From 36b10c07bc80b5284c8ae574ea161ab721b940be Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Thu, 23 Mar 2017 11:49:34 +0100
Subject: [PATCH 01/22] First attempt for challenge

---
 .../src/main/resources/html/Challenge.html    |  38 ++++++++++++++++--
 .../src/main/resources/images/webgoat2.png    | Bin 0 -> 35040 bytes
 .../resources/lessonPlans/en/Challenge_1.adoc |   9 +++++
 .../lessonPlans/en/Challenge_content1.adoc    |   1 -
 .../en/Challenge_introduction.adoc            |   9 +++++
 webgoat-server/pom.xml                        |  10 ++---
 6 files changed, 57 insertions(+), 10 deletions(-)
 create mode 100644 webgoat-lessons/challenge/src/main/resources/images/webgoat2.png
 create mode 100644 webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
 delete mode 100644 webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_content1.adoc
 create mode 100644 webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc

diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index 00c0e2c2f..b5a072d9b 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -3,10 +3,40 @@
 <html xmlns:th="http://www.thymeleaf.org">
 
 <div class="lesson-page-wrapper">
-    <!-- reuse this lesson-page-wrapper block for each 'page' of content in your lesson -->
-    <!-- include content here, or can be placed in another location. Content will be presented via asciidocs files,
-    which you put in src/main/resources/plugin/lessonplans/{lang}/{fileName}.adoc -->
-    <div class="adoc-content" th:replace="doc:Challenge_content1.adoc"></div>
+    <div class="adoc-content" th:replace="doc:Challenge_introduction.adoc"></div>
 </div>
 
+<div class="lesson-page-wrapper">
+    <div class="attack-container">
+        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
+        <div class="panel panel-default">
+            <div class="panel-heading">
+                <img th:src="@{/images/webgoat2.png}" class="img-thumbnail"/>
+            </div>
+            <div class="panel-body">
+                <form class="attack-form" accept-charset="UNKNOWN"
+                      method="POST" name="form"
+                      action="/WebGoat/challenge/1"
+                      style="width: 200px;"
+                      enctype="application/json;charset=UTF-8">
+
+                    <div class="form-group">
+                        <label for="exampleInputEmail1" th:text="#{username}">Username</label>
+                        <input autofocus="dummy_for_thymeleaf_parser" type="text" class="form-control"
+                               id="exampleInputEmail1" placeholder="Username" name='username' value="admin"/>
+                    </div>
+                    <div class="form-group">
+                        <label for="exampleInputPassword1" th:text="#{password}">Password</label>
+                        <input type="password" class="form-control" id="exampleInputPassword1"
+                               placeholder="Password"
+                               name='password'/>
+                    </div>
+                    <button class="btn btn-primary btn-block" type="submit" th:text="#{sign.in}">Sign in</button>
+                </form>
+                <div class="attack-feedback"></div>
+                <div class="attack-output"></div>
+            </div>
+        </div>
+    </div>
+</div>
 </html>
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/images/webgoat2.png b/webgoat-lessons/challenge/src/main/resources/images/webgoat2.png
new file mode 100644
index 0000000000000000000000000000000000000000..c53a1f75b4a3343f03014336462ba0fc6c2e4011
GIT binary patch
literal 35040
zcmeI5Ra8{%qsD;&2|rRv2|++Yx*KE=hE7QlhED0BhLQ#;DTxt28M?cqrArhAh7?dj
zS{mf=zd3j3=3Je%&U-PlFWxn4_T66lS<mzP#b|3P6BE%9VPRnr!&IQUx7WSfj|Rb=
z+i%SRA+y^Hwx_Q0Q>@By`b{h>vN0G`LEjg9=f&Nx&-Lhn5bMv$l{Wrmg>ABA>~f*A
zv}xF3^}3^ZJyR*+@ks)89AlZ&pRC{5KYPTjn-Z=AHyd8~7qg^99pMq<_0#X<?+If3
zoHzJ7xM^<#`Te4^ZbCNTeceRBc-_*rY$suB0|68!kw>pWk3Y=n+9zqT9^%pEA>Uob
z7v}LWpI&>P{ZIF1bsB`o9EqO_AzTj$6U!&njH<Xj*^;{b83+FTc0#0^r1R~G;S%<`
z{8Nd%WsQy3Uo5$APcBF}@F|9|@m@V;${{hmJ()(xOC)KNaQNQ4SoWH^J*nz|42Oo_
z{$chceo^o9+mmAkZ4%a02+?A=tT;pCe{N+j<bQiB+OF>t+IlQmG_qoZ<<!<Tte~Yo
zUM*y>I31iW*d|LpZf)IbjBdZF9Gv2F3v3wt_h#pd<@TpENJJNQoz`C~90klJS8_rp
z`T4R;ve;klTAGk@w_=qtAC|<#xTC^x7>kU*>ST>m>tegGn)SRQ)_K#WBo7Dv$zzh=
z$o)n~K0)8ix7BL0)W)Qo0ry#5<3uU+i#Z~7PtfngJE*##=W$v}>C1^wGSW^h998?I
z{M3$Pe-%d+E4KBnp#IR0q>G-daij04Rn@~<F85f)(GKy)RGGMY+95|dM^Kbs4@1#c
zMv>=XtJ`zPy8HLKy13y;Z)J&UIX8>F*J8ud5B91lzL$=rcI|aO@(7ffX;J>r;lg2A
z!XkGzQ2iMDYQJFrY(s~IPm?s!2_{j^<YuuHDrPf4<<z9hb;`7+?>yJ9UnLWrox|HL
zWA*z{t#0d*(q;GR+*p&*u6#0=a;(1OQ){6>{0Cyu&e!?Y)SQs_cE_vG;dDw)6RyLN
z#+2jJiV?&6vnO?fTBgW1u86KsB>p19KTnY2Xm-qXvSKbWz)Pfw;kc>3)upo4_q)qd
z%uP2gc8Qih5;b_;>mqRSr4*un-qu?xx5Re16}QsCN34LvB)Gonl_ZyIi4P`19a|yG
z=1p-*5Ka3tc^If<cMJ8SE4yzz{M;Sa&(^XvSoYdE4+Vu&y`A6{wLSzXn*566yH6Ar
zE{vmgpv`0?ea2su(tBBll-5beT7GjS3t^(a7IR{sD%d^<X>*Ji%sx_LPefRZPRrF*
z4$)>tE5{iduzF}rjDB$KT#`?|dq_XBpt#omcmG{r%AWm?Z2=c5ju$}<gY}%_qCxwN
zg#A~Fqi)3m^{<O=FxY8Z^-XDsFl>KASNtiNJbZd<I?-`tVPVplP0xOF=$)i{?Znvy
zn0KVq5x)f4UobuISG(f^4`0|2`7%IK#@f?KmlW8H%ExDFPsy+=%<dy1UN)rhD8kLm
z8$EeRZxox}?LhErnLJHtuvhY!Rs04n@T&dJe!qWP?i|6=LSPhbgBDpGr7p#aR4*AL
z8}C+u4+9}@i`nQV50sIHxfTvfcx$ciz3Ivwwk7f@XX+pFXoMi01%ihittA)#oyn^j
zm*8<0Q*f8Khq`e24W-^nSW_UL)A!-GZ_8zz81w?k5TwMpFaAIS{`J@R^{p~Ifoc^E
z3l%F4ETG|AxfW@52{iE{b>E6dGDi3_(Ho06H=Qk1({sMt!6*eqmS)1_Zc>f!VVd$3
zG~6D3T_l(!bQ3yzo;)ENhC3?HsDQmmCI3;ReIg3$&`kFtnhUOpw@>wvvaN7I;-9VK
z>tJskY}D)J`FiF>lB|>#%S>FJ35uhxC8ay^CP8hSi|nn2H7P11jc{4BCkn5hvAh_c
zAYP=^Q#zwYXAQ(j3mUJDOlPK6#xTzE4d)YZ)?;#y+C5bS8ZWD6zqL8bj8dD&`tDn5
z%Wyj6#t!bM$lT%k!>eO^sNAc!T2$tdiks>|PQ+1BYFpf$6eci?hbx-LaDyS44K_T9
z_D<Y2>MFX(WZda9`;MQ&mnx|sF*-oJiV9$s=Wr*SFY%p?vP>DlGc&jUV#wlY2j!zp
zXP$KtPjozXd0iVilAa^IN6U3*MYgfw;A;P$S+wQ?t2ox%$x#Qm>?Mu+-xC)7oiv}p
z&>lQKcv~c&*p0sr6(q41ZxfBoh1#AGSo`D5OOI#79K4MDS5@u7w^-vkuHPCkGBmqg
z;c2<c#%UI6Ma>nH=kCAc7B+;R>Q$yo)u?Fjf+WrRu<wkp7)QAT6G36|L!ivi_Hh>!
zLuptU2`h6VEyhezF}{WpSMwxT9GN_zK^FK|T=6hFxU@A<8ObTSO)69m2<=>6Eu8*(
z6mi#FHVt1nw(BoNWa`fe#i#x9qZ@TOM^VN`-rFs5IE{vKHC#Sb9UIMeq27~vg$pD4
znp#z(2WaPM2^{kn6yNWf0JUky{)r6E&53?o<*Yx0<5J0HiTh1DLfkDCR?c?6jo2rj
z_)Z@W<;-6hKj`Aqu4^1LJ<9DvorX1hLf2(yB83)y{>1Vs$6>eC#IE*O>UAsl>ODjw
zs}G&_6FPjK?9Qe=Q7#$PN8DyZGi+y*_UFX@{nRcFo`_>i{%{K(<BOE0R}f!+J2`Hg
zfp~N=Lm+|k@v23f->}u*TyGkQvUFSSD_YmMbQ?^0$p>s_voFGEY;D!)Vjd5jDzBG{
z4X1iD?I??)LWAo>>dU#5SBVw77v)B+M@T=W0!NW~(W9oi)w)qw$>xLaaqXAsxJ3<Q
zdZ*UO6Zy}$*VpAOUuX2%Rvy*qEf7N)RO%~kpB$UXJQ#>IrOSifmoqwoygx=gJ|cDz
z?tMCnc4X+ir@rQiN-C`D;k8@8vRKL@@AwKpic1P@8TuqLqP4T2?Vl-RUiK4&nQZh9
zJ$^lUFELhHfcb-HL!1EKBc@@$(ROK5>mQlTs@nrs*NAb{*sSMcE*W1=9Yp%KDo-Bd
zlD(X!hl^zNIo(@gwyMWxlDNz0SY9j2b`(!bV+66esv#5au!#RR9m&hDu%$@H6TA$Y
z@0Y8eT$o$bKYJ8=HkfgTd=3*Uy+Ed>STH@rT|*N+RiSDpH^78lajU%jsPOd;7Z#a%
z=9#~huaYW4*L{^HY7)b|{zB@etyN_$UG7XKdDy^A!hd()ewQK?7WOe$iJ?{1ZJ!yA
z3Vw!bSthJ7Eoz#l(;#DNEzMq1Ay-K1z&sw>1K~q&6CVFKpEwZM^G(#<mi0wZk9saI
zx+nVHEp+hT|0ef|!D;@9^XiUKW%yQLWm%L4#{>>;hl~@lt=g{Kx&wP~F+l3M9U>i>
z{Nk4rmhKUbzRy&C=KQk$U9v^XK@Rb{hD=-Sk|<(|bAo$!htyOXhm=Ph;gR=CoF(jO
z++4}!b>@<?!bz&=D|kA7S8ZNCGc8iT*R~(dS)&7=DVEqp??|wC>YmccRN9P$_Tcc*
zYjs<M)9x}fIweL;`L0zA;%qS$>ZPy6$6;~!+Ve1Pc1;a&l6ek9rOu4&UEjgdrcJ)L
zeMy&5#;|LXk<O=B{%8F61>Er;w%;>4HB^PGEfn*<*%eleZyktB*1Ip)xwdhMxESf0
zmOj`ucW5;$R~<HU-acym_yQf3GOBoew(F+9mB))o<#*ub<SBF~k^5vH6^-~2E#}0#
zr$s=_Rm|?1^^^UY7?HCs?K}T=pzA1PljL=5@x-HedzkGS-N&lJG1jb}>{H&vU|1<n
z;-*T(tk7LHBU%EPl87#S&$!0+F$jj4$mJ}Yn0^kQs~ls==eCt~_hVcA?7cD=us4>1
zT4)$xwcy-}$9#U*e$qo`kg7{-5V?{cxD}}Ogj}YDJdn`suYjEiXB_1AhE!n`-2-0-
z&#RhQ<Dc)Waz|z+by>#~T0JEk4BF=xib%2Ug<a7p!wSN8-d)UIHDs=<ITPhoI4ns>
zXO$4~MgBSFbHHeB`V`t5&!4C>%|h@>Yd_EM7C6UmkiiEl#C*+6_TemoX5#V<^HRUy
z)I&4Od!`RZVv&o+G>lNy5B1xuKcn^z=%aqUB&Z>``dH2+eY0>-t{ipUkoptrPdiTj
zGmQm#8VY!aV6P&nmPg#d2gL$UqN&+R4!C*E<3P~?b`SM;Ydxwwb2DTqa%MkvSX5qW
zRbb93e$Pagj?NWt#S3=|+k{CYEySn@!oQfrng!Iw6<z2BqgEV(1H)*ZSP&FnAR?)o
zgrR!Y{ldRsoriRGEcX$pMM$+pe$Jq$)+405%?yQ4`B=NZi)+ww?Qz_M!om{oRDPU_
z<BFm$1y3?$*)^1mo}2x`ARcqGmNMq~$!R526jyv&w{+NW2@7BO!KuxgmO8V9BaO^y
zHEzG5lvC^}#tfsMxM{kYbfr@|)rTA>=P3fx_uU+Fi*m7EO>XE5Ovv{Rvi4V9b}f!5
zhz8G|a_WgPrauk1?77FU12@`vzp7LT8N^?}5y~T%ZkaSw&B9M0OIPSop2TSxMD*Uf
z%4n<Y)ru!Oo42j>^`CN3++3MVU>ig2Hl7EybYS`ev*Q#{_3bCR9qE@Y$dwSpMng@M
zMYjq@lzKsS7_D(gV@OASrk=<u67}apU!ngPr3#uYB$4|S4p!gWd}<ml?|1^NZ%0;s
zD1yUWtg40*PZi2lna;m~w5FZ7d>`h}w1RP4F2zIdgpV8q%=Y;$l5nG6Kj<@xIFY)s
zN9gVpzK&^hm;LdP<osi1cJkvllbP@KQ`=6_&B3ZL$<yju4vv@I>zs1@EV2sn3ynU`
zp9Pb(WCsyx)u<T$A`wJsU6|OKTB*MH@*9#jw7RUNj`e<JKOzom%=`<Oy@};a27FR0
zKTktb`>`mxwFFO^?#nGf&aV2Ya-~s+*eO%uIOcOB#t%<_&E%S@Q;5#jQ;~48A8TdP
zM@D+Qup9SGvc3DsEc9##wx1yMh{r#8!>U?z=HWLkFZT6+(?+1KbRjv19hn@aQq`!h
zla0dhLpYhXE89luhcs9pd4eJ<7Z(2hraia_40!eM=SaiwsKx4!M47ZlsJ#n3^Ou=%
z2b+E<aY{aHXVcPNvz%qNqYqk`>1VdXtkkiVnssvh^mgS>V}nRXa=w>#F?Gw*Gs0WL
z?rZn^xDav3;m9lN!lGAdtV-kf%i?1gq)e){Q#_q8aEXwj=ONITyR}`p{8UWEZ8O9a
zC#g3c1>TMV?^sl?5-2;iozXkh0ZKk1=JYbBRW+mh6oza&MC9cvlm>H`^c?E@VWg?8
zqRvq7cPOhuDc<W*4-TH>gXy7iqsqjJggd@Szr7=as$%+?ReBDoAANL>PR<NeJ+bE`
z@0y49LQsZ*g=}4LkKT!f$wj64$?_*DA?H<RS>eW{QEG*Tt@g$am8Hm3NX&}7<y?Eq
zjB-HZ%`xw4jQJWWccJIf9Qk59bS7Q+Px7{;NfEsY0e%X^TrgDt8e~oE{_Mtud&KTN
zRmrl(pi@!rJOjN7l`mp|VOt^<(n&$m)mc?QfBQC^eET-cDl5WJ=YjQ~_im^E^Y7jN
z9Rd6$RaZTg*iPGde4BD$!IU(il}|0gVn8GUA`uXYfJg*HA|Mh0kqC%HKqLYp5fF)h
zNCZS8AQAzQ2#7>LByyXUfR+eoiGY>}Xo-N92xy6bmI!ExfR+eoiGY>}Xo-N92xy6b
zmI!ExfR+dt&Vb<z7|wv<3>eOU;S3ngfZ+@n&Vb<z7|wv<3>eOU;S3ngfZ+@n&H$DO
zV2J>h2w;f-mIz>p0G0?~i2#-eV2S*nWQja{h_Hd%y|VOrXzOfg_Yh$hV61QDtLg9T
zq6KyG($ZHDG<M+UH*tCHsIKqqq^0lVW#XtLVC-lmqUmBFq~WL_tY{}Ag9JztfFuD(
z5`ZKDND_b~`5&mH07(KUt$@-BD6N3f3Mj3B(h4Z8fYJ&mt$@-BD6N3f3Mj3B(h4Z8
zfYJ&mtw3A@#5F)%1H?5zTm!^4KwJaFH9%Yg#5F)%1H?5zTm!^4KwJaFHMewD;PM47
uU*PfuE??mC1ukFU@&ztm;PM47U*PfuE??mC1ukFU@&zv6|1U0IqW=P4;YHK{

literal 0
HcmV?d00001

diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
new file mode 100644
index 000000000..b1d8e837f
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
@@ -0,0 +1,9 @@
+== Welcome to the WebGoat challenge (CTF)
+
+In this CTF you will need to solve a couple of challenges, each challenge will give you a flag which you will
+need to post in order to gain points.
+Flags have the following format: a7179f89-906b-4fec-9d99-f15b796e7208
+
+
+Have fun!!
+Team WebGoat
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_content1.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_content1.adoc
deleted file mode 100644
index 987f45684..000000000
--- a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_content1.adoc
+++ /dev/null
@@ -1 +0,0 @@
-This is the challenge
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc
new file mode 100644
index 000000000..b1d8e837f
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc
@@ -0,0 +1,9 @@
+== Welcome to the WebGoat challenge (CTF)
+
+In this CTF you will need to solve a couple of challenges, each challenge will give you a flag which you will
+need to post in order to gain points.
+Flags have the following format: a7179f89-906b-4fec-9d99-f15b796e7208
+
+
+Have fun!!
+Team WebGoat
\ No newline at end of file
diff --git a/webgoat-server/pom.xml b/webgoat-server/pom.xml
index 8dff0cda9..78d55dff2 100644
--- a/webgoat-server/pom.xml
+++ b/webgoat-server/pom.xml
@@ -86,11 +86,11 @@
             <artifactId>webgoat-container</artifactId>
             <version>${project.version}</version>
         </dependency>
-        <!--<dependency>-->
-            <!--<groupId>org.owasp.webgoat.lesson</groupId>-->
-            <!--<artifactId>challenge</artifactId>-->
-            <!--<version>${project.version}</version>-->
-        <!--</dependency>-->
+        <dependency>
+            <groupId>org.owasp.webgoat.lesson</groupId>
+            <artifactId>challenge</artifactId>
+            <version>${project.version}</version>
+        </dependency>
         <dependency>
             <groupId>org.owasp.webgoat.lesson</groupId>
             <artifactId>client-side-filtering</artifactId>

From debc1e4b737ead176267abe6ed0e19585921c5cb Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Thu, 23 Mar 2017 16:12:04 +0100
Subject: [PATCH 02/22] Added more for challenge 1 including input form group
 for flag

---
 .../org/owasp/webgoat/plugin/Challenge1.java  |  56 ++++++++++++++++++
 .../java/org/owasp/webgoat/plugin/Flag.java   |  52 ++++++++++++++++
 .../webgoat/plugin/SolutionConstants.java     |  13 ++++
 .../src/main/resources/html/Challenge.html    |  17 +++++-
 .../resources/i18n/WebGoatLabels.properties   |   1 +
 .../src/main/resources/images/webgoat2.png    | Bin 35040 -> 89932 bytes
 6 files changed, 137 insertions(+), 2 deletions(-)
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge1.java
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Flag.java
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java

diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge1.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge1.java
new file mode 100644
index 000000000..2b2a4f1d4
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge1.java
@@ -0,0 +1,56 @@
+package org.owasp.webgoat.plugin;
+
+import org.owasp.webgoat.assignments.AssignmentEndpoint;
+import org.owasp.webgoat.assignments.AssignmentPath;
+import org.owasp.webgoat.assignments.AttackResult;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+import java.io.IOException;
+
+import static org.owasp.webgoat.plugin.SolutionConstants.PASSWORD;
+
+/**
+ * ************************************************************************************************
+ * This file is part of WebGoat, an Open Web Application Security Project utility. For details,
+ * please see http://www.owasp.org/
+ * <p>
+ * Copyright (c) 2002 - 20014 Bruce Mayhew
+ * <p>
+ * This program is free software; you can redistribute it and/or modify it under the terms of the
+ * GNU General Public License as published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ * <p>
+ * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
+ * even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ * <p>
+ * You should have received a copy of the GNU General Public License along with this program; if
+ * not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+ * 02111-1307, USA.
+ * <p>
+ * Getting Source ==============
+ * <p>
+ * Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software
+ * projects.
+ * <p>
+ *
+ * @author WebGoat
+ * @version $Id: $Id
+ * @since August 11, 2016
+ */
+@AssignmentPath("/challenge/1")
+public class Challenge1 extends AssignmentEndpoint {
+
+    @RequestMapping(method = RequestMethod.POST)
+    public
+    @ResponseBody
+    AttackResult completed(@RequestParam String username, @RequestParam String password) throws IOException {
+        if (PASSWORD.equals(password)) {
+            return success().feedback("challenge.solved").feedbackArgs(Flag.FLAGS.get(1)).build();
+        }
+        return failed().build();
+    }
+}
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Flag.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Flag.java
new file mode 100644
index 000000000..6ac1a0e62
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Flag.java
@@ -0,0 +1,52 @@
+package org.owasp.webgoat.plugin;
+
+import com.google.common.collect.Maps;
+import org.owasp.webgoat.assignments.Endpoint;
+import org.owasp.webgoat.session.UserTracker;
+import org.owasp.webgoat.session.WebSession;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+import javax.annotation.PostConstruct;
+import java.util.Map;
+import java.util.UUID;
+import java.util.stream.IntStream;
+
+/**
+ * @author nbaars
+ * @since 3/23/17.
+ */
+public class Flag extends Endpoint {
+
+    public static final Map<Integer, String> FLAGS = Maps.newHashMap();
+    @Autowired
+    private UserTracker userTracker;
+    @Autowired
+    private WebSession webSession;
+
+    @PostConstruct
+    public void initFlags() {
+        IntStream.range(1, 4).forEach(i -> FLAGS.put(i, UUID.randomUUID().toString()));
+    }
+
+    @Override
+    public String getPath() {
+        return "challenge/flag";
+    }
+
+    @RequestMapping(method = RequestMethod.POST)
+    @ResponseStatus(HttpStatus.OK)
+    public void postFlag(@RequestParam String flag, @RequestParam int challengeNumber) {
+        String expectedFlag = FLAGS.get(challengeNumber);
+        if (expectedFlag.equals(flag)) {
+            userTracker.assignmentSolved(webSession.getCurrentLesson(), "Challenge" + challengeNumber);
+        } else {
+            userTracker.assignmentFailed(webSession.getCurrentLesson());
+        }
+    }
+
+}
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java
new file mode 100644
index 000000000..dda05d492
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java
@@ -0,0 +1,13 @@
+package org.owasp.webgoat.plugin;
+
+/**
+ * Interface with constants so we can easily change the flags
+ *
+ * @author nbaars
+ * @since 3/23/17.
+ */
+public interface SolutionConstants {
+
+    String PASSWORD = "!!webgoat_admin_1234!!";
+
+}
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index b5a072d9b..76398ed1a 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -33,10 +33,23 @@
                     </div>
                     <button class="btn btn-primary btn-block" type="submit" th:text="#{sign.in}">Sign in</button>
                 </form>
-                <div class="attack-feedback"></div>
-                <div class="attack-output"></div>
             </div>
         </div>
+
+        <form class="form-inline">
+            <div class="form-group">
+                <div class="input-group">
+                    <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true" style="font-size:20px"></i></div>
+                    <input type="text" class="form-control" id="flagInput" placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
+                </div>
+            </div>
+            <button type="submit" class="btn btn-primary">Submit flag</button>
+        </form>
+
+        <br/>
+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
+
     </div>
 </div>
 </html>
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/i18n/WebGoatLabels.properties b/webgoat-lessons/challenge/src/main/resources/i18n/WebGoatLabels.properties
index cbae74dcb..7a0256c24 100644
--- a/webgoat-lessons/challenge/src/main/resources/i18n/WebGoatLabels.properties
+++ b/webgoat-lessons/challenge/src/main/resources/i18n/WebGoatLabels.properties
@@ -1 +1,2 @@
 challenge.title=WebGoat Challenge
+challenge.solved=Congratulations, you solved the challenge. Here is your flag: {0}
diff --git a/webgoat-lessons/challenge/src/main/resources/images/webgoat2.png b/webgoat-lessons/challenge/src/main/resources/images/webgoat2.png
index c53a1f75b4a3343f03014336462ba0fc6c2e4011..394793d4b4879927227af837fbd14b39e161547e 100644
GIT binary patch
literal 89932
zcmeI5c|29^-|tODx{Vc*p@a;X$E|Ifw#?Huvs(#~F_GC8k|9cjRP4Aj&n0BY5SfdV
zl5I@NkciC6S!-AKx$oEWd!FZY&iUgx&p8(_d)Jz-YhBm1*7~mR_5Hp-vBrj44D_7z
z6ciK;I@(wq{JjAG8PM&9KMk{G@bDL<4^B&+qVxsV3<U-Aa~-UjSpenyslBf)OgTgS
zrz}`Br~l;Fnc=(jMI`5rF^8beBV14B)BdE$_#09cLeJ9%o;hASck-wxE-BK)9^W<c
zCuvNR{fc+&#gBojKUV!;Y=~d_eyMt4n(%hBv7#3fe6ON6_(jFo9HwzkZ6zI62bIaC
z%|+YA@7bzkHx=gH<gMCVBoX0#IE%}8QSe*yOnC}5Jw%{Qrrt9Z7NL;EWEfonubDjo
z?<PdMzkUzFOUWHxV>w1SrK*m~95<N0{OXJ-yk?V8h?cdBa@Tov-gHJ=c+G&nD(Z$Y
zqfo%U&GCza@S3s)>aOrexWK!8w0SKS@R}8FV@CdDYWmSgj3RdxQk8|U|J|w>d)~WV
z_w)>(!JSxH6}=DB4%ou?=SObwxqV$5aY|G=R$IGJ6;r=c+R-oJ6;j#p=g$1AGjq>U
zsIN3pRv7(opi(1ki6mZcWZ4*3PE`0I`j8{6*ehSV$d4}}A#OSMg$|!`kZ#`tx7yKq
zSv|*L4T_EG86`0x+SOx>p9zaqt`gD#X*bLDFznV$!omCbJ>%qA&GLn!aH~1D6&u)^
zup4nknyKRnSZ1b1BP!i<H?oo&R)Vx$wH*YennK&cpD>O3)W-GPW7pM>sM%WJSIlvV
zUtvq5SuhS;PG80n1D|r|z2=d#h?txkB2?_(*VH6xPw>@3m8*E!EnHUU8aT92&ic0S
zd2-W2<5BMr<-r=Q`wbpKXA1aK*4xXEQEo40FRo9U@JSdlCAjIJ%6Yx)#=;fOwzIia
z<3!eYKbW}>wV9PE$J|X9Z&r5reDoo%c1&}td2;A^wbd8ZL=mm4W=iUgG9k2w6k^=J
zXF0M9Q{Qu5nZ$Ob9uT$>S?aDzT3IXUw%q@2wW7nwmT=9}zbTwRJIejXae`uwAnALe
zMg}4HqFgoiO7){!kJ8$Jw;p4$JIyqd1x7&xV#oIu52@8xh16ynbuEP|V**RFaT5&^
z3~B_@b<guHN-Qch@t5d{D-MLBVOy#K|LVoTOcGY9xrY7dw(}b?NzsPyCqLXZ;9IB{
zUXqqg_I0x_dFV%%WGJce;>&ThkxlF9dF*3m##ZZBnyD@PotjgO%r&1y5@kp+uk(c|
z*VLR2h1I!U>A1VBDVX4I*E66}QQCPhEk-NO+MM6pptt9~XXBV^;@%~$?h%a-Z9f)o
zha@eWdp{@T!6tMnw6f!o@C*6SMV>uv+ZsJy`R$J`=k1UvQ)VAkrzGf523dO2_A6)7
zayfF!zaZr1-dI2Tbn$Wc?i>5+8SZA2ZZol8`6MlPir1n|Z?}hi<jAz#t9HgB{-=$c
zH$om0vuJtilWsZZ-fg947`No`&Z9}o>{&g{Wpy>R*@f=YI7^CVM~l)5zv7O))cN||
zi)}%58AEhqBO%c=l}5}J2XL$tCt8?!1jJ{v{kZpt*Wi0*#IQUZM;_YiT)*jP<~!pl
z8Zj&PEWQ5^mKc9&PCI`w!5kx%__w?l%W3G2-Qm5|r0A_LTfB3?bRwcUWS869uA4WD
zmEE{aLzw-U7&1<M!v_BuWbo-tY2<ab$sC<<h5V3g4vC5Ha*sViY%Vfgn2jg!TnXak
zvX*nNULPsv623i8(hQ9%Ow&=>Nw(fcs?Jn1@H+f@l&)`&m(03FVlO6wrbm@WjdF%f
z^@&`4Z#2ac9=91IVsE%>k?qNWy4(@eAG0gpFZr5K5-*PrKRPnXcqggmOd5??FY9vC
znC5O(o6tJpQNdcv2T9u9RrVPCaka}Q`A)s)Wf(nZs=3adbEiEHEp7dwdmt^jG?wR`
zL{}D_@FP;ja=nkXRMl45yEk?2%02AR)quq_#>&Dj8CN?NlazN$d=ocuTGDDUoy;rp
zPNqrrW}z1<DRjzjz7ZkSwTnhRlY586`0kSBYK(8f7ptbc%`~3*R{UGqB#C4tHB?VK
z!z3~Ih^o+qJ;Mb7@1oBnb??GM=U!Rz`8Z=G4yGP?=b@P3y5e#9VR(0HI(p%t$nFVD
zRpr<1#XsKV7>@8OQrzt8ak0m2aa{PZ%4as8;@1)WbeDvEU6h2vPLLlPb;844GdY9|
ztkXK3V-VFa`o*o-ucxE_)YUum=Bjmt$Y%o`<{Uxi+_hql>9sq=2|Z6z=7pd!uZT|C
z<cmc(wki$tQ;aFTORejB@~N~6NLN_x-b)o(Ivs1mk`7pwM(Gr}G3Ar`*my2u8Op`3
z+b!E1;vi%Pm28V0aq+0DX0uY!@aj`5Z<m?h+8$Z^bo9zz2$Mpqb+zdSYgF>bUJdm&
z)t>2!^yO%4E8n>q6{;#rl?NhzWewAh_hNnfOmj!N%?ypodcNkk51^=^Sfa$|2f=y+
zu5G=yglBr&XteHp>v(Y@5udPFZ6YIDQ{v$6{Mkyd?|8t#N@x1;w)LSV3FC^Y4%_97
zR^nPj<+GfMyJ-ZOk&hoKE*4V>IvG-ydylnvWxw|A<iMC=2Lff5?j>FjFzzi@if(17
zJIm4Kd^Y9V>bZOUU#ND;xyEL7)$HOql~jG6Iv~hdMU<*NJ|~|$gwB0s(k?Er%VA-t
zC52H7U6*nGpl4j_SyFMqeM)!yE7=@MW8Hy#F>jNyi>Eaz*GvcNiFSFp=HC<8w}z6=
zCzO2IEVim$CIs?kyUGpAFIQJgR`lo;%p7_fSHG1?lUK=Xy5^YJn{`rjYD)FY<y$RI
zrOOqjBMew>?MEf>lVc`Pj705tz~fNM=|K}|@%KI6PyE05UuZSaaAwX~P!E6-G`0Ds
zA|K9vy2Do#wL3tHI=>*-iMthbE5`T^w*Don^656Z2%G7a&SRH*_9a|JOC7l{Ul}L0
z>nLwmU{5{T*71GXW8Jy-?eG3Ch|k~o91~Fv5H|5oeN*NmMi@J%V(9Im6tls3lR=>D
z*t!zUc+OREhXeIQv6`wY43MrRuXvYS&>It_t=BqZQLd}IZk>I*HTlfrNR9qW?|h$1
zylB|V2!+B;LUNKF?_rt`IrQq<Z1pVWq=;=%?VC^3Uhfv6VAfAt4{`|5)b+<*nB<7=
zBORGKbz-NkR{KM$%DQr5mpL94^kwnf7uIl{h$k7E+_k!1i%0B<mrl~0DUwwikhje=
zsZ_RgL<<&_sN^!a9C;D`lv*NZZqLg5joz<P3jqnZIZObNy~k&K^g=?w-dvZU#WyO?
zxZQ@2yHCzrl}65nlomxB2=!9YG$^|f>dKvq9UCY+MuSgSIQyp(5>I_{qrfdwnfdi+
zr45gp?PVT4(;=i-QJLmsToBE`x<R*ZZ>OGaRi{>ut9{h|0(aCo4lhp@Rg<9`cOn_f
zxJtwtK9|jGowUu<-&eO7Dg401elQ>PC1)PR=Yw10R4zT+9sZO`g3GAcF7n_P?kcy0
z=>C8YB^^|=yt$^SAL8REgaXcq9hqtB?-XYCX^&1Gd|~>1H-+)R#C>yHoVSX&zns05
zDxp#Q?ZxL!d)Ge%J`b8aV9TAXVI2;*TjEf4(}kg6s(EWlWR8Yjgom?w?7s8k2BXJX
zWlN8R;YV$tM2M^Atuk@Hxr%`|#qkO!vKna8Gu4`Ju=w3w&g%}OA5D+HkaC3@(#G$_
zw=sX}?N)ItY~6VC73V5*_Qu5(yW`&Zb6o=8b6WYeg`PjwPxLFU=C&+VW%SaeKcd!L
zG$>y{-H(bXyvOrF;7O<ssW(G7w|Bt8eyH?0UzVs7=0c#r<V)X)j^KsoNyL%Lc78kI
z*?7{++x4qYnaz`N2hF1<vO;D<^p3MA*RX`_@%ka<Y$F^;4Od84hqbx=b;m~8WBz!H
z`AN~Jv>Q#1@p~N9_jH6VO3GYGa%|Dr=G4;3j-0=}`EI*1ZA#CbKC{GS428Z^Kra#X
zZAHR`WH{rOd(L`zRiF1A^{&E)F9*f5-Q%a3?K?^o0`NAA_I%QKMb*mT6QAtaI|q*}
z*dFe_N*J}~;KAzNe>BJcF?!)ESM;aTbPre@o)q(<cSgPzYej#rO#Vpmt)43Dq``<P
z2djO9bc+U)k$2qJ`x@Ck^!@Kjh3ugR$3o=W1-<oee|V}ZHZ;hbq=J7x&!>IbsD!k^
z`gt&>uxBWLHeR+-_G|>2V5h)F7x~KODn7U(E^pKH5^=)iQb+{HaXY&FP5&tNYFVtQ
zW1H+JoyH|jXTJUZ#8K*UyR7sMAETp$3ugye{feL02YGmgjz3(9>s1>W6YtN8({`QE
z2w)XUq#pMSXXX+W+%%6T?R-dj?(@uTB3zzEaR67?WjRJct95AY?6sN-{Pksnv;jTQ
zz|N#K%6^_(Rv&3naE6?P{U+s0LaQ4|Qt16&E*W_l6zBV<&7^u&TRQmL%C?$DyVc|`
zy;~DDmFG!S58isZPtwHRYX07&W+`<C?Ff}jCJVZz53hTN_BwN_+EcAQs+tb}mVMi|
z>K?Wj#WSxDJCz0m^}A@yO!QqBcuxFMwGmp=KxzxQ8>dEmRKJRANZs-vOoaJQS3Zcg
zYt|;ovyWi9atxL@EIC=$^%MBzqQBj5%?)~fKs!euEJ5@<6-DdKEOrhN-*`HTH_Hxz
zM7pI6in7WAAMFE^%8frl4%#--NZcRFIVc@B>yh7iTXxw+3co06cY`M8@}X9%E2}4V
z&iUi!b1%nMUBJA5!npAy?QY_+Ykg_A7nAGOavopO)lph2e<&n$x_L@iMUoGrraDsP
z=l)VU(FoJwpHfbYmCTd#FRX}A_@Gy4rZ|3$@!CNgf1&H6z@qn8mLA}PvXA&OsMxgo
zC6~S&z$Uj*ur?b>uU79@8KYj`Zez<p6PGBH`W305p>FHLYo7))Z1q{?haa&q3Jb0n
z-Q|jk@;>GK!smw5-e>sm^?9Ae>oP~hf-X%vl*<nuej{>GaO%&LZmcI~So%^!nvm^@
za^ma0D%to>sx+sGIV=4o4vHsYp;4tHBR@VL{JI$ueE#sq?#iwnyUF(n$|*;Q3!A&3
z(`j*EX99_e2P7!nZ3|oQ>Ei;+_l-ycC!M<Z*{_~4tWas=axPZC8p_n2{<g4*w;995
zV_zGw-?+`sgI-95N>vM|6EpF^p)gLeC_a|^giX0|l8+n79u<~n5r&Q3`>-iPl8raN
zZjga>HF?K7+t*d<HlObH^#cua?m6@2!J2+@5SQ{=*@GTQR!f0-dX{4C1Li|pTtfPb
z5lqRo^6psQ+eC-l6XM@{yoJOPzYcU3Ta_l1T;Cl)2wYe;FU#i|oa7QZ@xGPw=<2$;
zt`Fsq(q1UMg_>v?k}J?;@7>Z{**B^=+*f=&DQu%`{Z6DcQ?y>LW$ig@m(oH)GIi{P
z>Y1VXnnA7Ls+|?_$yn$EF=OQE7DPBT7e1IO`z>)!$tI6Wn~pY#8j?<y!iG9BTsXPo
zA=>SHkF8+bpu;V%Wtf{wn=Qb<oqG<IOx?)J*wk2-%>};=C&F*T{1`dz3U3PJz1!{o
z`uFa?TmV0q^mW%zb1C!3U@r%Sj;0~DRNXEj7Pv%!O9Z$?fJ+3pM1V^KxI}<U1h_<i
zO9Z$?fJ+3pM1V^KxI}<U1h_<CZwZJJ0Z}3#N(4lSfG80VB?6*EK$HlG5&=;nAW8&8
ziGU~(5G4YlL_m}Xh!O#bGazvWB+h`u8IU*w5@$f-3`m>-i8CN^1|-ga#2Jt{0}^LI
z;tWWf0f{q!B?4F?fF%N0B7h|VSR#NW0$3vdAF)Iv(2DYye}WvK)9)Y+Nb?uV0j=nO
znTCx21<wJp`~`GCE1to?Ob5scf__mQ(25F}g|84E`Tleo(tZG$z<3Af^iRG6vh;f;
z8YPSQ2&sOnht$cO2Y7cJne+e|8F`}>?J@s~_JBsAFhAd0A!9U38uK^k1BClLh*ng@
zkiic~tr7MET2UH<;2$6hNE@vvi+N>(R2IfSAO*lA2uKBuI*XZbfmA|}O(Cn}c91sA
zgg{yaviutt0<v-DgUtMqtw$jZm=1wPIbePRA|Tw~2ocDUe?cOUf08*75Kat@lEOe5
z<DO_m_}du5Bg6=#mM}B|IT1290$C>yVSlkBAXP|93$k5<Pr?xc6C}`zXEDnLXp|y`
z%#lF$T7%U3Aqb69z*v2RuxOMV24@J_{Dw*(TS%cHGcOl3$`O-?d_b!ImM;ORkO33O
zapW-wWCAiJQzp<TCkzalfHXQFtr19FCKECt!zR$EGZ;t<sSVNx@)(3W0jVS43CMIC
zsS5(1Ku!%Z{yTsI*+Jkr(tv+qD9|W-4AMqw$Wk(o0y!Rnq(Cc5Vh}0?GE~T53dr&&
znF6x1glr&_b$zs=6NX<7S^pDJ0hz;$3S>8Ah3I)m9a3#Yqhv5ykR@a#;!CcNHl&JB
zE0EG4?WLdXL8ezg=45;YWNq6BVG)1@WG#(U41ri6L+&@n0*#Wy!0il=GPI%$2C{9n
zLMzH)ep4-wWoShdhRn8r3^$%2eMLS;xbKf4z1a722@11_jDCc80jd0Z$O~k^Ak+(_
zSIdzqBZvNpzd(lSuh<6UsE{G~)A~0F1F6$57zSj3&@hm~5FiHf-3AXU9GQv%nW>CH
z8ZZ|FvOt;wjg+wj!F?f(=~sl??-wHjS!b&c;b2Y%d=(iYqzvSokc(R$u9G~5%*;Sq
z#tG7U1}~MuAm|LFyAgT@r1E!s268emK?8y>L%65lOK7P9X%d8`ffSG6G?1R^gw&D6
zKdBn<jX@RWY9K|C(HfBTKiL{chbtooK8hS-VH47XZ!}2D!yO2-Hjssikhuh;Mh0#m
zh5n7X0a+q91TuF6!o%PV<bR=%Q8%&~%-?`cH^XNNLH4!e+k@FJ3<so+a5#{0fS@>#
zf+UNOdLvx~okE}-NGp=L9LS00Ss<VAxPjN|J#0c+R1$8>(=et3GJtTaNWc7Kbs&Qc
z#&wV{F7v-3J0Sc|W(R~rpdFA&u{LB5V>=)`%<Ul84DJ(I3>n{n90ED#zaSpSK>Eq?
zKw7GVeC(6IaUKwUa1uTW4D^6(eiA((wIL-)4?_B}1=2u{^l#7}$jKpR1Oq;hn*nlT
zwT9qJUIFtzQ6ETs;N9U<{wMK++z9Y34<65OGyFn-AcYMg*S_pGq_zkH1j1`W+VE`#
zE((4cNh60tXdsZmFB}MRcY-W_BSD~3$o3X66$Cmphx%D|BZPwt5jY5hH--%Pf8Kz}
zh!E&hg*SW|;K`H_ct;^f3o@%eO#UHLI?1CGzQ`=cAhqAHPUPx_d7b1<Hz7l0A6yrt
z25FvGN5&g`yEFXF?nEvIxJaP@$dnB5M7AnxfHb<0^F&$;4oE<*p*~0prg<V8u0W@L
z))8qm`cY&Xc+j5u3HC&41G7Dm`jR=L$XJKBf(S_SAUpi5`PA=PD`Y`N@GU_BQ$jw)
z6Pf=!#sB;ae?UfLAPG{?{4uzt$iKh1B*<_>IuWLmKnC={et<_ZupeMR6|f&dfc*gM
z2Vg${`{A!AF|Z$i{Q&$A!2baJ55WHb{12tT{{X++!-!JgfB26rB;bEQoQYum0`~oZ
z`3o?A0p>5j`~{gq4(tbDKO8;`<}VPz3lRSRTL&Qi0mMIm_y-XGfPteAK>P!Ue?X$Y
z;Ls=#|3Hp?`WI?hAbt{w3<L3#Abt|WPyW^>1M!n^h#{~aK>Q?#p9J|AApZj7U;LCD
z1^E{s|KcynRFHoG@-IOC1<2n7`I~UM3&`ID`J3c-C6K=f@;AxS?I3>><ZlB0gNJA6
z_`?-s>ILv0$h-x>e*pXkz<&VzhciR<HG^8gRXZ!<lYsvK_z$X;!zVu31AY|XM*)5m
z;70*|6yQezeiYzG&G_Y>vmRd62mDFEpER+zng{$zz@J?E1Y-dKe-iK~o9w+?dMo=z
zHHZ6(j|2WB;7<bnB;Z$XHH~(w$pd~h3<C!IYQV1s{OWacT_3=&cK?s*N-*jg@T&p8
z8t7k?0s8?`1^O32{{rY=0R0P~e=+@+!pHvtf0ABZo2{P3oD=~x#s52KiXT4g?|j(%
z{P~NA-OoF_cq$#%F+C|`W2x(DFMU$dO8TUmy`{UaRgh+&L6FHg9TR0``qA|G3n^Eq
zA#MC#d>iwp-fk7g!q$y9UvaK7XK!3wu{-XaKi4JjJ*SmlTj=>?{Y1awYHrI?RYose
z`Xg%1MT7DM)cvTK!h1X)1fGQIka{zOb9)CY?1xI9^JR(t7mAQ0a!Nq=4d}iB-IgCf
zw*>=qTYzp0&}{*JGobqhxa%9p^g7_K1MWKDt^@8m;I0GR*k7(ez+DI2b<sdr4;^sV
zf$lueoqrFwseqdbbmtEr{>y6uxa;14yADept3p~@knP%8<QY*@fk!Kz#Vi{D?mA=x
znE>uO;I0Gi`WA#2(qBZRIskVa0^D`LT?gECz+DI2b--Qkgwzo`*=b_VN`DEmf>fV~
zg(87kr6VIhK10@DH$#HY9|raVupbJ>4LaQNT84rD0r(%RARMqCfc*gM2Vg${`{67G
zGH;jzx-G~oEu;ZSBeJ+s*ic8v;KIor57BOCgsKEt0Q*4}Zl1&BA25Fb><1}eKLGmy
z*bl&d0QLhsAE6Ct0sEn70hyQZKAZ(~-+=BL(0v2CZ)g+>=)M8nHw)-=ejU(#1G;Z8
zgEe3U=)M8nH=z4wx{XFDVCo*W7y;ck!;L4%96lOl5C2JFjv-O7eLt4~`@sg-55Rta
zf&L>;f&BpN2bj4+7zOqNupfZ^fXHH2UBJA50s;F0BXd+N2<XNF-B_R-3u%@$KpI_W
zMJWs#=*9xwSi3AV$^ip(V}Wig(2WJUu|PK#=*9xwSfCq=fvk?(LE8C1Hx}r|N+Sr8
zS&w{}(}lvwF1twK7bWe`C`k;2MJvM75{fby$hOrA4eSSCKLGmy*bl&d0QLj0A28~{
zTTdZVNnk$!`(dct`Y_O)Z^l4)2<XlO-TA*%(SU9&{Py%)H<n%^>YwUayzi)Y6+V19
zD4y*eKh134QKArlw^_93lg2CloVH-^96YjMd${{59P+@ygVnwNXpaA5^ukxJ=ufBV
z9<Vq(Ddt7*jC?KDivC`i{E^~YJyq68gAr8@Rx;dy$;dnI>wS%EANu}xr9$@5gJU7`
z?SkI=w?8~ZsMO3!D){&FeA=gtN=O^5p9f<Kdxr97<7FFV&qkmLb_#5Ck*{p7;)5&V
z@-|H`5hq+Og+y>1x1)ny22t$QvRG5cHrY=)jZ2))eEa>0qtxYgS?RxL8Cd;_pVtTd
z3{r^eRT~)-@6U?UcAd}&U=>TG9`_7q<`Na$G><3kd`Nok^UQ4`T%Ja809V*$IYvRN
zb!hGEH5dYUec2#wKo7=8C#_NT^W3ufNRxsy<SgtrDPIy=-AIx`@Aq=a$jhKO-#2Y0
z)vMal!Qb{vp7qkZHDObEo>b%sy^s8WzBj2^O5H&_LM4;Qg0AVq>)xTg&YY_DRI87w
zro+Ew-}Wse5;2~6eb}iqAgJF(V`if7y1;Ydm#U4>ng&u^$lW+K;-mUiTtn)X2Vo-2
zf4cHPv|Y0{NuGTK)0Jbe#9_(FvaX-NFBkpoers;f^8?yB0$~ZF=cy=KZ)UM`i1^0S
zQM_4p2qe-iWl)d>R1c8#*ALn@(n#DN$~h<<hrEH`{{8xWgC^$kp;oIat0#8O`Qzqu
zFUOLn`WZK#q}@$CcC9b%_F{6~TF&E3x;jd0<qw5~PB%{pt4Q);)Kq`wBqkbRI{Z`0
ziLsJ-a{h%C5x*dc*BGxI#PJupJ_;;)e`V<bJ}CQ$FN2CryI*qY%K>b18wG2#k@RZy
zew8um_3bvc3^Z|xGO1sY3i|bk%dpjFl^=e@#waYfVsw`)DvJC{e8Xw)Gko~^yw2iv
zWFr33v_rZ4;NdqS7X_#OOzFmYa)zZZHKYmIo+u~2?yHiG@1#om2`u8EfN@1pWLD9^
zf1-*Klv9op7dCf6r_<uT&IA$_4@gkD+ZMLq)5ist?;DW@PC9k*vtK=9SfSF!<y@?O
zHI%74{cT|rZ!?CA$G$dVzj2$N2fdIAm8up_CuZV-Lt&g`QG6`-37c}`Bp)}DJt{2E
zA`Bb5_hD0pBpWXrpU=R$n!Mwk?dvLan@@N9`hmYO0l1Xc${zGcvRVqv)3X$7A21)<
z;(~F65lqRo^6psQ+eC-l6XM@{yoJOPzmnw-5=yS`4j=?BESs0*a}7>%3BhWioJUs?
zv2n^FrM*yi3pLR)Bv;@c&x)k5jk5JSk=9JndbyUh=d4{y3kk{8u@kC)pVW?pJ`gj0
z#lnRTrpkUxoKv#N<I<+1O`?XRlaa)IhF^L6_t<{t>~nKzvjzCKbI+lYsT)}tn;Ofq
zxr`b46RGJ(`7v_b72XtF#*4FVnOxdJwEOG#kg@$?5td_=Q>yBy%yEP1%dgIe!fQ4e
zg=ks3D0iJ#=S^p{h1U%DtD<fgGYSRl+Z?|*2(Kw?pzaEf^j2-Y+ee$%VgavN;f6~}
zhD(aXC~{Z9Yl;@a;1oHyK*4X#Gvz7N^bmnInR?GuScF0rlVNlTQk4_`NmYI@>Fchc
z=2GU5QNTYsnugd?b-RdIV?!+ldQN(H5rd9476*SXz<&mGyWvm6Y#BWKMd^dnQl}_=
z!8Joc!TekYt7aBJIe%*JYYS7(Q2!|l7R~8D`E_RaZhaBSxns;BsPhQdlliniDKh?s
zRE5y<w1H=i*Up_hDvC>rG_l8bjr>U((`3Km9eeR(;OdW6{}&tLm%d-BUYI7l-E6Gr
z#RT80=nZ~RF*b*3+*4aght)yBC&oqF#qZgwWH%M&-GsD<M8yAbd;HgTjj`vw>vd1h
z@EP2Rl~vLEFztXXe1CrA7N6VKwGpR8rDL_V3so`oJEa}{5?&#d9e?i3zdAGbEQR_?
z6J>?b4+knW(w0c#^+uMBapgpXAEFOA!iv4}wTt}t5)$H;b6@E2DF^BHJ#ecXt(Vnv
z9M+)NsGd<06QW%`#`u}ASmi1q9gudjTo1!;%_JPWpWic1p4BX0C<?clb6c^2tqHpk
zXQY`ro`7X$YBZwKJ$EB3xnU(p+f~~^V5%v!E&K`7s84NN&pmcs{fL^a1%AaGm-rR7
zG@1qDu;uh+EHUsYciw9rIg5zNxgkQu{(VhNqV@z|EmXORm)*i;g|2}^3+1eD3!f)9
zEi@kW4pAPg(YoK@A#|pIPi4Km{21l-V)o+tv<aVtAya~z4yv5j%Wf=O;cPpbTQyE(
zjrW6@`%s%%nR3kCbn#|ohtEeJ;%dh<x0)x1o>yCaQB4%lx@xAR?kE#Ndq^S1{d<-p
zyD;@V=aorpSLy*_8<C~%s-%^*l5WfW?^Y{1jBE+lJpG%(3ACf!e;g+$<_MC$Cu(F6
zf-lNdbFWlCs`V(X4S4G@7Q53-Ls?)HL?Cv2Z}E^?eN{+pwo%tos4^z7G#fY3Ai<zU
zAYJ!7-=f5#QWJlPp19&bC>pk<D)6sf9LywPm6~hVk8V4^5t9^c_<r)kT?4*_df_E$
z*<@cg`;v!#bV-Ji8ZW*aR~y;1j-JOpW@c=)ex;e(!r!Sm#mHRqStL=06!SV?m~u_c
z=}=gm>y?hX%bJ1-{&qbBDix)j2h(D-;;ha2y$yPM?t3<lsV44S;_4pJ_|W!a@peek
z!nyZzQXXtVr$Q?`9tppY4_)Nh)3&YA<CWk3=yKi;i85vOQFTg!4rP#~CvCrSCM}mE
zr~C^-ZtjisvriWvhwr|zub$y<Ht9AK`;|}9f~R;b+VpmN*hh{`%e`u6EaHFK$ay2=
zF)@plw?65XbMD<%dWLaJ4(~jgw9KB>(_B_pQ=47rK8>@aXm+$Ht?(=E*h`(S-@Vut
zRF^SCH#QOyO;c&aTyX%$I&q?fnMXi;HrtPTk9ZBfXGRRm!*S%Hz0UQUj%L0yo}v-6
za?jHH|6qynm*%wd7Zc1eQi*@dd$F8`?${mPOHGR2`m)742TUg-szY|Uz3sYrvsl@U
z+cbpPpNS#k)HiJKpFswn-jqgOXPeB?30KGu$>xxl_%8R@BgEz+(}mf10?(BoUM_1n
z_v-bLaxUT9^CZpCsKPWIm7QekeWdD4H3P51uSe<n_ISyxTO{^kB4~P4dDJLp*i@g$
z)%QkIEa7pRF(UScyB67=9H`43LH#ki^8J#p2_^CJ`0%46ql|ZwYR;t5i1o5AH;rlT
zR<#MO6CM?;wS17I-Cbpm!5>$<e3I|fi(ZD&gQlA6>^XPZ<IvL9AG!z9l1pQG-br+2
z(Fs2yWh~eGXiHUXmA!jY=dRqt4qXjcJY%dZ?2>V{V=+m2x5PJb6Q?Du7SqYRBJX6H
zWN#LFp^`$U{N@`GQeC@f<TJT<NR00;S+2(TCVa7K%G*rinQz6vrA?AZR#HRtv@=W+
zgO8{RUDz{R5b!SgOj7qQJaq1rC7+KoR^njlk#`=739c(1mmh|Ar>3J94vOraz*JR!
z-Cq3TU5?=hzaquWz8)8Q%ofLmAFF(3^C^BE;ZJu-*w;l#DC`9Ju~8>H+%=O!$iO<S
z(>VrF4WnP&iv4;z>Q7z0LvOBHSBQKz&|%IIbk1EX_LyF~L!8j_BxPO*8uN<iq)on9
zgk!7HFh9kZ;=9zkz9*kbtAKQc)$YAik)_kICM@ZIWoeX7ksDJ!sgI54GM1rS?7H2u
z%^?m#c2LQ-*bx_xx@tBn6%DUGweohE`K|4dwNFQ{?1eBXv|3l2ey~O*f9%yzZ&U4=
zu1H^wwzl$}t5Kn<vQ&8>;#bx%{dh0dx6d?pq}$BUsI2E}j{5+L3W_C4e0~tDH{jaV
zdrNqxw~a>Y&bN*iClc`qi`6DFqBSKB?#`dB1pAH$46Jmf4{uu^YLYOnsOqp?&S)jB
zMN~e^skoa)kQw>-k>X-8m7tR$Wx4lQi&yq*-%bvU8FnC0X6aty1p(vUVx{O-hPtyH
zUCw7yzOA0S*Z+lTmz-;CR#(j~o>NKH=cxmNoK-}r+T(NbxkKpOS0?S^0=pa*hFVe>
zwa|4L=MQ?urJf}f7u=_G$G?)zp)}SV$QScADZ6-DqjJr3u%2j_muvn#fqiQz>3l-T
zm(60U+GRo@Z?>!4u>5j$#biZ~PQlEfw{i7bsWf?&%%*FOiM?4TMW?1z&s@IM;#9g^
zVLHNq<<@>w0zWxs62(Z=jt4vrwVWO_krsd7<Nd_{i~ogI6AfqPoCWm&C_z)3e=73f
z?58_?MNzv0q^R=?a-FzaQMY1@?_ld+vMQf$ql>VaZs|OBxo2O(RkYNR`|_1>QoD}w
zb_Mp-qir4Er#;r4Yv2Cv|AP4ZozF25<p5z5|I{~SK4OHib1H`39!fDAoHrQ+%8soo
z(TwL@6?ZsLPZX=Ey21eITJnl_$pyVJQQCT~GZy8#y6e{2w_B6XJdV`pzx2-csl<zh
zy^K&O+$1C?+3_Bx`H%xd$W81A^HE=N=28D0M9BZ2)f5LV5#SO5E)n1o0WJ~X5&<p|
z;1U5Y5#SO5E)n1o0WJ~X5&<re*^ttrXak{MDw+mmH$q*xbFpIsWyfgn2@7ZcR6^pZ
zPi_>rWhyhj{;ag&akIV5qh~sV6e}vzoQw;i8CW;y_U-M|)2-^%>T$J?+F#&~I>+JV
z$)aj9bmLAWV;NV8Si|SCnXQwydHVb679)ip0GG&sh5b<JbG|H5C(MOFfytM?6CJ?|
z&y$EFmF@g?!n5(Dm$&OzpE8>#;|`ifO=N}4hUgt<QLbSL+2i#?%GpLZj`|8Uq^rZ)
z-2S>_qwFz%yv6*aXjIybCdc?a4(fY4LKh`vt|U3O=xlRp>10RF-`;$;U70qe=T4tl
z;xdLp-zfl5A|OfxM2UbX5fCK;qC`NH2#68^Q6eBp1Vo8|C=n1P0-{7flt^hLaEX+O
z`^{AhyeW=XIFZ#rlb)&8e1paB?s8stAcztHi8CN^1|-ga#2Jt{^Y7&F{OiOS`u_o!
CvIQsr

delta 97
zcmX@JkM+SsrVSOoo9(66F}f=#l&2=8=O>mZq~#>0E0m{KM}{O<_*LcP`nzP8_=h+e
zMP?cpMCFEM`Gn+T`-fzgL}j@eMrI|O`sIci`(`<sIH%j%)^5_RPyibEOM;OL0P&+D
AZU6uP


From 9f7f68f1f4108d5d65a508a7e7beedde2643fb32 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Thu, 23 Mar 2017 20:30:23 +0100
Subject: [PATCH 03/22] wip

---
 .../owasp/webgoat/session/LessonTracker.java  |  2 +-
 .../org/owasp/webgoat/users/Scoreboard.java   | 79 +++++++++++++++++++
 .../src/main/resources/html/Challenge.html    |  2 +-
 .../resources/lessonPlans/en/Challenge_1.adoc | 10 +--
 4 files changed, 82 insertions(+), 11 deletions(-)
 create mode 100644 webgoat-container/src/main/java/org/owasp/webgoat/users/Scoreboard.java

diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/session/LessonTracker.java b/webgoat-container/src/main/java/org/owasp/webgoat/session/LessonTracker.java
index edd0d1483..3d16e90a8 100644
--- a/webgoat-container/src/main/java/org/owasp/webgoat/session/LessonTracker.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/session/LessonTracker.java
@@ -61,7 +61,7 @@ public class LessonTracker implements Serializable {
     }
 
