw
z!IxL0@O5M*s$5ko=us5k7dnFP*)P5Do*t)7bs5-_zCtUL0{6UL{GT#<hXVDzy?#Ky
zr!NJ?ExmXEh>Epi$=gkGj@8gUQP{lW5%rhdV<v;$Q@UGT`_u02=f95%?zqR%LstcK
zG?s6(j(}T8M2oeJTkXZ>I;zROi?Fg{??fEFpMYB}A(Gv<t-BGl5kyU18@qlhsZa9v
zKm<osqsUZE=-c1o!rG`&q4^f+`tk1&lO-S<dv_LT+Zq)x34brhk=VF5t~QTql0C>K
zGLGwh=Bk^RrmJySSN%ZQ&#c{-`Qcg!WA=*?!UQNUm&8e|yMWJ(hVZyDE*@Hjk(x*x
zt@dG(k<W+Lh|NEsyS1(J=I5;vkG>hN>r>`mwhbY{sQwa+k(~gd>XYsA9O{<58etWK
zW%!$psI!^F(;(dYVyp+#BDf9=@{q|JLwMA16)K18*_#j!va`>~cF#b6Ll^0M-om%#
zQ4|>2A_e85U_R~Q;Zww@hGs@=-Q7)KIKT7~lV)~~4$h{6xgYUl<V0r8>M~t;eO=;A
zRzbYsW-U$<Z6@bJI2C<4{_WRkW&ZZ-%w)PL(tZ1NTux_8PA1bXe|xtwfBSX#HaH1b
zv>CaWr8^gjn2T*!W@l5mCm5X$<?4%=rGdH3Bi1c*|6q?jZu+kn#v`#ORms?tafclT
z(WB`F%jK*uS;}Rs;~J52h^-IW<EYJ=x1PAndk}&I*SXRKA{|a-MHYgQa$vEK5WB0@
z^fWdc6+ZogYY5>LtM4wk@940nyqWa;RlW<l_3!pTnLwf@ZhZLvQd3o+G}%{b)&u(F
zp|2D&`(NnOG||IO$+1$&8OuRy$0Ej$a-}*BcDlyjCj663#z7u)->OY^M9SnLusC?$
zrAPhn+zE6g!!&YraH*2$mlG9s?&fQl)#cG4%0I5sW(}agSZHyDvH*39w~OqRl=66|
zx_Pd))RlBHhE(mTeQM4($G+d{;Q_LVh>5AvE$tgWdP;@UB;%z~ex5kW2x3bpaY&7n
z7WP;XfH2pIqVSoqouve(DCHeF9i%7y%&>E(v^hUIn5&2vOd8W&TyB23S`q6!>}HR*
zpZe8)!q+Olil==r1^2CIRv_(hio76<kdoqRjWX8ugaQ3^#ZBo|xI#J9=s<WW6qhAF
zXI5`BU!lh7Obi;77!xCMnmVE7MReF7y$JvKS@ycmGiuNFib0HfX1kkm{H+PvA;Ut&
zW^z2jo35B9=igyk|JggdK|!%1sq+#>@y$<MugEzr@?@MyyNdDrZo-GXvr8SA3JV@X
z7`^thB9!}%CFon=S)aYLdjTGm-nzB?kT7gqZjqr>Pm83Ut~)T<)7o2ZQJWY{>>d07
zaYRW`?>(x)>fMwFV9xxTBExOBhl$>vN<@52ot3CXna7CzPpeHfmW@x|pzMT@2$m4a
zX`>9rw+7>(iWqi&8oDOP&y7&EJ9Eh^1YTaeCO0-85!p+&Jc}g91E;>a$A+e^Zf+mn
zg~Rn+p8qE6Jw5-;)<b%Jh|!CFe!#B2qOU5!Z&Bj3D|FbFI_ORu^`%Y(Q>TKeQbGJ3
zz0~;!IwDFIdGA`zUVSG^6WWpe)}I7y3S;pV(LfYGDHPf^2z~$l2RMAUd5Uqm;S`!e
zX^7|Hd;g8a(;{b=4De2UgT!w+<(-{NC4z#6!R$#0QBgmPjT9sm#QNIAF_@FBAmdd9
zr3=Ixe!H29A^-+SOrHDxvV&+9#{H{bxVWi?eYHjcTbdUFb{E#JTLU6C33=hivzHCt
zAc0KoA6t(|=j0R9kNZ`nsUT)}aoxUujvld;uDbXVhglr196*K9i|P?xhp^0UG8b;e
zbCXpR)mzcJ_&v!38(PY_xq7)g1#k6g&$z9SBMIKcy3xdy7~y{x*ZVTluI;}g#w^X-
zWo}z4yFBDaZ6zRHlwmEgg(DlNSSrHwmH!2pPL8{od$I^QPE^Q=p|#=s8rm;@N&yku
zu%djthv!1^ssNHJ%~{f&`QRvAum0{gojZ||hgw=F(xaOywVZJB=xe=%-nH#B#8s?j
zcz{)2gzfuFmE{oEC|WxYk(^+G74O@bVy?z4-R=jEX%2x>8xTsl6otup+3~lN$B0(4
z=4gTIA+E$Sl78y>QklpT<!jN=eZw~E5>)!A>Gj)_W5i_p?Y_b5pa5{z#IqV0T>CN<
z+jW3OFYxGuCI_29Bq9Chx9L~62V?SoH}K(uq1*6}k8H94nTmgEq6WUzZ1u@hL)z;0
zKzVO(b-h5FZ;q+2y(c@)-2Hy0f$QLY#uV;yX0YjmV*p3_gKo>?qaTY4`twE?>1x|C
zw@P7rd!i93@aqcrg(O3|EME&gNxkIelc%RA?fgclaW{hyyFxBuRsZ!zch`(E#q2wn
zZfXrO4A0$3TY_iRbQbsu<d!9)fA*KO#@i;U;Af*+J$0$lYu|CfZ+);_^Fk}%#~?|1
zwsG6Tu{`ny+a-9cYiG+Nm|^F4y>C+l*E73@eLbkjeuji<gw^nlLkdIYYY^SQn<S>)
z@z$!*u1j0gVkBXJsW}wZk#QIK+bf|Igehbq1T3cyrgIKBvIR!v+0-$`$R-1=rAVxM
zQye^cKJ>UiR=-P%D<C*aJM%06Nc`jgXE2^8!qT=L`B6~p*%^old)>n~28XahVIBvZ
zo}?rpGN1`u=<Z*9r@b!F72?Ke(Xed#XOS}Kz5;?KtRxN}ozT3aM1TKQCXY;}ylc+n
z&JFSHR0~)mV*&*qAdg#Pk<iB2-DS3R5wlmg_N8-|wB|{VcYq!n?3T-&VEf&FC*|~P
z`fOZVCT2^xfR6@M=e)UWC*A@8BmkKElnwz`(BkibeaIjZpIDR>G@^Oo$`Z&2CG>mI
zHbG@gv8k>B^&N#9{qY~WqWFvucft0Eet1l|u}@%kqQD;TDr2l|ESXyxJI!No%UGYu
zsGym#f{152p?J=kT5Gm8!Rn0k?KZPS+};Lu!E4%CvgXX7pM=@nR@s09d%j40goW9L
zD3!c`9zR_rtM}&u5Yixoh|njF`4l<91##g@_5mmHz5Q&t&L4#uTs@VguADk$n)Ft1
zsf}3!Pe8|_N-3tDG`Bt$RW%8LaJ6ROmB>ydS<<xEx*;`mZ%{k&n_=$~O3sU)`5T`@
zbKcd{5`DKrIkTsa64DbC|Mro8FfI+SYos}S>RBy>gyN+xh5wWJiLewJ^l>7<vuByB
zl!q(qrI!GK$d5sl_r|+)IW+n3GbFl$1{XnJ56F!F#kTexq|59Hfce{EeDH~?{f_#g
z?-(-SX%8~Yr=dui)hqNN%f3)gUvxb>z0q0hy%JHP$EKN+W0TUqEj;S6?&)b4oW5Z`
zmoQ3(=k-SpCS;;!UY=f#FN=&800I$cF)@J#Cw!clqJrR4;HA%VD`RUCLs0LV4k3xQ
z0u%*rX(=N8#T5Q}g<kq47yBBnO5Lk!6(`oh^Yd^|Fy<Ogv8&RMSazDj@!zY?j1An(
zF@aUS3oNVq(E4#^p!t1O<4jv1Zim&M`%57f_o>z64xz|RW_EX565I}3n|tqEv8!~v
zjxOX#z8bdI9EE(O@kl<65HTVxJTHxs8DQ|C7!jRFeso17AJzQvPsjXd%)FVQMKK~Q
z%lq1YGeh6sQ=9ALw!mD=VxfJDKQv_FG16AE(=%O5p&gv8Fxg6L47->pF;?!wGICk0
zvz^i!cr;U~E8PjN6}DPwHm@}FV4+%>zaCgFY&>6UP^<OAO|-UrHawr#daTqc2QKSI
zO0lteGCEt)zByN_T6c;4O2_TQ=4NxYtN6Dw@M!(tSP;%OD^0p+17yumDOouShYqsE
zKWK!~UCzm%0$1CO7}K=_*siqJct&Pz=$57rH$=_vvKlAiD^?F35NtO8BWiyW{r)fU
z<D2OFAMtw_1REfqMgSYpe_fgWFSSq9y#B-bNm9++@m~-degCU9Kfn-GVc>UF?!*vW
zEqU$GN-DH+ZG!b`5(`$|22OgdUmN3^vo*=15xgQ}bK7!MgcMt&2g#!`yuyF5>VMD#
zUj9Eg`9Ek1FZUn(u1om;TARVk{)Z92=i<N4=I}EALAw7z3wY`OpxpnUWqg*n<|Ik{
zo$XV>4R8$Rv<+~PHLY2Xk2EgQ_K>Yd+vMW1!GNpF&>W$RIgUi2`Z%n3K=B8JibpqY
z&^fKNptZ6WJ8xeDz#8wRLd0ChE&}IjFZSo7uUMo0-Z_L{)nCO}>N19<kh$^l7>}7O
z(bV?dVQ~;kznBLbVMSBt>*=fe>yuwW8Uz#_fDQlvpaJ&Q*_yxoaG$Yo007_Ec#jTt
l;{RSjtoj77761T?UXTEk?}q>Xk->?d?f3~<)A8S{{{tmra3uf$

delta 46976
zcmY(pV|bWNv^5;Fv2EK<+Ss;j+jndyO=F|6ZCec++qU!eIp=&ozW;m8?6qdDJu_?1
z_&eC!8yL2t3^)Wj2nYxah^C^h7TPPzkTy052ya3nHWA?Cur{3f1q6N|f^T)zq8}S|
zOcnN(gk}^;1+d=?+uupxL!k2{naeqQ@)Th-=@<%4_&0u#zwudwF-f^6=|}z<?rN1}
zaORF5*y3@?8QA)IFbLs(=GvPv-6!Bjhi;&knH<=e)yEOlKbJEj-?QERNG)~VJ{#R&
z8z}6%*#?Soi*BXIUap;JyJSCacO$cYYnn-q1n1r{tMrHmf3fp^uKkD~$?$SQ9#0v5
z)p{x8^iDz$U-zhjUVfG?fg(`a8#cUj-!0ZBXJZ$R-a0{LeC5sgZRG~~E5)nA|LzY6
z7L~rGX-y~FW6Z6M!rjn!Tp=~7L-9`!47pIL4+#K^!cEyhFs<A+HQt3xB_<6eG=j4e
z_08ey8<raV07*os6r#at8RtOR4b-8vw-fOp?Wp<j!{^36ng4WA#&rGd(-YQ>nD5av
zUG`YG$7RI4qPKXIs=O&JD?@!cIvPQkclB-=_C%z7v0~j=Cvy><>(()IsTx1}!t&SW
z(-#oICEGnLcXJur=r^x;=vS&)q__Q0F|JG#U7X!EJ$bG5dqn^FDY=mCq>$$m`=y)R
z{8)VF2b9umF%4|S{EMvdX<|z+?O?}*=8Q>x%-EUB4P&4f8@v6v@nx9K+OS^YDEnQ2
zfVKdNB#zQ#1yz#Tt5}68-fZROUk;cKFeBiohZSpWw7E{MJ+1kAu;aT#nz+>Vsgx{9
zEVL4=4{24*TN@6m%g+hAuj60v7jJ|mze|CJYz?k<ux}J#46zYzVa3lzgp#_t5g_p}
z0c@%MB`R#h((usg?2YKOMhWA<KCKuRZ>q2YHknj;@cPWSI21bgZkn{mWmZWN5i1Zy
zB8_FBDZMJFjDq5(XOIu39Hgz`3G0P#{gvck;AJ!ou3rW+H5`3-&%A&0Jq1;SKek~3
zjVXt@{%ZY&0?`zg@pw_gZn{_~nj@m5mX_Iio6>7j(}Nfd2fFc`B4^w>{wZx-Tw=%>
zgyJnP#_u#|o34);1WWPTZV>mRbsivLZuMgwfff%&%z7IVR7MH}p-^fd`3D~Yw$Ei)
zjhs2*?H>gV{ZNaLpQ<La6L@EIQqg4Aor@<2nrAX1L3>41m+LtBEn+3UH<U;e27;e)
z)j~6{mMS+yZL)RW?14%C>!ez11LD`|23$RO*xG*7m|d_Ay&D7LreDg6>+gVL+xYi4
zJ-Ul*N6wd4#%vpBJg&LGX%&MUZS0%w>*`J61&{1y$l|G)15Pe_iRyUojbMG4-gzI6
z0Uk?xR3vA^<L_C<aw{jSlrIQf9PQi7?jk1VB;!Y^XuS*g3wYf%{_jduIG&R_GK}Zh
zgs_nZc#U!uAhRVGS8Z@GBw_%S0Lw39TF@O?S!DvP%_SA)h|n|?3L4yo3WdmK_lQ_0
z>S%_Sj4~{yd#&<2Q?t(mcJI%7G6;C{hz_lcWj@+ZR{)(rBhw!?_VtoTq&UybB$i3S
zVWN1!;wJ;Dy>eG7>Qb;0ZY=5pwle3U(H%|IfQwiKw;?RM5=j{&`6)nq9gw9@NnSM;
zWf>{3_UAh@N=TpJsYnv%YnW=wpAc_=%S?>+B7`-^yg@!VBKtBxedU6{ZHud&SP7A)
z5s{otu6(|)q4Y@3R2X!^oS$?UnxEJ0aPT|rF~L&njtkB)G?S8F>8k)Q4=>Ltk-#w#
z0g-Y4*{1zfNelPaBo^?jDS_giPE{tK^S#)z5mDgWd%;%#Hwjt8oOcknY!0V~=oobQ
zTUSUB2pLq-?Igyd+$wn;S}2F)0<uvzGAfi$Q50K4j+5y%-9?-0)3)9|1p)kMoLT&|
zQ8FlE2l!@zPk+-{l*Cp8XCR3z)jZRj$?4_Jl!s42YcnRG#||8ScZz5wvb+^{$B#k;
zdTQBwxII0c99M#WC!z=~qJ?8YcSVEejJ<XM_yuQB^#slNYY-Kz1@d*$<coMbd0k9J
z(2Z&P$^9l()DB=)51g$>#Wr)kdbQry<>;bKd)FhjdkN0cmaXPn+>&_$?72Q*U6s=!
z4|5~=SfegKSpd-LbP`AL%>D7^_D-M5g#6sG_`l=L?hJT2g%9yXxYhgxTFsTjtL_pe
z=)O(m)hX=~`B!V%QAb?J2SM-z==l7weeT~wuDhP$PBCL3D^yM5;AlDAvvW3{Vw`D7
zyO44RnQUCp5@`WSkV^bjU0Ss4pva?HGy<{)DT?EIETG=M8+kI*INzmNxf7ych$vK8
z@AM(HIA$YwnLd>g{LMIqXlZH3{#H{CeL?I!0OFC&je<m*I2PkxbHyx{po7x%*W4{n
z4gTZ8L9+o*eBGgV_Fq~8*ESpbU!~=j&jI~bsj`g}d-M}0i#|qM`FZgkKOeQ?wJ$&8
zV-xS5?*JOu<dhe`m%t=q1ruQkMa90uOdk)aNHz+*N`60rvzqkxSI9~XPyiJzw|}Ud
zn|evjkqhS(bin{42+{U;pq9pQU*!^7Ju$XZbyJ>@`QRLFm}CTfLvV-bw<}C{vrS3W
z-}Rw;yxfrxE_kl&xVW9^y+~l+^U*{YA*?f}Bmu`t<{ez(DqYX7qeQp*AEsSNIBs;)
zDh{lHO<L3*coOqt_H*n8VrWGIs!L!}``}~vC}}lWlT=D1#xli(xcxX{!#|x}>m7|=
z;z~_|*BYyO571KOBjC9424o)gK8~ywi>q4nyJ$KQGL;;b5FZuFxy~$}i%;cv8Xgz%
z8i0Zc_H2!z1yQ&wa9u5wN_6MWs5uC}FSoeeoJGBeL(rmhiFSp;(m!Bzgvr*p5bp?<
zNEl*0-WQ-9NP|{eEKXZ9awUaCn>k3NU%_yM+4b@(Od79&YC}j5*kgxHu|e;d3!FLG
zv7!e2JBv{xOL$YC6U$!ak~7sj;DausBf!)J=7F<&hfZ%zk}z6;5Chr88oHp@86?%2
z{+l9bh&zN6;#~lkl_Kvc;ttN71+l(q1ZF6#i-}n@^Rm3K18<WMrs9)JGk?})U2S1v
z&1xJrNVg^KS!=u`ra0R$B4`CJBE{|V&Lgf`D7{;{@oTLVDgiA33Y$k_yaK%x2Y{(`
zZY0|UJ`9y%LxOf<iSvgULlX(8Jaat0%*vpWPT|;ByJ3DcBnbRv8|BT0gsFwcyhcUg
zG(kR-ez_IvZG3^uxTIk|s2GGds8fJajDu{n`1*r8E11kmeCnOr9#`EiuE7;Es@iD%
z(;i1*%NARqxa}ch;m26Bm;wKXB>+nz&com0cot1HJ{yK-i!ZZv{!NC77Gw$*ihOB2
z)Thz$Pn?$S)V2YROd~8l4zguh;$2A5Pc-qO7!dY-+(!@vCbBL{lZi99RRSE>$It{#
zTqabctO_1VXf0ZkdES(6J4k8H*O&^&?w~*BhsBIRaJR=PlA%waP6)8_CBX48=;MWb
zsM^EoBI+i{ui<f?@A18u@2<Fr0WK$E5E!pa?q;iaJd-jI<j|mV^Z5yc^rPR#>xtsL
z*$eJIZW0mt(b_LK8s*I(0?qZHQob<<3rgU?Nkez`iPR<zATih(Vk?<UE`etE_o5j&
zCsP}otf%04PCR$5B~iQ9L;&tctIjkz2;SXJ<Pa~@X}(9qt0Bt%oN?P7Z$XC2Ta^qW
zxZ30PT3{k*BfSOU$D3vG0cUWP1jKu0#7Si7s-3Bct~D6sAKw5%Lp0(g@Q({=uihn_
zTk)YV-}9`GTBq~%wag0)u%dN6gOOT$qnBSc77`$}=68FBGOXHpiNI7M4pqWzsc<ko
z-Y{7&2GsI-`+{So5aYw%z}<KD(hg2a6s23D`s$1TI~?~XoglsA{rl)N$p(zHjV+u>
z{Q<LmRi~Z0w}^c-Dlg|aWe6tAqL{lSv-Bf_Ka|J1Qc+UI*%JHf5Co2kyHin2SfZG<
z)Gs~1oI!QSsOKcXl7PX~K*v2nVT>Ox_gT>dSRgyCoQb`51M7U0P28es(LX1&GXtL!
zo&VZS=iF=)Cr_W(#VZM>WHaLhr^JTAcIChSKpjUC+qp}hIRbYCP0@OMDiUd6)<-V$
zjL3Z-4}W698cXB~QSF~Wf^83?&hdAIt9(Ib5L8uaMMB;nIt0=NYW4KJW)W-9jr(Zz
zFcB+Nb{GPv<qd7K{0PrK5NC>rReq;r;UtgRtw(5hMF&xEi}sF+9YVZIB=aU_CnHFc
z6Y3x!w9p6j*kGv_iQwL(Jmu$}ADVmoW}Aech8xFd01cKSJMZY41D6JI<Gw?^jd|#<
z#)u9d!j#{|ZvmF+AQ*@6gA&hAldQq#6j3S{l}F#Z9p*QwOSF9sC)C2sl)C92cAkG@
zT(=XIE+u-$bwvyWWj+NHU4V;X^cU9VG#IBJe9HUdXA0}Jhj|;j`ok?{OGYi;Ki8n-
z+lhzt>bZJLuh9gRm3g94PUFcj6L2)CH!s^M^H{jk*#eKtt#O@nRfffPs<wdN*(Lpk
zB!^h9YDRCyv4Sv;Bh>V(BQ{AOUy8^H`#lMz#9y#Lc+iJHPp<I%roXR*>LcS|RtiFj
z5f@4~u0mGXSaCW#p&BrGLLU*_BExeM^*ieyx!bWX6tEonSUEI7q?r~;dtHfp^#$M^
z1(u$44ZvLxB1kP6(jYm{?#|c5PEAmOueg1sN^A-kUUS4jGWv^t@1@K*Yg4;Kn5v2f
zo3SN7+`Fu|@oT0u^0&C{Py!L0!?`i=Kz>NL>wvcL(@@7ii&O+9mLW-}6PJd0w>fji
zd^gpk2GV9-aRelr^u5rWz49R1nKYS-;OaE5dB9trcLXzmDsU>A?ZCDtg}Y7#Y4t{m
zPWLWM@4M$jsaPfA)dLTH^at0tE~Z^YQ23O~)R>@Std0c^OV!H=GwgQwXcA_lu)0P1
z`H4?t6O~@oEIATRZYakZr|l}N@S-S$)G{0~y+>OJY$tfeN01)U`}?jd{OI54Yt?kq
zP~ew>aVW*I<}|-zfUy*E4Gx~g=w!b;f`?$E0V<E=dO?=9AuQ>lSfr7A-C(0Jl64<{
ziO?xcK;_l&%Gs%rBI3D-L)hR*$qWh1AHJ1D2^Mhp9cOKUrDPs;P&-)5rq592g}=Tm
zHV#mpKjSF!ge6-gy%-cN`O76LmO`B5FM;ORM+Y5ozQC?Xw*n-)oUEO6)!rF~>naph
zvn+=!(C!T;r~rTYRD&!D6Z#B%wAC4}(4VV6BCin_(LKnSb>Q586E9+4fZK`nS9*~B
zARvT2$AII5WX=a)ccZ9=48r45xcux|<J7)t4qqxtn!+E-+dV+}=}qc-Y}w?+zX@#Q
zR%J;ltrb;bp2L6+GE;Q^anjuh|1i^p>8$1HoZ9bj@6)hMtxh2<w@}gz{jnn%r+W(<
z>Bc121=*2PR=&CqJETZW11f(^`ZJJrMDC!u5o40w*_P-?S&H#Y+IbwhB;U5M-Z5z{
zv0netc-ylX@;q|bWdBELn0-|1`5{oxYL%9t`dz0LUdAC;Q+bi9DNt&FG8cY^_V;1M
zE_o?xvo)(3eFTE#$Wj|eL1H@#S$pe#{Up^<^F>6&i2Zc4*Zro(bm7xy&-L$MxO#68
z3C}l5U23UIkw2=R-@vgXjNXTO3|PK4x73x7Eb&#w<Ri8mg}X_T5;}z%9vXo>RR&Rz
z1K+zWAAqT`D+sPt6tk`{NUBI-IHrP;d@qD7&n-$dJ-3o#)t>)ZtBf#UzLfP{h9pGV
zWG`4@6tKRF?eZqi+qTA2`^_&<pXxy`q^wt`w(MiJ|CiFV?&#?Twiy0ToG!eCDvK_J
zhKL-eGRj=*_y9JWJBlfy5;AaF@d}kK-=+CsUMd8|X5?%#CUG(AQ;RYIdn<dWdO9$7
z(X6%K*Q~jZ9%mVQESvryJNvr<a*@)u57E08DNCtgX9Jcy71PyUHd*4-wlB0RR6t*K
zksFC_HgFo0m&y&^oLcrRGv7cSWR4lmP!X!hgpjW>({b(i&0go&B?-U|I{ZeyGoLlS
z&1m~rmG8jR-y){R#ju4w!8A~CZNvLJaa7ww8e>6`E@>&S+&S!*-avcHhtj7Q1&<GM
zwr?6L-_L6Du(H@LdC^r-LRS`hafe8gj9YK$gD5tiaTK$sfYCD>%wO`tysh2t*CnY2
z+CNsZ{(k;MX@7y`>Qewxk%Sl8kZ1lRhmf}q1~_s!=u}ha7F;ZAD;}q|g<ALGf?{1j
z021dRjXS)U7OuBqIK-6})wZ&qT$pVQ4BHgB{KB0^Y*-h!nf(9*0k@t}Q(aSi`oJlP
zx(fesb2x7@<0;jSQ{73#476AO*aEMfpn{@nl!xXY2&TH<=B&VOO5D9vTW1jI%7*)W
z^6S~U=`jWk?6fVSt3K5JL;^RSAYub$JZVvuEo6R2bbUM7gQi#=e4`p{?6=TN$w9-)
zmq^Cl;sTu4MQS+HY_NPrt)H8-Qk*Sd9hos-{^EYIElqHl!v*e{!E2(j3>Id4O&l$t
z`4@w>xt#h4BXR(LT&B+1faY1D?~g3iZjAHG*5MoT$)$2!JMFHAP>gzvbhS%aW2_m{
zyd~p${KO%>Ur9*Bn{W_YAFtMba3|KF!=Xl`xwKL^H*I-V?RsCjYU*oC>-q)M=qs_~
zGE$6Umk8Y)5n?OF&1HrggvmNE6uZ8fu;4i`JGj7J=@<d*b_Csd`GdoF-inj-Dbk^;
z>ybDa&dfBYBRj2Ot%w_MV@+5Cw5>;&tHVGd11{{fvL{mwanYYTHAnyM9HBbj_dR^d
zEi~~Q1?M>qc5!!^g&iP~b!azrtC9lpirnIpAa2w<@?)E?@>YzTj!K6p_&H@tmz`<3
zoi%pUDLnvFF*-!6TF<5zPPv)ki|?0|g?6fnJOz8y)M5b*jOqL-Pp;yYeiKJJU1Es0
zbla&+0uuElP?5(BcF+}kf{Dp4c(4V&(}K<_e!RX36G>w&qop3`w5D#JB?7Rvh|(;X
zXjw<5TTWrzdg+VD;v7k09-$&_*A0m|wn7kQZ0tZDy20Pzm~0FEA&nvgg%_~W!orHh
zy<Too0PlIn^yuM71qOX)WvC6KyG3Up_H3sTSEp{Tdnh_Wn#Z+<;RELqS0U+qN|daG
zMGc4qD%XMBGGS|%>y{+=0?FguxAD5ysr;_-ONgKe<3gd(^O>MGoS)}IF&AAD{&a46
zKI#DWGI{T%dlb4LTo7SmzIqLmqVl^bBD;!nV}Z!KR_TwZ4NY?w(&(y%@J&7Z2iZ|`
zX=4M=z-(a&+-xb-Lr?V*Sj~uX-)hxz6CGO(QHS+fIyJW@QHwPWHf#%nd8I$9YWvf`
zXY@}PsS5~tsn0I4aSEwFT#_L&Qe70yq^<y-U~{keOh+lVQ~`H~5g&cy-mKXk`Uzg7
zic&HEB<bL^(}onLSzNOPt5a^=NIk}azGalj+V~xHTH?98x!@CWR1+0)4Uf{U`ftMv
z2pNNuRwT1vKfWbM*)4-u8EuE~AMRK*AF!<j3GcV%dbBu@VbA10qR<mLzAv&~JFfvM
znxn20<N#~JRJb-FMsAC}3Y4C<k;qAX<Vp)z%LRncMtrVKAbEk60s7c(Pdih(17uGJ
zJP@agpA*8zOQj@}E83Fy)(wv^_d0PWv~fh6ry97TG?jE=<d8DuV6F9QE(J{^kDO!&
zKLfdKzG~e=&r!Hd)vA!VFK~^g&=4pLc?6f~wis`vzk<b=rH$@bk10$2lM}TcMLcec
zmnq>Q<5`+*c}_!+=q@f%G-v#xLr#MplKK>|0cm2lk*uZ7Fv2x4m>wk#&H|P%{R_1%
zK4M2zJTsIJyKn>}y3=I^vl{E?;!{jrj1kNhufd;S0dB1mr{AMRBF$`>&J_R&L}pos
zScA7mof>O`wSF*1>CiKUTPv&2i6v<1;4k?y9k4a`{_>E;RTiO?`9743)N#DHCyriT
zt$Z1T)WNyUKN6yh#xhjLYljo3cyJR7eHlW~wr<bSt!YXZ#Dn$5<GiTMbf2bJ1PnQw
zr~(H?+25Ha_KW##5SK(z>U{u`-ch<!{%`lJ%_<<SjZZW%Hnf!I&<n>63$Zm9x`X&4
z4MS)n{n-y-s>@_OsYOG}o)OEf&4lqxenR2iZ}-ry_K+ftDpg*=R9Citr^cjb|8j0*
zQSrsmEPEQcFi!Wpr{|84p2b1b0-YXAk02z8<TJQTcX_T4kI^O}CvHG@=I;g5>`@tB
z^t2Q!i*uZV%;_Cfb0&#<8YlnbTE6YzU*7*~V9lSMwK8R-$(I-;9UNXFsm>0~!Cm4u
zf(V}N{Bs72<_VC$w{PUULz8lrcm^>(M(s?T5W3$8eS=qF-2HJ9|D!I<{>cyWD0p~0
ziYQw=x!%CO!MyQ_LOzT|?gr`e3;6#xDe5u1B?^l`K(>BCfuMjSlXRm2=UpG}Yuxor