     /**
-     * Mark an assingment as solved
+     * Mark an assignment as solved
      *
      * @param solvedAssignment the assignment which the user solved
      */
diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/users/Scoreboard.java b/webgoat-container/src/main/java/org/owasp/webgoat/users/Scoreboard.java
new file mode 100644
index 000000000..f6809852d
--- /dev/null
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/Scoreboard.java
@@ -0,0 +1,79 @@
+package org.owasp.webgoat.users;
+
+import com.google.common.collect.Maps;
+import com.google.common.io.ByteStreams;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.SneakyThrows;
+import org.owasp.webgoat.lessons.Assignment;
+import org.owasp.webgoat.session.LessonTracker;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.serializer.DefaultDeserializer;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Temp endpoint just for the CTF.
+ *
+ * @author nbaars
+ * @since 3/23/17.
+ */
+@RestController
+public class Scoreboard {
+
+    @AllArgsConstructor
+    @Getter
+    private class Challenge {
+        private List<Ranking> rankings;
+    }
+
+    @AllArgsConstructor
+    @Getter
+    private class Ranking {
+        private String username;
+        private int flagsCaptured;
+    }
+
+    private final String webgoatDirectory;
+
+    public Scoreboard(@Value("${webgoat.server.directory}") final String webgoatDirectory) {
+        this.webgoatDirectory = webgoatDirectory;
+    }
+
+    @GetMapping("/scoreboard")
+    public Challenge getRankings() {
+        File homeDir = new File(webgoatDirectory);
+        File[] files = homeDir.listFiles(f -> f.getName().endsWith(".progress"));
+        for (File progressFile : files) {
+            String username = progressFile.getName().replace(".progress", "");
+            Map<String, LessonTracker> storage = load(progressFile);
+            LessonTracker lessonTracker = storage.get("WebGoat Challenge");
+            Map<Assignment, Boolean> lessonOverview = lessonTracker.getLessonOverview();
+            for (int i = 0; i <= 5; i++) {
+                //lessonOverview.e
+
+            }
+        }
+        return null;
+    }
+
+    @SneakyThrows
+    private Map<String, LessonTracker> load(File progressFile) {
+        Map<String, LessonTracker> storage = Maps.newHashMap();
+        if (progressFile.exists() && progressFile.isFile()) {
+            DefaultDeserializer deserializer = new DefaultDeserializer(Thread.currentThread().getContextClassLoader());
+            try (FileInputStream fis = new FileInputStream(progressFile)) {
+                byte[] b = ByteStreams.toByteArray(fis);
+                storage = (Map<String, LessonTracker>) deserializer.deserialize(new ByteArrayInputStream(b));
+            }
+        }
+        return storage;
+    }
+
+}
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index 76398ed1a..b6bc7f41e 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -36,7 +36,7 @@
             </div>
         </div>
 
-        <form class="form-inline">
+        <form class="form-inline"  method="POST" name="form" action="/WebGoat/challenge/flag">
             <div class="form-group">
                 <div class="input-group">
                     <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true" style="font-size:20px"></i></div>
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
index b1d8e837f..3a0b7ee9f 100644
--- a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
@@ -1,9 +1 @@
-== Welcome to the WebGoat challenge (CTF)
-
-In this CTF you will need to solve a couple of challenges, each challenge will give you a flag which you will
-need to post in order to gain points.
-Flags have the following format: a7179f89-906b-4fec-9d99-f15b796e7208
-
-
-Have fun!!
-Team WebGoat
\ No newline at end of file
+=== Admin forgot password can you help?
\ No newline at end of file

From a3d2ed171a34737475f739f883051e0c790b7bf2 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sat, 8 Apr 2017 08:04:16 +0200
Subject: [PATCH 04/22] First steps for challenge 2

---
 .../org/owasp/webgoat/plugin/Challenge2.java  |  31 ++++++
 .../owasp/webgoat/plugin/ShopEndpoint.java    |  71 +++++++++++++
 .../webgoat/plugin/SolutionConstants.java     |   1 +
 .../src/main/resources/css/challenge2.css     |  33 +++++++
 .../src/main/resources/html/Challenge.html    |  93 +++++++++++++++++-
 .../main/resources/images/samsung-black.jpg   | Bin 0 -> 12078 bytes
 .../main/resources/images/samsung-grey.jpg    | Bin 0 -> 11227 bytes
 .../src/main/resources/js/challenge2.js       |  33 +++++++
 8 files changed, 258 insertions(+), 4 deletions(-)
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
 create mode 100644 webgoat-lessons/challenge/src/main/resources/css/challenge2.css
 create mode 100644 webgoat-lessons/challenge/src/main/resources/images/samsung-black.jpg
 create mode 100644 webgoat-lessons/challenge/src/main/resources/images/samsung-grey.jpg
 create mode 100644 webgoat-lessons/challenge/src/main/resources/js/challenge2.js

diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
new file mode 100644
index 000000000..8bc916874
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
@@ -0,0 +1,31 @@
+package org.owasp.webgoat.plugin;
+
+import org.owasp.webgoat.assignments.AssignmentEndpoint;
+import org.owasp.webgoat.assignments.AssignmentPath;
+import org.owasp.webgoat.assignments.AttackResult;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+import java.io.IOException;
+
+import static org.owasp.webgoat.plugin.SolutionConstants.SUPER_COUPON_CODE;
+
+/**
+ * @author nbaars
+ * @since 4/6/17.
+ */
+@AssignmentPath("/challenge/2")
+public class Challenge2 extends AssignmentEndpoint {
+
+    @RequestMapping(method = RequestMethod.POST)
+    public
+    @ResponseBody
+    AttackResult completed(@RequestParam String couponCode) throws IOException {
+        if (SUPER_COUPON_CODE.equals(couponCode)) {
+            return success().feedback("challenge.solved").feedbackArgs(Flag.FLAGS.get(2)).build();
+        }
+        return failed().build();
+    }
+}
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
new file mode 100644
index 000000000..fc0323613
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
@@ -0,0 +1,71 @@
+package org.owasp.webgoat.plugin;
+
+import com.beust.jcommander.internal.Lists;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.List;
+
+import static org.owasp.webgoat.plugin.SolutionConstants.SUPER_COUPON_CODE;
+
+/**
+ * @author nbaars
+ * @since 4/6/17.
+ */
+@RestController
+public class ShopEndpoint {
+
+    @AllArgsConstructor
+    private class CouponCodes {
+
+        @Getter
+        private List<CouponCode> codes = Lists.newArrayList();
+
+        public boolean contains(String code) {
+            return codes.stream().anyMatch(c -> c.getCode().equals(code));
+        }
+    }
+
+    @AllArgsConstructor
+    @Getter
+    private class CouponCode {
+        private String code;
+        private int discount;
+    }
+
+    private CouponCodes couponCodes;
+
+    public ShopEndpoint() {
+        List<CouponCode> codes = Lists.newArrayList();
+        for (int i = 0; i < 9; i++) {
+            codes.add(new CouponCode(RandomStringUtils.random(10), i * 100));
+        }
+        this.couponCodes = new CouponCodes(codes);
+    }
+
+    @GetMapping(value = "/coupons/{user}", produces = MediaType.APPLICATION_JSON_VALUE)
+    public CouponCodes getDiscountCodes(@PathVariable String user) {
+        if ("Tom".equals(user)) {
+            return couponCodes;
+        }
+        return null;
+    }
+
+    @GetMapping(value = "/coupons/valid/{code}", produces = MediaType.APPLICATION_JSON_VALUE)
+    public boolean isValidCouponCode(@PathVariable String code) {
+        return couponCodes.contains(code);
+    }
+
+    @GetMapping(value = "/coupons", produces = MediaType.APPLICATION_JSON_VALUE)
+    public CouponCodes coupons() {
+        List<CouponCode> all = Lists.newArrayList();
+        all.addAll(this.couponCodes.getCodes());
+        all.add(new CouponCode(SUPER_COUPON_CODE, 100));
+        return new CouponCodes(all);
+    }
+}
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java
index dda05d492..5450e02ae 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java
@@ -9,5 +9,6 @@ package org.owasp.webgoat.plugin;
 public interface SolutionConstants {
 
     String PASSWORD = "!!webgoat_admin_1234!!";
+    String SUPER_COUPON_CODE = "get_if_for_free";
 
 }
diff --git a/webgoat-lessons/challenge/src/main/resources/css/challenge2.css b/webgoat-lessons/challenge/src/main/resources/css/challenge2.css
new file mode 100644
index 000000000..7bca52cbe
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/css/challenge2.css
@@ -0,0 +1,33 @@
+ul > li{margin-right:25px;font-weight:lighter;cursor:pointer}
+li.active{border-bottom:3px solid silver;}
+
+.item-photo{display:flex;justify-content:center;align-items:center;border-right:1px solid #f6f6f6;}
+.menu-items{list-style-type:none;font-size:11px;display:inline-flex;margin-bottom:0px;margin-top:20px}
+.btn-success{width:100%;border-radius:0px;}
+.section{width:100%;margin-left:-15px;padding:2px;padding-left:15px;padding-right:15px;background:#f8f9f9}
+.title-price{margin-top:30px;margin-bottom:0px;color:black}
+.title-attr{margin-top:0px;margin-bottom:0px;color:black;}
+.btn-minus{cursor:pointer;font-size:7px;display:flex;align-items:center;padding:5px;padding-left:10px;padding-right:10px;border:1px solid gray;border-radius:2px;border-right:0px;}
+.btn-plus{cursor:pointer;font-size:7px;display:flex;align-items:center;padding:5px;padding-left:10px;padding-right:10px;border:1px solid gray;border-radius:2px;border-left:0px;}
+div.section > div {width:100%;display:inline-flex;}
+div.section > div > input {margin:0px;padding-left:5px;font-size:10px;padding-right:5px;max-width:18%;text-align:center;}
+.attr,.attr2{cursor:pointer;margin-right:5px;height:20px;font-size:10px;padding:2px;border:1px solid gray;border-radius:2px;}
+.attr.active,.attr2.active{ border:1px solid orange;}
+
+@media (max-width: 426px) {
+    .container {margin-top:0px !important;}
+    .container > .row{padding:0px !important;}
+    .container > .row > .col-xs-12.col-sm-5{
+        padding-right:0px ;
+    }
+    .container > .row > .col-xs-12.col-sm-9 > div > p{
+        padding-left:0px !important;
+        padding-right:0px !important;
+    }
+    .container > .row > .col-xs-12.col-sm-9 > div > ul{
+        padding-left:10px !important;
+
+    }
+    .section{width:104%;}
+    .menu-items{padding-left:0px;}
+}
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index b6bc7f41e..59de297d1 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -36,11 +36,13 @@
             </div>
         </div>
 
-        <form class="form-inline"  method="POST" name="form" action="/WebGoat/challenge/flag">
+        <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
             <div class="form-group">
                 <div class="input-group">
-                    <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true" style="font-size:20px"></i></div>
-                    <input type="text" class="form-control" id="flagInput" placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
+                    <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
+                                                      style="font-size:20px"></i></div>
+                    <input type="text" class="form-control" id="flagInput1"
+                           placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
                 </div>
             </div>
             <button type="submit" class="btn btn-primary">Submit flag</button>
@@ -49,7 +51,90 @@
         <br/>
         <div class="attack-feedback"></div>
         <div class="attack-output"></div>
-
     </div>
 </div>
+
+
+<div class="lesson-page-wrapper">
+    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/challenge2.css}"/>
+    <script th:src="@{/lesson_js/challenge2.js}" language="JavaScript"></script>
+    <div class="attack-container">
+        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
+        <div class="container">
+            <div class="row">
+                <div class="col-xs-3 item-photo">
+                    <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
+                </div>
+                <div class="col-xs-5" style="border:0px solid gray">
+                    <h3>Samsung Galaxy S8 Plus 64GB Android Phone</h3>
+                    <h5 style="color:#337ab7">Manufacturer <a href="http://www.samsung.com">Samsung</a> ·
+                        <small style="color:#337ab7">(5054 reviews)</small>
+                    </h5>
+
+                    <h6 class="title-price">
+                        <small>PRICE</small>
+                    </h6>
+                    <h3 style="margin-top:0px;">US $899</h3>
+
+                    <div class="section">
+                        <h6 class="title-attr" style="margin-top:15px;">
+                            <small>COLOR</small>
+                        </h6>
+                        <div>
+                            <div class="attr" style="width:25px;background:#5a5a5a;"></div>
+                            <div class="attr" style="width:25px;background:white;"></div>
+                        </div>
+                    </div>
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>CAPACITY</small>
+                        </h6>
+                        <div>
+                            <div class="attr2">16 GB</div>
+                            <div class="attr2">32 GB</div>
+                        </div>
+                    </div>
+                    <div class="section" style="padding-bottom:20px;">
+                        <h6 class="title-attr">
+                            <small>QUANTITY</small>
+                        </h6>
+                        <div>
+                            <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
+                            <input value="1"/>
+                            <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
+                        </div>
+                    </div>
+
+                    <div class="section" style="padding-bottom:20px;">
+                        <button class="btn btn-success"><span style="margin-right:20px"
+                                                              class="glyphicon glyphicon-shopping-cart"
+                                                              aria-hidden="true"></span>Buy
+                        </button>
+                        <h6><a href="#"><span class="glyphicon glyphicon-heart-empty" style="cursor:pointer;"></span>
+                            Like</a></h6>
+                    </div>
+                </div>
+            </div>
+        </div>
+        <br/>
+        <div>
+            <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
+                                                          style="font-size:20px"></i></div>
+                        <input type="text" class="form-control" id="flagInpu2"
+                               placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
+                    </div>
+                </div>
+                <button type="submit" class="btn btn-primary">Submit flag</button>
+            </form>
+        </div>
+
+        <br/>
+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
+    </div>
+</div>
+
 </html>
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/images/samsung-black.jpg b/webgoat-lessons/challenge/src/main/resources/images/samsung-black.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..7b0c1f809f8822b3f63d0cfafc325c9c47a9b3b0
GIT binary patch
literal 12078
zcmb7qbyOQ&*KdMDkszfIpad&Ypg6&b7J@^N;zf%D3ofO&7I$~I;!>RA4#lBZDORLt
zX`yh_=Xv|R-@5Dmb0?WKGrv9S%s%_<^E-R*nft~24FE_%R$dkW1Ofm+)DLjK0tf=&
zVqxQ8W8vap<KW@pJ|G|`BEZKdpdxz+B8Sk>(?e)zX&G7g*cqR2Gt<&?h;eZ93knMh
zGdvZS5r<0i2?+}V@$m2n@Cm>~L|{QCS|-8&@9n-DK#T+I1#F=M=>cfOKy+f@eII}t
zr6UG9O3D9jKs0nr43xGgsTK$TL`Or%z`!EJ!p26!{?j2eVss1=I&MrXNp(_s6C}T&
zvwvJIHW>pCuK--r#Wk<4XPTT(Dn23cp@ykbeeWhCvsOU<_fw{VM^B_>%*-uN%~AsY
z-TwPb01yoW6CEX@BSt*|4Ty=l;ja{kM$FBFPC`njP9{lzzYM@fsf$vA7$6QfW|1mg
z>u8mB7r@+^YX$ZO3McLe%Vnmo3k5yAIqITfaIVt(U7*>yllvs9iv2*mxyCK2ziFXf
zWv$D*zk<?2CcA<q72?)1%-n`Id)(30{_>HxuieXM&pcCdmSdJ2o<xy1s|B3Nh6z0F
zxLA24YtNabt&+qx>v0b#8wEMgj4HiDFf7~oUzThB&~Vld+Y9)1k$ti=Pdma*TlC0R
zu;xxZqBsilU7qU+DPo2%x{fen3z<0C&MB_Id1q&GTR{9v)&1Ns=eFP>gZ{f3XIWD2
z{uhRKiH5f;miGXbzPEqR`e8fC2k8MnF7p4hK3q#%_~VtppVrf}1hp77Fk+cRmK*N@
z6)YV00Quw2KTVUoP56Af{PCwO+k2arcV)u_RmQk{LqN>teX;fNO7TR~S2ORr(hu(e
zUnxpsQ7vbG+i4U3DZp@%{w=C{@=m=xJ?eSfX)jq!;mm>wB7MgO?*VUn3bwv7N?Z8b
zxR*JzSH5Renj>CKN!Hxe-Z*{Tr>ick{zz4?<NY*?s&~F^QerR6>)$rDQLjbkmC(*<
zS5LO7ap>X*8x36<t|V(wMekH(oUz5}W`|05eKXW|7E8QR`Rwyle^;ZStqfR5I^8iC
z;@ObB+Dg*i`EX!(Y1eAnvB}eJl+Skic%tv|Fc!QTamd@TK!q@Gv#?VL{&8h@Ahuft
zPaUoLU7Q)?t@>~#7Do#7AlCc&>U<m3BNKh-R?GXa1|$-yzeD4^XXu0ceN$}zJ4Ha5
znbPiopf-A3Adb-09Z&Yy(yT4VN=TAG2$4WVc6Hogu)TftNAw!N{!`r|YX_M~zI3y9
z^+{Lz7k2IwpY`UdOVXpAr45uY8`U|Q_#d#WWGAPY^uwS4PnFO{sbxNk#WFsL(Q^J*
zuZA5eJ->W0EYcbqvP#}+t1#&Y@JRq|qY7RuPaA_tgUpjISon7zP{<|(J^fh~X(2jy
zJ(qqc8YYSC7u6nzFC~@>XY6SZT0_Dp$);5zZ>hvxSby4GzBxUu7W?|Em?KxMgvYv$
zh-4~mwk-9Bu$QB;#@Xbjaa!=F$2*kPkdlkbxB4AVP06ehXsDQP%I+2lG18TUzRu#^
zDf)<>o>pGW`Bu6Y(eSG#pC~LV<B77uk9$Man+YCoj~RI7i;$kFeww5O$CEEiO%nzx
zr0&k)+01g(kx?r5tS^!7sg8=PioUVY%<(@b!3iLXt`_Eu&VbPrYmZpZa4_c<qC1I6
z<h!zIWRbg@;JwxT)oFD-&kJ{%?ACur4+(DMTA6l`<=C4uTbdtKd0?0w`~tofC1^sH
zmaGwExtx=}uFChuW|(|(N<%0@Nl5-6GJw`Wxr&f49lhZoa`yJq#kt%-O|`pTYe8cf
zu%PZK<8-bh);rh^KzZpZvZ$eSu4E3l6rgQ4)u<O;saSBB9<wNNQzsD2YS(d7GmHLp
z;L$HV$rCHXQ%A9bA2dr#3#SVWorODb)lQGRijf-DJHS`iQ`>YnXsu7qX72%SDiclw
zL^@|aEEym?*YAGXT-nAy^e;Z~HTwQRo>Q2^Cy4*(EqQCt+G(%k$;*{VF{qDr>;f8C
z|3-aqrZnoM(Bcrq$42z;MkT6q1_DbHzw;%B_C5o*(>IuMGkM1`kG*Naf2Bd9G>`#G
z)(>nMp%Q${Th<c=>;@5W^T8RyNt+e&TSankvcO+Q5F0tBXllI;H~^QKeT21WiXr78
z6NE;iLiLfhsVNaZd7gq{WT1c5CI>MaR^;ys(#oRo69O~y1P}>z?1E4|_<)E$BKdRD
z2dNQ!WEu98CM5zVSnm@(bH`xD2+5ctcy6WSAdSHjGX|j{wVmnE*=ltWtBXi}s^DCq
z%7n3dz^3d5tEQ`P3?dVk<P*J=F<suz*RqBY0;y?R2~R=ZN-Y$hbVzZJTYO==b$RiJ
zlHHQoKH-UL*5ZYQTMJP*8wK3{OP4K}nbm}xl%zS&XJfn#z66=r#sfAAn41}Qn#J(X
zcJgyz(6}(fIL4&MHdzbX^C(_;DT4ZJ`W@Gr`G5^e_fHcH^thc$df9fr`2l6#px^a-
zc+Aj81RiAuKO%}-%}J0ZqQ27-kI`|WYXfM8<#h-Vzc>@FUh^wjK3+6AQtw#IGz2K^
zksgLUV$VkKRGoX4<8=-!kXVeh6y)5Fwjcg5t!YBe&RE}|o$q``qB?!~1r~FaF7EM6
z(smtN?<cuez<E`(mdmgdsBX%@%uCcsoAw^S{wv_{+dBt!l*csQRXi^;GgDj>@Yflh
z3}O=<RUr<G9CLi>-9u2hFyxuWv0b_y&OqOxfOK53)I>UuO9vP@6A)i9YgZq1fatvh
zj6n>~`lT_2f@-_7fO_Up_RP5MHb??DQ#mgwNlzpIO*QSAoJIk^xG{)-S3DjIcOg9%
zK*b!v>bDd9o<_5$y6i+hFUSuov@rm{@RGFh%JGE)et~w8U`J!ksC23mbB>j2vzb`U
zL~<?y{lkDM>4W8i7`px_9+~iSHavT4YkQC(20C}<WR?KE3bh(9j&oUj?>u?zS}kX$
zTzdM%-NDG(e)89<5?9!C1v{3WbM(h$vNQv30(bMBkFag=6MpLLq~UaSeoQR<L~IIf
z$}F{O06>yE(@{AyQFG4bVlGMvzl3|v%!zohuncabn7ZVyPZvaasB;tvoSAveRia&P
zGt22Wa5st-MGZLAA}mwy&waE7kf2V8a_6B`+C&(JNivAm-;h67-<4m}p!cfopKkA%
z6lYr6q{b+vcIJT;_DMjfqYKiNhDYIrBjLeJ)$RmhoxwD+$?Xk+klx_}iJ7ZL_%Hj1
z#o&d}3@qV~p{5ZlZY%GavG%f*`)S)B<q0?hR=s&ACh56rdn@_j*NZ<`(|<6>SBW1G
z#R{O{5PyT0UT>UMeO_L3&c4KGTb^xNsOz8mjOS21ZTw5;6)8vL-JF@3&Kmx=G}83a
zFrnY&H}*5e`8P4Pd|D5sg>j&nGraCjdBev5SBW8cqbz8PU45o>crQc_V+#K@wwINo
zsIv+pXk>+11Hm1r(^|>Pln)zaqIxV{$X_Tqr+{uGtymKZVk|c1fadGrBy{IeLToah
z0I`j52t!i@uzbF!ua1#mdzp)E7!&p{Ft6>#*W~HVkIWPaF6$dDRL(!oGCg|%%xoqi
zsR*2u3*!GU!Ta7xI}$>S&GZOZ$pKaE#C?x+oUZD{*c?&i&oSy87XfF1wdeF3ewiL5
zjsA)*!G;KpvFm9!+UU+#De?a%6V62!z?UqTQApEfWvzzFNA|kW4`bl>V0k=AK4r3y
z2IFse%gQw=C{$Z}vRhdR1AFjePyG}l{SymI2f2?C%X%9yhDNd*8y|iz7cW_jfsIvH
z8Uou>W<Nz|*i>tUOl$Stnr?XKMNc?QFb{Ykxnl!(RovP)K`%c`;xEy+L4DW;giRT3
z%=5JlLICj^fuj<P=wMY$j;PCl@vb6IGmZR~{MQ*96k=;G6xT4JlA0Mi;VcHD-PFB}
zumz!WrV5=or1zk1U+ctAnN#(~YG;coM!|LB9&}d?y|C)FOVV&s(sZBqA9*|Esgjqj
zgFP=IQ2ZeMKm0K85B7&Mq!0gc#>t4G)+Z($sZmMKdSj2ij<bhdBOOoLS876UP#64N
zBbBzMb~}CtRc<^IaX~m(vK<j|xv(%ducx2e=F0VhL_k_ewg)`R!B)n0#)>!|saW{_
z#cvkM454;Sq^UZaVU}Q4%tv6UT+qzc(zdDQ<$+d}Y-|<0Ac{P~#h(Nn8>1K9dYkaI
zg{JI1z?UwsU^|dIUsAm%+6o+N$@eQ^F2yEwctVJ=)EPzz1pzYicw{W&;j2N+om*8B
z-9KOmVS#NP2c`r-pi**caG{?BLwa(G42{xidxT1?GUP#!8^xiT*s*u5*o1Q~E;2Jj
zk_(uIUUQY}Bix?^zU5&0fQ^fL#QzG$UjQm$jOCr+XQPIs!9!;Yam=y@I%-U&!&I{J
z&@?#sb!@n1i*Yy+D(3Fr)#q%*x&s!O8G2aWf+W6<Q_hy7%X_*23_x;;(8fNf6@%uk
zKn5~doXQC}SZ*0@6q|#TD#A;$)&e$CYz+<=KZeKG?+a(4EAdw&xY~hbnGq3DjpbY^
z+*4<e55OD+1<hZw?OSHjlo7ZKHO{P2^j<#+`><u>@$&;uBG1AU<e!Hrj}L~k%H+ya
z_8MVINfQ?0J`W0k($nN_mis>lrzFMGm*ihs%V*P94Yjn9C-`W4E7kTdTU`BRkS{0(
z`M<C~3{vqAg9Mzr^_;%*-hS$v<n_X{&G>rYf81eV!@0){<^h4mczFiP3!98l@Ge&i
zoGUAaH0Ew``eSRUayn=3;)*&MWw~rNO)}+&NBS@r@IJm0=aa^&MpBd6d8cpeY|9##
zl_hsB6u1hS+2Xy30v(?Bd8AGwShQW#rs4Ev#M52r2ty^!vBwc6i}<E^lp%4HBl7Vk
zEwVL*BRQ$X)5%_^N+)v+S-}I){0u(^P;7oykc!3AWnDr@IEjenu`AfEk}rK{0ZDhv
zNgP_^1wZ^;^qbZNA-o*?$xBcJzr`NHO(16_8TNK|fkdCk6JpJ3unCwMq^sNVcsyAv
z@GkYSm%{4;m=Lzfq<{9cns9=}q6{t<E*G|KA#!KYI&#8!wazWL!p&#6iJ#+`deL1`
zs`!bp1cdNwjPj9%u~GL9-_DXyZcg!@zIL>hRm&qR)8T4*^tSG&k3g73ey|G#AK}On
z^%!qT-8x)EA?z!i>>0I_e+~v=Tl0H_&di7611%iF-eVcqWvQG~ykaI2`Xf!02e%NP
z?o;MIP9dSAOG6J>RxLI`EHl=L<x9NZIHz6q8_<UFV_YcAURslg&%fAUVN8&CgaH~o
ztM|5M;z9%8O`zi!Uov1RVYHTfy^_zZjBV9zu#akD^dGYLA7U6-xDNaef&9fbyI5To
zloIJ45Mb^c1%DyG8Ctjpuw6u)zwJMb@!dxFCh07({ce{=nD%Eg#Llv%v=L_yi5-0M
zz;2tQFXwIsVr0VU`HYfWwwfk5`wmscnU&RQ;LqH!(g-sBmCeH3C^B^=<djZfTxkSP
zz_JPN%dEMq#|a3L2jL7*RcF0rTcoqRV|Ll64gh&iDt1JK!o)+ijtzeQ0cpw9LnWZF
z!50vih;K@kJ;L8W(lI<Thz4!}tWWNA3B*AZ4L%|?a#`ZR;gSMO77<qlvp1rqA~Nz_
zNY*C*DZHYFi%V!pz-RAkI$9JsNuJC)C3fZqFq6+l?N<VftF{1_YqKodx_-LHdY4NB
zcPybC8)TeW6G*z8{)vzTc*trBfH}WVViPJF=O@G;vd=f+sj}3z6KJhMi|t+IK$Dqx
zGimeMp8yH$meY|rlZaJ#!Y9E<JPMPJwvdQWb>724eEqr%>?M<vm!-#XRx#lrg~FF}
z+$_C9e9!8uR&4C{h2EDP6=*+znDl@r>bc`1mfgDgsMZVBZ+g6FUtbF^4Asv*%64n+
zdpcP-jl!t@VwgXL{|O3`1O7WuUZT|m?sY4*zmuPFl+E&^AC_xlG%=7_yf>|_t#H5*
z<837=`-qFk;-K)%@=lsR6<X|uNFXQWPc((HFZUKygq9X_hi0ubj`l-a(i_piU|8Hq
z8@9uC!6r34c52=P>70ol7AbW8CBD=^f<z)t2ra>1+&r%vfCEm*Q;?(_cnoo4!;AKj
zOOIhX5l)N-K>Z}KrO;j~nW9mxr4z!Kn#h8+!H4}ynb)dFwGYhYIMfl2Zv>!D%3OxK
z>O_U}odtS7BJ3E^&Tt8+&y>9#TY3m>W2vEoWZyz&EM5u(uKqGx>*&QjcT_iZ2}ceM
zO-8Wx4+2XHkfwn1X&%6w<>65=`-<1X;)-GCabRhvHsv())yi@WvEoPgn_=w5!Y0I1
z?GlwD*=a;JdU<PM2%$Otj1~hWf-5-?&@4^;=2t$&ad+IJB-Aj>IZOc`N`XZfDiskk
zaOT)p_ZkerBwJ)^DS()&Im@bpd|2!ISjc43vUsAc>0K1&J7)A|q+KCaMR|_Pn$<dX
zWwWlYvG^xRtkX#JR}wv^q|x|w$q5keStDY)XEwv9xrBOyL$dKwKh{e0gvw_>H~(gE
zOu1HA;k>*Ka)8FzPRFc0m|79+neTj&o!friXt5INM*n2X?;cRex!c-in!Nh?o5(WR
zx^l38>Z?jWw5>lAS+VcWMDBMl804RvQ*7kq=y)tt{kHrzDJtrz!|YgHHBYw+fF?m+
zDD@aG_=qAJm)<GMtkK8;fK|~N$W`toApS%G7{B#}#PuG~iI}eRLMq*uF<B+??tj$f
z;7Fc$<E;UP#AVVb<hAyw_V!9<;xp^UlllRBl7LoN1|Gcu7|xH2Wc<g97eZ^Gv5<rl
zXJw|MV?POD0uyDaic+D;B0#cGb+YMjFVUhVHqP!+3I<LJ7e*MiJh+GwJ$4LvOET*!
z1s;j%qgdr2jRk+*SCe&`ep1S+q6Yylxwt9FnM7BpWGWD0go>#v7%3V9u$`37-C*)S
z3F5&BsUZAWGz^pT++2#|7v^eRADZi1>I-!0*7h0}jM1w?xieJ^gH2z%&OrzH;w2>>
za+G|-KT)TiZR#SNxMZ~VR@~xPn6dKt{$ZgO5Y=CIA|9~4A}7}0`b&$b^O4>a198jz
zb6+)smtQ&4_gnLDbgV*Od=zM!YF;)Pbr%$fepd7wyki<RCR4rF{-ySf$?9+N=8Z~Q
z;}ejbNGNY1Q8A3ETMkoxZboZhJvwueUlXio@O>B|r(f%p7<0DSG)~mJi6N3qN5@0x
zJQ(1JCg~<ksH<Spq7)dLO+3!u9T-}%pLnaL;l!B|P8^G;u#H7ZfCzlI0^u4y7Av!v
zu@KfYT0Zj5o-r5*<U1dF{9Ds}&`XYF%RnhUKhsRWKZl1`X-=prElLh!5h#&Xa>4IY
zjlfggLmKa+d$qKx@*T7o?4+BO1JIn1Vx2A_jrM`dzZv>Lw?5RDNNes1kgQoqCJB&U
zI>Z1^J&4lLxeXT<A>&4%mMHfS9nL&UKu8zV+Kvm#U@068hb3VE^ZgPvk=~=3=9$A%
zGB`zz*KY2mVH$cd?v`GG&dcJ&)o+uePl6Z3!rwC3-UE*BfKFoNW=Q*?g%!T%*M?u*
z+$@@g7n9wZl%1`bGGK&AX0AsMe<~J#(EDTiXV632jyTRxRGISSZN>EHgg)&6$NIF*
zJs?SEv1*MdWHem!9P;C7R@YqByG9L}?MG!QoK&{IVo0v0`&da&UZqD$IJ@}w2%EvO
zd15ySKu}82`B>3QUrXrbp1gcW!S{gaIG!(Hrh|<%`x4f1?*95Y42dm|GRO~JrMP#6
z*+XHM#T3(Gmk-jrcfxG<0Er*VM`b=qg=JfP$#;8_$*lsB<Z(Wd7y=Y!`h7~1oFhPF
zA97eDw=qf?1?H3s-V0~pl(Hs-sn9bkn__)nAttd9!B%Sn&C@%-5MV4+P?Hx<+wdm=
zB~eT4<iaNTq>$9O*sMb%HW+fL+1oX7WD)ufp_X1ziiq!rC%RP03)c2qh5<PD0IR&x
zyD6ifrB1@eGxkf&-KvUHlJkAC=hsHTf3c5m;rrETEK=lpn2w0?<j*mORqhCtyi$U|
z12h>~mSOjV{H>emFY&tv1=mlh<Uh%;$%5UP3SZ-u+6rxu0GKtddmGn?g3rsFJE{u@
zLimg7pMgJ^8SUM?MCAxo^^YN8kZ4eB3VCBtCLn>DiIfrGDypFvKABy{0tZ6)KrWZ8
znG}w*r8=w3z~V_C2qMQ}D>s1$7sE;p!!$kq2Xq)k?U#1n;CZr*3if0brhDr>*Gd$}
zY-GESEEorYi?KVz@^M>XP|02iVYk8{T9~@R&H$w&4|7{B0U`{ECM}cQmu+74F?hx~
zGDzu80n0Kmk2Ae!D6&|MpFX|naa7_On}&zS?@)OM6Ke6P(pWmizBGUI8VKQ{sE9hA
z&73Ygi_JE7!~@v3ndZ6kcB~B~5mZDEWMopvwT7<{xjUc?Z<pofUKqP7(A=juSvYmG
z=|%c?b<V!(`h%(cZ!G66{NO(}NBZoZ4m)4I+-?(^Mn>(O4kGD&FaB7Xslb7#_vf6n
zBJi7HC<y<l&zI8ORqEHW5vfDmgZ2FT3o1|LYK4ou->n)PdFR1c!HI0EX8F^KIP9FE
z!j@~%+>~drdFLagMz~loDd5BtZc2X~FcU^N8t)GAY_}yj*Cutr`81h-(Wf9%G$mZW
z^qj~9NE|&rMQkhyg?{%H#GblDoJU61TGjH73=Y|Gj)7yrBtj>GN+rTjdtACq*@>~8
zfH<kV%cbO)dnp4f8?a@{C!fM1F~{-#51IC+&pysh+fY#;Xhz&hqY@DmbN;uyagMl^
z`4`Lmo3Q*hIq^qTxZWUFeKdVBmli12VyLz5%Ebd}Yx5icKb+Ufp{SYseXv90y+XTz
za~&NUc`PComc&A%c9?s{0!|DfgTUl*ha?tdm?62gOubyDeW>crgwO9`J;v|nd(j~O
zAbQeR|C%tBpdbhgmW30fp$6}j%9SF2!4_TNGT1&^M+z{<AgW;@Ys#tQ?Z8@T;#n1$
zd?t4iyeF2i@$D7;q?*y26>-qXn?~Bsx&LCWKNZVAnEzp<hXaBIgEWJ4a^DTJ{tW9d
z@>2cwVN?{U!!7rT=E1H*jGNd&mY3_+mn=U}5<3T74a%mmVG2Qhv8WT2;!<=Hvr;bf
zAbwmme^4?B1SZ3@6NDqBO%44}#lyhOy)2>@L;%-+!|VM?vjLYsO>{P{(e8a%N~cli
zy3Gao_;=U$ah9deo*(^##r$tf__k=lkVh?uo$nFFnlE*VxE5`Xo9lpJ#vsS!+^hK7
zIz55)YX{-dU}ST;vIjW6oX#r|rDq(j38-Nhr3=cBg7#z}Hl%rs5E-T*DGY@$Nr^B;
z>KO>NVgd0J5+<n#WfCbTkN`36Fe#8u-tPPOi4t7@mRDppl}cs#I^5^$p3l|$|JF6H
zR<Fao|G^~wrXuHFnMDiA|0?+iHU25$ns<r~oX=1(3}<H<DuyX+sOn03JEf%^1re&{
zrk-nBzeYKRw7DOQrpT+|3!#YZY#EGkc(M^xPK+VxXW4+VD7sn}j-P+2ieK2jw&la$
z__`c6DX$VF1+t>ijVxwjWbTDYEW&bd>0WRJNxh*b#<%9+A(2(f!NqxTVH3ZyxwMvs
zr)Y9Kej-mL`~T4T?(_A#|MbN6Zv{s9|LV!Be|yq?CuILmPoe}JZpE`SD}36;R)3VY
zKb<Y1a9nv!#3O#fc*_!8$U}?=lYyAilWyWr;zTA)`NyW<Iq67@vC_%o(qTA;!KLUh
ztl&~GNidy!umFgM825W@kOrN+t=Q+R{c?Si<HHlU>~OQ(J%E1A(}vckqU*1XH$>dG
z_;-`@?igOa{kt0MxC$xO{p-S<&;Fxgij{$x=dF{$Z;hW%slXwhA0O>%DXiPaxSf}m
z8daex0OLVY9yVO%!!>@SHAMt}ymwQUOoI-TgVXCD8wNL#VU44vCreci=3xkuO2AWM
zjUAH5Q)1~&BkqO4$qRb}cu1t;iE-$A3!8~`JND`1?ZuWl_8Cl8mh8n&lJkBnw;lh-
zpE)txX^By@j;M2P-R*CgBTEH-^bebYAG|vek5<en_hni}xwZp!Gn~;^=1!qk(O_kM
zPETKJ>;Ss`TI)G}Nx<G^^_2+v@q2Vkb-IRK{CmJUlRvWliho7ATtncb)R>%_)4^M%
zV|1pd16AmX@u$%Gy>o1&#>oe4F`g{_6d@v2#y7;ZiDC2T6E}NpO##~Q-i(V48$L^K
zad#x1`HNr*%@$&Rp3<5EybLrh7P{U@Hd~zT0O~*T1U#IY!rtOu)KL*Gm4T<kwk;h@
zXOr2;*T_T1q1x=w#t&_L9_TaIvB&8iB>QE}P5aLnz4<#vJ?;rx%KzGB{_i{&EE_Rw
z*h0M=s6o9PKn>PsAB~@!6D<Sh*E_8_*Q(o<c1#s^lP)csvFF8d`~fQ&8E*iy{Xvn~
zYE6na1gXD*$QO!q+l^EnsgeRJ^+f2;HaatuTfqEZyRmbi<L)n2p4zS`cOH<f+Lv|w
zAlfpJ_Bh+BPqULfTkR|+R?B(2fJP<y1)l2@RZ$k<t|V}nzvnaBLooO|p9j5BU?zk8
zo5+ellA$7brH4oM1j5q{Ulk#m;z|>@@YSu@Md4?Xn`;keW2+AuLxm1v4}K4jUT7~q
zm@S`rgQPKdb&&N@k1yWEW}>lRuVbuq(OC(U&*%M68(TIy>NS{^fU}>6n~MQ$XzzwN
zu$HIt4NiB-$HhpR@Hi|$0$L6lSFsEQ2|0Tt>jMo2S~RJ-IDa|^Q*$#Dd4KcGLuK}C
zylu1O5;cc5-VT^f){D-AwF`2QDF&x!qE$qvXeT27NxNEPFD+VMuE9gEqYT&oF7Bv>
z{HTQd--7%<b7b<C`RqT8?@aqWXBdK@^7_@7gnT&4csD&PU3c|W$wRrHyk6)VafAoE
z-DXGOt?h?-uTcEmYfN>=UqHXwD5h3Xt{CnIo%Q=4t*%!0kEm=KDQpZi3u!qxEmWw(
zgrhG-1o#2B+WHEO^txdh5YUxloUr>|Ygf~#QsX4Y1~XT^ty^$EII>KkNZtx+$h)Iw
zYHHF3Z*HMD&@57^m+;d828gtO<8DUF=(ZD{HQ4bFPfZ6LPg|4U=>3W`d43P5N?EK7
zxmv}#5Nx3Mj@^~Uru5YJhe%D2+p2jJm0>>q8N<2GBX8~td3O3L?lf;+^se~)C8}YC
z1nOOREZhM}g7d2M-n+o^x<+F8i)>tHz1NaE;!K&t!HT7BEaPZR>1_h@2hBHPdM=}V
zA)%&#vz-cru5cQ~vOc}cDekHX?0_{SzR9)AG<^Pdgt@khH5dC2wV;nLc({J?g`|)2
zB`EWa)Ozt{fk)Yu*<Uh{eNtwB`V7t5)ZBDKnO)a|RGHt2TajeSvQ4l<#kwee($&Gs
zT(Kixkn_ig+C6}{qU|p^Z+dSrI6w34lD?H_EB?zdPtV*m-u)?=n;@fhPe)xZRkz!O
zw{9lCB%d6_3}Xwdah>Xp`;sQ^m9gLz^)#ezofZ=_*=E>R31~T%X@L5iqR1aoHNlY<
zV2dg@&#&o+m0nKE>QNbb6|cW`pih!g{tOstSlSBX^j_N^!IGY@Iet%VNWhFUxo)Fr
z_x>e@8Lu!lhsAknnjufOHYZ<&C^YA;(sFOw#Nco=q$OaYj5Itt=Tc|(q~Z}4HncwS
z=~M56+z&}?vAr|gS`*CofCsv-ZMqvAq%|seGQS^a9c53INKqfSKA_ka`o5L#iAYm;
zr!x|5?I(f8qtjR_%8T&`N?kJ?lseL+Pjf{6nF5<Kkbr}!mr!r7sY1C<V3g%Uqm3ai
zpkKKgoxA(gAU(qdPU!8A@ftX8xniJ+2qO%IqTy`RE?dm(uj*@?FeOm{-E~}p(C^B|
z3KUv6^R$w{&_L`d?YR2)$E<<`ubXm*usU|-54S8VR*tB=)BA%b3K!7ys1MWP{6(d*
zN|$M@JXvzAPU35t+)f`LUaOT)>jZ3YONXS%W$9`zUsb<<QFUNSk^RJRH&r(^>7w7Y
zjGC07cDqun%U)-}gb^AGwZ4ncb7(5>K2-yFJmlqS36^XYO?>UY-9%)Ao?#r_H>i8X
zj9kv;BVzn0S8McPvR3LF@37GqJTustk}Jcof$;2^l0ay@`;&)QaofpR;x6_ET6qnk
z@t^9U0|r{hT;=O-1G`2sM^pCz5a*ZrH#CTC-Gc`aH;_+!KNP+{b|JdkFsyj(@o&+N
zzv-}q0u>hO+H!LLSyRtrelz^T5<CBTS1cdRRuO;ZhTiS@;mt$R)Z5`c2$Jo_!SCR=
zJO(9OZr%GAG$0om%TT9-aA#kgF-rsf0c|sDcmP!jAR|C`#)LqW{6(Ae5Q1CFJulCO
z#CXJI?^EB@CbV&zS&Nsg<2|9R3VW`Cv$dw#svhIr=qn7b#4)q%h1zcZi7{ZVyVJbx
zN1AB*3Pqd+xQThQRY&8Q)j<Gy!xJBCeOoSRtQR|$Tx7=$2;n*XUI<8o6>2u;U9HGX
z9tHvf&^x$~+(@i9`^0`8ZWmj$M_0g@r8LIb5?2Xizg03jc}dG(RxLrWO{YjgK9!D`
zRL?DS>l$y_OTnhOHvl-il&lFjdmXbmD%4)>52G60HIQX$jdPFXnG-9q8wAN-JJFMt
zd2j4mLEXxddcUR^GO?LVFlI?N;Ca2AJm8VJ2b32+e7psQ4KD$lbU7-=v<$c!{DGtd
zO&_hZQ?bMbpLzEf&Mfm84SSmcK1J+Y*gJmE`;r_tY`Jp8cHI|_W=1^3K28tI6vlDI
z^RGF1V@xPN(MU)UVq8U&Vai5AFR1}v6TW!Oi7vq-LT*_?JB(=iW+&hi-udZJZ+NX@
zF<CQSsDb_E$>UGRABrh}w-P|hx<MB~BI|*Cky-nzDs=t|4TmgicPiONiLHZ6TH!61
zN^Jv?Ld=PwuXtD4DbI)bt>!-?7StGPz-X|0z*+Fp-@wMP>gYPbmzFd1+TY#qKWWFS
zr*?DygvAa21~{)Y-zwHubGLU2Ro|7~#$!b_rxO@Y;SW=?H9-Z-XI^VHtwEoLq7!CG
zRkl{C)b|@j^6##j3@Pk~U3|^T-sL~G!cQUL#%5M$=b45O0G?8Az3(!yCf-#p(K>SW
z$C7QOuSEAt4rj=r70!O&(vA(|_-4*0c2JbWBb15;&}FYY90K5y4n@zIYT$R-f~%37
z6eY=d3d@tmP!)hI+}w+t%BBu5pm&;Q^Y&3Fu(BfYBVE$kE;eDQy#X)lL{%K;WQ$aE
zR@TQ%Tn?H%i+2J;gK$qN1@3Hf7$c$ehjtT;v*4T~8}-=!wZgs;<>4yp<0SmvuI0J)
zg}pQ3EV8jC7ZRBN@bjVp_P|0%C4QsZ45)0b1q=0v65?H;*XoGg>ny>KI?Qkd^Ex0Y
z=T@;pPy9gqViq(Xy!$-Q58u}kLe{WH$}|C$6HPRvGe>{o5}EMP2D<H4z&@=QT<O6c
z>X|Tr7X)p9P4ZLZ>LJCpDRwdu$(Onb9*I&N8#Xgv7J1boiY7T|3>psAUzX2bmSMO4
zE@m>Fs+8F>b|8HMd-3{tMMhy`N4s}2)iba?x?<!=e@BOfpe%JrXq?W~9A-Z<Zfv&~
zZ){YZpvz-D#_=jJ6fY6`x1Hhn-!KDh4Qq3i>MG0YPyF6_IEl6FiTWPoTHii>KR$@=
z1t!w)%DvGiWq;Na6~um4?&#1pEZu7vtS`b|Jc^2GDr>mOE~%k#ynuS)5fFLMEgai!
z20ph?4-z!k4S0L4%~?4bK^Q(J)G?ABJ@5RSB-Pi7tFzYEXq`%fH`QRKT4zJ|V<_Jb
zp*gTTXm7Gnlb~+$farv|*<OQK;CS>#(eQg#e2pswW9wk6vckJCKSG=Lzux9h!M)cC
zsfOqYS{ag=L=N0^-4&KILpqkeKR|tFHtp<{Z(>v6(apmVleHhSa^y0O{q~o8ug8vl
zu>KBz&4OSJyWDyMi2*FI_?=!!a~bbFpb06yP8;w2BP7EQZ8rMHNXK`Nuf9hS)fBa^
zvUTu_4m!~B<$HpSA^??iXzUwif-lBDnkLY1_SdnaU-rBokq*RWii7cqJTQ)CG;hpn
zud!S{7CVvuB@fn*Tiqyec`PDO;wr;MSf*_E$uBM%7??hv(cWP8nSJeiMdLSF)mk}+
zJ^3QVwoS!4?w5LtBK7DLGYs?-3q^R59MG>p5TY<k+df9u(-g$_om07}J<@!<?II>f
zqmzgx!$NPOcx+V+%x){2i*G^*>DxnnQaR&g4!Yryyju>x>6<xJZgw_<d7=7rxHybi
z^^9xh=4<$?hqjW{WBY80CpgZhovT^m*3b4IJh%1r4sh=sR2e0;U6>8^LlVe;YE`ti
zJ3^o*lgpZ)YRcKg%3H8-qbUqFwU)X1!e)gj0qo;nu4mzv_A$+D!kv3{OPzN+$6@F#
zlN%ibwyWf`sp1xXKJO+nSW6HNkNcK1C!WldvWdE7`kmvepo*woq7ndtM-#7f*g(N#
z950uix@Wa}S0No7RB1kgY^KZycz~Flj<5@kGCGpL{>yLTxvoX8+g;>vh(J4o=tIGV
zm|o&byo>qK-{;F3-AMPBj|45X6M{6}FTYi6^Qb0m_+e>#SP`m!q?}<iU&{Ru3v_av
zkkH<jTO>7FR$sj+D}o4_NRVGDjjA%KV#{e!lL~$&sj)5cLqQlXhiUzTnoKY=>bebe
z&3v2kc3%=q`iuECVUJ}m=S(#>*OV-a^iKYQ%;nin&fhZue5|Ou{s>>48Qv73l4lqG
z=O}3hrfR&eOKv!xk^gN>ZsDHIn}1p&%X)Ap|9d7-wq(ftIFUF{iQ^!P;`|;!2N&qw
zKb>A#c(WgpP=5n5t*pT7AW(_Lb(|r$=sdC0J3;80I8wVHQuTJ-1vPdsU8?%8D7w0;
zR8BlcD-ZqqkJOX&IzqQ&np-j7*Ki)M8W=3BA$EvirX@D2M=fE_gT^G&YhPDFB&978
zQX}(8RYm0Lc`x!3_dkK=8>|4Rz(45E-{C0wD@{LGYcKg_;YehR*Hyst*;2`oAG>CU
zZIbY!;_>=C4c>?(tcFRC2MI4*DhEL$b71DcFe#AKx3)~_-}%iaNm;eWh|be0AFpca
zcc>gv*RK4sOw&?MyFmQI7CE4!EoZ*M7gQvL?d`Pp%~}6C`0?itKgS)m$mr0hR$6}B
zG@s(B+JC-1KpjE;#aG{U`Mbi@k5;;}wD0JoKwNA8iZG8BCJ?@$JREdS*YouCKGx39
zA7bYJAb5c*DeAxeG`RD5H7={)EM=4xl$*WQVfnaGFSMiIK|jF);i=hlwjAX)kz^f8
o)JP9<{hVTAX<@%^y{tcVrkTDDA9o<!4wJZ`!@;1#5x-yhKU?mLv;Y7A

literal 0
HcmV?d00001

diff --git a/webgoat-lessons/challenge/src/main/resources/images/samsung-grey.jpg b/webgoat-lessons/challenge/src/main/resources/images/samsung-grey.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..2dd9ea557277b710e667092b47c4d2a01bf5ba35
GIT binary patch
literal 11227
zcmb7qbzD?W_y5w3bc4jwA+dBwcf-=4gs`x5BPt~z-L>@63kw3fG%83+r?Mc;f^;Yb
zieEm@^LhUG{rQ{w$GvyXyk^e4&zbj}Gxz@e^mh|LrLV204Zy(x0C4Uuz~5ECO8^NW
z5it=V2{92dDJcmV1;afGa&ih*I(jMwPIhi?PWJovfdU{AAfE*P{rjTIq7u@w3JMB5
z!Vfhc%4vY)6=ZQpNl7WlDOm2^W0B>(&nx@?UH-lUP!r<}0_O2>xB<A-IC#`Je}@2U
zcRCW_{G;ms3LXFl7oXrx+dHWR6#xehhX4<sjGTy&fZ#t9!o{P;C!pbyAXGD><#rAr
zk^}_?#bjl-w$ITqFshqdf?aYd+ve$cWMnlg-b+cl#toeFYHG#4<kzm+x&YpF%5*o}
z|1;tpM!0zRcM=Zj{|NAK0C@k?28S9Kk4A!vR?X}$20(r%!KKEd20R3Or_X!-DBqx_
z94Uw8Mkdus%H?zgH=Ix$(NBd;Kyy2gM3g*gc2;#20KEgUefE~OqMd!__M)^OR)KYN
z-bi)`Ysp#TKo6iuTJh+6+qe92L8uQ~BPOb?Eg2Qecy=M?a&f%mU6K*xI1v4;GwwEJ
ze9g-UWYiD6B&z0^=xk6P_qe?0@`$XnZu0mRa{WLtn|mbDS12^xo|6|7%<W^M_QR?F
zg@^l<PV0mC)sI-KD9-B#N~l3+{~G^ZG_NXYavp!xGqLrzlI=f<?wTAe{I`ibR1fGT
z01pIN)m7h#%l{*mJMNG8Ju-9q+h8h->(vKcN=U^z(nRZrQ{Nj`qMHle^WKPOgZI8~
zJ4Kz!MoB&ta@q;I;<;?Jm{no)yI-hw`&;jpvE_cD#vaG;e)dW!D_IIgbrT#C$yodB
zfzy5Q#1G0zw~S}^s<u=lj-A{x@L25jdlF!{5D)^be19u;!{qefS=Fb4_Y`jrK0Vv|
zX<cH%1Z6p&$LwkBAxKfm;@6KleS0gf68DT1#qCE5o;ij8Zk+!7q+0DHlEdHCAKGhX
zF7Pz)X0QodbHt!B#ZX@Zt?4}^>|)z+IS^qlYO*R?{h(scTtl2!SorkIqpwbsWi|46
zM<->NRr=#km`ALRoPX>;ogeHTDm`V?0$-|(+56;M7m2Mrv{~D559-dLM2^O+y-7Zf
zKpkVqT9H9(9;v2Diq3{9j^AR&F2<Tx;y+er>zariH%hfAuAg?<?To9m8ROitLiX{N
z{qHe5J?y-aU+z%j$g6;GaN>SjJ&3IG^Xt}aX#Z5{D)=p_WfOeN$eupxDbxKp-5#0{
z*oW(S;75sG$bt@e+l#(fg|R>BIT7=m?JiWioO5KwL*rXIN?HuIUp)wmCc26z=CvIo
zC9sj+d`NU-74?PYdE-OL92q=l5#}>Z#+B>ui4D9Fp&&#uS@g_&s=_%*C=nFPIUYRb
zpL}n5H1jH#^);&%s0Vms^A{lbeZ|260Ie4;GJf>Z95LL2>*xBX$+OWn3Fo}^)@}Ou
zIr?eOLC(oPokn<5FD@fWIy$qNwHHfQa}JfuSkIrMEgO0`h-gKkinu;~_ZqA30rCuv
z{w(Ml+@E08IPj9PW`fMh@hn023ql`aYDs$zGVc-3OvZ-tcoKFxltX5`eu<~*NRw=*
z%Bp(yn`=S$6TDUC`{p_wUM~Dhy{=OvLG9e;@nfVg{oB?Z5@u?ShZQCIm&;vNeGL6P
zDofi=7cwx^ABMjGlm}Wd^ns`I@-dJt#gRwq=3`H(pu<wAW!IS6pyYP>PRe?pmC-9q
zl7Ht{jdv_KJP#$EKiznxc!?zmZrT1U=otwH3YYBTL{qUyf3fX*uh3HdXVb?9dz<vn
z^v6eC`;iI`^Us^2iXwjpn1V-DvYRL$4<nR~--Ih?$h?LIjXj*oxDr}UOT`E)2Iz$t
znIN#ev(|GNFU0MnH(+%@qpA{!iTPse*Pr_yrJ}JnNjVZ1Zy6XRPAV_yk9rjayRO?#
zI)?mL{G`V9=jucVbw)5hFw`Bf2d$4%tB;{RW|@ymC?kp2!sGgcuE*Sbr=(BmV58pc
zz5Pm!b}#nnL&PUqeDu_%(q(%00Ok&`i1y+PADQ%?<w<2vi*j1FUnSoKh%9_%q61{2
z4&in?l&HkTWD3IgkiGPT_UN%yiz00?Kr$kg;0%w!=q9hAPkk^%0nwm24zG4MttsFs
zBAG-%28At29%=8cjW0IR*SsQfvyilAoRux^t0&wE3E)obc*$Z01xStUb9{<<CxG7R
z2-e(UIk4y?+bE=9?J;AgiZp<DE@zVY7$+-`w^iV~(|7rZ1x&I8s50on4!8J<lCw*9
z(^v>V+WK!EsF==~KaB+xEx6lZ(^(Ly9uEX)XdIgvdQj|8wdwS6LP6q+F+l43Z{};G
zR8s<BLJ5Q<ELsGh_jzVJs3fd^5ScD>qMzO*eZ5`kB8!8=jvZmS5Upc;7mJR%7;Z!*
z2IgKpA*)Ed=%xMjfZ>Ca1B*Pi_|onkZ|kBd&f8cD7}fG#mcS=s5IbVn_Zh(qFwSvx
z(Wvqmi-p#y=hez2pyIMXaJ<58J6QtFFbpB!oiV@rHWe~Ei$Ks2jYtjXGQ?2X_d^0H
zvfx#q-}i0u`KdXfqsGoUUQEktjK!Y>$W6z0Xrw-&S029?41o@quZAXgpY-=wO>fvN
zg#}+od|^=8jT`8kEfwZM=F{G?J|_{Q%mC$FAO1ON{|f-?U0&w&DgX}gg-uSTZa#Y4
zB8o?dyo7oKM>SNm2bjZI{_KH_OD|n=$Xqvr5bknH?n1c24s4i`M18f3O=qZ{GQYnm
z!6oUF#N<r!FwesE@CJZ-RuMBZJ6$(l8lk?=B)>Va>LeI0&o-yY?Evz5<`saeO><bL
zgiDjwwtVo!+pLo=orS`5ZNjn|FIJ|Eu)2{(kFiI*t)!9;m^LPJW8J+nC13h=+)GL)
zY0kD-JCk_v!t_}h%E}>xhwr0mD|fbGInOS27dHIjFW>?qX&B6uP7^5hp<w{7KFbC<
zHm6)!Gjq^m#;s<hlgP<zSubtIr;+1?Q~D5rg9%>^O9ohyIY?DnafcYm1taphgiZBk
z^!?euFn66SO1XHPI=k1)-*7>~dA@j%q>`j&9n(Zs2@p+^XD%TF)`UgSc0gp?;t#LY
zK>T!wU<#+4a4OVBa!D}36-eTS?P?uF$~PYT5LdczWZ+w;@@4ffDt&`aJ`OVc9(NH8
zpIS|ACNtd_lU;6=5p*hYJ=ImZvk-q<vaR!dvo|jb_|_kJ(XXa_eGYy2%^XE?{~>70
z&p4h^-l)pkFNqBx_FbOS^EcSbSx*{%GBc`@K0?burMs?cR@4G~tfIxJcNxN(+{$1G
zyn011tZKj+gx~<JQ|q#3YG$}iVVBaE*62%34HsXT%R{PW_+zQxQ&82FwxVQt94+?>
za(o$S^wy-|I3n^ED)_ZRwciya9Y(suu@29ZyV`EhyU|#2w$GzOs1=Xz8twdm&zgEA
zF1W%<Pu7eexFIFh;;pT(&QtLM)YGRwm3$#S!08bV*LX$wu~O<MvP#W-*t7O=C?geM
zHY>ZdP*zBxBKZ)3VRA2QU3_0JaG^Q-j@1q*BG;*&^dy7!RuH!+okUWiF3+)jrSP*5
zk@_%l48_D=t7ZbIb>n-5hQ}$u3F8p^_SVl-KZ?VI2xAvLIs-|tq&VjKVW#Q6GBCt+
zQd58^bDn1%tl~E9OKkn?*yC5sO{Lw^T}UT_H|P}4A1?HqAph-Fnf;sOg#|KYDD4a4
zuSc>$TI=`J^^QN!For9W+!@5g4TS0a^i}N-*f)$;OdUmUc|1~V5n1-?AtKEyzuoyh
z6PD4J?M8oWaNi}znk{xQU50S>$!xt&{LA1cv-Ftkc><`>YJPn@Peiw`Ue0S6V<$r{
zFF{8W<$!pY8g8W>TNZP4xZ6wNa6j`wbx7gtntEkF#GQX^d-G5d&AH@`%9Fri<F<9x
zQuj>hqd%|+_N4miFGZJ7qmpL{)aQTGlUHVaZq(k5NC8s5;GAEJQT#<~%YA=Uca|*}
z@tAUkY{z-e$zf+S(4#A~0xNx>h3ZKQ#U-iL&kd9wTFgF#4&_yd_@k?;O9r%dJ@o^O
z*uqQLwxL}FfpP~CBUPcgXkGt-L@h5qH>!9XpD?)Q@r)XL-;uL2rnbU89fW8}u2VKE
za^Mun1%f%I&3<KqM?0!Sf7LTY6XOLwCZDU2K??zAY2>Omm$PwZkZLb8HM)?bFW0bC
zVNLAabqB&)pj}%Nw9CPSkcPE#=j1@Z^us|9qzfX$ussaqxcL>BSKJLhBdX+`s>`ue
zQ?!VT>ASOr7lgQ&dS_Sl_3g6L#%>fCVk|5R=sn+`uj;OCuJ;kvVrn7T1!}UW&Cc0V
zC%SoQS#}e@Z^dGKS?FsCQpj7cFbZnKuf?T@NMZYn^#z!hRb<f+r7gR?MfC9rzDo@W
znRI<h$uDPDBRPh{3|7coL6WipT|8kU#TK<DGY5s*9OaxBB$P1o(IA36X5MU`g%U@S
zOs_TYl>R=#J($NlMZg&#zu26+p3JnyNv#S}E4+&F%Tu!o-C`SL?X!+hO{ZB%s_-a-
z2_sY89g8#8l31mhPjM7esM`naB;*#m?V#q5aTM2C2&8P$^(m{#+RyFs#EIw2Kvk5$
zg78>jTMIkR945lZIgMOhcv8b0u}k3CVXRlRDj=Bijl)!+<*PD6(IrFsekrGgqR;*O
z{Zn)wKcU8@*UrPlqS{E16A$AuK1%quA^kmV6r=w9_myt6W~CP<cK(z`e`;+mEN(XY
zy@^2YUjX#Mqu)`7NZaCR>A5GL{{qkjEkExsSwFCM2=(#WXJ?Ui><T(?pVOUt?~re4
z^`+#uSj;43X=usQb_=$M^SIh$rzA1S>sIQUiyY=khZ16KQ`GvNgQ2T?ku|Ht4)E@s
z+D*QwuLeHJhHyHeEKef}-Zcy2PGZ7r<@7ZwKvjgr@#PZs;IDPPB8>4WHya=3Dwu}k
zwN!0p>*d$u?3VmiN1GPCGfR8^Bn<j-Sjmv8ty%dAl-VXVs8#7l)`4z4euXR4NZ1<3
z4u7q&w2;pBb@KV;?B=mR)(8P!QpC3DDxbhWP%xZRE`e)X%S+@5JX6EDeoC&fZ4Te8
z&>X@>$D}2Pt-Z)M0M7X8H}1T*jw`aNp2QheH`IKRZ@(ZgEQuMzA%s1F=U`L`OE%L#
z9a&Te!rmt;ES7geZQq?Q#xg!!!7Z<JKM(kY70U#Hx`KDRo5$oG+J4CO2T{2$i2V5v
z<>ajNmfgWmD+0Qlp!4(nxIWiit;G6Jrsyw#9%|r{t|y^yL-sU@Oy$%3N%va~J;Dwz
zi~cN=9E##xnvW_03(~9Qsln*KfXjFGx|*>lu^a`C8lU+cI!ZPo^~QAB61+4u<G|-?
zQ&niAIGrF4J3s`{E7D`i59wgMX;soMmTFliXj}1!^5{;{a6x7q5No`y+2fIUQpiq_
zo3ug`Dk3`TB`#hkEqo&H68#B?PZfrgB^{eHd}W@`H#zx$T_^U*i1)IaLosnhz>wEY
zzp;{7(l<bCFn7aGDe}Tc-D*P;!&CBLZvti!&&sN<M)K$Oj;p^c9dH6d2!t{{KfnaY
z80At`XAhcQcgn<I5R;sJ0NpRzuIDN-{jKmRFOd<vVlclOF{wmoj3LVO`H?6NTcJaM
zpH<udM7mxL#-<L>HJ)bzEG}>jgGJ&jN9&{sd*Dd?1|BNE`YCknc~NbT|CHf^LTV;v
z7L%z*qy>a%O!H1%tI>Dw-M8ZU3z!^U=<+b{E*s<PG?>wJ>H*b7dh~m%6Au(Fia*ow
zKhz5fh;pBt@sh1>PfGFxt@d6uPaR}w&(ZD#1Z9A-OcfU0gG5=OFBBv>MsHw=>E?}J
zxhkibqkFC{($lDv+U*9VhXNOcrAA0bScC{DC?RI#6jffhC4OA{T>5?_a1IgW_D;{m
zCXyAyc(AoD-p>l_Xp4K&_$VGqq>K}UAL#xt55lsbUJsrI-WO`cYpa;`(@N8C+tdmi
z^E30#Wxg;^TcSg%dooS(4!9vOw&~roIa!v~Nm%3-V%9YP)~f~wBp3%o3>gJ)qJ?E}
zsFjKv8?%ZY1udqB2qf4EYM%;C`f&9fAHq1PcV}26GRg6trW9-Jm?t40G<HIe8m%iG
z#aXa(0?HC9K!eH41<AH~zuYY>OrU!|2gtHluHM2^Z^<m``0}8H0XcXKqMtnULZX)f
zSo6J2c({cEBIw6Hs|xFX<$f<P^EgshtqwRz8QME%&nYipJbS%x#+qr2L2u?{(TxW^
z&wR&d@TI@?DON05B}jEhh*B%4G)qXVAVllvQ#B^>h9RsHIGZ!p-cOQQvh?}JHsUW}
z=PuCo#sG0PEfkudoyy35h2y_~C42J)>UB@}mkDJ;CyozP#GnOfLEyVt7L4hULl$=$
z(p5uCNKz}Ek+xWi#JFw7^IloS6(m@j86t$+Dw;voin0(npekoQPZe!Rv&*Kef{7mu
z*rkFKkag<KYYmTRUJriuYPXA(g?*SWB}wUC#OKd@CtDX=Mdl{8E&sKt*xG@3AMaRA
ztg7Ln(QFpB@WG8h{OrKkj?6~OAmM9;Tga1$?WXn;9MYyquHpAl`pT)PVn@1(g=XFL
z+6p0>sN|Rd5;VJmWqu`Bsj`<$BIzPkuF(()7%Mts$%40G%_mQ7q@SWKPZk!>hx1`+
z)G&Ix<K0gkYxkfz1|C7_2?|Mg3)c(Uq+E90d|R>-0%*RjM4+U7G1`LQtI|pEgr<bi
zubT8cJn8)OTep%qWA4WC<Ah^tY3=LbqfaQ;;#^cub>><OUvv}l&BOCB|7xfH<aWB|
zUo*ig<kTe(rs8(WNQ9Stu_=8VFY~4A^4Cs=I~X&+#LY>5K{8mRSBNN*8^*N}9MKBL
zw6xFnn>Tmpi$dCM;Zr)~c>_$48EF+#O;Vwy<e3?fJiFut^(I4Ic_As<52jw)p0RZ=
zT_|}pvg3ByYVBTDDa}$=TIZ53UMz`==*S8R4(HL200>ouu0sKXsuxw;S`s8YObED*
z8eCAC-qhCxMbDa>IVh;ZACC&nH4l<78(N6X6L@L~r{#bgsRb~Zt>MMrqay+xPK`dz
zd_6{{5H6Ho00_nd{&+NDDTjYuOXMzK{PkV^3frg)(u6J$D@AeuW)pz+*4T<=<ct^@
zN1OR%x#h6Ab)t~>)Ki0@#j0|%mEy{C{U=DuJ)$v|<!w48v!wb_#T^S35;@p8n5#s0
zPF(`uY}ylAnl;W8Ow1F>2cUv@nb5R{Ufopw-1}ATH2hjJl90nU4>7XZkrk}O5`~}9
z>7t<2uk!E494Q+#d>5-e8SgCBx_STR-pBS|Ku3cChrWk>20Mece*xqv^)G6?35`7&
z`TaFQb#)abO&_u94I9om1PU<KM@*<!3b3S^PH0ro6KBV58!zK!&2h<T*?Df8W>?Je
zjLg0-AYhbfK@b}a+0_tFF2XH%`JzctoX72Jm4YESbnsR+xI?K~HAfy525&yyMwYKe
z+A7bPYUCbW_2aDHbLz5RxeXx#(h5R*yVleTpy=8Zq3D?Sn(hT&h$5?lmZ!tG5Uz|u
z7i3co=+aemT!n*Whm;v8l104iiA5>K@{z0dHv=eE7mEec^1>UfP*N8?{7<sGfNrf>
z()X;ia6>OE^aZp6Az(+&RF6`tH|-awDVE4U&<r@EGo7;MzD6C-(T={N1x6chng03f
z7m8WC7l|K7S{I?PZ~ublcI~_WkHb!+R84RF+1lWsnfc-7s4)%APhDuEzt|G_3rNtK
z8~gp?lisvOM7`OtWjaEw%bivZU%jxJKtEOJSt)^KF{0G;HTSV#N`3B_Qf;t4eM^I8
zhQqAQu68%c6C@km0hQfxZpx*aJb-gjn=QBGveATV&^$WwLXL$Et(vWBuRmXRs&~fw
zPN#q>QQiZH72m=$XQ*~_;FA@X(#Mj9wiOO}@YsD7%9MX+p`EawV%Nx&W*;Z6AEWfx
zL!tXHk*5^|f>8<uc285%?dSB)R(@!$=+KUZ2w`f0_Tz1`<f=K@h=ZZ5o@Sh#?TbSl
z)QbPod4YV-LZt_KFJst<La^Ug!k9H?>%IPNJlegJEiozXqlC?~;Y(6dj()ID<Lyqt
zo4XqJ-%8J)?iF`$-$mn+|8u|n(1>@S<CtgVEgrumMMuYHY@%*%f1TY?Zh}_Z?TW9I
zwh!&XQ&wvAY(cs`)jVJuDe&BkmvayJ2-a+)foRHxZ&_AcSZHd~<1TRuR4cO8r2zTx
zPeBCurJP_NKBSNz2!RAvv++uj&SXvFd~H@zs4#eND72%)f}7-nHb**Fb&7m(YjR_h
z%T${X%bV9x_9O{}3>V?{3r$i+hz%JDPaW7&IyZ8Vy;>vO3!LD2@2KNKkDGX=l>i>K
zB$e$LZCEdAm44Twof#x8&n=@3B2p9w!CQRuPSe^XE2~T?ovBhq&Co5b8|olinynE7
z=n(s&X|_(^cBFxtAd&M__acjRO>hoVr<p{VL!dD~$<WhmOrX(w-jF7a?pLj^UxOa%
zFLis-g*GSbWS0xwa~dwY<xuJOom#uNi?EB7|3&nwS84BUAK7kH(mzOc6UjAM-TR~V
z<{5AK`B-O-pS-V>h6{JJ;XV+kAD8U1M*~hV=hYGy(g)J$;^(GT&sh!_#b`-nn)xFN
zy~@Zl^B%F(cqY=e^Q9P_DA9X*pN7$WVEfZ0BP+`awNR}uT#tPA4$q|9XWdGN5d5x-
zLK3WDtInPemKV$J{)8agfgp{7Cq~S;k#4-3gaEb;Dyt{a5~;hZufAx&ntxO$tFjRf
z7adtuvPwvp;;Fr<w@^Ou9K7|EuKiWjCb>MD{Ec&rAaG;Y4D7Oxj<4<BA2w`_X?oAg
zM(O6Mg(u1a5vrnXbjs^6uVqBZ!659(4L&;GS+9P~LbrCTz0cdU$q%*)!+r_%TFr~;
zBtnxZo+&}ue?v1`?ApVW?$ScO|0O7Quze}-W8MER<-Jgs5PN=y;{M>uKMd$|`p0F>
zy<|7gEHH3)+K!lRrNLRqIaw{b8n=u*XO4uFf3QZ2bBPYmjA?NT;p0UjUEdXGxZDt(
zY)ZbJQ#6~3>q3=RO6*^ipr2OzZjh2;?lYNHQi}F@12{EYB%BE^srjqN(8t3$C*DUA
zX#=vnv!zUvKDi#R+`tA}7{`*3L;G#9mm@-_mPhn^!*9+qb?r`lK!U^Zliaym;3Yee
z%9S~A$V&!nj|mS)YNJv(G2JwxY$fA|VpoCM(T=_QMEoWcHny6u*+cwm_ScWOrG?4S
zdfP}C$HkkM*==DW$~$*Qd`5kH@czsP<z)Xj&c3*dFy(`Fif>!qe*v*t^W8<rWCYKY
zp$_ad6I~o`0)X29KsxKI&zmgQY*&oi8lytM>rLw8B7^^WjwO?v&X`q8fggv(5I2+L
z-MFqGOA=KzEgeuCTTU9BYc@zb2h2^=tk06?Lu5^u@;<KA=B3y(m8$lHHqO76xqb@|
z+97I53whuZ=I1cu#<11XzV7_(0(tNhT+r=&#(JP9{2=iCy6kNBK*a9-K7%_my~R&K
z_)j)l-CGyE_^--K55X0WYjLA32=s*b;b2`lZV@vIiy^o}wIwO9ykM?jDK{;oI@1IZ
zEqJ5_T%c#EvE-?S>x0eYL1qXSOS0T-u_+xI+LDAX0wrW}IW(lm4?tdeE3R=svwa&g
za#8W%`7`JXy?1cz^`)`-7iG%3U7?Vp^vS7B<j5}?{fV{L-_yPV+ngfY|7>rlFwFb_
zI=aT|?;daT+3)=0R`@B%@F@tF<|Z)DG{?}wveul(a-{)3IVoBXm`kGBAV5!pcv@dw
zoo9|nvsltiGO`@1&*SN;l>eeUCMKj4l-wem%q49aj_;n?^u>Wr^Ru9#FuZ9?4YuY!
zS6x_6GqQ?nH2v#$m+~{Oqw)$w<sBsp-z|)%KbBqyMme>*o!UIRJ2vF~_kL&nUqfrp
zv(7@7^I-qz+I|e4)F-lmZ^l=wgkJwHt)Lli+9mSD=)!)j8UzQ*eZuaRNylHHI)_3o
zk<)&U2o6n}G4@KW$@$xU3^2qur{|QP*F{3yy#wXWAn$a{u9t$XwU-9`xbm0L849{<
zeU-AKi|%1le%r>RF+9XU4r~imG2?PJ-liq>u_bvtVC{yxDZfO(VGUs2Ltcd^mTrhF
zBTHv}1f?KYvySGTIxijer9CW`mtvGx($W~lD?BD`c|s3=vxTVhlCuZbPq|NUI@7Ns
zPJpon+4{c09Q{fAnanz*l_xmJ(Ff0on$w^SKV}{}4gAk!<7=;f$o!&lV0W^9db@PO
z|FZp-vDxdqp)fnhQS|7>8dY|;u{(A5zA%Tin567vWR-kl!anmG`p5!*sDPNk7dsVe
z_qeWwvSP;BlclntD5sdm9cq4wx$O#dJK~3oNvJvRwSvBDl0uuS{FH(h@==cRXB=Im
zPn&Maz9)Qr<;s=4Ak~#uft63MioJR?^Wm#OeYcijeI>J`4lfHflhYVZ8ca)VDVe4z
zNf#%`&!sEPMGC}LIm1(mvq>9^!9=owiV0popr9_9nxzNVW-JQ(1S|-zt@I)tfZbn?
zCH%%-?aP{N{EPHYJ412B&@W%h4s=X`@VlR;Pp?HoqL{HS`knqoLH~bfIC5A=K0!z7
zMh*P~hs$}?(T6W*Q5a;^d4AO3w-5Gz0Ug3i+dsDUtO7Jbi0?L&&_MiMGna586~Pir
zeL`mS!D;b$M;NJGve>V~x0PjFbR+%Hv7G>dM{TQ*sF`76jz9K|OTN2)iuSIeyEmj_
z{EcA1vGZyt2+9j^42k_6yU4O~ptte%L*Mrl_PW3pI;kvcRy+@10bWWr_AJ#h5|@)t
zsyp3Js#$_85Y77jm({P~mKuu#h|KUH3y3*$1K_3GkR>-Dj}H8q!;3e0B9;}FiNJDB
zP;xfs*UNYFTS%>a4IEibc-%eq<!%l4#Bn_S+8oqIT(cN8{_UbpGeiH5Ayp{;Vao6S
zVM-Cke5Va`q|QHqUHnmgXGeS9qEq*Y)qJp?$M1U%!@YtZzJ<S$i+EAr<qmr_O+QDD
zieDKA&{8F7E}CnS&)Jy{`Uja&>0(RL7;0iKp83)Xvti3*^K)$*4myqgsN<EY^-3?=
zoF(-4qt!3TlsgI2;UC-9Yom$8*uy)&eJtl$WIq))ZlVZSU(1|Yqx7F7-rUj}vOQ~H
zt!g{6%eVi%_o_K8g`Gd3=Z3x}QEsBg&Z|mCmLHV<8aDo{O;!Gzo!P40xqwEGK=<v)
zTRJu41#p!O@MPQXm6_(sar23T&C^5b8dH9&=R?NcdCjDRQ=A}d89W!ql*>lkz<BmY
zF1a~{Ygm>pi$H!AgJPuPu5Nq9PrAJKQe*|kse&QTGw#THt9!RwWt_X<E{EX%hZ&Rp
zx6J-!#+R2z!6pUJj;yTKnSlHm)j9Ks42Qipv=hAnEa_w|u}&I(XDjKcWz!}r{lTF}
zZ}#8X+Z&4R8E239_l1A|@zGcDThLj#N7iHiHMm`G%7Qa8Gc_!D3N5v}J9<Nk6=fjV
zjI4t3x2ZKc30S{~%=>WVDmn#^?fP+ky~3rUd}P?T5Nl)k8e85Z$fbp=Ks`*if)g$m
zRJ+G(iV;M0LG+6Y?dzwwjJ9;G?0~-DIp+MIHc(53tvdazRO<JCOwmtSPmXK!*tI-Y
zWa_g0DKi&pf@n0gAzIbGTH6*1tzW)}F0Jt4wCT@2UH)o?)qRKUZ)RhB6$5^8)_0Q6
zEzi8hq9Q0wR^Y_^N5SO5uWMQ*5Al7_SFXr5?a+<_>ThY*IFyU>8>=AHSGMHWM;AFV
zshKkU!uN+=qsH0aesSgSL!rWFcQH_q(e(UBix9?Adt@8KQaj$_p7zv}GEBgPptr03
zq1D^uDDMrPx9F3hfJKR}ALQCKPgXnHzQfpLbR?%ztS$RDUTB=z1lYh6WjdO-gET_~
z0G2z253I__zC(CW(x-jAnbtCIUPcHYeZX7NTLHQ^8g^_80Bmv;i?ph2nZi=aZwrsw
zIws{H`gP~Mqif^6#Jf+2*;Y<_iG6;RyaP*n*WaBnpKHQMyf@+xOJw`<BXy*Qf`w%(
z@w_?;*$s|IPs1IMeckzS8vRd|g52f42ln$FVN4HYEOzW`7asRj4tOQY!-6RRbK#%!
z*RJJokGt~Ty1fxGOMl+{SZC~I`8OS>2j?^VzYbg2Q(Em}vQJTkPA`BZ*q<TypYERd
z6nB1pS9E+Ta(_6ZWa9zaOAB=_87u6pgx}g-{=yluA~R6<T6t43ruKz0X<eUHkW&aS
zSRfej)xe|wX1aFn3AJv}9%m@66Owee*j*&MtC-@9LRNBiaAA-6`9$?;l($pVsDNFe
zLZbOS_2oWa#pi1hc3i{M^ER&{pH-Q#GuRiGTJ7bf>Nkh^LKpgVSJu>mv~<+d=n9<%
z$=K9LRh3)({sJJzk*i%uD?4nRd|H%^X||#5O=;d4xRE(6-;Rdm&<|wj0|JQ>A-&pI
z-QXF|VpUkAL327(RZQzSM&RRC*osEFA-qtDx|9~036F87tM<|d$;f*!Re8uJf$YMb
zd>S3(%|i!BLq2O&jT0aEM-xViIKfKV;5`l>iS#ejx<pgh%gMvj@H{iOGlLB57WB&m
z=JkoO3zV@b3}_(k;;A#W+fJVGF7YSv!#b%h_XOfWveJZpdNUc0NYCN>ka(HUrvZ2A
z9idX0uzCh6S5XmCyF>6|B}JLzMZfRAYd-Ja@XbFYf^R`-rDOh2(x`mX`Pjyd!CP^M
zrCN6rJsUM5r?@_`;<n!pde2rV&SxWJ#or6w=Ut?~kVjq><Tx>+YmfU%ehB=io|@~`
zSeSik?RVd1^w|-DZ9lqcWMCk$!>6SUCm9NwiXx=i`a(J(Gk<#j^14O(&C=>d!F}UW
z0~QJ)aDCGSm4x=kkY=skfY45R>6R%!G;{IuP}y6%6>R4f&-#7+<05h++*Cg>ZNAiY
zM@lApW^?~F)DN~XS-wSj_!HeZ>4()psh}|fz9`!m^342_S4#AX-l0&l2T**PvqAah
zBi25HJmpMZxFT!?D|;oN=qFZ3N-P?8yL|h^82$~}tCb(ALJRV9bu4z!k$zusU<m^I
zmVICle$%SwUbf&CvA=>%Yxc8g7=zn~p1B|&_XxkaZq<*<9g#2djH+n-$@#U>zl+En
z-PEQtzEs)O)l6~Y8j?sgc4CaD6ZqKrOtbxD_%m}A9L?}O4pY2l0Xr5A&9P&&6xr|V
zp1?Kg=-H^YYGEZp<DbN@Iut>!h|sjn;QcziL>f`p*pcQ*8fwO=W=hukbf8g`<MDOl
z$IuOjWozA^+~{mA0v-<KFa0xLjD_F2+Ipl)ch3s7DN;8$wD$rX5`S2=-r8JOD7Mj0
z8=GMoHb>DxpFU%I8mcJ2Y{pxUYFqQb_f@Ex6{0-6TjDqt1!aEi1&ntzCyyvMT*oc<
zyq~7y<SL+A6RqUY7zmtMJ*uK$TD5+}r;O+;jtpz7l|xF>Uiim2wS&E#(4XXgXQ)^M
zma+S^nd}1A$o9|Hba16%_=0;<?z+5Hq)^}b5-R`b*D3`pmQ0M(&``doT;R;{+q;?h
zNS#1O3G7()cZW@13OdLo>_@%=@=D@#P8Q$LV;n-lKa;Uu6zDT^GBvV#x|7etD1-&w
zHbHrG_d&sD?3@n@Wnf2W$Dlxl%tu7$qI96ha1Kh=!5fl*UdL93$gOq*_hh!febF+j
z+h&W)H;p}3-CgAZ)S46XXKzOCB?PW2wY0tsW~g0^!fe%FHZk|I`>+yIt-#A_<8pFI
ze=Zs)0<*vHeln_k8N<88$^YBxh1<gjd#$hk`G3ixTrZg8@;c?9``Pu4MdT#r0lfCA
z_{97%u=5YrhjGp#!v4fCR2K3ksr<u+7h2rh{>@cK;z6U%=M&xI7qfq8JumNh<&f}p
zpJ_l|B%yxd>bQkQLxVBTmiSl<{MPelpVN9>Swt?p9qBY`oHBQ*?&v>!^cSFs=^I-A
z_TUWe6XlLHbjzRVx4$_keza2i9U1kU7J4IzGz`uk?T`FVWuDx%2?Xd*(Ie_sUXL`?
zEYSR%h*4LSwQS<w>reZdhYSmq>POO`I~rUP-cm=8T`dx!SxWZClNB{0<UWg>$+@P*
z){Msfy4T7uIT1E2dgNPmB2}`{Rfczna-+O-h-+0&IqtOeUM?)bB+HGd<?Y1q@O4(W
z_shtw(D|gxBuK#1pjrSnYEL6zwykEio*);{JFg~NqQ!ZsnVulPUdtnPLOcY<v=yQq
zfC3%OX6q%TMA)5hsu^fj@mzeUJ6(M=U3a6Ntw++f>LupmBNh7oM?CZq?G&A9VNE0n
z^Hu=89xtDDuTPXh`3b4h3HtY86iN_So#V6I6J~kG>X!YVp+6Vz9xSS>{le^SLmp!2
zW$b<2(P)$FcwlbEX|KsN-_-}FL)7o>M@rS%S!sybsEh|?7Lo9%eZBqMaY4o&{@dWP
z0E5r8e*p?6a(7MsE24KfLm8cpC5rOB6*#|BqB^R%53};tW{rn`zdzIp!j&M-m6R3N
UOc-4XG?&x^zSIL|=losyKcD{;1ONa4

literal 0
HcmV?d00001

diff --git a/webgoat-lessons/challenge/src/main/resources/js/challenge2.js b/webgoat-lessons/challenge/src/main/resources/js/challenge2.js
new file mode 100644
index 000000000..a9e649e8c
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/js/challenge2.js
@@ -0,0 +1,33 @@
+$(document).ready(function(){
+    //-- Click on detail
+    $("ul.menu-items > li").on("click",function(){
+        $("ul.menu-items > li").removeClass("active");
+        $(this).addClass("active");
+    })
+
+    $(".attr,.attr2").on("click",function(){
+        var clase = $(this).attr("class");
+
+        $("." + clase).removeClass("active");
+        $(this).addClass("active");
+    })
+
+    //-- Click on QUANTITY
+    $(".btn-minus").on("click",function(){
+        var now = $(".section > div > input").val();
+        if ($.isNumeric(now)){
+            if (parseInt(now) -1 > 0){ now--;}
+            $(".section > div > input").val(now);
+        }else{
+            $(".section > div > input").val("1");
+        }
+    })
+    $(".btn-plus").on("click",function(){
+        var now = $(".section > div > input").val();
+        if ($.isNumeric(now)){
+            $(".section > div > input").val(parseInt(now)+1);
+        }else{
+            $(".section > div > input").val("1");
+        }
+    })
+})
\ No newline at end of file

From 08f0c94a57cfbbbdfd7eea905f4eca5a5b6b31bd Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Thu, 23 Mar 2017 21:03:20 +0100
Subject: [PATCH 05/22] Fixed logout

---
 webgoat-container/src/main/resources/templates/main_new.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webgoat-container/src/main/resources/templates/main_new.html b/webgoat-container/src/main/resources/templates/main_new.html
index a791f2026..925781ffa 100644
--- a/webgoat-container/src/main/resources/templates/main_new.html
+++ b/webgoat-container/src/main/resources/templates/main_new.html
@@ -62,7 +62,7 @@
                     <i class="fa fa-user"></i> <span class="caret"></span>
                 </button>
                 <ul class="dropdown-menu dropdown-menu-left">
-                    <li role="presentation"><a role="menuitem" tabindex="-1" th:href="@{/login(logout)}"
+                    <li role="presentation"><a role="menuitem" tabindex="-1" th:href="@{/logout}"
                                                th:text="#{logout}">Logout</a></li>
                     <li role="presentation" class="divider"></li>
                     <li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">User: <span

From e9884edf1982ee76869b4a044abee845a2e68814 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Thu, 23 Mar 2017 21:46:21 +0100
Subject: [PATCH 06/22] Fixed exception while logging in with unknown user

---
 .../org/owasp/webgoat/users/UserService.java  |  6 ++++-
 .../owasp/webgoat/users/UserServiceTest.java  | 25 +++++++++++++++++++
 2 files changed, 30 insertions(+), 1 deletion(-)
 create mode 100644 webgoat-container/src/test/java/org/owasp/webgoat/users/UserServiceTest.java

diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/users/UserService.java b/webgoat-container/src/main/java/org/owasp/webgoat/users/UserService.java
index 7e153f81c..15a6cf6d4 100644
--- a/webgoat-container/src/main/java/org/owasp/webgoat/users/UserService.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/UserService.java
@@ -19,7 +19,11 @@ public class UserService implements UserDetailsService {
     @Override
     public WebGoatUser loadUserByUsername(String username) throws UsernameNotFoundException {
         WebGoatUser webGoatUser = userRepository.findByUsername(username);
-        webGoatUser.createUser();
+        if (webGoatUser == null) {
+            throw new UsernameNotFoundException("User not found");
+        } else {
+            webGoatUser.createUser();
+        }
         return webGoatUser;
     }
 
diff --git a/webgoat-container/src/test/java/org/owasp/webgoat/users/UserServiceTest.java b/webgoat-container/src/test/java/org/owasp/webgoat/users/UserServiceTest.java
new file mode 100644
index 000000000..15606b7e8
--- /dev/null
+++ b/webgoat-container/src/test/java/org/owasp/webgoat/users/UserServiceTest.java
@@ -0,0 +1,25 @@
+package org.owasp.webgoat.users;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.runners.MockitoJUnitRunner;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
+import static org.mockito.Matchers.any;
+import static org.mockito.Mockito.when;
+
+@RunWith(MockitoJUnitRunner.class)
+public class UserServiceTest {
+
+    @Mock
+    private UserRepository userRepository;
+
+    @Test(expected = UsernameNotFoundException.class)
+    public void shouldThrowExceptionWhenUserIsNotFound() {
+        when(userRepository.findByUsername(any())).thenReturn(null);
+        UserService userService = new UserService(userRepository);
+        userService.loadUserByUsername("unknown");
+    }
+
+}
\ No newline at end of file

From ed85c9730671828275b670c8b71896b4982207c3 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Thu, 23 Mar 2017 21:54:02 +0100
Subject: [PATCH 07/22] Fixing Travis build

---
 .travis.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index 86d6cb135..ddd8e62dc 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -3,8 +3,8 @@ jdk:
   - oraclejdk8
 install: "/bin/true"
 script:
-  - mvn clean package
-  - if [[ $TRAVIS_PULL_REQUEST == "false" ]]; then mvn "-Dbuild.number=$TRAVIS_BUILD_NUMBER" clean package; else mvn clean package; fi
+  - mvn clean install
+  - if [[ $TRAVIS_PULL_REQUEST == "false" ]]; then mvn "-Dbuild.number=$TRAVIS_BUILD_NUMBER" clean install; else mvn clean install; fi
 cache:
   directories:
   - $HOME/.m2
@@ -12,7 +12,7 @@ before_deploy:
   - export WEBGOAT_SERVER_TARGET_DIR=$HOME/build/$TRAVIS_REPO_SLUG/webgoat-server/target
   - export WEBGOAT_ARTIFACTS_FOLDER=$HOME/build/$TRAVIS_REPO_SLUG/Deployable_Artifacts/
   - mkdir $WEBGOAT_ARTIFACTS_FOLDER
-  - cp -fa WEBGOAT_SERVER_TARGET_DIR/*.jar $WEBGOAT_ARTIFACTS_FOLDER/
+  - cp -fa $WEBGOAT_SERVER_TARGET_DIR/*.jar $WEBGOAT_ARTIFACTS_FOLDER/
   - echo "Contents of artifacts folder:"
   - ls $WEBGOAT_ARTIFACTS_FOLDER
 deploy:

From 8500749dde17339ae74759e2dd719ac975844657 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Thu, 23 Mar 2017 22:00:52 +0100
Subject: [PATCH 08/22] Updated README for building and starting WebGoat

---
 README.MD | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/README.MD b/README.MD
index e5460ca72..35b89cf7d 100644
--- a/README.MD
+++ b/README.MD
@@ -67,13 +67,13 @@ Now let's start by compiling the project.
 ```Shell
 cd WebGoat
 git checkout develop
-mvn clean package
+mvn clean install
 ```
 
 Now we are ready to run the project. WebGoat 8.x is using Spring-Boot.
 
 ```Shell
-mvn -pl webgoat-assembly spring-boot:run
+mvn -pl webgoat-server spring-boot:run
 ```
 ... you should be running webgoat on localhost:8080/WebGoat momentarily
 
@@ -99,9 +99,8 @@ On x86 you can build a container with the following commands:
 
 ```Shell
 cd WebGoat/
-mvn package
+mvn install
 cd webgoat-server
-mvn package
 mvn docker:build
 docker tag webgoat/webgoat-8.0 webgoat/webgoat-8.0:8.0
 docker login
@@ -125,9 +124,8 @@ When you have done this you can build the Docker container using the following c
  
 ```Shell
 cd WebGoat/
-mvn package
-cd webgoat-container
-mvn package
+mvn install
+cd webgoat-server
 mvn docker:build -Drpi=true
 docker tag webgoat/webgoat-8.0 webgoat/webgoat-8.0:8.0
 docker login

From 12f680407b235abc36922f892ce3ea99a8e9686a Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sat, 8 Apr 2017 08:30:14 +0200
Subject: [PATCH 09/22] Added validation to detect duplicate users during
 registration

---
 .../owasp/webgoat/users/UserValidator.java    | 11 ++--
 .../webgoat/users/UserValidatorTest.java      | 62 +++++++++++++++++++
 2 files changed, 68 insertions(+), 5 deletions(-)
 create mode 100644 webgoat-container/src/test/java/org/owasp/webgoat/users/UserValidatorTest.java

diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/users/UserValidator.java b/webgoat-container/src/main/java/org/owasp/webgoat/users/UserValidator.java
index e3c1e9c35..b0a46b4d6 100644
--- a/webgoat-container/src/main/java/org/owasp/webgoat/users/UserValidator.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/users/UserValidator.java
@@ -1,5 +1,6 @@
 package org.owasp.webgoat.users;
 
+import lombok.AllArgsConstructor;
 import org.springframework.stereotype.Component;
 import org.springframework.validation.Errors;
 import org.springframework.validation.Validator;
@@ -9,10 +10,10 @@ import org.springframework.validation.Validator;
  * @since 3/19/17.
  */
 @Component
+@AllArgsConstructor
 public class UserValidator implements Validator {
 
-//    @Autowired
-//    private UserService userService;
+    private final UserRepository userRepository;
 
     @Override
     public boolean supports(Class<?> aClass) {
@@ -23,9 +24,9 @@ public class UserValidator implements Validator {
     public void validate(Object o, Errors errors) {
         UserForm userForm = (UserForm) o;
 
-//        if (userService.findByUsername(userForm.getUsername()) != null) {
-//            errors.rejectValue("username", "Duplicate.userForm.username");
-//        }
+        if (userRepository.findByUsername(userForm.getUsername()) != null) {
+            errors.rejectValue("username", "username.duplicate");
+        }
 
         if (!userForm.getMatchingPassword().equals(userForm.getPassword())) {
             errors.rejectValue("matchingPassword", "password.diff");
diff --git a/webgoat-container/src/test/java/org/owasp/webgoat/users/UserValidatorTest.java b/webgoat-container/src/test/java/org/owasp/webgoat/users/UserValidatorTest.java
new file mode 100644
index 000000000..7968ed30f
--- /dev/null
+++ b/webgoat-container/src/test/java/org/owasp/webgoat/users/UserValidatorTest.java
@@ -0,0 +1,62 @@
+package org.owasp.webgoat.users;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.runners.MockitoJUnitRunner;
+import org.owasp.webgoat.session.WebGoatUser;
+import org.springframework.validation.BeanPropertyBindingResult;
+import org.springframework.validation.Errors;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+import static org.mockito.Matchers.anyString;
+import static org.mockito.Mockito.when;
+
+@RunWith(MockitoJUnitRunner.class)
+public class UserValidatorTest {
+
+    @Mock
+    private UserRepository userRepository;
+
+    @Test
+    public void passwordsShouldMatch() {
+        UserForm userForm = new UserForm();
+        userForm.setAgree("true");
+        userForm.setUsername("test1234");
+        userForm.setPassword("test1234");
+        userForm.setMatchingPassword("test1234");
+        Errors errors = new BeanPropertyBindingResult(userForm, "userForm");
+        new UserValidator(userRepository).validate(userForm, errors);
+        assertFalse(errors.hasErrors());
+    }
+
+    @Test
+    public void shouldGiveErrorWhenPasswordsDoNotMatch() {
+        UserForm userForm = new UserForm();
+        userForm.setAgree("true");
+        userForm.setUsername("test1234");
+        userForm.setPassword("test12345");
+        userForm.setMatchingPassword("test1234");
+        Errors errors = new BeanPropertyBindingResult(userForm, "userForm");
+        new UserValidator(userRepository).validate(userForm, errors);
+        assertTrue(errors.hasErrors());
+        assertThat(errors.getFieldError("matchingPassword").getCode()).isEqualTo("password.diff");
+    }
+
+    @Test
+    public void shouldGiveErrorWhenUserAlreadyExists() {
+        UserForm userForm = new UserForm();
+        userForm.setAgree("true");
+        userForm.setUsername("test12345");
+        userForm.setPassword("test12345");
+        userForm.setMatchingPassword("test12345");
+        when(userRepository.findByUsername(anyString())).thenReturn(new WebGoatUser("test1245", "password"));
+        Errors errors = new BeanPropertyBindingResult(userForm, "userForm");
+        new UserValidator(userRepository).validate(userForm, errors);
+        assertTrue(errors.hasErrors());
+        assertThat(errors.getFieldError("username").getCode()).isEqualTo("username.duplicate");
+    }
+
+}
\ No newline at end of file

From 931da87c2b207dc48996ea1646d28997dbdabb52 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sat, 8 Apr 2017 10:31:56 +0200
Subject: [PATCH 10/22] Challenge 2 JavaScript is working

---
 .../owasp/webgoat/plugin/ShopEndpoint.java    | 51 +++++++++----------
 .../webgoat/plugin/SolutionConstants.java     |  2 +-
 .../src/main/resources/html/Challenge.html    | 33 ++++++++----
 .../src/main/resources/js/challenge2.js       | 43 +++++++++++-----
 .../resources/lessonPlans/en/Challenge_2.adoc |  1 +
 5 files changed, 78 insertions(+), 52 deletions(-)
 create mode 100644 webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc

diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
index fc0323613..cc1f2bc3f 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
@@ -3,13 +3,14 @@ package org.owasp.webgoat.plugin;
 import com.beust.jcommander.internal.Lists;
 import lombok.AllArgsConstructor;
 import lombok.Getter;
-import org.apache.commons.lang3.RandomStringUtils;
 import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
+import java.util.Optional;
 
 import static org.owasp.webgoat.plugin.SolutionConstants.SUPER_COUPON_CODE;
 
@@ -18,54 +19,50 @@ import static org.owasp.webgoat.plugin.SolutionConstants.SUPER_COUPON_CODE;
  * @since 4/6/17.
  */
 @RestController
+@RequestMapping("challenge-store")
 public class ShopEndpoint {
 
     @AllArgsConstructor
-    private class CouponCodes {
+    private class CheckoutCodes {
 
         @Getter
-        private List<CouponCode> codes = Lists.newArrayList();
+        private List<CheckoutCode> codes = Lists.newArrayList();
 
-        public boolean contains(String code) {
-            return codes.stream().anyMatch(c -> c.getCode().equals(code));
+        public Optional<CheckoutCode> get(String code) {
+            return codes.stream().filter(c -> c.getCode().equals(code)).findFirst();
         }
     }
 
     @AllArgsConstructor
     @Getter
-    private class CouponCode {
+    private class CheckoutCode {
         private String code;
         private int discount;
     }
 
-    private CouponCodes couponCodes;
+    private CheckoutCodes checkoutCodes;
 
     public ShopEndpoint() {
-        List<CouponCode> codes = Lists.newArrayList();
-        for (int i = 0; i < 9; i++) {
-            codes.add(new CouponCode(RandomStringUtils.random(10), i * 100));
-        }
-        this.couponCodes = new CouponCodes(codes);
+        List<CheckoutCode> codes = Lists.newArrayList();
+        codes.add(new CheckoutCode("pre-order-webgoat", 25));
+        codes.add(new CheckoutCode("pre-order-owasp", 25));
+        codes.add(new CheckoutCode("pre-order-webgoat-owasp", 50));
+        this.checkoutCodes = new CheckoutCodes(codes);
     }
 
-    @GetMapping(value = "/coupons/{user}", produces = MediaType.APPLICATION_JSON_VALUE)
-    public CouponCodes getDiscountCodes(@PathVariable String user) {
-        if ("Tom".equals(user)) {
-            return couponCodes;
+    @GetMapping(value = "/coupons/{code}", produces = MediaType.APPLICATION_JSON_VALUE)
+    public CheckoutCode getDiscountCode(@PathVariable String code) {
+        if (SUPER_COUPON_CODE.equals(code)) {
+            return new CheckoutCode(SUPER_COUPON_CODE, 100);
         }
-        return null;
-    }
-
-    @GetMapping(value = "/coupons/valid/{code}", produces = MediaType.APPLICATION_JSON_VALUE)
-    public boolean isValidCouponCode(@PathVariable String code) {
-        return couponCodes.contains(code);
+        return checkoutCodes.get(code).orElse(new CheckoutCode("no", 0));
     }
 
     @GetMapping(value = "/coupons", produces = MediaType.APPLICATION_JSON_VALUE)
-    public CouponCodes coupons() {
-        List<CouponCode> all = Lists.newArrayList();
-        all.addAll(this.couponCodes.getCodes());
-        all.add(new CouponCode(SUPER_COUPON_CODE, 100));
-        return new CouponCodes(all);
+    public CheckoutCodes all() {
+        List<CheckoutCode> all = Lists.newArrayList();
+        all.addAll(this.checkoutCodes.getCodes());
+        all.add(new CheckoutCode(SUPER_COUPON_CODE, 100));
+        return new CheckoutCodes(all);
     }
 }
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java
index 5450e02ae..d881875d9 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/SolutionConstants.java
@@ -9,6 +9,6 @@ package org.owasp.webgoat.plugin;
 public interface SolutionConstants {
 
     String PASSWORD = "!!webgoat_admin_1234!!";
-    String SUPER_COUPON_CODE = "get_if_for_free";
+    String SUPER_COUPON_CODE = "get_it_for_free";
 
 }
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index 59de297d1..8c9bbc78d 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -7,6 +7,7 @@
 </div>
 
 <div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_1.adoc"></div>
     <div class="attack-container">
         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
         <div class="panel panel-default">
@@ -54,8 +55,8 @@
     </div>
 </div>
 
-
 <div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_2.adoc"></div>
     <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/challenge2.css}"/>
     <script th:src="@{/lesson_js/challenge2.js}" language="JavaScript"></script>
     <div class="attack-container">
@@ -66,23 +67,23 @@
                     <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
                 </div>
                 <div class="col-xs-5" style="border:0px solid gray">
-                    <h3>Samsung Galaxy S8 Plus 64GB Android Phone</h3>
-                    <h5 style="color:#337ab7">Manufacturer <a href="http://www.samsung.com">Samsung</a> ·
-                        <small style="color:#337ab7">(5054 reviews)</small>
+                    <h3>Samsung Galaxy S8 Plus Android Phone</h3>
+                    <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
+                        <small style="color:#337ab7">(124421 reviews)</small>
                     </h5>
 
                     <h6 class="title-price">
                         <small>PRICE</small>
                     </h6>
-                    <h3 style="margin-top:0px;">US $899</h3>
+                    <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
 
                     <div class="section">
                         <h6 class="title-attr" style="margin-top:15px;">
                             <small>COLOR</small>
                         </h6>
                         <div>
-                            <div class="attr" style="width:25px;background:#5a5a5a;"></div>
-                            <div class="attr" style="width:25px;background:white;"></div>
+                            <div class="attr" style="width:25px;background:lightgrey;"></div>
+                            <div class="attr" style="width:25px;background:black;"></div>
                         </div>
                     </div>
                     <div class="section" style="padding-bottom:5px;">
@@ -90,8 +91,8 @@
                             <small>CAPACITY</small>
                         </h6>
                         <div>
-                            <div class="attr2">16 GB</div>
-                            <div class="attr2">32 GB</div>
+                            <div class="attr2">64 GB</div>
+                            <div class="attr2">128 GB</div>
                         </div>
                     </div>
                     <div class="section" style="padding-bottom:20px;">
@@ -100,11 +101,23 @@
                         </h6>
                         <div>
                             <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
-                            <input value="1"/>
+                            <input class="quantity" value="1"/>
                             <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
                         </div>
                     </div>
 
+                    <div class="section" style="padding-bottom:20px;">
+                        <h6 class="title-attr">
+                            <small>CHECKOUT CODE</small>
+                        </h6>
+
+                        <!--
+                          Checkout code: pre-order-webgoat, pre-order-owasp, pre-order-webgoat-owasp
+                        -->
+                        <input class="checkoutCode" value=""/>
+
+                    </div>
+
                     <div class="section" style="padding-bottom:20px;">
                         <button class="btn btn-success"><span style="margin-right:20px"
                                                               class="glyphicon glyphicon-shopping-cart"
diff --git a/webgoat-lessons/challenge/src/main/resources/js/challenge2.js b/webgoat-lessons/challenge/src/main/resources/js/challenge2.js
index a9e649e8c..eb1528c7c 100644
--- a/webgoat-lessons/challenge/src/main/resources/js/challenge2.js
+++ b/webgoat-lessons/challenge/src/main/resources/js/challenge2.js
@@ -1,11 +1,11 @@
-$(document).ready(function(){
+$(document).ready(function () {
     //-- Click on detail
-    $("ul.menu-items > li").on("click",function(){
+    $("ul.menu-items > li").on("click", function () {
         $("ul.menu-items > li").removeClass("active");
         $(this).addClass("active");
     })
 
-    $(".attr,.attr2").on("click",function(){
+    $(".attr,.attr2").on("click", function () {
         var clase = $(this).attr("class");
 
         $("." + clase).removeClass("active");
@@ -13,21 +13,36 @@ $(document).ready(function(){
     })
 
     //-- Click on QUANTITY
-    $(".btn-minus").on("click",function(){
+    $(".btn-minus").on("click", function () {
         var now = $(".section > div > input").val();
-        if ($.isNumeric(now)){
-            if (parseInt(now) -1 > 0){ now--;}
-            $(".section > div > input").val(now);
-        }else{
-            $(".section > div > input").val("1");
+        if ($.isNumeric(now)) {
+            if (parseInt(now) - 1 > 0) {
+                now--;
+            }
+            $(".quantity").val(now);
+        } else {
+            $(".quantity").val("1");
         }
     })
-    $(".btn-plus").on("click",function(){
+    $(".btn-plus").on("click", function () {
         var now = $(".section > div > input").val();
-        if ($.isNumeric(now)){
-            $(".section > div > input").val(parseInt(now)+1);
-        }else{
-            $(".section > div > input").val("1");
+        if ($.isNumeric(now)) {
+            $(".quantity").val(parseInt(now) + 1);
+        } else {
+            $(".quantity").val("1");
         }
     })
+    $(".checkoutCode").on("blur", function () {
+        var checkoutCode = $(".checkoutCode").val();
+        $.get("challenge-store/coupons/" + checkoutCode, function (result, status) {
+            var discount = result.discount;
+            if (discount > 0) {
+                var price = $('#price').val();
+                $('#price').text((899 - (899 * discount / 100)).toFixed(2));
+            } else {
+                $('#price').text(899);
+            }
+
+        });
+    })
 })
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
new file mode 100644
index 000000000..a9177c5b2
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
@@ -0,0 +1 @@
+=== No need to pay... (WIP!!)
\ No newline at end of file

From fd2bdce2705f3091be660f4b85c167aec5d194ef Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sat, 8 Apr 2017 11:08:33 +0200
Subject: [PATCH 11/22] Roundtrip for challenge 2 done

---
 .../org/owasp/webgoat/plugin/Challenge2.java  |   4 +-
 .../src/main/resources/html/Challenge.html    | 118 ++++++++++--------
 .../resources/lessonPlans/en/Challenge_2.adoc |   2 +-
 3 files changed, 66 insertions(+), 58 deletions(-)

diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
index 8bc916874..87ece4df9 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
@@ -22,8 +22,8 @@ public class Challenge2 extends AssignmentEndpoint {
     @RequestMapping(method = RequestMethod.POST)
     public
     @ResponseBody
-    AttackResult completed(@RequestParam String couponCode) throws IOException {
-        if (SUPER_COUPON_CODE.equals(couponCode)) {
+    AttackResult completed(@RequestParam String checkoutCode) throws IOException {
+        if (SUPER_COUPON_CODE.equals(checkoutCode)) {
             return success().feedback("challenge.solved").feedbackArgs(Flag.FLAGS.get(2)).build();
         }
         return failed().build();
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index 8c9bbc78d..b937495a8 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -61,74 +61,82 @@
     <script th:src="@{/lesson_js/challenge2.js}" language="JavaScript"></script>
     <div class="attack-container">
         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
-        <div class="container">
-            <div class="row">
-                <div class="col-xs-3 item-photo">
-                    <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
-                </div>
-                <div class="col-xs-5" style="border:0px solid gray">
-                    <h3>Samsung Galaxy S8 Plus Android Phone</h3>
-                    <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
-                        <small style="color:#337ab7">(124421 reviews)</small>
-                    </h5>
+        <form class="attack-form" accept-charset="UNKNOWN"
+              method="POST" name="form"
+              action="/WebGoat/challenge/2"
+              enctype="application/json;charset=UTF-8">
+            <div class="container">
 
-                    <h6 class="title-price">
-                        <small>PRICE</small>
-                    </h6>
-                    <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
+                <div class="row">
+                    <div class="col-xs-3 item-photo">
+                        <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
+                    </div>
+                    <div class="col-xs-5" style="border:0px solid gray">
+                        <h3>Samsung Galaxy S8 Plus Android Phone</h3>
+                        <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
+                            <small style="color:#337ab7">(124421 reviews)</small>
+                        </h5>
 
-                    <div class="section">
-                        <h6 class="title-attr" style="margin-top:15px;">
-                            <small>COLOR</small>
+                        <h6 class="title-price">
+                            <small>PRICE</small>
                         </h6>
-                        <div>
-                            <div class="attr" style="width:25px;background:lightgrey;"></div>
-                            <div class="attr" style="width:25px;background:black;"></div>
+                        <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
+
+                        <div class="section">
+                            <h6 class="title-attr" style="margin-top:15px;">
+                                <small>COLOR</small>
+                            </h6>
+                            <div>
+                                <div class="attr" style="width:25px;background:lightgrey;"></div>
+                                <div class="attr" style="width:25px;background:black;"></div>
+                            </div>
                         </div>
-                    </div>
-                    <div class="section" style="padding-bottom:5px;">
-                        <h6 class="title-attr">
-                            <small>CAPACITY</small>
-                        </h6>
-                        <div>
-                            <div class="attr2">64 GB</div>
-                            <div class="attr2">128 GB</div>
+                        <div class="section" style="padding-bottom:5px;">
+                            <h6 class="title-attr">
+                                <small>CAPACITY</small>
+                            </h6>
+                            <div>
+                                <div class="attr2">64 GB</div>
+                                <div class="attr2">128 GB</div>
+                            </div>
                         </div>
-                    </div>
-                    <div class="section" style="padding-bottom:20px;">
-                        <h6 class="title-attr">
-                            <small>QUANTITY</small>
-                        </h6>
-                        <div>
-                            <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
-                            <input class="quantity" value="1"/>
-                            <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
+                        <div class="section" style="padding-bottom:20px;">
+                            <h6 class="title-attr">
+                                <small>QUANTITY</small>
+                            </h6>
+                            <div>
+                                <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
+                                <input class="quantity" value="1"/>
+                                <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
+                            </div>
                         </div>
-                    </div>
 
-                    <div class="section" style="padding-bottom:20px;">
-                        <h6 class="title-attr">
-                            <small>CHECKOUT CODE</small>
-                        </h6>
+                        <div class="section" style="padding-bottom:20px;">
+                            <h6 class="title-attr">
+                                <small>CHECKOUT CODE</small>
+                            </h6>
 
-                        <!--
-                          Checkout code: pre-order-webgoat, pre-order-owasp, pre-order-webgoat-owasp
-                        -->
-                        <input class="checkoutCode" value=""/>
+                            <!--
+                              Checkout code: pre-order-webgoat, pre-order-owasp, pre-order-webgoat-owasp
+                            -->
+                            <input name="checkoutCode" class="checkoutCode" value=""/>
 
-                    </div>
+                        </div>
 
-                    <div class="section" style="padding-bottom:20px;">
-                        <button class="btn btn-success"><span style="margin-right:20px"
-                                                              class="glyphicon glyphicon-shopping-cart"
-                                                              aria-hidden="true"></span>Buy
-                        </button>
-                        <h6><a href="#"><span class="glyphicon glyphicon-heart-empty" style="cursor:pointer;"></span>
-                            Like</a></h6>
+                        <div class="section" style="padding-bottom:20px;">
+                            <button type="submit" class="btn btn-success"><span style="margin-right:20px"
+                                                                  class="glyphicon glyphicon-shopping-cart"
+                                                                  aria-hidden="true"></span>Buy
+                            </button>
+                            <h6><a href="#"><span class="glyphicon glyphicon-heart-empty"
+                                                  style="cursor:pointer;"></span>
+                                Like</a></h6>
+                        </div>
                     </div>
                 </div>
+
             </div>
-        </div>
+        </form>
         <br/>
         <div>
             <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
index a9177c5b2..6849340ea 100644
--- a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
@@ -1 +1 @@
-=== No need to pay... (WIP!!)
\ No newline at end of file
+=== No need to pay...
\ No newline at end of file

From 9b7396cb933ebf89f07ff3b221e7d95a9c8f5e12 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sat, 8 Apr 2017 11:25:24 +0200
Subject: [PATCH 12/22] Challenge 2: making elements on page work together

---
 .../owasp/webgoat/plugin/ShopEndpoint.java    |  6 ++--
 .../src/main/resources/html/Challenge.html    |  8 +++---
 .../src/main/resources/js/challenge2.js       | 28 +++++++++++++++----
 3 files changed, 29 insertions(+), 13 deletions(-)

diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
index cc1f2bc3f..aae31c098 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
@@ -44,9 +44,9 @@ public class ShopEndpoint {
 
     public ShopEndpoint() {
         List<CheckoutCode> codes = Lists.newArrayList();
-        codes.add(new CheckoutCode("pre-order-webgoat", 25));
-        codes.add(new CheckoutCode("pre-order-owasp", 25));
-        codes.add(new CheckoutCode("pre-order-webgoat-owasp", 50));
+        codes.add(new CheckoutCode("webgoat", 25));
+        codes.add(new CheckoutCode("owasp", 25));
+        codes.add(new CheckoutCode("owasp-webgoat", 50));
         this.checkoutCodes = new CheckoutCodes(codes);
     }
 
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index b937495a8..ee1e3363d 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -66,7 +66,7 @@
               action="/WebGoat/challenge/2"
               enctype="application/json;charset=UTF-8">
             <div class="container">
-
+                <input id="discount" type="hidden" value="0"/>
                 <div class="row">
                     <div class="col-xs-3 item-photo">
                         <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
@@ -117,7 +117,7 @@
                             </h6>
 
                             <!--
-                              Checkout code: pre-order-webgoat, pre-order-owasp, pre-order-webgoat-owasp
+                              Checkout code: webgoat, owasp, owasp-webgoat
                             -->
                             <input name="checkoutCode" class="checkoutCode" value=""/>
 
@@ -125,8 +125,8 @@
 
                         <div class="section" style="padding-bottom:20px;">
                             <button type="submit" class="btn btn-success"><span style="margin-right:20px"
-                                                                  class="glyphicon glyphicon-shopping-cart"
-                                                                  aria-hidden="true"></span>Buy
+                                                                                class="glyphicon glyphicon-shopping-cart"
+                                                                                aria-hidden="true"></span>Buy
                             </button>
                             <h6><a href="#"><span class="glyphicon glyphicon-heart-empty"
                                                   style="cursor:pointer;"></span>
diff --git a/webgoat-lessons/challenge/src/main/resources/js/challenge2.js b/webgoat-lessons/challenge/src/main/resources/js/challenge2.js
index eb1528c7c..78df37939 100644
--- a/webgoat-lessons/challenge/src/main/resources/js/challenge2.js
+++ b/webgoat-lessons/challenge/src/main/resources/js/challenge2.js
@@ -14,35 +14,51 @@ $(document).ready(function () {
 
     //-- Click on QUANTITY
     $(".btn-minus").on("click", function () {
-        var now = $(".section > div > input").val();
+        var now = $(".quantity").val();
         if ($.isNumeric(now)) {
             if (parseInt(now) - 1 > 0) {
                 now--;
             }
             $(".quantity").val(now);
+            $('#price').text(now * 899);
         } else {
             $(".quantity").val("1");
+            $('#price').text(899);
         }
+        calculate();
     })
     $(".btn-plus").on("click", function () {
-        var now = $(".section > div > input").val();
+        var now = $(".quantity").val();
         if ($.isNumeric(now)) {
             $(".quantity").val(parseInt(now) + 1);
         } else {
             $(".quantity").val("1");
         }
+        calculate();
     })
     $(".checkoutCode").on("blur", function () {
         var checkoutCode = $(".checkoutCode").val();
         $.get("challenge-store/coupons/" + checkoutCode, function (result, status) {
             var discount = result.discount;
             if (discount > 0) {
-                var price = $('#price').val();
-                $('#price').text((899 - (899 * discount / 100)).toFixed(2));
+                $('#discount').text(discount);
+                calculate();
             } else {
-                $('#price').text(899);
+                $('#discount').text(0);
+                calculate();
             }
-
         });
     })
+
+    function calculate() {
+        var d = $('#discount').text();
+        var price = $('#price').val();
+        var quantity = parseInt($(".quantity").val());
+        if (d > 0) {
+            $('#price').text((quantity * (899 - (899 * d / 100))).toFixed(2));
+
+        } else {
+            $('#price').text(quantity * 899);
+        }
+    }
 })
\ No newline at end of file

From 2cec95f8d3f9fe53045eede046a8031e2b48c73b Mon Sep 17 00:00:00 2001
From: Jason White <jason.white@owasp.org>
Date: Thu, 6 Apr 2017 09:52:31 -0400
Subject: [PATCH 13/22] refactor of pagination controls

---
 .../src/main/resources/static/css/main.css    |   5 +
 .../js/goatApp/model/LessonContentModel.js    |   3 +-
 .../js/goatApp/model/LessonOverviewModel.js   |   2 +-
 .../js/goatApp/templates/paging_controls.html |   5 +
 .../js/goatApp/view/LessonContentView.js      | 138 ++----------------
 .../js/goatApp/view/PaginationControlView.js  | 128 ++++++++++++++++
 .../main/resources/templates/main_new.html    |   4 +-
 7 files changed, 154 insertions(+), 131 deletions(-)
 create mode 100644 webgoat-container/src/main/resources/static/js/goatApp/templates/paging_controls.html
 create mode 100644 webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js

diff --git a/webgoat-container/src/main/resources/static/css/main.css b/webgoat-container/src/main/resources/static/css/main.css
index d9e22453b..0bf116637 100644
--- a/webgoat-container/src/main/resources/static/css/main.css
+++ b/webgoat-container/src/main/resources/static/css/main.css
@@ -958,6 +958,11 @@ cookie-container {
     cursor:pointer;
 }
 
+.page-nav-wrapper {
+    display:inline-block;
+    width: 30px;
+}
+
 span.show-next-page, span.show-prev-page {
 font-size: 1.3em;
 }
diff --git a/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js b/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js
index f036f22e6..395d31262 100644
--- a/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js
+++ b/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js
@@ -20,7 +20,6 @@ define(['jquery',
 
         loadData: function(options) {
             this.urlRoot = _.escape(encodeURIComponent(options.name)) + '.lesson'
-
             var self = this;
             this.fetch().done(function(data) {
                 self.setContent(data);
@@ -32,7 +31,7 @@ define(['jquery',
                 loadHelps = true;
             }
             this.set('content',content);
-            this.set('lessonUrl',document.URL);
+            this.set('lessonUrl',document.URL.replace(/\.lesson.*/,'.lesson'));
             this.trigger('content:loaded',this,loadHelps);
         },
 
diff --git a/webgoat-container/src/main/resources/static/js/goatApp/model/LessonOverviewModel.js b/webgoat-container/src/main/resources/static/js/goatApp/model/LessonOverviewModel.js
index 28647bb89..17c906bd5 100644
--- a/webgoat-container/src/main/resources/static/js/goatApp/model/LessonOverviewModel.js
+++ b/webgoat-container/src/main/resources/static/js/goatApp/model/LessonOverviewModel.js
@@ -3,7 +3,7 @@ define([
 	function(
 		Backbone) {
 	return Backbone.Collection.extend({
-	    tagName: 'ul',
+	    //tagName: 'ul',
 		url: 'service/lessonoverview.mvc'
 	});
 });
diff --git a/webgoat-container/src/main/resources/static/js/goatApp/templates/paging_controls.html b/webgoat-container/src/main/resources/static/js/goatApp/templates/paging_controls.html
new file mode 100644
index 000000000..4e75fac0f
--- /dev/null
+++ b/webgoat-container/src/main/resources/static/js/goatApp/templates/paging_controls.html
@@ -0,0 +1,5 @@
+<div>
+    <div class="page-nav-wrapper"><span class="glyphicon-class glyphicon glyphicon-circle-arrow-left show-prev-page"></span></div>
+    <!-- place page numbers with links to pages here ? -->
+    <div class="page-nav-wrapper"><span class="glyphicon-class glyphicon glyphicon-circle-arrow-right show-next-page"></span></div>
+</div>
\ No newline at end of file
diff --git a/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js b/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js
index 7f478dab2..57beacd04 100644
--- a/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js
+++ b/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js
@@ -3,13 +3,15 @@ define(['jquery',
     'underscore',
     'backbone',
     'libs/jquery.form',
-    'goatApp/view/ErrorNotificationView'],
+    'goatApp/view/ErrorNotificationView',
+    'goatApp/view/PaginationControlView'],
     function(
         $,
         _,
         Backbone,
         JQueryForm,
-        ErrorNotificationView) {
+        ErrorNotificationView,
+        PaginationControlView) {
     return Backbone.View.extend({
         el:'#lesson-content-wrapper', //TODO << get this fixed up in DOM
 