zuU}eco!~8{SM?iYe+#-71*T)rs5ZKjT{}%IUb8SPd{oFyT}TsgmFo8{$M^@ej=s7s
z{leZ1k5KF}1SJz7#1x5A8RmW5M<_v&sZ}uo%8APTzplQfnBBYK&+%C6-Tj%}?MvpJ
zt_OBVe4Lr<`Oh+9BDe&ATK`PB(ZGxN=Z@`KeKwy(?FMZ&Bm!2#*C)-(pqOD18)?K(
z!sksQciMaK<}10Kjjd5~M?a(<6T*e-uje<EbnQ5fA;R}Kr0qnG%*|&s`q$|uD*tVy
z67fYC^SwHu^iMPL9HVeevU@hNbK!ud>5m;-I3l)^PLbi>Tx=l#;iH>_eL4~$m?h3G
z6QU1s>2sKuwV4vr73!77&Fpv$lM_QAD182nrSA%2KJrX2nsHlG_ln`Bx|HjBDTa{G
z)Nm?nzDH{Sr|QW{7!2U78&g07I5*dXkPTkwTYeV6JJ8iqU8X%*9bp01lVH25F`u^9
zo*~?WEG6A6%|SqKEoI@U>nr3avTW>^?}U)DK+lbZNGY6J1(Vc+h0X4Ypz7NU_`vf|
z>}o98$OFTQ;rlS`FRvqoZU~bJO0~JEFZN4&-M3*!@BtFECrm+}v}ZEy_lr6d^}L0l
zT!(WkaZ7B`b}4~ZN?5Hl-P{1YonW61qEQYr<SoN<8weoCVsITo9K$n?Sc4dR=ULQZ
z=O$t0dCi_;H=|4M#@_?@a`{{_5y@ezx3!<gy{*~x34<mmPP$&|;fxco@f32q069zw
z;1^ADM>O8|HjS9aOE|IR_n`LM`Z89pI~gjuZsGz}2SbeFowaNUSXd6cp>q&2=w}ZV
zLk7W7a|HxFTpuXJpWxGt*@lM(alh%VaX)}Py+SoE1jk7#JGU$iHoc0Fo^dN4UnU@0
zREKrJP58m-{9P+X@(A1-Fcwa#b<or<^H3=+e#l3uLR1t+=XSd$(2E3{&bQSoj}odV
zuzbkyXU#KcWEC7;O%6xxN*p2kJ<ewtg)u4n(-Rm{Z&wLVeK~o5CUC6ZzFKZ^b(3D&
z2_3-LS@^q#K(X_^b|Rme@Lc^{*~kf#%3|_+gyyfAk-=dt7Be+!x>`l9i%Si6q(cAM
zHkZ;TBfy=`tEs}{<J8{lu<a`ig_6=od88&q;MZF<bz&Bi8s1Ic{H8CARAzze;PKT6
z#67@2S;O%S8pm3`$b0y^n!q7nPDA9?<azC0mZ8cSe58`_VY_riSkYS5`R0Si2@_P|
zHcuh316c!a6>TG>4RQSOIUQU%oWH`P%&wcB2>z)qek<#KyCMnPgIbiZo(%eFydwH(
zTS2dPHk&uXbfu8?bmftYd6F#V)|_t|!Wi)Oxn&e=K8$Ji;#a~dVLb-PGt`RAb+MUe
z{vg@(*Ogc8xx(PW1FGpX&#p;o>IAVJT*g|;-m<$u!D;a(LAFFwftkMkt$O;YI8wpY
zh-@N&L+ZBskh-XBDlMfLy^=#KEq0)a?J=~efQ$06PjB4OHXxG0A|v$7iyohL+Z$kn
zpD(D2TO@K_i!HaxoLy_)sCL)+@NSy3cD4S9(+VF+r`I*e33cnPndyH(sH@$ihO2e-
zyQ8n<po|PX%b;H$H8G;ERSC!JXrq^n=5=o{bJwo2UOwe2pVF?-xbU#4qP1$yxE^Q8
zHfKu?#hYlToql@IYON!|T*4Cr#RTkab3&Vj2er~zvnb)Y?lfD+G*|d759^s3R$Xyx
z$rqp&-Fx;_GgEnfYY*b8N)?`cTa87u(sBP6tWldd``j%E&&Ac0IE(vlFnhtE*pTTo
zVN9s7dD9(rLim<@tu#!Is>|NWC*DQx0c-WlVC@>~MVk-n8uLE$5&OnW!2D6awTU18
z%-0|{R0q%4s7ndmaA)aIOVdUczSfa1K6EW8ROdfxs3U|cZpsy$lTfaWbBz@n+ND|-
z=^XR+9M<yl=VtYeK3<qhFaNS>;Tr7sE~M`5znE&MT}mUzw705vq>2yaGiF+!HZ#&*
zIQ^U5yy3Q;rxkoqAOW0P*C5%5Z{Z;SaeqZP{zuCr)xs$I>a4-hLWI7OD+-K${VzYf
zO{~-^d<%zGYvxG5o*!n3ShjzMc*ckO;wh(2t?ojH+QhlALuS!d3q3Sq!C#-9OSm`}
z+^uDcoy(Fq7w!MD*^qF|n#Y;{H{68DPLAQudn^RQsjD_nq;vIH9%uD52eAUd5<Fnx
zH*2dc(4gYr-kwgst^*2h^Pez2nZ`y{{|U26W@wbnB1K=>k;rV*)*YMCO=xar1MZ@D
zm6?5-chp!RS8A_TwVG$p#EZ$YRz+x);NR>~*vyZ2=9(AaQ`k%*xP&K;@+EF}7gNdc
z8`8B7NWUs7yd<z~NS+y;EL=WWz3}eQa?^%bid_Zy7BqOO!3VzPZrzkB#p|-}N_Rbf
z;+h9S<}j{Q$`wNz^A5xBrX8Gw-Bvg;+E&f0E&MCd>aTgB(Xx)*O7~NT<2O4b-bKQV
z(E&pLS%*NEIyMQinqHmK`9QFkP8yHwP39<O;Fj!q*$TlLMSR+AWe&An2VT2*J|x?>
z5Y}F-W4VHpZ(IG`<6L{ueo3lu4sWH(o-Z>|W4mGg<U6SNX3D(01GX6U3ySAOBUIDq
z66vy?gbWDTvKw}KDh2q+`AXG~CbMSHBPG1;#FYE;rs}^J95&hZ@bU!dF`ZyD+49hE
z0P}5$u7~#kb^mC5uSY4z?}Ws&*O;uc&O!?6Z<4|P_=s1{S@rpsu3oNkuBdx6IR1R1
ze{NW^=dE(@m>cKRs-;XdG0jFqH{6%wxxNom3P~gigjTRoL`9d(OmxxnYz(2qj`-R1
zD&Mhe#kY8wXQH0Dk*am!X19XO(`4TP=(FLOGp+efW@!F_ESUQrWw>(wQ|6yAd;f$1
z{hpA1Hd;vGS~t{4Z*{*GKrD7|IZ)22199!)_uW5DzEG&Py~up|2>(%id*c6eVN>`&
zUGDzr0@A%Q>2~x_+Zfr2{;`I$#wzuuAKu_AGi$X7rwF`N<$r6Qd}g;0J15PP9Z0bN
zhW^nud4d03O#2N&%?tmURb1C?*VU`XAIGO4qc&VnZVg*?ym9GMqjcA2|F<LR{=XgJ
zqa8eMwx5Z!sn_-Sgp<Br!N@Rnbs!_ts%160p9DY5#IVRmdE(w--lSwhnp&n*qg@61
zu3poU3FB<tn@DC2{Hv~HTw(T~iN?g)B$i1nITD+*k`9MSzc3+n94p`_92RZCzE{Em
zfx->Ai|Q3DmWx?ATFaCUej@veI6;(NcwYN<$H~7iIi_;v$x8H^dWC}hN5q>99PZ1T
z=N*#d0T3N;o#f6~ghUMsn2de9!^B^B>}bn<Df`7@Yv7qcqa)d0=uR?QMjeo5(0#8a
z3ogD`s5Jem62>P^E>Zpe$?2!WW~!i<)tr8dMRSK-g*9rsokKHdr>c!A-jsNa8RvQT
zMwwMoOB2cM>9-%rofrJK%@1QT(ao7%`c+n7B_-xTOux8$AxuGjZ&2EjXHtUR{bYP<
z<{Ik46#-_+9jM|v3H)wZ9qayDr(;@yg`hWTG&txGt1@s0^Kz7KaAf-v)Eay5U)V-;
z@{0V6=Zf#t`zVgZyhs$B^zYK5fSHH1)vSU8(bEjIxp1Gb1#K^xUm$nzP#OPW@{jVx
zL1IhkOjo02#Ueo(!$=vYY~#m+9GW`JvGqVBU}M){zGx$=@$|^~AKPO>I_tKhs0_hC
zt-qgn^ORNEEvpqCP6q@5Zi~%R))Ups=V2n1yd>>Z(W_ySm26OYs7FK_vVItS<L;*j
zj@11bHvQ^Q{4A7Z+Hs3vm+77gv+SUT<ubc+*_*Dzc{01}dpZ#Hf3}UaQ`xh4Cp!S}
zOlSDe$<u(AJe`Uq+zag%4d_mjio*W@+y4t7(}nn&BW7XX`^~jVplW0e@6IcS*SWXB
zh@*OzZC(f)X4kM}bDZR<Qp%mpa-78dgiRGdqfKrO&9g$cD!&o<xdKvvvjDOL6P9G%
zqHnY4ec_Mb$lgxAxgsTR0(@&HpB5Nr5$Y&mEHSfD_n2k3sm1kpt5t)pQoC5huUG|P
zw}P%*&O37DLPrAEP)yLY_#eo$*t9RgKS(yEtWyobBNeNq>JE~l%L6_1V{-EbgaYG9
z%j>^679!>UH~tUHRuN_7zk)eqjkwBC!3#2j8IaOm3*aJwaBABuK_i}UWQA3AS*<OU
z{U2h9r6&C!LhDbHVK&&Db#o>Mv&M4oy+mHTn<h_|_6(FwGbfhAscGr|ECS(0nvg{D
zV54mf)MaJ$Vg=Yj8-l%P1GLY$ea$Mzo1S5Sd!dn)!z!m+`#er?wFcRftAvbY5|H-O
zj@z!(d^tm{wtzHa4r(hEp%t9D!Wci>yKvFnl>jf3cjF}H$FIS*QoesxVz7~ZrRY>|
z?Zhw*R8){lwln%q+0uo7uI7h7+P9kj2%r2*Um7*sf2qjB19Z!tS$Cy{E@-GUSh-|;
zypK9LFxrb*nr6WnTM~cxE;1J2A^7pSu@2KnauYmoGuY!s@VrDqr2&JU(Dh}a5ml&L
z6IdEKd|VSpwZBB+p{ztWuZ<(dUQDuw4NhbJHcdrQ6JoTnhe5zfnS<8(L>e`Flsl?{
zjpEK1wb)S#B|lmECyTplJ2ZFTH3*X7E!s_PZOj;grvB~7(v+ERwyq4I8(CBzI#Y)V
zMcm86^SHdHl-72fDESjHG*D6%N571gjQ+I^Zt4mnG#E+gv|ifg6hfhHC>l+n`-}<T
zz^mqXmL|~Oppl7%6%~uXj_{?@5se4TD{qKFlG|=apD8h5uWO?1Qo|KNY*YrpHc)1p
zlIbf!CCwPmM&oJhN>l@`U<0i9mcs<7Bi{v#pMzaH{lR;bSt4ML71GmhN0(0~adE4;
zuBpgUzZ;#3wEer$1x{@AUUY~gh*N{kSb(NurwX_^=%r8%+~S*@lXdA?h77xo)X!(a
z)|K@AppM<8nx=CpW+M&41IgTqj(8~JiB7_&K7!W{kQaGc---ZS`YpTe-VPA4wkNWQ
z7+I8{`^*tR;a%HQ+SZ+ZOoMwqz`~Kn_t#MJ9|}VPeJ&}y+HXhzvnwhEwvUDE+?9d8
z_o6k%C;V4OE6H3Xwe_7=oLs`<lf}HKQPJRROIDsSM7Pt`%(u0EUz`*&{+tt#^nhtC
zZj}(4Hdve_oe3awcYS27X?SmY+xZADhEPftI!4w+HI`Q}4rW0HRkGyT;ERPH?am!;
z5P>Fk3r_!~u<q)ISlyuFst9~q`A#@d<<7P95gU43NzP2{+3XTD_;(L21`t~J%-X3F
zPS6%hq;|EH-Np=tYf?nnM~*7S&^_NX19(R*Z2O#4Y;C}g6<w^~mO#7{nMwxU|L1<%
zQooeOGP}IMo<>H`K|hy15NZ|F1Qos4jcOX=WN{t%ZgLp(7`RlDj1y>4TbHpuKP&?2
z>%{{K^+q*A612e*7Z)=zF_BH(*iFRn*WP<<xV`|xP;}i2Px7|lE^JGXN@bnMByy`z
zUcWb!>k>dN2@qJm#KGgPH*?(E%C21?ymk#Jqqx3VAV6uy^gTE~p49ZYs&&RfoPNHO
zOSmLWa&B`-DNrgMtT>D0=;n!`o`U${Sojy0JwqO=dDV~+QkFXlmp~YV7o_=9e&!Nv
z+#S@uGXT`Dw)2b}e%FP}yYFvxdLPwEnc<7GBL+~Mt`uT9G`hGwC@pwp#?RG(!_<3_
zs8slO(sSN+fo)SXInBCCW#;rp*W!eAjh>D9BI}vq-n4a{l{qJlf7K%bBq(`*j}HfY
z$*1J5p`UtjP%$-`pZMXRJrR1I)ni2!RM>jevdv-+xMDPvW>RLAe-(nMb^w}Ce-Q5I
zq&hHT*o-n-<Rkwgv!q(P`p4bf3J(#do$Qwt$SZNl)ZjR7wR9~t!3@3!+$-CHW1lU1
zQ1-UNpy$B=%Q|;Z6~cQ*i^KgD!udrRS=1{Ucj=CaIx2@tC>Bd)ue>!ME$S>Gof6At
z!AjqjWAE^Mg=Z)H1WA^RW#%)MJK}UP6du4=c`gB^Ci_x;=doCD#~>4{JYE;C`^=5P
zVaf_UDuPjJ`6i&}&6>iN{I$1}5cd=H!)J9S6y1hFX@6>vDD=E&)};QnYD%Nqi!O+q
zXv|1?2fpM<Wa)5)08uM+@z`IAvw#7vHso)VL*nEDr7~t`OZ5{4rK3{#4*{3JhF9Qd
zXTICVFIIHu0OXXCQ><u>9n|Y@O>?HDzRPLtHx7o5)s{)lZN@eE8go{E^4oQAK3&a^
z+BtX|XStG_{7|Mc_F0cBBjVOY(~q2oV(S|XqoX>1-;G9)2*n!E*+R85aQsT}GxIIb
zPE<ny?^ypeQLL+RUf;OV7B(Vzj&R^gz&R-LwjaVU>WA(un%pHae#hpCs}!_shCmGU
z60|5D*!p=j>_V7Fu)2kri08**n93>#%cjq@aN%3c*T~yCO5>W{JUgtcuuFg^as_OF
z-iktI$zpv6r)HJ*$Isa9Ak9MJo~_2T_M=>reu-j`{pw`oj#vIVv~Zz}D;6N7%jTVK
z0Stnj_A;R!F+4V_K|!_>p3&a+ZTc7WGTWnn>Dg6_pXNl&#+8T3%<fPBgK%MO2(G&z
zv+Ji?dX8(JVTD1VP!URcwdKK{{<}jAO7%|X5slh{fNuE5>GU~=P6vEK+!0Xvj#~7<
z4<qI~%V9CgafEH|NFGLu0TK~TQKaffraGY;OL?rxF#%tfQ<qGRE2y-dV>(UI!rdbk
z_AVMY=x0*(dyE`=wW<C)&Ayh}B3TQ^esy%hTaO#KZjWR;1|~2<+2kAsQlOZGU4Jt?
z#K>l=#2o|PVWrm>YMA4ROAzY4nxjOnzb7&~%Yh7hPB=@J9)VUR^ZbIY)-7IBBq-&a
ze$+hmg0x@AQb4e0T@&SVNQ&tpkPD}qx4Szh;q3R(QG=4}wd^vQ9?3HC&K1mcPPS!A
z*SIz2Pug!Yxr1Z7FNpc^TR^MnF}Zf*jhK3{E}OySdM_O5=rkbI5O$5x-IO7>ExNnA
z`HqL5lc(m*|F-B>!qxbl&gnJ36Ea$sp?j47gn}4#N8vdu5!?R-AItnTi2-c*B%PXA
zJrvFd0OOSKoXP%?mo|L`j@>~$r62AvG%<KW{}+M36hi~g(9k932{=+v@<HDbz02oe
zalH@Kg;drNa5v;5wgxGKW~>yvMiD{x6l!bcuSO_*D*K5_1&(<?husPZd_{Ub^Gp`X
z{RMkj=N3TuMv<yA%qoHv#=t`56EKP6u5Ggc$Cv;7`&K6ksR*j^yN>T%mPz+027DIE
z-bb$|Bqp#7C4^8Y00=eV)%@m#Y1WfGjTez*q)f#!B(><QBE*W{J9(ZYYJdE|18xad
zV|)B85U#dI$72o(oN4&ZeiAU^9sl%-ZEMsju;tgDO?PfFu*J>9$}|}%^S=%cA)MVx
zR3d`GiyDSzy>)<<4F9fRD8-%8zD)S31~>MKmFCfXB=5&>3*bun22UsVQPQ?Ljm(&Z
zTG{KX`jdDp!tVxB5uLw$Zpd(R`Fp`rrr*_FA*F55((t?tO^BIy-46VYg{JVo=ODE+
z#}7Bmw8P3>+C$EDvH2cXsxs02<Fx@n%a=;MQM66VCoLFJc_U(!uvTF8!$r$~wVwb?
znGC-dfWPsP1;T_az7?D##o>Wu_4{b_uC8xC2=#hL`kRe4;NDRTWic(71T95ezC!+$
zOmE??muj}hxob(eG8Ec+>gm1-@3pcpWpy@MjtKW48FP8cb}d%RJz#GxN-URbs&kmE
zlV$!b41y%SgoTP6_&tv@+A_`hW(+;c@*1j89~l}p4oJtJ8V(?molpXGT@)Ysou?|R
zL57hZ%jlFq>z5>qneNfzDw&En_J>4^ms}=%-^E3;<N-K|^*!Aj4d)AYv`u>@PfCbz
zo}n<6|4vxkAQ=%}G;>_o@I=B{zn=T^t-%>kznmeo1cnW~+1T4ViE5Yc3FVp4q%a>2
z=S;>30aLR{R?+*MLrxZtG1kLstw;fiu5|}~)GVEHHftLXKc6{!#T)NkUMDYt2%r4>
z99@!1g^M3gc{pnd=b^0)39Zgv;M3~k;B&`>%B0Each@kfN5m%Tj?Dl114%rO30hsn
zBP++Spa-LbsrviS!L%d?6z@ax555A|pvrF{fQ?|H3k6K>O&>z{dJiUx@2uPY`ap!P
zPkgn&enn$J92nPYAyO2>`v9R-62g7#CyebF9j80=AEH2<52v+Xc~n6B2cz3IW5Ow4
zH-q2N8FRuXZhYw<gK0<XkDWDx;_A3!t|d=;59(I}PQN*#YO04Fb897~jjzNBqK_+5
zpq%sHAG!-g%vJguJT+HZP+aL4$C4pI^3DPXQj`R`80~s!xU7jqEo?utuYe1O+Ml(F
zqDQPk!Fn>xt0E_Fm4X5w+a0~7zXF16d?}i}O_@+!!@jMmYI3aPT#&}blR<{po!FIm
zEG?Ly^5eU>p2DA9N8p@a9k=uASry#r0lAC>TZT3-nn)f<e$6@$EDSb#k+N@rD^HJ#
zo5s8IXkXI<gygvZenn2V@Gb=r?v?KdLF<9w1Bs$Glf?j&EOZ@+Px0qp(vLfk*_wl9
zjYRVu34?Os6`F@wKG5Sk^zS;l^PR3I(r?sPr4M=z3ahedTyF~d1sQ3ukMEH5fEEwj
zKm<EfHg#6#QL7&;4+nm8r_YIf;G^c09vT1rBg1jV8OnFgc0q9i>jixOpn+w?m>{Ui
z=fwy7FT~AEu3MY#;@;_?GW!UGM*qP8_&GEH8592d3wQNYOs^8V>@5aDT74ddApdY<
z^v&*QZS_aj^U9JfXKpEn30_TUauXY-LT1^scz?sJ59#B`0}t#(nwZ&S!H@}NUF)oo
zsjd+TM%~XCz@#Fpvzh^SU-Hu-aFjwpHQvFbw=nT6+XdR!ZqX4_w?vwK;+=yvis<Dc
z8JC?ICVI}t=}W!BC|Q}EkK|w+7xC$lPI-CSOrlzuH<@n_W*1EjeWreV7s@;=yS6X6
znw<@xswycyxh-8{b_3_~W)df$+eLgloTFO;q4=(UaqKS}b0CbnzZkDVw**tHrvH(U
z_oh6hs{4?J-2dt2q0#xm=eycl#3NA+T^VmqGbhasYAY1?E2AQ<3er&)3(a)O(#=(q
z+}Tr^&5$D^b9fsbt>}95D*y2dbdojsq$LU<5eUNEL#n1qJqs+5{1*NYRuNI|X2Iea
z&=^;zoM+To`Fx9dw-1?)B~4kb9C@cMwwogDd`kC+T^;+ca0zCl!?)+_L{OP&jJ4p)
zp`ilwkORnk)M~K$aRf3-At|ef;l^5B@=Q&6;eyadP&3FDi|b^8P+u`6OYk}1obM7C
zHRf|#59$xznEl=fuXC=K;~wYk^vnLeIPnkRyfWz{ADuir<><B5uTYI&(xWLajd*k7
zjL8KnrFznAWfH6iMptqTRegIZ;cvH}k?Dkin5YiXVj6uCtWLsmqf*KIdHharYEz2B
ze@2S;Thn9}`!#u&K`pbW`I+>v1jtCZ@ISzD@@&oyY<Y|ETyrWR4Z1#~ZloA}^9W<t
zm@Klqld8cJW{P_9#AX=Af^4b1#mX3^QZG)De{#}*8YTB|;sDhQTtO7_;MM5*h<$E&
zxOj?5&h)6)PqFaltaT2TdtgVrN!h7)n`x{C_x!`@^ROu1U_Bz;aSTZJd8%1|nVuQi
zV^{fBkuGc}rrBRgKL@#e`%;6x?hL-pzF4XauMB}czi>#rG#gwN<OJ9}&X_tG=8XA}
zLstkeBtP!lSm0WSUdPgLh)KXUr1ca%>5P4|#5rEEFzO;$6pB*`Pc5x&r|@YA+=304
z=mb>TK8VWur%r}L=?=!@p4?q2%dwbgq9Fp!yZqG*of45UA6#3;>fvgH9f{^kuVJ&s
zx~mcIenBRzum`*a%~HNX01Z(~2OO_tsQG1Ro<wmxA&@;lMq#;tl5k+HDG#DGe^meO
zt6xk{DKzv!iDFN4CQ~Y3pmw7fSe+q}d)&NqB^=OwK~%e+YYmNdwX2Jid~1S1!9iCZ
zSm7sd!Zgz{@_sMC-F6gn)r;jTw*0w3I9<e79rKaW$k*QmVz+Z3aAtff%)^P#0NPk;
z%jLEc4{RmrcpI9O;YE9=SdJR;R;$r*m?hUekStQ4SM<BnoN(@?dh-Okp<s^W2HJo*
z{_4Fv9X(dIv|Q%)$Kt^;hBQ!_&mJ3Zif!;%byPIL$iRNP_ICsuZYSG=@_&MkbL+uk
zTc==GR^3x5CmEnBL}gMonNpO!`gf{eCW>fV0LP_X+ltI&C^y2}d=$AEkx?4z&bsks
zYU<{>_r443`?vm_2+R_EiqNtrXord-7t%Dw=Wf97MN327XOAx$-dZjIhK-24wVN?V
z^ROlJBSekQJgPLc!>bKVRN~ul<d0xbokx}Km4r>@8UAa56@!TRmb|S@3krT0V+A8M
z0RJ)H#MrSEk!Vvvq{rb#l_?}QY-O97=nxVo78D56;juR75kgdg6Zho|A5~dtx&rg$
ztG9f~JaNT;cl3m5ZOqjA0ts`)UgG5^jNjo`kkY`=QmT+NVyA%!_d8zM84Yp+oJTW?
z=EInf(qgyqe$zXY-fn&2iExVx2@ATL{cECsr%w@sz^R=q)gflbr3vcVNZ=rqzPJR`
zIYIrXmOu9iGhwa?LnOlZ#+<iyk-8~xUj?*s#`&AEQBR2%E|#v@r~1OTwOS!V`C$<Q
zf6?Dp6#I0T#Oih1^*5h2d3R~E-6V7I(f}3POW6I5mypaK^IZ@pbr7xUmJJ<m*M-C%
z)7+gSNFOpv$Z*?1oK9t3$P(ATw#4QEiYJNQLC*y&-${HFAyV)+&khi?n`7Qu#Gth^
zB80Ny!e~6Myb6M5Q^$H}!x&>uN@Um~@{A(of*%{%7{M@q+rR@s^km!!Bsr$=qJcNF
z#_BxC32+(KEJk~gP*95Pmv1d_>aE`My$5pyS<E3XDPR}D!9*t(N>or(rr$cqc8xGg
z$(l0-J+~y{7fNR;u`TtHKJTe`%y<T};wo)WVS;GJopAWUK>3*g_G4N{b_uVLl+b$J
zGhgBezb*=krF(G!J5@Bp+%y>cP+-cRFTv|OMc1Txg*pfcmN|@|PV~H6jp%_!fv7p&
zvGUNV@q(AP?4lUsT>6$FoGb&GGS>7C`7bd_DWu=(Q8Bby;}5jkxyI5QdR%3MRyIqv
z-g^qH;UuqE(|+QmhLBF-WrTC3ki2M<!<M%b=Ln+|?idQ5Dl1qAv+StB8o(#SYB4Tx
z%@;B3k#8H1Mc0c=<3=C{XQ3dkXl=V@O88)gCv;s#_+Z5}*z=XEF@gU43zRI>^nXuw
zzvH_L@rTRd4E2q?a@t}U83|?fbO^IIF5WM`k)ABmZ-}A<>Xget%DJkL=yX-uS@A%y
z)9e5uj}w(D$!0|lPI5jPpcPCztYDSr{jT++qEjH`y;RkpgylEa8@%Ol&vc@blK3h%
zb?DC?1xp+yyhXrV%{N_%NrP|H?HN6L-Y;)q3yPkx?qh?sU2Eav41ck6ueH{p?s7nh
z%0o=Eud=|`qS2r8COciACU`8U%)eb`fuXi2LOW{<!Y4GSaZ>#!@T8K(R1`|yrDmsU
zBX^+Av06YYPMRS|gobBPL0AZ}*=97Z&Jo$zp{7KxpGZ@+-G!yW!I%3R6t06H8~<^z
z4c&iZu^9C{p6#ClbpAKHVHwk9W*>fS43*K!SxACxVpW~0Wxn?FUASb0iMt;Os+zzq
z>ZDuUc54uGR#Jurpf}4&%PTs>qLTEgGFCtoH%iS1hksz#YgqZ;k18=Lh(>W?p8~09
zMEQ6_LW3A>38Ot$k)l~ZD<#@|h)D#K6Q7Yxlt&Ol(7ki93vmn!f&jw|UpGw{dU@}C
zUMgzbLOnKd#NZrHe7{j6yh<rGZjN=+wD*02`!B&FFCc8CeH#>^l4LlAjY+_lcrQrp
zg>b5n(Bu*h9ltjROg6LMaZujqz8z}e5zJFBu;c>;J5W+lDr;nrh29QLb6>Ke?s7rx
zOnyZ;;>FdmAt=_gmq%E|n51=>=+n@#Dj-!rTC1-#(SL={gcpA*;y=sMhc?^S2n>00
zN3%~(aZ6&JRh9xOz!CY5M1F4J*Y~ed@cQF}G<gv+lgTjNWnxJ?2cdTm`oVM4Iax>L
zwn<G+Y}YrpipBDb4fC4SbIy)h0YcY`!PAzED&7+W=HyaAP9#Ki@x;n`1i=Jg(s1IO
zJo#LZ8*q3y<uGI9ap{iL=>(H~dp=|?;6Q`yi#NBKwdCEf{<V;8J#T+st{0wQox1?t
z_0Pa-uDS$!$L5-pkd<T-5ohAw<6z^a5Wq2n3r`;kJ#*l85^gnyuyHh|$bDkX$=ry+
zigj0yHD}wCYfzf;M5BO^ZCWa`cp%PtyRUGs0@BqcDwn;r^lG@KCMhZ8MU+6&udno#
z9NGp4UagQq`A9pCSjpVq@<8Pp4D2{wW33zXYt($=tTgcc^#lH%F0XzshQv;M4K~xS
zu()1@3Hc*XdQMS6tNCHc*U^X&{tbn2yi4JlxMccSdL+isw{0FSCm@?YSRnKQj5oF2
z52y#<RsB<}wk-DB({aS9(s9T$`VUMENL4VWr&y$(ChJaK@7!BQD+q+4FBi6#;ei0_
z?_2F@h167gY28N@SF1WpaCPi5jYa|^e+;-RtB8M|oN~bQ#1qM2Pwj1SOeYIgQ9|B6
zvss(fBHvQp$wEb}HWnv(>SE<1)Q6xg0}!!s>6Yc+bx2Rl)syr|cQ}SB<5e`clbz^E
z1G}678A-+qg<Y250j5Mi@*KmHATJ5xD>jCQ2kYo!=JBO+aVH3-G+jr(kqd5`b;)Y=
z&sW*8f_12*a)IR9JmL|?qf0|w8PsX2t=4Aeq7D6{ts#l~g3<RI$(f5tURx*{9l&m!