@@ -37,7 +39,7 @@ define(['jquery',
           return -1;
         },
 
-        /* initial renering */
+        /* initial rendering */
         render: function() {
             this.$el.find('.lesson-content').html(this.model.get('content'));
             this.$el.find('.attack-feedback').hide();
@@ -53,23 +55,9 @@ define(['jquery',
             this.currentPage = 0;
             this.$contentPages = this.$el.find('.lesson-page-wrapper');
             this.numPages = this.$contentPages.length;
-
             //
-            this.addPaginationControls();
-            if (this.numPages > 1) {
-                //no animation on init
-                this.$contentPages.hide();
-                this.$el.find(this.$contentPages[this.currentPage]).show();
-                this.showNextPageButton();
-                this.hidePrevPageButton();
-            } else if (this.numPages === 1) {
-                this.hideNextPageButton();
-                this.hidePrevPageButton();
-            }
-         },
-
-         setCurrentPage: function (pageNum) {
-            this.currentPage = (_.isNumber(pageNum) && pageNum < this.numPages) ? pageNum : 0;
+            this.paginationControlView = new PaginationControlView(this.$contentPages,this.model.get('lessonUrl'));
+            //this.listenTo(this.paginationControlView,'page:set',this.navToPage);
          },
 
          getCurrentPage: function () {
@@ -160,82 +148,9 @@ define(['jquery',
             this.$curOutput.show(400)
         },
 
-        /* create, show & hide pagination controls */
-
-        addPaginationControls: function() {
-            var pagingControlsDiv;
-            //this.$el.html();
-            //prev
-            var prevPageButton = $('<span>',{class:'glyphicon-class glyphicon glyphicon-circle-arrow-left show-prev-page'});
-            prevPageButton.unbind().on('click',this.decrementPageView.bind(this));
-            //next
-            var nextPageButton = $('<span>',{class:'glyphicon-class glyphicon glyphicon-circle-arrow-right show-next-page'});
-            nextPageButton.unbind().on('click',this.incrementPageView.bind(this));
-            //add to DOM
-            if (this.$el.find('#lesson-page-controls').length < 1) {
-                pagingControlsDiv = $('<div>',{class:'panel-body', id:'lesson-page-controls'});
-                pagingControlsDiv.append(prevPageButton);
-                pagingControlsDiv.append(nextPageButton);
-                this.$el.find('.lesson-page-controls').append(pagingControlsDiv);
-            }
-
-        },
-
-        showPrevPageButton: function() {
-            $('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-left.show-prev-page').show();
-        },
-
-        hidePrevPageButton: function() {
-            $('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-left.show-prev-page').hide();
-        },
-
-        showNextPageButton: function() {
-            $('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-right.show-next-page').show();
-        },
-
-        hideNextPageButton: function() {
-            $('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-right.show-next-page').hide();
-        },
-
-        /* increment, decrement & display handlers */
-        incrementPageView: function() {
-            if (this.currentPage < this.numPages -1) {
-               this.currentPage++;
-               window.location.href = this.model.get('lessonUrl') + '/' + this.currentPage;
-               //this.showCurContentPage(true);Con
-            }
-
-            if (this.currentPage > 0) {
-                this.showPrevPageButton();
-            }
-
-            if (this.currentPage >= this.numPages -1) {
-                this.hideNextPageButton();
-                this.showPrevPageButton;
-            }
-        },
-
-        decrementPageView: function() {
-            if (this.currentPage > 0) {
-                this.currentPage--;
-                window.location.href = this.model.get('lessonUrl') + '/' + this.currentPage;
-                //this.showCurContentPage(false);
-            }
-
-            if (this.currentPage < this.numPages -1) {
-                this.showNextPageButton();
-            }
-
-            if (this.currentPage == 0) {
-                this.hidePrevPageButton();
-                this.showNextPageButton()
-            }
-
-        },
-
-        showCurContentPage: function(isIncrement) {
+        showCurContentPage: function(pageNum) {
             this.$contentPages.hide();
-            this.$el.find(this.$contentPages[this.currentPage]).show();
+            this.$el.find(this.$contentPages[pageNum]).show();
         },
 
         findAssigmentEndpointOnPage: function(pageNumber) {
@@ -248,42 +163,13 @@ define(['jquery',
         },
 
         navToPage: function (pageNum) {
-            this.setCurrentPage(pageNum);//provides validation
-            this.showCurContentPage(this.currentPage);
-            this.hideShowNavButtons();
+            this.showCurContentPage(pageNum);
+            this.paginationControlView.setCurrentPage(pageNum);//provides validation
+            this.paginationControlView.hideShowNavButtons();
             var assignmentPath = this.findAssigmentEndpointOnPage(pageNum);
             Backbone.trigger('navigatedToPage',{'pageNumber':pageNum, 'assignmentPath' : assignmentPath});
         },
 
-        hideShowNavButtons: function () {
-            //one page only
-            if (this.numPages === 1) {
-                this.hidePrevPageButton();
-                this.hideNextPageButton();
-            }
-            //first page
-            if (this.currentPage === 0) {
-                this.hidePrevPageButton();
-                if (this.numPages > 1) {
-                    this.showNextPageButton();
-                }
-                return;
-            }
-            // > first page, but not last
-            if (this.currentPage > 0 && this.currentPage < this.numPages -1) {
-                this.showNextPageButton();
-                this.showPrevPageButton();
-                return;
-            }
-            // last page and more than one page
-            if (this.currentPage === this.numPages -1 && this.numPages > 1) {
-                this.hideNextPageButton();
-                this.showPrevPageButton();
-                return;
-            }
-
-        },
-
         /* for testing */
         showTestParam: function (param) {
             this.$el.find('.lesson-content').html('test:' + param);
diff --git a/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js b/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js
new file mode 100644
index 000000000..a6faddb6c
--- /dev/null
+++ b/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js
@@ -0,0 +1,128 @@
+define(['jquery',
+        'underscore',
+        'backbone',
+        'text!templates/paging_controls.html'],
+//        'css!css/paging-controls.css'],
+    function ($,
+              _,
+              Backbone,
+              PaginationTemplate) {
+        return Backbone.View.extend({
+            template: PaginationTemplate,
+            el: '#lesson-page-controls',
+
+            initialize: function ($contentPages,baseLessonUrl) {
+                this.numPages = $contentPages.length;
+                this.baseUrl = baseLessonUrl;
+                this.parseLinks($contentPages);
+                this.initPagination();
+                this.render();
+                this.bindNavButtons();
+             },
+
+            render: function () {
+                var t = _.template(this.template);
+                this.$el.html(t());
+                this.hideShowNavButtons();
+            },
+
+            bindNavButtons: function() {
+                this.$el.find('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-right.show-next-page').unbind().on('click',this.incrementPageView.bind(this));
+                this.$el.find('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-left.show-prev-page').unbind().on('click', this.decrementPageView.bind(this));
+            },
+
+            parseLinks: function($contentPages) {
+
+            },
+
+            showPrevPageButton: function() {
+                $('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-left.show-prev-page').show();
+            },
+
+            hidePrevPageButton: function() {
+                $('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-left.show-prev-page').hide();
+            },
+
+            showNextPageButton: function() {
+                $('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-right.show-next-page').show();
+            },
+
+            hideNextPageButton: function() {
+                $('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-right.show-next-page').hide();
+            },
+
+            initPagination: function() {
+               //track pagination state in this view ... start at 0
+               this.currentPage = 0;
+            },
+
+            setCurrentPage: function (pageNum) {
+                this.currentPage = (_.isNumber(pageNum) && pageNum < this.numPages) ? pageNum : 0;
+            },
+
+            /* increment, decrement & display handlers */
+            incrementPageView: function() {
+                if (this.currentPage < this.numPages -1) {
+                   this.currentPage++;
+                   window.location.href = this.baseUrl + '/' + this.currentPage;
+                }
+
+                if (this.currentPage > 0) {
+                    this.showPrevPageButton();
+                }
+
+                if (this.currentPage >= this.numPages -1) {
+                    this.hideNextPageButton();
+                    this.showPrevPageButton;
+                }
+                this.trigger('page:set',this,this.currentPage);
+            },
+
+            decrementPageView: function() {
+                if (this.currentPage > 0) {
+                    this.currentPage--;
+                    window.location.href = this.baseUrl + '/' + this.currentPage;
+                }
+
+                if (this.currentPage < this.numPages -1) {
+                    this.showNextPageButton();
+                }
+
+                if (this.currentPage == 0) {
+                    this.hidePrevPageButton();
+                    this.showNextPageButton()
+                }
+                this.trigger('page:set',this,this.currentPage);
+
+            },
+
+            hideShowNavButtons: function () {
+                //one page only
+                if (this.numPages === 1) {
+                    this.hidePrevPageButton();
+                    this.hideNextPageButton();
+                }
+                //first page
+                if (this.currentPage === 0) {
+                    this.hidePrevPageButton();
+                    if (this.numPages > 1) {
+                        this.showNextPageButton();
+                    }
+                    return;
+                }
+                // > first page, but not last
+                if (this.currentPage > 0 && this.currentPage < this.numPages -1) {
+                    this.showNextPageButton();
+                    this.showPrevPageButton();
+                    return;
+                }
+                // last page and more than one page
+                if (this.currentPage === this.numPages -1 && this.numPages > 1) {
+                    this.hideNextPageButton();
+                    this.showPrevPageButton();
+                    return;
+                }
+
+            },
+        });
+    });
\ No newline at end of file
diff --git a/webgoat-container/src/main/resources/templates/main_new.html b/webgoat-container/src/main/resources/templates/main_new.html
index 925781ffa..d45a737c1 100644
--- a/webgoat-container/src/main/resources/templates/main_new.html
+++ b/webgoat-container/src/main/resources/templates/main_new.html
@@ -2,7 +2,7 @@
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"
       xmlns:sec="http://www.thymeleaf.org/extras/spring-security">
 <head>
-    <meta http-equiv="Expires" CONTENT="0"/>
+    <meta http-equiv="Expires" CONTENT="-1"/>
     <meta http-equiv="Pragma" CONTENT="no-cache"/>
     <meta http-equiv="Cache-Control" CONTENT="no-cache"/>
     <meta http-equiv="Cache-Control" CONTENT="no-store"/>
@@ -172,7 +172,7 @@
                                         <div class="panel-body" id="lesson-overview"></div>
                                     </div>
                                 </div>
-                                <div class="lesson-page-controls">
+                                <div id="lesson-page-controls">
 
                                 </div>
 

From 2e1d411220c283cc7bda06bb3d4aa387076b6047 Mon Sep 17 00:00:00 2001
From: Jason White <jason.white@owasp.org>
Date: Mon, 10 Apr 2017 16:49:22 -0400
Subject: [PATCH 14/22] numbering on pagination

---
 .../src/main/resources/static/css/main.css    | 54 ++++++++++++-
 .../js/goatApp/model/LessonContentModel.js    |  1 +
 .../js/goatApp/templates/paging_controls.html | 13 +++-
 .../js/goatApp/view/HelpControlsView.js       |  2 +-
 .../js/goatApp/view/LessonContentView.js      | 15 ++--
 .../js/goatApp/view/PaginationControlView.js  | 78 ++++++++++++++++---
 .../main/resources/templates/main_new.html    |  5 +-
 7 files changed, 143 insertions(+), 25 deletions(-)

diff --git a/webgoat-container/src/main/resources/static/css/main.css b/webgoat-container/src/main/resources/static/css/main.css
index 0bf116637..9b64cb031 100644
--- a/webgoat-container/src/main/resources/static/css/main.css
+++ b/webgoat-container/src/main/resources/static/css/main.css
@@ -152,7 +152,7 @@ img {
     margin-left: 1.5em;*/
     margin-right: 5px;
     margin-top: -38px; /* << don't like doing this, but otherwise it does not line up correctly */
-    color:#0F0
+    color:#88FB88 /* #0F0 */
 }
 
 /* ==========================================================================
@@ -963,8 +963,47 @@ cookie-container {
     width: 30px;
 }
 
+.attack-link, .page-link {
+    display: inline-block;
+    background-color: #555;
+    border-radius: 8px;
+    min-width: 20px;
+    text-align: center;
+    font-weight: bold;
+    padding-top:2px;
+}
+
+.attack-link.solved-true {
+    color:#88FB88;
+}
+
+.attack-link.solved-false {
+    color:#f2baba;
+}
+
+.attack-link.cur-page, .page-link.cur-page {
+    color:#fff;
+}
+
+.page-link {
+    color:#eee;
+}
+
+.page-link-wrapper {
+    display:inline-block;
+}
+
+.page-link-wrapper span {
+    margin: 3px;
+}
+
+.cur-page {
+    border-bottom: 2px solid #000;
+    color:#aaa;
+}
+
 span.show-next-page, span.show-prev-page {
-font-size: 1.3em;
+    font-size: 1.3em;
 }
 
 .show-prev-page {
@@ -975,6 +1014,8 @@ font-size: 1.3em;
     cursor:pointer;
 }
 
+/* attack ... */
+
 .attack-feedback {
     font-weight:800;
 }
@@ -1045,4 +1086,11 @@ font-size: 1.3em;
   font-weight: bold;
   font-size: 12px;
   padding: 10px;
-}
\ No newline at end of file
+}
+
+/* temp override
+//TODO: come up with longer term solution for full-window viewing
+*/
+.col-md-8 {
+    width: auto !important
+}
diff --git a/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js b/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js
index 395d31262..f26aad564 100644
--- a/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js
+++ b/webgoat-container/src/main/resources/static/js/goatApp/model/LessonContentModel.js
@@ -32,6 +32,7 @@ define(['jquery',
             }
             this.set('content',content);
             this.set('lessonUrl',document.URL.replace(/\.lesson.*/,'.lesson'));
+            this.set('pageNum',document.URL.replace(/.*\.lesson\/(\d{1,4})$/,'$1'));
             this.trigger('content:loaded',this,loadHelps);
         },
 
diff --git a/webgoat-container/src/main/resources/static/js/goatApp/templates/paging_controls.html b/webgoat-container/src/main/resources/static/js/goatApp/templates/paging_controls.html
index 4e75fac0f..141c3f5af 100644
--- a/webgoat-container/src/main/resources/static/js/goatApp/templates/paging_controls.html
+++ b/webgoat-container/src/main/resources/static/js/goatApp/templates/paging_controls.html
@@ -1,5 +1,16 @@
 <div>
     <div class="page-nav-wrapper"><span class="glyphicon-class glyphicon glyphicon-circle-arrow-left show-prev-page"></span></div>
-    <!-- place page numbers with links to pages here ? -->
+    <div class="page-link-wrapper">
+        <% var baseUrl = overview.baseUrl; %>
+        <% _.each(overview.pages, function(page,index) { %>
+            <a href="<%=overview.baseUrl%>/<%=index%>"  alt="Page <%=index++ %>">
+            <% if (page.content === 'assignment') { %>
+                <div class="<%=page.pageClass%> <%=page.solvedClass%> <%=page.curPageClass%>"><%=index++%></div>
+            <% } else { %>
+                <div class="<%=page.pageClass%> <%=page.curPageClass%>"><%=index++%></div>
+            <% } %>
+            </a>
+        <% }); %>
+    </div>
     <div class="page-nav-wrapper"><span class="glyphicon-class glyphicon glyphicon-circle-arrow-right show-next-page"></span></div>
 </div>
\ No newline at end of file
diff --git a/webgoat-container/src/main/resources/static/js/goatApp/view/HelpControlsView.js b/webgoat-container/src/main/resources/static/js/goatApp/view/HelpControlsView.js
index 26f20f345..72610c84c 100644
--- a/webgoat-container/src/main/resources/static/js/goatApp/view/HelpControlsView.js
+++ b/webgoat-container/src/main/resources/static/js/goatApp/view/HelpControlsView.js
@@ -38,7 +38,7 @@ function($,_,Backbone) {
 				this.$el.find('#show-solution-button').unbind().on('click',_.bind(this.showSolution,this)).show();
 			}
 
-			this.$el.find('#show-lesson-overview-button').unbind().on('click', _.bind(this.showLessonOverview, this)).show();
+			//this.$el.find('#show-lesson-overview-button').unbind().on('click', _.bind(this.showLessonOverview, this)).show();
 			this.$el.find('#restart-lesson-button').unbind().on('click',_.bind(this.restartLesson,this)).show();
 		},
 
diff --git a/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js b/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js
index 57beacd04..264ceb5c8 100644
--- a/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js
+++ b/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js
@@ -47,17 +47,17 @@ define(['jquery',
             this.makeFormsAjax();
             //this.ajaxifyAttackHref();
             $(window).scrollTop(0); //work-around til we get the scroll down sorted out
-            this.initPagination();
+            var startPageNum = this.model.get('pageNum');
+            this.initPagination(startPageNum);
         },
 
-        initPagination: function() {
+        initPagination: function(startPageNum) {
             //get basic pagination info
-            this.currentPage = 0;
             this.$contentPages = this.$el.find('.lesson-page-wrapper');
-            this.numPages = this.$contentPages.length;
-            //
+            var currentPage = (!isNaN(startPageNum) && startPageNum && startPageNum < this.$contentPages) ? startPageNum : 0;
+            //init views & pagination
+            this.showCurContentPage(currentPage);
             this.paginationControlView = new PaginationControlView(this.$contentPages,this.model.get('lessonUrl'));
-            //this.listenTo(this.paginationControlView,'page:set',this.navToPage);
          },
 
          getCurrentPage: function () {
@@ -163,8 +163,9 @@ define(['jquery',
         },
 
         navToPage: function (pageNum) {
-            this.showCurContentPage(pageNum);
             this.paginationControlView.setCurrentPage(pageNum);//provides validation
+            this.showCurContentPage(this.paginationControlView.currentPage);
+            this.paginationControlView.render();
             this.paginationControlView.hideShowNavButtons();
             var assignmentPath = this.findAssigmentEndpointOnPage(pageNum);
             Backbone.trigger('navigatedToPage',{'pageNumber':pageNum, 'assignmentPath' : assignmentPath});
diff --git a/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js b/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js
index a6faddb6c..2cc744859 100644
--- a/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js
+++ b/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js
@@ -1,38 +1,99 @@
 define(['jquery',
         'underscore',
         'backbone',
+        'goatApp/model/LessonOverviewModel',
         'text!templates/paging_controls.html'],
 //        'css!css/paging-controls.css'],
     function ($,
               _,
               Backbone,
+              LessonOverviewModel,
               PaginationTemplate) {
         return Backbone.View.extend({
             template: PaginationTemplate,
             el: '#lesson-page-controls',
 
             initialize: function ($contentPages,baseLessonUrl) {
-                this.numPages = $contentPages.length;
+                this.$contentPages = $contentPages;
+                this.model = new LessonOverviewModel();
+                this.listenTo(this.model, 'change add remove update reset', this.render);
+                this.numPages = this.$contentPages.length;
                 this.baseUrl = baseLessonUrl;
-                this.parseLinks($contentPages);
+
                 this.initPagination();
-                this.render();
-                this.bindNavButtons();
+                //this.render();
+
+                this.model.fetch();
              },
 
             render: function () {
+                this.parseLinks();
                 var t = _.template(this.template);
-                this.$el.html(t());
+                this.$el.html(t({'overview':this.lessonOverview}));
+               this.bindNavButtons();
                 this.hideShowNavButtons();
             },
 
             bindNavButtons: function() {
                 this.$el.find('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-right.show-next-page').unbind().on('click',this.incrementPageView.bind(this));
                 this.$el.find('span.glyphicon-class.glyphicon.glyphicon-circle-arrow-left.show-prev-page').unbind().on('click', this.decrementPageView.bind(this));
+                this.navButtonsBound = true;
             },
 
-            parseLinks: function($contentPages) {
+            parseLinks: function() {
+                var assignmentCount = this.$contentPages.find('.attack-container');
+                var solvedMap = {};
+                var pages = [];
+                // one pass on solved assignmets
+                _.each(this.model.toJSON(), function(assignment) {
+                    if (assignment.solved) {
+                        var key = assignment.assignment.path; //.replace(/\//g,'');
+                        solvedMap[key] = assignment.assignment.name;
+                    }
+                });
 
+                isAttackSolved = function (path) {
+                    //strip
+                    var newPath = path.replace(/^\/WebGoat/,'');
+                    if (typeof solvedMap[newPath] !== 'undefined') {
+                        return true;
+                    }
+                    return false;
+                };
+
+                var self = this;
+                var pages, pageClass, solved;
+                _.each(this.$contentPages,function(page,index) {
+                    var curPageClass = (self.currentPage == index) ? ' cur-page' : '';
+
+                    if ($(page).find('.attack-container').length < 1) { // no assignments [attacks]
+                        pageClass = 'page-link';
+                        pages.push({content:'content',pageClass:pageClass,curPageClass:curPageClass});
+                    } else {
+                        var $assignmentForms = $(page).find('.attack-container form');
+                        // use for loop to avoid anonymous function scope hell
+                        //var pageAssignments = {content:'attack',attacks:[]}
+                        pageClass = 'attack-link'
+                        var solvedClass = 'solved-true'
+                        for (var i=0; i< $assignmentForms.length; i++) {
+                            //normalize path
+                            var action = $assignmentForms.attr('action');//.replace(/\//g,'');
+                            if (action && isAttackSolved(action)) {
+                                //pageClass = 'fa fa-check-square-o assignment-solved';
+                                //pageAssignments.attacks.push({solved:true});
+                            } else {
+                                solvedClass = 'solved-false';
+
+                            }
+                        }
+                        pages.push({solvedClass:solvedClass,content:'assignment',curPageClass:curPageClass,pageClass:pageClass});
+                    }
+                });
+                //assign to the view
+                this.lessonOverview = {
+                    baseUrl: this.baseUrl,
+                    pages: pages
+                }
             },
 
             showPrevPageButton: function() {
@@ -75,7 +136,7 @@ define(['jquery',
                     this.hideNextPageButton();
                     this.showPrevPageButton;
                 }
-                this.trigger('page:set',this,this.currentPage);
+                this.render();
             },
 
             decrementPageView: function() {
@@ -92,8 +153,7 @@ define(['jquery',
                     this.hidePrevPageButton();
                     this.showNextPageButton()
                 }
-                this.trigger('page:set',this,this.currentPage);
-
+                this.render();
             },
 
             hideShowNavButtons: function () {
diff --git a/webgoat-container/src/main/resources/templates/main_new.html b/webgoat-container/src/main/resources/templates/main_new.html
index d45a737c1..e96256199 100644
--- a/webgoat-container/src/main/resources/templates/main_new.html
+++ b/webgoat-container/src/main/resources/templates/main_new.html
@@ -143,10 +143,7 @@
                                     <button class="btn btn-primary btn-xs btn-danger help-button"
                                             id="show-hints-button" th:text="#{show.hints}">Show hints
                                     </button>
-                                    <button class="btn btn-primary btn-xs btn-danger help-button"
-                                            id="show-lesson-overview-button" th:text="#{lesson.overview}">Lesson
-                                        overview
-                                    </button>
+
                                     <button class="btn btn-xs help-button" id="restart-lesson-button"
                                             th:text="#{reset.lesson}">Reset Lesson
                                     </button>

From 68e15398e5c9c7b78c1bea3cd83968aa84f5f03c Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sat, 8 Apr 2017 22:15:58 +0200
Subject: [PATCH 15/22] Challenge 3: First setup completed

---
 .../webgoat/plugin/challenge3/Challenge3.java | 106 +++++++++
 .../webgoat/plugin/challenge3/Comment.java    |  21 ++
 .../plugin/challenge3/CommentsEndpoint.java   |  33 +++
 .../src/main/resources/css/challenge3.css     |  75 ++++++
 .../src/main/resources/html/Challenge.html    | 213 +++++++++++++-----
 .../src/main/resources/images/avatar1.png     | Bin 0 -> 28394 bytes
 .../src/main/resources/images/cat.jpg         | Bin 0 -> 9095 bytes
 .../src/main/resources/js/challenge3.js       |  15 ++
 .../resources/lessonPlans/en/Challenge_1.adoc |   2 +-
 .../resources/lessonPlans/en/Challenge_2.adoc |   2 +-
 .../resources/lessonPlans/en/Challenge_3.adoc |   1 +
 .../xxe/src/main/resources/js/xxe.js          |   5 +-
 12 files changed, 409 insertions(+), 64 deletions(-)
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Comment.java
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/CommentsEndpoint.java
 create mode 100644 webgoat-lessons/challenge/src/main/resources/css/challenge3.css
 create mode 100644 webgoat-lessons/challenge/src/main/resources/images/avatar1.png
 create mode 100644 webgoat-lessons/challenge/src/main/resources/images/cat.jpg
 create mode 100644 webgoat-lessons/challenge/src/main/resources/js/challenge3.js
 create mode 100644 webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_3.adoc

diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
new file mode 100644
index 000000000..b1d22364a
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
@@ -0,0 +1,106 @@
+package org.owasp.webgoat.plugin.challenge3;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.collect.EvictingQueue;
+import org.joda.time.DateTime;
+import org.owasp.webgoat.assignments.AssignmentEndpoint;
+import org.owasp.webgoat.assignments.AssignmentPath;
+import org.owasp.webgoat.assignments.AttackResult;
+import org.owasp.webgoat.plugin.Flag;
+import org.owasp.webgoat.session.WebSession;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.*;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamReader;
+import java.io.IOException;
+import java.io.StringReader;
+import java.util.Collection;
+
+import static org.springframework.http.MediaType.ALL_VALUE;
+import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
+import static org.springframework.web.bind.annotation.RequestMethod.GET;
+import static org.springframework.web.bind.annotation.RequestMethod.POST;
+
+/**
+ * @author nbaars
+ * @since 4/8/17.
+ */
+@AssignmentPath("/challenge3")
+public class Challenge3 extends AssignmentEndpoint {
+
+    @Autowired
+    private WebSession webSession;
+    private static final EvictingQueue<Comment> comments = EvictingQueue.create(100);
+
+    static {
+        comments.add(new Comment("webgoat", DateTime.now().toString(), "Silly cat...."));
+        comments.add(new Comment("guest", DateTime.now().toString(), "I think I will use this picture in one of my projects."));
+        comments.add(new Comment("guest", DateTime.now().toString(), "Lol!! :-)."));
+    }
+
+    @RequestMapping(method = GET, produces = APPLICATION_JSON_VALUE)
+    @ResponseBody
+    public Collection<Comment> retrieveComments() {
+        return comments;
+    }
+
+    @RequestMapping(method = POST, consumes = ALL_VALUE, produces = APPLICATION_JSON_VALUE)
+    @ResponseBody
+    public AttackResult createNewUser(@RequestBody String commentStr, @RequestHeader("Content-Type") String contentType) throws Exception {
+        Comment comment = new Comment();
+        AttackResult attackResult = failed().build();
+        if (APPLICATION_JSON_VALUE.equals(contentType)) {
+            comment = parseJson(commentStr);
+            comment.setDateTime(DateTime.now().toString());
+            comment.setUser(webSession.getUserName());
+        }
+        if (MediaType.APPLICATION_XML_VALUE.equals(contentType)) {
+            comment = parseXml(commentStr);
+            comment.setDateTime(DateTime.now().toString());
+            comment.setUser(webSession.getUserName());
+        }
+
+        if (checkSolution(comment)) {
+            attackResult = success().feedback("challenge.solved").feedbackArgs(Flag.FLAGS.get(2)).build();
+        }
+        return attackResult;
+    }
+
+    private boolean checkSolution(Comment comment) {
+        if (comment.getComment().contains("Congratulations you may now collect your flag")) {
+            comment.setComment("Congratulations to " + webSession.getUserName() + " for finding the flag!!");
+            return true;
+        }
+        return false;
+    }
+
+    public static Comment parseXml(String xml) throws Exception {
+        JAXBContext jc = JAXBContext.newInstance(Comment.class);
+
+        XMLInputFactory xif = XMLInputFactory.newFactory();
+        xif.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, true);
+        xif.setProperty(XMLInputFactory.IS_VALIDATING, false);
+
+        xif.setProperty(XMLInputFactory.SUPPORT_DTD, true);
+        XMLStreamReader xsr = xif.createXMLStreamReader(new StringReader(xml));
+
+        Unmarshaller unmarshaller = jc.createUnmarshaller();
+        return (Comment) unmarshaller.unmarshal(xsr);
+    }
+
+    private Comment parseJson(String comment) {
+        ObjectMapper mapper = new ObjectMapper();
+        try {
+            return mapper.readValue(comment, Comment.class);
+        } catch (IOException e) {
+            return new Comment();
+        }
+    }
+
+
+}
+
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Comment.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Comment.java
new file mode 100644
index 000000000..0effcab0b
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Comment.java
@@ -0,0 +1,21 @@
+package org.owasp.webgoat.plugin.challenge3;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+/**
+ * @author nbaars
+ * @since 4/8/17.
+ */
+@Getter
+@Setter
+@AllArgsConstructor
+@NoArgsConstructor
+public class Comment {
+    private String user;
+    private String dateTime;
+    private String comment;
+}
+
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/CommentsEndpoint.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/CommentsEndpoint.java
new file mode 100644
index 000000000..afee36dac
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/CommentsEndpoint.java
@@ -0,0 +1,33 @@
+package org.owasp.webgoat.plugin.challenge3;
+
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * @author nbaars
+ * @since 4/8/17.
+ */
+@RestController
+@RequestMapping("challenge-comments")
+public class CommentsEndpoint {
+
+//
+//    private final WebSession webSession;
+//
+//    public CommentsEndpoint(WebSession webSession) {
+//        this.webSession = webSession;
+//
+//    }
+//
+//
+//
+//
+//
+//    @PostMapping
+//    public Collection<Comment> addComment(String comment) {
+//        String s = StringUtils.abbreviate(comment, 100);
+//        comments.add(new Comment(webSession.getUserName(), DateTime.now().toString(), s));
+//        return comments;
+//    }
+
+}
diff --git a/webgoat-lessons/challenge/src/main/resources/css/challenge3.css b/webgoat-lessons/challenge/src/main/resources/css/challenge3.css
new file mode 100644
index 000000000..3bc2ca4eb
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/css/challenge3.css
@@ -0,0 +1,75 @@
+/* Component: Posts */
+.post .post-heading {
+    height: 95px;
+    padding: 20px 15px;
+}
+.post .post-heading .avatar {
+    width: 60px;
+    height: 60px;
+    display: block;
+    margin-right: 15px;
+}
+.post .post-heading .meta .title {
+    margin-bottom: 0;
+}
+.post .post-heading .meta .title a {
+    color: black;
+}
+.post .post-heading .meta .title a:hover {
+    color: #aaaaaa;
+}
+.post .post-heading .meta .time {
+    margin-top: 8px;
+    color: #999;
+}
+.post .post-image .image {
+    width:20%;
+    height: 40%;
+}
+.post .post-description {
+    padding: 5px;
+}
+.post .post-footer {
+    border-top: 1px solid #ddd;
+    padding: 15px;
+}
+.post .post-footer .input-group-addon a {
+    color: #454545;
+}
+.post .post-footer .comments-list {
+    padding: 0;
+    margin-top: 20px;
+    list-style-type: none;
+}
+.post .post-footer .comments-list .comment {
+    display: block;
+    width: 100%;
+    margin: 20px 0;
+}
+.post .post-footer .comments-list .comment .avatar {
+    width: 35px;
+    height: 35px;
+}
+.post .post-footer .comments-list .comment .comment-heading {
+    display: block;
+    width: 100%;
+}
+.post .post-footer .comments-list .comment .comment-heading .user {
+    font-size: 14px;
+    font-weight: bold;
+    display: inline;
+    margin-top: 0;
+    margin-right: 10px;
+}
+.post .post-footer .comments-list .comment .comment-heading .time {
+    font-size: 12px;
+    color: #aaa;
+    margin-top: 0;
+    display: inline;
+}
+.post .post-footer .comments-list .comment .comment-body {
+    margin-left: 50px;
+}
+.post .post-footer .comments-list .comment > .comments-list {
+    margin-left: 50px;
+}
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index ee1e3363d..e1baebd44 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -65,77 +65,76 @@
               method="POST" name="form"
               action="/WebGoat/challenge/2"
               enctype="application/json;charset=UTF-8">
-            <div class="container">
-                <input id="discount" type="hidden" value="0"/>
-                <div class="row">
-                    <div class="col-xs-3 item-photo">
-                        <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
-                    </div>
-                    <div class="col-xs-5" style="border:0px solid gray">
-                        <h3>Samsung Galaxy S8 Plus Android Phone</h3>
-                        <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
-                            <small style="color:#337ab7">(124421 reviews)</small>
-                        </h5>
 
-                        <h6 class="title-price">
-                            <small>PRICE</small>
+            <input id="discount" type="hidden" value="0"/>
+            <div class="row">
+
+                <div class="col-xs-3 item-photo">
+                    <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
+                </div>
+                <div class="col-xs-5" style="border:0px solid gray">
+                    <h3>Samsung Galaxy S8</h3>
+                    <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
+                        <small style="color:#337ab7">(124421 reviews)</small>
+                    </h5>
+
+                    <h6 class="title-price">
+                        <small>PRICE</small>
+                    </h6>
+                    <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
+
+                    <div class="section">
+                        <h6 class="title-attr" style="margin-top:15px;">
+                            <small>COLOR</small>
                         </h6>
-                        <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
-
-                        <div class="section">
-                            <h6 class="title-attr" style="margin-top:15px;">
-                                <small>COLOR</small>
-                            </h6>
-                            <div>
-                                <div class="attr" style="width:25px;background:lightgrey;"></div>
-                                <div class="attr" style="width:25px;background:black;"></div>
-                            </div>
+                        <div>
+                            <div class="attr" style="width:25px;background:lightgrey;"></div>
+                            <div class="attr" style="width:25px;background:black;"></div>
                         </div>
-                        <div class="section" style="padding-bottom:5px;">
-                            <h6 class="title-attr">
-                                <small>CAPACITY</small>
-                            </h6>
-                            <div>
-                                <div class="attr2">64 GB</div>
-                                <div class="attr2">128 GB</div>
-                            </div>
+                    </div>
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>CAPACITY</small>
+                        </h6>
+                        <div>
+                            <div class="attr2">64 GB</div>
+                            <div class="attr2">128 GB</div>
                         </div>
-                        <div class="section" style="padding-bottom:20px;">
-                            <h6 class="title-attr">
-                                <small>QUANTITY</small>
-                            </h6>
-                            <div>
-                                <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
-                                <input class="quantity" value="1"/>
-                                <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
-                            </div>
+                    </div>
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>QUANTITY</small>
+                        </h6>
+                        <div>
+                            <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
+                            <input class="quantity" value="1"/>
+                            <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
                         </div>
+                    </div>
 
-                        <div class="section" style="padding-bottom:20px;">
-                            <h6 class="title-attr">
-                                <small>CHECKOUT CODE</small>
-                            </h6>
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>CHECKOUT CODE</small>
+                        </h6>
+                        <!--
+                          Checkout code: webgoat, owasp, owasp-webgoat
+                        -->
+                        <input name="checkoutCode" class="checkoutCode" value=""/>
 
-                            <!--
-                              Checkout code: webgoat, owasp, owasp-webgoat
-                            -->
-                            <input name="checkoutCode" class="checkoutCode" value=""/>
+                    </div>
 
-                        </div>
-
-                        <div class="section" style="padding-bottom:20px;">
-                            <button type="submit" class="btn btn-success"><span style="margin-right:20px"
-                                                                                class="glyphicon glyphicon-shopping-cart"
-                                                                                aria-hidden="true"></span>Buy
-                            </button>
-                            <h6><a href="#"><span class="glyphicon glyphicon-heart-empty"
-                                                  style="cursor:pointer;"></span>
-                                Like</a></h6>
-                        </div>
+                    <div class="section" style="padding-bottom:20px;">
+                        <button type="submit" class="btn btn-success"><span style="margin-right:20px"
+                                                                            class="glyphicon glyphicon-shopping-cart"
+                                                                            aria-hidden="true"></span>Buy
+                        </button>
+                        <h6><a href="#"><span class="glyphicon glyphicon-heart-empty"
+                                              style="cursor:pointer;"></span>
+                            Like</a></h6>
                     </div>
                 </div>
-
             </div>
+
         </form>
         <br/>
         <div>
@@ -158,4 +157,98 @@
     </div>
 </div>
 
+
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_3.adoc"></div>
+    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/challenge3.css}"/>
+    <script th:src="@{/lesson_js/challenge3.js}" language="JavaScript"></script>
+    <div class="attack-container">
+        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
+        <div class="panel post">
+            <div class="post-heading">
+                <div class="pull-left image">
+                    <img th:src="@{/images/avatar1.png}"
+                         class="img-circle avatar" alt="user profile image"/>
+                </div>
+                <div class="pull-left meta">
+                    <div class="title h5">
+                        <a href="#"><b>John Doe</b></a>
+                        uploaded a photo.
+                    </div>
+                    <h6 class="text-muted time">24 days ago</h6>
+                </div>
+            </div>
+
+            <div class="post-image">
+                <img th:src="@{images/cat.jpg}" class="image" alt="image post"/>
+            </div>
+
+            <div class="post-description">
+
+            </div>
+            <div class="post-footer">
+                <div class="input-group">
+                    <input class="form-control" id="commentInput" placeholder="Add a comment" type="text"/>
+                    <span class="input-group-addon">
+                                <i id="postComment" class="fa fa-edit"></i>
+                            </span>
+                </div>
+                <ul class="comments-list">
+                    <div id="list">
+                        <li class="comment">
+                            <div class="pull-left">
+                                <img class="avatar"
+                                     src="http://bootdey.com/img/Content/avatar/avatar1.png"
+                                     alt="avatar"/>
+                            </div>
+                            <div class="comment-body">
+                                <div class="comment-heading">
+                                    <h4 class="user">John dOE</h4>
+                                    <h5 class="time">7 minutes ago</h5>
+                                </div>
+                                <p>I really love this picture. I really wish i could have been
+                                    there.</p>
+                            </div>
+                        </li>
+                        <li class="comment">
+                            <div class="pull-left" href="javascript:void(0);">
+                                <img class="avatar"
+                                     src="http://bootdey.com/img/Content/avatar/avatar2.png"
+                                     alt="avatar"/>
+                            </div>
+                            <div class="comment-body">
+                                <div class="comment-heading">
+                                    <h4 class="user">John Doe</h4>
+                                    <h5 class="time">3 minutes ago</h5>
+                                </div>
+                                <p>I think I might you this for one of my projects.</p>
+                            </div>
+                        </li>
+                        <li class="comment">
+                            <div class="pull-left" href="javascript:void(0);">
+                                <img class="avatar"
+                                     src="http://bootdey.com/img/Content/avatar/avatar4.png"
+                                     alt="avatar"/>
+                            </div>
+                            <div class="comment-body">
+                                <div class="comment-heading">
+                                    <h4 class="user">John Doe</h4>
+                                    <h5 class="time">10 seconds ago</h5>
+                                </div>
+                                <p>Wow! This is gorgeous.</p>
+                            </div>
+                        </li>
+                    </div>
+                </ul>
+            </div>
+        </div>
+
+
+        <br/>
+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
+    </div>
+</div>
+
+
 </html>
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/images/avatar1.png b/webgoat-lessons/challenge/src/main/resources/images/avatar1.png
new file mode 100644
index 0000000000000000000000000000000000000000..4ea864f90009013d7d30ea3fb8c70b1f49c7e4b8
GIT binary patch
literal 28394
zcmeI(<yRZe8z}JL?#10(Bv^rB#fk=ZcPkn!XekcGic4{Kx8R|;6k4=+fa31X_wu{<
zocmYsBFT%{otfRUJDGXr`FvATk;B2HzytsQI12KgG+ut^|Mx*hefj?OrN0>f5ENDT
zB&p@Sc=YAQ>&<*i$#bO7-o&Gu?VKUsO?QUKLA9X!NhjL%0D`5Zr6Vlefig3uH=W86
zhROl^mnF#*Bta<2ln^4%AkT!rV3{}~WI%U4<JAw$uK7sZ-qHTxQE6Y@g|Fc?E980Y
z1zBa?^pWILv}VgykKXUO5PrI<{aS4E>xcSuiSpi2>l(>_w!WLOg1b*QYouQtRy&27
z?PsI9pYI)1XIh*L?;kHF2X5{HPP!jzZmEw^e*Smn_jtG!U>a~&d}o~T@$Mgy;r->b
zYRX!@Ml=a$ndiaWOpUR~q`T64^DI50&c<13d(DcAJZkHrbNC6c29<=1WLo5;lM#k&
za}oUxFnY7<r@BlFK<yKBUe<f0g}XlljHPla<HI{}C<WeZ`d|DKlpdtPFsFh>C|w=Q
zm*R;(syPaz_ryu`v4qrH;7SX3k_3VT?PvdaGUqWQDE-0D3EG)0*BnYtRGD;K>lXWR
zHLHuLMf>&9HQmZO9so6wzxu-Jdr;k4CK-Z?=y(<&hya@c80mj8;mbhN=u^em3WJqB
z`paXKPV&}$yoHCv#{x9)deD;YgakUVmPv1hI@A?BA36V=RFxobF!yTn*0+>nvLs3B
z$#_s8F`<xAS5SP6KJl*q^~e%~M2RSXNbVRP3^3qjHfTrWU`#oxvf?fuufitjn1sy*
zZH7?On9&)}@H(Qaxnz{<BLM(OICUPbZbekkZWrxhT#Hs^7WW25B)F@a8Fw8(s%KVQ
zTo7|S!b#{cGbR@61Z{F~8-oiBs6n1;QEyhph<6OP0x$5;XOUH5wl7$<w~g?uT9wzu
zm#G;d)PXJ#!OTX~Grjn>;Dx7b^7ko$)+r3>jAYbwpdw)`Ckbz}%ubp>c7pfal{EWw
znn^6mj=cjgkhYn=<n<ppT8wz+^OemE?}$@OG<X!Fq?nnZ1X_5==uie7q@yM+&y9_M
ziF7+zz7*Tfa-A9%Mr_L(PJ1s7vEW9_!if}j#UA|@UlTgHE^-T;nd*5uaxu@5dc+YC
zB~#Pg38NJt5Floii^~nPdBC!f1k`*OXv#8LbsmSEQFDtmur2da#K-l2{xn=xheZ9%
zA|8E#=UInAWd2>!6O{af(ntqLn+(mfc&~vKh}ejfd`mhG57Q&A55|$$jKS0|(9fVF
zz%EUC)91g*S-c>G?BWUl<~niKYG6f=_o|C)$wNS6K|1mu`)lZ$0dKAHHrw`UaND;G
z2HjU512mPz#^q7)^5-?;yeSr;;)6li1}a(AhOITF@5|(i5SW-Gj#6RKlkmoG@;cWI
z1Ox8a(61Hc5e6ZZpF`%G&+sc85g?>PKX%Xu)tUdwN@pc!a(uU7=!_^&?8@ha#+!zd
zelynhBIO?nVn87~l&Xx4_=UW1QFi6VmSYus`Ey6x(;O<8lK`w>+i{0HKVAWh0-$T2
z72<B1ltKh^IA*t1*lei+Zl3N<q4)>@+pDMzuMs7WYY{#c;zU0_4~SKfJsk;MeG<tn
zW#w0J3;??xarB)Q>|0-hm6G-6RK*D#&fezRp+y_j7?1Oc`dHL*M1_JxEvmn$lJ<Vg
z$j~D#xx?!@OgnD7if+>y<asfEMG)BaE};D{rdu`P&1yW~$AS!2Emh|%qR$IG%|5DZ
z!7(6BkBO{FbgiGaM7GZF?PufxY^mWqfD|gPq$2@mrOi*bS(q^+74dP+zk(-H#>m?%
zLfic?7`4qU5^%GenL-Lox_l8i)E)|&M^23a8r?2zU0yV;HB;=2r-Xw&4FZd|q^m*A
zJ19kPQd58W<D*Ybi%l2`Y7is}Ep2^IWt4Y=LDt5_X*%%W8@bY{L_5OJh2oE8s)D13
zPn=Gfd|9JdC2v1(9ug#r&?mKfJ`c{_(ciR0&Z1hw>8+zhK8-NlJjkbrD&T(JecRQ9
zNSbzb&{>v+I`B@hb7{U-H;v`;;L}j5a?xm)5CKsjYW(^tl+}-DQ;76$Ks-3!*^Sf;
zxlTxBo7tK4ugN<=jl3JiX1RS}x%S<cip!#I>YjpvDtdK<QN<k{)nb<=R#j@$zj_st
z%1XqBO1ewz(sHDoxqH0WZ?qRMn5>wL9Ww(iKYBVZ#Ms~+s}u_r?mo8&bq9`e`9i;R
zs|k8>l1a0dJ}DKVU8`4QnN(JvJ<|<XU1<%SqJy|rHcZId+u((qQB8AX<;$}w$j!Jg
z^2M%djGUw~Ry&j&yUznfK{Jh(l<t}ce4}WB-XkB(%c-M7SO{FXvKs_=JsMjJMs~N`
z*=+zdOoJ!?vc0B5yR}3u^Awn|WQ$O|JAcP2H}0t&lNs>&1pfVWC_vr@O~!Mp+m_xC
zJ1Ajs8<sB3>Wk58ZvCK6B0^%DSZVQ5{-O8F(4`~j`@Aa8-pJr*epEdO@(6aFqyZAR
z`Uii*uMIe3`oF?t56nyViF}o#zq}fMR)5w+C5ZsumbzEwO~Bo+)_gK+YRO0uYoe&#
z9Ymp75@@VAGnOA5^LPz=S!~0136uVvh5@fk76ZqkyHM)jd@9P8RvW8WeD_}12y>e_
zntKB|VF>XB@oo^a>0aDTUoPY2bA!NW5z&Q#Rwz$#vt$erLS*D@S<zf$bt59IU%sud
z8%v$h^IOC>zD0_cfpW}uE|tv=)9lOjf-S+$uLVWU5R*4t=zt9(V|@|hzmD-X@n+w4
zZFdLi^Q9U8U}s-o+&Qw}Rhi!HPTLjDB`HrMsr4&3eWK!Ch{HYo2IS%5gcaL=3TdKp
zHY^b?<}oNI{=mB-hh8Ba#k}+<ACw!5ZJg-YbqE=zIAv=Ft5(hsvYEq&BSm`0hU4O_
ziW<IY>i<B7^JbHq1P{eqncU0512VF^F_Gq`Ir)&bRq=aMCQSxDp=AmEHQwwUn84-|
z$s+ZO2C+<R#bIkn#U9pu$~hYdI;Ow_9;2Kv)6a~oN^xgsW()JX5TaJWK<WM>9P0KA
zt)`V{@Zj~m<_}XUI88Q9j1j*vUrNg&s8b_pqO!`>H+#4EiE^UfY(3+-Md&}@CE=}U
zDpuPrH6XIgODHEJO`h3Dg*-4wcgu!g37MIE7qqqwH;TfQSnsf_`ka<GcIiL=7}(42
z26^wKCtjrfjulm8VcM~=Edw8*8|yV7r(uI=i<*{e$y0R~rV@v(2AlCE(D<!(9iqqN
zXjQTuTWP==SXc5_w0_Rb)*{qu*}lVG6x!*F*_Mh9YXB_{tQiDMsbN&XR;RuPEPa$~
z(>Y+d^h!1X+xuWJ%->?;a5>H7p<1vuIQ%#M%L1GmmSH?|trK5XNiDXPP2Hj*w~d!S
z@+2%2j76ao|NKuHhtvbi6+xU=Gp4|dy<zB^=$W0z(sJ9BuxZeDeeD+BfJ;0=F6@h$
zk1AmI8|E&k|3ToeGc<@#+SIq*N0tl<r7x#$6XMg0F8`x{2FZ~si?pjBf1+IGU8kST
z`o9Odl!kYzM5;F6ILnzJ4f9hNv8mDr_E-PtvazYdG9mten??RZgg?qAqKa5Ff<fnV
zVSS!!IVBXzP#{YRl1<dyMFz?XbztAp>Fc_ehUeE*!ouRCR~D?x6Pq%%z%p*|;LI-T
zonSO`FKjX)e$jAj;KAK*svWnBH>mJLH_R@GU(~=Vrf69CCXW>uL5oV>Mv97Ph=tze
zce$<{02mVgu*Gan`ZRU~8yIxx9X1In<&K3}+qz3?|Kl5gE9-m~D=`18?4m~G^s|Po
zI}Bb(4Grc^nsFWK2*R?br~QJw6RsG%r?HXS0B^`)v_`9f;pCdY6T61}C(`*RxdFP^
z@CF*E%{QX57n6ZOnyhmJuE35*_14CsUUmeiNf1`JJrn$A9BLoQnx$>H@oYV~kFvu8
z1}i5zkO~hsQX>Bh&~LRgN;>BB0NI*@%>|PhHxS-;$i7E_+Ot6Q-1gj5bf-dwolBQD
z!(89>`0pZyfMzpa+Px1N0|7Gp1`ga})TUqqoU_Xn@d$6BCe;LfD(>|lKTO33%@8)o
z1lBvD-XA~piE*HMoHO*b+<W?G&h<cmA_@n&(ch!s!<b8jAPYlL67Zf|yOl=ofYYqj
z8RjD{flmh+DeahjnkHEwdlzhr`AQ)z)!rZwtG#}Im+r5=o!&;W<}lnX$`u8!s0=P2
zRq6bfhYHuY{MOq3kCNZsN{1H7uA<7@e~4$0IFOyWH;mspCmw@G{X>101gfTF+6=4H
zkKoaTvk%c&tCE1I!V}2<ugqNe2v>TirVEh37Fq}b@jJl=D(LU6;bH3o`VUOQJ034h
zx`64O%N2uuqK^55{q;|PI^b*~!yA4V`)Hd;2g+!NIeN8YAdVtHr#j50CboYrH~}cX
z%1%VeWt#zjXtTdT=QW1=nt+-a<TPWth3bPOl_$(*#5BVl<Jo+#m$N91B3)#st`u5d
zy7_YPc`^6d0HZxTU_YmJJy1|r^x_ks1|4aXN~=YO4h^m-4tA}=>QXO2NCTFu8U#ga
zOFKv`?DPEF-+Va>3mE4qg9!A_L;|;!g`eL3-J9X4hhho=bbW)PEsfn&Ufu@}d(;YM
zs2+bmNIM9t0+F))r4OV=6?$og&iTMn1$!)DDes$)$&zvID0`}V7(i_<oYpGuY=er=
z7(jftKCKFR-hbBo^zzHfrr><-9R9g26eD4(*$RH>pcjrV&KaME@joRTE_hT?%2miu
z43AbbD|F+r=LDe2kqzip<SWVA_plLgtzlcp7a^@0f3W+R3&&0TTFA5rz<hbmYv<~Y
z4P1^m;tWR=-%Y+RVuos!=7OW5sgxihC9|LmaWc4~4lUc!H4SlV^%3RK!?v>Uy``qG
zSb--xx;A#i+B)AYjRXNZ^ps;6Yw~Nu=O3H0KjAQ2yqnLv2QN)LLoB)36THT83<b5T
z#&C>;J-<wm7&X|JMUA?5j)9mPsG;fk2#7u8qgX)+y}#*vumj|Q@&2j-aaa1^m{{`+
zRfX%>e|U(jBj?V)t5q`u*V~uboAg!CCkm|i+Lgh=s6}WxJgWXh%vd1GduGxG#^U^9
zhk~J~oqc~lWx$<veG)x|E42My&Wp6S>R3H9X%`n;AZs^lxG$#6rkv+tp&U^WQ%Wsz
zOR_jOI)ZKK%nw|r*OaR+29I%S(%cKSOSN5b{)5cvDRES2$UHn-3iGv78|Tc9#oIIP
z_Wp3C4_!0Po}VnbAnGQ_O~bf}FE1JsAy{BOJMZspi9$A;^GUW1pb^l$Gd7weC%f*J
zxE1>t?bY47NvZg55SPwlSEHIzrA88pGKEQ5u7o}&Q7LK8nJbKGqW5Td1Tab<Q8(yi
z?on%%;Pv=YNr66yAg^V1o>>KNB7CM%)fG(tyLWe%BaS{PBvd6s_B*e@a8jmau)Rv3
zf*Y%<1sb<NZV)n7(-UsAHXycn6zJ)-fIdwW88)Ee&;C_jij0jg%8Nsxw9O=aF$MS9
ze+~I>Y?kC`^QK-JmAp#v3~O~SbE$N>mb9SPV~F-<jLc)8V#gd2mVJsw=FnBqJF%XE
z^|kkfs;lKrQ@PK#YkN06|9zQZS_8>cQ*<-uV6c(hSCd7onYGvX@*d^zrQ6`#h7Vrb
zD~mTd{}Zn9a`<m8eLME#qO1LVrOQOE|FddK1*3q7qi?HQ#NWYo1_V;amqo`%t5Iow
zkNtK(3$XjW=k*Ok90L~{fS5h-u|)i7jJ8ZJS{4!i590oDDhEQzz2~!WW!qVJAtJdJ
z#Ew*t-7%aEJhJs%{_<=SLyspbWlB+JG5G=xy7E;bq-arqe09Fq^=9Yw)vB!%Z=y4v
zq($6&4F#X#Wv`DVrcoiKPVRD8z71bx#`|v?3bm8aqIZJ1!@Uk>aLxN$a%V^-z9H)!
zuw0P>_<Qfg{|o!U@Bbau(?Qkp>#i(c#HB0se9+@Np2?@nA42r*k7t=AS_hN=*(kQK
zgXDBVD#8B48N=s4MuM!aF@;eQ$c=tdE|f;4A%eRKMD&~OOd|{w@pRV0_mzAm=3s00
zO;6+eJ*QR^zjZY>zISscnqD57(HsBmPPTb^6q|j%=!xQyijpZn<Sp}Ua+Eq~kk!~4
zDZuwt@8&OeKV00<<ms+4^|uN>&{x;_TVGuv(Lf4zWy{)&JyaXeM1W%dbY?`;-0Ezm
zUK4DN^;r*-uAqnSLdg2^;&OG5^1_QE(<K$>e}{;nc)0gHmhH-}V=wvXCOf^C1h-n@
z%szu=Rq%d$BajA0PEJxxMYE|o;vkVsH%dEH<{CCc(a`EqUimxMWGdr9wq==q`5?sy
z6_2tv1xJHo4q*eVnU{9Y^>AvwoH<qisn}>aD#`hy7WPb=HQ$!L$*p)Lva>z~2eA$I
zf$C%&srK|Y<IAPJE_yB3b#yT?O~uyhszQe)O#ggJ5#8w(B*Wd2ZyWoz*$Z+hJ;@YW
zQYp64<>xaH`v?6^wmP!wBvNp_u%1r3a!RR}&I;O1hj%<%Emd_%CF^dhDeiP%VaM)u
zH%|A&!D=t3`N^sNU0nQ)(Zkw*41@X~*8PTxj5A(hS}hrf)@Z<*O}0@AhGPsGivUEI
zSv#;Xjo}zJ$D;MSsti$>!1h26L*-E2m7HhF;MG8g$nHSOCZYrc8Gre$iK?p0vtrLm
zmqLV>V@Y=9MVZy68ymmfSOZm(&X$d4?}j6r(GTekLE_&n%^<t5vyP$fG=!$AH758m
z-tJ!XV!|dIWRD}|PpEylMQQV@nOZ(JX>|#D{2q;6qi&VV!SQOSW&a*{#Ckkpa<WA}
zeILE~-DlY`pyzzFCY3VDKF*VRydV=c=nrw!18xTj1<h@9aqqM{DAQ0c8%aC}0t>6h
z+;@++E;gP-KYaNVi0zK)lSVogV@q4SllJ`&?4xnYfx7V6N5MBdO03}e8T;8Pb@|n|
zXcN7LFH^;>Cx?vBJSs6WmxVVeEBW~4y3D6@FYkwlBfa@QU6V>1yT=&nr-52lWOz;v
zkN^NRY#FlZj9LpQ)V{;|{19&4<Y0+VZPM`DN|fEnIEf3;V*QIy*v(9QWWMiWE4ZAN
zYJmWijfX^@6p0QS=steZQ_hsyPY>s1$`uu7H_w@Gtt~nb(TM<zWo`P7y9!m08=8p>
zF(7$Y2w5=x{BlAo;Mi$8);H){?-5OCgoOsVL<VXz^Ez<8EOMp1!x~*-|GNrDm-0km
z>mOp!4&IEkYzm$4`S$b|EaVk^VMvODAr#)0HwL~QdrIhUolSaVDRsBPk9OIDFWCej
z*V(8c$BXR=Rr6iv8VKC-3HWBlFF~I@>_9W5$ibB^k*~hQu!*B)6tWpfK;FiBSDlcv
z-nwht7>W8>DzQb}z>?I??Z%#EyOSNNm!bd`UBvhwHQj@rtNA+D?~m8+s_+H@lr7JQ
z5wk7g33}z0l@t$f3gjBK=3#03x138@S^=0(o(s-P{<}`@UsyytGXKb^$GCSUb_)Ku
z$KEo=S;u)pUrS8ukeTS=vtN`z!agDl_K#({S0K3GXUn_n=|8EEwn#&Id=4Tl*@Y`-
zXR1ROKn+LX?Ib~<4gx60@@#JQva>)+zF`(b+A&@qc<rb=NuY7Bb0(Z0hj|2l{J0d`
z#}2K!7O>qh(id4FF@jf9-~b`LWANbB7$w(A!vKxx`Q&ULZK3d!?rU2=Fb|T6u+n$c
zLt=rDDwYvaM^<?t>U=fjyi;%UtXc}0ksMx1{EBC#6{VO^OV{WfozLZQY7Gts2V=n2
zoA<IxG2-9Tb<)%DmA>3XzH2t4Ee8f-z!!Tg#a4RUHOF0_My-MF9C>{Y(M~&&w#I8M
zF>G;80z-v}^P}r4qCp^QTQ8T>9}UT2y(p`gGg2TiBHn=`-c|ywmPM1_UDfbKfisc&
ze9t8O_^`mSyoZj|sgOpwkt4R@4CRHSuLT3s5x)z{Lq6-R9l!tAQA7XU#>~Zl*MV&7
z7n!2_AYRcJ>BQ3N$v`8kN5@-nZ0z`tqB^W*BmIDoes{M%aZ#^j*Eol?alxGrw#%@(
zyPy)B6S=X5@Mxh4&kV-N3!4Oly24B;SXe9)q%dhFvDdn}HLoiWucfJC8;jiRFtPT`
zo<0Nwv8%hm|Br_9cg#fW5#6r*nyf`@18U03@|p5M7Y!<q<Mx7bXJpKCXHNNtXcOKq
ziiOPW*oPbv<wH55ultHbs1Tkq_FrUkNhIWE!!+}0Hn=A;2bgZgCwJ!q7u@)lcJs^Q
zQ>Tju8!~5zMDggd><Ex2rGEEu0lVeEiT5Vs^;o|sFIFmr0=TxJ=GHl-UN;RJ<>0X~
zxYUpNXfZ76pn+eK2tcb%J!-v8ktgNT@Xj*>Y6^ZDBezka9x7nS&`G@4AlJjxWlq!S
z#p$&J)j^#hlRP(p2*n&%))|ndAPvtY%6M+C-R%r<Yn%$yD0f4E-2#>pHxO;>$)iGY
zT-bcjnA`1cav8Gm3h!`N;O_L~kT<m0zCf-iSkS6>r{VWG5I@`*0^S?;{2nXCGe)q<
zW(1)8oct@g9rq9vHCOAFq6Z+(8HuCt2|$nU7=V6=jKLjin33W|*f5p<ZUJ`1!>=K*
zd>QCbTx)c>khsuBvgm-?a&zx{9IaG0y}b7t?1zP+E9;x!8_aK~`j&>X7)k(<-MuhN
zE!Y2AI5(-ppx>i(xbiqr^qa1TkKP)|qd}bVSijSDfY_0}i6`ao)3sS9jelT+#g>Gl
zS-f11KlbQep08@_p5_Ys#zUNj@iG_#Ry#b4H>qe%KS-*o92M@AzC6<r_`!BcmX4Sz
zFk#-W@_LR**}6t_>^C$73b5LC@Y#ujf7VOP<B?bG2M{e$pFcTC`0PL2E9uH)awEtu
zd;BtwMv&FZ9EVv<xHH4~*ht|!SFS5^=2DpP<G>RoLk`QyhEA|F!&IkKZysgIRC!je
z@+`gz!Mu=EA~{_p)Gx%M?bP|0dQH{qrm94aIjqE~n4yJLf2*1Oq?H6Tx+Tkvaw-D&
zE@*HXS;gXh!>-nFfz>?B*~IQ+`+fZi1*yX8ec$n@<C{fTxFwBBcHW0FM^AgGy3C!x
z`Yp7L-;``e@WvTm1)n>W8Y7&2<<regHG#y{ITfV$<VQBStMo5Fc3CVm$#l@FlQSwA
zw_xDr>N>TBGg-$<Cw|}0@DMMAi18$(u$-KWjeddY)lo`y?Vj+QMCS=?2YzG$^$EtX
zZ?Gr1e_jkCeZl?4BjrIA<_@JSk2Ie8k5j66E>4Tahlw|cH8L4%I<}ub0f2@lhG)FY
zLPx6*WJ3(gkWJ=94I&7p1m|MPRnog`F$FHPawox7yA%Bu8<R-Iw=iqXRjwW4pXx6!
zE{P3<;A=!kv?0pyNhtedNdJnihxw<n73Lm}dJ%H2MALh&Bw<bSXg2WK*bO332d6N>
z<c!Jt*4wC3PR1k!yBWXuT(xza8;g0}bH+NLAx-T%SQr7zr=Y@{WsZ_99~<b<gTKvq
zss*Ug4NI)>M(NP5=gXAw2#*?8iIs<4)qxB466Gl3fH6b*r)q}lS&?sy;$JojyHX0n
zMh7H__0K8BT~@N{XEPVsx!(RnQ-N==SveH691@^HtM1C&4n(OjS(?i~Z7bna+M{RR
zUnk~Dn|7bIrJm^MzV$<x51HMRG0PyOz-Sn;5!FGHB%`b-VLU!Cd2bkqMTy@%*`iyu
zpHCaQ)A&HWd2V3;a{^n4Z*%F|NtzJl)8Vv*OTA+H;W+jYjCrWTY8L-W=y#>`a?=+|
zjPK@5i3iW4_4GWo^08lgFe=LVdvFD``b$F(CrIFgDzwrvosB-J8D6^)U&yiQKB$v!
zCPa&O`C?jwaqQNNE_we=8fDIl7d@-$U?fqmP2m~|mXvEt#~BZE(W>BhW48%s^jeed
zR3sX0hT2Ewb_85YdVcOS&t>wBK&$hX8`5JCOJJ_*IDVwv-Cypmy??J#+AvV46v%8D
zpoX&Wa91k+j3?Y_rZ?=J|12DY<wRMR)1dgF=*gCTWI<1LA%ng$6kZH4A{6_jTN(a{
zXnjK186m&%w2`Fdl0O|RX2d7Sf&L#YMxom;Qb$^Dna*s|tPLgu+|Fy;_ICdmGCZwf
zyIxPrbqNGu4lN*6uruP0ircrd`29Ajw&BG7&|uJ={;aW}Dt&81YH!MHwNIo?@C|ba
zNC%@AgaD<|k`8dC(n=*omb8X$etoP+umy`52xc7Dk`bMYaCBB!=pSbx!(=v%ksH@L
zplE>()z%h+npaKVZ{cB`^oT}YX`ubad<GKbJyxcO3idaLU3NQRCkR!df({wj0-SB=
zgt#&Ic%`7lB+UO!rUb;o=6*#=3ka8oE(U=n=IT(Bt2<T(<F4LT8u!(~3yAc42STyY
z{#sP*TN9ry5AQvk>izVg7Z<0H3wP{Uo}jh=Ya~8()R}MYjudD<Jwn$=2wN9m)y^+W
zsZ-ZykEWNY7O;2^UljF`7`C+nj|5p#w}1S+^d>o)RZ^wYoG#zXXUUfZy6iiM1+Jzz
zxF-kTurZPm1|pGl22SA0Lx-AHtC92cG=#GI2|1x~&SXCQLyIq>f&ltdpCB-8PNtKC
z2*~u!thtvneE(0kww|tu(AKv*=7oWT#SoCnKbf3#YH0j3L&(_PTY7zd<hCyp7~W<~
zf<JdUSNTZFwTVCFFu=5#yHG#zb8)#hEKyO7s3}*|s0pg(V;Tvqz1PSwVazQmmoBKe
zh9??U=f}XDhc^3_QAsIo{Pe*I(>5HwO@ND}<+zk9DLgFJba?R5mW(iKXpC1(zlHX1
z5kjz}J^iIcSF2G@5s1Bc=EGynSMPBUvG*q-%+i4m*|CmCumc%>1>}p~=SX6shJT1+
zMj||SnGra3AB@MapdTdZI#$r=_gv0PLV1ZAGaSD@-RgnBBRpKVZz^CY9S&9<s^ycV
zCo&wIb+>h1i35T46(Kg~&S!}2jaKOxK<MVcb^=r2`qQElh4W`sUTB@Ul)Zi>!$1BR
zo|Y8C(k$?J^u>^t^|}#+yZl!K0Z(9-Hm+=_9J~5>gzX&)M~Xdq9uFhd1B)bGNV^kj
zwbcHk=rYzdAKNeb=DKbO=cqpO4D-r6YgjScf4bSdVLgTF->%RpST&BS%w%77Wzim!
z?VzL(1MW~-`@F=@v94nk`NW-_-@seEgG5*17J=I1Lr}b9Qiao{Xg+DJI9o`5TrR(W
zUs;)!-vX#i(~+GS=ILqSEulYv{{cQ>aIux9h&uQ!wP1uOCJbNC7Cf-O`kmCr)du|S
zzXB3%?cKLLn1<rgh;EeV#@bRZA(6EFI*^Iy2mW*H>R89+w?C$ER}^$`PHL$Nx5yaP
z)$bmyX3LX)^Zx5jZ7&ijo*7A;`(&c+k$cdg*gg|2uMH9eo2xX~+bIhv3iynS*M;l<
z+x|2cgLjMzDU0ZS%+!E4XmVyjghUjZ7D-$-lyF$YE$jl8!c6AFD`T`5(JL?8FIklI
zUl#AlS+;g72<8rw_6vJEEs(TmTlR$(g{|l1$X-w80}+HOKa|2ykV&afTS`XRp<US{
z#3u>?y74<U&8xT4{XV?8eXzj0rK81~IeWe8NlJ-jnLCUPuR3ou(f`DLeS41udK#c6
z;bXf1{xYNUeO2LuP1QjZ&Kt_ODko%k6cH3ZV<#tEr-8<ZdUB>Pz0(hcF(u-ummFc|
z(^j{PmXCdeZ6Ja?fMomof15iE&$)I899-3v)%Bo^x;Z`fyPVEv+lZHX-r*=t@FY_n
zZKAlNqMcajWyyz(jL^*{C^!mctadjvU!IQxD?}SgFdcz6M0={WMf3q5`KyX)u2YBL
zJduW4md29U40n0BZPv}W#yJ{<Ms8#L4svfhJ=zFUCVy(9P&<W;@M!%vsK^nU|5GyR
zqk-T%rr43k!#`JA`rR39-(8AEr;4xTpw})8-IJ(2DsYW3HAfNgE(4cTtw>w*>gq+%
zOJYC}R!4d>c~MsX9={<{B0~l|*qF)hw&3b|-S{QKM-Ld)CxfB|q$ysLII?S_arX-$
zjSvql0`+$Wol6WpP4Hh-P#9EN5#iK;rv1{*eopfCLe2>*gEf(X4*o-!bJAVnO7Hv*
z`q@3#7I|a+V3niy2_r;-?1K$oD~mJ;D#OjM#3=?l@J;Z=$Z_zEGS_miA!S4s{hR;o
zu=-nKahDmmaS{;$2H?VvD{}8FT_l&_-o>NQ6$Z8|qxYJaM)D5pX?82WX7-1gBD=!B
z#d(P>epJmm@i*VIW82fo1u7kL1cLcbY}=C`_^2}%zK@n%mmpbo7b8g<E>*<c(m1j`
zvV*D*e8S(1-^Zz_>`7WDwMX-XNP4wcecRDFG|98}A5&p&T1xj2a-_HJMUnE2o=*e%
z;dG%UZ>HGZdhGc3{x&;I8e>6c`$bMH%d9Vsq49*{!EMWAJWNf3$ngOPn6QkNRnwn9
zUpiS-*I(7+$+@UxnQp$~L*CuUNF|O|EE86qzNEXZB@P_p>Hr<rRrv1dkp-NYxZ^wx
z^M$?#gdob>VzT_nA1GwB@n#k7@()Jm;4_zoT|D}u?%pQ4dbs}5YHxE*jjs!M<0ku~
zESg_y;6E+4{E2HF#XyiVNd+R=rMr-{0ZVOL_#dV=-gG*YM;kZxzNK<EK+u{*3n8f0
zZbl)HX%WVwC0=>Nj09>`QGJI21d1mhY=2T?)K6*JF7a{tZ;L4(<`}@o4ft8XcsvOq
zgl$?Y-BNvxC}v&5`$r0>Pmq|ss-ozi0^8zHS*~<e@qH}pd&lw_0qAg66cx`lki+;~
zrTemzkqhDGDT>sUwHi##$T^~nr?uB@>bEq@#IG=8qPs-&<;wP~ZVLrqzb6*zE@xPo
z?M+4^Z8erw5DY~AIaxPS)sbGM=o{<P#)DZDG#!VFiqgokNJ)z4!XkiB8jDO9+Bb+t
zDoUkV(aurDKR4ID+TN@Rq6EuKhx9oJCntecM|=RXO07RZ<aQ9cko)}ztei2Bh71J?
zyrBu>l<>mMZDeUdU#)zKSkFX&g!SD~aZzsNu%~ba6F@hVhgUTYr#!kcrNF$#gF)nb
zS@zLZb5X9PVLQYH6Smch5lj}9W@VCMZ`bNBZ5$;U<Y}O1tg(?~SBgQ}n&!dVm^Dzx
z%BYUhW!39$C~7>x^^({l9Wx$nDP2q<b=7!*Dw|kTDNOQ?941v234+9D?xGyVt0g#c
zn`lWvtagnQr~=2r)XMi4IBV5#jt;BkVPSNF=@jpb-rC1#`O@Q}DKHWpNBHp|KmoBz
zkQzsS5=+>Zl|-wR!y3D;(B&H@YHD(RRHO6qcP2$?&E{psDrQXZL`g)tz%zRODzmyo
zwgWMZ4Jm2Ba*Y-%30U9w+@v!!D<J_>p9BFa+P>A5T%d<E8W0RBE(u!KzlR3JVn`$u
zlN{57nm_qsS1a_q^s`F39aK$$1Z)G2k0H3a)#Mw`1=GS6(Y!jbfm~e}3r{)68kK{A
zpkt;j8Q+nu|5PxV`B999Mb8jlis24XGZpIas87Bl)^AmWATK2l8cm_Ot>Vtm;?xPw
zG9>W8+pbP;+=cpe<eDFZpIV~bNA%fDsK~SSi`+j4yd-aV<F-8{5<xfgdn<_+ggnWN
zOn&?Z8-Z^2*I$C}{au|_PI<NYFXb7A!>(_sVOv^J!8n7Qj3JqmMGm;;0HDlV_!XT)
z%B9<4vwApTE29^-8RHFZJ+Sg1J7h4zmmeRZ)XBG*Es*YKXzK?IpJ^L1dl^UnQMFr-
zr|o=Kh|&z9M($BMG@6A}D|05r`L7L&Dolg&Z8<^{DN66w3=XO*HHAxsP~cHh{9irR
z!KM{%mO|Ta>}RhI5rV5Ks@5XX<SblLILIXDb>qCW(1d=yONpXF0^h-xPZMYSfL=^T
zlQhSFVaz#GW99t%oy8=b`6`rSs|z7}_ff7v!Y})u!dLk4#iW!yz4M&Nn&u5;zi)(p
z#%F+(G@&@9-h;5nu^S}tEZs(@bVtYqkdvA--EM6;za@r5L9WQdwb!z*9*NXovEHkW
zr6L3Y%5*|ci&uG0BXxv86r@NJrv#nHuOJVG>Ue#q2-&nhIcma_HY;5BDrjh&YU7dx
z)R5gX7#!7hII#SPY4V!DpDZQ~Kp3mudmETGT!rn({rE9%oKj;`@ud#~c3<^Hu6X%^
z4znoFz>Xi9-IGR6Xd(g4#&9wfY!R^J`Mie+J0J~Y>g#Zgnl6u;p6$EadU?KBG<|aI
z4Efgnu!D!?g9pAYQ&h0mAbDx~t*~sbvsqxa9@(fCWK~++iK}%y(pzkPVlHu3vc&XU
zF6;yMRNI0Q07x4$)_|5E7S6ligZFe!C2U<V#7AYeLvMAGrv$zphE?q0#sG{60;3Ti
zU-rtl2OAoDV7mc-B~+YGy;FMrmWMQWsj>8<lIzJw;@+|X(sraLg!%x0CBA0yqimtK
zF}NHQGH5swBU;^#{^R4$U8R&O%WpCbY1VXCT0MHvw>ocBcCAYUX8&=#G@~92f^gOz
z-2#az0ZW1oYUoF~*$QZ++6o*QD*XWNWLLeD9oe3$976s&XQv;<ovbR&O%tR|mX4|h
zYtKjc7_@=x0NsALMWB<Ter9TuPbMVx;4@9LJx!ai%UkLZN=n%+(9m>9L7V!5VZ}q+
zpF-+{@<QSPEXQ2W4_??Q6Xa9^y5r)tGSrKU6)hPXZ~j-^3>=Yq(ov<&bf&~Vq#pA9
zM4`CxD`tMkMMP9!Z4?alU5xj6rMl7SWK(wNe8|TaSHjbBQ%Tr7aP8OxEe5AgSZ<v1
zV)CIt`0q;^Bp{8|x4w`_tlc{b7tfvm6{xnCK9M}X9B;;Xp!Vl??H)X99A7x=iI3Wl
zcOsQ;1W2kvbp5N*c)=X|>z6*IGxAbDZ+g+qe0m=1pIrpI9~&(a4{mty4wku1$EiKM
z{pa@q9mqAKSPr`b39blSFN68-ec#LTv)a&uyG=AivkK9^70Zrk4a=JeLCA?`*T>=~
z&4)kvZ6V6S4QA<f9jO(eXJZ!#<~iwH+p%|RhI~BOMy)qB1SiMV14zEz-L5cI1ZYM1
zxe`#n*48?+4*>D+ozxPprmfyTrQzg(oLPszSrTh#9NsWv<0E@RxZB@=@lNI~cFInW
z&zb1iNw>n6-I;=Q63;sj{n6IJ)-NOkRTQ|d%%F;cmv+_y=})D3OzcdnXMEvg{`eN#
zmi*#h4j799d11F=)9Of}r(`)sA0_>Me)tZgBH?}h_4HA2r=`Y^k;nA$d5*38-1~x~
z0_rJqw`!7%`|_6(SUIW#ZqG3VlEzqFhv^BV#*sr579R7Pyo~VJxQpg_Exk;a?xfi=
z9<y(|=r;M#QF9GGsvG{ijRTU|#F1~BI?2Bqx3yksr@v_H^icBLoLOnp^7*giNF*eR
zI*>iy;NKP^;|RbH3gI=@7YL6dC)^*-$}Kz1yl;9OTMTZ&vws)BH5`v#iai353w925
zJ^R3e7UL&VDQtmD>HD6fr*CayI}X2Ckhji6N7Vg`Ex)m^HFAp%(5H(ncbPPXx$@f$
z7AwYf2&ax{Cu8;d^hTK3#O%@jR5y=t|A}O2YD{q>JL_j@GQ96Nn<fs9xMYHM^YM_4
z8&>!5Kgu8^iof|LwP`mhDDa9A<P#kxQplk#8fG6A_1}fbo!Fv=D%#KPwS!F?m5af1
zo)xMOLy%%3)WV!mN|_xUm6D6f5~kQw{}`mrUMTlR8ur02jwUSGM(>sWrkZnhe-%<n
zFqv%if4RxBgU#3ea(_(NR2f3B^)Jy_uL`bEH*4OflZ57iux-NMf6(QYEMjN=ak`uo
z9UkpEY`OHenVvf5S}dDa!qf9kFaJDzd`vCEbh(>q)-TuwKad@4^{Jb^?~nQP6Z-x}
zZMZVT&R@{r#?#oqiJJ#qoYc0ZU>Y^aRF7ZZ%B4T^G>hnh@AJvzQF)ywwL1qTP9Qbe
zymri1Lp{COxH)V08*33^pb_&I9EhV8GMl;M{KdhJ6csgFdzU>THT9Y{Hy@vX9jG<j
z<2PV!;W5FZ99(hYVZV;=`t`uQ^~#<h01v~j+ANDu>t{Fbj44-Kv;;pkOh#n;iwYy_
zWnrqgYSD`AalC2T=%4(8hy#}C*=6&lR#QHMwQC$UNA;y5PGid7-T6+tx8ngG0V8(m
zhQ#l(vjihYOD;<`f=r_xMs7^!OK^$tZWC2(p6Ga$X{xfV#C7^>3+igM=KrwcmAP&!
z8N7d@6z<G(1=M)tT|}>y^6OXcMet;3d6@}3?U+zXmmQ~DoIl)G`$v=}9d3Qxj|jL;
zZfX7+GS^&Y9Y~kl0(lB-xpDrdcx#lu@jxjuLo6Y}U)_3okFe})8KsSrT<fRGw#y~$
z720_t?%%5D=saC|iJxf<sCh$o7^PPSWR#mSz2AulQjjSW%(|jBQzObH`4x+9wH&eW
z*gxTMJ7m*zu;klRtnH+}-9V!;#CUXk#gl@48?2&ytTKNdzEI((sOI!Tg}4+lJ+{+x
zcMWU@e%${|O}CJz4sdKu>wHNz$_Pa<BgVtpv_{arjG%3q8dy^GM<XM<9QcE?;m=uW
za$*9As8MwO2hoVuto8Xr(!rE#vU=)OsBZ`n+xHAAL5M~Af%ZNgVC1TEme;sc?p?2z
zRL=aS_F!w4NZZ!wXo3W-UsCuJ)_YUCJ}uWyHi_@kbTVyYBMiQGhxxS^gW+MZW3~Lj
zEWyg}XSGJKSE%uR|9L_tnm+NZD*d|O9`&5B`H`5WlT18trAL;S8D*9=jZ6vWGeX@N
zf#ey3ys|ti)pB6prIJJtT{V#Q+gKK*^76Y?7ty)cBLURRi9}9mRzD0bj$^a^bkNs%
zXPT$dxkjaXmo;FX-}hW~(b`c{#l!EIyy-OKCzMAMkQ&*K-6LL~2j)+Si)T+-j;QV*
zaHDr=yNwn9n{iS$>J5)2TZ~mP15rTpROL4OBg3ET$1v$Lo@>59(9^YMywrIH9)jOg
zib5HDSkoj7$SdqSYqD7bJikopVO3!Ww0plSC1Ragtc2xx37tgDr_K=HkYIKETl?De
z+cQDC>Ed7WEz;qgOPmIWvq#HcT~)L6rIq-{{}%mR`%kD0kc*bYAtp3}d#N16yo~As
zZ~7skCR9txCPhh<v*cP5-`Ydpu(QXAmtiY>vmJP_|L7_`eqySY$)VXUd2yO)3dau-
z%SF$#?x)nMhmK|g!d7sFyST8}{xro7y-gs^!gNK_rqY(U8(r|3y75#~5bV)buv3e-
zdxr)*#C3hi7$haQG!^+(8r@36Oky@kgP8_(futb(^{xm!_x$&h^K4?H3kZQ^noe=h
zwCKx<B6bE06y$~Ub&%p=Y<>F0>QrE5#3Lk1h+Uy~SmhmvBd~PRUOS6v)*ZsG!_TcB
z*q|Y5X<9?q;W{TWocGL3rsY3N4&~T`VKRoez{Kn38Bi#_bq&EXm6-d8Z!_u`8PDEl
zqyaLrr;+k_pL4L)*7uXOi)iZ{5Ba_0yAW|!U!rzl5_N}!UVNgS$jK@9oU0&VBl;RY
z<Uk_$lY4uK(_0XR*}LK&=9O&-ziQvGufYZ&BofTLbc<GD2pq%!Yi6>;k?zpGO=2kF
z7D7|U9Mvr|e~>l3AXfqHwQl&@ejZ@562mMl9*y%qPHl8Z7|GN@3Jz+y=jOzh1RV2X
zk4x-9khW5&Z~D62Tv$0S#l{>3ev@L2mJxQD<hM@XvOitUJCHJDw#VNi;@+ydaRq&Y
z`SUut5}H}P*PrMoVuvk{ad;vhmzL{Whh*wNQ1bvlGiZJDXik><x{shTMI$NX7j%^t
z`rEZiZRL?BGc~98!^^!qF_*0(Cu<;*<|hEC(14qKzK*bPe-W*jPIJ+iY+Ks(sxD#6
z6=|sJTy)n<RGrKbEBt!Q-RIdkta5Yk^L7eFj}1&OYlFtk^dAd~k((0Mb&7FKx+g<<
z``Z9sj>8g3p(W$oyGgNB9klfCE(MLGKxPl=bgeqR>cHZ26j<-}zh(IkP^<C*q^8W6
zDvFYdm95en{QX?phXL=}wuf4+ps~7+bHS77zw|^-)drpJsGa~)jWVt6Xr({fv^KZq
z4(4WYNqgy;=a4jVqvIq}{>BZzKUUvc)0<TTu^?&Le0?r~=0tZ~M>Zv5P`#w!whb*>
zl30h2j5>JvtRkZf5Y5?Ri~aY0a#GodCHCG|$WKnUiMxC%qKMcKvvzOP6&Q0SpGvQF
zXeJ>dupi*Kaw5P)`jeiTd6v}f&vE0oix%=sq95r}zE8C()0R;SZ3rAIq9M-k!~;Ne
zOS-l%GqRCeE|#HOIGUJX3dR?~QQ+D|k;z?e)pTo4iK!~}H$Sz<mGR=wI2`O;;kTGn
zRFrg=yOA#$eSo{5IU6n$?LH5^B0*kV5tf_#j6VQvkAaE4=VkWFx5Y`WPaXpu1J;&j
zR5tw^!>1L56<U2-5c}a7AwN?ojWD<lZN`pi=g1FFUUN@{SU@T^Fokhqq@LijhKnpm
zT#URs%2r?ltr%Amon?|<=Z%z<+v!J|_Wt<?S3P=T<6~!oWa|Hfg#;Kz7KbB?P1rXM
zA@B0C_G$X?A1Xm{pT8Cp7XEye`svc%zP!?~adbQXQnkW_`KOntdVvfj_O=#LZCt!o
z{?`ND_;ybf{)8;#kZ4P!CxI_0q;6GG7TSLVqIpo`MEgAwjSz}y+nPNurhfe5g9grd
zj5MIXrPKW{Fxs*Yq;~folHt+rH|s;Txff0cP>@miR3l{;{OuLpy`sBUboYwxUeVnv
zx_d=;ujuX--Myl_S9JG^?q1Q|E4q6{cdzK~72Um}yH|Agitb*~-7C6#MR%|0?iJm=
zqPtgg_loXb(cLS$dqsDz=<XHWy`sBUboYwxUeVnvx_d=;ujuX--Myl_S9JG^?q1Q|
iE4q6{cdzK~72Um}yH|Agitb*~-7C6#MR)%X-Tfb4sYlZQ

literal 0
HcmV?d00001

diff --git a/webgoat-lessons/challenge/src/main/resources/images/cat.jpg b/webgoat-lessons/challenge/src/main/resources/images/cat.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..e0e1fb983d4a3215381a3373fe69b02d5ee3a73f
GIT binary patch
literal 9095
zcmb7pS5OmN)NSZRYCs6Rm{3FSB1k7dXdxnm-m6FxlwLybq4yR*s&oNCrAjZMDDcri
zh)5L$MDX|CnSbWK-hE!qoV91|ea@VRHGBR2@^=$Jr>mu-1t1^*00{mqz~5B>8bCox
z24n!<XJBApV!F=^Vr69pftXoAoNUaXe>)Hdh>ev)fSZF2!okYSE5QR16c!Z~1#wBq
zONqz{h=>XkP*PITP}8u|(XonfaBzwIe}u4zu!xA<-;V%#aspz&01*K%fRLVmh@Rl@
z5P<z(k0b>Dr`7)rLI42~2`Mod`9IW{4nROiL`+UZLQG0bLH#d<fRG+Q#6t{}P$eN{
zFt+oFJk2O?VdU+f+ai-xJ9_|@LfB*OOZ&E}oA~*^$gF5<XJUr%$v8xzD?0`ThyPK6
z2mnO?Z@K@=Nkse);i3O`PDn`j5B}eF{#66=5J@no8uQvo{#^l35&g@cC!z;D2Aui1
zE0*80?^3TAg~N-vMx@pyLR$TVW-E&{naH%y;uoEG*(bQLYa3qj#yBVM2uYq}rgXK0
zPP!WbxqC1>=@-1y*BZ4gYJ0Q><S$#8jC**C9Vfk_vqa>#JtWHU^j1+Yas1%SkZ+`}
z4wR^Ppjnl8WKad-Y(~PDCqMoG+ST8<(8H;dD@ZQimeEyEO8y;b*sRzZXO)@T;N!Hm
z3fqs;IT_VfNhjDK^LxPysl$PFB_4Hit40OWA-+&qfb6UFH1KP5+$Ho-eJ=IxiBEV+
z(2LU;prM>bC%upfxhgi`Y~D4UBIndX;$4<5n!Uo&Jk^<L#^8YqSu$M<QI>gyN&+UG
zdl!Y|*Ca~TO##Lwxd8{Nb#!R%Kh#CaRhgt??mZ{I`c!*Z^4bi-#xy;NJ`!oIYAjt>
z%alCV_l7=tU@6h9e<W9v{1>22S{`wisyGz%tM^++BK(#$!PK8es?jZ1n(Q)NeNCo+
z=*1yZ%@@eZg)hCcnu)CcoCMFZs_d&oz-I^`Nb}Fri*D^CYNo*WjE4|~*H_vN9<p^`
zs_<6#AwXchNngEt1ahKVP)PIJt_O#W8*8>xcI7_2)qGCWHy{w1>n;0Qx9t{Z_m8I9
zc$Z=pHwAlHVw#jAt`-!3nf;9^MVIy)=0EV~_2HHg@ePNSZs(5W>Z$f|I4)C!LMTWY
z4L2o|lI$(JdV@cf0DkX(4Z!0$fYE+0zuY!_yDb>wgRer{CwiT^*C0vb$e~QjPN(j?
zw$Ca0ZIzmnrOudqzp4rN>KI?GuC=Yq?Lg%udEwUE?_Ls6TZ(a6)Jc7(g%V~;7M@k^
zo)=L?SQn#{2a|d2P34e=wc9=O!6Uv8u=EBGko&}vR4N6O1H92((+plGy=9SCgB0}3
z2^xMxcm@daq%)zdk_EOyNqBa<A^&m)nb#elo=QJ2I{t8|OqCymTXE57=ElkYh{Y2#
zlo;t!&0gBgFR}CQF$U>48sZ(pb2IMlEJI1Evz<u|+pTU}1LUIbinD!B&SXyHuYXVJ
zw0hiesy;s4yEOZy6xv=^uic8XfayT8#NWw*zMuXDOo%<mJ>vR39sd`gY<LL|JaqYa
zbpOse@DKD0_T~wWT<yYtQ*EfwD6b4d(UWl^4$28~Vb#+}2pG#zMCOkoz#@JGdIC^U
z-Mwwvp3jj@2a6?HJsW=k&kk(<?BAeADrVcK3S}pIiEH)lUQBbgqU|p3^0E~T4(3GM
z5T0LWvtJ8{TQ1+bw0Q{}{0nfUvKG_I%qf<3+RzjIh&g82Tj6u*%dus((dn>}&HC_t
z(eE!n3-uRpJ;L_A+}SizDz6*9_ZLu4LNsocRBVL9eC3CUo@*aw;yBbQP>>0-jBfUx
zH&}XyS%foTjL?&`XTGP**=<r@Cp3mdQcrIy>pjYxrtR^XB~CufxO}G#O1MN{uJ>q8
zOq&P+mESAJj6Y=~7W#PN)pqv1!UW4z-rTm{dr;n=E1i_o1WhY$vcWP@zNV#fE8y%F
zuC`@3{J+N$b%5s`EKfZH{L==NxP5`n@jqT@V?*m^)EaPv$n3D@B68_vgSD(z;}IJh
z0((Dh+~Uf%&d?_0Sh;bKw^zt}LWOVB_kV0Gqoce}J`_n*bKH4HilBi&mD@cU5_`En
zcj68o(i3_p2ve_&n7c}TtDzsdjGlzBB7%=Lfr?x6IB?W!_@m%G8d{n^JQCySPhVZG
zOBk_D#Eo;L*hZ`!(&YZOgV_qhc;dYSmv}T|pI&u41VeZWKPb)NGB*6<2rG-Mf3vFd
zjfu$U0yF!0#4e&_b=<*Od=>8x#Ad?Ha!x|G?Z!Rc#fn>mYehIhnzE9*0R4G(hG^R6
zap&do7LRClIfs#l1YzP)h37}HblsdqUxx*DL>LFx3^+mR6~j>G<?^-vz%M_k#3Tg7
zNmd$DG*9sTnqq#N1=)B7Jpt;pmNDznNqVO%BtNoO3tpp8pu9Ydc_yL?Ynf0bk(|xU
zr=U3FwqwYN)!W*LOP1LX{bT!ODLG?f08}r)3;GeMbo?{MmXEebK|yYDo%PaTGSAn|
z`mWitmNRr8#~gZw*4Y`S?DjiByEux_?b@k7W}u|z%xVaJv^gR7GO!0gv}Ui7dNV*-
zxfaH83G-I`9a28jE4(qnA?USn9!HwW7OS*G9$1<setJj}7+x8s#!^ZS;lj#3(tfE*
zMr?=AW!0Qf0Xr+%9bcls{2vO{ip3#9#!x`uaqN8w`p-S4ApQ?nKQsU2+BZIy{ob!K
zdLE`p9MbH(v3F0nd3{LEdDori_%>YRbiaXHJuswfmg~{wApeJS_x@y`(>J<<a}e>|
z(onlhiMJttY^|=}Kh6T=NO{XU5XFtWH@c|OdS<+Bmu21^xI~G05dG&;jeB0X`y`gH
zZ;MtnEreIKzxq+Pv)$N9>;cu~{0t9GL4m{BpK=5}S$HmvQFDpWP}Phq^gJ5SM;i`u
z97<5^DV=8eTyEMopO!;+sYx650LK#XY2g~=lOpjW*1`1lPTBkDJ<Bi`=bx?78k!%8
zao=~9!_s@2PtQPVhK6FP;&;V6O!wZ8UL^Lp`M8)U3x+-Ix=1px68i6uoi&u!B|jB#
z#XN{LRo-%XX#YJRTNh<oq<Y2@zp;FzlZS4UA$~0Cv!CHs);==0X4D&Z`d9#ees%fK
zZfC+u_Sp}PB8R#`2g_kJk6el&Pd-1-(D1V~9o_s(B+b^D>--9HYx6|cj4R@#KFG*i
zkpG2MWnoH6V}V~VbupwGrFnAG?PSY!WW+G8;D0<Y1=U}zuxB(Q?y}gqqz>xi&DC>r
z)X~Fyd;CKBOd4y~7?3?>j+)5am7}5W<W#m^-p@`+i8h~;wN+8on+5uOo%>YtB2p#a
zH%XR%FUx69ph_i?o@TCQF!k5;zNgN^IT`0VM4F_7Nxkf=1pVhvA4H#vvwo;V5WOaI
z5$lo81(8n7dnbo<&lp#O?&5{tE451~C>~!A=u{v5A*L8<9I}Jw@7#}1y%PstcDXD8
zpA4qq7(zYvfEe0LwfLrb@AH^@&b!{X*BViUx3ozbZd@e>r>;g}*E?GAMiJ}=pqKq?
zgSm!}xM_Y5#yIT{u*as;e46K&#e^v>s0i4hUiteFV{G2DRZJFtA|NK?(ngc`oTTua
z1m+r@8F6s8D0ZDqf_8CjQI3;fc?Y=FAd*TVwTgZ<R1mcG7@I9=2U9+%k?K83dGvDC
zqy(XfLUF){0u3hhTw1ardXOj|+uh6vPWo511pt%?!9A#`4Ox)&_W+9r*`>LVC)})L
z;wB;{<UOXXk|Y{wWN99_l{ZfM1@?$SY*kcSHT~AFL}<!T8hMfD==Zi2!MIo8Gjxo)
zptu+-*m0nbni}Bw(?*9R3Elek`I@DJ#+qN~tsCronL!uHSfug%f(f&#7epfCkU0_i
zF6DG06gpbv^HVt;Y)ca6{kg{rr1H$_?WTguhZgpq_5i!p--8+N!b{E61K9Geicb^u
z=C^jp(}8jW2~puOTWT9uR>EE%#G1T#k*u~Kuejuyr+YvCtdW-{{q|qaQid=q!@I$0
zbi8*+wC|7D?vFp6AEg>EJI%FKljVwdu%xp)WDHQ7_?8-QsnTG~d$wWc10tFAnK8~R
zzE@55+VLcR%BPdt5}TG19op2shEy6Htkhb>zu}6+LOrhMhomjQUl8J@a>Zi~Uy02Q
z3a!vF;4yf|9f^LQj8dR4J%YOR`wmp%`V<eMz}#==DeC^2=3Mx2nvbO(<pL$}A<u17
zc|cfmGu2%Yt@W)|s&ig6{YfzO-l)Wfq-&SmqbC(%GmVKk$mWO`iJl6bDlHJ}^+>%@
zM?gq-VzDbM_xQh@2-Qo~K#^EWpFK8n*{mvV`8}3CNJCvthc(R3cml1MT}dT}<7&6i
zT$LWkj2KLSDmi@Gb-lsiu+_icv}X3VO)B5{e8(g{bCb(B7Usnea5&7oc#BwcBK7Qe
z)N0=RAda5)Q`UvGrMZ<LM8I4Z#x2!h*6dB=Y3ZNJ7sU%AKS-u9s(3L5<t2@vgIj;=
zYuz2dxV|x~=A~4N=RQuD;WW`sSqzddD85M>eNt{?;PNn)eMPW6w8ph?8y)mVxn({$
z+)}xv-(|kqs=@dXeLQV%GMPP>>pi<q5!adyo$`AJ#0q|~3P1jPD6P-$n`60f9kQkA
zHJ=tHUheu(;<P5!A><+Rh2ozrjQh=I2AnA9X*RKQ)z{jCg%$p_r)#j@a!h`-GIT!#
z<q?~0WZtHCiHH!B=-G`>p>hTAMkl-YTW44%M7o+Vy*4Fg*Lp;3F*T2K5xTe$LN+X9
z*OKP>)qqyna4!PN5v7GYrB!xHHnA30X;|xoAcgQ$|ICqZcTVNPPt)HlqnyMd{h9X6
z6zg&Xw8bJ$v9SDTZly4nWHZBAQ#5j%KM^LqOEl~|i=9(Rr6dvCp+#A5>wOy}*kV26
z;Hlz%PP=0^Ztk>>(p1_WtQ|vpJ);0Xnn9YI$%{GodM)Fe4m@G)C~E#VdGUOWbyc%$
zQ+*_8gYUZREXCdlcRp3c1ypd_7EcYeLoq`PhQSgJC0bJWwy7K%5h7*x_@SKp+fqLJ
zOMDmB>!DcB&q#GSv&3N+#8(JK@Hmt$*`skq0M6(wC)KjW@w>9V@cuLB&_BS({w@n6
z8_;=CIWHxi@?G9JAvK)Wr2gud%snvR%}j`sbVvMHLAS2GQ3WQj#WrYuMEduh2k)YY
zI%5lMui*BQKYFtL2L4aUpPaVVa0S!?veIcDyo_?vGTw*9rF<=2q%fgAgpR4%(KtcW
z@Cs-}t4HE{pkR0mk0t{U(Y}oV#dil3E4G8bS}g?*7P%JL_0*J_O&&a7N#$6Q9+aJ6
zn!HGT4n2C4dSNHo8{|(ltNR#T0zSLea57UeOfjI_dmLNBw!_-Sg5RPfeoOnyZp-!I
zm#w|bE7iA9@0ukNo<T0c)#>w77s}xOg#H4u?90IglsSznmoT$^e44foVUGLf&tYLL
z!t5b~^Ck3%6g2yk1s6(*J4x}Zd~NeI@@jM4zIm`oe(Al0_Zs4;jc)HA;uS-h$!Y3!
z(3CuF*tbt-_tqmcS#$m0mQ%BvCd}-NbUl|&!rW5MFSq~9@L<yu8CHzZQ`pm{Z`4JU
z>!frE(C^0;z0&BgUAxk*a_uhnoo(EFInsb{l!X2FGHP46x+>Y#3%pJ2J2e+CL&Gz)
zQi&Yc1vM1_@HUZGnu|5s&~zhJ2jc<xMO$-I>gnidj;N=^Sh5rH_Uv&*(l>D1GJ?A?
zo#*mt_6T#;)NNMDF^lA;g4uFY^pyFfCTz1{gh3BAIhJTXd9Af?<)1Q?m5c=W%6}?q
zk~`C%S~52tEyBJQ1V@Q;kKAaw9ddM{Jb$b5Fpxl2Ow{D89}~fT?B*%6?O0%Cml_R9
z?aj@39WkWSzT#px18)s&KW4;H!PXt#A=@twp)Js2Y^7QZQr6aso%i=#ndh(a_LlVQ
zv_9^_jyr~2sDid!=DW_WHG^ewTBwfuwKPFE*P}^&_jIhlgc*-bJad?ahTQ8bWdm`d
zK!LGft*Z00-)hk-V3U1XpyG>nQXvH2mirr;i8omrOB6n0G1O+qv^E4ZKm`F`&KiHm
z*XcA$s^Q1+PWDHOZQneKB$3w_wP8^y$q)727QY1bB4Z(}GTI3j@n0KTYT||ln;aIL
zlDa>AB;U+yHQ<asWOX3L!3!+>cK-qd&;*8Mr|77yIxU3)b!=iN8P-h+Jl6DMpeE(f
zj#FL0DZ=O{NJ}O0Io^gL%is0JJf~Uf?tnJ|PhlL#;Oda5*(}JTE+5)JPq91Yxh;cI
z@093wZI6U)wy#={2j3$`#fxH0#!E7wx6YQ>OxbTZNi&dNa_<^<`O|8j-1*-QuA=;8
zwHuUruI?f|Pt{h_@aR?P$t;Z5`#<x0?51gLR%IXTJ9SEmRQR^MY|}$30k0Lod*y~A
zy1H+%8F&s!w}N?H_o>#&aDA7&jGNET`L8iM(?sfD#<T9{m^my-qZq7@&PNSq^<hJB
zS_5LO66@mTnY%Veazxxlu6kE4^*+mfuJ!}ylLcE6L#ndxOED8h2u6fvAoE12z#@lb
z>r7+L61#0e;dPV}Z|huL=a2xueHBpwi%OBJrWVTxlWAd!XgoqXIlFo`qdjNPwLpOI
z9w$<I3v?t``NX-%NvQFXyb`;qa)u3(t#ZA;Tm_v3!1Ja_ys(O7lM5v+**CBbh{;|R
zm_dZfBVUv(c(bi>!6CfS5bmQJ9z4#;Za#BNL{0bE>u@C1=7r84Fk6aB>(_JT(^Ln^
z4w?OUJW#LE`_X&wh<5v6;Z@Gb7F7fLR)5?Q0Rx%kH*Y*W%a`3i@vBQSUzQ_bzof`K
zKlZwiOXECM66KKhaBh=48XAA1&+<6BXs#-^Gy#Y}qTTRHx*)+>)Ba;}?vlbmsY_U2
z)OV(EGu^UD<>$GiafpwjkC_#&)X|u-WHCBPLM&Bz%yHw4xmvA8$Ey$HiZ!cj`%IlW
zuuL)Mtefs1>kb@^OgkdSPG{n~`t=mQA_Cu{P4x@s8@yeQq{5Q)1JjcIJgD|`<tSmj
z?3{GF2DA92XQJ58vdYHA=IGr4;N>SRDfnf(7F0Skqo1F>`{QzhmkRxJAro5ow(sPw
zQjQ8}uBAz_vaUB_Am1g;EJbC@bZArZrFg??#L#7tT{y~6$3$xMME=yZV{YY>J0^4)
z8yRmRr=8gJl1AY?()kds?4!t}i(BbfS!z#b%If+f_$Jl3wBW6=5I?i14}YrjgCLGU
zfPr_U{PQ8HS3|3Ala3ce(35jM#>XAPywxYk0$K+J$un>=EVSOZS3%i(_*rzyR$)M>
zM0~bvksmQ;pH|I5#FN_Zk>qQ(yJitM`*Xkt=9h^MdrK+T17z``!xLAeDTJC$*>6mp
zHy@JQMQ;mcmNKkytJE)UcoWfxJ5qToCgq+crh`$bq4(Nes%MrCblbxTP0PHw{{kGz
zcC4H6VtGxP6K}I5D7<_`<%=GY1I=!_nTbgqa!ZW4|4B*5KQ?Xja3k-jL57Q1R+fU<
zY~HeU_vWCli_?;wdy^&41thi1e<tYs1q|wT6O9wzDBAybelj9t#jmGi+EQgQyGbXU
zFlsUxKkIQHWBJjNaG4&@Qq15XSslYJ^^uV6JZT~<JG<>exKJuTU$m10bG0LyE(;6c
z_jcK*TW+9~;Vt1ZJF)CA$PZP`yt2*;*~XzXS&O274_p3be}eOLv@3xs^HGhOii~%s
zOVY1ret5(ImmKwuekAUmUKHXRztY~YEEGK)9kfGXn9vAP*cgZ27dh~e@k4nNvZ7wK
zIRegNG<{m+iF%vYMpzQA2zNhc1)`NjEcJ57v-bCBT&-(Z6BQB!HoLs-2iePU7}!8N
zFE;r>ZJr7HkMBdt6hl7(o|Ds5z?+E_?#zrV49Fju4WLnpn>8aTdA`>HwiuoApsk2T
zUg_%W*M6mD$PlYDJ8R1=SBn->{`CX*kg`!xtLx2Kxx!aOyo0^v{m!o+)rD-bnTM;Q
zNRlmdjlT~Es=cu`S2Phk?qnXhYMDiqKI_z7g~8iI7Sf-HbN3*JWahPZSSjM}>ajb&
zN5b(Wnj>Z3Ka?AH3X%V6K{|x5I(;7@E!2xReR)_SpZX-G#oejLAK&RXrjpOi-5}~f
znjf^K1Bf968ZK^|KP>cmQsI=x!@LI(LM5-Z;<Dq^>+s+lX~6A&m5c4h=C~epS76qS
zQqGnRI7_Lb&YQ(BsEF9917xn5q!$duw^donIUC&U|3n<)^$8%g_s_O1>$&^jZ~1UZ
zJegvy?SgKmbF)~UsCaWw(g2$36)0-1_SeEVa*x+~OsbRYqJu&9Zbmhr;`-AIhc9`-
z&Pjg(GVS33Q}<D@zks><54iBVR@<ws^EYz1o=B|c0i|WFu5M0(8+m@HrU@fm`Y^Y>
zrcRaZMRggT1=yLSQH2#Z(l{JfZzfT}lD>u{*zK^1b+BpFn%+Ri+)E`_GQktARloco
zN6re$hZJ$^MC+pnzNKr*QpXMyw9R>Wfgxzs35B4Hz!dfyP-aLu0*8g{2ZLh<n1w#o
ze;?EZ1D!@~+3)hFgbf1({KI04AI``wix40jTk<HEpQzaM<TT#@@SsO-#lZf<?q2D-
zs0*0kWgO?6IPzVaw%D@9ZZP~%2qTIDKY2iwWieE3U;l^qe%^_8PqkL{YD}4VfaI@4
zt+}C3y7VurzKRr!T9Q)o;n%32En0YXpF_VQC~MZ21@!q4iFBrKf)2RRaj%;UhWp5n
z{u!lJ(ya-XM)`=0aYQ3<al5_YXWZ=0&rqA)wA&v4$7#Sl>lYr2NuIR<33VFHNrHm;
z0j}WS`26FWj!RQH7be-#wj<sw>n~L*WIg#G>k2U{#BV{%hdQ_F2I0?aPCNfiJC5%m
zDA`w(3Y@3Ft(0Qp!9#?qeSV=7(K~VDy@aTK7|-oix_jpj9E;~Y+hx|X@dw$jqH=^S
z^~Ij7MqiU>D-gtbvL!v1|JwJ23ggbM3?K!mGqxe+hyT0f1Z7^n{t{;#fL^A24`oXg
zH;DtZE%gy=0okL3<jB_YqY?S1wvXw<ya#=C#L}s|erv2CKVM&w8{L4<?(8U;CUm{a
z2j36Tv0NofMC!f;{tSN{tqP!}@$xWpMskZYZr|}jh+b^E4T>3Ji7N~oISFa-uZ<Y{
z7vGJOGwUwB_~%K4Yvscz7{n6Zjv3$DPTPqd+I#I}4*iz0_&U~dkJ9r1p|Lylp<S@<
z8F^{I(SU^h=a9A5q(-#`LDQRuHPfZCHux+wMX)#}A`7{Zqqi;$x&!SmPU&SxFpVwM
z&SwgZx#sg!t@SqM>oq#*NIUTZ#33sW9cNa8^n{OOeML;3kxmGH9nXfAO`8x1Oqz6M
zBLdJ;h~ww%J&&#7wLg%B?D+w&4%GOT_hPAXDN!(8fVu7jwz@%xcY65O3rGOImB9n`
z{d~9L8Q$JJ4?YZ6Q8m)hmvx-uPA_{<jLLS*cWvg?Y;wn<1{PE$f3+TuB6q`>0Bv;G
zE>HUptp~ry-bAlLmkPlH*ikhccoO4;h1db2Y9N~W@tj9Pvy0dM#~<`dMI@`1okmqk
z^5+40Pebj!mP@w1VxS68xVhO+(#cX!tBR1@n38}oX5x2KzNo|{FIg!`3R?_Z+ht*b
z?5)tyyO6#6Rl;ov_NX`VMYU1(Lsh)z0gh>1o13<GL-VBuhu<eO7jHNUkQbt;4CT8;
zx8+F&(a1KP9<wMhN<m}MywA&R*qN*(aJLq&u&uh<J_}j+mU^L<!pX7>oU=nJqdeLO
zPNGV(Dt~G$y<#Omsj8CWgs!)zvvD)+%b~sZZ`@oPq&4QKU*TJYa+)-q%@2&siV?(U
zylb!mVYh9UTzZj9jgEQs#P3MQ&D5Af;0zSTZiyC*mbRf^Z`LJfn%uf`6xBq4v;2%z
zIz5$boL4lK-~!oi!%JBUFJKwZ3On=L+h#PnxfAT9=%tpA^GkNtZv~055%>Yo@UPP|
z;mfym;T_)t-ZoV_nfM)B1-~uHEpChNa_LLi9&`WIKGlliUqK|e|B4YYf!t5O{Mux%
zVy455ZB${a>X%;ojFrKKjO9Gh!6cBk<Yo&1+dHNTq3M{<6fgj3@3HSu>$k=fR^=z1
zpFP@P!rmI~<vRC-5GpWuwm_o2wfH$<BEpmfE~XIFVd?kMd@o1b-9|sP<#2N1Nr69l
zdC&aUF3UK4SYOySU4?{#U;u&fQ2EcH@!#X6xoZ5=5jps*?xz9cuTguo8&2_EM6xe&
z5>E#g=C9NrPg9T9!W<%vL(jNG*tH>W>xi!(>#$3`oFs-_xd(#D_x4Omdz1{5!NSZ0
zrDwpi;v*j+i--rLG^azk0kt1zU#V0ibH?$^ka?{GTBNBbKi~*g0{io$k!0(Ok*NPL
zK@0{+bcENwHFdIt9(&B%?X_At2~J>egi&{BspF3RJT9g#*u)yV6qm3`5UnH4UT_c(
z*4L@&QOF#eR;;3YGFoZ$RA|^5qobGh>Yo|F()_1v9%{SQMK(YI{9-$k|L^-)iYH)P
z$G}^$_t{oT$xF0;-m0{Izjzk&6~bIo8}?H+#-j)kY16Ap>~Lv+Pp0IvQ-_<PMirl9
zN;7gobh6e%C<CJDyFktOJbf6<R;-;@uY>CJP3NBk?q=2LK97Rb(qz#A0s+nYOEd<h
zoe6bCNtU;D5tK&uc)hh=4COs4fuAy|`Ct3lJ#ex0g|b<eQ(ThBh+2w#S=Ah5LYjmd
z6j<(eTvbSTQA<3MgsBfp#8G547rRQyzIImrnd&=yI=G?Ztw(6xEtf+r=)QVmu<q{C
z_6+_>PD?*#yl=^+UgKAag1hDJv{jvNjb3O$KUGATS{?w%0ZDjgona&UAZhNxr9=1M
zwbU5%F(j{f0zA;Q+D<&5MO0?j%)C{J^(N@8q|{)o9`_TN{P|FP5I;&Fh$Np0i^;&i
zU}e=3ajkBv$c`q@dW{ABf)U3F{N-q6mH;DWAs|%~uc!4Nin=`52fg`RAh=GQ(3NCS
zK%9!b|9o4%&k*TIRC9ry+(XC76G%v={RJ2&aoMq1QHaCgN9p;(?ujumX1V{ohD6Cy
z_MI_kk25YI)45_!M!0D8$vR-Ni=4S{r5Q|0B+sT?)G-0C^*!=agM^I<+S82*RHlp@
z9TNYrm+y<Sl#b#%SpK07$j7T)k9Jld67CF1BbJ_#D9>S|uq)2XQJx+7BBG1|<8l<z
z0}Usf%FmWkvX*rVWf0DdCVb`EYl!ivg(}iOA$#8~hRG#1=Lv_SHjU1AZM}PWvF|l+
z+Hb#?UAM4X=i28>yDBP=OcuJQy?bHHOyWn7kCOk?@bWg#3T7`(*da~z^CM2AJ*>1-
zHz!~6nba&gR#y!J%t#^#qzT?`5dRpNKJ+2kX?NP`U>Aoh%ecytr-=q3->gx;@5^%(
zBOIP#VvH4T5@e6{$wKJuk}(&Z+L>{G+y-jdb_YffNmBf$V~3|8iI(41@f$mj@U&YS
zeOk6fI;GZssIos!Kvodr115N%j?a&$T;KHC0<acgU_vbHiVfr<d13b-kZXdQX$%72
zUYe;ocfiIX0?%TFTypOuY{tX9D-#daL#PCr7(1u9+bzr(b#!%;=%WW>Xdi3f;UlBS
zmdd%isE3{hz1hH%S1r$(_9z+cp3to<jN6jZ-pyTWye4h|ck74>M*k^Si#`@4KL2b6
zIN6<?V;}n#Rx^CIPs#W&3)?JB@?MDWy#yg2MtyJ~k&H3q`s`(iO7OBVeuMm_(ffY5
zy2S7X>!5Dl6HCc5&n>lB<!S7_vTcL&zkvAoedIh`Zu39M7)pvGgBF3{8H=u`(L;y@
z{kaGunuQ^dQCSJD#9a-UKE1D;K~ZGGlgju<jgyh#3#``un?cBLRY8jgD&G^dfYAXt
iI0mT0&BeV<LOJ0R8$<lKCWt}RWQUSbz%Bgm^8WzK+1DNb

literal 0
HcmV?d00001

diff --git a/webgoat-lessons/challenge/src/main/resources/js/challenge3.js b/webgoat-lessons/challenge/src/main/resources/js/challenge3.js
new file mode 100644
index 000000000..be9cb11f0
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/js/challenge3.js
@@ -0,0 +1,15 @@
+$(document).ready(function () {
+    $("#postComment").on("blur", function () {
+        var comment = $("#commentInput").val();
+        $.post("challenge3", function (result, status) {
+            var json;
+            json = '{' +
+                '   "comment":' + '"' + comment + '"'
+                '}';
+        })
+    })
+
+    $.get("challenge3", function (result, status) {
+        alert("Hello");
+    })
+})
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
index 3a0b7ee9f..4f77d8158 100644
--- a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
@@ -1 +1 @@
-=== Admin forgot password can you help?
\ No newline at end of file
+==== Admin forgot password can you help?
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
index 6849340ea..526593266 100644
--- a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_2.adoc
@@ -1 +1 @@
-=== No need to pay...
\ No newline at end of file
+No need to pay...
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_3.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_3.adoc
new file mode 100644
index 000000000..ac1f2776e
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_3.adoc
@@ -0,0 +1 @@
+Changing language can have dramatic effects
\ No newline at end of file
diff --git a/webgoat-lessons/xxe/src/main/resources/js/xxe.js b/webgoat-lessons/xxe/src/main/resources/js/xxe.js
index b38c2d9c2..3cf292d83 100644
--- a/webgoat-lessons/xxe/src/main/resources/js/xxe.js
+++ b/webgoat-lessons/xxe/src/main/resources/js/xxe.js
@@ -7,8 +7,9 @@ webgoat.customjs.register = function () {
     return xml;
 }
 webgoat.customjs.registerJson = function () {
-    var json = '{' +
-        '  "user":' + '"test"' +
+   var json;
+    json = '{' +
+        '   "user":' + '"test"' +
         '  "password":' + '"test"' +
         '}';
     return json;

From 508f1287442c06e65cf17741115a14a20229ca51 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sat, 8 Apr 2017 22:38:03 +0200
Subject: [PATCH 16/22] Challenge 4: First setup

---
 .../webgoat/plugin/challenge3/Challenge3.java |   2 +-
 .../src/main/resources/html/Challenge.html    | 101 ++++++++++++++++++
 .../src/main/resources/js/challenge3.js       |   2 +-
 .../resources/lessonPlans/en/Challenge_1.adoc |   2 +-
 .../resources/lessonPlans/en/Challenge_4.adoc |   1 +
 5 files changed, 105 insertions(+), 3 deletions(-)
 create mode 100644 webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_4.adoc

diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
index b1d22364a..d5f94e774 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
@@ -29,7 +29,7 @@ import static org.springframework.web.bind.annotation.RequestMethod.POST;
  * @author nbaars
  * @since 4/8/17.
  */
-@AssignmentPath("/challenge3")
+@AssignmentPath("/challenge/3")
 public class Challenge3 extends AssignmentEndpoint {
 
     @Autowired
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index e1baebd44..c909915bf 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -250,5 +250,106 @@
     </div>
 </div>
 
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_4.adoc"></div>
+    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/challenge2.css}"/>
+    <script th:src="@{/lesson_js/challenge2.js}" language="JavaScript"></script>
+    <div class="attack-container">
+        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
+        <form class="attack-form" accept-charset="UNKNOWN"
+              method="POST" name="form"
+              action="/WebGoat/challenge/4"
+              enctype="application/json;charset=UTF-8">
+
+            <input id="discount" type="hidden" value="0"/>
+            <div class="row">
+
+                <div class="col-xs-3 item-photo">
+                    <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
+                </div>
+                <div class="col-xs-5" style="border:0px solid gray">
+                    <h3>Samsung Galaxy S8</h3>
+                    <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
+                        <small style="color:#337ab7">(124421 reviews)</small>
+                    </h5>
+
+                    <h6 class="title-price">
+                        <small>PRICE</small>
+                    </h6>
+                    <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
+
+                    <div class="section">
+                        <h6 class="title-attr" style="margin-top:15px;">
+                            <small>COLOR</small>
+                        </h6>
+                        <div>
+                            <div class="attr" style="width:25px;background:lightgrey;"></div>
+                            <div class="attr" style="width:25px;background:black;"></div>
+                        </div>
+                    </div>
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>CAPACITY</small>
+                        </h6>
+                        <div>
+                            <div class="attr2">64 GB</div>
+                            <div class="attr2">128 GB</div>
+                        </div>
+                    </div>
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>QUANTITY</small>
+                        </h6>
+                        <div>
+                            <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
+                            <input class="quantity" value="1"/>
+                            <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
+                        </div>
+                    </div>
+
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>CHECKOUT CODE</small>
+                        </h6>
+                        <!--
+                          Checkout code: webgoat, owasp, owasp-webgoat
+                        -->
+                        <input name="checkoutCode" class="checkoutCode" value=""/>
+
+                    </div>
+
+                    <div class="section" style="padding-bottom:20px;">
+                        <button type="submit" class="btn btn-success"><span style="margin-right:20px"
+                                                                            class="glyphicon glyphicon-shopping-cart"
+                                                                            aria-hidden="true"></span>Buy
+                        </button>
+                        <h6><a href="#"><span class="glyphicon glyphicon-heart-empty"
+                                              style="cursor:pointer;"></span>
+                            Like</a></h6>
+                    </div>
+                </div>
+            </div>
+
+        </form>
+        <br/>
+        <div>
+            <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
+                                                          style="font-size:20px"></i></div>
+                        <input type="text" class="form-control"
+                               placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
+                    </div>
+                </div>
+                <button type="submit" class="btn btn-primary">Submit flag</button>
+            </form>
+        </div>
+
+        <br/>
+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
+    </div>
+</div>
 
 </html>
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/js/challenge3.js b/webgoat-lessons/challenge/src/main/resources/js/challenge3.js
index be9cb11f0..53d4c36a2 100644
--- a/webgoat-lessons/challenge/src/main/resources/js/challenge3.js
+++ b/webgoat-lessons/challenge/src/main/resources/js/challenge3.js
@@ -9,7 +9,7 @@ $(document).ready(function () {
         })
     })
 
-    $.get("challenge3", function (result, status) {
+    $.get("challenge/3", function (result, status) {
         alert("Hello");
     })
 })
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
index 4f77d8158..e5678d52f 100644
--- a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_1.adoc
@@ -1 +1 @@
-==== Admin forgot password can you help?
\ No newline at end of file
+Admin forgot password can you help?
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_4.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_4.adoc
new file mode 100644
index 000000000..60cb2eb18
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_4.adoc
@@ -0,0 +1 @@
+No need to pay (fixed after private disclosure), do you need to pay now?
\ No newline at end of file

From c0b46221b7c6bffd4c794b1147b5462621f3e92b Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sun, 9 Apr 2017 01:40:04 +0200
Subject: [PATCH 17/22] Challenge 3: displaying comments

---
 .../webgoat/plugin/challenge3/Challenge3.java | 13 +++---
 .../src/main/resources/html/Challenge.html    | 43 -------------------
 .../src/main/resources/js/challenge3.js       | 40 ++++++++++++-----
 3 files changed, 38 insertions(+), 58 deletions(-)

diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
index d5f94e774..d1a92dd84 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
@@ -50,8 +50,8 @@ public class Challenge3 extends AssignmentEndpoint {
 
     @RequestMapping(method = POST, consumes = ALL_VALUE, produces = APPLICATION_JSON_VALUE)
     @ResponseBody
-    public AttackResult createNewUser(@RequestBody String commentStr, @RequestHeader("Content-Type") String contentType) throws Exception {
-        Comment comment = new Comment();
+    public AttackResult createNewComment(@RequestBody String commentStr, @RequestHeader("Content-Type") String contentType) throws Exception {
+        Comment comment = null;
         AttackResult attackResult = failed().build();
         if (APPLICATION_JSON_VALUE.equals(contentType)) {
             comment = parseJson(commentStr);
@@ -63,10 +63,13 @@ public class Challenge3 extends AssignmentEndpoint {
             comment.setDateTime(DateTime.now().toString());
             comment.setUser(webSession.getUserName());
         }
-
-        if (checkSolution(comment)) {
-            attackResult = success().feedback("challenge.solved").feedbackArgs(Flag.FLAGS.get(2)).build();
+        if (comment != null) {
+            comments.add(comment);
+            if (checkSolution(comment)) {
+                attackResult = success().feedback("challenge.solved").feedbackArgs(Flag.FLAGS.get(2)).build();
+            }
         }
+
         return attackResult;
     }
 
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index c909915bf..0d0b0fe86 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -195,49 +195,6 @@
                 </div>
                 <ul class="comments-list">
                     <div id="list">
-                        <li class="comment">
-                            <div class="pull-left">
-                                <img class="avatar"
-                                     src="http://bootdey.com/img/Content/avatar/avatar1.png"
-                                     alt="avatar"/>
-                            </div>
-                            <div class="comment-body">
-                                <div class="comment-heading">
-                                    <h4 class="user">John dOE</h4>
-                                    <h5 class="time">7 minutes ago</h5>
-                                </div>
-                                <p>I really love this picture. I really wish i could have been
-                                    there.</p>
-                            </div>
-                        </li>
-                        <li class="comment">
-                            <div class="pull-left" href="javascript:void(0);">
-                                <img class="avatar"
-                                     src="http://bootdey.com/img/Content/avatar/avatar2.png"
-                                     alt="avatar"/>
-                            </div>
-                            <div class="comment-body">
-                                <div class="comment-heading">
-                                    <h4 class="user">John Doe</h4>
-                                    <h5 class="time">3 minutes ago</h5>
-                                </div>
-                                <p>I think I might you this for one of my projects.</p>
-                            </div>
-                        </li>
-                        <li class="comment">
-                            <div class="pull-left" href="javascript:void(0);">
-                                <img class="avatar"
-                                     src="http://bootdey.com/img/Content/avatar/avatar4.png"
-                                     alt="avatar"/>
-                            </div>
-                            <div class="comment-body">
-                                <div class="comment-heading">
-                                    <h4 class="user">John Doe</h4>
-                                    <h5 class="time">10 seconds ago</h5>
-                                </div>
-                                <p>Wow! This is gorgeous.</p>
-                            </div>
-                        </li>
                     </div>
                 </ul>
             </div>
diff --git a/webgoat-lessons/challenge/src/main/resources/js/challenge3.js b/webgoat-lessons/challenge/src/main/resources/js/challenge3.js
index 53d4c36a2..126edcd5f 100644
--- a/webgoat-lessons/challenge/src/main/resources/js/challenge3.js
+++ b/webgoat-lessons/challenge/src/main/resources/js/challenge3.js
@@ -1,15 +1,35 @@
 $(document).ready(function () {
-    $("#postComment").on("blur", function () {
-        var comment = $("#commentInput").val();
-        $.post("challenge3", function (result, status) {
-            var json;
-            json = '{' +
-                '   "comment":' + '"' + comment + '"'
-                '}';
-        })
+    $("#postComment").on("click", function () {
+        var commentInput = $("#commentInput").val();
+        $.ajax({
+            type: 'POST',
+            url: 'challenge/3',
+            data: JSON.stringify ({comment: commentInput}),
+            contentType: "application/json",
+            dataType: 'json'
+        });
     })
 