zs^i=Lg`)oavXW25>qBfyjzTafOR!`*bd7l>F$za=%5~mez=s~GBG+ZmLeQXKI9A<K
zF4thM(J^J-!25eq+r44_;z8$|m>pU=MV^!*x>4bu#aKs}9T{2(SV!<jhoxWTLk6LG
zBd<4hHFjK*9c;ffpdVKAR&6=0ZGpA31>S7&9t{`ocgw~o#9-`*`I>^6YtBb!`5GNe
zD~>k?__!E?+3OF)cXQMR>m>Ekztt_a6V{cL%S1w*kb1ko&g_(D=}z&xy?pMPUdN*S
z0Bp<hDY9lRZm@OBmc0gF>}qe=hGikgaZTk+|0@nI4!Rze*@8g)9u-YRFo5iqBiYC^
zs8^1uKzL!a**+e(xdUlW^NFQLywMwM6gxcsb{~3a=><V+5L;Oz6|(Z=nx9hrfjT2B
zVnWM2)aG;1Mp$jwIWiaQDWotHM*w|q##~cqlwTl#Kqsz;q0!*<{{WysU%#Q9Oeh2a
zt>&>2#CxB<D?KCwfJaVU`Bre&Y{|EOgcqI~dL8>a{OmzQFfgoqH$mYz2wTKfSTQkN
zsg!u6iu);1PNJEhl;UIo@UD}{W?A8P0@w{b0B48`0`pO)NardngCXiv4Oc6+S9pro
ze02gSDRU$jhqFrhSQCR7=~=zZw3#+!dd-hshsPZ{E=yn>j^I_`{Tbc|u1H{iwBA8U
z>z>Na{P5{^7c*sNS*MBJwHsZ#3x~;ev)b%|1E%ZPPStAnoJP0TYV~^kMT{^X-pZ#$
zQ+dL0gLA;1*f%fzuf@$xi9NQ}2fxlb_ShR@uh@>hrz<#rFp?*ACC{!VV+t<c;!rwg
zyOFrgA)V9T{KN4m`VqXqc<Tdylp&Dg8(rq`u+D7n0rSj-4j_8Zm-+J?svDy1VccL4
zk>RZiM|?O<=NJljU@eSw6WI#5WdLE8)az#%LugHWYIIv=H;+O}VC3%jhq0~KtPu7c
ztFxvsf;tQXfuEq)lb3d7Q^&*|UD04RG`u<MD0>PeW6#2{uDmutXK4p0E}*ahP%j7l
zn6xVsP^S2Y@TO#a+#L+|_*7n~+%$MyHjGjh0omS#lR!ine;+*;I5e687yyP8x(diN
zqREf6CoC-vy+lqgkk4pUX~N~5p3LZ(mp)<Z1Kqe!5YL)Stoy4W@vf&gd&&Oo8!wES
zG;hiGXt-je{RMUpv5S=HXnwXoG~uI(Zb<hz1J4@6wg-g)o8kq-8Hz}n8Pg_B2exBP
z(E@*9Ljc-ye*ub^^C)6wP=s|PO%;hUsSZiBQP3wWuAmVAXv+K-Hld7P)7+B#EmPQt
zi4Au$(JS4yb7%>BlDs1-XvCH$Jci6Ij+4i>7c@528wwO)MS(x*Ubq8qeK{~lv@>vs
z4P4F^WjO!2quJ=qgxxnfaj#vp82nIY7e!MkYNLsRe;vkbiuW+pH?=zYE3{Y^d9>Fs
zR*7<@UQM81$w;7W7tmX$e_UdrX8)D?H7_hB(*o4Dhe0fvH9mFRl<%&y8X~?!SVy|5
z4nK*wmtdKrnNdVEJOlto2|(!E<P~{Z?<K&XzGT*;Z}n8SG)y^WWkN5pQuMSPgF$d@
zogyjIe~igRGMh9ieH!Z^uUg6I7=IlbvTolB&BL6IM(w0}NnaVsRtk2p*pz2?k(SKp
zVw!Q(%S^ezWG*nN5Cnx5oLJR*eq1oVMyz$Iir!J{BPeb#)`hPd87tX0tsBPk)~%Ot
zYPiD~3ZQoYeVeghttL>*7A#m)g7JP19z18Ge?9#5<^2@)x5>rh1F?yFOEDH$Q2ePb
z9L++aS>umJyk_PpCG6R|mo(<*433adZx6wwRc{{D!e1&zJ+sTn7Q&%uwGxgc*-SJ@
zWjoocs5G?fF3;&kf@TiPE1p@x5TCIqu=H)(5FnkEs9Fi*o8zH}p4FvZN^!yColLxl
zQS~vt0TB=a=_4{3Qln1|I-66ZMJW*-T^^paVkrk@P`=uuAEE}9oJKN<5Hfgy#u9{+
zTZ_0Xqd6&*QMAj#7c%+zT8_tBHWPm`Y6mqqz`~OyM{EN(|9+E{M=JqelfXwOf8&$D
z+ns_v8njq^0LXW--l*3aO4>7j=-T%*Mz)|Td!%9wUiiaoC<pLkPw^o*?GrV^HJ0uo
zMUB|jGR1$mzQ>A(yV8tUf-I<EX4a+1GLwig#3W{3oT?{fT2-s;#sj(Qvs{nDUoXSK
zo~NoW)pn`2H=?#BFaEt^>5TiWe-m|SJT*i$fgjMH`ml2rErf5x3q@7B1Ee}IswBLy
zk8!CezTg#JSmFVr<z4bK&pDx$&2PPHm<**}W8i4m=*4|5o_aM~YAIXCI<|P$=+~?o
zu|Vm;M6-|%P*q&`r?JXnt7L@s<@sObOFI1X2h?2x5DcC<SXBgMaSEP1f0|%e*#ta?
z*CGY3s))#yi^W7bTxB`&l94LuA)`}s#Jyu8QL;=_rPoFz@8qsIi9#wTUuemom)RMk
z0d*<4lkPMbkdcWcPJoCP;zZT}A0*Yzr`}I!q@DVXKLc>$9J@1^YWL7qYkW^lw)`Ik
z{sBD+0yhP%i!}lLbM0PRfAo(`HyggBpGIqU*p*Z#)&4X3nLS#ZPKDA9$If-Y74ir7
zV>7d_njQ9yQ&1)o5BwDzg#6Hxl%SU!O*Oi;rbVq-Al5nbN_|I{R4~F@l=+ZSQ0To_
zh0jHo5b6sm8t}cSr47WFu(cY&YS3U97DDY1EuEo{%vP!ktjWule-8Q{b$K|yv2^6G
zzXH3!Uo5R$kelB;m9kvbfI3OJXab?xV8Zt&3G|cLmE8ckP$Yr}8v2v0hCJVa4I~tJ
z<C3A1*&E*8nM7e|k9Z&OPCKPCZb1{l6GGQ=AAH5sCC$sOd0(axj`%6uu6lwti}<3w
z(2||8R=?v5b<*b@e=VEu66^Gw_~8}#V3|6Ssp}xtC00*$qdHMdKEB3!nwMLUf*cIw
zW7;J15f(h}JzDr?AFo|R8Gkma3&Pt;DFbBk9&@QBR;?x0bSR8VWKtxb_&HJ5-eLgK
z1x>9864+%vvXBZg#wgqT6df+NMHh)Z(%j7-r_l#;O{-PHf45ThL_tRux`a)v*g5h)
zXgxlaoSflbs%>SI@pA5F5^tlY>xr%;x0>mf$%doPW^6JQTgIr)+|8zPd#c!4#u9aA
z>g{Lg72+Z5a(vSCl2zunL1FCfMo2_@=%rP`n$81KKFmJxkw?{;`eWFVhGBK`Hf<MB
z{Fswb6|-myIn<?Avc{CKCSX9Nu*Us%#f6ntO$+OmNL9k+1;r^Qrj)96IG2={rj4zX
zD+-lk;xu2L*vZ24y(*KMOB*F>nc^pX{keOeb2E{u)73Zg4cC2YxzNoI9{|-@qEZZL
z0V4ialiEuh2-fr7u}AjL7nA-=VF@>vRqN)mYTbO3XiOd^ZlC7FdFDofhXS5wID~}T
zr@8W6wOI*CXurxtwXvTvQSAbWYU`7%OdfyF+FMr!T6KD^Vp$IB50HU2^BZLbTA3PU
z2HG+Mt?H-DK>JKH(AL+LfwsQd47BwnGSH^#7FbfAW(Hb|AJ_2O8QX}MyZZ<7(`0U1
zv&>AplFYQHuw8^58J=m62OtqY!*({H$-Lp=l{iLQL!5&kOmrBqTZ7w_yEdN%MWTP_
z$CA@FmCg8g2s17Vi*Axz_1LfE$DxW&4nI@;>q_xY?WJ*faNq;ZI+E%ZJx$W1AhYp+
z%EMrV=u5HL0gK)fn%-Db!?%I*hR+i$z~PYQU?l_B!{}&{IyG)knhuQ9sc}PwW9pR|
z`JM}BH4$5SFto0(*&p}D%$uQkiUxniK>1@|8(H`Kiw?{;6h&Wee-^;kf`EOZLIY$Y
zCE#^*oD4+97d)sF47&lA$1!ue-nu@^(-9mf&moC56Kz9PjKGR8)mIWhM4Aa{6)~t1
zQMO7vWI3F8n%zoOgpwaWiIMGSByTh`GIT!hH2$%-`}^;J2n81`{Be5z{@Z`I-Tfa~
zk`y@qDvQ7NoOEGns#whME2JjW?fytnCHM%ZH#MckUe`E&x1VkWJ}=rZStIb_j3(N~
z88)G`CP$WF84zsrp)4WZUPP9I12N=%2~>j<@P2RtjB{iNDqMj8fvpBV4rZEIyZh1i
zqMCooA`kFTRO-c%a{P0y87O}epF}X{cz~T$=o}vUMx;i;JSys|?h=cFaWf*!=^4w}
z`I;?yQv4q@j-oX@@jjh>Qf--_T>EB1;9t+C?0a@${+wO(49rA6Re)y~^`^RDKwwFQ
zZeXdOLB*>Jfwdpe=P=R}p8a9&*QN5W^Mw)Y{nyuI!pQ4Ss3xGX;3t0<H<p?byvhZb
zvH&YF#O7<tjsT>4hI)DD_||d(7(67(_9i?V=}FAgm0mL0k3z}QR=5uLCu|RYjQa_?
z%^@eyIKH@7eVx_~ZE;y2rKMhbfLeyN?41;N|9A$@0SteTN@&i0KC2!l%*wQ!lF+zJ
z*qNQ$IfaD=Rsp71c65Im1#bwwN}b*Ag<0!#)x?5#W}~6|Ew=M~XN|#yd0lu$S#6vb
zI-yK@Gv^Q%@}ZOWsX3pcjf8swDhPCGtjsCSys=^hRp^%tu28Z-HoH_7r`qY+LlTVV
zz$!qqxVl~qxfINqd{jDixML?g@8J<3+q;v0c7k)mD!o1`w`PCxaB3FvAZQJtpl4y(
zW0iDDicLfjx5L86THb8wj*zKQx+6B}j>uEf@}H7U|E4fx3v=-~w_ZPA6Z_&yDrtJp
z)KROoCFI)V^+yyoVdmNDmv3_g`gvPy`}G{#e!aBquiCbM4iGouoU?O(@VxE%N%j-&
zv*%#fuV?D^<nVu=fnA@Yw!loz#3D*>BFu}_M6WPdg1z4}V1V|QfCb?KW7suRJv}pc
zFbE1DgSJ3;hU^e6J_CR%fL#?gx<lI{OZ6-IIrfG3(ien$FKv1UyERiDgZq#=%-9{$
z>d3&`5NhLfJlL8D3LaYQG0|i)Y7Jh|;N`ffo~EPxnpuBJ7;a-}E29V;;Z=>uQmisO
zv(cc5nD!Y%!D4{5u%}jFgRcNX{NQ9SIM<h6L_;aE+!@M{KMUlMpj?Hc0Jo00udEW0
zh*sc#W)=_GnU{}fl2IXzU*|OyG!#vU3rXTrN9oT;;o+5XCD&2d-J_4hl48QVUpX$~
zF2V9nWa59N2)s{Ih#KK^y3BJ2>K2Ux42#L@;PgVvfx()Vzn+|g7ZSh3IAsn)#L{na
zszkFQo+zlDV*lt-YPeEq(ZQ6IrK|H7F}@IGQtp%Rwl<rR09=c)DX1ZT@WiZ%@94Fq
z7?h&T(sxt(Zc5)x>ANX?H*_CY`ff74V>$;gZKHn)99t}O4(ptp=&@<;$tgU+aqo-r
zU_@`v%sDIWR+jeNB+tiiHhgH`O?^q<jbaE(`)-OIo!8^L(KKD~W=r3VOpVfaQ~GYU
z-gl#`q*mj*S<oc4fCndQT+yA0;vSr$ZLUB|Z;J<~k>kN>lpdUwcyQjMJ(U=MBm|)&
zUzvaD@ybF};n2SZ(WEBb=k3l(@*=M&v*6aca~hfIJ~{lYa_5{zJ{&N~vTXFPxpWv*
zI`E1<y;gB!fm??_86hkcr~)`$daHt8nt(bU*z!>@EbtIvoSe~kigEnOtp#udhpu)g
zGZ=mEer&;d=fgKAc;|zlabMe;BS6ANOtOE&z6-oChFW3XniY6**r&vuF5};692@G)
zVQ*gFV&V)iz{U$Q+o~{nvv+vAa_C!N-T#+?sW(`+FL$^hRt|qdlMcAvzl^<00DgkM
zhvtagIkEX4)N4RP8@~63Ky-YH^yOe6_P1??6BnP?MCZgB$@+Cprd9eCK~BJ!4BUU~
z%N<cmcsr~K`1``BHPrutkFHQH?M2V`6ZK+ka}d2qEgu@OlZ}6Bd_LeA&SQO_(-@BB
z4bE`X^T?|fn)E+T?F@$+x8(Bz3SU}Cw`3Th$Wa5{u&@+!p|SiB_#3(^SlX4-vx@P7
z1he531GUf4_Yw}gl0C#ET^T}}`<s6-O+5QblrehuFJQ+=M2HnVfp-b7K>A17<|X{h
zX_mg;|72pz?BV{ty5k?uemS3koP1rh_w*aPyBW>@a&hA05}nn$-Z*Of8_caa_tJu_
zDn!9hS<I~&XYnkpv9QuutK7qhh6i*y3zwyXQW+Fc2C;ipS$aWMmU%QUb;y4s)*-L_
zQQ!5%7J*s-!fg&$7c921GlSM}zr|DvuNSElc{?Jy&+-GtwNH96v?kYAxB|+HV#WA=
zU%|05pR)d+aX<VU7xAWmK^@PgmtMSg;*((l&)A2eg|@QB)iS)I$dCZZMW>RSWBr?o
z=84ut#f)O|HN|(tac86QqT+w^xTsiJVqi?z;nPcwCULsi6WfdZO<cJ=Vdufuw-!BQ
zuky}it6hI4_bT7ah7{~n;GQ7Uui5tlE1N<L&_CDNtx)|J?^{$gvx93>22bl6s#vzm
z3#d;9#E`TKgGKbAK@5#0K@5r^EDd5PW-wk4h(Xg}&zmhl3^FxJ5JP_nV%T~RgRYWV
z3dFFCCuRWvL)MtWCK|;73`N^qfrj1|07Ekez|brK466q)U`pf(+Su^8hL@)>iJ5O)
z5Nkv&gzjhr<|CK|@CSma5IhEfF>r_EdE*<Btja6O9J;mmhGynUkR1N@U001z2W|rH
z08VitL}`Yi1f@f1vY3B7fhQgR4e+`myV(}t6>um>MT&zUup&LXU~IvA@DXDWN=!&&
z?7c8+`?MZ{E7&tAJs~3>^KJ3u2f+>Am>g3RF^z)>R`3IZc7KG-0MHBUEyr2lmAC;|
z?Srvv(>rz|&gGKu33mK~r#P~J4U~=tb%H-ZOh=4fOM@!Vdx3x7;@4h9q&p1ySYtkg
zwP7woxudh2^r0pkqVLG4PbOgRz?@YHhmiD6_QXk!P*x&9ch3RXiW0t8xqj$By4?B0
z>;G}_hv;K+3`p^<L_A2zVIsB3d?vr%_@b6@q2Rd1eNg<u-+kail;R^7?8_7I9EaY2
z6>S%zZ!V2LFu8w-mtT_7MX8;p_z3}yTY%<KJvG($@s7OATrtj&zx*Pa`4vpq2hjf$
zhk^t!ed-R4YH<ebO);HGI4ISuF@LnkQSxyzq{uL7zPY*t95Z?XL679jJ$@g{eWV)|
zt*K|kl#9)w#XNc}Nt2ur33ZxPWjRtNUANH}6}ik90oZ?DK&G7Bon!+qRH`|uN_kh+
zZWdFgR9Hpk@Ht8=DNd0TZ47(!fUCz`Y{&lo0oQqtb8%U4Orm-?nmO{VF^5Ixam}mL
zLNi))Rv%&!Tg~hy^+kGXvg~qLkVTeQ9apigRTK-uVuVh$v%l)OTitS&yM}8{;*t}&
z@RH6a^l5)h-Rh>V*lvXH7m|{`k{wA#+xc2%ZTpi)gzJ;W#z1`w52^^*FRkq22=xR?
zGS;WdoxcEFnIR?94ai7wjaC5Dndp-|<hh-S(?;%<qKP@(Qnr)XFHU@&o`v(I=v%y*
z{N5$olKQs>DN#*q)^iD^nK5<qCnSR;v5FbgT0?)rimcQU5)kyQf2S@}rmK*DN)+gN
zP@r_p-`}pR8?AP`M1W>N^dy!0m|&pl72?q$Lgy@48wZCz9R#viydM(-X6!Z|9S6?a
z{FE$MgoJz>_z0OWy?1@AY?!f?F7e+_2LGKz%>ZKLq4D3%CGp>iAuNsmE(WMs5B^&d
z(8Pb6E%DznHA?(<iT~bu{I{->S_A%j87SETsPL?jhD|h!qr!`}xdOetEvWET4l2A=
zqQcjQ3dgNCJ^pc&!l_4%c+VUBo#aSfQD(%g1%J0Pmx1K)w;B9B7+Qb^LlCxavqU8@
zS%{;KL%=O|RK=2r_r@eC2}C%@a(hV(w-0|VUQF4(bPPNBatDKk;3v5>0|wkUr)Y6>
zyA6<xD}iBC9RXj16FcwDk+JuF`~!0j?*ESdzch@pC<0gst$06{UvcykMIY>ipeCLh
zXLMU7U&lxeUW`2!PSdkrWS1r{5`w7009jB>*}Cl8RO6$dY7~Sf@?VO3?U&v+@Q!~c
z$Qe#^nxMIu7Jby324&|*i4xdpO~S`xed#s5{}^U#S@euDI#+t)Lm^5D)?NY;su)fo
z5GDf0#6agjF=Nr1!k)_Fp54<B@2KdjKCDn^uy}v7;f3lRLkA^^Qpnk3qpxOf9~q6M
z-ZExjy<%{q<V0jpSPwR=K|;})kTZW%oslS-Nxp1y&BLZhT@u5-^b}}C(G3bT`)){J
zQx{{RBjdXXZtV`@)9vNLTMJ=st|A6l2#FJ|WGdK}Xk8b+CCX>QxDpNO!MRecQh3s1
zgmgV-I9CZ~B9n_7OHBtL;`KGY=O9zqCD)WjbsBe&+RSb(cZgeVWqSw@bHRTCb^;)r
zGNj$}12X~WFK`1;1vXhJl*w$AP$nHPj#x4tlQVz*y87rm`WmZti7(NjWC?L9Ax@72
zWmiI+9y!FRj0LJmD8;5K`6yAQOlVpd3zl@EfdlEGv0$wwv0#cJER6*#=3iS67EIH>
z$(t>)U@|pIELe#J+j=aRu9AORODxc3JlYGO!Lr60Hqk1M1}oa;3N-h&puyTXXs~vP
z23tKE>>Ze+ufXC=bDdn>y4Ka}ukWv>6Uz$#e>uIHz(hQ6NLZ3Bc}1BUw-yrC&Rh+W
z!{6$Br<NB5s($YcF-S)!AqGkahU&Cw@;l&93IZGWlRInT7<AJZ9DsjQ7-42`_8&SK
zX;86X-~XCu2W$yI^(lR83?}}_7|n)LcMRW*;n0>ulc5@bg_fxS1JnQv_`Puv4l?uP
zv9jE#e(Vi>Q7~NR(VS$55!{JqJN$**Rm0)o=vd}MOlg>S9EP+2Y!leyhWEzFJxGsh
zCsOM<?5Ui`6kYsMc%pwO&Wa)<;>h|!uKE^&jqEQG%qaD(1CB0AzhK!;MYOC$pb#7j
zcO=_ZK;$5h>7<S+!o=hERWd6pshS)t9f8!w<<3X%i|5~k0hVNnb2Qm&`cHynN}9*#
zJzbA}U2wrmkY(qUKfb^4+58I;cn3BGSak3)i^}T;o=?*h-|v4Z+KeZf6(r|vUHG!c
zJ+n5=&HD;WEGYJ@aH2s0x}fEe0PuVQ9>ptbINbZo?&amDKkxnU!vKDM*#Gn1pU?hu
zdd73_yx6<EbpCjGd652R|DT`!<MQ(J=RfYlfB(Gqsrtibta=6$_=3LQ|1+3=1ff4&
z?u3mpiebUa9YhHoi0&Z>A<^?Ulc!rG0cMlTTY(SngGm7o4xo(LO9tX~gTa$rTtI(b
zF*NjXB?Yc*Yu@G+p+jFWTM!zllp}+!^uQg$k&qTyDSp&c23Mi)YV}$fCNCmLnJBqT
zl>A_clEW=U87b?@M9NC~lfakq(CDc4lISSK5SB(q6>~MM2OXv9>f_Cp=qQ;QB|54^
zM{PYiN>@p(0UcG;L%RSTDr<CM6YYQEc&MUnu0U6B3m&SIgNN#rc&K&Yp@uA3>eZ<S
zXpAc){PV^?CE1Wyl(}zf@lTyheV-iuR^gxC4`7fqxo}`u@cV?u!*W@s1%M=tpuv$F
z5c=4fg5By1x*_ZdK>=`4a40M)Kq!MlFFtV~6bqNdlhGMAbPE6dLhfNGP6&UK!hl>D
zCM)m_i?%UzNAA?H`YxQV?(qR&t30VA4$qiOTZc~F@7{tBfsk041LGwb`gb%5vk_Rp
z8-%(T?s+xzHLwn2EHHTJVuwDE0eGW5oBUu1xxBl(I{-^8SOTdiP7Z_nz;eK&0L#M&
z<u5qwe7PUjtV39<;m@lvG<AOi4v;IL6=Fz&tI_=x_%_kK0WAZEIahbkhr?w-TwHe<
zRClcgw1xiuzw-G3UykJZyCK6dFwPg|`Lj^!*soE>Y4-O3+}iB7k?0}&Q_zK18(Smx
zo8udRwlQod{3Z4T*w|waZrr~k*E#I3H(<~mqTg}pY|!%}l|@JeBUU3c?FFawXC82h
z9@_gr0)XwE(=ZUM*adj7;H^I~((le^aBP!LUl@ORUyRo%eHjH<BOLK0qJ(k(Ye=a~
ztQC00(2pxh(zWn=ItHpiU-7(?KuHICsCsPde%t+iURy8W<H?3n&vIMgpMF14HJANT
zYL{ogQw;$~31SSc4<RdI`aB?cy3M)8=k!HgFNF|`{MRv{M;MWeP5c20Pr^AXil9{e
zko14<ChC8R)rbF%u7asGnF1E=)2Gk7bKCyR+ul#NF2O*;f$`zOfZV}gPXgnqCIiq1
zs>hXN-4uDDV(M9C&U7Rq)uF(j5O_UI5<ZTfjFPc}-7iI@1lAJE?0>4t5Q5CsF5yR`
zL0T-)rW%GLd(C-bMxY1IF}j35PHhA&B|R(YP~^4eNCm8~i2^jaqZEIS0|FA<TZw7L
zir@i2B2C<D*MrL5^*Ncqemj$pV8KqPj{r1Jv;cq^#Y+4iqeB@Q^63H_*AN|2jmA3x
zW2F~>>av1WLjY^NZZ-t4(=8!@5kX1_U<m<yFbH5`WiNq%PX-8>bgY6?@u7i$os*|w
zF@HM6fqzBYT!C)h7T{ku2l&@5fq!cN{_(I%B0mpo2%mW_%p@D~iZb_YE%2|Kso#^s
zf0ns0DW(q$?@=(aDT<9qacLQjbuYktXlP@YI~W1R`I48j@Fp`x_Y9{N4lQsd_Q-JA
zsAi&fRH!);k*1dh03dXq2T@xZBL{Z-bANCoAfdpK;*Mq`!<%6mjF46s%#HQ|L&E`8
zjR+%WSRwojy%EsB6{~VZE$-ltX#BWt_kWQLl9@mNEW>^6QOU?Z68bCV`=gZ3sEWZG
zW)sOH<pgA!lTlL2#%R`RHR_9DE|K_1tjWZ>zZw$ndU~@be`?=&k(v=v^?@B(%YWe-
zi|1f{T=N{Ip4*0r%<xAF?L}iA35~{NRLfC0&sCY@tQ4L~*5e<we343TWH`a`xr|(q
zbKQ!Y@G8Fb@6=^xV_3ceT-8rzJgCClNF`DE*ZGSFPaVf(%csWQpD2F5%r>{aKpe|N
z7}>sTbEhNNLQYreC2V#x$V1=tN`Eh5M3B-;_}ILJ3PDIdDw6{(>-9=n72rhu&|a_Z
zl3p*x5SI3O6*D-j$LpnO@ZrstUN4y%rPr(UdTqVeOIJy)!|PStl(&E*ENg&a6W!vD
zu%d0QKwWQ(BdnL>2<w%Ou+=-l*dJFIZ{`h4VuCl<pS33}$%nk6%zj(z34iNl>ip#J
zw>kw-=;+!T`FJxCP~e8|k$o0;VpnAE!GIa?TAd3Benl5ifCgsx9C)~BhYyTccA!4X
z3&f*pRFT{h4E*ZIb&6*TN(ReVS>_<|0krQ1>>8xO6$k6oIga-v>ieqPZ7g<2#0<<x
zPM;2hsThppCR($@HyCrn$5Oj!9p?ePYViQtFAVG2-;=tNNK-KH5-yFB{?X%sM)1a=
z<@|kyNn?Ps1~C2p9r|Tyj;g+elMT!QR=yb=ih-Mfzh?9vsc1@-Z3B~SU<!zLlfPsn
zf1~L*%sfyuU59qpHkrLc&fjqhFK}Un)~{wBZ9mz8ior}|0l3r$;7*zz?M`4d1kHHG
z)|TC5IuJ=Dai-;*2f#&SvX@8_BHg}ZpSp4f<f|J@gY?9~oWKZmid8f}kYt6dFDT0C
zej<arqOZx<WG{CDDD(rqF5XhqA@(3He>qYo)pMjsk-{u*>f-p>AJbWJo^Aq>Fb>K5
z{2Ur-Iacnz1_p3Fdy0$UD-Pdq*sWaV|AaE^7umTjT%+|?jrTg{`=&`E_)EI_h?e<v
zUpxgz>PF2m(G}1*ucbTu!Z5i5nhjK1t-@th!GL^JxW|E2%^&Qs{_H<-v_!F$e|vt^
zsHe4l$Kymj>;nBb@@JJRaJd4PE3h)5W4QvCEAUf>x#@40Rt1GqZ_J~Rc&Uw8gqWin
zLV4@=&>*@_8JYto4GmOEa+RSujOQMjqfE^ObAWRup|djQm!4zZ!8rgF@QUIlyqOJ$
z)K;yJA!FJ#8#z{4zE=f%Bq{Z0e}cFxgvX6D+3DHSh|5tz6Q4{#j-;CxT$~RLP3$cR
zO;ikFX=q|G5Ab@RiJBgG-fRg?l&Mid6H92~)<Y9@mDD<+i3=eh7C<RxjWukdR~)5S
zw9OT0?rlLSnzbC5qFF0(imS&d`V6Ny_Q9xlKea~akbCYx#S|;@nlTRCe_E&_9ld%H
zND*LL!HVtx%<5p@7V;40(t>4(0PiF44>4-S(7y)D@x>V|P6Gn&<}Vfc+cDw}Z;&zJ
zEi`(DDVi$ir#=~u4JK>|SUd)=w1eVf0S0em-6N)urpz+Jd!qD{x0XYsh$86kzV%)3
zYSXT;_NvU$?Xcjrv7}o;f0T90@$KMX6fzPD))-+*!3`M>4@a;}4ap(lM!-YpoCWor
z>huP0Rl|(>ybp&HGV*Up)q>H{1XP%*?9VveN1}Fhyeuk`|8YjgXIzNcSOxTv;usK9
zng>8cUkc$x-jCmce<2UFXrw(Ta`5u3s1Oo7-~**C!vcUu0|%A@e-=a)!+7|YJ0Y)0
zDKuz81!d_tr)pPu3v3=}l?G<lDo07Dih>b>ccftKty+ymq?c!g(!CIv^aH3hKwyAs
zHI9xXfXOkYpi9Q?z&$A~>U#ge3F3w5{Mh`D%=w{p;w+Q}B75%vsDo!tkm$B(){5*V
zR-CvZnYscn9{|dWe~*#F$P#eKMTRD4bI2K)qW6j>5I&d!t0=&13#WmQvI!(nXHhTG
z84i%;(%A=~vdk~cvzg3AkbnefB6T+eGo#MoNFyhaWGLutpBgIQgxjjrxDTdr*+g)C
zI}h_GE7*T6s$jMCtIQvZX;-a$esh)U(i#2c>(;Xcb!(A<e<@X~dR&TZgwIX2Zc<$e
zR8S21L%~3N*BmNGw)bIBA2%4xe*5kIXgYzDg}iyHNP>Oo<xG+MNHs&z19*GkPpx5U
zj-dU$_(L&Yx^tB`Il1tje}Z-dGZ%g^Hby)amWg@FC|b`jidLDJCrzUZv(>JbA-7~+
zECE0z04QH+e^F*B0YG#7Yp_wVP*HCe04U`?LC3*ELx9YfBWeK*ka84DqkxJ!SJs0A
z(spq1hD#)nOpOu=R3d@49totcsMdf5((wB&0QkuqQrJdvWIB+a;;pVkO>YhC$IOHM
zm?i9IZQ;p20)7Ud1<uv$udtb#(ph@u*dH@P=43Y9e_rg5nXUDc1la08Wh9gbW8h+9
z9yF!Vpky;HGKkCJA_a!&TlhBsqqcoxfUD&E21=g!E?By$LEa-L6Ze(?B!{{$SrVWr
zIHO$89?qaE_`M4JHK-WZzq#P2wnt#;?pss#b?RS0A|t9N^5LR`!cBDCGOpoE9t%ze
zI3m_ve}pgrR0zOD*dEQFV|ffbgavn@vLLKTID}{<7DNr^3ojf~;1S@W4De-L)94y}
z2B^<=WDNnSOVHuS+Jy&+%sfkifqo%(Mx>^UTh|ir-@urJCX0Lr>kW{GfT-ZcA7TWW
zIuDJ;X#IW+k9Org?eZ9D;Vfd{J75hAQUuZke+^+4r~?CL_K-n;SdcrIg(30_aMZm&
z12)6yn{wa_Py!mnz&Iib&@McKWBM+z5&naWg#Q97;XlAkyVQGxwW&LD$^!6oMPxT{
zVev;a*xTBozZ}u<FZ^qnUS04R3wp+joKxkA^bH9bVW&7*k{)2$7Y*(~3uM41QD~Fs
ze>J*wcRqSwJpay%o`UO*hKYIY1!!@QTB8}cSS!g3?6FZ-IDycC6%TJyk(#Syd%pfk
z?o}=@d~$qEafava6c+T!u)-<yfxub-x<Gn_L_<LnUHv<#C<FEJ(U1(L2<4N5#Hgk;
zds_QsdPhL<?BV2w{Izc!9K@zO3<{$)f9DI%JF6zSFp~t4<3cH@g~^cs^Dr;SR9NH;
z7P@m7xFVXAis-4>MHsP&#VH~~|Bj+PJy58i*6>ZJX5`voY@yhvU#JRWtRNm*N-<73
z_ft$>R0Ip9CG}D!R9K1!>XPLK_7VZ;GdgOzp5nrh{!|nPi}j2KFN)Jr$>Z@%e^z27
zAQkWy-@O6Kz`_(o=3}<ZNN&(X`Kelu;+gR_Si?~hZ~Vy!^mo*d2oX3T*W_!+BD;V2
z=Oz3cp!U6j-Mg~Y6L&DU09;J0gYYcu7R6rd9)gU(?$#O}?o#@shxKnq8U4h7do!RI
zUGNkTjJOzcR>yTG4z!S1e!1Xof1%0>Vjq(<S@<ELGvg&AO&awm$qn%u^F&;*RJ=xl
z*+n6q0S{BBAz!}&i@4MP$gaE;Adq2&s$SCX$;q!|PJI@WZ4$Y%iCD3kdyb>jo+G9Z
z<BLxi>Jh_Of}HPR%*KPm&wt$i4uMjpgq4EbV?eI(d^$gB>i+&gg5kIVe`Oy^oCfmu
zMHs~{V@nk3m!rkH$#^i;>b!-cFcsuACUZiPOuIO(AK#`C1!x7@0}hm-dR>rIVg3Cz
z>@+pxdd(Zpq~Jdl;V-TL9#mW(<wks!%A(xPm)rSrJFmH&Pj2LkY~kmgJ|AW?znX=3
zYqs$MfL<^Rr8?N80-dgke^*%~CS^F4;qoC9U$u>sw`&n2;J~EK8(M8y)v#A-7`ecZ
zuO#Z_BRoDzk|rPMb0GJt2i14Wywqhp%}0%>k6eKpil_++({qkJ=M~F<q#oYRTTGd5
z4c~$939ZsA&1P-Zva?yYI<*p79}%R4)|at0pD46`i6EpOKfHa&e<-A|_bEUnv2WTq
zm2k)PkYp+tb~oG*mZ4go&P|OZ*bQM`4}Md_T=u4hY81=g)F=prThmPqT{t3dxV)($
zQ=`18QQp+p{+k-wifRovHI@NoE^>v#%)M-3E^vjTaH}iP-&=Eqqn>w#qh4O&Sp5}_
z53oUE4??bZ?sqrpe;L9i^WXN~-Kb};14#mG>)j15Abuzi5z-ze1I1!^Z%pt{^y=7_
zXK<AXzmKiH3nwOQW)_gaY)EfO@C5S9Ml$^%zIo>3l(@7bKLZa`Ke)jcQ8p6fRa{<J
z33fjbW(`BfIgZGQ3Z9se8&EU~jfE+_Vt%4z0cAebccIq!f8Y<vF%-Y{SU^&}jH}|&