+    var html = '<li class="comment">' +
+        '<div class="pull-left">' +
+        '<img class="avatar" src="http://bootdey.com/img/Content/avatar/avatar1.png" alt="avatar"/>' +
+        '</div>' +
+        '<div class="comment-body">' +
+        '<div class="comment-heading">' +
+        '<h4 class="user">USER</h4>' +
+        '<h5 class="time">DATETIME</h5>' +
+        '</div>' +
+        '<p>COMMENT</p>' +
+        '</div>' +
+        '</li>';
+
     $.get("challenge/3", function (result, status) {
-        alert("Hello");
-    })
+        for (var i = 0; i < result.length; i++) {
+            var comment = html.replace('USER', result[i].user);
+            comment = comment.replace('DATETIME', result[i].dateTime);
+            comment = comment.replace('COMMENT', result[i].comment);
+            $("#list").append(comment);
+        }
+
+    });
 })
\ No newline at end of file

From a60c529229c7ce6a86e6e76b1e7dcd477ac76c1a Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sun, 9 Apr 2017 02:30:13 +0200
Subject: [PATCH 18/22] Separating challenges

---
 .../owasp/webgoat/plugins/PluginResource.java |   5 +-
 .../owasp/webgoat/plugins/PluginsLoader.java  |  19 +--
 .../Assignment1.java}                         |   5 +-
 .../Challenge1.java}                          |   8 +-
 .../Assignment2.java}                         |   5 +-
 .../webgoat/plugin/challenge2/Challenge2.java |  39 ++++++
 .../plugin/{ => challenge2}/ShopEndpoint.java |   2 +-
 .../plugin/challenge3/Assignment3.java        | 109 +++++++++++++++++
 .../webgoat/plugin/challenge3/Challenge3.java | 112 ++++--------------
 .../src/main/resources/html/Challenge1.html   |  59 +++++++++
 .../src/main/resources/html/Challenge2.html   | 111 +++++++++++++++++
 .../src/main/resources/html/Challenge3.html   |  57 +++++++++
 .../src/main/resources/html/Challenge4.html   | 111 +++++++++++++++++
 .../resources/i18n/WebGoatLabels.properties   |   3 +
 14 files changed, 535 insertions(+), 110 deletions(-)
 rename webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/{Challenge1.java => challenge1/Assignment1.java} (94%)
 rename webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/{Challenge.java => challenge1/Challenge1.java} (79%)
 rename webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/{Challenge2.java => challenge2/Assignment2.java} (87%)
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge2/Challenge2.java
 rename webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/{ => challenge2}/ShopEndpoint.java (97%)
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Assignment3.java
 create mode 100644 webgoat-lessons/challenge/src/main/resources/html/Challenge1.html
 create mode 100644 webgoat-lessons/challenge/src/main/resources/html/Challenge2.html
 create mode 100644 webgoat-lessons/challenge/src/main/resources/html/Challenge3.html
 create mode 100644 webgoat-lessons/challenge/src/main/resources/html/Challenge4.html

diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginResource.java b/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginResource.java
index c84f07da2..73e3ee03b 100644
--- a/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginResource.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginResource.java
@@ -8,7 +8,6 @@ import org.owasp.webgoat.lessons.NewLesson;
 
 import java.net.URL;
 import java.util.List;
-import java.util.Optional;
 import java.util.stream.Collectors;
 
 /**
@@ -24,8 +23,8 @@ public class PluginResource {
     private final URL location;
     private final List<Class> classes;
 
-    public Optional<Class> getLesson() {
-        return classes.stream().filter(c -> c.getSuperclass() == NewLesson.class).findFirst();
+    public List<Class> getLessons() {
+        return classes.stream().filter(c -> c.getSuperclass() == NewLesson.class).collect(Collectors.toList());
     }
 
     public List<Class<Endpoint>> getEndpoints() {
diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java b/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java
index 50a255381..594b185ef 100644
--- a/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java
@@ -67,13 +67,18 @@ public class PluginsLoader {
         List<AbstractLesson> lessons = Lists.newArrayList();
         for (PluginResource plugin : findPluginResources()) {
             try {
-                Class lessonClazz = plugin.getLesson()
-                        .orElseThrow(() -> new PluginLoadingFailure("Plugin resource does not contain lesson"));
-                NewLesson lesson = (NewLesson) lessonClazz.newInstance();
-                List<Class<AssignmentEndpoint>> assignments = plugin.getAssignments();
-                lesson.setAssignments(createAssignment(assignments));
-                lessons.add(lesson);
-                pluginEndpointPublisher.publish(plugin.getEndpoints());
+                plugin.getLessons().forEach(c -> {
+                    NewLesson lesson = null;
+                    try {
+                        lesson = (NewLesson) c.newInstance();
+                    } catch (Exception e) {
+                        log.error("Error while loading:" + c, e);
+                    }
+                    List<Class<AssignmentEndpoint>> assignments = plugin.getAssignments();
+                    lesson.setAssignments(createAssignment(assignments));
+                    lessons.add(lesson);
+                    pluginEndpointPublisher.publish(plugin.getEndpoints());
+                });
             } catch (Exception e) {
                 log.error("Error in loadLessons: ", e);
             }
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge1.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge1/Assignment1.java
similarity index 94%
rename from webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge1.java
rename to webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge1/Assignment1.java
index 2b2a4f1d4..a05fcafab 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge1.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge1/Assignment1.java
@@ -1,8 +1,9 @@
-package org.owasp.webgoat.plugin;
+package org.owasp.webgoat.plugin.challenge1;
 
 import org.owasp.webgoat.assignments.AssignmentEndpoint;
 import org.owasp.webgoat.assignments.AssignmentPath;
 import org.owasp.webgoat.assignments.AttackResult;
+import org.owasp.webgoat.plugin.Flag;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -42,7 +43,7 @@ import static org.owasp.webgoat.plugin.SolutionConstants.PASSWORD;
  * @since August 11, 2016
  */
 @AssignmentPath("/challenge/1")
-public class Challenge1 extends AssignmentEndpoint {
+public class Assignment1 extends AssignmentEndpoint {
 
     @RequestMapping(method = RequestMethod.POST)
     public
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge1/Challenge1.java
similarity index 79%
rename from webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge.java
rename to webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge1/Challenge1.java
index be24197ca..86364d124 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge1/Challenge1.java
@@ -1,4 +1,4 @@
-package org.owasp.webgoat.plugin;
+package org.owasp.webgoat.plugin.challenge1;
 
 import com.google.common.collect.Lists;
 import org.owasp.webgoat.lessons.Category;
@@ -10,7 +10,7 @@ import java.util.List;
  * @author nbaars
  * @since 3/21/17.
  */
-public class Challenge extends NewLesson {
+public class Challenge1 extends NewLesson {
 
     @Override
     public Category getDefaultCategory() {
@@ -29,11 +29,11 @@ public class Challenge extends NewLesson {
 
     @Override
     public String getTitle() {
-        return "challenge.title";
+        return "challenge1.title";
     }
 
     @Override
     public String getId() {
-        return "Challenge";
+        return "Challenge1";
     }
 }
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge2/Assignment2.java
similarity index 87%
rename from webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
rename to webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge2/Assignment2.java
index 87ece4df9..d46535589 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/Challenge2.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge2/Assignment2.java
@@ -1,8 +1,9 @@
-package org.owasp.webgoat.plugin;
+package org.owasp.webgoat.plugin.challenge2;
 
 import org.owasp.webgoat.assignments.AssignmentEndpoint;
 import org.owasp.webgoat.assignments.AssignmentPath;
 import org.owasp.webgoat.assignments.AttackResult;
+import org.owasp.webgoat.plugin.Flag;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -17,7 +18,7 @@ import static org.owasp.webgoat.plugin.SolutionConstants.SUPER_COUPON_CODE;
  * @since 4/6/17.
  */
 @AssignmentPath("/challenge/2")
-public class Challenge2 extends AssignmentEndpoint {
+public class Assignment2 extends AssignmentEndpoint {
 
     @RequestMapping(method = RequestMethod.POST)
     public
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge2/Challenge2.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge2/Challenge2.java
new file mode 100644
index 000000000..94b1cf58b
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge2/Challenge2.java
@@ -0,0 +1,39 @@
+package org.owasp.webgoat.plugin.challenge2;
+
+import com.google.common.collect.Lists;
+import org.owasp.webgoat.lessons.Category;
+import org.owasp.webgoat.lessons.NewLesson;
+
+import java.util.List;
+
+/**
+ * @author nbaars
+ * @since 3/21/17.
+ */
+public class Challenge2 extends NewLesson {
+
+    @Override
+    public Category getDefaultCategory() {
+        return Category.CHALLENGE;
+    }
+
+    @Override
+    public List<String> getHints() {
+        return Lists.newArrayList();
+    }
+
+    @Override
+    public Integer getDefaultRanking() {
+        return 10;
+    }
+
+    @Override
+    public String getTitle() {
+        return "challenge2.title";
+    }
+
+    @Override
+    public String getId() {
+        return "Challenge2";
+    }
+}
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge2/ShopEndpoint.java
similarity index 97%
rename from webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
rename to webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge2/ShopEndpoint.java
index aae31c098..12c929492 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ShopEndpoint.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge2/ShopEndpoint.java
@@ -1,4 +1,4 @@
-package org.owasp.webgoat.plugin;
+package org.owasp.webgoat.plugin.challenge2;
 
 import com.beust.jcommander.internal.Lists;
 import lombok.AllArgsConstructor;
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Assignment3.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Assignment3.java
new file mode 100644
index 000000000..5d44247dd
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Assignment3.java
@@ -0,0 +1,109 @@
+package org.owasp.webgoat.plugin.challenge3;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.collect.EvictingQueue;
+import org.joda.time.DateTime;
+import org.owasp.webgoat.assignments.AssignmentEndpoint;
+import org.owasp.webgoat.assignments.AssignmentPath;
+import org.owasp.webgoat.assignments.AttackResult;
+import org.owasp.webgoat.plugin.Flag;
+import org.owasp.webgoat.session.WebSession;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
+import org.springframework.web.bind.annotation.*;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamReader;
+import java.io.IOException;
+import java.io.StringReader;
+import java.util.Collection;
+
+import static org.springframework.http.MediaType.ALL_VALUE;
+import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
+import static org.springframework.web.bind.annotation.RequestMethod.GET;
+import static org.springframework.web.bind.annotation.RequestMethod.POST;
+
+/**
+ * @author nbaars
+ * @since 4/8/17.
+ */
+@AssignmentPath("/challenge/3")
+public class Assignment3 extends AssignmentEndpoint {
+
+    @Autowired
+    private WebSession webSession;
+    private static final EvictingQueue<Comment> comments = EvictingQueue.create(100);
+
+    static {
+        comments.add(new Comment("webgoat", DateTime.now().toString(), "Silly cat...."));
+        comments.add(new Comment("guest", DateTime.now().toString(), "I think I will use this picture in one of my projects."));
+        comments.add(new Comment("guest", DateTime.now().toString(), "Lol!! :-)."));
+    }
+
+    @RequestMapping(method = GET, produces = APPLICATION_JSON_VALUE)
+    @ResponseBody
+    public Collection<Comment> retrieveComments() {
+        return comments;
+    }
+
+    @RequestMapping(method = POST, consumes = ALL_VALUE, produces = APPLICATION_JSON_VALUE)
+    @ResponseBody
+    public AttackResult createNewComment(@RequestBody String commentStr, @RequestHeader("Content-Type") String contentType) throws Exception {
+        Comment comment = null;
+        AttackResult attackResult = failed().build();
+        if (APPLICATION_JSON_VALUE.equals(contentType)) {
+            comment = parseJson(commentStr);
+            comment.setDateTime(DateTime.now().toString());
+            comment.setUser(webSession.getUserName());
+        }
+        if (MediaType.APPLICATION_XML_VALUE.equals(contentType)) {
+            comment = parseXml(commentStr);
+            comment.setDateTime(DateTime.now().toString());
+            comment.setUser(webSession.getUserName());
+        }
+        if (comment != null) {
+            comments.add(comment);
+            if (checkSolution(comment)) {
+                attackResult = success().feedback("challenge.solved").feedbackArgs(Flag.FLAGS.get(2)).build();
+            }
+        }
+
+        return attackResult;
+    }
+
+    private boolean checkSolution(Comment comment) {
+        if (comment.getComment().contains("Congratulations you may now collect your flag")) {
+            comment.setComment("Congratulations to " + webSession.getUserName() + " for finding the flag!!");
+            return true;
+        }
+        return false;
+    }
+
+    public static Comment parseXml(String xml) throws Exception {
+        JAXBContext jc = JAXBContext.newInstance(Comment.class);
+
+        XMLInputFactory xif = XMLInputFactory.newFactory();
+        xif.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, true);
+        xif.setProperty(XMLInputFactory.IS_VALIDATING, false);
+
+        xif.setProperty(XMLInputFactory.SUPPORT_DTD, true);
+        XMLStreamReader xsr = xif.createXMLStreamReader(new StringReader(xml));
+
+        Unmarshaller unmarshaller = jc.createUnmarshaller();
+        return (Comment) unmarshaller.unmarshal(xsr);
+    }
+
+    private Comment parseJson(String comment) {
+        ObjectMapper mapper = new ObjectMapper();
+        try {
+            return mapper.readValue(comment, Comment.class);
+        } catch (IOException e) {
+            return new Comment();
+        }
+    }
+
+
+}
+
diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
index d1a92dd84..91a05d4ea 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Challenge3.java
@@ -1,109 +1,39 @@
 package org.owasp.webgoat.plugin.challenge3;
 
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.google.common.collect.EvictingQueue;
-import org.joda.time.DateTime;
-import org.owasp.webgoat.assignments.AssignmentEndpoint;
-import org.owasp.webgoat.assignments.AssignmentPath;
-import org.owasp.webgoat.assignments.AttackResult;
-import org.owasp.webgoat.plugin.Flag;
-import org.owasp.webgoat.session.WebSession;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.MediaType;
-import org.springframework.web.bind.annotation.*;
+import com.google.common.collect.Lists;
+import org.owasp.webgoat.lessons.Category;
+import org.owasp.webgoat.lessons.NewLesson;
 
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.Unmarshaller;
-import javax.xml.stream.XMLInputFactory;
-import javax.xml.stream.XMLStreamReader;
-import java.io.IOException;
-import java.io.StringReader;
-import java.util.Collection;
-
-import static org.springframework.http.MediaType.ALL_VALUE;
-import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
-import static org.springframework.web.bind.annotation.RequestMethod.GET;
-import static org.springframework.web.bind.annotation.RequestMethod.POST;
+import java.util.List;
 
 /**
  * @author nbaars
- * @since 4/8/17.
+ * @since 3/21/17.
  */
-@AssignmentPath("/challenge/3")
-public class Challenge3 extends AssignmentEndpoint {
+public class Challenge3 extends NewLesson {
 
-    @Autowired
-    private WebSession webSession;
-    private static final EvictingQueue<Comment> comments = EvictingQueue.create(100);
-
-    static {
-        comments.add(new Comment("webgoat", DateTime.now().toString(), "Silly cat...."));
-        comments.add(new Comment("guest", DateTime.now().toString(), "I think I will use this picture in one of my projects."));
-        comments.add(new Comment("guest", DateTime.now().toString(), "Lol!! :-)."));
+    @Override
+    public Category getDefaultCategory() {
+        return Category.CHALLENGE;
     }
 
-    @RequestMapping(method = GET, produces = APPLICATION_JSON_VALUE)
-    @ResponseBody
-    public Collection<Comment> retrieveComments() {
-        return comments;
+    @Override
+    public List<String> getHints() {
+        return Lists.newArrayList();
     }
 
-    @RequestMapping(method = POST, consumes = ALL_VALUE, produces = APPLICATION_JSON_VALUE)
-    @ResponseBody
-    public AttackResult createNewComment(@RequestBody String commentStr, @RequestHeader("Content-Type") String contentType) throws Exception {
-        Comment comment = null;
-        AttackResult attackResult = failed().build();
-        if (APPLICATION_JSON_VALUE.equals(contentType)) {
-            comment = parseJson(commentStr);
-            comment.setDateTime(DateTime.now().toString());
-            comment.setUser(webSession.getUserName());
-        }
-        if (MediaType.APPLICATION_XML_VALUE.equals(contentType)) {
-            comment = parseXml(commentStr);
-            comment.setDateTime(DateTime.now().toString());
-            comment.setUser(webSession.getUserName());
-        }
-        if (comment != null) {
-            comments.add(comment);
-            if (checkSolution(comment)) {
-                attackResult = success().feedback("challenge.solved").feedbackArgs(Flag.FLAGS.get(2)).build();
-            }
-        }
-
-        return attackResult;
+    @Override
+    public Integer getDefaultRanking() {
+        return 10;
     }
 
-    private boolean checkSolution(Comment comment) {
-        if (comment.getComment().contains("Congratulations you may now collect your flag")) {
-            comment.setComment("Congratulations to " + webSession.getUserName() + " for finding the flag!!");
-            return true;
-        }
-        return false;
+    @Override
+    public String getTitle() {
+        return "challenge3.title";
     }
 
-    public static Comment parseXml(String xml) throws Exception {
-        JAXBContext jc = JAXBContext.newInstance(Comment.class);
-
-        XMLInputFactory xif = XMLInputFactory.newFactory();
-        xif.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, true);
-        xif.setProperty(XMLInputFactory.IS_VALIDATING, false);
-
-        xif.setProperty(XMLInputFactory.SUPPORT_DTD, true);
-        XMLStreamReader xsr = xif.createXMLStreamReader(new StringReader(xml));
-
-        Unmarshaller unmarshaller = jc.createUnmarshaller();
-        return (Comment) unmarshaller.unmarshal(xsr);
+    @Override
+    public String getId() {
+        return "Challenge3";
     }
-
-    private Comment parseJson(String comment) {
-        ObjectMapper mapper = new ObjectMapper();
-        try {
-            return mapper.readValue(comment, Comment.class);
-        } catch (IOException e) {
-            return new Comment();
-        }
-    }
-
-
 }
-
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge1.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge1.html
new file mode 100644
index 000000000..f2baa0d78
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge1.html
@@ -0,0 +1,59 @@
+<!DOCTYPE html>
+
+<html xmlns:th="http://www.thymeleaf.org">
+
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_introduction.adoc"></div>
+</div>
+
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_1.adoc"></div>
+    <div class="attack-container">
+        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
+        <div class="panel panel-default">
+            <div class="panel-heading">
+                <img th:src="@{/images/webgoat2.png}" class="img-thumbnail"/>
+            </div>
+            <div class="panel-body">
+                <form class="attack-form" accept-charset="UNKNOWN"
+                      method="POST" name="form"
+                      action="/WebGoat/challenge/1"
+                      style="width: 200px;"
+                      enctype="application/json;charset=UTF-8">
+
+                    <div class="form-group">
+                        <label for="exampleInputEmail1" th:text="#{username}">Username</label>
+                        <input autofocus="dummy_for_thymeleaf_parser" type="text" class="form-control"
+                               id="exampleInputEmail1" placeholder="Username" name='username' value="admin"/>
+                    </div>
+                    <div class="form-group">
+                        <label for="exampleInputPassword1" th:text="#{password}">Password</label>
+                        <input type="password" class="form-control" id="exampleInputPassword1"
+                               placeholder="Password"
+                               name='password'/>
+                    </div>
+                    <button class="btn btn-primary btn-block" type="submit" th:text="#{sign.in}">Sign in</button>
+                </form>
+            </div>
+        </div>
+
+        <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
+            <div class="form-group">
+                <div class="input-group">
+                    <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
+                                                      style="font-size:20px"></i></div>
+                    <input type="text" class="form-control" id="flagInput1"
+                           placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
+                </div>
+            </div>
+            <button type="submit" class="btn btn-primary">Submit flag</button>
+        </form>
+
+        <br/>
+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
+    </div>
+</div>
+
+
+</html>
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge2.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge2.html
new file mode 100644
index 000000000..8d3cea4c8
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge2.html
@@ -0,0 +1,111 @@
+<!DOCTYPE html>
+
+<html xmlns:th="http://www.thymeleaf.org">
+
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_introduction.adoc"></div>
+</div>
+
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_2.adoc"></div>
+    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/challenge2.css}"/>
+    <script th:src="@{/lesson_js/challenge2.js}" language="JavaScript"></script>
+    <div class="attack-container">
+        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
+        <form class="attack-form" accept-charset="UNKNOWN"
+              method="POST" name="form"
+              action="/WebGoat/challenge/2"
+              enctype="application/json;charset=UTF-8">
+
+            <input id="discount" type="hidden" value="0"/>
+            <div class="row">
+
+                <div class="col-xs-3 item-photo">
+                    <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
+                </div>
+                <div class="col-xs-5" style="border:0px solid gray">
+                    <h3>Samsung Galaxy S8</h3>
+                    <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
+                        <small style="color:#337ab7">(124421 reviews)</small>
+                    </h5>
+
+                    <h6 class="title-price">
+                        <small>PRICE</small>
+                    </h6>
+                    <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
+
+                    <div class="section">
+                        <h6 class="title-attr" style="margin-top:15px;">
+                            <small>COLOR</small>
+                        </h6>
+                        <div>
+                            <div class="attr" style="width:25px;background:lightgrey;"></div>
+                            <div class="attr" style="width:25px;background:black;"></div>
+                        </div>
+                    </div>
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>CAPACITY</small>
+                        </h6>
+                        <div>
+                            <div class="attr2">64 GB</div>
+                            <div class="attr2">128 GB</div>
+                        </div>
+                    </div>
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>QUANTITY</small>
+                        </h6>
+                        <div>
+                            <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
+                            <input class="quantity" value="1"/>
+                            <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
+                        </div>
+                    </div>
+
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>CHECKOUT CODE</small>
+                        </h6>
+                        <!--
+                          Checkout code: webgoat, owasp, owasp-webgoat
+                        -->
+                        <input name="checkoutCode" class="checkoutCode" value=""/>
+
+                    </div>
+
+                    <div class="section" style="padding-bottom:20px;">
+                        <button type="submit" class="btn btn-success"><span style="margin-right:20px"
+                                                                            class="glyphicon glyphicon-shopping-cart"
+                                                                            aria-hidden="true"></span>Buy
+                        </button>
+                        <h6><a href="#"><span class="glyphicon glyphicon-heart-empty"
+                                              style="cursor:pointer;"></span>
+                            Like</a></h6>
+                    </div>
+                </div>
+            </div>
+
+        </form>
+        <br/>
+        <div>
+            <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
+                                                          style="font-size:20px"></i></div>
+                        <input type="text" class="form-control" id="flagInpu2"
+                               placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
+                    </div>
+                </div>
+                <button type="submit" class="btn btn-primary">Submit flag</button>
+            </form>
+        </div>
+
+        <br/>
+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
+    </div>
+</div>
+
+</html>
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge3.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge3.html
new file mode 100644
index 000000000..a5e0ebdf9
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge3.html
@@ -0,0 +1,57 @@
+<!DOCTYPE html>
+
+<html xmlns:th="http://www.thymeleaf.org">
+
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_introduction.adoc"></div>
+</div>
+
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_3.adoc"></div>
+    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/challenge3.css}"/>
+    <script th:src="@{/lesson_js/challenge3.js}" language="JavaScript"></script>
+    <div class="attack-container">
+        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
+        <div class="panel post">
+            <div class="post-heading">
+                <div class="pull-left image">
+                    <img th:src="@{/images/avatar1.png}"
+                         class="img-circle avatar" alt="user profile image"/>
+                </div>
+                <div class="pull-left meta">
+                    <div class="title h5">
+                        <a href="#"><b>John Doe</b></a>
+                        uploaded a photo.
+                    </div>
+                    <h6 class="text-muted time">24 days ago</h6>
+                </div>
+            </div>
+
+            <div class="post-image">
+                <img th:src="@{images/cat.jpg}" class="image" alt="image post"/>
+            </div>
+
+            <div class="post-description">
+
+            </div>
+            <div class="post-footer">
+                <div class="input-group">
+                    <input class="form-control" id="commentInput" placeholder="Add a comment" type="text"/>
+                    <span class="input-group-addon">
+                                <i id="postComment" class="fa fa-edit"></i>
+                            </span>
+                </div>
+                <ul class="comments-list">
+                    <div id="list">
+                    </div>
+                </ul>
+            </div>
+        </div>
+
+
+        <br/>
+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
+    </div>
+</div>
+</html>
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge4.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge4.html
new file mode 100644
index 000000000..c095de87a
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge4.html
@@ -0,0 +1,111 @@
+<!DOCTYPE html>
+
+<html xmlns:th="http://www.thymeleaf.org">
+
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_introduction.adoc"></div>
+</div>
+
+<div class="lesson-page-wrapper">
+    <div class="adoc-content" th:replace="doc:Challenge_4.adoc"></div>
+    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/challenge2.css}"/>
+    <script th:src="@{/lesson_js/challenge2.js}" language="JavaScript"></script>
+    <div class="attack-container">
+        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
+        <form class="attack-form" accept-charset="UNKNOWN"
+              method="POST" name="form"
+              action="/WebGoat/challenge/4"
+              enctype="application/json;charset=UTF-8">
+
+            <input id="discount" type="hidden" value="0"/>
+            <div class="row">
+
+                <div class="col-xs-3 item-photo">
+                    <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
+                </div>
+                <div class="col-xs-5" style="border:0px solid gray">
+                    <h3>Samsung Galaxy S8</h3>
+                    <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
+                        <small style="color:#337ab7">(124421 reviews)</small>
+                    </h5>
+
+                    <h6 class="title-price">
+                        <small>PRICE</small>
+                    </h6>
+                    <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
+
+                    <div class="section">
+                        <h6 class="title-attr" style="margin-top:15px;">
+                            <small>COLOR</small>
+                        </h6>
+                        <div>
+                            <div class="attr" style="width:25px;background:lightgrey;"></div>
+                            <div class="attr" style="width:25px;background:black;"></div>
+                        </div>
+                    </div>
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>CAPACITY</small>
+                        </h6>
+                        <div>
+                            <div class="attr2">64 GB</div>
+                            <div class="attr2">128 GB</div>
+                        </div>
+                    </div>
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>QUANTITY</small>
+                        </h6>
+                        <div>
+                            <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
+                            <input class="quantity" value="1"/>
+                            <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
+                        </div>
+                    </div>
+
+                    <div class="section" style="padding-bottom:5px;">
+                        <h6 class="title-attr">
+                            <small>CHECKOUT CODE</small>
+                        </h6>
+                        <!--
+                          Checkout code: webgoat, owasp, owasp-webgoat
+                        -->
+                        <input name="checkoutCode" class="checkoutCode" value=""/>
+
+                    </div>
+
+                    <div class="section" style="padding-bottom:20px;">
+                        <button type="submit" class="btn btn-success"><span style="margin-right:20px"
+                                                                            class="glyphicon glyphicon-shopping-cart"
+                                                                            aria-hidden="true"></span>Buy
+                        </button>
+                        <h6><a href="#"><span class="glyphicon glyphicon-heart-empty"
+                                              style="cursor:pointer;"></span>
+                            Like</a></h6>
+                    </div>
+                </div>
+            </div>
+
+        </form>
+        <br/>
+        <div>
+            <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
+                <div class="form-group">
+                    <div class="input-group">
+                        <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
+                                                          style="font-size:20px"></i></div>
+                        <input type="text" class="form-control"
+                               placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
+                    </div>
+                </div>
+                <button type="submit" class="btn btn-primary">Submit flag</button>
+            </form>
+        </div>
+
+        <br/>
+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
+    </div>
+</div>
+
+</html>
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/i18n/WebGoatLabels.properties b/webgoat-lessons/challenge/src/main/resources/i18n/WebGoatLabels.properties
index 7a0256c24..f5bc601a3 100644
--- a/webgoat-lessons/challenge/src/main/resources/i18n/WebGoatLabels.properties
+++ b/webgoat-lessons/challenge/src/main/resources/i18n/WebGoatLabels.properties
@@ -1,2 +1,5 @@
 challenge.title=WebGoat Challenge
+challenge1.title=Admin lost password
+challenge2.title=Get it for free
+challenge3.title=Photo comments
 challenge.solved=Congratulations, you solved the challenge. Here is your flag: {0}

From c2c7c602df94fa810adbe03bcabcf01d7bc9a933 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sun, 9 Apr 2017 03:27:16 +0200
Subject: [PATCH 19/22] Fixed layout issues

---
 .../owasp/webgoat/plugin/ChallengeIntro.java  |  39 +++
 .../src/main/resources/html/Challenge.html    | 303 ------------------
 .../src/main/resources/html/Challenge1.html   |   5 -
 .../src/main/resources/html/Challenge2.html   |   3 -
 .../src/main/resources/html/Challenge3.html   |   3 -
 .../src/main/resources/html/Challenge4.html   |   3 -
 .../src/main/resources/images/boss.jpg        | Bin 0 -> 23340 bytes
 .../en/Challenge_introduction.adoc            |   7 +-
 8 files changed, 45 insertions(+), 318 deletions(-)
 create mode 100644 webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ChallengeIntro.java
 create mode 100644 webgoat-lessons/challenge/src/main/resources/images/boss.jpg

diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ChallengeIntro.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ChallengeIntro.java
new file mode 100644
index 000000000..de5869668
--- /dev/null
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/ChallengeIntro.java
@@ -0,0 +1,39 @@
+package org.owasp.webgoat.plugin;
+
+import com.google.common.collect.Lists;
+import org.owasp.webgoat.lessons.Category;
+import org.owasp.webgoat.lessons.NewLesson;
+
+import java.util.List;
+
+/**
+ * @author nbaars
+ * @since 3/21/17.
+ */
+public class ChallengeIntro extends NewLesson {
+
+    @Override
+    public Category getDefaultCategory() {
+        return Category.CHALLENGE;
+    }
+
+    @Override
+    public List<String> getHints() {
+        return Lists.newArrayList();
+    }
+
+    @Override
+    public Integer getDefaultRanking() {
+        return 10;
+    }
+
+    @Override
+    public String getTitle() {
+        return "challenge.title";
+    }
+
+    @Override
+    public String getId() {
+        return "Challenge";
+    }
+}
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
index 0d0b0fe86..8c61187d4 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge.html
@@ -6,307 +6,4 @@
     <div class="adoc-content" th:replace="doc:Challenge_introduction.adoc"></div>
 </div>
 
-<div class="lesson-page-wrapper">
-    <div class="adoc-content" th:replace="doc:Challenge_1.adoc"></div>
-    <div class="attack-container">
-        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
-        <div class="panel panel-default">
-            <div class="panel-heading">
-                <img th:src="@{/images/webgoat2.png}" class="img-thumbnail"/>
-            </div>
-            <div class="panel-body">
-                <form class="attack-form" accept-charset="UNKNOWN"
-                      method="POST" name="form"
-                      action="/WebGoat/challenge/1"
-                      style="width: 200px;"
-                      enctype="application/json;charset=UTF-8">
-
-                    <div class="form-group">
-                        <label for="exampleInputEmail1" th:text="#{username}">Username</label>
-                        <input autofocus="dummy_for_thymeleaf_parser" type="text" class="form-control"
-                               id="exampleInputEmail1" placeholder="Username" name='username' value="admin"/>
-                    </div>
-                    <div class="form-group">
-                        <label for="exampleInputPassword1" th:text="#{password}">Password</label>
-                        <input type="password" class="form-control" id="exampleInputPassword1"
-                               placeholder="Password"
-                               name='password'/>
-                    </div>
-                    <button class="btn btn-primary btn-block" type="submit" th:text="#{sign.in}">Sign in</button>
-                </form>
-            </div>
-        </div>
-
-        <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
-            <div class="form-group">
-                <div class="input-group">
-                    <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
-                                                      style="font-size:20px"></i></div>
-                    <input type="text" class="form-control" id="flagInput1"
-                           placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
-                </div>
-            </div>
-            <button type="submit" class="btn btn-primary">Submit flag</button>
-        </form>
-
-        <br/>
-        <div class="attack-feedback"></div>
-        <div class="attack-output"></div>
-    </div>
-</div>
-
-<div class="lesson-page-wrapper">
-    <div class="adoc-content" th:replace="doc:Challenge_2.adoc"></div>
-    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/challenge2.css}"/>
-    <script th:src="@{/lesson_js/challenge2.js}" language="JavaScript"></script>
-    <div class="attack-container">
-        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
-        <form class="attack-form" accept-charset="UNKNOWN"
-              method="POST" name="form"
-              action="/WebGoat/challenge/2"
-              enctype="application/json;charset=UTF-8">
-
-            <input id="discount" type="hidden" value="0"/>
-            <div class="row">
-
-                <div class="col-xs-3 item-photo">
-                    <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
-                </div>
-                <div class="col-xs-5" style="border:0px solid gray">
-                    <h3>Samsung Galaxy S8</h3>
-                    <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
-                        <small style="color:#337ab7">(124421 reviews)</small>
-                    </h5>
-
-                    <h6 class="title-price">
-                        <small>PRICE</small>
-                    </h6>
-                    <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
-
-                    <div class="section">
-                        <h6 class="title-attr" style="margin-top:15px;">
-                            <small>COLOR</small>
-                        </h6>
-                        <div>
-                            <div class="attr" style="width:25px;background:lightgrey;"></div>
-                            <div class="attr" style="width:25px;background:black;"></div>
-                        </div>
-                    </div>
-                    <div class="section" style="padding-bottom:5px;">
-                        <h6 class="title-attr">
-                            <small>CAPACITY</small>
-                        </h6>
-                        <div>
-                            <div class="attr2">64 GB</div>
-                            <div class="attr2">128 GB</div>
-                        </div>
-                    </div>
-                    <div class="section" style="padding-bottom:5px;">
-                        <h6 class="title-attr">
-                            <small>QUANTITY</small>
-                        </h6>
-                        <div>
-                            <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
-                            <input class="quantity" value="1"/>
-                            <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
-                        </div>
-                    </div>
-
-                    <div class="section" style="padding-bottom:5px;">
-                        <h6 class="title-attr">
-                            <small>CHECKOUT CODE</small>
-                        </h6>
-                        <!--
-                          Checkout code: webgoat, owasp, owasp-webgoat
-                        -->
-                        <input name="checkoutCode" class="checkoutCode" value=""/>
-
-                    </div>
-
-                    <div class="section" style="padding-bottom:20px;">
-                        <button type="submit" class="btn btn-success"><span style="margin-right:20px"
-                                                                            class="glyphicon glyphicon-shopping-cart"
-                                                                            aria-hidden="true"></span>Buy
-                        </button>
-                        <h6><a href="#"><span class="glyphicon glyphicon-heart-empty"
-                                              style="cursor:pointer;"></span>
-                            Like</a></h6>
-                    </div>
-                </div>
-            </div>
-
-        </form>
-        <br/>
-        <div>
-            <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
-                <div class="form-group">
-                    <div class="input-group">
-                        <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
-                                                          style="font-size:20px"></i></div>
-                        <input type="text" class="form-control" id="flagInpu2"
-                               placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
-                    </div>
-                </div>
-                <button type="submit" class="btn btn-primary">Submit flag</button>
-            </form>
-        </div>
-
-        <br/>
-        <div class="attack-feedback"></div>
-        <div class="attack-output"></div>
-    </div>
-</div>
-
-
-<div class="lesson-page-wrapper">
-    <div class="adoc-content" th:replace="doc:Challenge_3.adoc"></div>
-    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/challenge3.css}"/>
-    <script th:src="@{/lesson_js/challenge3.js}" language="JavaScript"></script>
-    <div class="attack-container">
-        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
-        <div class="panel post">
-            <div class="post-heading">
-                <div class="pull-left image">
-                    <img th:src="@{/images/avatar1.png}"
-                         class="img-circle avatar" alt="user profile image"/>
-                </div>
-                <div class="pull-left meta">
-                    <div class="title h5">
-                        <a href="#"><b>John Doe</b></a>
-                        uploaded a photo.
-                    </div>
-                    <h6 class="text-muted time">24 days ago</h6>
-                </div>
-            </div>
-
-            <div class="post-image">
-                <img th:src="@{images/cat.jpg}" class="image" alt="image post"/>
-            </div>
-
-            <div class="post-description">
-
-            </div>
-            <div class="post-footer">
-                <div class="input-group">
-                    <input class="form-control" id="commentInput" placeholder="Add a comment" type="text"/>
-                    <span class="input-group-addon">
-                                <i id="postComment" class="fa fa-edit"></i>
-                            </span>
-                </div>
-                <ul class="comments-list">
-                    <div id="list">
-                    </div>
-                </ul>
-            </div>
-        </div>
-
-
-        <br/>
-        <div class="attack-feedback"></div>
-        <div class="attack-output"></div>
-    </div>
-</div>
-
-<div class="lesson-page-wrapper">
-    <div class="adoc-content" th:replace="doc:Challenge_4.adoc"></div>
-    <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/challenge2.css}"/>
-    <script th:src="@{/lesson_js/challenge2.js}" language="JavaScript"></script>
-    <div class="attack-container">
-        <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
-        <form class="attack-form" accept-charset="UNKNOWN"
-              method="POST" name="form"
-              action="/WebGoat/challenge/4"
-              enctype="application/json;charset=UTF-8">
-
-            <input id="discount" type="hidden" value="0"/>
-            <div class="row">
-
-                <div class="col-xs-3 item-photo">
-                    <img style="max-width:100%;" th:src="@{/images/samsung-black.jpg}"/>
-                </div>
-                <div class="col-xs-5" style="border:0px solid gray">
-                    <h3>Samsung Galaxy S8</h3>
-                    <h5 style="color:#337ab7"><a href="http://www.samsung.com">Samsung</a> ·
-                        <small style="color:#337ab7">(124421 reviews)</small>
-                    </h5>
-
-                    <h6 class="title-price">
-                        <small>PRICE</small>
-                    </h6>
-                    <h3 style="margin-top:0px;"><span>US $</span><span id="price">899</span></h3>
-
-                    <div class="section">
-                        <h6 class="title-attr" style="margin-top:15px;">
-                            <small>COLOR</small>
-                        </h6>
-                        <div>
-                            <div class="attr" style="width:25px;background:lightgrey;"></div>
-                            <div class="attr" style="width:25px;background:black;"></div>
-                        </div>
-                    </div>
-                    <div class="section" style="padding-bottom:5px;">
-                        <h6 class="title-attr">
-                            <small>CAPACITY</small>
-                        </h6>
-                        <div>
-                            <div class="attr2">64 GB</div>
-                            <div class="attr2">128 GB</div>
-                        </div>
-                    </div>
-                    <div class="section" style="padding-bottom:5px;">
-                        <h6 class="title-attr">
-                            <small>QUANTITY</small>
-                        </h6>
-                        <div>
-                            <div class="btn-minus"><span class="glyphicon glyphicon-minus"></span></div>
-                            <input class="quantity" value="1"/>
-                            <div class="btn-plus"><span class="glyphicon glyphicon-plus"></span></div>
-                        </div>
-                    </div>
-
-                    <div class="section" style="padding-bottom:5px;">
-                        <h6 class="title-attr">
-                            <small>CHECKOUT CODE</small>
-                        </h6>
-                        <!--
-                          Checkout code: webgoat, owasp, owasp-webgoat
-                        -->
-                        <input name="checkoutCode" class="checkoutCode" value=""/>
-
-                    </div>
-
-                    <div class="section" style="padding-bottom:20px;">
-                        <button type="submit" class="btn btn-success"><span style="margin-right:20px"
-                                                                            class="glyphicon glyphicon-shopping-cart"
-                                                                            aria-hidden="true"></span>Buy
-                        </button>
-                        <h6><a href="#"><span class="glyphicon glyphicon-heart-empty"
-                                              style="cursor:pointer;"></span>
-                            Like</a></h6>
-                    </div>
-                </div>
-            </div>
-
-        </form>
-        <br/>
-        <div>
-            <form class="form-inline" method="POST" name="form" action="/WebGoat/challenge/flag">
-                <div class="form-group">
-                    <div class="input-group">
-                        <div class="input-group-addon"><i class="fa fa-flag-checkered" aria-hidden="true"
-                                                          style="font-size:20px"></i></div>
-                        <input type="text" class="form-control"
-                               placeholder="a7179f89-906b-4fec-9d99-f15b796e7208"/>
-                    </div>
-                </div>
-                <button type="submit" class="btn btn-primary">Submit flag</button>
-            </form>
-        </div>
-
-        <br/>
-        <div class="attack-feedback"></div>
-        <div class="attack-output"></div>
-    </div>
-</div>
-
 </html>
\ No newline at end of file
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge1.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge1.html
index f2baa0d78..52559bfc2 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge1.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge1.html
@@ -3,11 +3,6 @@
 <html xmlns:th="http://www.thymeleaf.org">
 
 <div class="lesson-page-wrapper">
-    <div class="adoc-content" th:replace="doc:Challenge_introduction.adoc"></div>
-</div>
-
-<div class="lesson-page-wrapper">
-    <div class="adoc-content" th:replace="doc:Challenge_1.adoc"></div>
     <div class="attack-container">
         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
         <div class="panel panel-default">
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge2.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge2.html
index 8d3cea4c8..52b0b8de1 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge2.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge2.html
@@ -2,9 +2,6 @@
 
 <html xmlns:th="http://www.thymeleaf.org">
 
-<div class="lesson-page-wrapper">
-    <div class="adoc-content" th:replace="doc:Challenge_introduction.adoc"></div>
-</div>
 
 <div class="lesson-page-wrapper">
     <div class="adoc-content" th:replace="doc:Challenge_2.adoc"></div>
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge3.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge3.html
index a5e0ebdf9..aec09ac6b 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge3.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge3.html
@@ -2,9 +2,6 @@
 
 <html xmlns:th="http://www.thymeleaf.org">
 
-<div class="lesson-page-wrapper">
-    <div class="adoc-content" th:replace="doc:Challenge_introduction.adoc"></div>
-</div>
 
 <div class="lesson-page-wrapper">
     <div class="adoc-content" th:replace="doc:Challenge_3.adoc"></div>
diff --git a/webgoat-lessons/challenge/src/main/resources/html/Challenge4.html b/webgoat-lessons/challenge/src/main/resources/html/Challenge4.html
index c095de87a..8b7f8ddac 100644
--- a/webgoat-lessons/challenge/src/main/resources/html/Challenge4.html
+++ b/webgoat-lessons/challenge/src/main/resources/html/Challenge4.html
@@ -2,9 +2,6 @@
 
 <html xmlns:th="http://www.thymeleaf.org">
 
-<div class="lesson-page-wrapper">
-    <div class="adoc-content" th:replace="doc:Challenge_introduction.adoc"></div>
-</div>
 
 <div class="lesson-page-wrapper">
     <div class="adoc-content" th:replace="doc:Challenge_4.adoc"></div>
diff --git a/webgoat-lessons/challenge/src/main/resources/images/boss.jpg b/webgoat-lessons/challenge/src/main/resources/images/boss.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..ec432e31aa710343ea08a8602b58237ef76f2141
GIT binary patch
literal 23340
zcmb5VbyOTd*FJ~`x51sk9R~Mc!{8F!-QAtwE`vM4LxA8KAjse@!4sU|!GmXc-|x5I
zp8aq4R-Znny82Xi*S&S?xzFwTxAJcb4p$MZ0EUByhl7KED{%kT;bh=YkdRT3kx)>O
zQQo~nK}E+!M@K_LC&0$R#3d#mAt5FpA|j(?pe7@yqaY%pVW**EWMW}uA*JTv=3wS#
zU}j<dPbcv2-n~OdMF*gx1DMH($e90s%fA6QJXH8~cu7QfARGc7JR%<aKNuW292^27
z{C{5e{}x0fcm!k=xOZ=jr0{V6@3yy(LO?`9{<j8)i3ksefQyLxb|og&v$*uT;)Cx(
z>vTpd|JY36{B`Ho;_N)lc6|Q=uGv>VVVcu?8@<JNGr~&L*667vpwmO3Rw1AkXVsNe
zqKIAT$m>3jw`D6Sk9o82XVhnN;nHbmCChrv5W%lU2R;<hh4jjrM)kU5Q|u^2suJ!u
z_4(Z1Jpk*>oNBWH?lV6+7Q?uymqT;LrXQuf=(@`)k6mK7rht+@LcxXrqbZan@!<~&
zhr?~bG=GY1y^?oLw)x6CIh&#R__bd?Zwfr>POmApHQ+9qr<rp9;IzaNvGW62>h|Y~
zWH|zTSZipyH1pJNP%Ow-EtuqI{#b2z>vHly=<1k<i-Of;e;KxuEB_YTcaf>v^KAGS
zmS-FBM<}2m6n#9;oVR6{IWIk0`na&*0SkxD%t6b#k_Pwlooejtm3H}(ek$Mv<(+(z
zm>vHxcBM{|phw|oy8me~x*-{<h=`m&XLkDZ5ril}bj+*Zmeb*njvdyRzQtl~nvOxq
zkVBerD64o@1NFq9+`AG0Qy31HKEc@csS}$=gq^HyL7p2H@*jY@zkLgZf{OuVg3wc;
z(-wq%1Ag1QL;sQ?GylUM**%QPPzU`B_Bj^Ba({~W1ykf6CG4_}*=L-wba9xxigF>U
zL4|fgVq5f5XWUwo_#og18CTh-EML-f_eTHYuCD=`*(bv0btic0e@^&!bfyd}^m+W@
z`^%-SfvD9%IbQ-XP59t+f;HaBh>!8<N#D}(=dIz*r=XOso>a_rj%rX!up;LBVQ6x|
z%%eGWYIDDcv^Zi*&wmbkve73?&s1N$)2gZx&bI$!JrK}3745hTsuL&m2DkDC(dr4{
zmFrR-pb|v*b8E+{_}PxtvHKBSQz38X*!wxuaU6)vU->EHjuh1IJ~Zmp(%PLq&_)bj
znO#1^H3rcv-dg%dFBe6nHq~ML-k{15%bzRWy9v(UyI~R_tungLdeO|vk8(k2YRFHm
z18=Zt2%;BepU(g6IN;G{*RFwRL8_ws5|Eh<=HF*@3ep5&u6nTYB_B=Ve;^<_#LS7%
z{8h^F$B6A9mh`e##}dcGp#Sdtc3N^aNF1a@r#bC6{Fo%&F)eyjP$_cVd)T8?@K?jf
z!+kNnir%)!xxus5Bf#IgT{wxN_2*@DevMgJSu8zDf)pQ{gQKTwOvUFV5nIp+{;YX3
zAk+8o7q$JcFI7E}L>s^LZcDUPVOqgO{^tIYNBmmz2LyMGc{4MGo{lcJ#&4V-$_nzB
zy-1B!81jr=QrCCm$dsB)zjn9$r0Jd>{@PP+m(Z%-^NU#3oXWxQ_Y&EULs)ok`SKJ`
zNYapHyEqY9SsSAWh|)sOZFY)PB-x~5tDq2JX8u|jJ6$|}>iWRMQLnQ+U1s%?`0Enw
zntQUge{fw#wfw?F=G5KQ4QavT(D`-y@%pdB>-P485tj$F{h)7M2TaQ7RJc$2Joal9
zIz??}gR-pf5<9<$xl}%T5AgCguNkl@B>|8=ipVkMSra*U5}IrMq3hy%-&1WOZ(|>9
zn0I_T)Lj1?u}{Fp;P>YN^oypyO%C$<w<?auO~~e@EcV#r$2~K1dnIsnO<rFiiW}he
zl8<#Y?89i)w!odVXQ`i}1{fZW;3%~P_B)@B&EmNOi#83|Sdxgq{dpc6JY~0GO2DiU
z(ty2Pi>*oSRp1_qlB#)Ih4PWDJ*zOQ8CM(!!v{@=rMU8N7Zy$qBH6Ue>b4^H)w|ow
zwvFc{>}=4N>K~9A{(|wq$1_{a;n)^?L=J5xop+do;;C^o*~Ex4T7uc`AhKG`?>VjP
zT|LTYo-6%%ZK)QS-;h+y?e%z+=DdgrfAp!<K$VF-_43Z@IgD#f^2PZAFkiQVB)DV?
zOk`aHu{!&2wz8-5ZPFeL$pS!l*#7nc9`Jf}pFrF`&8#mM-CzFX2y=N0<n7llDHnXB
zM3v?a2+>{I8aK{xu$E?)WLBpMHf3qf{99--dF?zzVQ^~D<-L70P1RCH#2-v}UF!EM
znpj+|&;ZkGKcNerC00?;!@Y^S#Fh842`VN^6Gm?@93=6Z<HUm#P)|_zd;a(v_t0<I
zWok8rU>wn!oQ>Z%kG#jndk;P6{-5pLg@i+yZ0fu>1i`!kWTZ*VL1SbevULX>!gDNH
zP*+YJs}1zCFgXvrcl&k@&3yJYEvV{?T?=h*RxoD{{Y|Dgj9g1S4So;#7F@N9x}Nj@
z_FB`qBN!sQa?&<@hdpYvsf2kl*eDiseqQ@LB-^*e%VxK@1S@R97k>72F`j?sG<o>@
zphu2&J$|<)y!?J!_v%r2!zBW-*I$60qwECzlHJ4cOY*Q<HSD|T<i5wrhG{0#J5zZl
zCXH&RCx)@MMz0?|-mQtzFsL&A9iwxorV%og$gdmvlIvh;frYs~N=nZl(c^%UYu}1)
z%mF0{n@AP+&P^H00`aFjoYeUhB^jKYlLpZT9+KA8>N05a%-8H3VjM892>NL&$+#GY
zsO_VQwC!Xa8)JZM>zJD;U<y5Pz|rXT{n_Dk*(`}uVrdhUYWNRveE!f`ElRC__gBx>
z@LnC$vK<GTqrG*}6%v!FoyT842wH5=sl?&yls;9WDTtp0TR7`?(tnt|9Xa$g2w=U9
zAG93kP3tD=INFgfXf|87W6J($QHJm2N9;J>d{kajrsL6t&TpQKhzdi_lZ;^I4D`>n
z8`HV-It~9T5LXV86B7kBa;nhPq$|4R(;3XEDz<m>ggI#E=6q56O8YBVk>iiOL}~!F
z&{A+~5B|P^O5py6foI{CMYxLteYqw%`C`n6J`_v^a~e1@T<FJTgT(~(M?>7Yibn6z
zxlg_hXo{aQ>cC1EQvr=fUnz2Hy~Rm&Y+7pTwmi02RVA~Qas`y1(Eh>Eq6TPu2|$|e
zC^5vLjQ7qXSn+9LyZ1Pw%dusrRvuO&R>0%|M+n|@1>BW)P?~TZ>>K^$xA;2XRA@OG
zsH1+F(a1iFM<-!I$g6H3^V5_uRIVcRQ%16!O1WAcJ8=@X`b3mCfM%%w3p0kgiIzTf
zMS)<e+Vm*Gtp+MSB0KYFZoHoI`T~v3uRP)&JTP!s$|9ZXeVIT`%5u5rPYb@uXlLU7
zn=GjokHxd!Ey&PRnVjA)TncHJ2n=r^iwzeJ0RbKn5$V4;?7u+l4P@aV;RA4Kd5~#<
zQUoA6UTJQ6LZUa=h5Cln;E@qb94{+FpCoc|#Q8%@%yA@Yo7Et(VAQ~nF1070zeFGE
z^_^6m`L7biMKVKcq`8-sSdppln9pf<sQA7Wl}gso{;sUKVW<1ONMtt#RX~S)0AF!o
zr0&VH3Tuof+ZBBNdF@j$dLZ4)#3$##;J{DBf-6S_q?du=j4#;pJqjCFN9@NLFDZvR
zFqYjuHJEq@A3E;S1A)@g1S)05*@+|qIsFlc%nCC}<hUo`FDxSCc&G`mAXP*A`6>OX
zn|#UZy_C!ajmPi2#D(%Vt1oG|v9Z#J&!l%&Gb*5m`@<>IyzaSeYB~3f%s>@_i=EMj
zl<<FW_%G$btH0{x9h>K@6cT_NK`GEUEG5$1+}ws&nFpLb2`h>%&q?36(&XY%O&HSP
zFA-maHq(|DI`-j=n)@g;?sf9%9~{|Gk~}0<8n<f;k{#bI>4NonaRmQ!-CZ43fU2MR
zPf%3c{AllOZ}xrrU+T==MIC-hAT6r&Q4y4Br(&Iw+pIr1uXwFACmtxxRxz5WWo~+>
z342<a%=Y{CmpX^4_Iq|`v>cBdG(lig9oi<NDKNRpBW*L58kq*0REEL!f@Yu`u;$+H
ze6ey87NI$z*6cF@Ik~P0|KQwH#f^iy-p58V&0Ab9i-QE-tJQs9HO<o}C66y6AZ6KM
zohig0Ee>d6&lXH5o^;Z*X@9VWCG&xs%}N<gXH<WCes7ZSp>q((8nR)oH5M*m9u96!
zZ!tzy>S3#R<#<_{xek0)zEd89V!V<bkA|!sPQ+${n0^qRDs}9A(rUJbnAl6yU;5th
zJp6+b{0C>dq%y1=mkY8QEB2&&vKrkp7|n!Q(B+Ozpm*GrgwkvLRk#gJlK<b^TfN7M
z9YMaLzdJYl8D&34j{YS;YG~;>@Bgc&^z0znB)|Ev7-}AqNW#t8A&{@~*&XuqS1gNj
zj^@Hu7-E$6Tb|8Tr8-KpxLPV@k;w5D0{aJdx}<;nMfQ)!n-e(j=oT86r$`oXrm%7!
z-G#QMFpWM?^MZy+H`Z2RQ_=m4$;|ONO<FqcOF}wMA5X%%ph{}7Gs?pDV<M`<7Q*j;
z0z3ri{Kul}A%#Z;BRrEKsyO2epU1{M-YVms6ayW;1u?X5wMk#>!PGs$f;3@z56B*L
zj5jE0UJ&w=j{WU8w=SH18)hStH#3Mp!6Z3}uy0v$63F3Meyea>R$_Yfr`%g^hIe!-
zEt+FtVGeRn@?s7iMVlu;Qift%=7{p%?Y@6@m>H>k4wy!ND<l-$LMQ(z0`FG=PRg?P
z#Q^4?056p}LD@|}fH2-6nW`cGUk-4Wn&U4Q@SZiPv4;m_lkWe#Qs?HY10yE6^4ok9
zfL40)^(FvMvSJp#cuxFTpxPig?Ba3>-A|{pQO*@DoROIq2Ulun%cQ&e6nXmCf6Zul
zP4}8otJFZxE$W$UW<O;o1*?C%8RQ=QAt17sRGX+OO4{$w-oH0a;K3o5dw*wpX-jv(
z7=o12m)auCe52>S;F6+L*}D9t-e<Y{IiDP+t#GC4rOPHslzv%FTlwkPS-4+Hgq1t8
zQQY?~PjHiwv;Y@cT?D)p&#X<ZC^=zg5LWp-mboZR0*s78akfn0xlG9PShPQGtHVxL
z>pfZ^JO2Up`QbX|z+Ccq;)BaKZDSq~OrjxplIqj<)QYXrkzRn@iI;yB!h|&tZ}f{r
zRm+$D$}(0yyoLBMb=Igzc6@ySK+M(AR~>uDFN$Y!qF6?B&f1%oU);HFIaKzQ9z@1$
zgpMB_cOF0NzmLqLSeK+61Gjc@D*#)&bnU<C>a6se>49v^q7AC|W!v08Ro0GapzpPf
z8B#Vhs;N0Qo-XZ@s|XggHVwsj4Xc!w^a|>Zh)bTPLK6vB3VashnDa%CUIClEnrQ-U
zVD>dLjdijM=XmxX&PxuhVqI%_>(w)ovFwV4RuUpPb@NsgvGz|yKK>vV#=kO*5Y&s?
zmOs(OPq;a`6r?A3pbrmhs+PHA%&rDCWh9%m+PY(GsLL_vuDXvR_dh8<%Q@9=QyYCT
zbn*eKS~z#iAZHzjP90nkrDq3^L=XGx{Ahx?2tuLV`@)blk8VTH8ByVtdfW2ViKEwg
z&jVj!ic_Dq0B!u-%KG4_4p>DKS%Op8m&`0q&a2=ntFd%COMj3OEU@f+<vb-^IkAcE
zq+GvfIpn9;T0Y<T1jR}cfiOQ_owf=nQMsMmN%qulQ6ELIV^=+Euct0?bo8(K8B0mr
z-M71D7?Ae<2ynb9PTc5!6O6F#nxkVXnOr(4CvX3`RP;BY&`%+JW4A|%92+VY>z;~E
z=fZfFW6^Vu!$_W+xLaTC<%AZNhX5x_EdHP6UtP%J3|XAl(N2KL!Sk8uhX#co0u#Nn
z+r-PChC?_q{FZa>jd4fj={W9apCP8{Y7A4#C4&|&6HW@ofqT72ih%U-#xnVub=4X}
za^h>q;4mh>$!e(pbG3dikZwzwj9PAf(?&rNL||cWa^lr`wy-hJucIV5^Wf5aaB6j6
z|JA)HE9tSvNr0TOtA)?ZvHUFlL%aJ8@NLCNS#@osqhw7_d|_R8UO2XJu(~sLQFz#p
zI4It?$;UM~Go29-_Od)KnM3pGgJQ?V(SEHal6~_f<Y=%pFjL8T8(ELB{*Pl2e^)#9
zRovFip;gg2m&(m;fBjd&e3i;M*oqS^Rp$vjBQrF1ONhc|5b5Ph&vX(od)ZOz0-8ak
zVUTxfuPce6mYW)-IM?Hs`}Gi^)^S5xg55@PjYe$dz8$lE0%w8DlJ|+Iur-lska~Yh
zhUle_Hia#zwkfmIg0A<HOTpic^YA}ie)LyYyt7M>KZ9E?H>+;_I`mcaQ_%X{3f`d$
z0i6X>YqhPkKs;+Z@};N3V$~o*59$QKC33m+eBZMjbz(BR;>pSC1neBL$Ive9lnoBx
zEU~}swu@|&|FLi7G;a}Li)h}UamGxJ6on_7h}EGDgT!;2sS_wJ(QTaj-f?Z3DmMH$
zkG*bPTZ1%O=qcL`E1tN7WV5KrAB$#HefaD%GFSUkhTB=-Z-zz$y%kIRplIykHQDGO
z%AoylQUduJ!78-blOTC_rL1N@OtgHm8Vu<#-ZPFu0XIErnU*;cUfc>hm)7T&!}x1{
z-jzxNA*C^`T0{B`kpA%LxxUEYEv3rpAr0##E!7`+As+(l2J#*InTG`1CGw4&o6hip
z1i+lyGcwiDy@hI(Mnw@y7OlLD%DG3V5Oru1cqw)x*@}(GlE3h0d;at_q4KUpgwQl^
z;z~edo33?!-0N$4nUSu><>GSZPcT95At<W3t%7+KCE?}?!eW0mzey=aXS2%)9s)8e
zpaD&rWYwXXq<6VUmvJPiPxy;FYWm?O<)xC^PCo+jpn~1uE>r9Ri_gXa8=q?V7th3T
zcy6&R9C#@`t9uxCl|E-BpX-cR5*D^6)S7`&1j_x?FQhCakbqnmZn-BS3HD!qY9<tw
zA$|RIvasn{KgX|W`WmufCr%u`0n)Iktf8r0RK(B?Voy%{MM!BKzBIaEO0LA-y2`<>
zMO(Ym=+Fc{7@dq<?cM-ux^^o1sA%Kq;z<J|<p`X?^Nx5tt3+~&!~rTq1dlFh9lCP-
z<zOZ9xd}iXT`PVY!@8AedF1A{SRMOFMV8|i4Vu4Xy?Qbf3IftcRXU&QHJ}1E()fIh
zFpFR`jImqCi4j?)p*AO`dg#M4hQ^oFtm>~Adm;2GLwzlW+tOc{cjH)>{GcMx!L=#L
zz%rqlv~=(8I<fJaEMB$Jb#`pvHS#ZDU*u#N^9G|>Tj^Bo+6WqU<uqdCZvToaLbl5A
zw%E;6-;zp1ILAUYhgy|Yvx>;LZFnc1fUkEPEL0Q-MZTI*#!N<yUn$F^h}{<~h`#pw
zolbWFC0wVZT{tzFB+{%jK6+p(YeO>HD)S)N8R=oZ!^57V-80d_e&~aSai)|qPUeoT
z$&x%n63#h0L0w{`Af>@b{eF}Vph5!a<EamD8FKSvGCi!(Ne*Q}OZ+p(6oW_-46@p=
z&b2wP{jN-|5vhSRIsi<RBZ=qXPLw_M;mE$Cm3T_L!-J-t&mR>f<p$%0p^kV;a>haR
zd6F9xFc2W8KBC?sVq?&;qO`+q5SQb|8!AmY&B*P^&&^_l4eh_Kke#N^;UiZnL!m@0
zzHiS879>)`t8coJuQ|HC>)w(PD6<gA;qI!pQ5gtccu@HLrP#$P`9nTJPr()8SwXGB
zI)f4+um&S`_s__B;))adeXD>=uxQC|jIQj+$(u1K)>D&JRAC7%uOw~n+!=xTt3JpU
zWtUMocFb{tSY=qP?TPNsA54WeKR5j55wRjanOW(lVJgoA<+5IO=CAhTum0y8?;*(3
z8yjpOIdGx#w5P1>@di~p#+X*F8RjK`@-wUNqB?%L3X&%sY(q9|8=@cO%U*QDB|I1z
z1zZHlr+(9Z69?u-Tj<B9X2cH5n$vXwKrU}RY_5{rt^c5<qZ+$s^K+e%|51v9b#NU(
zFgltz*F9};CrJu?$sBp}qIj(&V7y2lQLo}-rk}m_>qW7Bk#xsY>O=F!#B%fBm%j#<
zNsRd&em5x&*?f!hfOv3-|5N^#ZimN1z{N+Tq2=b00suAs8{WO~?UL}e>5fYC85I)5
z%e3_`jE(bDCE^<Ix>F7==Wk-@X~$;1N(T<EWpq`^L%vxoaMMl*+p_ONQzL0Eg@mZ+
z=M4w-no{UWdNvKKkD{}x4)%5uP(3`P0j4-b>A!G`8X{>0`4ynk@|fERi0Ns#kv9{x
zeA5tF=|X}Embp1ajY6z>jP1GC*wfRope6RM!^07Db`3mK>nGuPtuep{6J@3a<co+Z
zc0Ccgtu>iz$*t?L<3Z})GcAh}MK2$(4_vh)B-Z>-JkL0D2@6anjWULjjP*_H^SGO>
z&m0s-_QC8tFSwDk;<RILlCGB<9C*nF-5=(KbqNUx;h}m+6H?N>;H}xX^r-k<{buzq
zhFlO-(26r((vD@r7}`SR{{n`$=jMDC=!C7P<RNEN%Ab=_66wTpNNgo7l<uVgO3Gk0
zeXE(;{RF_Sq_pV`zeX1BrN3m#JSpfn;kG<o7_3)N$|1{ay{k{^mxn)bZ~3dM45n9*
zg5R`fl#unQhh?@srR-M8+kv7WU3VFYPlYyhFY?FcP2}59TSLw$>B_yp)842m1NH%Y
zGU@5*)UzXPBk62xY&-!KEU0gxWk7kEEIv@u<mAH4s)zJV`3!h(K|TWfe`EarlW2iQ
zz<X0ZfQFU_3CInSlKvn4Bm77Iamcymuf)Gsnu(=}tfRU5CM0uY#gh*7g0u9k^U2NY
z5%7?BEP@wxtwA|27#MT3sCz?iE!nF!gQ*SKRu|*=Y}Ye57?--vN&mV0)B51rzxRZ_
zn|~ENClJ>q2tM3c`HwVR67bD6S~p$F5okabYv;BW!6VJ!>2wjNqb4r=>B`z{1{`Q1
z*c(|A_@Z*zig#neg`0h`7a}_ZKFs)m|JOE++vA2S{`(viC!c9}ZMt~EvV)h}se_#z
zC(mUe5Klw4Fjb8UqtoVF>1V5)!aIFG$k*k_s9ZFQC$^rQsc#M=TitrA*4YUH6iHLD
z!BM+n$))aURvta7)r%rI&6ehkldDP1V+YehT1s3Ljce@pzYZT{th4m~^PxkuqaTEN
z7sM?tO;8mEvvOxJ;=rHX*=@t8=2|lxhK6U7PzqDVmQ;=zJ=)6bwhn%3Obm9lo(84A
z=(my+@uXmevrq)7+x?)cMpDY--?}P{S9m0U)EH^eCoN`*aBWe|=V$gSO;QLP$jC0~
zY!c|n$CfM9@g~Jd-93#F$=Oi2IT>bdoZL93)^P;rrD*Cc4{P$%InI55p>G6UMK)R|
zt+OW<sxROJM51?cebk@m8J!b|xX@zlAkr^Nr;YuM?#-3c`6AX8TPrR4jke8mPTd-E
zgbC~`D<PNE4CeG;X7@M^R{GLLIl}C$M!b?*MiY**RXM_Vl505(5P)3<82V;dyl?Cg
z91;>D3d(=zqyL)Ln_<!NAmZZFyjd0Sy@t6v6u>L39#(=xXVJJ#koJFABos*m{}5k^
zGk%%YH51#v+Z|%t{KrdnuMz}33g1rkJDGxKEYGht>vXv2c3?MEc4`1+?y>v$z?`ST
z1R|C$M&Ut5hV6bUlb&s-EX|E;D<dUa=PY);deYN`)09&{?5DpHw<d@icbt2FH+n}p
zPwN8}F@FE<JPkf?XI7-L_*OLXYcEdfAxQq$J{IjixFFrM5HYqQQFi@8CD4qmn#aXc
zv2LT?OS0bnp-O+k=?4sw2fwPZVF@r-r`qnwKe#!;$mP8U_rQYU=JY$SzY^&svxi<H
zl;Q~$_rlqYQ;%;aj?l6L-UHquV8G5_;r}^`JAKcMpH3TRyX8$in*WZ+@JyPrWpf%G
zZMc|<W^-j5of~y}>`!EKnu@+`OK0lGgvGo~HCPpeQ=?O@UZcfON<P}P#x>qGPVS@d
zX5-`p%!ICbvC(zab=CUZfZFruuSCR=MA}8M!fe+a*CS`bYr_6NxKbvF2uUNGDg?TC
ztk-_p==Am!ALDH6r`nRJHiuVb1L80u;>&Lu<9job4J(aeM#5Wz?ni?$*wl2*G32Iu
za+KD4O6aJiH{klc)(D)llx+*}u8AnSp+rTl(}U`V)IB!%ah-j<QJ?Cj{fRf`PG0CA
zT!Y3xI3_anUyubPd-Fba-N?lUZ$H9LMY@KgJ%_ld3@zZT<k3Gk#eZ<kuUT^VTe?A;
z=<Xe~G4oFMDMkj%?2`%uCo1f-JMD37vXEj;CJeXjaZiVszE{x#*E~-A>CVxwYZ*q=
zJTm-W2`!jQ<7<Ba7GvGrwDts&^wQi)2J)h*flR`^-SmG|PSs1?v>sDWqV5V}R!wX^
zcV&HA_z;z{^?rk^j3U6Rw}y-MH0vOjqsgv`CF5@uA?{)flDnXOrQ*BQ_$2=vx4Ci_
z6FRgPOt(>)>HxA2;H;rG{|VumOHQNCOW?ko>6XFySd}z$W#zGhQnk>g<K+GioG>Ln
ze3$5MCYRU@gNlqRLxv{*nIygaO4j1V!?7XVqFOzZG_U!l?&v~={<X+jq+OO@zhdOQ
z)P&5vR8sp9ODX|<O>W5{uuN9g_CsM7PIB3&a-ojmFr^X?a4bbmiFUA|1U;t)olX_f
zSHE7e*soe_8@L&gho>85P#?#n#1D-t#;nmTO&f}v9lFfkdImVO@g|c>1LZ{;L>Y2%
zy;zWM@ws3bOk!G<sZ2_aMNRurr#8*Q(GOa=?0ka62(?$|aU~84w9`Z6>4zQ}Yy~_I
zWM)i+#Ub;H;7lFa!k0MRWh;#kG}@6AtN`T<jsV{TB94sIjYW-zxUF%L%-K(IiVTZ>
zeyKB)isioxOv*V{PKPRen8;%A{JoffLvMF)P@TC?wQmWPsL4<`BxV=~6jp&Oi~MS8
zuVM`N&0pn?GXFCXtS5>X5{Sl!;(C_E-bI27qqjsY)7w_OJ>*yYA&WKdwBA2=5Um=Y
zggOj&3#609g(y_nW{eR}0de9cKbyDmV}2E)mfHR{*gKSfKd&e^k<FEP&oMmKPjE59
z+nh(Gps-QEqculuOKSQYSI|N;xAZK0Unn%?O~F&WSFyM^?nyddh{jS%7^ByN^<n-;
zOjOd$^5kpmqWZmlUZYmUTepOq6V26&&Eq2_9uIHRcUOxV)+uEn`%PaSA^P(_IJ(Jy
zaD0$>QU;0AD4!^@cnz6ZjltzG9aB~(r_!IA`Z}@)B{B-f<g`&HR>D5!vTM~}$#Ipg
z({s)keX4o-g|{UL?&>a{8B}YHD|as02qvhPqsW<vVsQ#_8td_ntrKvzxdy4a8FQIc
zhqcA_g7^wh3%sew;@!N)pZt?;wA&IWJ~s(#SPZqbjH^(y$Q?`%6X3oIY;;Wz@s^2(
z?0t&2PfkyWILTHSbE%||<IYtUrWhj}VvED`Z6#XW&*aTtpY7G1e$XJYP9S1U{*cjV
z;lYvlroUcC76Fay>4;!L&<!(3BJ@8V$^~O<3D6WzS+3PPW85Nk)%N5XSlu-gZ+p_V
z3f#Zy^mthCo(sWjS1BEBny8#O_%=BHthN~#$kDc{SHE(qx6iJp{zizt`M}dkU9R+V
z{wa>SOCr}UHK+SOXE;6Ue`?Mp-<BOF+&3uuhG^d8f0v!NRYyt#*W5h}T0(Q#*gv;@
z@qZ^QBxyJA1i*hkHN{BoFqDN7&V+^Hed@S~T#3S!F4dw?e?|H1yk^7SBgX*W%I4Pg
z4-OIbE+OX7dToY1m`qH)OM5fH-Dw#X6e1S2jrg4<6fSb?6%XRTMT&4t{JtxwBE}~*
z<0@*ArxfQ?jl7n68DohBj+@2YC#%c=0(c%r#%Z4bA+U=%YH(Z>KzG-FV%+o-*C}px
zJgqSXVLwhJ!x6dxkPS6EC$jDc%@wH)pDsrpB3D2gU)qhiM(Ng!GCB}Rf`tNVr1qjs
zP0XjH3~~~9APqu6TA2QY$)lXJod6HYu$1b_VuL>o!ig(??~YtbufbLjfD7xl5)Q>W
zpyrtvyg<QOIYQ$l&Z$6UI2X9%Bone;87k2nu$|<R_U7efYVl#R14=<jXzgh_m`X_^
zGO<mm1dDri1}C^oXtJY8e1q7=%^X+{Wec2!M`6j}*gQF^NFYWTlA>2CdrPc6YNDP|
zPtG$1a(~N9*mo2cqgRPtE2n!snypSjtL9{IH*r{OI)43FU#Tn<ej~W?qnNCu>%EU2
zR&nHJSc5Q|^s8Ah;hITciur)0FFpFoQ?v@=X)nP!k2hJpfGPY$>cTz<qi>5^5+Og2
zv_6D+&<8}`uL3PsY}`hRi+)Me0A+{Q@JxViNTmpxm`W&-ka4r|VLUC|%;ES!SXS#Y
zc1^P@en}=sC0?%xc@T#LM5a-bkx}1f@nRd#pk`B2#wN!`@#dsPR^4=3hL%0ey6<UQ
zjL0*?$s?mhCW>m|ue2F*Tv1ncI>@7gR+gwM_>`9ke!>aqht38~RFo)!4_U-OF=R}W
za48(Ko@WyvDx;P_<iwx;PJe<S-jA<X7$q;g1p}Ys(h;@z06e^xQoQ%1pHzAwuqWmy
zN<fH%W}~2@oF7e<WrOZa{L?ia`}c_}+$aRZ9R9GrE#;_DS?+yQ3<~TpOBqh&LoVr9
zSWX_*<O8kQX94%V#d6lADYu!1RB^`({2+w3vAHm6#K#a>yZ5uTr4t}z*C3+Jt&;jX
z=y%&S3ZDDTo6_EKfCamG2=g6zg<?gS`@2qwv8#V@PO4eo1>C+*s{FpN;RwM@m^o(~
zAhnkYkoyNW#3ok^c-&)nkq)<4_ymkIi4ZW|`tt~pvUyc|t)4ecd&Z7E@m(F%+k#JG
zdZ0Piwq%k{d89^sNiuyDm#UKX!X{0!l8O0F4qy~8FdPHxEi=CAST>2$=4mMEh8d@<
zC=%*l08S@9zDl1GLqYF)14p_g`u|Y%J*^b`1P+Dh|CMmPQnQd4ePS++9`ex$5nw!3
zNFVqn5dxu3M)RY`M?<BF4M&ZoiSz3Z=aNyHP1}dA6340m_EZ+g&YIZq!ZGUtq(ydR
zR-UP%1K%|SA_aG&*dS0;aa~f+Qq4+<Z_d5oy|^7kzw(}isM6e`;81gwe}Ces2wlBR
zd1Pw8;C8*dOi{ORJr2J?{Fe9{|2A9*+Ub@n7C(B!`zn8jeYy>i$=XcYPRDv+eI3%+
zy$eF#6u(}@Q~C!7c^y@2zml|(Uw?+)O(sc<N=uB64#)dFi%}Ph+X&SQrO61Psu4r`
zDw}#)oB?+dfA;t^u&h+`sl)sjxsy=K`YKdV!L)c0h<19hpCF>tiYEPSvz=db{6?SO
zFGRvpt_c{moEbUv?@?}4|G~i|w6*C6S%gWAL7k<Ip$#`7Ftl52`CrN=|KLU^WLGIx
zR1MM9#rpoiB_=(}_F}4G$I;rk9vX&^w#ZwYQr6#t6sh|i?N%yP#7Ryr-hFY;i(1dU
z(jAQs*J;~q<9nYQa>yBlKE&W9<fM^=^q{}Cs)RCVv(v&kO!YX(Ow;n6c7ZxID?9-L
zjldLPtD=YeLgpa#LwB?>NOa>+;Xwiq@C-+Lcy|+XmKFn37|nnEoT5gRR)libhYg$M
zpF)iNIYP(;H~XXY-JFK2J-X5V!P(8bhBtFu(1|y%j0DFoto(5u<Z(sN2iav0Znuib
zMcScE54=QI#`Afq4-snN_rG9XN|Du?HI{K6Es-koWc8}Kl%hP>vL61W$OZAo&88dT
z^CoI$OQA>HT}+XBS&3nd?BuR#UbILpc4HIL_BHSyM(d?U@~4TzhLC7>RFE_5uy<}4
ztbzbLxeB4OQ@az;B}$swZc*%yGFjhrdQs$c=9M$ajU(%V^4x5c7d6RAwu%w^!0N(v
zx4SUiFf+FwjRNpz8Ubjf24DKJ@EUTm8GdHWkGZ#X2H>xptOLUzEh<oNp0GSeQ#5k4
z+_!VLlY67niza$$VmU3dv(@lLq*9Moid`df#7HV<2XPlDN$(ZOP)M<(VlDjuv1)Wy
zd7=Ym5L}|W8_p4C^(b#lD}$jHv$|QnKibMKOcrN|%rj+xE`G576106%ye(HNWUtBq
zpBCGwY|ptdlW}!BPK^(g{fkq2%U~t;W~4uYIK4z@?mquq{I}T$e+utL=gF~jx6azT
zf`-;lMoa3l1wDDvU+p}i{DPCoO>+H776c5+P{BD}7p3v!etJd2L~A78>IG=CwuprI
zqwdiY#lW2m<r7j{I&w1;3@>%c+39W{dc`~A&P4hrn;A!;==W#Qz{=Ul^JspN@#t~E
zE!VB+TSioVf&n%799wEc;R~nF6<4J;8WRk%Ym>A9t+q9$qQylqG1Lc5LC(p97d~aM
zj)z=*hPd0$(U{B>S(?Xpie$l5;cJ8t2m<YP4{rFiUPffM*M;Fl2$34SX32DufI0`t
zkV&);=(h2W)^nZ?Xj!q0dY;sGwRa)^Ky3UI{k&7wOIB8q{1R0%sowmz%05KOeb0m=
z?0O$fPPK}z+D+hxzZ<`^dhe3}XOWP4cE^TPq2tfy17)lQ*DXstfu=dN#oj0Ku}{U5
zzwZ%E0CM2yXetB{lguxbZUqb|w;65``-+n^06<<MXnAO3^_-SPA;M~(ak_yH6p59U
zON5kis<qRRcS(pT7YbGJ$4z47NY(Eul8}P!!#t^`retX<i<rR+cylF;U=T^8YC>h+
zp`((8So2?!VSgD;+)4g#lve9ODY2C>yb_Nldo_z^v_@u`NU-vauG|fn|L{}IL?8g>
z??;R@T56{3_X!$VcBwF%UBV@MfX<y&>f0}cCDv^vT^BzkRe(HVp6$1ds=bbBUu=^H
z`pZE(nVs^!|GjzPOiI+fkZdF@4FJ?9M!BI7u=65U<iMaLw=0SyM8hPC-h86Tnw;HE
zJCsMm-spcqTz-ul!MBX&;@x^i{DtAc7uQY)>;f>2`NQ{0(IOmEbv)X_%O4Xh;STUw
zpku?IG0Vl1jtcTbl3b8##O5?`X>jC&Mfw<C2dbkDn$%PEl%Q99^GH83QpX}4x%Lce
z#T%6C(4|U2<6Cj^L`bcC`LPKMqrD@CK$QH8N%SbaGRE0y#7|s@7P`m~T0V39Lez{z
z@d)`!8FKv9rP#SRMBJ*_Y8>*>)qeib80V?mL+@sFWeN2eahxu#xz~u4W}?)L<417@
zY2wP<3r-kX`H%)3n3AgG!~`=tj3}}rb)1>9-U754Hj8#8PMRJ0ovzuUcEI;IOAA^)
zJiCe_M!zs-liOV|-WyeO126#FCSth!ik~iHYL=8?%%eP*j}P?yU4opIi*=N9I1Obv
zN()y!7VhV(P13zj58=sg89U2qqn~b4p^a|PTRcEMBwZt?ST#qZHXyXhU0D;Om?PFC
z;1GyWw%as1^x<oBrMS3BL}JuIU1JyVNs;a(6j!fjALY@!1CiOpT=5KO_5G2q`7T|L
zItnzG`*@NSwOY0oR{&T8C{0{IoP@l<YYb`S6LO0WSdHi$e$x6M1}o*!+-RDN`<F<j
zQAd<eVC$+_wHj}6zhiM<T&DHH4ZSzpyr{fIye~Z47vt0nXuSz$yFSWb0Gd75HMhag
z7Wx=t2Y51RKvfxEDH7Hl99N-co{W$cZd7^_y2XfL)*@BSr)44sa52kN5<_(c+{=MZ
zg?adMF(=ZL<_$%)4CNwNeli;3D%5@Ni>hK+ICSwVv~yj}oz}oBLJuvT<D@E&QbBLI
z1!%O+lo+G%fD@b4n8ty&5mKC1m#1Y)S9GDDERohZ`L{}QK}ZAQUvW2j-+g9uwb8WA
zu=4QWb(&X}^rE#=JqvAQ%4R(B{BoLDoAV+8`(nR+jOD?yr?T=F%4Oj;mLuil6RG1l
z7Onq)N3X}jLCg70qmkdk4kAA~*cg`a8<OV6CLhLP7lajVTZB4e4&+LKE-*0ih=eMz
z<LlvmUMG$9Wf!enVD^hCnNh4+-!FjbcC#}Tq1Y^*pL%|H!f@jlKHQdESy-{PbyHh4
zPOVD=Xs1l7GCETXJySnOW4_XTOergWM#IQt${-l6z`x++W+PbG!ESIZK^Ak`x6u8;
zA|iqyR&qysgY#^5M=o75Iuaw;5*H6%oN6vn?sSNB4(8nM&y70#T6uyC(sla6q>mMW
z6lcpGmzQwLC`7LG&R8QL(le}b{F%b4BsN5^Bqc(JXD#IjV{v45E&kgbvf~BT@A@!d
z+u%6=PzxsgS)39~DL--*JlGB(P--v*Ed0(Z#UM_9%8gq!o>0Xa#);n`0fiE~O=Kjj
zj&GhCI*c^Z86)+|)+I@G=r39PNoF=Me~t@?(@7n;h?0S0xZx@}Tj*O0>)unL$**4(
zFiWR1UHv#nXSY%gNrx}k674@7Ycp(q1XjF(8f)q58{S&>mf$%b8;rm$NI@z7VF%-&
z^bST%U(fCx5m$y3Q}kuh_C3e^lT}bYtsFu`K$&AE)`ggxRS|9iTxpN$b`c4%mYuL*
zWb6@ncxYl;S>-EMQeM5~c8Fff=do;djII~*&{_K-yye3jU?5Fl37RFV4$0PfUqqHA
zS)04OqjBP7l!?l0FQ!)z&PUxtv!3BUX{JQ<ei%ZfCONznPGfduuxF%gLWsxJmBAO*
zHGg~;^Ae$$SB1crDDmE*qY~BdVBA|A3o>Ec{SUEDeB9{?jg{Is)*W-P<9b_a$*|eL
zv9JK#*<TvQc{O|bl}J^i5EVeF^vYxTnmLCBHM}S-{Um{JONI<Rl&ZumrZBl&%yG53
z?<Mx47<DO-tz36NMpwp{Ziao?vZg7$rJv5CJ3(Oq8YfMkerLrxmO9s%yowuV1yQqe
zH&Y@^#|t3Yrj|Wr$lo)Ip5Q@mjTE<q7R&XWEyXXd_FXvi{YH!*70ZXzTUdyXnCGG2
z(;8MpNFNFK<d`-5#KxR0L)Q|g+6CoUXXV5hH?(vTHVK-n#+Ft`jqa|r)$~%tN#$5|
z$4W>uvRMVAtjQ>qZ2?aWl>3wRrsj%r!^$H)=x3te8(}qSbctckaiQfEifqOIgKG?R
zn|<By2!Uv`Wew*{uw6L7I8DQtxKGTvvMfPc*==;wFzzcxloeINtx-nN)wE{P(Qs!i
z#?uGv#3=AHJxG`iDLlRrs0-6)q3{v=Ae1NAm!qH1P-(R4OuVv^l#>agaS`BZsG6<w
zGe*aE1<dmI6_-Bp5UvI%`%75Gz*_Nt4=4Tkc!t*p5mn#oqxb6t?feMSwM4X8J>RSJ
z+_So4$9o^^aZwll%7Fb`GbojybmJ%BK>m&<KLu<_Q;hdWPU>H4Ykg;}tR6&5puE1N
z$vmX&#V0K*j*16Pr_(6FN<_9Oph{b#q^sM$qFLG#EnP;DK94?OgtXY8WhVOeN5jMt
zx06r%9$B}Em!qsh;Z|}ldH1#ZG9ZCsc7I?Bryq)Tr427*^-!r`pc>N)c$)WJC|zh?
zJaYn!mVVh|Y}<#bk_4Hvu?Z!(rC(zO{P|6c{=wlDWH@KjxyUqqV*^;*T)Gb1%QdGU
zS9*y1zfmgx-FovzzrexaW-sH;3q%tiefh54rZH&VnJ<g#X3+zV0L(r7SU`Kl1ALRq
z^`yxV77j?`s(KD1vHSVB@!TzIpF$KVY3l(MK!~}iTb22Qt#+^Ps!)<5Pu!Qkhz&vz
zN7bfsGkOaZ(CEaBMAxDy!gi$plB{tK9nleRst}Vb3lAG&Gd(WCnaxD2&_F^cReeu6
z5bIZ?P1Ak>3<_cmHNG@+wS52Z<umrtZ1XQ1{P9UeCuzt~;^hzp!K+*tBuQeVsk^Z5
zYO_fC^v~&6=_KBX#dAUNf@Rrz_k`2&T+=37lO{f;{w?S+FL_Ae@%5o{WF{!DyvZc*
z*b>?3`MZH|n=EsEJx9KWG*M*2yQQ<4QKvHWX2US~*N`P1=zH3ek042ZJETzpDOhr_
z)R!bSl$bW1S6fRy+{3Py0MTaML;A|#D%oV~{Q-oNO#|eQ@BlW1#obou>eKUgctyN2
zocEf;;!_U7MrP7=r!`+3a_JI9!m__pRv741U}G4qT`|(7IP2*nETcPcM{cP9gQHj4
zvDb1<T8nx8-unpY`w~O+{vJ(s=$E{2z>Z7@AP$}ouh8-(FI17So|-d=o1`vmH60q0
z{YIuy;r%Bg{KljGKZ#*Dytki!r8LZG-2XQ#j9Yt5B{ouUH;<f)4<bPv_6#l%%XiN*
z6vgr%`Ei}ku9qG?>T5$hR;=zcb9u|;<6e~^`m-4N^0V01$42g=*f!im;1AhAN`Cu<
zagUyO*2f;@Cvhh=cn7>=i6tZbKt~_K&#~)~AmvbJ(d<rJ=T*z+FpEGZfk_K-Ji!jy
zjhNHBv<ddnlSIx628P0(<D(7v(UDunzsdjLoQ;FynyVXJcMk6~5w8UJn}~<cPD98g
zt(YWjL(K(mfqzJ%{9xOCTavXQX^O2Q&K*N(A^Js)emtc8^w#AG<x;OQ?Ko#?LUK=`
zi^c0qt3Q4XuG6mf#}WNx@KMg>bQ?5VB7XM_ncgmBaBZ-1q}dQcx>$|PN&7h&^8o1N
z;AtYS+aYfC=^0QLH6Yrxck#e9(Se~(CUE3-27Pp7|H~Duk5B5z(YAIW*jpR@tHN&=
zW1=?sJ|msp+@SRV8^Z8QVv{Ltucf!IDG<RBF5imCm}3b|h(3Hm|70=eH~cryz47-x
zf==tg5!H7Xxf@n?`l%~J1*;&IuXGW;RNH&R%5EJTI#}DeW->@cn5ylC$#7^8CE={(
zi^Vpm&pR{oMIiykp&B8U7}DY1sxxX-nOd=rnBgP_@GeOlIin&5*F)cJ|K!tdVtWR)
zK8OExLX*gMl_eV{wsHcn$F}oU)94Yq>Qp$J+6R0*4S%p-B(9~P-DC3ivHqbrlwzD!
zOnWndQE7uuNmNWz*OR2WMV~Z=lQyxzHVl$9r)E-ftv-Jk(_b1MIv!j>gI}4b_N~?_
z^UU!us-5u>v}x#BjrbfgWKzfdwfUB3-bkdqdRZ*cQ&hAYu+9BO5-C#c`L636*qHPe
zts^zITW78A$b7Wn(yakAkZ&cJM@0jjf^wvHCK0RUb|kZAEU~^_(MSinbc_jLwnkqv
zp`X?MA=&&<Mt_<A|H<0_lLN<%<wy@mado$H&f<Q*mO30~?wwDy<|Cf1V7op?^$#vW
zlQ0=E>PNNtANW#uP@vVH)OjFA6)1eM@8lzGFlTL7vrE=Y0q%;;1Nx2LOUo5|l?ydp
zDyP9T#;BEbtUyTLH$`J5k{tzR-!Ko<B<S%nGhN{>eTrq`x%1v*o6fqEV5oC@imSSQ
zvD52>&>itQIs6@r9J8X0V>NW0h*m=SA6&ZitJ<Z@&sXqph~aa~1IBesEmMK71<dOz
zl<kshTM}VpKT8&EhmqD4O-%vo`{z*3)5ukRB6c^Q>tsCvAjU>AdA}#x;jY9Si7<TX
zIl|B51sX#St>N#sBc8aU%I!x&YF@CFASYSixpL9yOY3D?^;#&B>W?j4WqeVHpaU;^
z5gr<sEPZBL`Iyh58l$m6P*GP5&}GG`lA>*FN7(upyFB7!gK0JDK|WR+yF!y7WbZo6
z9@7;~&o%vz4pTRgab_$jyD7&x6_V}fpPxrf3XJ5!Xg*d$2Q434#zZYMb9&Aavs`xO
zUJav_mud$>@uODle`A&Q^~ptqpN2CgjrBLSr7n3hEQcQ`tau7guMn?)R!Ypcd!_x;
z>8iwLNG|CPC$6mXqL(8dYrlUzijx*4{F!mXZv&wxVUkLozxRWRFN-&4DQ@p@XJgfp
zggs8%d7A~2uIDkO&+x!&v6DD^h(7&l`z3V^m9e{RFywFC9aYUkYw~Qc^KDU>snfWw
z$4L|Ru8*<?J64Tk)jN5ecNk5&7R#3FCRJahY(0^<tW#Ev(UvEuM?ry>bUaSk-l+KC
zrRsNvm3_PP&}?OoV~=2O?(xjk<z|Er^F9VoNZ%RsP0f-bWPOVSq!7y)PcvF+kC1uk
zaM)MZ>l!uzh?Cvv*&qC#k}$iJGK^i0%#I~UCv#T5Wh1~xIvYbE6BMMvPBjSf<V_5#
zo)cevMw=1U7%@b)gaBuW>0ZqW+hJtM(BrxPr0yAU-?q^HkGyTB{g1%I{Wpj5-xNwC
z?p*)&#pVB|P;h-=W+}>Ux6G%03HK=9!$NYdZiRP0H^$g0=92C3N#oVzX%H548X=i~
z^3NlJRS073y0c9ZSrVM9v){*ZTW?&wd;gLOce{``<BsfU#WaSF{QDvYmk@wiMP{@X
z#<*@hIfokouNU4Y`~aZ2+mMG1Muj1M>~|g}4k_c!wN*AbNRP8EiFBpJ@faQz_S4Bt
zMk8JN_*2>57mw^It}B`sWwN7#Z_Z>3S;OO2J!l-LeZC(scD`HiZey1GVkYpIV{@GK
zs9b=C9(_QsD;o)SW00H0=Y3~D0;iRzNx(-o$`rYWZ2cuhi`xhTNj&Is=7Brb<Ib$V
zjV=$>R+6wHKZ$9lIV!l3fP@hb0_y8*LAnL0%>hb-<xEQfT~wcR(Y0|(C4rb$@oj)(
zVD+t(WC?mo5v{jGwduWPPZTMfi;d<Vb{dvkJ#)-oWUAJ=>L)o%hBSU3tq?FV2#a@L
zLrQTRu@befqN_3nbh6LcGL^mX@5HcVgrhKdxGapV4#Y<hr}~9C%M!~vV#t$57duTs
zU0AXL4wN;2C63ACj>F-pe%UbchCh)MeRP2#+lfSXM%-ng!Jb8vBiVre;DlqZ5^&!(
zvNXo3!-tLWN5MS8?>ps@2(__s1H)|&&4@P?Bci_aT6jDG$vu8l747D3qJB0Cx1eu)
zw5}jM(E085>k>=#(|`~TJ(ICkmvJkuZ&Y&D%y@Lpv1DC*uNT<%te8{gikCAQU(me~
zt);cEy7Q|ATQpi(t_&^UeX!yz`z3rg&kmxZ#3wfRTkN_Q=?=nUV)$Fi8sJNutRoM`
zBqAFbm&Zp7q-oH!kCIt`M^;uw){^#h4zz{smPdW~uw3(EqLSBbaW6+!-wDA!j3_?#
z&o$n}HQJgIX4M7;FnGxC1HMr+yn|&_=kq@}%0E`<<8nk>T7EJrPvPquONz6o#2>?T
zDP=wlh(v_%)A6cWLv2fvd)`>{LnX>v9=y(#e&OW(*jiY7Xs&0>wGhq$5n|d)e?N0z
zxbt#{=6uhjNX-T~Wn8}^c--)Lfavys9b0Uoz;vU^-*<zgG&5Rj{Qg|@D>(z!A~8!W
zJp;AwC4=ase--GScyZ`iF432;eSjMGla}EI1|9zQ7(R@qAU_;`R$hP<?#BiEYjkp;
zVV!iGUq^P$LmcPdp>af6g5UNU_{iI^FCJh-43Exe9Ne9=YK!spEa{@%F%9ilvx_g-
z3^M#eXYxk_<_?7YExWL(u*clvkV+>WW{i(wFd+sh()ey=#A@G0V24p@T`b5BY)=Pz
zZ#XH+<Q;)}fRE*%FRW#xyNdDmTcW|Htm67PNAx1LW7y(i2|_c1)>1I$SC`#;8i}jK
z4f#G;E-^`liY<jNOwK_=uQ~)+`dfsqyQy6pK~VjO6V}8y8;4-mj6>?4t3EY3WWkIz
zVn&_OWwNjXNBH$57Mt}6l{3ntp+DBHKN43WH<5^h9=_9?@U)g9qkz739QYJ@WJySH
zj(%*^$Z5)b;^yj>+B2D-@p&ENnmN@S_UUIUDh~;7t}BbSg|@73ON$Vwy=?Nk@{f00
zvg~4ga8tvy=q=QJoHyguc@sbw)oi$C$q=ifoo_$$QT(0-mXt_`y8HddV}Ut#Vx$F)
z+ymML4mX|;6DW!aZjtSZW`<haeAc*Aym)ds6=`KTw0&!$qUz{-2bF-&45}5$#V~R<
zR>Eui>eO!^L5n0Jb<Gg{Rd&uz%}GzagOV`70o^ybopcbM@`huBXx!FAHc>=PvR`PL
z@c$K%8E@tW7htmJgBMi{Dc1uBAoWel(Pz{VX-`A|Q|OMX&CDTGSBSAl@<alMo0wF;
zm?L0L!33*MvjJwmSX_IQrvbfB(MLFtSBh&uFwrntM_=rT6^H$9I*4nNf<h_4{{S(1
zF9BcN9kBBQ6+rf7bgV7E_?dyYf6`KC*#7`nZ5b)A>Xq;NJx)}7Lan3sLjsh|{{XsX
zuyp?bWDS8hKi*nU2Vd_wZTQP60~Lui!KOd1I4=SJ02qtIS=B$pXrH+LrReTsF<tkE
zaChYsPhj9!ZG7hO>$x&-@VMJyRmJCOxCG((g8u1BP~LKjHQveqt2|n$WBJ&&VDpwX
zfDd|`%6+B)Of=BWAwHt3U$QMs9%faes6hLP1f_SmUIXej7z0C(Q239G!M0ms?hkPS
zvfw#Dhf>cpLAy{URX*~bBkm<X3~a~TZN@(0y8W;pSdv~9MnT*02ee7sf<*y8;Lg<f
zoOSmO^8+gRovgH`2w;_#{z=J`eZOQ=aM{f*3@a$7++COXl(MVl1SK|)nE78Zb1EH-
zvlhUc%%jZ5n7fsSQ!jAxOWREw{6*IP0A#z&Q<PS%Gv?)a{lh>Kf-0aZ5WPTN$#R+C
zOiWAn5#WzpdZ0TWsCE7(9--ljIEWojLHUVJ9~TUl90YoZcq@WvcJ&^~L<cwZ5NiIS
zF0blcb@XTYlo%2LZH4lc2J54j)a3z;e;%WMT;R{@67Xi}*K}Ho{mNWEV-1~ql?%1d
zvep6Nvc^m4!p!~19lxb1lK0a~pP>Qvikx4$2g-L@LuK`aJf4tcv$RAp_mA!ju>R8}
zWAmGaJt))tlDaZE!v3Id`M=ahli~jWQx1J%{-An^yaH>MA<cg%8W`lP8DB{L=QJ5&
z@)bNwgd!&uKT}An2|AVcEPpy6sHdO&#DG8f>M1Ez_Jp}SL*e|wXcxf-tFj7zmS4}r
z%NdztA98a3)VrGe&UT+^XZA9KndrKT8zt{7bPB!0Qndhf%S(4V81pMzi59Z%pdTzi
zLw=)nSc+;fjlo7WomT$<s8ff4Zfn<=HGtu!4IJZ4vVv_@%nhf5Q#*!TvIsZva_eH?
zgNLXV;#t8QH9lWaDN%;ED&YBvO+kg{6D=?bW9|gzSW^+J7zK{5Zd&yZGNlaJD&Zgs
zsr3UkCyI)!@8bPHaW#>_T9!C{CNJ<x0WIRQEkPFGqe0tzOOv>wm9cW|gjQ=r1?<n}
z6kcH5Yf(iOs)Oyr3E{<M=sJ`L0KW+mmBt)uGzMeT<$Nw<#l57c{)p457F-9+shFvu
zeqdVmj1+$y%&;1L!4)#mW#>06&Vk6q6v~Ta?{Q^gPc!Ck-=Go0O?jxis|`u_QCPph
zFz-HMpnMUKGn$$`@^uFMjh3{N>6O}!F+=^#B2-@S28L0o@-1-~n}Ye&Wy`r%@t(%m
z8W()$F;apl7k3;plxb~x{{S%ZsuAJ6ZV;npL3~`iky<=fV&MskRxO6zHHZ=U5SMq_
zWiRUg0J<CYAMOZ@_+ZKSh$2mKh%3<PI}h9|e$b$Wc$$b2<&+YE8GFGS8;Yw%%x`~)
z%ZPbp$zTI0nxq;m8C4Z(BBBHPC8`#wmatBOwT|>T`DJxL_5y*U5rQ-k8xzG4e7R9U
zO4D$i&9(Fs!z}w}CmvYS08+3t*SI3^aaR`RA-H76tK4eY_CON;>1h>F7C`xoE&b8D
zv1Nm>#j=dG0Paa-;ZWS#w+t_ff@m3JibD)SY#LzW1B#SE+Z&z`7NGi;&}n%fEB@lx
zKA~zUQbiF@#7$8p8H+Sc2?T+Lx_~m3s!&C^1<tis;%U#20d+G_^bdXbiT1YcYb1N-
zOOTsa!|gOMQ;Ly59AY|%Wo=?F6Uq(`P;hn=6Ky2o<|v^|!|rO0dC>T|%)rMO1q5Nk
zI*KY%^BEPAGFbBr%@({xVtFK_rcJW6sV>b&7E}!ar9jr=B=;@olmn9|Cmeod5JJHC
z7l<YRfSGsd0avQ<tV(sLsH>@XA}E`8xUlh*UEFoywj0_YlIsC{#H~^1P|1`W9%G%|
zZ@AiWnVw?sinYTWoH-+R19x(j+EI);3=)`IHNQ!u^$wW+64+QF1DabD+m7lBLL*59
z5y@HcIEU_4k!B|d3<0?Wqy`X8t2;2ed`2g05Bh_pWOT8x$JA}vV#3hs;@*9iHm?=Q
z2zS>UR4kdxQAB8>i>Atrk(sP`ji3!K^pVXDP@Q><v<=#tNni-kT}5yxLcMS<JsClo
zn2M@l8sPr`*mSoSx!^`<hD<=q%2O_Xa>NQok`NW*7jR<);RH*7KBlxjrMX6Q#3r~v
zT2vq_P&<}JN1a)*{{Rsc3jxSu1x;fbQTRPZ8pv$YlSkJsOlB#>e9OCtinhja5Msr>
zUQ?-*<LDnbiG$*0UgB6eH1FPEh7pmDiJTbG<Y0uVNrAa3KZ60*p}tB5xtLiPg)6ZP
zcQ{N#03H}kjvx~zDV3QQsI<(XTPs5MF<r$O;$VPd-5+!6Wx;H(N)&JRE&l*$GomXd
zHu<EM#6ULed5KlTWTvxFriuYTaT}+0rWr#NZ^IXOktuKrcj|X?UNIQ+OuQqhw%xLF
zF;O%S#`uX8-vP`B3&N_FqcNkJjS+#niP|#qwMd+-?E^3f-IB6*Jrfxl85k>bCM8#3
zCw4??p{q=7Fnpp3OgTD>YM48o-^A#38VY~xx{JDqpoq*K@MCMlrU6v5j-@VIblW&*
zZC;}23o{kspcgEuzzlUe&a290_<$qERv-GA@&Fr|1(sr|(qd#vAWibuyC&DfWhQY_
z(sHczEE_q7?t7G{s3e@rH6a=$!_qt2CooyH{KUh=VJmkSBQjoQlEZn75|&XFL*`ET
zyi5|efpA_6Idkf2b0NGDk+?Ri-9xG)s4;VxnNJ18Ww*Aoqu(B2EKJxjaF+i7ClgtE
zqcDyYLU>?Kqv7I)qSiwK=S)*L(+1U!pz)S7H%o5f1;?n0978~<u4ck2SfLdc2r0x3
z!Awa?!DuaB2y?c&h`5!J=c{Jud@}C@W0$x|#1`fLlJ>)CYc~-PCedzPM}nsp#Xu~G
zPbioLIYN#D+4_ls(Jq<fma%46ABZ84K;02Ti1-O*v`%JRLXj%XGOx`*9)XxLT3Aen
zP+$`VSPLKmpu-MQ48i-A5RC5_Ez8tK2IZJ?CBPKHFu=Kb&!!>hWgqHQfO1*&Ga9yr
z>-R4{+$yzc_Z2I&J6X)KOHe;V8MxW(nc^pM7>BK)LnlQt_j2-npc-<ZJjbL|ZbnhW
zM0F@<f5CuSicP_|HdRbDLcSwg`GrJuBiE?z5e0GX;O=9H+j=Ei6C_H+ge5#&$OI^s
z2>B2oup9usSzI9A0W;=k>c-p$If{Ar6G{@iQXwogf@Jq9)n%3wCYp?MLhHfQA<;7G
zoc>A0Uje3Kw2smf;Fz`i8NnNmB0mw(iz9(*7f{>^jKstzqGH4}n6oKy*AuA)iHNtU
zV^Bi_aVrs`p>PYaWMI-dTqOJoz~U9KVQgRXEhJuDM=<eK3nr=v9J98LVr3P2BeQ_b
zEH_mxJw;C`dvMi$qg4pfa`WqQ{yA%maU8H>DnEc6FpZjsfgM^VYL~RziI-;(ZHPCi
z)*)bVDy&2;QH)|-7|YKv&x|yH+C~2W3!wpnDRZihHk!VtYViL6?SGhYTXa$I9mYjg
z^@VQ_GSsq3)j#rmMkX3=Z~p)yBJ8EqOEmrwNLr{rxXteY%DRo6=A3NAAXm%9J|5xm
z0%?gvO`y^z;v!&vrHzg}OD!0fiy;lvtOi*0N`X@c5mq6fRBlk5h{ROOFjk@)wF*_7
z9Jzgpqogtr7Yh&t1?8eMGT#%Lncv72Yk1|3rB=FM>3n?k0~O3z0pFLzzdMH}YR;m0
zRgN{pu&TYx=Q5?R4j{I9SEz=~HVZckKo)V!QR(X=UTTMd8moZIi^ML?lB@clukax0
zuhgsw=#)?!fmwp-#w8`OmDS&IR^?o<Mj2SF&{7gnpNNfsl&lD}Cf&>b0P-ni#4aQ8
zFElr|5h@a|P_i1ufYAZl6xa^e6C$XES0!-@#h^P~e*XYa5!{QLci_j-+j5>8wMLx(
z0FZ|4a0}h95nMJLbIn4hk-U)ELin5$JE61uK-e&aMZjt)bcD2g0;=5OsiS}+Tg1A=
zgcB^A%45e(UZ#A%IFziE7l?xe&Jc!GS%?Bz&;~9BxMCVCW*caZ4MAliT$0xVDI<JL
zVmJ*<Dl3L?Uf@DuySVN+22xV5t;U(vrF;+#YY~Oz_Z%rIxqL>s+>5YZ_wf*kWC6!-
z)Kx9yTr8uh3J#ch0Ie}4gI7qpBew@GVv`KV7IE-@%&<~lF?NQnoYXkN=~6wB6W>Uz
zM0u8oE~YxE)(8hdm}0=P38os5S09onmK8b!hB%%U>M6*FHAv%7&Th@(Rkw81uq?2L
zMj&uI)LsBWj0-ZKQM9WWRUkzpv|0-oZc`${XgDFv28^&)t&M5#^h&b|6L{26fT_*i
zVHgHWTuL#UYb{FM#?D~$K+&dP$?Ukdbu9<b_9^mrEukVPPT?r3+bqD@3S~|iPKNxE
z461xhS9YZbAny@Pj{QsnQ~|a7hsxpzvg&J_equtCD{{agz(vK`qlgPr*#ToB>>%1J
z+%TVYM4<u{cVLCUs)jO*u%Lm~a`6VMg9Q;(So}jw^0AI678cU@l)+la&1`{FoZDT?
z5u(|R=TfL|Geices;bc%%Sxh~^#a%%mTqWd4{<7(5Sm0bb1Q0%ECcTHM=bIBl?ooh
z>b6xBLU?rs)n4a;3tNoYmCDo4%*s5&4S^V2Pi(SPhlT2H5ULkXQt^^5$MH4bdX?a#
z>It!p87N>1x`%QS6R2+N0bWpxXf811-&0}r5Wu`uXw+iBT2~J;hC#KrJBbGIQvk6o
zZp2=2H3GmG=}?2WcucBWIEBlEHjYl^`7Y1~SVse(4cb}uz@i-mAHeA97d9gLUhBm`
zNC)g=6v9|e3e#DGP-%;C5U1KA)}VC&JwXe0Q=gobp?91hk5abH2IBx2m$0<pjIkFn
zQ_8tj7BdVwGQm0X?Je0IotP2B;g{o=#B)DH8iz4r!SxqoYjWHb>Y+nMUEdPf$}23%
zrw}6qTY+L*Fkb^QF=!aUU)(mW86M6fJ-&&B%<#+|?k88sUhDnFWxd9p7vc<7p!*Bf
zc+dPyF2<H6X4=V$ff}TDC$;|oY7)Wr$1}k92sWrIrHseFdEB6@t|B^EZ{k+5jxiJ#
zABZ7l{71bF+|F9g*rk>VuB9o#=5IqIp}O-D3LDIIV)s*2)OY~Ph#rdjiOoMOuL`TH
z%;J7_W?=%khai)OliJZ4T9~%f?unlu$U*(ekt;7yjZ6K^Jf<qsP<sa{vhV?~mN1ZN
znhxR6iqdg=CDU3as=4`{*Y+}@ggl%^1ACU6OFDCLtRS_(d5`33hyEBP(7l3tg%x^)
zZIGs4MEp&W1=d)&Qr8ebW9BAwFN{YU9~TpGM%*9w_bgIaz<Gj@=@+ubR^ot#b!5N{
z3b&ZkCNaB<O1N2>S5QwkG>8FMh6s-o63meEK^m*lo@h=&T$AE0U@>MUwqR%ahlDt?
z`xq=!=AThiw{*X_M*LA9a;!rYQ6LuIxo&8uLh_Fh^3h~n<Ve`)Q<KCg2mb&8ePU1y
zy~TI|`Qjh~+H9>qnM+9t7<rFjyHdh-8%|(4rJcNZmW(~cq@lKMBB^~q4czG}R0A(^
z_dF#4-M0@}?xSo(jgMFV0C67OpE*n;%b9+Qby(5UZ4#I%&O<I~vs6WYL?t{0ST}O|
zRlcB3Tkd3lySOgOoe>(D4DdT*gs6hc_X^wq#&z9F@F?-b0WDBw>J}QlVHC|X3O?og
z{{W}VxB40QIl!PkgmHVUpK*{)y+Bkr1+pVn(QwEu%4j6NM7nASJ^_kjuo=s5xH|G!
z8YQUG`;G;QCgK<l;!3Mpn@yfB1-y+^uo@laBGR?nOmQr+uQwSe9JZIbu}jOS6}1+z
z+%U+aNkh^QsC2#~fplo`kK9g8%UB#n{F73vAi)Y}4#>^<W-#g}K55{XlpCfOE6T#*
zijIXskJO^p{EV<wYgd?wr_@yuUx@wqF&2V?uz5eZh^sf$xQ4Ydu-{Qo9FVInV)%lM
zWwFcx2a1H=-x8YK9Y;W+yv5W@!4|h)EWWlLo?zw#tmn8?02Eut)UZ1E5B>iD63cgM
z3@oh~X*B^yQBsWZ;Vz(dyMqW&_bUbi1{fFGsJE58O?o-vWdm=Ckb^i!QCp_FCZ+uU
z0NqB(!m7jo1wBDT&@K^_9bBXD3`u(?`iQj;+(iLRRlP!}CTh&VAPcAWHjqXki-9cN
z`Gz^qw4^J2#Apg#k&UVx)X-;(B88sBLUy(iR@*}v)O#w|pQw*Pmkl|KXdYGH67fR?
z6#{)$*KU7MBv!PS4It$80cbD8%h8|%wx)MT0h)^OYTH-T5h@fHG!yKK%F60i>d#eE
z4UH101>)tnVaNb@imtgbm2kPl%muA_hE#F!5gvCOVu&QALh_N*uV)&>K~`RFHdM1F
zC8k7zlnBzX>H})}GU+QVLA|?(%U-b(Q69*w@KoTrve{aKs_d8%MmjQ>wwL&raA}vd
z=3?5?vWk_-cZ2Z_ybWSrlF+Mo?pWx{p5mD}zmUNIRlB5`LuG@RXbapJ+Lf#$uk=a-
zy=8zvc21X4mQ}v)QPTuuqMb`HW01@NjYn~KYT(?(G<D3d+a$DT(wPxh`DH^+>Snf7
z$f_hTtZE=CkG2Vs_KG<X=5#6XDZ&$rh;WTUAl{*p)<Ml(B|`L!L~q7LdHa|kS1WR)
zQy^s3<`&QbsJJ=60k@V?h;By#vF=*c!CA#r1YC)w1@O$IC}K^lsbOO2d14oIb4<7P
zE@Qu{7cv!av$;XBdiac8usF>|N*3QRpr994>IXU5xkg)8bATyaTw0KEK?7BQiZu(A
zU?^8mPQ!H-K%%9NL8H{Ij*HZ9(D8}3vw9kqSzwLYTsYLNr8NpDJtn1jh}b+25jMp1
zMa4kLf#RhrPZ21VTOJHbpr=&?#go*b0*ci})E?oAgHg^dINiMYW*L!`If#}szaAnK
zKo6SKtt=?jOrWzU3|zGt5v}>us4Ah~Iwk_?acZ>%6?9gRGnOn%aOfdZay3k)P$Rem
zbT#fFM?J@iWYohllTJY@0I@BJp{==CMhmkQ4O-RIQvl$VdyqM`g4ot3a8si&lZV8(
zn{}C_r5@)9u`@ngK^wL_GMfdj5{wvHIyix{v7lo!AVmc_4ko75f}oKhWy2<7D=Akq
zFmlC$rqvLymJ?z5m1ziK8D3)y4SpfCQ1J{{ki<ewULzvLN=|NFn|u=WQVRtWh=`yW
zb>J{8G;=H$s-`XgjQS8_5q!*8yMxGiN`T&K0MPIeR|j1{qw^o!CM?Z^JPd0u?8{0A
zL#eu#UV7k)0ErfnOJJ5&Rp1UM6hjaK<~;i)WjmE&cU3p`>k;I&lq@pmFn51(f}e?S
zK*Si}l$I)0(-10Hpe^25mA4Owk2HKi$SSE>Uji{8cGN>w68nRRd|#qn0(Y2}+|Cpb
zAhxb*kMM_8@gqhVmV=!@p1r{qwQg8Ji|?4A&j9K+5nc$OUdX{B-s`xtlpq4ayg_9r
z97e;O#G^KYa*1fvw=uii9UbGsjIy&-k2HHnU{LbTi0)9sm>RW{AZDU~(XfWfm|tm%
zDPOoH3rUK>jtfaMWqx8+f0?H90I(R1-5G1LX_nblwjnWB)JF@E19oG?1O|8>CK{+`
z<^u<)H*Hi?h`hMIBeg5$HL91yaq;d@uPE#)WNBJuC6^SyWuPPUS|v)n${HA0JOy}^
zP~p_%ZGPd3#beygM`gq`U?>ejl(L~l7pUh5OU~!4$B+!ybb}gCYcs1?>J3+H6{cz-
z=q^xEer6TD7c8^3iF3B10_PH#d5&9hTwO&dJ@CqE52!y+#19qpf-OLlQGv|6N*zWn
z%7p0kE^?qEW>7Ik6G~r*M15RP>a@lb<cU|g;x?~1nO$`OMdCLwz^2#+cLMb&MyzU8
zz`W)IV8hEg97-h@ugr8%0UQ&!>%kSQHhBb44k1EbSm#3lh#XOb8qUC}iv&>dQB_DM
zRW)e%mMn}bgv?9KzLu~|G2S3EGRrkJnz$`un0tbake2gO(_+l9EfcLi;+i!CWz5nr
zFt@lvTb0cm%IHg_97Pn&NY5^1lUZ2%l&ZgRS|4yifqvjc$qX}Rh_dwRI}>z{kkJ(Y
zp#%*Xf@z4AS(vv~OjWDI0G7<FyDR}!#JC&OS#U0Cbt#ip?g@HVsX|d+qAG#)8+#fi
zA}m23W3OTfaoCPXCJdt*xkL;Bx|(O0=&lD}sLZentf0_a^%s@g6=vg(o}vphL0U$l
zh>ETyI3jHfT|fZ!6af*>6)3W_hT&T^G4l}Ng}RukmNl3FyGxig1;Qs04N4_>>Sl9S
z0kj2~id{jKHZX!1Ov=GqBNKDi+$f3E;S;1lbWVW^%oD7L4k0zopvS}z9mjxyaf69&
za}#^w8fM4D7jl;6xl0VUGP2JiJ<RVgxyu^Z&5%$j<|fMX77;LfLuepxGL*>;6aU!@
CL2nWO

literal 0
HcmV?d00001

diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc
index b1d8e837f..e007d5caa 100644
--- a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc
@@ -1,9 +1,14 @@
 == Welcome to the WebGoat challenge (CTF)
 
+:hardbreaks:
 In this CTF you will need to solve a couple of challenges, each challenge will give you a flag which you will
 need to post in order to gain points.
+
 Flags have the following format: a7179f89-906b-4fec-9d99-f15b796e7208
 
 
 Have fun!!
-Team WebGoat
\ No newline at end of file
+Team WebGoat
+
+
+image::images/boss.jpg[]
\ No newline at end of file

From 91eba2542a351f737eaf10f44c2527e3688a771b Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sun, 9 Apr 2017 05:48:15 +0200
Subject: [PATCH 20/22] Fixed pagination not initializing correctly when
 clicking on menu items

---
 .../static/js/goatApp/view/PaginationControlView.js          | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js b/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js
index 2cc744859..46239dcd5 100644
--- a/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js
+++ b/webgoat-container/src/main/resources/static/js/goatApp/view/PaginationControlView.js
@@ -20,10 +20,9 @@ define(['jquery',
                 this.numPages = this.$contentPages.length;
                 this.baseUrl = baseLessonUrl;
 
-                this.initPagination();
-                //this.render();
-
                 this.model.fetch();
+                this.initPagination();
+                this.render();
              },
 
             render: function () {

From c11c0104a3d12ed6418fc95b9b3867dbf1ecc5d9 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sun, 9 Apr 2017 05:51:12 +0200
Subject: [PATCH 21/22] Stop showing old lesson overview after finishing a
 lesson

---
 .../main/resources/static/js/goatApp/view/LessonOverviewView.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/webgoat-container/src/main/resources/static/js/goatApp/view/LessonOverviewView.js b/webgoat-container/src/main/resources/static/js/goatApp/view/LessonOverviewView.js
index f17b3e9aa..c073fbe9f 100644
--- a/webgoat-container/src/main/resources/static/js/goatApp/view/LessonOverviewView.js
+++ b/webgoat-container/src/main/resources/static/js/goatApp/view/LessonOverviewView.js
@@ -39,7 +39,7 @@ function($,
         	} else {
         		this.$el.show();
         	}
-        	this.showAssignments();
+        	//this.showAssignments();
 
        		return this;
        	},

From c3a11af20b5ba2e359e7ff01419f79ccfbcb62d9 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Sun, 9 Apr 2017 05:51:46 +0200
Subject: [PATCH 22/22] Fixing challenges intro and challenge 3

---
 .../plugin/challenge3/Assignment3.java        |  37 +++++++++++++++---
 .../src/main/resources/images/boss.jpg        | Bin 23340 -> 83837 bytes
 .../en/Challenge_introduction.adoc            |   2 +-
 3 files changed, 33 insertions(+), 6 deletions(-)

diff --git a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Assignment3.java b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Assignment3.java
index 5d44247dd..749db2fc1 100644
--- a/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Assignment3.java
+++ b/webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/plugin/challenge3/Assignment3.java
@@ -2,22 +2,33 @@ package org.owasp.webgoat.plugin.challenge3;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.collect.EvictingQueue;
+import com.google.common.io.Files;
+import lombok.SneakyThrows;
 import org.joda.time.DateTime;
+import org.joda.time.format.DateTimeFormat;
+import org.joda.time.format.DateTimeFormatter;
 import org.owasp.webgoat.assignments.AssignmentEndpoint;
 import org.owasp.webgoat.assignments.AssignmentPath;
 import org.owasp.webgoat.assignments.AttackResult;
 import org.owasp.webgoat.plugin.Flag;
 import org.owasp.webgoat.session.WebSession;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.MediaType;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
 
+import javax.annotation.PostConstruct;
 import javax.xml.bind.JAXBContext;
 import javax.xml.bind.Unmarshaller;
 import javax.xml.stream.XMLInputFactory;
 import javax.xml.stream.XMLStreamReader;
+import java.io.File;
 import java.io.IOException;
 import java.io.StringReader;
+import java.nio.charset.Charset;
 import java.util.Collection;
 
 import static org.springframework.http.MediaType.ALL_VALUE;
@@ -32,16 +43,32 @@ import static org.springframework.web.bind.annotation.RequestMethod.POST;
 @AssignmentPath("/challenge/3")
 public class Assignment3 extends AssignmentEndpoint {
 
+    @Value("${webgoat.server.directory}")
+    private String webGoatHomeDirectory;
     @Autowired
     private WebSession webSession;
+    private static DateTimeFormatter fmt = DateTimeFormat.forPattern("yyyy-MM-dd, HH:mm:ss");
+
     private static final EvictingQueue<Comment> comments = EvictingQueue.create(100);
+    private static final String secretContents = "Congratulations you may now collect your flag";
 
     static {
-        comments.add(new Comment("webgoat", DateTime.now().toString(), "Silly cat...."));
-        comments.add(new Comment("guest", DateTime.now().toString(), "I think I will use this picture in one of my projects."));
+        comments.add(new Comment("webgoat", DateTime.now().toString(fmt), "Silly cat...."));
+        comments.add(new Comment("guest", DateTime.now().toString(fmt), "I think I will use this picture in one of my projects."));
         comments.add(new Comment("guest", DateTime.now().toString(), "Lol!! :-)."));
     }
 