z#l-T0vCrfwj2DMQ_k7{Vj1c3yzg!r{A1{7>|KarFe<Duz{C}QbynbiwMbavw;egoE
z3qC)C&u|~nyalS#;C07i_uv;YedSNc-1>KoyD=@`fB+5$Zg4~Myz<*O7IUZV%7M+;
z{h}gs6q|zmD4bAvp_g>^Nv$*US0{63E*+Foq89!<dgy8?a;3;^OytIoP2?U;_LDwv
zDSzwVsmsj9u(PB~(aDUP1F*>p^XI(suk&|4z)jcJWWvbhQx8TN!|?gVFx&*l0>p#e
zYqK*PW^!WFRU#{Dy>2G5!Ze#DvLYf#iL5A*6%UTAz!kW3hd&*6c+!4|ma_+Uhu4>N
zhpR@hygR(0b#YDZa9s;8Z@6@a%hV{{;eVw&eEZ$u+KOro?(k*I{EN85>$#5W`U39o
z!mX}Ee{YRDypiV)Z<Oxv)w{!^ixyWW{+)-wli;d<5ALJWvuExWZ)6Ca%!k|S7H?#)
z2T1~Kt6SXid<@4&J=++$j|K<qlN;;S_36dMfJ`w2onc9F?JzhKx?-UTaFkCC=6}!(
zFr)yDM8E<j96DUsM3_JP%3$J;3=g1Tr)P%6PR}GbFixii2@og-j!o>9ff-9_>??mD
z{PSVADh5aio_gSmQ*^~oh>hVZL^Qz)U1tYF3mk9gF6I7y^3^7U#yhky6{<BG%CY+3
zJN4F*u6!xDBVybncO9bNFbV-iJ%5CC|DzXRT#D1P<-Pf-h=VN=$nUqPJJ=g3qy_qV
z)$cBM!rIYRM2;kQNzwd5jS`1>j%7q2`ivB@1kL8WV1g%PKs`CJdH3+D=`g{PSy=$F
z)JtBOPfC%{gFIA7B2vh~fg(<bI*VN<x#xOtWilt4cLTsCfR3BqM>pmbF@L%gF)f5M
zNb(OwSA63c<K&i(Z?8pT*6sBk&%CAEo|ws>U@o{k(uos7nK^N+FdZU)zQFXom=nb5
zam>>y(%HdCpz%2~9$ojIJ69rn8e0ZcfhWU}EGD2DiIZh{4YlbKalDok;G;ztBZDub
zupg_5tF+$uTo0jc#w%7gV}C7mqrrx0?XwDI)Ky0%*F8DqIfmDv+MJ^>1vrH%N3Q5t
z$dJ@_6*jl_j2<w<?JC>DIuWXcu`7P&CD*j{qzc|;7)^Tfla8+Df{T4(>}4&tG?Z$g
zodd(j>?sww)`vxD?N5)Bn(#!B3zbMe*puhD8fut*<1qX^g53<^jDM9n$wbG6OHW1X
zxF|=TPes^O#BBlAl-aa0pYc@TS(58@_WG@0%u3W<Xq}6JM6guI8de66j#3s}3;&AN
zK>8=g&%*B;3OclEAX76R$@C6RlCx0>W_l%%JDFe<P0Y_Rn!l)KASdpGzPMi!{<F<s
zrj3V>dHoekJpe;pJ%4hkQO13d2vVYxN_0}}r;PiuU2$I&x-<DGQ6{+@>G)Bed*a!o
zqYGU;502kzEQ{Y#jbeHHRzWw|n($k?u1MZ+iQkf`QR25s{MPp4x3m@28t_|7`gRwA
za5ZwlR*eN9T!mX*i3;Bu2v;)?!qqGxTn`E13hkTE9Ld$pkbgay9k&<B)y!TQk_6a(
zB$qp&2?D*@s1KHW@Y6fKJwuKYIbUII1HXrWXTe_-m4&_!o9qSqV95`B8(anOhDwbE
z&Wvz<o3Ztcd0VM_n*pm3wG{!8_5{KT{8O!c?#vS268UAl^?&WJ40aXAIpM<01{JVz
z%p1k(kyuX>h<}x^GFJ_B?HS@aI@ZDmg#Nua%*uG|IIB!@aEB7}#2PHO0i%m}^YJ*O
zOOjM+$M&0##~B`J?z2<ob%+ljY~#gI+6xIn1n^C8L#7<msiDyk2~V!%ZiXjsWl&xI
zsEUC^Rs#*m92RqN^7)D(&)AzSM4hoB5&noamgLVh!GA2`o@p_S4r7J*%T#Ha0$obv
zl`0+%Ns-Mf3M>MQGAA7h7p!<@6gfJFk#?sinQVTrpSenNg;=+RwP*=Dny2&gCRb+(
zkY+hO^^a;9$Qy0Ws!(vCn_L<4Myk6|lmNj8fu-_RBei^#0+TMZ6v``Mh(KG@T9~m4
zO6y<N%73@EH4lU&4J}K87KOZv3};9=!TzvNhHym*QI-h8l?_)6_gU%9WhQ7*wNuMO
z4dy@v6=a=*7|a@sqzhD9QFB1LK**I2sc@dY4D4z49LIs8^T?M#WnxEIo;e;K?E?wG
zTmb!<*OzQ;X6>NfQh@VMo%zVb-M{RrgVyn!cz^jQMcM*j6cd=x>Vz<q<$P?YB(?Er
zotMNf1>;n31;cbkN-=@rj2dH@&JtdUDbO&@;m(}!au;IH1-77?(qlcfrZcqb?Hu1)
zZke4g{3+p;sh<*Fxjd-r&1^U<n5l~Cz-(Ms<-v1jMeEdBdljx_g}WBjTnQSk5YjrH
z1%K`I>>(k8Wm3HoTv>uE)xKx+x;{9#vbij{QZ<U@!IcF)(`y1(>Y@X9!zH*<rbY>_
zEWwrA53bZ!RBHuSt_s1i2;Q=pi;Qe8fVV8%>Pocw*5EB$d3eiKiML!m-ZDUe98<g{
zM)bOxVgjWBnOs?Y{}%ofwytLmx@=_#pnuGh+Y7pEWv>`X0&FYjGQ8X^-w&WM@Pxzw
zED}Wqz>zk51K3=`2*MwhVYaH^T%3V;P%z$@#vwSk^v;F^Q6%WwWU1<ywF7*F)Qmwx
zS6GvYbq|2g0E>b1a*R37Ff~lzqZ<Uj#XO|&9SrY>d04ICjL<K8ta`<`LpdD|jejv1
z%-E+`A&Lq`Bq=QizJRC|=Iy}Pdt)D}p>ShC-bHxK`;zK3n9@N`*=i1*ILG%M86Fss
zS9l0r;t*E$Vd(w{+&?bul@s;X^~N)BUPzq*Zeb~apmDxqu+aSk?p{pqc7t@G0|eKS
z4d1_J4I%M-8zf~FK-6(`N92O@fPZmJSs?NdtQ=}utJQvdxHMz}7$s8X?a44!21I@D
zk&}sg8ztLIL)@auSxDCNd(V!ZqdhnNP9R<5ZzB9_Rth@>lpu2ai%H9N+M|32!wipo
z#V}zqYH`<m+FjRAr;RdOqXezuT~XnB_`oPZEKum^&2$HYJt{a?L*iXeZ-4f}{_Z36
z%dAA+%J2<!b0)l;PzEpEVqQRk9|#bn@CGfZS4ixz5frQl-4T5Zf0hggljzZc;bB&l
z@RAlfr^_)CGS2h~E{_2SpNyR3OF<Hmsg{LAbfQus9-l-M!+xwgSzb~>{<v&zytKy6
zNsSk&&`O;7B_2;<E8?(R+<zwOqa`lP);q0mRG9_KcvOrINLF`3oD*wW#-mF8l<}yR
zj7L>3<54{!z=WjcA01*Mx$2aVi5!B7)qCTF!rj3`qDu-geYAO5TTCjYAAA-}{m}^l
zv(_-fc7`fc-c4a|;}4Xh+zAhySRveiDMqK7)g9NfDLr5L-oU+%GJguIJ7`Z3;CagH
zK(Xm$rn0|4(d&sn!)exPm~KtLwCKGW`T=pI4`f+*XdPjjdPk-=Yzuf!Fh#7&_{pmb
zeg8`zJc;q-$t`8_<Y*i(0eB8f?&buZ<XS5$$Yj<hB6}8+Q<Ke7kIK+zONTy7Iw{aR
z|KRAH*0Sgv)hL!n=YJG*VXO(Aqw7ZE4VUN~nHnWJr$py$KRQQSQLPJ|Q_!uo2>zy(
zi<D_CfWIl+>PqzX*5Gg2dH9=liNAS3{LKL53?{h5;ml=HA&4?>ZZ8g}oxL_B3Gke8
zI2;ZVhQeT?#IDjW2GTJ~j82Ksc~lsk#SuCi!yU}em!}FA@_*@aCoGFW?pQ04r<qFh
zm5}o*fkRMXc@pk)J!ns=7EtL*?mbd18Hz;V<d$Gaa{)nOYO=<a1O}}a7PLBG&}u*s
z8vzArLxPqC1Z_|(iwIN#7NjRuN|ey5gsYUO4M^0AKt<V*qJ;rPl{g>i;fq2Al|;j3
z2n4IM4n$Hy0Dq!^%m*u#P$fm67N$yl>Sz6ly8g=8F3DYNnL6)Drp_y&N-{x8s8R`4
zdVbMeN~lr^RYI;Pp-L%HE1^n{JWFHJkAohJ2Zt)PmxU^+MzK6psi2o<O;9CWPaAKz
zgeu9@D4|LvRB8L6O4^F*2}70IxuBx<0#K#Gt*%6GZ+{I`sgnm)>XcBWl|YrwfBgv~
z%lAEu(LOXzh<9&%075_WXh59|8I##=dr?T8Y_*>xz_y~0EFlr_=-xoT4~^0jfc}93
zw!tRP0MGx_$J^rIJz_pxc+$55Ov^|^_87bw3q%Asn)=a#Dg4)($Y~UZ#F~J=%5Y#(
zy=w$7@qb%M@Jt|-E-(;|ZFx~>oUxCy;zIL8vO`y(001rUqx4i%!3>eF>J{#O#$Z8H
zuxo#Tr4-yKFjg1=`3iF6BFcpr0eTv5XG3&%^<6mW-Q!qB7T#pSl$2~-{^Z*7+}~LD
z`!kvVvQMz{eVCLlnA++dJXjNQXAOtO1a*jZNPnIx=pnF@PZfHJ&I0$+L%&aAlwV0O
zo?m98_k;7P6NEbqaMU$;p2fE~PcTS!ryrp}A_L<~&~rQk;|+iG4j##<p@UlVLNxSp
z2DGA{Q;}m5_Bpr>q5z^J;}<eTZfECP{z?WDAd&&Ih8!8YKqHqpyYgEppN>SS(=p59
zDSy3X6onUwah^}?(=igC(*8*9ocx_RIn5Fj`=enx`^LcmO}7WXssRctos{U5(*Mut
zy<d@efCT}Pn-ibMva!J&-(K^~Q_KSl4P}-EZh*4E6y#N1I+{gg_Z2;4bW^qQLctz<
zR;Z3o^=_eQF>mNBc>dj9dJfdzQ6&7z7=I#kSKS2rP?SPvNCs0MpqLXQ<dax=nnh<W
z9l2LOB%~y7BkSvxKiHeg0e@79`}cD>p%Rnp7_w&`-Cm^o7{?f746`z?Rf!A3-osCk
z$R$7P1um(pZ=h~d;1csWWO`ApC#W_y;XFTO+Z5K9jLYLO2fMlmfPLV&;2e7n5PyC;
z@rSyOc;;-&yY0Un87qW#*|<;h<A=8oNvV&MVF4<|H1FEtFC-t87vq=qHYLyNcv5|E
zZ&PPkZ<A^i%X^y&p61u&ZPK-<@P<oolT3}$+f;g+w%^;Nt*DmrHm$<Aw1}Unlj{-c
zEZ}D<-0Dg+_SX2Bx_N%4Zs})Qhku{x3<Ju8hyj~Ueb|FPb9YlWL)2vM+g^85H(T!~
z39zm1CL8Qj*O7B&%*6szA~|u#lk984v<%?h0cM5n(!2>!7bXf19N=<+#=#-M@5&1g
zQ=jL9pYKl!J1}ws=mUC?ghz^fns>OkOGik&@rn-_M<=hes2YNmcydzCntzUP)_j<S
z&KmKE=I>6`P<k+UZQ(0<?Kx3<SRwH~tPcab@Wb&R(NyGl{+$dHzN)ui&X2mXpYI03
z{-jL*vgKQ0@Rwho1XHTUkL2mYCvo41G++whL8cYYDr&3un}0Z7(&e#A>Pa(}@PQPj
zSJ*!VvBGzAC>4!wVKQZqNPolE60bm=E#G0WgLKc2jPJl=eltB#aR53KSw+!LsY3WD
zDwP<6R5<Y_F)6d*Fy_vYdOlI}+`k>ADI9mZB!{Y)5;Z^1nUt7o>h$atjjc)pbl$`C
zM%A!v;$^C(ReN%}C#4@}3;Z~%yVbcOXU+*35HBFFZ!NkpE4?}E^nd2WbxP^enMbRn
zk}cgjcvN~Cmxz+*VmuK(xLc>YtXoGlisjup1y9Xua_i_?E_lPGTSulw>DDRTI@|Bo
z(N<KeaqAQ}FfHQE>E`-fx(j%73b(ovMZGoNoL-(cr&oG&R_M*)p3>7Z=FT|>Tk<pa
z<Mc9wOy;}o_2cxi6@Pt_0Nd)vv80PZ0muUy4Ozx(jNFL{gqYI?O|8nq#~XfQM&+IX
z$Ej<({w#=^_6NK@FgHsVdn(3sa?cZK11$-BM*6nu1`kc8jbH2I6^s#(06ah3_Y}WQ
zRNUng>4|gE?{|VEu#l|M<%0vfLh4*m-`A1RsENxHBiFm4<A1-BL;0FClCRp2p!OoX
z5LZ{C0@5X%<KfW1qqlHmF997O9XydjZ6<vSnKvrXgrU3y6CbYBqu2*usK$<E(^n7V
zdX+@j!-Y-L=82YNI-^*5!+_DDv`jB*nRWx)hpoo_Y6J8&+vPn2Bt?18V5xfss7gzd
z^wTj(C%5>xxqp3dlXP!cleB6S%bTPN9st&4lGZ(h@rFy2v`mfCBwd=Mx8EeKt*BOG
zk}iG#Uc@Bb%QYVN7BEQ{ZgnM!`e~Y^ZxC|pUDNC%e2g$e`Dw}`T^giUVvs)e{E<Hd
z(-_UBKsQZ5^7mlon&6Y*9bmrt{@1IYqq#tH9siT%i+|ZF<8(eN3Tb;RrfHS@2G%Wc
z&H;Q0R8kqHQ}SA`nl+%|oC5^gUth8P^%Y|k!4_APFjwYAjLPJ~y2jSO*R`*z!zQ96
zSSShHT#F`PALRh=5=??!up(1YP|*{)3fS!$;fe4OSvs)axz^VJQR&?9I`sj_Nbrxn
z-QRzwcz<;?C!U_a|MqQHK;r=)t1J!x?R4Rx?|<pT7J`<>l0bHEZ%?#QjXu9`d~ei6
zH5_)_<ohG`{O~XeAxW*=-fYwdDuG2kq!1?|aac<%%V4an){i<Z@tSgb%jK-n3h^W8
zwSRCBQ6^qHN=0?_FXM6twd5%%z<`MbCXkAk|9?ON*teY1m?*5u`3#B@CtY+3>iCXK
z_PFMKe+Pa1c=pRaLbAm>mPaS-Q-oEgU~mh#&)8!x@kd1l4N`<-KRDp5!aukOAqo;>
zDS}WuexkI<Jrt+4bYI~O<Ft^bquVO^3UcBYXVwG;!ruc|ff5VI6|O9)N*uW^xK_#;
z6@P2w;LMudBr8c7@mzPX$Ns!JJ>wu(CZqvfYA<&_Va_tBH~|yx9uN(FKJ9(_5B&G@
z=kNFNttrwhMQ!XW9*JH=K9^_)LgmAPLdBgZ&{$NG>m4kYbhgCG1!OAH_sVI|_#>YG
ztd^?6Y2yw2b4pIRZt`7TBWH@rXPK2a8-M*Ya~-*!^f<4o;6O$7h&g!^VGCjQt^|`r
zU*I~GWo|t(Vp$C(D$8ljs6x-IAPp&@?4)`xlB)t}?O0D<q?CPP1Rsb6l7shstbj;L
zYTids3Uj`KdDvdUa!tubD==A;R+!gcg^rPElG7}0N$T34juL&NnFHCE*hQwC?|-qh
zoyt;?C?Y5XI6(R??%Ks`?tH9Hh(E#ailk~$@k(r16%{wKhY|a$q>Me~jFicUMH5%1
zs}@bNhgEe`$YR;W(#SsQtpcBgw2BGoC#_Pd{IUB7$>nt2yATb6KZ#Ar+DQNKdmjBB
zi;YEnV{|4>*L7^$w(SWfb~3STPV6hTZQHhO+t$Q(zTEHg<Lf`Qc6F^<tE;<DowKXz
zY`MD2xy|O~W-}gq#%?tp{18tvz>CT!yE|sSe4p`=@xg7Bn1OCM{l<}Q_2xv9XPX1#
zv(uBqt7O8E7z5|udUc70dCG|AIT(s6k~&9{E#rC;w$6@^>BnBaP#~q7s7W9fr0&!g
z*SeWPwencH{k85Flzioq0Z%?0*#ev!VpSnqjw}!!zDlzqKy>-Qirgp=;EZ0LE1H!(
zVi^dOP(*Ja_F2~#3YKW>lOcErbI%*SAew-FOlQJToo|MnU*@D8qYLw9`sI0G*+~9K
zN$o@S0}caF!WUN*A#&0%=^7tcG7;#KG#NHZS}%j)vZ;(O<LFE2%>GvEcB;P@5u2s1
zu?J-P6M|y+z?!kSq=n%C?%L?NqZ!rKU*}r$sOVhE?bqx0%8E<fY8$*x^_Ufa=O*zF
zX#r3K$C1|Kuz+9vj>j&${cKamLRG4206jk<S$>*=SBJ=~L#r-%!Hd9(n;$hB`d#2a
zF$bMYwYvkT<+>i1NZrj8>toUf4#7Zwq@LeVGmtN1lL}xvEwzMz3{I{5cVo-M({7Zl
z7L(KNA!lWjjg+GN<)|(Nqt6!_9&o)4T?}Sgdi#~j{`Gdxd&Cz+hI-caIRmY;U)y4)
z&YCI&99G7P=k){^%LaEit;;lX!CIUQ7JK>R%@7^xGkpxp(ii(uwGq(*0o1KHtv7^B
zT)p23yWF7Y30@-r+VP8F%*+!6<w^mc+<hxHK?NTZYg?iW)(#vK&Bo>1p?HmxD>X#v
zkNsCyf^ZDou5QS;_9p_jh2U*Wr}RF?FZTDL5|%L^v%ToGYa*m8UofR7OeFN00lh0P
z1cOMu%RM;0O0`K}l=pCUf^TvtC5?M2Zn?wJG^>C*m;fQb{+5INks+_yDuU@C!t0F#
zW!iKcG|FRn@U-#QXlosa`8iPIB(Sn^FmokB(trolB%03%s8oq}RlI~mRlNVaX3&tb
zIePT5RD~N?TB7pi_B)U94C&ax+nE3YKOp968T4(#brilyN<zI2*kuotlG=hi882^-
zwMg9Qn`j#VWuuEdl@e7Cgj9&7bt%aNMi*rwCzu=DEh+?VuB(g|CI|y95loPSe$dqa
zp_+PvvD@*xQ``?RUzx0FQr!;c8{)njQ;n6SXD=WH!{hFK`4K&P&{vP!5~MY;#eZDd
z7v!eyWvftDbUF@c2XncgmH)<AWGByL*U0k&x$^@6)d4&)HmEV)jmNBjEUdxgPLA@+
z!l_4r@9`bDYb<W?W6!rI_MPYg3jc>@6!Av+1P$YcdH37#o=_8h=nLA47vWqJ?ptMK
z)@J=KUA&g+?3ia7d}hTH|FGF~Cd;0_#~`Qm?>UX@V3}TZ4-TF%h~W1>G7zmdQ<Anu
zIko}dmadTe(W0{N?;6V@WxHuMV0L0UZXJH%;H;H~WqwijXhfzICsDpD#=~z4rtud&
zJ9Imgi}ona%m12{i+&r<#JdlzZA>tdJ3u@-oaF<(H<hLg`BB*F>9W(Y#g&}@1du%8
z&t`KGTZF_*Y#lXkRW)zUh1bysk=w}!F7*L?MI`o9!CHYVG&)%E-|0@~rW349m(c~$
zp-_+{V-=imQ4~~4$H&`u-&q>?L^PC$*tUikw;MmcOnCip;8v%Mz%iu>I`J!cLu!YZ
z<y#$0lgkm0aflN$oU`jH1%Refur#KhJyI$;1fGwOKxBsFd(;x}CgdFsvkHpIxx)c_
z9839ZEXHL*-&Ny^I7%(FLKcn5!Sk#5!WI|HiDJ}=5I*oBv-fCGd7!aFlr@CCPgiiK
zP%Sh1*4qsglTKtyab}B6u{Asu(@qzverNhTGuoVz|16RY%jI2?eKm5G$o3Uo)ps1)
z5SS48I~=q9<L*yEs6d7xPghQWZu|hbQ2xYNv#x0Iq98yd-HxYDo0NjmSD<chG03S_
zh|K3qeqd+?M2ZBwk8$?NdFG(MIT8B`?sE#RF4bz^f^~q?7saBliAPcNMGVxWNDt>@
z$;(!V6a0&sd3Ehh4ReD-K9t9<XHP-{n1M7Yiq9bMci{M)6K91hqj@5VP}CC;B2fj{
zSa2YS7eJK6;BSKtxng<)gZZZPwm(1587nP87DO%$&L4S@^VFIUVukm(p5KLu{=lxH
z7X9%}MOp*S8PrSAkNgEf>XeWZ$pp}tab>F|+C`8faK?-aH4ieLh*PJ8N{5_`twE_Z
zY$ekGK6`hV>)j%XOzM5sAHoiD1iofeSVVq!tl|{F48m!vA#v!j`Xt!NVt44_<viq<
zh6;*%kL))K+C2FvJ{Vda?P7@fX|;u#OwcyND=r(ei8(-A9<*ilGdHb%0v0bdH7|VZ
z;9PptjGl{(o_m6Yz6+k+2(}ma9MGv=d_;-g3o-5@+wX3VOqYn?yM{t8F0;L^4Hbs)
z;Xu{dei%Q(bWG++1rQ82x@6w$J7QC5ar!UZH&w2abwz(5Et(QoB(+6^RAW6@I@f)-
z;Wi_*KYc%&pB+&?o@dDL0kKThBPYtk<YMzsUgsdRQjvc*>sy0^LEctBp^$|7!-Cpe
zSnAUm4%p<dgkd+}=m+(_`|F0?8l2UTtJH-L*_qatm4M)^ltDQjjqFj>8D!2C*b19|
z8SdXZ`PiQ3JZ}e|c5^@B*d=|5-Qh~W4;ho^;5Tw~Rc%?{V-D}X07^^VVB@cirBd;E
z*k=|G!`AfV<U~QskFzR@jmm0yl~}_}bftn!jni>rY|<oqt)Y*$)yKFQ#ErKrscRn8
zyADoz`xi^xpJ;U)tv%{i6G~F)l1<+52&<UP3i~Umf{L*K(3<H(uM48`d~_AYe7jlH
zt63z@N}_C${gNU<fCZBNq4ph}msop|7Sn}F#eGsyFw^7gKUT=A&-*D{nxwrz#I{LD
z>H27X%<_SA<$Kf<usLY9vh5T;=c)Fvvh7zIev4fi3DusCq&f|O3aL(0R9>ouR&vVG
zm|6+d?QE9wO%ysQ*-lfu;z@+4)l~7?^gJBG(>OM5O58jyfO8k})77k^Jfr84*}8Xj
zd@UIKh`pr^eX?zMq0>t{otDq5cXv;$cAr3kzRRDpnSrL&EX)~;;@OI7!rf$5Jj@+>
zCWaUxps6f%d%L~%zTi)rZ72hMlGziw;c6<?r0e0oyZ>H1ZMhy3vq!@KUAQYX6X4E3
z`AOTQc2?!M1C9_NfUYv@shlzEJFx90jaIM?bdr)cnHwGF(8fomJHnG_3V!m$(m=Zw
z)6@=iiOnN^fig4tQBV>qS`$GEqmD3B2-*gyH|i@dTZ<7>W=J~65XPONy3w`I+Mi<a
zCX*9ae&`^nML8KLlUGyqJm^cmb71l5fXj#u61@Sj0>ET8-8@OL#b*`B{)HMt-qcrv
zEV@e<ixB*!g8CJqT-epT@vrK;)5ZJqsN^w)@p|{<XjuNAfKF$8NLRN;PxsZw<C_Pq
z_u30(cIeXxAz;fF0MPudf4xJT^Z@>R3eL9s0Lx&f=PRH~ga$`7j1;?kU=zHQl~cv>
zsnXoB2P_J;1fx2rD`CU?+Ko$qw)PN>8Tx4bUcyZyFlq~h9*|^L%9d4HHdvN~0Weea
z7iHc{%t!FvFC}c!QMN?{WgR9GOd45wLL8$9K}sfm6w+bFC8*%{1+sFJXDpIv<SOQ*
z4pU{NMs`Kv$|~<l)Ub-K_vb@+53TT=Y=&&%0BRfW8X$V^;_^)lEcO<ndw(<WyE_d;
z3nTe7I$xp^!~HqWn}VW3+znq<g{vKl$(Bg8pP1grFM-QUJP8=ebUN|EQa{*w?yyB1
z6mrPQ*s!sx`MYF!#rCf@ZOO5FtA(WXz2VsJ`D7T>3_6eLM?m|f(rq`Bh={TI*w5Kw
z5x{3Z1<LpfG1E1gCI>Pbt+g8CI)ivc>b_g4#md5cCxE&0T4?G$dEou-nu!I<psqx9
z{g$K5m9L=M)~igz+2=WT{-fHLuyu$V@f_kb`rq#B5nd`)%D$*X)wPdZLkn<b^Lv5t
z-dj8~a}!o7)*VXlAZm^I1Cauzh6&;>HUN=9J*s*p`f6-Xtx@t6ljOG_T}2GJ;@~v9
z$_)FHWiZq{{UR{S8{_ecYHtM8!i}IiO%Vt#_V4gS@UQynENC>wq!Q19M=2C_w6(i;
z%Ou%3Ow351VbnSGWZg}5lp9Ytu1rDi*NVs>T*;9?V$)>P=RrErCmh<@LDlpnuYd!H
zAvT7|3RW_V2!Zh#oFrmkx}tVt1(yqD4jMA<0S<hp>^1oI)3ql_x^+xzIUs{r<c^cy
z$C-}?DcnCII1R3ih?`T}bAP9{lw&%$Yx9{P8;)%ej)%95e}>yN;b*v8GcpNZI#<&>
z=86;@IoVws9yVpSxzDj%Gsc9<0G4x{*!fj#-mK0Y$;sW^c)~k)%MY?;5Aei)u4g;1
z)J!Ww6qOl;W=nLzvIO7i#vA4S5W0)$z`xQoo;ObK{h8%~%PRuj8%6eOgo%b0$3;70
z<$D;>Iqh5O@$SDLLQ0F57ev?sf=(EihNBMRl6i!PG1OWqPr%-pI>s@&1Hgg&DAADW
zH2Hk`Py9NAqWC(F5o%8P+!ORbNZb?P$^wP|*kRZRgUBP!l&`yplP{vIm=*kYs<;!g
z?LX#J<H_sQh0#w26;M7^oY+K0R9VKD{(dTl(zQDWyMmg{lU{=FsnX$j;(aYPK(!@3
z3q0G+H-^Kl7klBlfeUwb2k7q4mpZqZ&HCgBV%LU@{pByhczb(Dezq+>e>qA3GP|h+
zAwV8%m6mWY0gxG4tIRbr>O2nExBX?2Ehttw9G7(nn=3<*pFaHgyttsG0J=LH((2VI
zx=A?ij72+48U|A=D1#SQf|ZH?@sO)2{$_M+)lV?LNiVg0%E5k=3Sbu-W39G2gX#IJ
znHg;WzjW-;Mum+Q`;$;sVlxxW^<O2w<6e){Ap)h=vy4oE&EvvyY+8-GsE+8rq-x!>
z^Q0^8E-h3mr>=R~?s=WcUMWu489m}@Zd}{Zs5GYaS{s)kF*65B{Y!LhN*tq|{%5O&
zH;{@;Q}9pUqO_5A7JweCmtBCUlP+p^XDnXK6#F~a0h7l~Ce&k7fpOPSYG+`G{_yP*
zEGKdo?A*WRf|ImOS1cxx({~?C4xT2$zxfST0{c=M`FNVtMFSc?<@6K=`Hu@?qsRi2
zlSD5ir|OTXwUK{1UuvUhsg+pNB09z^{;Pm~Tv<l5Y4Q&XpitYQA+c<usnL{L+-UMo
zv}Hr$-Q=Iy@XHka)^SrxN$&$}XZ8cw>GF&$Je9Qzutx2lV@>_211H?ot}j4cUr0ce
zck64Co=6oVoca*6LjI@FPJ_1}c3Vt0iX+&gA<;ZGT}<v=*FFGJMFzHDKkcr(itSoK
zexF(J^|d_;0He77IbA1XZxBXzYTCY~HN&?4u6_ly0EC&O-zTYqn-3+7{lKiZ<ul*6
z&x>FX6)R9Su%5RRh}c3l!YR56_x6Q)ncYM6tWsJ2cBkA!12P*q^vy7b;Wbk4X?*U%
z(#?J|b%O$0wSRJfKdb!Y=IScSn$0pQEvK07k`dW2fY`A#n(WmY?@}cP`j(O+;|^pE
zXJ}x}b%LYOc0;XDLEHU2{{-}vId<A}StdMsg|p9|1|lMkMD-#=H+rE;bY<-5T%|=)
zLE9XS#&0T_3S%^WT21m3HBQFnVihNg#YQRF3c6oa@&DOZ)v*XPl?cJH*b*_eMjG*4
znXPI7nBTl64#<%koS%a>D%BAR)k%zRLnTX4{36%S6wlV(TFDdSplt#Jev1W!#0$ig
zH%z*Fv&jb|#tdifhI~G7P=~UZNJ~Pi0&9<g0Yq=ugeY?9uDy&fihBd|y*-}P>C~!o
zh1$?j)EZB7m`=k^k~at{Yx$^Wgl^cn2}%XX|FUnsr4VrY#AW<Id+2N-W2L_!8TqRL
z1M53QAU29;4UEyUN5%qpAgHq*-+Bybu1uxa+a-4daTEi?{A>aZ9we3l4d}fF0$>Qj
zN<hofp>PQ7VN=~Yi9l(9qewJN4*WK={EQ!@7kz>wY)zT2*}i!KW`~V2`Ymmp$JGiz
z(w}kkc0WZ(joG_6YmH~uzk=y?xaToyRG0wD7>x)-=cJZT9wq-IcZ}6+NV7afNAtkR
zI?(NUeYC=B<EW4n&n$a|OORs_O?N;@N6l-uE@$@PNvA1xZ9|=(#1`R38J_ic1p$|y
zkBL|looD1WA4Um9j|R8aA(`iO!U+J}6GIBGc0Y7_Uh6ph>lZ)aOY1w{Q^bF2@yOh*
zLqFopW~X%H<CJ6i`KP%1e%$&Y=;OdRw>oypQt5(YFe^FxGw!}lN9EVdU6EO{rqDjP
zJk|9E%X1g{Dl?S|?qF<db}P$TG)p9=fL8ApshpM6dERW+Vq32w4QKz_rAh#cu$v#N
z5>vQ`KKhk7lvpnlP~tE*cJB&t1@Um9Nin<H%mDTuI7Nq`d^axzw6D7Er=4$lQs69|
z?C*biR-t~}2&TY`Q>lI-R8kbz;C(B&t7t+VkM*)8O(Ci`fyiGF!?VB=P~GHXp&5qz
zkwc2u%8U-p%q7u_C%pzXis%5l&OK6>k@m{B<>Yc+NFvIBzs|k&3kJL+)LlBpU&^A5
zTvf#)_yqPcOGFKz^G@lK`|-i-b#~;?T$0-+5pB72K%$pi-Or<BzzR+v`zD6IU^DrD
zEdzZ;UVh{!f|SU=dzn1%%@^;cxX#Pl#HZ5fI~r4^PR{$xW>2+$p&S65PL>G$#r$x7
zmHLFqzOgNb>N7tl5pk|ABTFVP`YPKPYfI;QE*)fwvq+7>sL{%H>2JevUG9_pE7mpU
zE@f7+XCSOj#av;@TuZ$<_P?@>1%VSh+e_XEu$doqg?wR$igH>afNu4U1t|ySW!2Oq
zorxPP`_)<eJs$Ge4*L#};@mL<^V-kozDuFBC-6o}uS-*PT=t4Si?9+4lxxO=QQ}D(
znh9SV`@Efjt+v3|!C|jbTHukE|96;EGEV6NL!!Er@4*7DV^LosIFX!kWf4{2smZ>j
z1hW-DxNi&D-JtVi@bAv<J&D3wGub<*+Q|!F(|x|A>7@`+U!WF%;2#b9FdWCgn9^$f
z^#xQ>ao>T<O=tjIqy-aj{c9@iI4$%LTl#iT1C%;sCDbS?XtLxOQDj)2AT`^yS|2$)
z=ToA~@zbA(B5;ce{CDvR;|pmZgS_1<VW&(GdN~F*f<OWgar3VSTLT(}ONLEz+J3q_
z*#!dCiOS}|4Zmc-!8g<{_zUt!`^gr(j)ElqUkvIq5k_P>*}Pnke~Y?!jI4!Oek<2<
zdrqv}964%w`(^i1Jj4O@a?cCxl1m+VUZPm}leRGKfIE`fA^&Ft@k4ZdW1x0dSG?Yl
z2I=71VzKG<nOeq1-;bL}RM7b`GL3pUbQu*sCa4?SY<wPoWKqo?Wr4oO<ixTRYuDj9
zTkn);9VWX8DF$H<;Nr;xY{IBj#aPA;*d5Ven9PYl-$i@pg#w}4%g3{@=n^@Z<4thz
z^$|G)CRXhtI-S@<UTftmj4B#^ut8`HtAL%%Bq~#DWrWl<*GES?l1JHk<vX}<{rU`o
z$J$^jUy%)Py1g%6UW!r~6R|&92Q{~y9wLr*X;brbQA&h4TMuY!F`Wi)JRSiz9?#>#
zj8*xVZ1wHj3GCcWhn@X#=YZKUYd^FFuiPy)8FEF43JgyH$>y~9pw&O00tbw?l^Nb!
zk5a*RQQr3)s5LSqmQDT^G=VppU*tNc{AEK#(lG$Yh3-c*?eXQU;SR5NdfySq1?Lmx
z@f+mvTMY<G**L{c2Xj|ZvMvT|$j1el9-r`L;{Cn_V5Rr@bhdS5cXBOHtYcL%mY+K6
zD@R#iunXxe;=qtYg7q{#f*jQEuq@9YAckwrW3OSIjeELQgRq|ug|Fjs{VCg8o=evw
zln>Bjnxd5OU)xJcE&mq-8nZLHJg9VbyjovenO~V5ydZJtPGW|6?(|Zj4<${!+C8oy
z@upPH=7puC!wmo9rB$)wsR1v&PaS_T^iFm5ia<c1WYE%_kKM`<7u)u>7oB~0)?;kc
zxegxXn*i>4*5*jc9D10RLoNC#5jljmIRS`bK<f|rf_%1=2&?*sMIHq2NzR-f5Cg^b
zgc(-i`T(gsjz2aDTdSki#pGlJlW;ixW9jrpYd|#KugGS>VW4~1X>k^z$P;9yF<L`Z
zC^BB-nBI|^LE6yU?|ewEDAz|P>v{@4%Qel8KE=n1xi&WlmBV52Zq|pPnq<Q;7XbBi
zo9&5Mp~7^si&e5uZL(E$_r%pmPoG+(Ujm~`_W`0@mQWj1ovQmd+_!$hl~fGB8yaz#
z6;lzh@)1gXwZ@NxZ=gEh%XX$iogB5iinw-m4{*~#F8hx}gCREII_A_geVUm-vOPu@
zK*=A`AIh)!i6hwWw&retiQ>QaMF7dqpVb?<`}%(L+LWz9bhE^c#8um4<&z2d>o&`W
z%HU&V_`J1^td0(rW<H0?#dzTfN*Y5mk(uMLsyF^t4pJ#%vT{p@i+2f1Z6{@S_$n~O
z*65_=^@G|roJnU|&7HP19S5Q1Tj`}9F8MH3Jn~n0GivEI>rK|c&hUrQ^MLVtl@9dd
zih7I%1Q{bHTox7ino6g5Br57&Z0QjLZ?1Q@r@i|S4n@3_(ImFlgozouo$ij#$Xl&i
zDDoG2S&q}+p3)Nd!|Z$WPI)jfzPEELm&Z)2i87E1v>5TUmnKRC6XcY?P@yI)-8s*r
zD9h7D{>V;RLF=KF{|1RXssV5^tDU9WP;TSf*|(Rfoqe$}>6TO5p`<e>AN2`Mg02bT
zzF+-#3?qKUgh#b}urN<E2;(W|1)T<9{M){NSsvDN2C_?&9YoIGZcv&xM7L+ocZ}yJ
z)4-O;#ihpT_o!=PsHf5Rmh`eK5ks#QJY`Uy%pDAVXC&U#mv-_)4g-!eR7iT<7{`z0
zv76+>V)7Ha?nwuwib^fQ6t7!F^ZVuHDrP$>b4tp9X1Wv(yn2UUQ4sI@9N`_g$1y`T
zW#sl7NVpS7IABx~cCr3EjDVYo*8E<@*w6IC^=YF0Ni7OG8z8RF9s-=&wYk+d8It$5
zYosPq2URh<=6U0M)&Ou6e&rlkZUP+hBI=`o2DzIbfxCCv11Xn7_W1k@_LJwM;s&v-
zaW0^09ZGR};a_vzBu2{ABL=5U4^>Uw5Mm8LHU$#J6(wy^Qz{=Lj1D;y0Fc>{&y!*A
zS_lWP)O|ZBgmt(;Ik_Guo?m@XEy-}Bl_)oa=U^A5W6B?ZuK*Iu8KTnvR8cP-l_)#T
zC>1G{9|iQH7icty=-H$@za`T%PPKDJn{HKDEdMcAWlFL6Mo2)z+6KA14yvUdgoZG|
z%X+tl=*LaDfuc-HGSz;j;}y}tehqKBi~Oe>gssLxa#GNbJm4SenAuG-$Z@p?QOYp`
zF1Dd>G94l@goqx71Cfg1F`%c1S!8WF_vyRHYm9xHppwrBvU8gdod3%}zz}6rs58`5
zejp$1*L^VPvY~EHvOJN#5L!G#c3!WjMS=+R*-D~hIF`E$$BGhMmmAJ)@9UmCwX_vZ
zVOC%`s53In*+@3oJ!R0#0BCN>3L}4O%k*oJ4@DgHQ-NE!Kmu6-A8<{AK>;BOJCtAW
zk`xH;0Kvtt^*q;W@0Eo30(#((gx&&T0PtG_7ATzncERdIV{OTu=%2KGN!0XW6Rv-Q
zN`~^GA?+abVfzUoe)v6kRH)8z;gr(JIqY?T`_(d`mb3`LR)aqa@J4N4Q=a3wEkY9Y
z5M|xA>YnSxf2g-Ii1&VF-!(5?X<*r}+ox5w4I<Enq^WX;Kv^oaYBq0&$=cDl1H3E-
zUN>VWvLz`bXKupcSvj%Dt?4IG=p7lE<9>3o+%}B5lW54-#+x<<B+ts|q?@zbFkU%G
zB?xt87q2KSNR0<uIQ&9)Ezwj_iWy<3xg|!`GCnY?m1|$L#3+DIxMTdT_hc?GN!dsl
zj*f2H$R3&rnX2WVXcoxW29f1O1w8RNQ&``jYq*$Orc~G&P1K51*!m)bOEVT6h@f%t
zgHoyhmGz2c={{GKh`;2r276z#1wxC8WD&N`&2l^OTq!jkWeTP1f<4&)q3`%J^v%OS
zm_;rc?+K0mhL2oE@(J7lrDFBvB`(qkzyr~?z1e*+&xS}E23?p{t-_2^1AMb#(z4Gg
z=yUQ=`kc_$q8Q9(Xg$QJI`%|=DfXQbdb;4a+Z`8Mdfv0DOe6~bRcfl-H#03yP6<5(
zUn#cyA!3!9)|G8uWtSXgl#ax|siJ<>q=soGk5<^^b9hfAuZY+HGQ-w=Z1Pp*$YOgD
z34mp60rnkT8N0kd@H&7Zz~$@{{f2<f!HYxVos0Q<QnN7ZhwQw!FSW#Tp8{;6-fwgj
zR`vz!A}Geg0raVXm)+qFtRaIfOxYcYbh)#I-blJqbzMJ|5qXNGvWCKYZt}%{6_m%N
z^qYtu9QXD)<CB3fy&o2bsXcFaM^J8uiHs77@$nJMAU~@RK0?rsfMosw_lh*LN(!3I
zS<BMaH}u2BgNHUADa&}p(L0Kf-TS(Wzv-p3v!u1|)8ifl+Z{g7J*SMz&I@JNLog0X
zk{IU@`aXX}Y~tPP8BpFn$xuyZFUw9#BM~B5m4(9d>O1)`6_b<#928a0a_^Q*ssxt>
zQC`cs5+`!4%n`DR0B{?R*&!v^yhO7;oFog6^n8YPr^IPf(E=2zVc4w!{98WGp;m?z
zSGS{g%5RyYWPd0B8WDqxw*Zm1TC%&I*WRg+B|ly6&U{UV6@9)UOQ$(d$<djh3$Pke
zGuHRQR)>-Q_||pGsL~VibVu1G*?#KjKnN9Bu8HJJmV~Z+fS-5t+<Fl3cXLi?3O}hI
zzl_nN_R-sE06{{V>Oe|K0x~%&yV}ibPs1JNEO#6Y<r_4_w_q5E59yr2sn}3?9*gHp
zj-4HEh=hRhjEo^sKGu?WjqFHmjFiZ8KsNgNuY@OzoEa#nKZ3z|cqV%h`VR@_Yvf~v
zOJ;Bjin4SL@XMCB(m!f&KNhA}aA*xT8d{8kFJJfIcJ6>#u7v@IeLr+=CzkP1Nbma&
z9T$0C`v@u-Z}k*m&h~HvVGb+bdL$<F#i_}%eP(E&#SJ@lZjQtkp7e)p_xM+(#i9)!
zOZ6(lP7oNsH*Rk8J9^ncjlKgd6;~Uqs_)5Rb37dn5Ehb>>1NL5P9tW+z8HaV4{%-f
z(M5I4UBQMZ0cO~iW8npzd*pKqA(tB?!r8hp)aCuxDMaM99$qqrmW(z$j`3Vwpw~2A
zPYw=U+lVW&P4>>XRZ3X6K7mtwJ{|3`n`KJn?_L-YF2NBcTiTK*p0Le?<VgP&{-s9D
zg8PvKpqu3Z$i3P-@ZY<aBgmUXP>{sjh?z-n-Yp-c4ay`m8x90R%fA{rUJ}>S#@$NO
zk$!C0EfjWr-LI!G0xC@~-XIy#JViF;Id@5*LNuD1mzvp|n}czR9E)ima1V3lfp+;W
z`pr19Vj}+ba^YsuY{~rEPk^v;{_X0%tRxT*5SBP9VqSFlA%iqa02_*k94vLe|MIbA
zst&AKht0(mPogj*fr%DZG~<ylv(U4XpuN&;^{gUUD%kzw|1SGUTuQ#E0IzF}pvHk>
zg+SfNplY)>^T40j!)a>V$mCNqa<Dq&>Jeeskb4dD#b$fMaQH0RXS0#h_H3h3bJ)QQ
zFp3|0RxeK-ds6xr2CpLJRQ3yr>U$YLM4Prv;Jt<%b3UaQ#3_zYHBr&c+m6-4+s<?q
z%@BSW%|O>t5TV^spk8IuWD`|Yl_z$VdEhEunYuU(IWce_ILVvlfeMz9>ye`r?TqWu
z?|8s*!T|R+xhcD^bI6smiUN$A%o5lD=+%0&X~53p7F~y7sOyQ=>c@VXJ)f)&+Ag=k
z-F{$j4W~j9kQ$vgeKW&oWowJDlc=z_pOb{N0$Kkpj?@Qt*2<~>>m)X7(A026E)Mq%
z*!o%@`ePY9=?Ydi1;IBwm_VZH-;UxW#yJHZ$a5=(tHIF4WBYS9VgWE3RtN$k07P*B
zvIe)Gas0+*B2N$_P?Z-^5auZqtMG_wKLY}W$q#+VG1-={lA?yW+;pYq5||2(GjEye
z-3r#l=3Z^%<1a>QJqG~NW&TV5_@}&Yc>T{zXY~AMrtecyV2;68H~>FpI-_U(*zVQl
z>pwHS@gZx}qrkk;Lw5#H<+UArpx4@NMGiTz{zkCc==o#)4S^NK;o-|T;DXfr+1mph
zApTNbaUij(ta$O^1b;|7H;xNTpt=Ti0}|3tjsOlOGK(4?6C@f%%Us8;AMNN?%3p4u
zAa1Yw-ebsi>xL^Be02;>8b=Z&2LS}fl+~c_i5127;!b7eTT=&s_seSz#?&8Ly<D-}
zLcd&Xk7d1yiS~-j>*M#{4Z_BCIC`~RhcdK=Rc=<_g3n{3pjpQFB*E?{CG`(!+jZKE
zW*I<Cl`~TGZHr&}5$)M@)kfscweS_f`iqM}CeLkF842dY(a=sO^MP|hwuYb33NOZ}
z)D=wC*VGhshT{jAyI|E7jCtj4oUhk)As@Q~VYI#zE7M^9t1f1UBQwHRn?9V#{?8<1
zM26$}j5Q&>Guy&&e&qErV&+Q?P6mQqj5=q_B8C?jVgx}S{C!(gnB5d%w-q5P@&*Z(
zL7+oO!22Rj{S=w{$m53bYZueHK8$lX4M>%Q9W&KGR^1R#a!OwZF3)WBvU*BQ?eFFf
zMD^CrQPyr&<7Dx8GC;pPU=cAX_Or=rhb&Cr5e-WRCi#UnLJlnFZuRpv2A;(dNvZxR
zto|so*EM{iFu0Ho-{8tAWc4Q6^#mmfz=~5}OHT*RSj4*s+PvxJ^Q`N$<Xb*Njx*75
zEod7DqoWT10L8(xISUV&r)jAtAAd0in{e}6DugEUoCCna)`fZdJ-8h6pX_}^Y<{97
z)TaNUq|zzam0N$SeAS;QX>nQP@(#7>zbGkeodnBq2x^0lS}mhCtJ`EkdX*rG)H=qp
zzZtEcqu*!`!i`S51GE<>>#})XNHdxamtSWO@B-3!_i>?^^r~?wD8ff69?;X{tb@SE
zZH6hcbDOBoS6d4in?^`{6K$S6FkO<#>&Q!N7cn-JHXEzkWxZf==^Q9OY3G{`M#S|3
zMBd?rl>`OfXKP5O6T#>fyC#s+Xo7gS?*TrLD_3%q$7>v85JEi~zW{OOc8JA#^af4=
z;6HNASlL7HwZFa>+}y*u#VQsJpR^BmkqoTmyI01jVA2NKSN`x@v=XWDn^dqXIjf7U
zXOOltxiMrttt3hOGo6h=7l30v$Qoz?uAgg1fQ}Tlo+F=YNgafA$(E&Rhj;BH;~}QC
z{|owX%Y)O9_^+`{lyQ#6v@Mo^RnhAbV3BQT1(Fq0YfNK|&0E{tjMhvZ*ECMDsWiWp
zr6g#6q(*WPHCoG&u(l)2VBGeYppdSOU*z#T8b2MAJH&L~_eM*u<*$I2SMe0ji&^Go
zB4@+uXe2eo6-WDNB|gDHX@xKDkHJk*PJPO&cBJJj#%dAV7@QA_{&2dod8OwBP(IlJ
zBM6#bEsGN>$La9a4;YBEnyo}1k5rrda5EjrKite}Q>Q*GW2@=P5AlAXIaN(B(2?w!
zO_QVJNf20T*r}ELQ8CpayHkI3v=u#aYdgYztqODPa@6(-WtJpCghe~mj<3bx-`;*3
zWO1a?azN8yTX=_8tY3!{!i55W0y!`fW<jeq21xYg$aV1|A4G}f{RT3Dqnl1;PY%Sx
zaa15tBF;%3a5_LL$&U4;opo=&(!XgSxkClN%eCUOFSzT>!ya{i->u)0C9D6-bRExc
zc`F&LwA)IweES=UQ3fQT4+;$(N!RwTz?>oys^LUJ!2}%I?CjCUT}&6iww_;K!(E{E
zxiJ?s@H-HQS1YWb0(uO+Cj60{B)q5fIreL~%kE&CV0{vHc=%4QZmHhBlkt1^SINy^
z;#9qCD3I^-ro2PvFM{5YGu1<AJ8Y`<r9i^|VY_)?I4#8aR|P~=EVUf<1peqZPF**j
zkTeoS+)`Lrt?m1d_q_oCPxDj7Gg?)}Im@hO-dN~2DCI1npsqBPh}X9#zdOkqaYYGy
zw43bMcVJJgLA7NiGb^l6_CIrT>3-(FY&NLY@jboR?75y^{IaNc5$t~T)t`rbrX}xF
z?|4rRGlglWIxb`n<&)M6Fd<VaWd5D3$(fR1HEes8WW~7`V`D4;$ia$qBh&mo{*0fa
zwoN1rD2H?9J&}%!X89NgC9D5%JFWC)V=UwQJ?CK+oE6YJfvAsZzH9drSaM-*PVjvU
zw~IIqa1Mj8QYJ#K=@Il+^Yz{xYDL%cE`0skBK3x1>r<bAOA)$rM*RJ*Z&o+lu+&>t
zKzW@tiK@L7Nvr1pefVfN4_gGe7LiMX*ig7k_90l0&isYP*u3C=@JZm@2cKA3&{|XY
zPSkvS<yp|Q60QUrilYZ<3t1!g1-z_B3Yk}vG(M(IX1a+HnA!_jKT}<MLoshk&eh~E
z`6PK)Imjv1$mz*=yQZ_rALgdf=~&JYE~{;!@@(?YsSFDM_sXdn<V~0FmKV;EG}tjI
zY$_4rE|Yoa=WtCqY6kBV4Qht*B`6h?7I)3z_}b-j7lNjJfB{m=G=)Newg;->;~r=!
z$Z#9zO~n$X>N8&A_bzcIr10Xu&iCO?*x`np$rYj`XDP@!w;Q1}Kan2^H~labbY&^*
zw#7@#Tq;q3%h{wpFIL25M1O-)R5)rHYQJjXKw-Vyab_Lkb|IgM?Ys%ZVEwl1#nGlP
zrM$Q%clS$#h=86Oady}cR`zBVElQozTr7SqVpSui{K^Pb`#)89VkuE}hHasA!EG|_
z0{i%Rf*vWpuZnav6#O(H75j_NODY_QPgkZG__#QLV$uXVciOL<d6J2vVAF8G8=evp
zL_Avb9|uc|8%^=vNNdHwnY1Y$Q{v*pQ*NEt;v*=^OkFA5clTGef5x##^(pL6Hea62
zaW&jGQ^uQ)(01)HR|!wUs;~F{VMR*KLfXL=dVQ+_MaCCcCr>X(Ky?>om&FyqNT)F1
z0e=PoTTL-KQ9ByB3iM89;L>2mYpc)^l}OF(LH?ok!dHk>Tui)X7jG{XKpM4dwe+V%
zT97q<hCdYZ>305QM<gpdz~9z3bMvcDXlg(uCZqt-nboU#A(I`^><uLw88L-Eq@PdQ
z^tNGt&mn;2hhGj^C{nz)XGd&#;M4wcFZTivR71t9({nH=jVGBNz%*LBueC07aa5}`
z{4J{e+cTgIcARv>eGydqjOr`ubkz_BVW-_s`r=#^;9bo2#~RF8^bmGoyuq=Groqum
zgv(F@sXSysHSo6ZYA+ZpF14lyi{NO%sUD^#YZ_HK&$Hvp<nr=WTpNXff9~k;{(oc)
zK!5{GY=k28uUkoLh5Za&U>ojhU##B=jFoptEeXPeNFb*$jDrU<2!uYHOucN~33REl
z2*0Dx?n|TRzf8U2*NQ77A#0g0T6`KYG>p^+PvQ_NCQ;mY-$@{jm-@B=JlsEW-sPcs
zzyc6ATIgu~fsh3y_#V&Ou9sk4fc-orfYvImjXGImQ8ozpUvMt{N`DFIP)p>G?q>J{
zgkpu3mM*c538w}hH=8oE0qkJXn!U}ou2D2TMg%fPc|1Nms-vfsLjvw0IsJr=EUG7#
z%TStElC`nh!n@|=#IrLEN=2%k3N`*QyFtf70xON9aqH2%O&2!@3UfYPhG7$S0Glp_
z`{wdaC*=`mq5lUpID2HCm?k=os%UMQ_HS0RV?H*1oV+$uRmy^}t;l$zy9Lilpn|I=
zG*1tRtWf@C)G`b96z5(zDmNPj!-g}bqLP4rmJ5t2C(2Ex?Og^su3)z<2Fy{VYN;MU
z)K)=zJm~V=W9#|q=l;^;jS*vl06iJDiZpUvAqdz;|4{Y*!9*+Z2%P6_9=+_kWU|$J
z%PbE`<)+~jGq2||#O_eQKklw8HF;ORB1f(N*qFMOqs+c2T{K_3)v@$irWe6frB+?P
z5zFlA!HI!-kO|2DsF(eUR^T+DFDAhpu#~Gl!Y<L=IiV7u<TGFRXRU<yW-Z`}1hp1g
zz((!PfJ_a9oo*kb&+bmoE0p>6#E+BDc#?n8cB6se;d(<K>~pEV?uDrjMY2h??FQ6G
z!VV_3-$k(9ck){&FSRejiV)`e`}_V|pQO(xoZMcwZ5kBq^G&mU<GD9I#x``4Ur00K
zv%@_sr$|4$>lfTFJ6tN;(>WXBTk{M_z`yS+wzSS&Oo}=iUqJ2GYN>g}PMgnd@Xp`U
z<qDf;*~)meK=u8WqbRe|tatQK*VT!;^-vcPz0cjbYcXW6tUlUP#*oi2J9~u+-y_P`
zT&O)^t;McAxOtST67UZ43X3XqRFDK9EB?iyLUCovNHP<1Vr7blmN$n}Lvgn+z%kW2
z1uf{B)9XYrT0cc3bqnU^cM)o?Y=8&Ql75Tvh!Q*!$thTEc5e!Q<3ls&xtsm{*qI<V
zLL?rcX*E${t6KJeIEw!$nP8c4-g8a?gI7qehe+{jsXl1)_NWLl6q>RsD#^-q#B9Nb
zqS}f_+C}784mv)M_XX+~%pimT09o12w;K1Asm`lt<bnR`Cap@i8_lCiRMwy1YvW(H
z;=mI=5oEQa%bO*x?ZALdve?pV1EQnJHFT5YGbo4~5Z0{c)%h%Q<1q~dClefSWMpsV
zOD=(>D0^v2elFuWeEK+x#}|D!Oh`DS5e72jekgUSK%^tmW-N46Ct)fh0EWVzyaNc(
zM>YeJ5+s+40eyO5j@2bI9(ql}mIjJDVcLNEFy02;?XFrzEaQm^rblYyuwlWqe+%9D
z1g$`DvH-QLKrj1Gom>iw?v%V~I7S{v&~UXk)h$Li>I_ZUn{ClUNye2;?(6K3_D^^b
z>SlU)%0f~4V|{b1#y<@&fPmS0IT>no8mEksNf210x%2z89NM;}A@tS=eX~E2^(bsT
zBZU_}a5`gX^EIg}?VAhW6NIjXX8@Aw(H?Mv|K)X~5OB0(cXxTr+Kp}qCDl!L9P>Td
zB~J4rk;F=@$J8uG6BBLNZ7)6$LL{Ri->FCAvR~9Duy4c|AqKh%Sb-bqnQ8`|-+?0(
z{Eg3`(Izm0(IdjYif72Grwvq(sEQU=QmX)1l6}00pzdUGYPl}c;~+gxk;R}g$E9F?
ziM=D>BqZG2Gv!=oE2<w8%gImzF=VBCT!=`BDUpN~6cjShbi5zzNAjSgPyr>fAjFE{
zThPKb9<kmv6`B_TxF7>FR8vcaP3C{`ik|l<6@D2mh1)Ns7a}vvguc2Vk$wDLw5!09
zKxLcOuJ%!L+W5`pF|vM|^*d^tnbX6J7^ln1=D{{k>^dE{s{<)&yMe=_Mxo$&GHP2Z
zRP0&{w@a^d?)_Nono*<xu`-IEYVj1*u>cVxe=cNMj1a>T@Q~Lw7XmwXN@`UQ1H=9{
zx_Md<Wd2asG&d52<85vGaQmCBeW~$UE`6w(Qg-62unh}-W;GdoGi8m#G@_2xYOTez
z%FvUQW^M6iXf><pVxvK|?h`x7+VaKlVpj8sUbEsSCX?b|_hNRjpnvD6QnAhvBhSF;
z#^P;C_O4h4&@`(R#LL3#MQ&+Mbn955Z`3G`6$dj8M@Qk~S=qYP{lfiUU+e0j7LEfE
zmm8(VN&~PLoAptf6fonqF_piBDyELoqXX0fIj&c2=wX`NM+_NTp=`FBn%(1nMYL%P
zXSibKO?fVJ$k*#Ir&yWaZ<92-@2nq7y3iau0N`!5^#VBv)i?OYD2BAF^QIspW{-uf
zGAP$_QYY9OU+t0Ctpyf+;;X{`>nR2!Z|W(5kzy_BznkvNPh?L(!l-_d$?>uq@yEX#
zd5u_A?Kw?1qUi^HB84Q6T`)J|exApLaWFfQ`2S$i|6q3{@c%(T+W+u&<etQTt+W0I
zzasno59a+35=7<wA1wMG<d5?EKUnrZsB1GHz%{|G<M?%%&35ybdoB_)cMH{{Ecw7A
z-Mr=Ngb<@(pu-jmo-tKmoI1iVlz_+cFwYT<(;K~--$asDcuGupOZ664(Sgn(bF4Pb
z9TTgctdpz24Pu}~z2U(nR8J*9SwikAjJ*i6?P?FNAwTKK=fPol7*jv@7Z&^)vB~!n
zV7KQRTtONb1Purc2nYxYNL@i&1NDu0ND~VPh$l8-yo;0Qzp8qSZt;RbAfTO}jKs)4
U4gdcYgOxzsO$uSq^<UNh0|*(R8vp<R

diff --git a/Solutions/Global Secure Access/Package/createUiDefinition.json b/Solutions/Global Secure Access/Package/createUiDefinition.json
index f3d85d5a148..c7c7e00ec0d 100644
--- a/Solutions/Global Secure Access/Package/createUiDefinition.json	
+++ b/Solutions/Global Secure Access/Package/createUiDefinition.json	
@@ -6,7 +6,7 @@
     "config": {
       "isWizard": false,
       "basics": {
-        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/gsa.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Global%20Secure%20Access/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\n[Global Secure Access](https://aka.ms/GlobalSecureAccess) is a [domain solution](https://learn.microsoft.com/en-us/azure/sentinel/sentinel-solutions-catalog#domain-solutions) and does not include any data connectors. The content in this solution requires one of the product solutions below.\n\n**Prerequisite:**\n\nInstall one or more of the listed solutions to unlock the value provided by this solution.\n1. Microsoft Entra ID \n\n**Underlying Microsoft Technologies used:**\n\nThis solution depends on the following technologies, and some of these dependencies may either be in Preview state or might result in additional ingestion or operational costs:\n1. Product solutions as described above\n\n\n**Workbooks:** 2, **Analytic Rules:** 19, **Hunting Queries:** 21\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
+        "description": "<img src=\"https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Logos/gsa.svg\" width=\"75px\" height=\"75px\">\n\n**Note:** Please refer to the following before installing the solution: \n\n• Review the solution [Release Notes](https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Global%20Secure%20Access/ReleaseNotes.md)\n\n • There may be [known issues](https://aka.ms/sentinelsolutionsknownissues) pertaining to this Solution, please refer to them before installing.\n\n[Global Secure Access](https://aka.ms/GlobalSecureAccess) is a [domain solution](https://learn.microsoft.com/en-us/azure/sentinel/sentinel-solutions-catalog#domain-solutions) and does not include any data connectors. The content in this solution requires one of the product solutions below.\n\n**Prerequisite:**\n\nInstall one or more of the listed solutions to unlock the value provided by this solution.\n1. Microsoft Entra ID \n\n**Underlying Microsoft Technologies used:**\n\nThis solution depends on the following technologies, and some of these dependencies may either be in Preview state or might result in additional ingestion or operational costs:\n1. Product solutions as described above\n\n\n**Workbooks:** 2, **Analytic Rules:** 18, **Hunting Queries:** 21\n\n[Learn more about Microsoft Sentinel](https://aka.ms/azuresentinel) | [Learn more about Solutions](https://aka.ms/azuresentinelsolutionsdoc)",
         "subscription": {
           "resourceProviders": [
             "Microsoft.OperationsManagement/solutions",
@@ -150,13 +150,13 @@
           {
             "name": "analytic2",
             "type": "Microsoft.Common.Section",
-            "label": "GSA - Detect IP Address Changes and Overlapping Sessions",
+            "label": "GSA Enriched Office 365 - Exchange AuditLog Disabled",
             "elements": [
               {
                 "name": "analytic2-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "This query identifies network sessions based on DeviceId and UserPrincipalName, then checks for changed IP addresses and overlapping session times."
+                  "text": "Identifies when the Exchange audit logging has been disabled, which may indicate an adversary attempt to evade detection or bypass other defenses."
                 }
               }
             ]
@@ -164,13 +164,13 @@
           {
             "name": "analytic3",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - Exchange AuditLog Disabled",
+            "label": "GSA Enriched Office 365 - Accessed files shared by temporary external user",
             "elements": [
               {
                 "name": "analytic3-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies when the Exchange audit logging has been disabled, which may indicate an adversary attempt to evade detection or bypass other defenses."
+                  "text": "This detection identifies when an external user is added to a Team or Teams chat and shares a file which is accessed by many users (>10) and the users is removed within short period of time. This might be an indicator of suspicious activity."
                 }
               }
             ]
@@ -178,13 +178,13 @@
           {
             "name": "analytic4",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - Accessed files shared by temporary external user",
+            "label": "GSA Enriched Office 365 - External User Added and Removed in Short Timeframe",
             "elements": [
               {
                 "name": "analytic4-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "This detection identifies when an external user is added to a Team or Teams chat and shares a file which is accessed by many users (>10) and the users is removed within short period of time. This might be an indicator of suspicious activity."
+                  "text": "This detection flags the occurrences of external user accounts that are added to a Team and then removed within one hour."
                 }
               }
             ]
@@ -192,13 +192,13 @@
           {
             "name": "analytic5",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - External User Added and Removed in Short Timeframe",
+            "label": "GSA Enriched Office 365 - Mail Redirect via ExO Transport Rule",
             "elements": [
               {
                 "name": "analytic5-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "This detection flags the occurrences of external user accounts that are added to a Team and then removed within one hour."
+                  "text": "Identifies when an Exchange Online transport rule is configured to forward emails.\nThis could indicate an adversary mailbox configured to collect mail from multiple user accounts."
                 }
               }
             ]
@@ -206,13 +206,13 @@
           {
             "name": "analytic6",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - Mail Redirect via ExO Transport Rule",
+            "label": "GSA Enriched Office 365 - Malicious Inbox Rule",
             "elements": [
               {
                 "name": "analytic6-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies when an Exchange Online transport rule is configured to forward emails.\nThis could indicate an adversary mailbox configured to collect mail from multiple user accounts."
+                  "text": "Often times after the initial compromise the attackers create inbox rules to delete emails that contain certain keywords.\nThis is done so as to limit ability to warn compromised users that they've been compromised. Below is a sample query that tries to detect this.\nReference: https://www.reddit.com/r/sysadmin/comments/7kyp0a/recent_phishing_attempts_my_experience_and_what/"
                 }
               }
             ]
@@ -220,13 +220,13 @@
           {
             "name": "analytic7",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - Malicious Inbox Rule",
+            "label": "GSA Enriched Office 365 - Multiple Teams deleted by a single user",
             "elements": [
               {
                 "name": "analytic7-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Often times after the initial compromise the attackers create inbox rules to delete emails that contain certain keywords.\nThis is done so as to limit ability to warn compromised users that they've been compromised. Below is a sample query that tries to detect this.\nReference: https://www.reddit.com/r/sysadmin/comments/7kyp0a/recent_phishing_attempts_my_experience_and_what/"
+                  "text": "This detection flags the occurrences of deleting multiple teams within a day.\nThis data is a part of Office 365 Connector in Microsoft Sentinel."
                 }
               }
             ]
@@ -234,13 +234,13 @@
           {
             "name": "analytic8",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - Multiple Teams deleted by a single user",
+            "label": "GSA Enriched Office 365 - Multiple Users Email Forwarded to Same Destination",
             "elements": [
               {
                 "name": "analytic8-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "This detection flags the occurrences of deleting multiple teams within a day.\nThis data is a part of Office 365 Connector in Microsoft Sentinel."
+                  "text": "Identifies when multiple (more than one) users' mailboxes are configured to forward to the same destination. \nThis could be an attacker-controlled destination mailbox configured to collect mail from multiple compromised user accounts."
                 }
               }
             ]
@@ -248,13 +248,13 @@
           {
             "name": "analytic9",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - Multiple Users Email Forwarded to Same Destination",
+            "label": "GSA Enriched Office 365 - Office Policy Tampering",
             "elements": [
               {
                 "name": "analytic9-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies when multiple (more than one) users' mailboxes are configured to forward to the same destination. \nThis could be an attacker-controlled destination mailbox configured to collect mail from multiple compromised user accounts."
+                  "text": "Identifies if any tampering is done to either audit log, ATP Safelink, SafeAttachment, AntiPhish, or Dlp policy. \nAn adversary may use this technique to evade detection or avoid other policy-based defenses.\nReferences: https://docs.microsoft.com/powershell/module/exchange/advanced-threat-protection/remove-antiphishrule?view=exchange-ps."
                 }
               }
             ]
@@ -262,13 +262,13 @@
           {
             "name": "analytic10",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - Office Policy Tampering",
+            "label": "GSA Enriched Office 365 - New Executable via Office FileUploaded Operation",
             "elements": [
               {
                 "name": "analytic10-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies if any tampering is done to either audit log, ATP Safelink, SafeAttachment, AntiPhish, or Dlp policy. \nAn adversary may use this technique to evade detection or avoid other policy-based defenses.\nReferences: https://docs.microsoft.com/powershell/module/exchange/advanced-threat-protection/remove-antiphishrule?view=exchange-ps."
+                  "text": "Identifies when executable file types are uploaded to Office services such as SharePoint and OneDrive.\nList currently includes exe, inf, gzip, cmd, bat file extensions.\nAdditionally, identifies when a given user is uploading these files to another user's workspace.\nThis may be an indication of a staging location for malware or other malicious activity."
                 }
               }
             ]
@@ -276,13 +276,13 @@
           {
             "name": "analytic11",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - New Executable via Office FileUploaded Operation",
+            "label": "GSA Enriched Office 365 - Rare and Potentially High-Risk Office Operations",
             "elements": [
               {
                 "name": "analytic11-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies when executable file types are uploaded to Office services such as SharePoint and OneDrive.\nList currently includes exe, inf, gzip, cmd, bat file extensions.\nAdditionally, identifies when a given user is uploading these files to another user's workspace.\nThis may be an indication of a staging location for malware or other malicious activity."
+                  "text": "Identifies Office operations that are typically rare and can provide capabilities useful to attackers."
                 }
               }
             ]
@@ -290,13 +290,13 @@
           {
             "name": "analytic12",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - Rare and Potentially High-Risk Office Operations",
+            "label": "GSA Enriched Office 365 - SharePoint File Operation via Previously Unseen IPs",
             "elements": [
               {
                 "name": "analytic12-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies Office operations that are typically rare and can provide capabilities useful to attackers."
+                  "text": "Identifies anomalies using user behavior by setting a threshold for significant changes in file upload/download activities from new IP addresses. It establishes a baseline of typical behavior, compares it to recent activity, and flags deviations exceeding a default threshold of 25."
                 }
               }
             ]
@@ -304,13 +304,13 @@
           {
             "name": "analytic13",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - SharePoint File Operation via Previously Unseen IPs",
+            "label": "GSA Enriched Office 365 - SharePointFileOperation via devices with previously unseen user agents",
             "elements": [
               {
                 "name": "analytic13-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies anomalies using user behavior by setting a threshold for significant changes in file upload/download activities from new IP addresses. It establishes a baseline of typical behavior, compares it to recent activity, and flags deviations exceeding a default threshold of 25."
+                  "text": "Identifies anomalies if the number of documents uploaded or downloaded from device(s) associated with a previously unseen user agent exceeds a threshold (default is 5) and deviation (default is 25%)."
                 }
               }
             ]
@@ -318,13 +318,13 @@
           {
             "name": "analytic14",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - SharePointFileOperation via devices with previously unseen user agents",
+            "label": "GSA Enriched Office 365 - Sharepoint File Transfer Above Threshold",
             "elements": [
               {
                 "name": "analytic14-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies anomalies if the number of documents uploaded or downloaded from device(s) associated with a previously unseen user agent exceeds a threshold (default is 5) and deviation (default is 25%)."
+                  "text": "Identifies Office365 SharePoint file transfers above a certain threshold in a 15-minute time period.\nPlease note that entity mapping for arrays is not supported, so when there is a single value in an array, we will pull that value from the array as a single string to populate the entity to support entity mapping features within Sentinel. Additionally, if the array is multivalued, we will input a string to indicate this with a unique hash so that matching will not occur."
                 }
               }
             ]
@@ -338,7 +338,7 @@
                 "name": "analytic15-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies Office365 SharePoint file transfers above a certain threshold in a 15-minute time period.\nPlease note that entity mapping for arrays is not supported, so when there is a single value in an array, we will pull that value from the array as a single string to populate the entity to support entity mapping features within Sentinel. Additionally, if the array is multivalued, we will input a string to indicate this with a unique hash so that matching will not occur."
+                  "text": "Identifies Office365 SharePoint file transfers with a distinct folder count above a certain threshold in a 15-minute time period. Please note that entity mapping for arrays is not supported, so when there is a single value in an array, we will pull that value from the array as a single string to populate the entity to support entity mapping features within Sentinel. Additionally, if the array is multivalued, we will input a string to indicate this with a unique hash so that matching will not occur."
                 }
               }
             ]
@@ -346,13 +346,13 @@
           {
             "name": "analytic16",
             "type": "Microsoft.Common.Section",
-            "label": "GSA Enriched Office 365 - Sharepoint File Transfer Above Threshold",
+            "label": "GSA - Detect Abnormal Deny Rate for Source to Destination IP",
             "elements": [
               {
                 "name": "analytic16-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies Office365 SharePoint file transfers with a distinct folder count above a certain threshold in a 15-minute time period. Please note that entity mapping for arrays is not supported, so when there is a single value in an array, we will pull that value from the array as a single string to populate the entity to support entity mapping features within Sentinel. Additionally, if the array is multivalued, we will input a string to indicate this with a unique hash so that matching will not occur."
+                  "text": "Identifies abnormal deny rate for specific source IP to destination IP based on the normal average and standard deviation learned during a configured period. This can indicate potential exfiltration, initial access, or C2, where an attacker tries to exploit the same vulnerability on machines in the organization but is being blocked by firewall rules.\n\nConfigurable Parameters:\n    - minimumOfStdsThreshold: The number of stds to use in the threshold calculation. Default is set to 3.\n    - learningPeriodTime: Learning period for threshold calculation in days. Default is set to 5.\n    - binTime: Learning buckets time in hours. Default is set to 1 hour.\n    - minimumThreshold: Minimum threshold for alert. Default is set to 5.\n    - minimumBucketThreshold: Minimum learning buckets threshold for alert. Default is set to 5."
                 }
               }
             ]
@@ -360,13 +360,13 @@
           {
             "name": "analytic17",
             "type": "Microsoft.Common.Section",
-            "label": "GSA - Detect Abnormal Deny Rate for Source to Destination IP",
+            "label": "GSA - Detect Protocol Changes for Destination Ports",
             "elements": [
               {
                 "name": "analytic17-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies abnormal deny rate for specific source IP to destination IP based on the normal average and standard deviation learned during a configured period. This can indicate potential exfiltration, initial access, or C2, where an attacker tries to exploit the same vulnerability on machines in the organization but is being blocked by firewall rules."
+                  "text": "Identifies changes in the protocol used for specific destination ports, comparing the current runtime with a learned baseline.\nThis can indicate potential protocol misuse or configuration changes.\nConfigurable Parameters:\n- Learning period: The time range to establish the baseline. Default is set to 7 days.\n- Run time: The time range for current analysis. Default is set to 1 day."
                 }
               }
             ]
@@ -374,27 +374,13 @@
           {
             "name": "analytic18",
             "type": "Microsoft.Common.Section",
-            "label": "GSA - Detect Protocol Changes for Destination Ports",
-            "elements": [
-              {
-                "name": "analytic18-text",
-                "type": "Microsoft.Common.TextBlock",
-                "options": {
-                  "text": "Identifies changes in the protocol used for specific destination ports, comparing the current runtime with a learned baseline. This can indicate potential protocol misuse or configuration changes."
-                }
-              }
-            ]
-          },
-          {
-            "name": "analytic19",
-            "type": "Microsoft.Common.Section",
             "label": "GSA - Detect Source IP Scanning Multiple Open Ports",
             "elements": [
               {
-                "name": "analytic19-text",
+                "name": "analytic18-text",
                 "type": "Microsoft.Common.TextBlock",
                 "options": {
-                  "text": "Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access."
+                  "text": "Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access.\n  Configurable Parameters:\n  - Port scan time - the time range to look for multiple ports scanned. Default is set to 30 seconds.\n  - Minimum different ports threshold - alert only if more than this number of ports scanned. Default is set to 100."
                 }
               }
             ]
diff --git a/Solutions/Global Secure Access/Package/mainTemplate.json b/Solutions/Global Secure Access/Package/mainTemplate.json
index 4f1d323bb5b..f866ea7d3d5 100644
--- a/Solutions/Global Secure Access/Package/mainTemplate.json	
+++ b/Solutions/Global Secure Access/Package/mainTemplate.json	
@@ -66,137 +66,130 @@
     "_workbookContentId2": "[variables('workbookContentId2')]",
     "_workbookcontentProductId2": "[concat(take(variables('_solutionId'),50),'-','wb','-', uniqueString(concat(variables('_solutionId'),'-','Workbook','-',variables('_workbookContentId2'),'-', variables('workbookVersion2'))))]",
     "analyticRuleObject1": {
-      "analyticRuleVersion1": "1.0.1",
+      "analyticRuleVersion1": "1.0.2",
       "_analyticRulecontentId1": "4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa",
       "analyticRuleId1": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa')]",
       "analyticRuleTemplateSpecName1": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa')))]",
-      "_analyticRulecontentProductId1": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa','-', '1.0.1')))]"
+      "_analyticRulecontentProductId1": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','4c9f0a9e-44d7-4c9b-b7f0-f6a6e0d8f8fa','-', '1.0.2')))]"
     },
     "analyticRuleObject2": {
-      "analyticRuleVersion2": "1.0.2",
-      "_analyticRulecontentId2": "57abf863-1c1e-46c6-85b2-35370b712c1e",
-      "analyticRuleId2": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '57abf863-1c1e-46c6-85b2-35370b712c1e')]",
-      "analyticRuleTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('57abf863-1c1e-46c6-85b2-35370b712c1e')))]",
-      "_analyticRulecontentProductId2": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','57abf863-1c1e-46c6-85b2-35370b712c1e','-', '1.0.2')))]"
+      "analyticRuleVersion2": "2.0.8",
+      "_analyticRulecontentId2": "dc451755-8ab3-4059-b805-e454c45d1d44",
+      "analyticRuleId2": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'dc451755-8ab3-4059-b805-e454c45d1d44')]",
+      "analyticRuleTemplateSpecName2": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('dc451755-8ab3-4059-b805-e454c45d1d44')))]",
+      "_analyticRulecontentProductId2": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','dc451755-8ab3-4059-b805-e454c45d1d44','-', '2.0.8')))]"
     },
     "analyticRuleObject3": {
-      "analyticRuleVersion3": "2.0.8",
-      "_analyticRulecontentId3": "dc451755-8ab3-4059-b805-e454c45d1d44",
-      "analyticRuleId3": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'dc451755-8ab3-4059-b805-e454c45d1d44')]",
-      "analyticRuleTemplateSpecName3": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('dc451755-8ab3-4059-b805-e454c45d1d44')))]",
-      "_analyticRulecontentProductId3": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','dc451755-8ab3-4059-b805-e454c45d1d44','-', '2.0.8')))]"
+      "analyticRuleVersion3": "2.1.4",
+      "_analyticRulecontentId3": "4d38f80f-6b7d-4a1f-aeaf-e38df637e6ac",
+      "analyticRuleId3": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '4d38f80f-6b7d-4a1f-aeaf-e38df637e6ac')]",
+      "analyticRuleTemplateSpecName3": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('4d38f80f-6b7d-4a1f-aeaf-e38df637e6ac')))]",
+      "_analyticRulecontentProductId3": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','4d38f80f-6b7d-4a1f-aeaf-e38df637e6ac','-', '2.1.4')))]"
     },
     "analyticRuleObject4": {
       "analyticRuleVersion4": "2.1.4",
-      "_analyticRulecontentId4": "4d38f80f-6b7d-4a1f-aeaf-e38df637e6ac",
-      "analyticRuleId4": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '4d38f80f-6b7d-4a1f-aeaf-e38df637e6ac')]",
-      "analyticRuleTemplateSpecName4": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('4d38f80f-6b7d-4a1f-aeaf-e38df637e6ac')))]",
-      "_analyticRulecontentProductId4": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','4d38f80f-6b7d-4a1f-aeaf-e38df637e6ac','-', '2.1.4')))]"
+      "_analyticRulecontentId4": "1a8f1297-23a4-4f09-a20b-90af8fc3641a",
+      "analyticRuleId4": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '1a8f1297-23a4-4f09-a20b-90af8fc3641a')]",
+      "analyticRuleTemplateSpecName4": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('1a8f1297-23a4-4f09-a20b-90af8fc3641a')))]",
+      "_analyticRulecontentProductId4": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','1a8f1297-23a4-4f09-a20b-90af8fc3641a','-', '2.1.4')))]"
     },
     "analyticRuleObject5": {
-      "analyticRuleVersion5": "2.1.4",
-      "_analyticRulecontentId5": "1a8f1297-23a4-4f09-a20b-90af8fc3641a",
-      "analyticRuleId5": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '1a8f1297-23a4-4f09-a20b-90af8fc3641a')]",
-      "analyticRuleTemplateSpecName5": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('1a8f1297-23a4-4f09-a20b-90af8fc3641a')))]",
-      "_analyticRulecontentProductId5": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','1a8f1297-23a4-4f09-a20b-90af8fc3641a','-', '2.1.4')))]"
+      "analyticRuleVersion5": "2.1.5",
+      "_analyticRulecontentId5": "edcfc2e0-3134-434c-8074-9101c530d419",
+      "analyticRuleId5": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'edcfc2e0-3134-434c-8074-9101c530d419')]",
+      "analyticRuleTemplateSpecName5": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('edcfc2e0-3134-434c-8074-9101c530d419')))]",
+      "_analyticRulecontentProductId5": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','edcfc2e0-3134-434c-8074-9101c530d419','-', '2.1.5')))]"
     },
     "analyticRuleObject6": {
-      "analyticRuleVersion6": "2.1.5",
-      "_analyticRulecontentId6": "edcfc2e0-3134-434c-8074-9101c530d419",
-      "analyticRuleId6": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'edcfc2e0-3134-434c-8074-9101c530d419')]",
-      "analyticRuleTemplateSpecName6": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('edcfc2e0-3134-434c-8074-9101c530d419')))]",
-      "_analyticRulecontentProductId6": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','edcfc2e0-3134-434c-8074-9101c530d419','-', '2.1.5')))]"
+      "analyticRuleVersion6": "2.0.6",
+      "_analyticRulecontentId6": "a9c76c8d-f60d-49ec-9b1f-bdfee6db3807",
+      "analyticRuleId6": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'a9c76c8d-f60d-49ec-9b1f-bdfee6db3807')]",
+      "analyticRuleTemplateSpecName6": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('a9c76c8d-f60d-49ec-9b1f-bdfee6db3807')))]",
+      "_analyticRulecontentProductId6": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','a9c76c8d-f60d-49ec-9b1f-bdfee6db3807','-', '2.0.6')))]"
     },
     "analyticRuleObject7": {
       "analyticRuleVersion7": "2.0.6",
-      "_analyticRulecontentId7": "a9c76c8d-f60d-49ec-9b1f-bdfee6db3807",
-      "analyticRuleId7": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'a9c76c8d-f60d-49ec-9b1f-bdfee6db3807')]",
-      "analyticRuleTemplateSpecName7": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('a9c76c8d-f60d-49ec-9b1f-bdfee6db3807')))]",
-      "_analyticRulecontentProductId7": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','a9c76c8d-f60d-49ec-9b1f-bdfee6db3807','-', '2.0.6')))]"
+      "_analyticRulecontentId7": "db60e4b6-a845-4f28-a18c-94ebbaad6c6c",
+      "analyticRuleId7": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'db60e4b6-a845-4f28-a18c-94ebbaad6c6c')]",
+      "analyticRuleTemplateSpecName7": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('db60e4b6-a845-4f28-a18c-94ebbaad6c6c')))]",
+      "_analyticRulecontentProductId7": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','db60e4b6-a845-4f28-a18c-94ebbaad6c6c','-', '2.0.6')))]"
     },
     "analyticRuleObject8": {
-      "analyticRuleVersion8": "2.0.6",
-      "_analyticRulecontentId8": "db60e4b6-a845-4f28-a18c-94ebbaad6c6c",
-      "analyticRuleId8": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'db60e4b6-a845-4f28-a18c-94ebbaad6c6c')]",
-      "analyticRuleTemplateSpecName8": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('db60e4b6-a845-4f28-a18c-94ebbaad6c6c')))]",
-      "_analyticRulecontentProductId8": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','db60e4b6-a845-4f28-a18c-94ebbaad6c6c','-', '2.0.6')))]"
+      "analyticRuleVersion8": "2.0.5",
+      "_analyticRulecontentId8": "d75e8289-d1cb-44d4-bd59-2f44a9172478",
+      "analyticRuleId8": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'd75e8289-d1cb-44d4-bd59-2f44a9172478')]",
+      "analyticRuleTemplateSpecName8": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('d75e8289-d1cb-44d4-bd59-2f44a9172478')))]",
+      "_analyticRulecontentProductId8": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','d75e8289-d1cb-44d4-bd59-2f44a9172478','-', '2.0.5')))]"
     },
     "analyticRuleObject9": {
-      "analyticRuleVersion9": "2.0.5",
-      "_analyticRulecontentId9": "d75e8289-d1cb-44d4-bd59-2f44a9172478",
-      "analyticRuleId9": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'd75e8289-d1cb-44d4-bd59-2f44a9172478')]",
-      "analyticRuleTemplateSpecName9": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('d75e8289-d1cb-44d4-bd59-2f44a9172478')))]",
-      "_analyticRulecontentProductId9": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','d75e8289-d1cb-44d4-bd59-2f44a9172478','-', '2.0.5')))]"
+      "analyticRuleVersion9": "2.0.6",
+      "_analyticRulecontentId9": "0f1f2b17-f9d6-4d2a-a0fb-a7ae1659e3eb",
+      "analyticRuleId9": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '0f1f2b17-f9d6-4d2a-a0fb-a7ae1659e3eb')]",
+      "analyticRuleTemplateSpecName9": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('0f1f2b17-f9d6-4d2a-a0fb-a7ae1659e3eb')))]",
+      "_analyticRulecontentProductId9": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','0f1f2b17-f9d6-4d2a-a0fb-a7ae1659e3eb','-', '2.0.6')))]"
     },
     "analyticRuleObject10": {
-      "analyticRuleVersion10": "2.0.6",
-      "_analyticRulecontentId10": "0f1f2b17-f9d6-4d2a-a0fb-a7ae1659e3eb",
-      "analyticRuleId10": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '0f1f2b17-f9d6-4d2a-a0fb-a7ae1659e3eb')]",
-      "analyticRuleTemplateSpecName10": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('0f1f2b17-f9d6-4d2a-a0fb-a7ae1659e3eb')))]",
-      "_analyticRulecontentProductId10": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','0f1f2b17-f9d6-4d2a-a0fb-a7ae1659e3eb','-', '2.0.6')))]"
+      "analyticRuleVersion10": "2.0.7",
+      "_analyticRulecontentId10": "178c62b4-d5e5-40f5-8eab-7fccd0051e7a",
+      "analyticRuleId10": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '178c62b4-d5e5-40f5-8eab-7fccd0051e7a')]",
+      "analyticRuleTemplateSpecName10": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('178c62b4-d5e5-40f5-8eab-7fccd0051e7a')))]",
+      "_analyticRulecontentProductId10": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','178c62b4-d5e5-40f5-8eab-7fccd0051e7a','-', '2.0.7')))]"
     },
     "analyticRuleObject11": {
       "analyticRuleVersion11": "2.0.7",
-      "_analyticRulecontentId11": "178c62b4-d5e5-40f5-8eab-7fccd0051e7a",
-      "analyticRuleId11": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '178c62b4-d5e5-40f5-8eab-7fccd0051e7a')]",
-      "analyticRuleTemplateSpecName11": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('178c62b4-d5e5-40f5-8eab-7fccd0051e7a')))]",
-      "_analyticRulecontentProductId11": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','178c62b4-d5e5-40f5-8eab-7fccd0051e7a','-', '2.0.7')))]"
+      "_analyticRulecontentId11": "433c254d-4b84-46f7-99ec-9dfefb5f6a7b",
+      "analyticRuleId11": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '433c254d-4b84-46f7-99ec-9dfefb5f6a7b')]",
+      "analyticRuleTemplateSpecName11": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('433c254d-4b84-46f7-99ec-9dfefb5f6a7b')))]",
+      "_analyticRulecontentProductId11": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','433c254d-4b84-46f7-99ec-9dfefb5f6a7b','-', '2.0.7')))]"
     },
     "analyticRuleObject12": {
-      "analyticRuleVersion12": "2.0.7",
-      "_analyticRulecontentId12": "433c254d-4b84-46f7-99ec-9dfefb5f6a7b",
-      "analyticRuleId12": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '433c254d-4b84-46f7-99ec-9dfefb5f6a7b')]",
-      "analyticRuleTemplateSpecName12": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('433c254d-4b84-46f7-99ec-9dfefb5f6a7b')))]",
-      "_analyticRulecontentProductId12": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','433c254d-4b84-46f7-99ec-9dfefb5f6a7b','-', '2.0.7')))]"
+      "analyticRuleVersion12": "2.0.6",
+      "_analyticRulecontentId12": "7460e34e-4c99-47b2-b7c0-c42e339fc586",
+      "analyticRuleId12": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '7460e34e-4c99-47b2-b7c0-c42e339fc586')]",
+      "analyticRuleTemplateSpecName12": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('7460e34e-4c99-47b2-b7c0-c42e339fc586')))]",
+      "_analyticRulecontentProductId12": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','7460e34e-4c99-47b2-b7c0-c42e339fc586','-', '2.0.6')))]"
     },
     "analyticRuleObject13": {
-      "analyticRuleVersion13": "2.0.6",
-      "_analyticRulecontentId13": "7460e34e-4c99-47b2-b7c0-c42e339fc586",
-      "analyticRuleId13": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '7460e34e-4c99-47b2-b7c0-c42e339fc586')]",
-      "analyticRuleTemplateSpecName13": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('7460e34e-4c99-47b2-b7c0-c42e339fc586')))]",
-      "_analyticRulecontentProductId13": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','7460e34e-4c99-47b2-b7c0-c42e339fc586','-', '2.0.6')))]"
+      "analyticRuleVersion13": "2.2.6",
+      "_analyticRulecontentId13": "efd17c5f-5167-40f8-a1e9-0818940785d9",
+      "analyticRuleId13": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'efd17c5f-5167-40f8-a1e9-0818940785d9')]",
+      "analyticRuleTemplateSpecName13": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('efd17c5f-5167-40f8-a1e9-0818940785d9')))]",
+      "_analyticRulecontentProductId13": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','efd17c5f-5167-40f8-a1e9-0818940785d9','-', '2.2.6')))]"
     },
     "analyticRuleObject14": {
-      "analyticRuleVersion14": "2.2.6",
-      "_analyticRulecontentId14": "efd17c5f-5167-40f8-a1e9-0818940785d9",
-      "analyticRuleId14": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'efd17c5f-5167-40f8-a1e9-0818940785d9')]",
-      "analyticRuleTemplateSpecName14": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('efd17c5f-5167-40f8-a1e9-0818940785d9')))]",
-      "_analyticRulecontentProductId14": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','efd17c5f-5167-40f8-a1e9-0818940785d9','-', '2.2.6')))]"
+      "analyticRuleVersion14": "1.0.6",
+      "_analyticRulecontentId14": "30375d00-68cc-4f95-b89a-68064d566358",
+      "analyticRuleId14": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '30375d00-68cc-4f95-b89a-68064d566358')]",
+      "analyticRuleTemplateSpecName14": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('30375d00-68cc-4f95-b89a-68064d566358')))]",
+      "_analyticRulecontentProductId14": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','30375d00-68cc-4f95-b89a-68064d566358','-', '1.0.6')))]"
     },
     "analyticRuleObject15": {
-      "analyticRuleVersion15": "1.0.6",
-      "_analyticRulecontentId15": "30375d00-68cc-4f95-b89a-68064d566358",
-      "analyticRuleId15": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '30375d00-68cc-4f95-b89a-68064d566358')]",
-      "analyticRuleTemplateSpecName15": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('30375d00-68cc-4f95-b89a-68064d566358')))]",
-      "_analyticRulecontentProductId15": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','30375d00-68cc-4f95-b89a-68064d566358','-', '1.0.6')))]"
+      "analyticRuleVersion15": "2.0.8",
+      "_analyticRulecontentId15": "abd6976d-8f71-4851-98c4-4d086201319c",
+      "analyticRuleId15": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'abd6976d-8f71-4851-98c4-4d086201319c')]",
+      "analyticRuleTemplateSpecName15": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('abd6976d-8f71-4851-98c4-4d086201319c')))]",
+      "_analyticRulecontentProductId15": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','abd6976d-8f71-4851-98c4-4d086201319c','-', '2.0.8')))]"
     },
     "analyticRuleObject16": {
-      "analyticRuleVersion16": "2.0.8",
-      "_analyticRulecontentId16": "abd6976d-8f71-4851-98c4-4d086201319c",
-      "analyticRuleId16": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'abd6976d-8f71-4851-98c4-4d086201319c')]",
-      "analyticRuleTemplateSpecName16": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('abd6976d-8f71-4851-98c4-4d086201319c')))]",
-      "_analyticRulecontentProductId16": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','abd6976d-8f71-4851-98c4-4d086201319c','-', '2.0.8')))]"
+      "analyticRuleVersion16": "1.0.2",
+      "_analyticRulecontentId16": "e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b",
+      "analyticRuleId16": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b')]",
+      "analyticRuleTemplateSpecName16": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b')))]",
+      "_analyticRulecontentProductId16": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b','-', '1.0.2')))]"
     },
     "analyticRuleObject17": {
-      "analyticRuleVersion17": "1.0.1",
-      "_analyticRulecontentId17": "e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b",
-      "analyticRuleId17": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b')]",
-      "analyticRuleTemplateSpecName17": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b')))]",
-      "_analyticRulecontentProductId17": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','e3b6a9e7-4c3a-45e6-8baf-1d3bfa8e0c2b','-', '1.0.1')))]"
+      "analyticRuleVersion17": "1.0.2",
+      "_analyticRulecontentId17": "f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a",
+      "analyticRuleId17": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a')]",
+      "analyticRuleTemplateSpecName17": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a')))]",
+      "_analyticRulecontentProductId17": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a','-', '1.0.2')))]"
     },
     "analyticRuleObject18": {
-      "analyticRuleVersion18": "1.0.1",
-      "_analyticRulecontentId18": "f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a",
-      "analyticRuleId18": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 'f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a')]",
-      "analyticRuleTemplateSpecName18": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a')))]",
-      "_analyticRulecontentProductId18": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','f6a8d6a5-3e9f-47c8-a8d5-1b2b9d3b7d6a','-', '1.0.1')))]"
-    },
-    "analyticRuleObject19": {
-      "analyticRuleVersion19": "1.0.1",
-      "_analyticRulecontentId19": "82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1",
-      "analyticRuleId19": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1')]",
-      "analyticRuleTemplateSpecName19": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1')))]",
-      "_analyticRulecontentProductId19": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1','-', '1.0.1')))]"
+      "analyticRuleVersion18": "1.0.2",
+      "_analyticRulecontentId18": "82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1",
+      "analyticRuleId18": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', '82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1')]",
+      "analyticRuleTemplateSpecName18": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat(parameters('workspace'),'-ar-',uniquestring('82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1')))]",
+      "_analyticRulecontentProductId18": "[concat(take(variables('_solutionId'),50),'-','ar','-', uniqueString(concat(variables('_solutionId'),'-','AnalyticsRule','-','82cfa6b9-5f7e-4b8b-8b2f-a63f21b7a7d1','-', '1.0.2')))]"
     },
     "huntingQueryObject1": {
       "huntingQueryVersion1": "2.0.3",
@@ -500,7 +493,7 @@
                 "description": "This query identifies connections that occur outside of the defined operational hours. It helps in monitoring and flagging any unusual activity that may occur during non-business hours, indicating potential security concerns or policy violations.",
                 "displayName": "GSA - Detect Connections Outside Operational Hours",
                 "enabled": false,
-                "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet operational_start_hour = 8; // Start of operational hours (8 AM)\nlet operational_end_hour = 18; // End of operational hours (6 PM)\nNetworkAccessTraffic\n| where TimeGenerated between(starttime .. endtime)\n| extend HourOfDay = datetime_part('hour', TimeGenerated)\n| where HourOfDay < operational_start_hour or HourOfDay >= operational_end_hour\n| project TimeGenerated, UserPrincipalName, SourceIp, DestinationIp, DestinationPort, Action, DeviceId, DeviceOperatingSystem, ConnectionId\n| extend IPCustomEntity = SourceIp, AccountCustomEntity = UserPrincipalName\n",
+                "query": "let starttime = todatetime('{{StartTimeISO}}');\nlet endtime = todatetime('{{EndTimeISO}}');\nlet operational_start_hour = 8; // Start of operational hours (8 AM)\nlet operational_end_hour = 18; // End of operational hours (6 PM)\nNetworkAccessTraffic\n| where TimeGenerated between (starttime .. endtime)\n| extend HourOfDay = datetime_part('hour', TimeGenerated)\n| where HourOfDay < operational_start_hour or HourOfDay >= operational_end_hour\n| project TimeGenerated, UserPrincipalName, SourceIp, DestinationIp, DestinationPort, Action, DeviceId, DeviceOperatingSystem, ConnectionId\n| extend IPCustomEntity = SourceIp, AccountCustomEntity = UserPrincipalName\n",
                 "queryFrequency": "PT1H",
                 "queryPeriod": "PT24H",
                 "severity": "High",
@@ -513,7 +506,7 @@
                   {
                     "connectorId": "AzureActiveDirectory",
                     "dataTypes": [
-                      "EnrichedMicrosoft365AuditLogs"
+                      "NetworkAccessTrafficLogs"
                     ]
                   }
                 ],
@@ -526,22 +519,22 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountCustomEntity"
+                        "columnName": "AccountCustomEntity",
+                        "identifier": "Name"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "IPCustomEntity"
+                        "columnName": "IPCustomEntity",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   }
                 ]
               }
@@ -597,7 +590,7 @@
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
       ],
       "properties": {
-        "description": "Identity - SharedSessions_AnalyticalRules Analytics Rule with template version 3.0.0",
+        "description": "Office 365 - exchange_auditlogdisabled_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
           "contentVersion": "[variables('analyticRuleObject2').analyticRuleVersion2]",
@@ -610,120 +603,6 @@
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
-              "properties": {
-                "description": "This query identifies network sessions based on DeviceId and UserPrincipalName, then checks for changed IP addresses and overlapping session times.",
-                "displayName": "GSA - Detect IP Address Changes and Overlapping Sessions",
-                "enabled": false,
-                "query": "// Identify sessions\nlet sessions = \n  NetworkAccessTraffic\n  | summarize \n      StartTime = min(TimeGenerated), \n      EndTime = max(TimeGenerated), \n      SourceIps = make_set(SourceIp) \n    by DeviceId, UserPrincipalName, SessionId\n  | sort by StartTime asc;\n// Check for changed IP addresses and overlapping session times\nsessions\n  | extend PreviousSourceIps = prev(SourceIps, 1)\n  | extend PreviousEndTime = prev(EndTime, 1)\n  | extend PreviousDeviceId = prev(DeviceId, 1)\n  | extend PreviousUserPrincipalName = prev(UserPrincipalName, 1)\n  | where DeviceId == PreviousDeviceId \n        and UserPrincipalName == PreviousUserPrincipalName\n  | where array_length(set_difference(SourceIps, PreviousSourceIps)) > 0 // Check if the current and previous IP sets differ\n  | where PreviousEndTime > StartTime // Check for overlapping session times\n  | project \n      DeviceId, \n      UserPrincipalName, \n      SourceIps, \n      PreviousSourceIps, \n      StartTime, \n      EndTime, \n      PreviousEndTime\n  | extend \n      IPCustomEntity = tostring(array_slice(SourceIps, 0, 1)[0]), \n      PreviousIPCustomEntity = tostring(array_slice(PreviousSourceIps, 0, 1)[0]), \n      AccountCustomEntity = UserPrincipalName\n",
-                "queryFrequency": "PT1H",
-                "queryPeriod": "PT24H",
-                "severity": "High",
-                "suppressionDuration": "PT1H",
-                "suppressionEnabled": false,
-                "triggerOperator": "GreaterThan",
-                "triggerThreshold": 0,
-                "status": "Available",
-                "requiredDataConnectors": [
-                  {
-                    "connectorId": "AzureActiveDirectory",
-                    "dataTypes": [
-                      "EnrichedMicrosoft365AuditLogs"
-                    ]
-                  }
-                ],
-                "tactics": [
-                  "InitialAccess"
-                ],
-                "techniques": [
-                  "T1078",
-                  "T1133"
-                ],
-                "entityMappings": [
-                  {
-                    "entityType": "Account",
-                    "fieldMappings": [
-                      {
-                        "identifier": "Name",
-                        "columnName": "AccountCustomEntity"
-                      }
-                    ]
-                  },
-                  {
-                    "entityType": "IP",
-                    "fieldMappings": [
-                      {
-                        "identifier": "Address",
-                        "columnName": "IPCustomEntity"
-                      }
-                    ]
-                  }
-                ]
-              }
-            },
-            {
-              "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
-              "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject2').analyticRuleId2,'/'))))]",
-              "properties": {
-                "description": "Global Secure Access Analytics Rule 2",
-                "parentId": "[variables('analyticRuleObject2').analyticRuleId2]",
-                "contentId": "[variables('analyticRuleObject2')._analyticRulecontentId2]",
-                "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject2').analyticRuleVersion2]",
-                "source": {
-                  "kind": "Solution",
-                  "name": "Global Secure Access",
-                  "sourceId": "[variables('_solutionId')]"
-                },
-                "author": {
-                  "name": "Microsoft",
-                  "email": "[variables('_email')]"
-                },
-                "support": {
-                  "tier": "Partner",
-                  "name": "Microsoft Corporation",
-                  "email": "GSASentinelSupport@microsoft.com",
-                  "link": "https://learn.microsoft.com/en-us/entra/global-secure-access/overview-what-is-global-secure-access"
-                }
-              }
-            }
-          ]
-        },
-        "packageKind": "Solution",
-        "packageVersion": "[variables('_solutionVersion')]",
-        "packageName": "[variables('_solutionName')]",
-        "packageId": "[variables('_solutionId')]",
-        "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject2')._analyticRulecontentId2]",
-        "contentKind": "AnalyticsRule",
-        "displayName": "GSA - Detect IP Address Changes and Overlapping Sessions",
-        "contentProductId": "[variables('analyticRuleObject2')._analyticRulecontentProductId2]",
-        "id": "[variables('analyticRuleObject2')._analyticRulecontentProductId2]",
-        "version": "[variables('analyticRuleObject2').analyticRuleVersion2]"
-      }
-    },
-    {
-      "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
-      "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject3').analyticRuleTemplateSpecName3]",
-      "location": "[parameters('workspace-location')]",
-      "dependsOn": [
-        "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
-      ],
-      "properties": {
-        "description": "Office 365 - exchange_auditlogdisabled_AnalyticalRules Analytics Rule with template version 3.0.0",
-        "mainTemplate": {
-          "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject3').analyticRuleVersion3]",
-          "parameters": {},
-          "variables": {},
-          "resources": [
-            {
-              "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject3')._analyticRulecontentId3]",
-              "apiVersion": "2023-02-01-preview",
-              "kind": "Scheduled",
-              "location": "[parameters('workspace-location')]",
               "properties": {
                 "description": "Identifies when the Exchange audit logging has been disabled, which may indicate an adversary attempt to evade detection or bypass other defenses.",
                 "displayName": "GSA Enriched Office 365 - Exchange AuditLog Disabled",
@@ -759,30 +638,30 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIP"
+                        "columnName": "ClientIP",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   }
                 ]
               }
@@ -790,13 +669,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject3').analyticRuleId3,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject2').analyticRuleId2,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 3",
-                "parentId": "[variables('analyticRuleObject3').analyticRuleId3]",
-                "contentId": "[variables('analyticRuleObject3')._analyticRulecontentId3]",
+                "description": "Global Secure Access Analytics Rule 2",
+                "parentId": "[variables('analyticRuleObject2').analyticRuleId2]",
+                "contentId": "[variables('analyticRuleObject2')._analyticRulecontentId2]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject3').analyticRuleVersion3]",
+                "version": "[variables('analyticRuleObject2').analyticRuleVersion2]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -821,18 +700,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject3')._analyticRulecontentId3]",
+        "contentId": "[variables('analyticRuleObject2')._analyticRulecontentId2]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - Exchange AuditLog Disabled",
-        "contentProductId": "[variables('analyticRuleObject3')._analyticRulecontentProductId3]",
-        "id": "[variables('analyticRuleObject3')._analyticRulecontentProductId3]",
-        "version": "[variables('analyticRuleObject3').analyticRuleVersion3]"
+        "contentProductId": "[variables('analyticRuleObject2')._analyticRulecontentProductId2]",
+        "id": "[variables('analyticRuleObject2')._analyticRulecontentProductId2]",
+        "version": "[variables('analyticRuleObject2').analyticRuleVersion2]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject4').analyticRuleTemplateSpecName4]",
+      "name": "[variables('analyticRuleObject3').analyticRuleTemplateSpecName3]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -841,13 +720,13 @@
         "description": "Office 365 - External User added to Team and immediately uploads file_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject4').analyticRuleVersion4]",
+          "contentVersion": "[variables('analyticRuleObject3').analyticRuleVersion3]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject4')._analyticRulecontentId4]",
+              "name": "[variables('analyticRuleObject3')._analyticRulecontentId3]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -886,55 +765,55 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "MemberAdded"
+                        "columnName": "MemberAdded",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "MemberAddedAccountName"
+                        "columnName": "MemberAddedAccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "MemberAddedAccountUPNSuffix"
+                        "columnName": "MemberAddedAccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserWhoAdded"
+                        "columnName": "UserWhoAdded",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "UserWhoAddedAccountName"
+                        "columnName": "UserWhoAddedAccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "UserWhoAddedAccountUPNSuffix"
+                        "columnName": "UserWhoAddedAccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserWhoDeleted"
+                        "columnName": "UserWhoDeleted",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "UserWhoDeletedAccountName"
+                        "columnName": "UserWhoDeletedAccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "UserWhoDeletedAccountUPNSuffix"
+                        "columnName": "UserWhoDeletedAccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   }
                 ]
               }
@@ -942,13 +821,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject4').analyticRuleId4,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject3').analyticRuleId3,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 4",
-                "parentId": "[variables('analyticRuleObject4').analyticRuleId4]",
-                "contentId": "[variables('analyticRuleObject4')._analyticRulecontentId4]",
+                "description": "Global Secure Access Analytics Rule 3",
+                "parentId": "[variables('analyticRuleObject3').analyticRuleId3]",
+                "contentId": "[variables('analyticRuleObject3')._analyticRulecontentId3]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject4').analyticRuleVersion4]",
+                "version": "[variables('analyticRuleObject3').analyticRuleVersion3]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -973,18 +852,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject4')._analyticRulecontentId4]",
+        "contentId": "[variables('analyticRuleObject3')._analyticRulecontentId3]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - Accessed files shared by temporary external user",
-        "contentProductId": "[variables('analyticRuleObject4')._analyticRulecontentProductId4]",
-        "id": "[variables('analyticRuleObject4')._analyticRulecontentProductId4]",
-        "version": "[variables('analyticRuleObject4').analyticRuleVersion4]"
+        "contentProductId": "[variables('analyticRuleObject3')._analyticRulecontentProductId3]",
+        "id": "[variables('analyticRuleObject3')._analyticRulecontentProductId3]",
+        "version": "[variables('analyticRuleObject3').analyticRuleVersion3]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject5').analyticRuleTemplateSpecName5]",
+      "name": "[variables('analyticRuleObject4').analyticRuleTemplateSpecName4]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -993,13 +872,13 @@
         "description": "Office 365 - ExternalUserAddedRemovedInTeams_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject5').analyticRuleVersion5]",
+          "contentVersion": "[variables('analyticRuleObject4').analyticRuleVersion4]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject5')._analyticRulecontentId5]",
+              "name": "[variables('analyticRuleObject4')._analyticRulecontentId4]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -1038,64 +917,64 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "MemberAdded_Removed"
+                        "columnName": "MemberAdded_Removed",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "MemberAdded_RemovedAccountName"
+                        "columnName": "MemberAdded_RemovedAccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "MemberAdded_RemovedAccountUPNSuffix"
+                        "columnName": "MemberAdded_RemovedAccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserWhoAdded"
+                        "columnName": "UserWhoAdded",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "UserWhoAddedAccountName"
+                        "columnName": "UserWhoAddedAccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "UserWhoAddedAccountUPNSuffix"
+                        "columnName": "UserWhoAddedAccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserWhoDeleted"
+                        "columnName": "UserWhoDeleted",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "UserWhoDeletedAccountName"
+                        "columnName": "UserWhoDeletedAccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "UserWhoDeletedAccountUPNSuffix"
+                        "columnName": "UserWhoDeletedAccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIP"
+                        "columnName": "ClientIP",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   }
                 ]
               }
@@ -1103,13 +982,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject5').analyticRuleId5,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject4').analyticRuleId4,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 5",
-                "parentId": "[variables('analyticRuleObject5').analyticRuleId5]",
-                "contentId": "[variables('analyticRuleObject5')._analyticRulecontentId5]",
+                "description": "Global Secure Access Analytics Rule 4",
+                "parentId": "[variables('analyticRuleObject4').analyticRuleId4]",
+                "contentId": "[variables('analyticRuleObject4')._analyticRulecontentId4]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject5').analyticRuleVersion5]",
+                "version": "[variables('analyticRuleObject4').analyticRuleVersion4]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -1134,18 +1013,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject5')._analyticRulecontentId5]",
+        "contentId": "[variables('analyticRuleObject4')._analyticRulecontentId4]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - External User Added and Removed in Short Timeframe",
-        "contentProductId": "[variables('analyticRuleObject5')._analyticRulecontentProductId5]",
-        "id": "[variables('analyticRuleObject5')._analyticRulecontentProductId5]",
-        "version": "[variables('analyticRuleObject5').analyticRuleVersion5]"
+        "contentProductId": "[variables('analyticRuleObject4')._analyticRulecontentProductId4]",
+        "id": "[variables('analyticRuleObject4')._analyticRulecontentProductId4]",
+        "version": "[variables('analyticRuleObject4').analyticRuleVersion4]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject6').analyticRuleTemplateSpecName6]",
+      "name": "[variables('analyticRuleObject5').analyticRuleTemplateSpecName5]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -1154,13 +1033,13 @@
         "description": "Office 365 - Mail_redirect_via_ExO_transport_rule_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject6').analyticRuleVersion6]",
+          "contentVersion": "[variables('analyticRuleObject5').analyticRuleVersion5]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject6')._analyticRulecontentId6]",
+              "name": "[variables('analyticRuleObject5')._analyticRulecontentId5]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -1201,30 +1080,30 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "IPAddress"
+                        "columnName": "IPAddress",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   }
                 ]
               }
@@ -1232,13 +1111,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject6').analyticRuleId6,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject5').analyticRuleId5,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 6",
-                "parentId": "[variables('analyticRuleObject6').analyticRuleId6]",
-                "contentId": "[variables('analyticRuleObject6')._analyticRulecontentId6]",
+                "description": "Global Secure Access Analytics Rule 5",
+                "parentId": "[variables('analyticRuleObject5').analyticRuleId5]",
+                "contentId": "[variables('analyticRuleObject5')._analyticRulecontentId5]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject6').analyticRuleVersion6]",
+                "version": "[variables('analyticRuleObject5').analyticRuleVersion5]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -1263,18 +1142,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject6')._analyticRulecontentId6]",
+        "contentId": "[variables('analyticRuleObject5')._analyticRulecontentId5]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - Mail Redirect via ExO Transport Rule",
-        "contentProductId": "[variables('analyticRuleObject6')._analyticRulecontentProductId6]",
-        "id": "[variables('analyticRuleObject6')._analyticRulecontentProductId6]",
-        "version": "[variables('analyticRuleObject6').analyticRuleVersion6]"
+        "contentProductId": "[variables('analyticRuleObject5')._analyticRulecontentProductId5]",
+        "id": "[variables('analyticRuleObject5')._analyticRulecontentProductId5]",
+        "version": "[variables('analyticRuleObject5').analyticRuleVersion5]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject7').analyticRuleTemplateSpecName7]",
+      "name": "[variables('analyticRuleObject6').analyticRuleTemplateSpecName6]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -1283,13 +1162,13 @@
         "description": "Office 365 - Malicious_Inbox_Rule_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject7').analyticRuleVersion7]",
+          "contentVersion": "[variables('analyticRuleObject6').analyticRuleVersion6]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject7')._analyticRulecontentId7]",
+              "name": "[variables('analyticRuleObject6')._analyticRulecontentId6]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -1330,30 +1209,30 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIPAddress"
+                        "columnName": "ClientIPAddress",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   }
                 ]
               }
@@ -1361,13 +1240,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject7').analyticRuleId7,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject6').analyticRuleId6,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 7",
-                "parentId": "[variables('analyticRuleObject7').analyticRuleId7]",
-                "contentId": "[variables('analyticRuleObject7')._analyticRulecontentId7]",
+                "description": "Global Secure Access Analytics Rule 6",
+                "parentId": "[variables('analyticRuleObject6').analyticRuleId6]",
+                "contentId": "[variables('analyticRuleObject6')._analyticRulecontentId6]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject7').analyticRuleVersion7]",
+                "version": "[variables('analyticRuleObject6').analyticRuleVersion6]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -1392,18 +1271,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject7')._analyticRulecontentId7]",
+        "contentId": "[variables('analyticRuleObject6')._analyticRulecontentId6]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - Malicious Inbox Rule",
-        "contentProductId": "[variables('analyticRuleObject7')._analyticRulecontentProductId7]",
-        "id": "[variables('analyticRuleObject7')._analyticRulecontentProductId7]",
-        "version": "[variables('analyticRuleObject7').analyticRuleVersion7]"
+        "contentProductId": "[variables('analyticRuleObject6')._analyticRulecontentProductId6]",
+        "id": "[variables('analyticRuleObject6')._analyticRulecontentProductId6]",
+        "version": "[variables('analyticRuleObject6').analyticRuleVersion6]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject8').analyticRuleTemplateSpecName8]",
+      "name": "[variables('analyticRuleObject7').analyticRuleTemplateSpecName7]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -1412,13 +1291,13 @@
         "description": "Office 365 - MultipleTeamsDeletes_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject8').analyticRuleVersion8]",
+          "contentVersion": "[variables('analyticRuleObject7').analyticRuleVersion7]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject8')._analyticRulecontentId8]",
+              "name": "[variables('analyticRuleObject7')._analyticRulecontentId7]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -1458,21 +1337,21 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   }
                 ]
               }
@@ -1480,13 +1359,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject8').analyticRuleId8,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject7').analyticRuleId7,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 8",
-                "parentId": "[variables('analyticRuleObject8').analyticRuleId8]",
-                "contentId": "[variables('analyticRuleObject8')._analyticRulecontentId8]",
+                "description": "Global Secure Access Analytics Rule 7",
+                "parentId": "[variables('analyticRuleObject7').analyticRuleId7]",
+                "contentId": "[variables('analyticRuleObject7')._analyticRulecontentId7]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject8').analyticRuleVersion8]",
+                "version": "[variables('analyticRuleObject7').analyticRuleVersion7]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -1511,18 +1390,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject8')._analyticRulecontentId8]",
+        "contentId": "[variables('analyticRuleObject7')._analyticRulecontentId7]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - Multiple Teams deleted by a single user",
-        "contentProductId": "[variables('analyticRuleObject8')._analyticRulecontentProductId8]",
-        "id": "[variables('analyticRuleObject8')._analyticRulecontentProductId8]",
-        "version": "[variables('analyticRuleObject8').analyticRuleVersion8]"
+        "contentProductId": "[variables('analyticRuleObject7')._analyticRulecontentProductId7]",
+        "id": "[variables('analyticRuleObject7')._analyticRulecontentProductId7]",
+        "version": "[variables('analyticRuleObject7').analyticRuleVersion7]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject9').analyticRuleTemplateSpecName9]",
+      "name": "[variables('analyticRuleObject8').analyticRuleTemplateSpecName8]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -1531,13 +1410,13 @@
         "description": "Office 365 - Office_MailForwarding_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject9').analyticRuleVersion9]",
+          "contentVersion": "[variables('analyticRuleObject8').analyticRuleVersion8]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject9')._analyticRulecontentId9]",
+              "name": "[variables('analyticRuleObject8')._analyticRulecontentId8]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -1578,30 +1457,30 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIP"
+                        "columnName": "ClientIP",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   }
                 ]
               }
@@ -1609,13 +1488,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject9').analyticRuleId9,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject8').analyticRuleId8,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 9",
-                "parentId": "[variables('analyticRuleObject9').analyticRuleId9]",
-                "contentId": "[variables('analyticRuleObject9')._analyticRulecontentId9]",
+                "description": "Global Secure Access Analytics Rule 8",
+                "parentId": "[variables('analyticRuleObject8').analyticRuleId8]",
+                "contentId": "[variables('analyticRuleObject8')._analyticRulecontentId8]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject9').analyticRuleVersion9]",
+                "version": "[variables('analyticRuleObject8').analyticRuleVersion8]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -1640,18 +1519,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject9')._analyticRulecontentId9]",
+        "contentId": "[variables('analyticRuleObject8')._analyticRulecontentId8]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - Multiple Users Email Forwarded to Same Destination",
-        "contentProductId": "[variables('analyticRuleObject9')._analyticRulecontentProductId9]",
-        "id": "[variables('analyticRuleObject9')._analyticRulecontentProductId9]",
-        "version": "[variables('analyticRuleObject9').analyticRuleVersion9]"
+        "contentProductId": "[variables('analyticRuleObject8')._analyticRulecontentProductId8]",
+        "id": "[variables('analyticRuleObject8')._analyticRulecontentProductId8]",
+        "version": "[variables('analyticRuleObject8').analyticRuleVersion8]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject10').analyticRuleTemplateSpecName10]",
+      "name": "[variables('analyticRuleObject9').analyticRuleTemplateSpecName9]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -1660,13 +1539,13 @@
         "description": "Office 365 - office_policytampering_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject10').analyticRuleVersion10]",
+          "contentVersion": "[variables('analyticRuleObject9').analyticRuleVersion9]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject10')._analyticRulecontentId10]",
+              "name": "[variables('analyticRuleObject9')._analyticRulecontentId9]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -1707,30 +1586,30 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIP"
+                        "columnName": "ClientIP",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   }
                 ]
               }
@@ -1738,13 +1617,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject10').analyticRuleId10,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject9').analyticRuleId9,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 10",
-                "parentId": "[variables('analyticRuleObject10').analyticRuleId10]",
-                "contentId": "[variables('analyticRuleObject10')._analyticRulecontentId10]",
+                "description": "Global Secure Access Analytics Rule 9",
+                "parentId": "[variables('analyticRuleObject9').analyticRuleId9]",
+                "contentId": "[variables('analyticRuleObject9')._analyticRulecontentId9]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject10').analyticRuleVersion10]",
+                "version": "[variables('analyticRuleObject9').analyticRuleVersion9]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -1769,18 +1648,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject10')._analyticRulecontentId10]",
+        "contentId": "[variables('analyticRuleObject9')._analyticRulecontentId9]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - Office Policy Tampering",
-        "contentProductId": "[variables('analyticRuleObject10')._analyticRulecontentProductId10]",
-        "id": "[variables('analyticRuleObject10')._analyticRulecontentProductId10]",
-        "version": "[variables('analyticRuleObject10').analyticRuleVersion10]"
+        "contentProductId": "[variables('analyticRuleObject9')._analyticRulecontentProductId9]",
+        "id": "[variables('analyticRuleObject9')._analyticRulecontentProductId9]",
+        "version": "[variables('analyticRuleObject9').analyticRuleVersion9]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject11').analyticRuleTemplateSpecName11]",
+      "name": "[variables('analyticRuleObject10').analyticRuleTemplateSpecName10]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -1789,13 +1668,13 @@
         "description": "Office 365 - Office_Uploaded_Executables_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject11').analyticRuleVersion11]",
+          "contentVersion": "[variables('analyticRuleObject10').analyticRuleVersion10]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject11')._analyticRulecontentId11]",
+              "name": "[variables('analyticRuleObject10')._analyticRulecontentId10]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -1836,48 +1715,48 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIP"
+                        "columnName": "ClientIP",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   },
                   {
-                    "entityType": "URL",
                     "fieldMappings": [
                       {
-                        "identifier": "Url",
-                        "columnName": "Site_Url"
+                        "columnName": "Site_Url",
+                        "identifier": "Url"
                       }
-                    ]
+                    ],
+                    "entityType": "URL"
                   },
                   {
-                    "entityType": "File",
                     "fieldMappings": [
                       {
-                        "identifier": "Name",
-                        "columnName": "FileNames"
+                        "columnName": "FileNames",
+                        "identifier": "Name"
                       }
-                    ]
+                    ],
+                    "entityType": "File"
                   }
                 ]
               }
@@ -1885,13 +1764,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject11').analyticRuleId11,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject10').analyticRuleId10,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 11",
-                "parentId": "[variables('analyticRuleObject11').analyticRuleId11]",
-                "contentId": "[variables('analyticRuleObject11')._analyticRulecontentId11]",
+                "description": "Global Secure Access Analytics Rule 10",
+                "parentId": "[variables('analyticRuleObject10').analyticRuleId10]",
+                "contentId": "[variables('analyticRuleObject10')._analyticRulecontentId10]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject11').analyticRuleVersion11]",
+                "version": "[variables('analyticRuleObject10').analyticRuleVersion10]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -1916,18 +1795,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject11')._analyticRulecontentId11]",
+        "contentId": "[variables('analyticRuleObject10')._analyticRulecontentId10]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - New Executable via Office FileUploaded Operation",
-        "contentProductId": "[variables('analyticRuleObject11')._analyticRulecontentProductId11]",
-        "id": "[variables('analyticRuleObject11')._analyticRulecontentProductId11]",
-        "version": "[variables('analyticRuleObject11').analyticRuleVersion11]"
+        "contentProductId": "[variables('analyticRuleObject10')._analyticRulecontentProductId10]",
+        "id": "[variables('analyticRuleObject10')._analyticRulecontentProductId10]",
+        "version": "[variables('analyticRuleObject10').analyticRuleVersion10]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject12').analyticRuleTemplateSpecName12]",
+      "name": "[variables('analyticRuleObject11').analyticRuleTemplateSpecName11]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -1936,13 +1815,13 @@
         "description": "Office 365 - RareOfficeOperations_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject12').analyticRuleVersion12]",
+          "contentVersion": "[variables('analyticRuleObject11').analyticRuleVersion11]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject12')._analyticRulecontentId12]",
+              "name": "[variables('analyticRuleObject11')._analyticRulecontentId11]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -1983,30 +1862,30 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIPOnly"
+                        "columnName": "ClientIPOnly",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   }
                 ]
               }
@@ -2014,13 +1893,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject12').analyticRuleId12,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject11').analyticRuleId11,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 12",
-                "parentId": "[variables('analyticRuleObject12').analyticRuleId12]",
-                "contentId": "[variables('analyticRuleObject12')._analyticRulecontentId12]",
+                "description": "Global Secure Access Analytics Rule 11",
+                "parentId": "[variables('analyticRuleObject11').analyticRuleId11]",
+                "contentId": "[variables('analyticRuleObject11')._analyticRulecontentId11]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject12').analyticRuleVersion12]",
+                "version": "[variables('analyticRuleObject11').analyticRuleVersion11]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -2045,18 +1924,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject12')._analyticRulecontentId12]",
+        "contentId": "[variables('analyticRuleObject11')._analyticRulecontentId11]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - Rare and Potentially High-Risk Office Operations",
-        "contentProductId": "[variables('analyticRuleObject12')._analyticRulecontentProductId12]",
-        "id": "[variables('analyticRuleObject12')._analyticRulecontentProductId12]",
-        "version": "[variables('analyticRuleObject12').analyticRuleVersion12]"
+        "contentProductId": "[variables('analyticRuleObject11')._analyticRulecontentProductId11]",
+        "id": "[variables('analyticRuleObject11')._analyticRulecontentProductId11]",
+        "version": "[variables('analyticRuleObject11').analyticRuleVersion11]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject13').analyticRuleTemplateSpecName13]",
+      "name": "[variables('analyticRuleObject12').analyticRuleTemplateSpecName12]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -2065,13 +1944,13 @@
         "description": "Office 365 - SharePoint_Downloads_byNewIP_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject13').analyticRuleVersion13]",
+          "contentVersion": "[variables('analyticRuleObject12').analyticRuleVersion12]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject13')._analyticRulecontentId13]",
+              "name": "[variables('analyticRuleObject12')._analyticRulecontentId12]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -2110,39 +1989,39 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIP"
+                        "columnName": "ClientIP",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   },
                   {
-                    "entityType": "URL",
                     "fieldMappings": [
                       {
-                        "identifier": "Url",
-                        "columnName": "Site_Url"
+                        "columnName": "Site_Url",
+                        "identifier": "Url"
                       }
-                    ]
+                    ],
+                    "entityType": "URL"
                   }
                 ]
               }
@@ -2150,13 +2029,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject13').analyticRuleId13,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject12').analyticRuleId12,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 13",
-                "parentId": "[variables('analyticRuleObject13').analyticRuleId13]",
-                "contentId": "[variables('analyticRuleObject13')._analyticRulecontentId13]",
+                "description": "Global Secure Access Analytics Rule 12",
+                "parentId": "[variables('analyticRuleObject12').analyticRuleId12]",
+                "contentId": "[variables('analyticRuleObject12')._analyticRulecontentId12]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject13').analyticRuleVersion13]",
+                "version": "[variables('analyticRuleObject12').analyticRuleVersion12]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -2181,18 +2060,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject13')._analyticRulecontentId13]",
+        "contentId": "[variables('analyticRuleObject12')._analyticRulecontentId12]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - SharePoint File Operation via Previously Unseen IPs",
-        "contentProductId": "[variables('analyticRuleObject13')._analyticRulecontentProductId13]",
-        "id": "[variables('analyticRuleObject13')._analyticRulecontentProductId13]",
-        "version": "[variables('analyticRuleObject13').analyticRuleVersion13]"
+        "contentProductId": "[variables('analyticRuleObject12')._analyticRulecontentProductId12]",
+        "id": "[variables('analyticRuleObject12')._analyticRulecontentProductId12]",
+        "version": "[variables('analyticRuleObject12').analyticRuleVersion12]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject14').analyticRuleTemplateSpecName14]",
+      "name": "[variables('analyticRuleObject13').analyticRuleTemplateSpecName13]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -2201,13 +2080,13 @@
         "description": "Office 365 - SharePoint_Downloads_byNewUserAgent_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject14').analyticRuleVersion14]",
+          "contentVersion": "[variables('analyticRuleObject13').analyticRuleVersion13]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject14')._analyticRulecontentId14]",
+              "name": "[variables('analyticRuleObject13')._analyticRulecontentId13]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -2246,39 +2125,39 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "UserIdName"
+                        "columnName": "UserIdName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "UserIdUPNSuffix"
+                        "columnName": "UserIdUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIP"
+                        "columnName": "ClientIP",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   },
                   {
-                    "entityType": "URL",
                     "fieldMappings": [
                       {
-                        "identifier": "Url",
-                        "columnName": "Site_Url"
+                        "columnName": "Site_Url",
+                        "identifier": "Url"
                       }
-                    ]
+                    ],
+                    "entityType": "URL"
                   }
                 ]
               }
@@ -2286,13 +2165,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject14').analyticRuleId14,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject13').analyticRuleId13,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 14",
-                "parentId": "[variables('analyticRuleObject14').analyticRuleId14]",
-                "contentId": "[variables('analyticRuleObject14')._analyticRulecontentId14]",
+                "description": "Global Secure Access Analytics Rule 13",
+                "parentId": "[variables('analyticRuleObject13').analyticRuleId13]",
+                "contentId": "[variables('analyticRuleObject13')._analyticRulecontentId13]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject14').analyticRuleVersion14]",
+                "version": "[variables('analyticRuleObject13').analyticRuleVersion13]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -2317,18 +2196,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject14')._analyticRulecontentId14]",
+        "contentId": "[variables('analyticRuleObject13')._analyticRulecontentId13]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - SharePointFileOperation via devices with previously unseen user agents",
-        "contentProductId": "[variables('analyticRuleObject14')._analyticRulecontentProductId14]",
-        "id": "[variables('analyticRuleObject14')._analyticRulecontentProductId14]",
-        "version": "[variables('analyticRuleObject14').analyticRuleVersion14]"
+        "contentProductId": "[variables('analyticRuleObject13')._analyticRulecontentProductId13]",
+        "id": "[variables('analyticRuleObject13')._analyticRulecontentProductId13]",
+        "version": "[variables('analyticRuleObject13').analyticRuleVersion13]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject15').analyticRuleTemplateSpecName15]",
+      "name": "[variables('analyticRuleObject14').analyticRuleTemplateSpecName14]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -2337,13 +2216,13 @@
         "description": "Office 365 - sharepoint_file_transfer_above_threshold_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject15').analyticRuleVersion15]",
+          "contentVersion": "[variables('analyticRuleObject14').analyticRuleVersion14]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject15')._analyticRulecontentId15]",
+              "name": "[variables('analyticRuleObject14')._analyticRulecontentId14]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -2382,39 +2261,39 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIP"
+                        "columnName": "ClientIP",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   },
                   {
-                    "entityType": "File",
                     "fieldMappings": [
                       {
-                        "identifier": "Name",
-                        "columnName": "FileSample"
+                        "columnName": "FileSample",
+                        "identifier": "Name"
                       }
-                    ]
+                    ],
+                    "entityType": "File"
                   }
                 ],
                 "customDetails": {
@@ -2424,9 +2303,9 @@
                 "incidentConfiguration": {
                   "createIncident": true,
                   "groupingConfiguration": {
+                    "lookbackDuration": "PT5H",
                     "reopenClosedIncident": false,
                     "matchingMethod": "Selected",
-                    "lookbackDuration": "PT5H",
                     "groupByEntities": [
                       "Account"
                     ],
@@ -2438,13 +2317,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject15').analyticRuleId15,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject14').analyticRuleId14,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 15",
-                "parentId": "[variables('analyticRuleObject15').analyticRuleId15]",
-                "contentId": "[variables('analyticRuleObject15')._analyticRulecontentId15]",
+                "description": "Global Secure Access Analytics Rule 14",
+                "parentId": "[variables('analyticRuleObject14').analyticRuleId14]",
+                "contentId": "[variables('analyticRuleObject14')._analyticRulecontentId14]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject15').analyticRuleVersion15]",
+                "version": "[variables('analyticRuleObject14').analyticRuleVersion14]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -2469,18 +2348,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject15')._analyticRulecontentId15]",
+        "contentId": "[variables('analyticRuleObject14')._analyticRulecontentId14]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - Sharepoint File Transfer Above Threshold",
-        "contentProductId": "[variables('analyticRuleObject15')._analyticRulecontentProductId15]",
-        "id": "[variables('analyticRuleObject15')._analyticRulecontentProductId15]",
-        "version": "[variables('analyticRuleObject15').analyticRuleVersion15]"
+        "contentProductId": "[variables('analyticRuleObject14')._analyticRulecontentProductId14]",
+        "id": "[variables('analyticRuleObject14')._analyticRulecontentProductId14]",
+        "version": "[variables('analyticRuleObject14').analyticRuleVersion14]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject16').analyticRuleTemplateSpecName16]",
+      "name": "[variables('analyticRuleObject15').analyticRuleTemplateSpecName15]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -2489,13 +2368,13 @@
         "description": "Office 365 - sharepoint_file_transfer_folders_above_threshold_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject16').analyticRuleVersion16]",
+          "contentVersion": "[variables('analyticRuleObject15').analyticRuleVersion15]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject16')._analyticRulecontentId16]",
+              "name": "[variables('analyticRuleObject15')._analyticRulecontentId15]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
@@ -2534,39 +2413,39 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "Account",
                     "fieldMappings": [
                       {
-                        "identifier": "FullName",
-                        "columnName": "UserId"
+                        "columnName": "UserId",
+                        "identifier": "FullName"
                       },
                       {
-                        "identifier": "Name",
-                        "columnName": "AccountName"
+                        "columnName": "AccountName",
+                        "identifier": "Name"
                       },
                       {
-                        "identifier": "UPNSuffix",
-                        "columnName": "AccountUPNSuffix"
+                        "columnName": "AccountUPNSuffix",
+                        "identifier": "UPNSuffix"
                       }
-                    ]
+                    ],
+                    "entityType": "Account"
                   },
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "ClientIP"
+                        "columnName": "ClientIP",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   },
                   {
-                    "entityType": "File",
                     "fieldMappings": [
                       {
-                        "identifier": "Name",
-                        "columnName": "FileSample"
+                        "columnName": "FileSample",
+                        "identifier": "Name"
                       }
-                    ]
+                    ],
+                    "entityType": "File"
                   }
                 ],
                 "customDetails": {
@@ -2576,9 +2455,9 @@
                 "incidentConfiguration": {
                   "createIncident": true,
                   "groupingConfiguration": {
+                    "lookbackDuration": "PT5H",
                     "reopenClosedIncident": false,
                     "matchingMethod": "Selected",
-                    "lookbackDuration": "PT5H",
                     "groupByEntities": [
                       "Account"
                     ],
@@ -2590,13 +2469,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject16').analyticRuleId16,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject15').analyticRuleId15,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 16",
-                "parentId": "[variables('analyticRuleObject16').analyticRuleId16]",
-                "contentId": "[variables('analyticRuleObject16')._analyticRulecontentId16]",
+                "description": "Global Secure Access Analytics Rule 15",
+                "parentId": "[variables('analyticRuleObject15').analyticRuleId15]",
+                "contentId": "[variables('analyticRuleObject15')._analyticRulecontentId15]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject16').analyticRuleVersion16]",
+                "version": "[variables('analyticRuleObject15').analyticRuleVersion15]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -2621,18 +2500,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject16')._analyticRulecontentId16]",
+        "contentId": "[variables('analyticRuleObject15')._analyticRulecontentId15]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA Enriched Office 365 - Sharepoint File Transfer Above Threshold",
-        "contentProductId": "[variables('analyticRuleObject16')._analyticRulecontentProductId16]",
-        "id": "[variables('analyticRuleObject16')._analyticRulecontentProductId16]",
-        "version": "[variables('analyticRuleObject16').analyticRuleVersion16]"
+        "contentProductId": "[variables('analyticRuleObject15')._analyticRulecontentProductId15]",
+        "id": "[variables('analyticRuleObject15')._analyticRulecontentProductId15]",
+        "version": "[variables('analyticRuleObject15').analyticRuleVersion15]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject17').analyticRuleTemplateSpecName17]",
+      "name": "[variables('analyticRuleObject16').analyticRuleTemplateSpecName16]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -2641,21 +2520,21 @@
         "description": "SWG - Abnormal Deny Rate_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject17').analyticRuleVersion17]",
+          "contentVersion": "[variables('analyticRuleObject16').analyticRuleVersion16]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject17')._analyticRulecontentId17]",
+              "name": "[variables('analyticRuleObject16')._analyticRulecontentId16]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
               "properties": {
-                "description": "Identifies abnormal deny rate for specific source IP to destination IP based on the normal average and standard deviation learned during a configured period. This can indicate potential exfiltration, initial access, or C2, where an attacker tries to exploit the same vulnerability on machines in the organization but is being blocked by firewall rules.",
+                "description": "Identifies abnormal deny rate for specific source IP to destination IP based on the normal average and standard deviation learned during a configured period. This can indicate potential exfiltration, initial access, or C2, where an attacker tries to exploit the same vulnerability on machines in the organization but is being blocked by firewall rules.\n\nConfigurable Parameters:\n    - minimumOfStdsThreshold: The number of stds to use in the threshold calculation. Default is set to 3.\n    - learningPeriodTime: Learning period for threshold calculation in days. Default is set to 5.\n    - binTime: Learning buckets time in hours. Default is set to 1 hour.\n    - minimumThreshold: Minimum threshold for alert. Default is set to 5.\n    - minimumBucketThreshold: Minimum learning buckets threshold for alert. Default is set to 5.",
                 "displayName": "GSA - Detect Abnormal Deny Rate for Source to Destination IP",
                 "enabled": false,
-                "query": "let NumOfStdsThreshold = 3;\nlet LearningPeriod = 5d;\nlet BinTime = 1h;\nlet MinThreshold = 5.0;\nlet MinLearningBuckets = 5;\nlet TrafficLogs = NetworkAccessTraffic\n  | where Action == 'Denied'\n  | where isnotempty(DestinationIp) and isnotempty(SourceIp);\nlet LearningSrcIpDenyRate = TrafficLogs\n  | where TimeGenerated between (ago(LearningPeriod + 1d) .. ago(1d))\n  | summarize count() by SourceIp, bin(TimeGenerated, BinTime), DestinationIp\n  | summarize LearningTimeSrcIpDenyRateAvg = avg(count_), LearningTimeSrcIpDenyRateStd = stdev(count_), LearningTimeBuckets = count() by SourceIp, DestinationIp\n  | where LearningTimeBuckets > MinLearningBuckets;\nlet AlertTimeSrcIpDenyRate = TrafficLogs\n  | where TimeGenerated between (ago(1h) .. now())\n  | summarize AlertTimeSrcIpDenyRateCount = count() by SourceIp, DestinationIp;\nAlertTimeSrcIpDenyRate\n  | join kind=leftouter (LearningSrcIpDenyRate) on SourceIp, DestinationIp\n  | extend LearningThreshold = max_of(LearningTimeSrcIpDenyRateAvg + NumOfStdsThreshold * LearningTimeSrcIpDenyRateStd, MinThreshold)\n  | where AlertTimeSrcIpDenyRateCount > LearningThreshold\n  | project SourceIp, DestinationIp, AlertTimeSrcIpDenyRateCount, LearningThreshold    \n",
+                "query": "let NumOfStdsThreshold = 3;\nlet LearningPeriod = 5d;\nlet BinTime = 1h;\nlet MinThreshold = 5.0;\nlet MinLearningBuckets = 5;\nlet TrafficLogs = NetworkAccessTraffic\n  | where Action == \"Denied\"\n  | where isnotempty(DestinationIp) and isnotempty(SourceIp);\nlet LearningSrcIpDenyRate = TrafficLogs\n  | where TimeGenerated between (ago(LearningPeriod + 1d) .. ago(1d))\n  | summarize count_ = count() by SourceIp, bin(TimeGenerated, BinTime), DestinationIp\n  | summarize LearningTimeSrcIpDenyRateAvg = avg(count_), LearningTimeSrcIpDenyRateStd = stdev(count_), LearningTimeBuckets = count() by SourceIp, DestinationIp\n  | where LearningTimeBuckets > MinLearningBuckets;\nlet AlertTimeSrcIpDenyRate = TrafficLogs\n  | where TimeGenerated between (ago(1h) .. now())\n  | summarize AlertTimeSrcIpDenyRateCount = count() by SourceIp, DestinationIp;\nAlertTimeSrcIpDenyRate\n  | join kind=leftouter (LearningSrcIpDenyRate) on SourceIp, DestinationIp\n  | extend LearningThreshold = max_of(LearningTimeSrcIpDenyRateAvg + NumOfStdsThreshold * LearningTimeSrcIpDenyRateStd, MinThreshold)\n  | where AlertTimeSrcIpDenyRateCount > LearningThreshold\n  | project SourceIp, DestinationIp, AlertTimeSrcIpDenyRateCount, LearningThreshold\n",
                 "queryFrequency": "PT1H",
                 "queryPeriod": "PT25H",
                 "severity": "Medium",
@@ -2679,22 +2558,22 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "SourceIp"
+                        "columnName": "SourceIp",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   },
                   {
-                    "entityType": "URL",
                     "fieldMappings": [
                       {
-                        "identifier": "Url",
-                        "columnName": "DestinationIp"
+                        "columnName": "DestinationIp",
+                        "identifier": "Url"
                       }
-                    ]
+                    ],
+                    "entityType": "URL"
                   }
                 ]
               }
@@ -2702,13 +2581,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject17').analyticRuleId17,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject16').analyticRuleId16,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 17",
-                "parentId": "[variables('analyticRuleObject17').analyticRuleId17]",
-                "contentId": "[variables('analyticRuleObject17')._analyticRulecontentId17]",
+                "description": "Global Secure Access Analytics Rule 16",
+                "parentId": "[variables('analyticRuleObject16').analyticRuleId16]",
+                "contentId": "[variables('analyticRuleObject16')._analyticRulecontentId16]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject17').analyticRuleVersion17]",
+                "version": "[variables('analyticRuleObject16').analyticRuleVersion16]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -2733,18 +2612,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject17')._analyticRulecontentId17]",
+        "contentId": "[variables('analyticRuleObject16')._analyticRulecontentId16]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA - Detect Abnormal Deny Rate for Source to Destination IP",
-        "contentProductId": "[variables('analyticRuleObject17')._analyticRulecontentProductId17]",
-        "id": "[variables('analyticRuleObject17')._analyticRulecontentProductId17]",
-        "version": "[variables('analyticRuleObject17').analyticRuleVersion17]"
+        "contentProductId": "[variables('analyticRuleObject16')._analyticRulecontentProductId16]",
+        "id": "[variables('analyticRuleObject16')._analyticRulecontentProductId16]",
+        "version": "[variables('analyticRuleObject16').analyticRuleVersion16]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject18').analyticRuleTemplateSpecName18]",
+      "name": "[variables('analyticRuleObject17').analyticRuleTemplateSpecName17]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -2753,18 +2632,18 @@
         "description": "SWG - Abnormal Port to Protocol_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject18').analyticRuleVersion18]",
+          "contentVersion": "[variables('analyticRuleObject17').analyticRuleVersion17]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject18')._analyticRulecontentId18]",
+              "name": "[variables('analyticRuleObject17')._analyticRulecontentId17]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
               "properties": {
-                "description": "Identifies changes in the protocol used for specific destination ports, comparing the current runtime with a learned baseline. This can indicate potential protocol misuse or configuration changes.",
+                "description": "Identifies changes in the protocol used for specific destination ports, comparing the current runtime with a learned baseline.\nThis can indicate potential protocol misuse or configuration changes.\nConfigurable Parameters:\n- Learning period: The time range to establish the baseline. Default is set to 7 days.\n- Run time: The time range for current analysis. Default is set to 1 day.",
                 "displayName": "GSA - Detect Protocol Changes for Destination Ports",
                 "enabled": false,
                 "query": "let LearningPeriod = 7d;\nlet RunTime = 1d;\nlet StartLearningPeriod = ago(LearningPeriod + RunTime);\nlet EndRunTime = ago(RunTime);\nlet LearningPortToProtocol = \n  NetworkAccessTraffic\n  | where TimeGenerated between (StartLearningPeriod .. EndRunTime)\n  | where isnotempty(DestinationPort)\n  | summarize LearningTimeCount = count() by LearningTimeDstPort = DestinationPort, LearningTimeProtocol = TransportProtocol, SourceIp, DestinationFqdn;\nlet AlertTimePortToProtocol = \n  NetworkAccessTraffic\n  | where TimeGenerated between (EndRunTime .. now())\n  | where isnotempty(DestinationPort)\n  | summarize AlertTimeCount = count() by AlertTimeDstPort = DestinationPort, AlertTimeProtocol = TransportProtocol, SourceIp, DestinationFqdn;\nAlertTimePortToProtocol\n  | join kind=leftouter (LearningPortToProtocol) on $left.AlertTimeDstPort == $right.LearningTimeDstPort and $left.SourceIp == $right.SourceIp and $left.DestinationFqdn == $right.DestinationFqdn\n  | where isnull(LearningTimeProtocol) or LearningTimeProtocol != AlertTimeProtocol\n  | project AlertTimeDstPort, AlertTimeProtocol, LearningTimeProtocol, SourceIp, DestinationFqdn\n  | extend IPCustomEntity = SourceIp, FqdnCustomEntity = DestinationFqdn\n",
@@ -2780,7 +2659,7 @@
                   {
                     "connectorId": "AzureActiveDirectory",
                     "dataTypes": [
-                      "EnrichedMicrosoft365AuditLogs"
+                      "NetworkAccessTrafficLogs"
                     ]
                   }
                 ],
@@ -2791,22 +2670,22 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "IPCustomEntity"
+                        "columnName": "IPCustomEntity",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   },
                   {
-                    "entityType": "URL",
                     "fieldMappings": [
                       {
-                        "identifier": "Url",
-                        "columnName": "FqdnCustomEntity"
+                        "columnName": "FqdnCustomEntity",
+                        "identifier": "Url"
                       }
-                    ]
+                    ],
+                    "entityType": "URL"
                   }
                 ]
               }
@@ -2814,13 +2693,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject18').analyticRuleId18,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject17').analyticRuleId17,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 18",
-                "parentId": "[variables('analyticRuleObject18').analyticRuleId18]",
-                "contentId": "[variables('analyticRuleObject18')._analyticRulecontentId18]",
+                "description": "Global Secure Access Analytics Rule 17",
+                "parentId": "[variables('analyticRuleObject17').analyticRuleId17]",
+                "contentId": "[variables('analyticRuleObject17')._analyticRulecontentId17]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject18').analyticRuleVersion18]",
+                "version": "[variables('analyticRuleObject17').analyticRuleVersion17]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -2845,18 +2724,18 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject18')._analyticRulecontentId18]",
+        "contentId": "[variables('analyticRuleObject17')._analyticRulecontentId17]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA - Detect Protocol Changes for Destination Ports",
-        "contentProductId": "[variables('analyticRuleObject18')._analyticRulecontentProductId18]",
-        "id": "[variables('analyticRuleObject18')._analyticRulecontentProductId18]",
-        "version": "[variables('analyticRuleObject18').analyticRuleVersion18]"
+        "contentProductId": "[variables('analyticRuleObject17')._analyticRulecontentProductId17]",
+        "id": "[variables('analyticRuleObject17')._analyticRulecontentProductId17]",
+        "version": "[variables('analyticRuleObject17').analyticRuleVersion17]"
       }
     },
     {
       "type": "Microsoft.OperationalInsights/workspaces/providers/contentTemplates",
       "apiVersion": "2023-04-01-preview",
-      "name": "[variables('analyticRuleObject19').analyticRuleTemplateSpecName19]",
+      "name": "[variables('analyticRuleObject18').analyticRuleTemplateSpecName18]",
       "location": "[parameters('workspace-location')]",
       "dependsOn": [
         "[extensionResourceId(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspace')), 'Microsoft.SecurityInsights/contentPackages', variables('_solutionId'))]"
@@ -2865,18 +2744,18 @@
         "description": "SWG - Source IP Port Scan_AnalyticalRules Analytics Rule with template version 3.0.0",
         "mainTemplate": {
           "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-          "contentVersion": "[variables('analyticRuleObject19').analyticRuleVersion19]",
+          "contentVersion": "[variables('analyticRuleObject18').analyticRuleVersion18]",
           "parameters": {},
           "variables": {},
           "resources": [
             {
               "type": "Microsoft.SecurityInsights/AlertRuleTemplates",
-              "name": "[variables('analyticRuleObject19')._analyticRulecontentId19]",
+              "name": "[variables('analyticRuleObject18')._analyticRulecontentId18]",
               "apiVersion": "2023-02-01-preview",
               "kind": "Scheduled",
               "location": "[parameters('workspace-location')]",
               "properties": {
-                "description": "Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access.",
+                "description": "Identifies a source IP scanning multiple open ports on Global Secure Access Firewall. This can indicate malicious scanning of ports by an attacker, trying to reveal open ports in the organization that can be compromised for initial access.\n  Configurable Parameters:\n  - Port scan time - the time range to look for multiple ports scanned. Default is set to 30 seconds.\n  - Minimum different ports threshold - alert only if more than this number of ports scanned. Default is set to 100.",
                 "displayName": "GSA - Detect Source IP Scanning Multiple Open Ports",
                 "enabled": false,
                 "query": "let port_scan_time = 30s;\nlet min_ports_threshold = 100;\nNetworkAccessTraffic\n| where TimeGenerated > ago(1d)\n| where Action == 'Allowed'\n| summarize PortsScanned = dcount(DestinationPort) by SourceIp, DestinationFqdn, bin(TimeGenerated, port_scan_time)\n| where PortsScanned > min_ports_threshold\n| project SourceIp, PortsScanned, TimeGenerated,DestinationFqdn\n",
@@ -2892,7 +2771,7 @@
                   {
                     "connectorId": "AzureActiveDirectory",
                     "dataTypes": [
-                      "EnrichedMicrosoft365AuditLogs"
+                      "NetworkAccessTrafficLogs"
                     ]
                   }
                 ],
@@ -2904,22 +2783,22 @@
                 ],
                 "entityMappings": [
                   {
-                    "entityType": "IP",
                     "fieldMappings": [
                       {
-                        "identifier": "Address",
-                        "columnName": "SourceIp"
+                        "columnName": "SourceIp",
+                        "identifier": "Address"
                       }
-                    ]
+                    ],
+                    "entityType": "IP"
                   },
                   {
-                    "entityType": "URL",
                     "fieldMappings": [
                       {
-                        "identifier": "Url",
-                        "columnName": "DestinationFqdn"
+                        "columnName": "DestinationFqdn",
+                        "identifier": "Url"
                       }
-                    ]
+                    ],
+                    "entityType": "URL"
                   }
                 ]
               }
@@ -2927,13 +2806,13 @@
             {
               "type": "Microsoft.OperationalInsights/workspaces/providers/metadata",
               "apiVersion": "2022-01-01-preview",
-              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject19').analyticRuleId19,'/'))))]",
+              "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split(variables('analyticRuleObject18').analyticRuleId18,'/'))))]",
               "properties": {
-                "description": "Global Secure Access Analytics Rule 19",
-                "parentId": "[variables('analyticRuleObject19').analyticRuleId19]",
-                "contentId": "[variables('analyticRuleObject19')._analyticRulecontentId19]",
+                "description": "Global Secure Access Analytics Rule 18",
+                "parentId": "[variables('analyticRuleObject18').analyticRuleId18]",
+                "contentId": "[variables('analyticRuleObject18')._analyticRulecontentId18]",
                 "kind": "AnalyticsRule",
-                "version": "[variables('analyticRuleObject19').analyticRuleVersion19]",
+                "version": "[variables('analyticRuleObject18').analyticRuleVersion18]",
                 "source": {
                   "kind": "Solution",
                   "name": "Global Secure Access",
@@ -2958,12 +2837,12 @@
         "packageName": "[variables('_solutionName')]",
         "packageId": "[variables('_solutionId')]",
         "contentSchemaVersion": "3.0.0",
-        "contentId": "[variables('analyticRuleObject19')._analyticRulecontentId19]",
+        "contentId": "[variables('analyticRuleObject18')._analyticRulecontentId18]",
         "contentKind": "AnalyticsRule",
         "displayName": "GSA - Detect Source IP Scanning Multiple Open Ports",
-        "contentProductId": "[variables('analyticRuleObject19')._analyticRulecontentProductId19]",
-        "id": "[variables('analyticRuleObject19')._analyticRulecontentProductId19]",
-        "version": "[variables('analyticRuleObject19').analyticRuleVersion19]"
+        "contentProductId": "[variables('analyticRuleObject18')._analyticRulecontentProductId18]",
+        "id": "[variables('analyticRuleObject18')._analyticRulecontentProductId18]",
+        "version": "[variables('analyticRuleObject18').analyticRuleVersion18]"
       }
     },
     {
@@ -4761,7 +4640,7 @@
         "contentSchemaVersion": "3.0.0",
         "displayName": "Global Secure Access",
         "publisherDisplayName": "Microsoft Corporation",
-        "descriptionHtml": "<p><strong>Note:</strong> Please refer to the following before installing the solution:</p>\n<p>• Review the solution <a href=\"https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Global%20Secure%20Access/ReleaseNotes.md\">Release Notes</a></p>\n<p>• There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</p>\n<p><a href=\"https://aka.ms/GlobalSecureAccess\">Global Secure Access</a> is a <a href=\"https://learn.microsoft.com/en-us/azure/sentinel/sentinel-solutions-catalog#domain-solutions\">domain solution</a> and does not include any data connectors. The content in this solution requires one of the product solutions below.</p>\n<p><strong>Prerequisite:</strong></p>\n<p>Install one or more of the listed solutions to unlock the value provided by this solution.</p>\n<ol>\n<li>Microsoft Entra ID</li>\n</ol>\n<p><strong>Underlying Microsoft Technologies used:</strong></p>\n<p>This solution depends on the following technologies, and some of these dependencies may either be in Preview state or might result in additional ingestion or operational costs:</p>\n<ol>\n<li>Product solutions as described above</li>\n</ol>\n<p><strong>Workbooks:</strong> 2, <strong>Analytic Rules:</strong> 19, <strong>Hunting Queries:</strong> 21</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
+        "descriptionHtml": "<p><strong>Note:</strong> Please refer to the following before installing the solution:</p>\n<p>• Review the solution <a href=\"https://github.com/Azure/Azure-Sentinel/tree/master/Solutions/Global%20Secure%20Access/ReleaseNotes.md\">Release Notes</a></p>\n<p>• There may be <a href=\"https://aka.ms/sentinelsolutionsknownissues\">known issues</a> pertaining to this Solution, please refer to them before installing.</p>\n<p><a href=\"https://aka.ms/GlobalSecureAccess\">Global Secure Access</a> is a <a href=\"https://learn.microsoft.com/en-us/azure/sentinel/sentinel-solutions-catalog#domain-solutions\">domain solution</a> and does not include any data connectors. The content in this solution requires one of the product solutions below.</p>\n<p><strong>Prerequisite:</strong></p>\n<p>Install one or more of the listed solutions to unlock the value provided by this solution.</p>\n<ol>\n<li>Microsoft Entra ID</li>\n</ol>\n<p><strong>Underlying Microsoft Technologies used:</strong></p>\n<p>This solution depends on the following technologies, and some of these dependencies may either be in Preview state or might result in additional ingestion or operational costs:</p>\n<ol>\n<li>Product solutions as described above</li>\n</ol>\n<p><strong>Workbooks:</strong> 2, <strong>Analytic Rules:</strong> 18, <strong>Hunting Queries:</strong> 21</p>\n<p><a href=\"https://aka.ms/azuresentinel\">Learn more about Microsoft Sentinel</a> | <a href=\"https://aka.ms/azuresentinelsolutionsdoc\">Learn more about Solutions</a></p>\n",
         "contentKind": "Solution",
         "contentProductId": "[variables('_solutioncontentProductId')]",
         "id": "[variables('_solutioncontentProductId')]",
@@ -4886,11 +4765,6 @@
               "contentId": "[variables('analyticRuleObject18')._analyticRulecontentId18]",
               "version": "[variables('analyticRuleObject18').analyticRuleVersion18]"
             },
-            {
-              "kind": "AnalyticsRule",
-              "contentId": "[variables('analyticRuleObject19')._analyticRulecontentId19]",
-              "version": "[variables('analyticRuleObject19').analyticRuleVersion19]"
-            },
             {
               "kind": "HuntingQuery",
               "contentId": "[variables('huntingQueryObject1')._huntingQuerycontentId1]",