+    @PostConstruct
+    @SneakyThrows
+    public void copyFile() {
+        File targetDirectory = new File(webGoatHomeDirectory, "/challenges");
+        if (!targetDirectory.exists()) {
+            targetDirectory.mkdir();
+        }
+        Files.write(secretContents, new File(targetDirectory, "secret.txt"), Charset.defaultCharset());
+    }
+
+
     @RequestMapping(method = GET, produces = APPLICATION_JSON_VALUE)
     @ResponseBody
     public Collection<Comment> retrieveComments() {
@@ -60,7 +87,7 @@ public class Assignment3 extends AssignmentEndpoint {
         }
         if (MediaType.APPLICATION_XML_VALUE.equals(contentType)) {
             comment = parseXml(commentStr);
-            comment.setDateTime(DateTime.now().toString());
+            comment.setDateTime(DateTime.now().toString(fmt));
             comment.setUser(webSession.getUserName());
         }
         if (comment != null) {
@@ -74,7 +101,7 @@ public class Assignment3 extends AssignmentEndpoint {
     }
 
     private boolean checkSolution(Comment comment) {
-        if (comment.getComment().contains("Congratulations you may now collect your flag")) {
+        if (comment.getComment().contains(secretContents)) {
             comment.setComment("Congratulations to " + webSession.getUserName() + " for finding the flag!!");
             return true;
         }
diff --git a/webgoat-lessons/challenge/src/main/resources/images/boss.jpg b/webgoat-lessons/challenge/src/main/resources/images/boss.jpg
index ec432e31aa710343ea08a8602b58237ef76f2141..3fcd1c36e2bd8da589e188f256d5ab15c668b6f7 100644
GIT binary patch
literal 83837
zcmbq)1CwSy(C;(Yv9)8{Hg;^=w(Xf6+qP}nwr$(m@tyx$_tyIXZcgV^r8?;(b&{^`
zU-$W5{oVy2NQj7w0Dypi0AfE6;Cllg_+RV)tNbVA|4YDsgTMO$h!8;OKztxThyY+j
zAP_{L??C`A000CE^1}xFzXAsO3mgI%1QGxQ^~1*o0s#NV{$D-_C;;deFc>(*_c{Ou
z<cEy_g770`;6ztA(Zx|6aAV8k>yPfP^3NQ|a+Ncfz#L8_(?&)PyB0F#h}9-rAzK=@
zBVSx{LoIeTmee^|2krN`r?D2?FUo96dg5ug&S8-*8MWz5=E{@O+Be7erA6%+nz;bB
zda`eTik@tOhdYxcGf9D~?A$-ns9&09^OP`d%1Hfl)KT=n4*d=R7(UF$XV;0l7BptW
zFS0o0A8y_G|4i{UtLBqi)%14T0-y+&GAF@$iTgF;YXA0G$0HX$9-^(FC~p5P4DiRk
z=bilgnDD#cPP54-sFO(iZN!x04m(VC?6+s@7b{R)Xhk!m<cwf1hOKlIG<k$-Z*&|n
zgJaY`9ND`y$78=-VIPpAC>0q`B)-<bq>kNrne-R3xR0ihxlX!>fF0`d#Jhgv7V&M9
zHx!49{Es<^!+v5VBQqcObN>!JegLe5nr0aJIqRKtb-9BN3`yFpg55^nK}BNpvOYU@
z`w1j=gk~hl=5Nksg!RL%hSu(&at)>$`9BFZ+#SOShUUne5Wgqh6Q(MGYxFay%BFf9
z3C1`Wqci*LOI)WfWBxGg;5%gRNQR|NhrW!v2xyXL*2YxpPT{_{5J7L+?bw-gED#R(
zN$32DsDB;E*7bLgT2@3K*n%UJV(f-a5%0sLFHGL08cBI}WGjBS?kI;nWb<yOkDyCi
z)hE`-KflRx$Ng*A&0mDvor39qX#h;2_p2TqEmRHCuQbjC5@5aQoY`o4FrV0p8jfSo
zPEq6$mMVRMu&h^KPmV)?_S!;IV33rmAmxM_GvV<PBORF<kxF{Bz0wz(rQ>i2PJm*@
z=vV;05GH|Ii*{NzW{(TLxAP~-i3z0NCD6*!lRy6tp0i^s=~Q+DyBu@!8RYz&Bxx>=
zo^<Qe0rBX(9ifu=v1Y4HxYe9kJXGniheM5Ij1h+j_K3}d<;gg04J)F%P(DB_^YlJD
zlM%(H*R;BZS_rd{sVtcI)VL%_SSxn1)5w7#L1W{uGPgo+#-P?wM=y;&kr_?nM2#Lr
z6vjKKaO7d%v6D?gewLF0v40uxTK2PjRL~;G2~L(PauSY?o)t1ySr|;`-5qW$R`hy|
zu!i}=AY)qjMj`{eer&YCg5R5H8!nuSNE{8!q^UDx<4gZ^1xU>vMy3<xwQUDx8k&<B
z7U~+=42SiWf|V07E9SN<DVw6tZ|4Jou>)Za=b_`_0Vd8^#wy31K@WRcbbV$|CzMs0
z-ZR#8jJJY2{|~npr$apocBeQJvUCw&(6xsCjC2o8vG7EbB~X(FOylB<)++W4;%CIc
zLKUX%EFJb!M$Nw>4j!1JYDbR#16k^7x#4n_S-6TzVX(RHF;)-aOswDy&d6e)OO^I)
zD#PLwlKj16=A5PI;T$*4;8+*zzD|7ntbvtJ4*4Yu@aL_eh#{;eg8rJm^nWK-V6DoW
zdpjYUg&J*nvoT)#^sm(AazmC)Gk6u3fudq3VkT?E99`6r7cCOcjj^+&-Gg5Uzs76F
z_PkjbaNKcEaTa3aZ+~0pYkDAahwSs^)gBA$7i0UFfCTG#J2C--K4!aJkC#f1DQL6Z
zLxPFFQP9rj)51>fu$><`iNV5%+@J`u%ynlzLd8Rl%~p12?<&1)pP`Hut01Uhw*~4H
zZ@D!heTiik^hyV&d*=2=NbpD@Flrjo(*wFhxcy)RS4<hG`lo#Z)w`TYA<!#Bjzcn@
z?89k51d(&nG17OFPPux|>7cQprUUCC-MO}ujvSrR78Uer;)1I@PM%~1DU#Zy89#dg
zlLSp~@%XY(WQ2Yd)<}Xucwp&zWTbMCkcB#e#A-y<9+mFdejzM#YFg9e+4(-${lbSx
zOj0B@C<`K!Oq@;h)%;z3QT3hbLEEP&h&lXji_xMTm_*p>mQwPbMRJ1bGur+RfHqgA
zV14bsz2Hk`$n$?XVEHMzPq56cnt@j+$}}O%0z)Toue^)=?O^;uiPd3GiH8dNX?KT6
zn;r=c*B0Q@j*$|xjEn*0p9T1?@R55VQR(#<dhd#KtTfUpKqpZ8EcB7U0~J!pUcpKf
z1!d3Ro6d#(z5erdXY`+>UaqOO;6S;1?|ohT3O$y+7d0?vDDyU5q}luzY150rwR~bz
z=$>QhFtuJBqFO;XHgv^y1?KRa0={r=B$ESo#o44Nc*vD7*r#TbIP^Zz?mAAG-nDLd
zy(RtQo!rTFbORHP6D(7N7mz$-4hiUd7*g>4Oaq^rBz{au8n+{aQRC7BH%`3SbYfbQ
zB9Bn!+j~-ga|WSdOpp+$8!?l(_0;2|u)?L1v_P=z*9Fmm0H+a8u=dw0%BivSRc(|E
z5a#4hJ!umW{oGTc;Rzj(8jy+s8-^CBo=n$zoJNCQT66R+kixEA_f*(ICMKG+s8lxx
z*xc*eq#PkBi~f8wJO>9;5T7O{Ynhy!eKg0L)os5DHbLl45)-8tNk!<YBn4LV_&Jw?
zHt?3eX)6U~h{^Ct^xHVaDXA39jJ*kV(lvRMK?8aEqz6@dsBB*5twnuJI6TBBAeiUo
z2QKiYGXo(KZL1bxn6Y(TKr_i($K#^XLeu-EDtE`QbcKCUpb;s5Hf@+7wSotF(RD{`
z<Yv624tvqMF{F-mb0L+k8kO~0I2)kO7KaJQ=;legTX3jZ8LRyId~k-1%^1M!RRoWH
zPJ)LtKZZ|uod+8D`NUqlIWX5I!H9snKOE1b-oGrmZeGpQ_G;NXnhUV>GB=O)CS*W~
z8H)<-ch@qMJ`ExoGSo8ai$xN5(uzoG)@t?1{?Nx|8ad4B5Wbg8zu62cp{`ML`W?F%
zmLwkb&Jr!4D65kDEVH_f-wzrP!Eo9H7w+-j<&>5!3{~Q8oGhIM9a>qtXJDC}q$E3n
z)rIDlh?j11V~SP!1(A~G<ak<w9Pm)QfpGxkq-aet-#U#_&OQ&Q_%FFWx=z34RGnPF
zr#(V&;K-Bbt_fu=z?nRf{xgb^jEs_T#YNJ^cQRS(FelgX(Y<NWR)yExx1=k&kN=(d
zm>`?@Sl<;HHyUF~PG^d%M*p}q+Su5X)M$O{TQ;_8jRgb8AA>`CH;K*!rzy_)j*aFk
z?MLQ~H5uCp9x1ZM<n$U{U1T`rfOq<)$n;Y45RX>I9Fph|o~mSnF2;~a{|z|a-ZP4f
zf%5a@%i=pa-Q<J5+&<sQmT`Fcl8YPcQ}kkCGnT-Kns9zU<n0T>A!{P+?{^?{e1vCo
ze3Yf<K6keCAEpf`t~n+RQJ-<l8<6j8DLKXkFDfaK&zcqAuE3v=x7SPHFpnfeNB34)
z8*tp2>KaH4<)r4T3Q>0L+*-Ni9j!<wOO(m#3Y>UwvI7as0==sZIpWld%?w6OQAs$%
z<@g4iela$dKB6A+ko&?d*h)ri#)u!$MuK{Em`;@l)IYIvq?{7@ELfkHT=~Fh1MonE
zFv^9m`2)k*NM>Gh=5Q?VNxYDiJx!<4NjFlc+PGj-TI8_ShI(1WP9Zmc`3TP*PB$N4
zSJdbV+&*TWsbuoWb}%gBMC5ko{4V&48P_E41!Ju!bj|T{6?SYazu{jXd;t&e6X7p_
zu`Zn<1-dklDfN0djUYB>lkVf>0>vsyULQ}_ir4Utmmg+=+mOo<HzcCaT++jaJ?TYB
zm%@aG8eOE?G?cO>dINggmNAJyD<N{qDpl`z5^0Z-z*Lg&z31%AHw=(E!lqI>3l_q5
zSR&K-0H0m87_~C^!<lhRI6oP+jwMxATERI0NjP8?GgWQkv@5g?K=wh$kws$~Ph&c#
z;QWl=dEoiwN`DN(yiv~K5vv0BfuAsk_GN@AuX>vMQ1H*LX?m`|9=x~=!2$M(Q~Qu7
z{BYC#CUkZl*<6^KEXU>6Om<a82}yp?0g1JZKoA<=txc89aiFilkwC%BjlXhX@)PO8
zJ&3G^a7X}Tx~u_p_j1U+osl-#7+^2fy1>+Q=ALQ@R7VVxMnsWsL}AnKu5(Rw(wZVo
z`8<0Z+b=^idOMK2Cnqk7EGD*oNP>dzS1_dYJ_9|4qXY7sFRT@<$Id5=m2HCdOXRdi
zr2kR~jcVAisyzAL92l7}DV0I5u~C$Tz4lfwS$;u288j_ev%2@(VIY!B8CP2v&06cI
zQ?wy)HDMmScpgIZ__vzeU}+OpxvgXWgD@TC?X>~0GY2|f(NzyC64Z&^YFV#K7xAJ6
z$Y1z??DF9=upz@XS$0dUg~5DN7?^2&03qBPKS`Z6)U#d;J^B}hS$euE!;D?v9tXZ-
zDRSmKgeuWpYhP%J8Ia=M=t?s6soAc!xqku3qw-~^#xlZj?P@`<1GZ4zsno#y3B|?J
ziy<%e8D>*bYr}8fJr6N-);#q-WLjYd;p~P<&Qb$U{L;uelOlmN^I;h?6J^I(c$P;1
zQ`|CTEUZfa65}}Kd$b@HOuzuqLenaq<sRA9H-Kqkk4d55&DduEpznWY%3V|3WYb{B
zLl+uq{|Re!_f^H_Z4Q)%#Klg7c}##(iMunwS!^Il#V*wlP23;|64`h!Y_6OHLhmdG
zc(<*m&?jf)PJ7TU3Bw&*PnVG=OaVFb0b|}8h>pxsYRS_JByEES`U|;r@_I5~O$#=n
z<TG}UYePI~d$&`KWXzN*83KX|9hJ*vM(g+KdjbtO|Dsv^-BDeLOh&&W;!L~`v?!kg
zBF<=P!4&4d>v421qL2`s*RtO~S7gdNcAuX0h)19~#(x}n(0ZO*Ll49R1J(}ypqsCI
zllBRc+mqW(Fe&m!`Ss<BbhWAg$gWy_&<KL9SVr2%|22D;Tc!eZH;_uRui7L_+yR|8
zO~nf9ex0@qrEhazP{et(jtL1-yRWJ@z?xbA&GOI*#E}wwf?5S!WK0hU1`bBy(m&Y{
zPxjINmM%ZTd!o-#P@D_?_2nYi$Gs3Ec#C~g9(MoK+rd8I5j@UKIw12oJRwMs(x8QE
zR1@GfUo(c0Gk(rq;;8bHLgUJ0hcU(89gvovROz{35A753s!E+k;xle#1s3y1RfE#T
zN^H#1o9DFQ&E((j`TcJ|iF<q8Y26jwu#cZLH(0x##zZAt@)5coq?_WiJd%UKW^;sm
zz5TNW2JxRUJNT{g>$D_OhBl52tsYMBUFsqZe-ibg-__MQRqj4E-U|b>nOg+Tr+-MX
zgt~*I7yAOIy}`_x;Z=P(J{h$ys(n5$2B&pd9=mv7;hy)TpkT?u0$nl(e7tz`T1}9X
zkK+X-O6m@!><JO%xj`QK9U#3TEhgQ#xds_TgOn5%M>AX!iEr3#AIbh6@Xaw$;lf48
zX`f+!Dp6ab+lu3_{IdJ-xoUawF=_PJA=5>kyAbX39%SDwDs-yJ2{CkJU^KCY5$#hH
z@0)S#bVE)qTeDCl4<%zDd?XM8xuu%Ok`Pd^@Uf$VD?MjulTg@o#Z0+4?&~pm@RD7`
z5!U(?{rA$+^9J=$U{FpQ?_6RFQmjk;+~qa(i{!l}q|&En5<pb8?mLMm#@)Y&HDwA~
zK!Vj58MzRUkhFbuV3cR^Je`mcJLf5ZOWc`kwGvsKhP2306zzHo;f$c;F|ceT?2|)p
zxOft5UVy?*`SFo=o{7cq4Omb;(k&P*R*3f=Kx?cjn%S{FnuzD~^?|(X{i-{$)Lr|s
zMY%kR@tRq4vU~_xz>=GDAlLLLqL+nMXqdL~w8p?7|A2-Ut{2jzlnGCf&}Owc^fZ+f
ziw&Lhsrhv^=!#jUx=7#Fc5@5D1p^0eMD3`~?J_fGVBYIks7tqoJn2y7txXxxNNIj{
zpNceB@5{YGvr5zTR^wm&RWf?x%M1Ey+nxHQ`e@qJN<TxL0xE{k`fJ+Lw%sQ!yhCA#
zF4_t)RmrtU7X}#Vwq8W4ia;ysw+3|5uNDD?8o|lZeI~Ya8-b~K`0~D~UKUY}WcF#p
zymJ<?+9k@z2*IdFrMTZCk}SV7d?NPta=Z`76H%O_a`n^dj6RMVr%qZ<VzNE(h@4~G
zPmZ9C)9#-UR%iNJ+5_n=;gGz4)yBe4-ZZ>ck*Ul(``uO3!c7^j?8To+KTzec7z{dB
zIE!q9*kUh()qqAm9`r3)N7oh=pr3;Qy^*Dt_DJ5_HH@~Iuu+;MPrl;3b3FLU@F+CC
zNh6y<vkfB_RX#IR%D4F4-s-h6lRTsJ683JywW;BsRamz$w_q#5UEb48G=?S&MPL;(
zuy4g4M*vU15AOTS&&=DKH{=2pAet${t1Ep2R!q9WHu#QMOzC)V(IVqPKk+64NQ#yH
zDrL6K;nY7P*ZwAN>Lo8Faiv<G-tVxWsO|rQ=m>CA+RQ4D8cj4+&2a}O#zhXvu0VH#
zt9Pr4k;7fr1OvQu`cKinhV7;`5uQ;aF_h13{?#=1(Tp!9C=$yue0Kk5Xq!yk@S5N-
zWR`_4xVkthPz#|glpt)X>R%!RO&Be!6Fa=P;Xp4(Duin(+k1o?meYthBhvfjeTGbG
zs?)H|B2WM14vh;wT>~;Dv2M<M=Z3bnJPS7Lo+<KY*Zd^^0>*lOX_g6=GgpfQA=2`E
zrws@?4DF)u@D`=9`yxB*A6p4m59s7t)t<?F+PDF#JMcw&1}kp3P;_Uw+u~<={tNI}
z;xV9!dRQoPGJ^ArtO)Mbf!bl=j~r~2xF14noP!%7Qrhx@`j836ku?17oAjEH=h~E;
zyLVq${kjwgm1&lETYw(x+VIwh=3hJ}CaKBSNfyDb&h8VCASZ!UVTQ(+qYPlW)~2GM
zOs9&AiLyCa?&$^=#~I~U3jBEFl2NkdH*G`BUS(hl{!*@qcVOy(R^Bwja7$QTngKKD
zid=KvhUQ@V=4iqMr>SgNe@X(J4wg>3Bo95gTRaHtO7dAtmgvnqZB~Z`|Kt`NZz%EH
z3_E6CT;Ctikrn{}{8NBHfk6H*HVFj$13Uf#Lqq~cMj=2&BP3#AWa5V)X8uhg_ya>i
z{J@hxnB?CV-nPFo40_Q9A!DQ*iXS-_9D3K`cpD90Z{TG-8Ub4i_&DAHYOw}@L*Lm!
zFLF8ypkLtp>UZJ<pyrtI5+T>;DeEk{80da+jkV%cCmZK_wyk`G4JtAD>*OunEf?iV
zCurM)%vcQtry~$=4brwGc&(>#SN8l4BZQT^%ZZUCYjKXB4nfzcQ_)I1;^!!ktP$H$
znunr`tb1TowTEnb7_Sg(l+y;0SBAe>?*JL4BBbYaAdaeFZ>e~hei2#^U9|ViMu!N7
zHy6lwL?wssZ|=DFz|Sqp(GEP7tn-nERZ#zi<U1n~{2RaW3+M7{nD(%VVs0-o6H?}K
z9vT~Tdp0lQ0~Ll;KOGph1UwS-Ut+z*Ct@Y@(;>d3L*o<xaH>Lt=!yhY=m-V>MpRgb
zN-)OqgrW)1Lsdl~L9NCl82dZz8NwN*<O2xtImvUgPnT4@KCFOB7L_lO7J@OFc5L$l
znu?SG5k(T;0QsG^JLXN5Pwg7K#|$%H*)YK-6@F&X#%ca<K)L|vil_n8VrHQG*)!fq
zeXXaMtO&?#<!5Tlq70bO0EoBbhUgAIDKAtn!r-27aY7}df8+@JppNQ7X=1E~D=v3e
zPmU5-hETwISTB@s6mNpI)J8aulv6^`j+jvyy;1qWcIDPc#?7rdFKZ?4i0?$*m$oiG
z@AO&GgR<&15QCaQrjafck!Db$_LZvs!ceU~kLLxJbiEwedIJ{L-%>W}K$|<6UDN2*
zbY!ch!F!%MBnO^Uq<ihyso?&pcg|7|Z@Jql0e!AODh%6=(o9v!mIJeYTlXD2%Kl@@
zKN}424|%hlxz*v(OpLU>Z@DR&+(UE#)w%V?oOB@N0AV+KzotJS{0c<!5?Ar_2qvFU
z7ZP)}f<dCE?sW>~#Bt}0WDwoA_;WKxIf5D`5tshz8=|d^+9?#C+p)FkiJ&OivLXl+
zew{pGuAx)1BKa=q(lM}!CAc(V75fdKCK`vA-+gumeC1r%EDMO*{ncT`mG7~}Kv$zB
z&OLBLR2EG-*z^eP%r)b-UpN)sCg!-zUMHASQaudET`qNUdIG6L<yIm05~AL7euJ#y
zk&sg<s^+n3TsUNMW^J}o_tYM6g*$xm-XP%-m+p{N*>~Qk>GG$DRtX*(JzwKc$;$UZ
z?KjNxMXK&KnzaIf(q!@v9zE2!N`<Xj>sHKjK*xm5vDP(S7^#<sjS67P9?fnBrzY)%
zrZYXZ<a}`oY5eO#bZV06J|^#n`)9d$n+u0~i&Ofey#oVft9t#9-ZtKQw>rb;V~pkb
z2ahH?R-W{X^QtQ{smLozkAB}o&kj0nKV1R?W%;1N_yI<YH3P7?BnkexVditu>f>K)
z@Z=G#v1{`ah@@)KxyH2eB*N&#zU1j~cB+BKyPkq3;wqGR3}*_4(ZKPJ2xL*X{lOUb
ztwl)#S#sLxuqnI;)(uhMm?6O}Yi`Rh!E4Sgh+V)V0|u(L*PZca*I3}Rz0}&`R%-%$
zDxSB}=K>UJFqGZFLJaF-E|O9xm8B;ICieTS41ZOdM%R5T7CcjFg@QGTI*j1X!qB@H
zK>Ge00Jl?<Lm`#s=WJ79Yr+@L3W%nd&G9@V9gT6vz;WWdL4V}FgLl7%8~E$J`9KD7
zDJJW*T2+{cdVh9gGknx;G4)bWE3oXKM9y%^!WR{d@X)xNw-Tj<B;BwifFi`1Bg1D2
zf3O3;xAkd7%BR4N1P0c8JMxO)8)b55+_I)#z#bnECm});U8{D1>$601SvXK+zv?vX
zgkJS>$eHlAVpACw?3ruy92dN;WT@M@%%-lPQ%|(M^s0I#>3PssRW9Vg4q`?5M-KE{
zoBXq~XQWGK?~rPF*!PU^g)9u!HTt4f9p|s;piQWkPP9Pa!S7$%eaMfX1<<b9LV#&|
zjEPZg@D2jvNr|wo{%09i4s*~Ex&lAVd~&))JP`^H)HyP>Q^HVvvHbm0(oJSul9gBH
zfx4BeZ2|@dmJ35;IWT}&A1@!i>^FelQ*KW73Zk>lfD8>e&iz?=ns8KNh(I@#pM`h6
zka$9-QtA{<7;a)G8W>U;z;TAEl@{;9MV>jLjYq!f=70IOuPsWL<`H#YM-q<q+MVpc
zt4Fc8$#rQ<Y3NhIuW0#gs-{?T<%&Z)riwxPcN_DI_3GB2y{k!(>yl^V5{CsJ(o+yc
zb9?g92okE)_KItf;**%c`Y8Oyk&Z~!<CEmky$rp(RO<brg5b&prZcPjFCOj$4Lp+h
zKT76iFcJI$S`8!2rzMKT*U~mQU>yqm(ki8<ll!|x+h_(go`HTe-MIaOn`U_y<=anm
z6f~Az*-M1Dhg3PNh*7nXITNBNbq*SH(3|NPf;S)7_i!WU;J-MWVoNSWh3dwoCN~=K
zZAM~u{_@EoM|I+SdGLM%c+f{*h8%Q6v}NXHre}9IM;ThkkYi>1b^fRutw(Y>p|b`>
z=nk!K4z6$YwR8m7)&jY7P=7@C1~~kiN%K0;=m;LFo~j7J^i-=c?TIr3eolQd+C{Ug
z9Dy1OBE}bbz2fMDjx;O0SWBoeo`$-~!G6Z~Qqycwr_Z}sBZF0CH_!a=b^mwgUv9`h
zOONXx9VY@2VvgieM@lT7J!uLfA4!3Wt_Uh035n|||40}EMHvs6Sqmi7p^7XEFO_Xf
zRc6Zb6F~)mAmfIlKtAqHe4+7(s9t=t&yT~JSj*ul3-(mh3$}VLo`Iwvpcv4Zk+%y~
z`-&{i=fx8w+Sk|~L0WR@l$2t6tWMS6U$^>XDfrcToXK`}rNbJaz;wrHCsHCkyJP{C
z<x*;B`LyfBiPNcsD%*?x4S>)~FC|^V?_tuN?GV%NkQ}mIAZcb1gsn2+^}98DaeY00
z##NrWl1ei1Jj-E3(zqm$4xfanO?luCnx#lVw)WCn(`BdACZOHAvevrXXcg%E_jNY|
z$uu<Wv|B$GB*qI4)eY(ewOj8(RB@Dp?W7O#OU^zQAM-OOT!h7efwBX$9X7eIwdKQm
zm43@M_wiz(ORB@x!vy)DWT*ZFIF{=cYVR+uaQ+QXrB-A-VkiTfT45}FG{p?<T@jGb
zU(<NTGW1*|?;bq#G2CsZ0GxtT8Q`#CaYk%)1Vgp^;gp6GHmL<x51c-eBktra&UH%5
zM#-3t{SK}NtJWB@2Fn-^ys>B5u`b+wB^HO@B8)vc3U2T5&L{L>>Tl|%SC}nwT?QH+
zxmDo<gl<POzbTuJ^kQYusuN6^#7lb+EmSfnm#&bN+cJ<N@AGL$s=V@zhSHH^7vqP8
zhi)cvid<nCZ@Zd0aZ|5;Y>NlU!k-sb0m0+O))f4Q$6|GlY}?~O&|OsFn~iCWrb%V+
zN9sq1qk)lsAZBavN7F>6si>`9CR0?T4c;)IWUw`Y?2Hz>{KGapz%}ab1`&ojwx6(L
zY9x4NtYdFJ#+@W84L@U0!m<m?Y;4R$XUN>$Dh8WtEOz<mIgjySs!x*b+KM!|YD`nN
zIQ9s~EP_e^Oi-&XM4Q36#E5!{RD@+hrGn;Dx|@IK5vxo0*B&;1wN0~@PH~It6uA}a
zTh>fgD~Bq|fr6mIH-K)#G1|OvcA0mVP~9(Rr!8qNvz4s7Z2arKMv4&bD|cwG_8Z_4
zK?i5X+5nySjL3LH`0BjjUBALR;a=O>cs52kRGit#iJ(_k6c2j9ZBH89gAo-aLxn&3
zZ{rCb3xA}Tyf#&jp%YZYkF@VkQdc!>%Yo-x2QO94+*VEdAt&BQ4fTq`_BqRD?1!|@
zcslF*(zf*&SUHNcALxM|FNZ;Ec1^<}-tz&6O3DRdL$+dO&P$Ol1>s7Phs$v_$(k&?
z4Gl}`g@wK+YN<*vdMwOJzs>rl-8TT;Ih`*;BT>G;mYW!wA>am3E?C+Az#My4{6bWM
zdAwjO8*P#zMXeDMb?&T^E8&v2p%h=m6XjilwqZ@#7H$^Rh{z*#Af}_Z-tg(K%hG`K
zjxOy9H-e74j^~V7BW|jTbDq(qmEO_m`VCM*h(W)2H5j<eGMR6Dn&Rbw(x{Q{TM@su
zKjeJRiT93*V8fUC*D#TEHkqp!%N{JEX6~i2epIQZv@)21Yi8jHCqGHN^`I?u+vFqD
zQ2aX4Cjz3foRK;kxpMeKVCiy1yxw@LcyP>)Wsr|C*>;nQM>kY6PCM@&B4U{Mfr0!6
zbR|2*j2By$d(9IFlgrO-NR-Zsx{b{Q68c46v!P<30ohN}6^cf<m8-lX!oW70xyO09
z#y{S&c&57ju<DeEZ0&1idH%)S`0s@>!uRw8bY*jaQBWq44_?D?MfGVwy4GTY3M<^D
zWQ|wQ!2GbncU?O8m<x4!0B)e!I`lgF4Dot1%EU7lRn|a#F*u7~4)pfQsY1{cItMQi
zF+qQ>%JKA4Y-X}Yvct~OmYC$l(NoihpRVgI+dd$E?VMMf&nN!MaP!Uc{DmOPRnY<R
z8gcZ>nf7{dWImh8)u7W+$ps4mxOmH=5X}b1n^v@a({dwGbJKc{lTDpk96e!+2Sc}j
z>e1NCJ<}*5Gubo=ri6wpk!4jHUWdJEk90X*vl?2!dSYIs4SNb2Ihr$S=al2Vh5}Ub
zgR6v(XrkaKbZwX;_#i^OZe6x6OYEGHDe%H@(*g6Xyj_|$`-(H{W<9-n!4jlus<9te
zuxWYH+Ttv<4Mpywbl2II`7DRK17^!8J~HWHi)ZT75|LVIXSL3OcG-SikdfOn5YkY8
zEj&pT46Zlv1q=Ca4m;OX>N}S+p};B@;XBUft2dPkAwkij>jLL+_ne`5>Di#EukTk6
z!8$QZei4cOsM`{JnnRU!lJ)Y4#{Q((!2mZLw<7R9e>^zJykIa!!-2$DaV>^RT&h*o
z>MzR;H%ehT^4qv-X}cuYI8fz)H}TJU-0++&t?1ORsoB$7o*<6jv#0R|_009uN=~%T
zJgj9BAy}I&!wum0=|i}puCW`<79%QIU!FB#AtY#3>j!eSr&qa6MO}=#u80IcM4;t}
zR`~~P?q46Cy<NsCELW0C;VDWG%`4`t&3J8;F$YmT{?U7KX#7v)@A5B7Mpg6Ht0~hn
z<~#Cbj*KJXr4DQ<?4RpZtqYsW%?YNzD!5>~*Bj+*UP*GsY};Tb8gDdmwxzpDu|gcf
zD9>JHOEo?_sXvmpsnIk*(9omRLl5ZG_|Yq~+)1?}&byZ}Yt`0Ad>Z042qhOmheO5u
z;4{S}#t@+?ar<$1-$ux~N`%w87vq&;kyJ4(jwID_IH5Lm)M>5Rt1I^GKR1{3byOSM
zjdyhU5;v_oZDgBsrjK56T1W63WNy$70t_c!tKf(0Et~DxrHse+-_og{J;(9@NfRCA
z%DZjt@nf)?v|MH((t=ltr>a_hK1DdxBUc_*@amrzjiPX)p2|M`ZHPkzir^8Y{OJ)1
zifv~qH{P8Go!O-~@tXCEEnH=!zq3H2><){Le0Z=nR_z-!b-}q#NUmw3CYNP%jM|Xg
z5Bq8>p2x+aW3tII4$Wf+KBOV;qY<}2Kl41zepgl((j*a(ggztqhpk4pLe`dI1h*Po
z9I&UK-Z_sgo$EX9bFh>lWCve&<IrkOGXu+Ljw6kaL2s-~@J}vN<|83dKR&2gL6_*U
z;HJOnf}Fly*JxIl7SbyKb)yqX2o~px{R1`Tbc=Y51QJgethp9GE3LT<?i|6dAV4h}
zRk1)qP0>2)`Ay~<?KJc^upPn|H{3N;w@^XIqs~PduOz0UNpoJC54XtFT~j|pM^-j_
zZpX@+n*s(&IXKgKYQ`w!l&z?5N4|ni(Xz`7S$X>65|&dbH@*EL51m5g>Qwn$A~w?E
zfV40YleSI|M>UYEO2%KA()l)Ce}#$0+BQPDJoT{;$zsf8kx!+mm|7z1D9W?3K=Lrw
z+*7bruB;5BVs3buJW3XR#inJWvCidR4~a@!O_Wh%vP~#=m6{|{XF*xN^Qn{k_R3TR
zEIeKr?nKO6n}oH?gk<qcxlfj3)Nt=WZp_fXO(UP|inRl$JBws!rP`8mU-ZTr@|b8T
zVF_J0kKAIVKgz&vB1pvXm)(~x$LHDcJmp_eMGLo1`gjoKXtbzRf82sA_{5dvoU*5~
zdVT^iL~SwRyvLM<&8r<69*~R^+%v|9=!21oJs}0y#k6!&J;;z6u7)d1PcGNT)e~W<
ztlTydp!*l^crh`hWn?WD{@@Z2Le9Nvl)(ChGO8=FK6FiR?fJi>+Zn20{N@q-b|1t}
z$?TN@7Y6Z|;}4l%dcJ94mw`HUUA?u1CNI1POD<^>BK-|wG+ySeOsm1@lC0ANuucBZ
z7&J}~sFPLIi!&xK#lLHI_Pz>y1bRphKk}!aYYMo8x^m+<heCt@g<jqEPZ%T;ze5$u
zgi~op8gZe}fgQY5)@!jmCNL+l@Y1OK4UMuhL5ba6?Av#)Ei^P_ra*n&8VX}nKUC3l
zjEvs=+c4>1Usa=+T>P$OYx|5;A*r%tiQv{Qyjw-?9SFKYKik+}UDCO2rdPpN;Pur)
zoOf>BpeR_X_DnO_mF3GE>2651dnFkcvm$-9tIMHRekfmomx!>WGG{*)WX9Y;IZz&3
zZ+TDoX<8d31-U!~sw~8T6vP0x<qsK2Tq%d3?CVONov8tvgTHAGJGEt+BBO9L)|%X-
zUA%5FsBTilUYssLK~}t;<#S=!@p#ks(tfz2R6{$U>KfqiX<C+UBYp->Ttf!D=NbMk
zluC*PVP7I3RnVNNuQw&DYe(&|6|iq<n;+ir$MPm`@R0s>sJYUproQstYZ0-!pO0h>
zpO@(}(!+d}G~XAZDS-krgu1=u%31Wc?zTsOg9PSP@-~;cXYcl7&fnhlt`Y30ihF6@
z$sEVwAvf!3c^>e#vTg0PGyE=1)9UngTlPYyA$IFK>z?0-N^L4xs}$J=3|C;V`ombb
z?#!PMmyHn`J)yyvgMvB@&^{aL{wQ}9P-wxp(fK{$QuSz#3w?B#MLKgaYpXD7w3%^-
zA=LMeH6}XlS1dUy7YpLv=IH|tJ!+I&6ZIc2MJV%^Zrv?=7R2^f*Ud~bG+9nuf<L;Y
z*#mcB;px{an09#fkkR60<HAf|RPp|1^$lRF`rdqAyYUi#ok;kVd_rK`t<;WPUdQjD
zs)jNOs0_v;+q+O+K`5F~j)uJ}{8EQF3SQnxp>liCU}e$qxx4;8>MKOM@i=xl`-Cc*
zxNekqRlH_Dv%{CP<%{#-y$<hRUl08)-oIz|;e~_AFoUN2&KSwg<&lOXE?6(Gp7;ya
zrhmc5GJL2$?j7fNay12a)uOTvE}A-mhK9Dm3jRT~Ug<oMUMpKHuQ2mnp4SdhuYaW@
zp6(AxyDIJ{W6Xa`>MYM6VrmEtl;_1+o}q>Z5fT-Fi>sgr$}pwmMPrU;?FK^Z>8{n6
zX<X5)<a0|}y!ndr@GL8=*jKZZMZ;Sed&)z6IUA2`D*k#|yw^U`YU(U}ZP!p)@a}6$
zIpWP)6F1oNL}9e+@b|V!|0EJIyW*qK{%Q{kJ=2dK%6)u!CpTJhs2|WC?^=%56vnhn
z!weGJz2jCX^KWv#(vBmNd5;F9AqOSAk^2;^Pu`E#p_<&ZLf+Ny3^Z<p1Aha`T4q~H
zH}mG<lxMC&^`C$T4I}S2+%hpQC~r&m8SXqLLSmMHd1%-r&&#mu%KeHysCl&K1$TB0
zpIx-n(%77yop!ebVcSR-*O2&!o~v0pe>?Kp&&W!1fwkRw#3LiQ(s1q_mKF@7g|sg7
z?q|AtF4d7#&1*!(b0O9yk!G8nt?QYqQzup#t-o8<o0BB1MCJ`1oTfTw_k)EAB|s!o
zg%6Bkd+H&ZxnkcinBeM*$LV`z!#k@4>Pc1w1usMhTHuPG$){er1+S>Qd43I8Ugc>N
zGI-l2)?4&AG0xJEO9xLkxp|ciq1RJ`LvUvqfR4Q*)eG)v4M)J;X9Bs}?O*M2yymT6
zc4wG5-ZNrz{T`!BQ<7fIxkk@(@wh{VUU624h9z1^20<7$*0l=VM3_zmvhrDc7f#X7
ztE!b=DY~1swS#?bI-hCIL$wiv59FeBs4TGr{efEp|Mb*{zq811{i6Mx?nl=OBTy6k
z39yegy(6lE;G%F~i_gj*;78VkUb9@#N`-e{WSR?=5zh)Fl6}^*CAws-P>p}Rxz`3<
zrCh?pMdkt#i$ZfSGP5^(3}>xwkl#*Jl~B@QEKXtCS9w4y#^1iv5k1Bc{XyYTrkB?2
zZHZrbfiCX|GN>Q8s{NBy_NEYkx_fiTKidLtZG(bFLu7;$7hgxdZ-8n9iH+RpXqi>J
z!XT0RD49=uEik!<c}7B-nv$;MXtQwA^HH&Zd=;Oxkf(y%%}m7XalSy}?M%!tztR?7
z1eaGLIfP$cPFU<Xj3BQk*wl<=ikx5R!cD3vR3IZncTFkqMNNY1SVtJ&*&qtOK=6Rn
zBV5Qq680O@eYKTZ4~I(lBrZfGGDr~qo^IZ==NVPNKdxMu9997(6+Qm<IdA_kllm7k
zULA^&?*_z`99${@P69kC=F=ULmv4diEB+f`H$+DKHD&tc7q|NjAT~;_`<xu9o(VNM
z)4t=&_w~-H$oU3v+==l0qd3A|`v$mu1Mp1wej+y9KPlxuF&Z#X&|e_`#cY0($$y%N
zphyJB4E*x?x4%&0@(>8^{TLPM`sPsg?!bry@R<Z1hz<Jl|0jO)lVZ*XR58*mEd34e
z-K~KC;(9~P`+DrIl(rzdHNkuR20Stbf4wC^xLynP*niMQ6c92J5C|=#l`x9K5#y^w
z7yh`Txus^pN)bfiWjIjx6{8W=kC6(yo2^e#H9w={j<9u1b{715=BVzMQpR}(wq*q(
zFO?5=2#db~Z5r)ruH{>kHQLri<p)Dh0x2W#Jw0C|!2dgC3X}5>GQRcpa%%nlbTg|w
z6v{p0Q<8qMT~M=AdWZ8CJBVtJ`8m4(7J=55vuNHeno)eIJhX5$8cdr*=zO!Ym{~my
zvaRw3Au}Y6sN%x#FHN~q(Wf#RNzt`~Rb5&+==K{hf%_WsHUH)_Sv1mZY(vcTLh*7f
zYtOhP>CB4rmI3!E9pY0w(j%W&6S2v2TwE9z65~^nvT*g0t=pp@Kb!v3Tj^%ia}4#y
z#DMsEJk|O#^H~co55vUBOymbr!TYGYN&5zbdGnbl9PBW*AmO|xzQ2&QX5SA*<e#=P
z(Hd2<+<As{)>DTd!?i$G(B(Nv6N;m}zfihf@*IYB!B{T6Ob%RJ8<aghGd{BX<Lj6E
z(Dgmc`{%PW(-;3Gfz@%Y(gvzoX4CUq&bn)OEQ4%ut-)kW(Sdxo!NMI<=>D1;wERnf
zvgQblw0xJ^SVq{QkkWz|v^9Qv49SBDgGSeDlC*MAP=uv|x*I0%U-vg)Oz`%zCoVGO
zUT$kgp&q~E=^K#WUtq5vS0^%3;*r5*x?`2aWk<d!>6a$yR~La)^eWfPx*2A*^d&!z
z9X_iy?(~EQtR-%16h1p!1$%@+UN^%?^$p-_!{vD(88pGV^YAIg`<cQ(%yKqUg0YSw
z@8WJfLrJ8y;#8qDVOt{KFpAc&L^e&O{E<Rg=w!5nRm41utTWSaHWQh0K{8Byqo;JF
zvr^DqqdCZ8J=(>XLL2oP5Kr71Prnnf@I=28vhawBEiqRI_7<1e{^qN1q1M32WHJOk
zD(^zZhLj{OHl~_drsO5jxF(UYFJo20wzKJs?M$+d6g6|MaPIyriFs691Zjc?bVG%(
zZBSBxTNy?BZe)Hc`HDeH{E}*17NSeHIz4$=zD}{!0&l=#JFqI}pc&+O&E#}5+i~>v
z+p9-_rQH)s^$I;F!!P7jm_Tf5c9OhH7`XUqNR8{773t{G%6MYcNtXy7tQEN{Ov}#D
zPsf$0GfL)N$ihs_s5N0*KV?$?;Qr@~DNekcOG2mS?MZn3+LNHOs}+YIKzoM=n*GX*
zIV<%+&*$dVe3^9fTH)@NmqP{l>Fw_GDJ(0`4-f0SBfq=g8AE_PDpc_|OcE@Po02R@
z<7G0D6YiI7YRtF<M+-_>ql%FR@yi1iea*25>PKliZ4iwVaa<e*B4u3*+&7?)vUEeV
zr{~tXU}rOPY+`?PM_x*Scmdm)HX@IKi6PZdsIZBoE1tj{)rtOY(kN0DcF5iKE!O)j
z-g9`8>NPINmy*euc8JXpn#tz<J=?HH!8vT%WGO>+XQxL&@m$8^Lo0Z-nBoT^@69k!
z6<%{8B{gAkwV!mvy%&hM`3NT=F=%Yh^p?RbY>lVzA=cvqenWFbA`XX)u^jc(k*fH;
z7>MU<pI2<5o@|_&KPapoXPGi$U?rW_aMR2V2l989m6hBHMJ&IAJ;I)rI9xXj9lp2Q
zU!#s7-(UN4B)n+Wtz308d`>pyl>qlsoS0c16BA7+KiIg=H+rFauIZ-H+VcvFe;LPG
zR5`w!gVxZnl(UdnSv^eNsziFkosuTLUpkR~Y4?Q*UZoL9UFdwr5xK&8c)5i@rD`k<
z&-ZX_$7*BgaH>m3#KeRxTbI6ee;@<*e{{-B_u9`Ic}DQ~7g|qwzmA9US`bAJ&9t1x
z6a@MOZshgO9&iZeymInL$Zvgu$T@7KqCo$lnjdY3JJG)I31q`+s=Y%oyBeK}ptuuo
zYM9X^^*}ZhjjqifMrBIH(MaAW7rjdR-&|Y$_I13?HYKkk9L%=HwRdE#NNduXU2lHm
zIW+C)SyiA-tCLD9_!13kz_A8b4oBtqk33#Jpe*AbzlP_z6&`i_(z#Q74Tg36GY`H2
zhz930G?ylmEi|Gb4vP|nZctrfw@jOBT285F4DFdAl$jyn6{BwLnNdX(%{s?J^-4b<
zXx1>o%;{*Qrwv^)1Ha19s^dLF^23F$r>*v8aW#$FRK$t$XUg#GKs}N8IwN(&EV4eR
zEV9u^!tAGu&%yoH8hHZ>9%|nvTAkr(s_-Y)aH7%>c`dhcuaNMP(S#ogIU<m_48~Af
zHO8tV<trcp`v(>D&$X=nlw~$h)5GQ`0OPY`!2J4hb2n*neRxi5mZiwWROj}$Q!wvD
z{ls|38=gz^zF}JBqf#yWBef3oEiUq=Tjxg^qR*6GbARlVxj*=n%q)&kVX=xoVtPeM
zdkRr>ynMuoDAKv$VEOuW*gb#sSIK_^Mpk7Cc4ZVwuo?~S61w8Mn_GB};nKyu`8pQL
zbYU|bS?PLue2Rx&UTzle=dX|ZUS58OjNKXZx7y;seTs&xbm!j|iuT8xUX-|g$(|t|
zcC>x+#vJL4JihTIc|!k^ypQ;)?})t>*987iElB;eg8fe1`G@YpqiasA+P{K3wzh@>
zdqBp!b#~rymA_Qao>*0OKVhoujC07&ZWF7cqPF)gb0sk(xFdBV6eo(pQ%9AvwvVdX
zOPpTMtT!V0Le;Az(5v!yHdrOQ-!h2BiKRFEf(K2u!>`~3V~ZA*tthvIHA_omAE1=l
zA`pT?MborDXP7(QBha(`OAD!>3O%rtXO#_S*J-mpqe{FBrl-FFAsg?|7<>~~pHZFP
z0Ln*^ZQqnN<e{1ScjRH&`?wljfgy49O_S)!ESH-K611s=wptHc5unS13S(@e9bX0I
z;>p=#Hn`w<=(xr($~YXcD9MCJqY{!XK7JL0sug!k7CbzAxr#~ghyzTQMP+Q!aLb<3
zyZTManbZnilb?H>^>lMdF>)VnuY32*diN2$%@-G+$VUe!RmN^{|FHK&vX7ujvLE4~
zy7PFmA$?j!(c)wMu(|WEN4E~jwa2$L&w*K<O6>s-)?31DRhTYMbLapU{7L+YuUxk5
zL|1WoqKw+AJqC-mxR3Zt`P40ad^>zcpveF=>l@G=jEq>`*0RuDP~Gt!-R8*Ato6RQ
zUTv6eNKv9HBnZUeNb%2-;-61O49T49Gk5x7$2+b{j;!GL!r7@ve9Es=1A0{j7tI{F
zVBUa$l%>RSV{67HiA<tP#WL0VxTw%;R*ks6ljf`&%H3ys%7qpC1`#1*@<(h)MFQ&4
zI~Z24nF0p-@vX<DuOs$zeYAX;0l|nin!yu8>zx{(;+@jEm^2s>ld9^99>)RtmhnxU
zYmt5gNxRJ71WMtD)=^E5++8B>7KH?fgQ}5+G#feBZixldJF0JqdmdSIGd-JSn5>#D
zgeYeYjOyvPSgxC&Frdh)mNi6pnj&!!CrkfXj5I<azx4aOFx!1a+=hWw93-QDjK5!$
z3Ju(>QR}!^g5#_A&pX@q&4h`HixnD~*^yJ=JBy9(Ne5_;++^@z2i{gI=X&SEa~d|f
zc{<q(_D9`aJ3WFEyx!+l)kgB$Ls0{B8e^y*p71zKG_<PU07Vg1@zfa18E@}N5jvhH
zkJ!#8)+u`vER;s6u|{%z4=m7DB1-WMX$)1*xBAGW$k5TC!O5PpVYwhRo{bpfeyeiU
zgr-N8LpP;vBavzHc%kj5g(rq=3{{nysx{HR^RYXEU1wcB0bC&Yherk-AohnxZmt1J
z#pe4&94=b|MZrneb8gX__Y7y0C(+P<-Q&^}o=JB}C+(hZ;n9Q*A5uPeyjIz88*7|s
z-cRJBJqk_Cq2eVyf*`tFV#V_@u!9xOB%v2GFI4sfTv#^6t5%K;KMApPQ%~HEzp{Ue
z-Tq^r(5AkWi#Gd=aApjLh(y}$f=~)?j+jHNf%Y9)P0X8}0e!4%3~Gg~1`BA)nad`N
zyf4@2=9XA+TQl2uPqkt$UVeZNs8<ynFwuTu@WI{MdQCb=46-UbN<#{;x_xWIz1z3N
zx!m|My+wv6p6C{*7TZ~eH}=cF0qv1mh6*XL1O1dTrv<8%wHG(<U&lK=@~WtgR&&Q1
z`;u4$2S%cpui56=rZpZh$OS6_KYoB)(w+3@XU+?Ks&(?CKDn@ZQiau{;Lwo>-4KnF
zYE@QG8^n&nZzFSEKbeF80<^ifH1yRq7wr_|wIoNzYVWrX#V2G2=F4hp8t2>E)HLZN
zb=EK@_?^}lFBj55RROO_XQzDSWOp8EjO6!l1XpswBMmqnu<ZjXHbO=0Ap*uv=tow&
zW2?QH{nSDO%3~49b7RI7WC~tk73ovyRG-h0j)TUVM$?-{W(gH;iH_Y#t{KlKWLG01
zpI;DE1@OO&%eX0<#uHKBkix~%agg<A)$H|W=oY$U|EmP5WrvhcMBWgiV}mY2Cl0m;
ziaiE7K1aNt<5}-Wxc6A2KgKW4<aFdP#m!BcrYA*gK^Z0q`nh~T>#l)e_5ICmnW<(-
zNDJH(<0IoEiZF`t^{~#>?c^NiI`ZJTsmV7WO6D`%`#-<o$0-o=9JM9-_%O}mSPlGf
zaB56)=8{}{Dt_D$fjr0x1a)Vk@QFNZagC;bX%Ua~&P=FTt!Toru_;4bQ2D~<o56*0
zv9l|~WI$C18u{d64b<axb4e7ef{-L-Iy7XDB-k}NR@;K^xWEP`o^Z6T+w!lt1?7>*
zs+5DHlac>XWT?$RnSrBK!A@)Jf076{nbpFPXl85o?B{xb5o86r5yg4fnXqJud{yKd
zZqEOc6<a9dVgg2)?{#T_9Q62;-EFU8+f%kTqaZ0rk&+iX8X3&5Xi&0arPPjCJi$2m
zv#8MG9AAe>$lkU845ND@;qVAn__$iH80r-egBwd+UDCT@8XlEnw=U)f%`ypEMuP|e
zgE)H|?>laAxO4HYld#?GVP87lUl5$mMLs3LlE?26@RV^XXlR-}ar!#xSYZF4p=m{v
zQ-~&b1&T(M-aMgV%hEj1gyW2qgjr_ufbCeR;_6OCV)*4nQ_i+~#*W@x%cvQfZw!>I
zX*Oklmtk`=Te>o~M2<6>^O}%ho^OAMQAJY_goVXz?J#{3ghUB#G@ra@Q}}B_o=px8
zn1<$T-j=l}d;9(<*}F1vZM)B)pr~#C{t@rcy`>j~{*kyNRoW-+@}uoSLIEDww77(z
ze@OY)R=Pw6udeHqil>Stvjsjv;Ru2QWj1Iyhyw-096yxD&MQKQxOCt4RWxXlAtCFj
zIq}h+&P0&(aI-i%1Pv|VQRth07gu<>Bkc`i86?GgWjzupvYNJ$wx?mB|3vTDjEN^i
z5pK~RFBPRk87?v><c}ZO1=9tS^56coIu=)}g(bY9oZ3<B25(0zLf23}q_0~$<s*hL
zJ`KEOFObjW@6_1_%VKPhz5z>LA(5)iloOgCGf!Brh`<bODR~LGyF9-t;UR`4f_`Eq
zEANTiGRmdQueg*ADhb>yn#g!%!9UmrF5k~0jEeM^Eqls>E4(iUm79;rp}<6pjK~oS
z*^z?p1QnR)f+vuXO$^ISy5eL4q<&7~#O%bZ+yt{*k}(ur$oMxv5LJF!q2<`OEO^14
zW3_-mN|7*9VB4Aw%uQoT_2xa1d>d*r`KCm6^)8%4^F5U`kLBlwRfKvP>H1^q_Lnkh
zEoYLj6?be^c>`f!`mM?T#80LmTN)^bsiIoD##Op!cFHoPCQ)zvd&B{4b^N)jPTb`;
z*X}x>61NjX!xtK8ZBQIXK1JLtahxQWg!z<&VLEKP<B6LT4Fh*roIQ^H4B_>vma=*K
zj|artnIiX+GN!@HNy!gZuNkI4&Ola=e{0R8QjqNKq_8Sh1orHmdYJgAdOqbfiAJ^8
zBp!6Uef?Hz=3Eknyx9Y<j<H9aylEu$eR9jT-u_vadlCbh2qtY2TV6=+b4<5U?VAnR
zy;cD#sr>C#rDpxs=p8qa_$lkz*r{Hp;P{xurxcFa!EV!bcsI1E<NsmntApD5qOI|^
zK!HM#7I!P|ZpGaa2<{NvT}lfSFJ2_Lgg~IULkp#NaV_rdZvFCm^UeF~%_Mj3ojH?p
z&%I~o?6cP1Yhy;tRq*STZZ(&w|C+z~D;Ru@H1u9QeM$1cTVgs%g5til7G(>>4+FLC
z(_dHLPk|3_eT-jiykm?_+A(ADzYf*O;JeR$T;Ba<1<mc;X6p2J9FBXrb{)?N`{8G;
zPw7w0!lutSvBg|J_FHSkTDGl3!fQ5qO}JMWeBj;et{{Z-E(YxRq~;sNGSKF^W?4y|
zo<qHBE)Mo%CR;i&D_8v0xG(OKv8(F~t{^D;hD09(ZIMqbr68jqwMj=gmGpOoykfa}
zVK$I`MBa^utT<coA!zhEy$KAl4AK!r@INK)^Y}6+bPTK;1<p6R#_~zZvnv1G_48&G
zt@wvx2{<A~bn4%e#c>AKQnNp#u9h}a34GdedCu(%8&7=)zCuDE^gYF+RNc$(IPpE$
zwbI0vh&pb35>d~{%H@@cG=yQy<iTGoY71*?oH_ZOh2Li1)@wBhAZJn56(6VLR5@c+
z#Z)<mZ(+`T)v+vOB|4z6{lZM|=8S#J!&e+(>f{G*TpqT?{Qd9`MaOH0wB??c--a1^
zBon;lC42FkYs{1aF|@DqLtf^Xo8L;q*T-z`VhNZhn?S3laRg~8B9f6am@li!I$_aE
z^^;Pt+CQSK^pj^uyK$!soEp03@$;K0siyz+C?YSWn1|*k?;BE>`rWhLwf$6zDmhLs
zkFkPvgI4%i`1r9OKGj@MVgs8#vE;An*CIyM;xS_r{{y_T%M4nnp1R<=kTNTOFSq?<
z$o8bkGkxPZ+%^0ZQu=mhePt2S{|R(b4(=7FWXmEBB22yIl9j|!m!$eEPM71yA?m>_
z&*)S!);pGx((s&DKq2AaU@M2Ie`+nxYog>A_`z)k*+Hbisc}=NWm)7zdG*lI73;0B
zRm<O9MVz#+J+?p|Nm9QKiNrUjuLcHsJp<@E@rsSweT_>?@JO2GisH-FpG5*{6YoF%
zWcW+F@inc}>czU=c6!_86)_IO-M(qJtyjuDS-V`?^FI{W@zRhtZvsaCaCN=SabM)V
zr5BjM#@0gLDEiOuL0iL%6P<SA_&Dq1e<)TGWT%SI5=!1&3percZ9d;CzD6x?>KiKW
zUx+V*=4Z+$HpXgZv<gt8GH2aQt4C~T@q}jJ7-9{ZH<bO7evQ**-mHlBImdJL>1Ajs
zq!(fM=~T4-sOmsU#*)#|a2L^XI@Xp%A&+N|5cTGA@MM%ZSmD*XNoDExqNW|+6-927
z-%H6%G@+#hCxL!t@Z3gl+WYN;R+^)b_(ft|$<dDx(USZ}b>)*2%`L!L=2F8AQwb-R
z=`CP)u_BTlw^|2qVc@4$;kK6A(e_NRHC5TKWROt!>&liIko%;jp^}|^`N6pQmbBoN
zre?<6Tm^Z2Z4haJ*AP%Mkb5p*vd%e;g`u-o1+s;Wy$S2(#3-j7mseq>D-kF+O<B9A
z(jWcS&RMbCyT<ppyz_P6pVrUQSpIWUFcOrDz)`t*Fq74;kqt<O^g>z;KUIJGyM4(}
z?Y@}8uJq}_=U2lr<CM<)amY^gz8tw`60QyBXP(S@nv3KfmWm}pe}jK0$3_282$|{Z
zi&k2UZf{53d8T(oVNgqbY9XX^<fDLysr6XYX|rZE!A>YFwzN0<7+GSg-NR^iY4f2l
zGi#Rp@o%({PZSf_<U>iHt_}0>`T4=IQx?Dwr-Go|g}&FJBau+*0p{$KUg68f8>C&d
z-l4+bY1*YzUv!rN|Id1dTdH-OjRLNitJd{aXn)MtSvpZOFFjm}w>?(3-R!Ew8oyP=
z&kndIA?HF><qZD@CuYcGYoUsbR{Ui&G1}E4uA0GHd?>fm6*Qo=vcj{54C1#4@Gaj$
ze&4Zv?NRs}J^mjmCm{5;HF00;g3@9(XzuU!lOl6z^;9afsSBt+&~Y-gpqhOpSiAkC
zHj%ArrrU!=t~oom>0f7EoA#yJpD&5sB_f?s6>j6`UXKq{&hI;3YIipBfVuJyz;e(&
zcUEk!udqwNdtk)Po7gWm6e@flHe=id^{dl&%a~UdVOM6lZ-GOH+POZ5)=9~7ixL})
zsv9f&zW3ikf0>7(+z<=jjBcp<OZ0O5L-9yIF<b0)Klyg^#pEHHgP+hi0Xd|&Z#Ve<
zir0+oYu7vy_y2+1D>aF$<{|$P6%ubyP|;B_USMIOqrLbaS)2a^ZvG=Gcrb~OOhwWu
z768dp6cGH!R1nLK)33dt;j{EeJ`1m9_#dVM?LVd>mS^UQ#P}Zy%RiJV@oDJFxNBiy
zp$MWqt!VS|S^KU-x6!*rt`4z3o>6w*cp=Bn3(_aDkyV?<E&vU7>MAJV5(MC@X8@SX
zOd)oC!X<hOJPAS-y@nC2GndA!yA8gL-Xo%HtUgyQa<i@IzewV8c$#5#2Qg9aygMX^
zo`6|_ECt2RfcZyuSRA&GBcwhk?=i7Par;W+VE%u*Ey!}|^)^wDemT92eS%pIPJQ>u
z4V<GDg|VBkxh+P4T{mZoP}eU=R_u_)+nCl}ROqfeC#nHkw-#$%9fwf@28R7vvRB!D
zNR=mC5h)OBH}hMmuY`0ED>(dO)nJOwWR)71lvjK%zj#c2oHE2~D%;G<a``pf$&nmg
zH|`i^3hNjBhw_V8{WdI25BrnbW|ktRJv{~5YyzeJ+dfnHAH^kb|G~6!RxItz<x+Ge
zOIR~7(e+9qG<95>KoXX!k}av6iPZcl3=Y})KYHPeCjtBh%zgdu=WoLiF9h5wA`Ax`
zs9MUl3;Vr0ge+}Uq>}6-^$)at==8Is=aqDGh-BEzzwzj7jUJZVb)w>?6?8JJtO;Q7
zO4BUAD#l;{fPXYVy@*e%BPgbHz|sqCb0&xM+=X66)bw}SxSCmhs|9wL&URb;?@BSo
zz5%G&#zsh^b--Pv3R@V(!$FfH(!B}`<yl!JcfnHF#?L(KfRR@)rh;Tt)Ns!_1%1Rp
zenY$dY4zvd=4CHp`VxN(Y9}q~acDv!K2_^G+xJbQu<z^2nyaCH=r*oYZw0KDiV@q1
zcy|bY-g4Ji!7t3&IJnb)Nl-MPdIou$uO-a<L0!8pInIV`5EZQ`c|Cm$??=PhV4D1;
z!nj;Ut#b*EN+h_#fq|N9OK4j%bkJ5svSSJw$WG2hOwJjGkn7f#e1BabGKARc6~NL5
zXRonM1=)@0<*Otzav48!$noPdP)6EI2!8n;XWu~d!MGqy36GYX#Z|!P_@$h`km3u=
z$oQA`tC`lXag_WV_p>jkrMCDOsZIAaI?_I-vZ<l*0-3!#Ohq@gE6<sgzGXj_f0=5V
zRtc>-;r%ELTR>{G(2rn-Tw`zf<fAzPYe<=SNH`2-63A7UG1kBBGYz7hpa;yx?{*dm
zIF-e|+qqL0zEABY@E9>zK+BFYETF!Oan8Fh9+x2|DpFH_*8B4uTeEVb({}&of(0<k
zvZD*eU-C_mux#ry9;-i-o$PgVXz=~p%(OrNeMR8m)j!x!;;6#;p<>9OVW(Pu8Q&BJ
zUQ(Mb9Mf!d=;bbz-~;^5jd9fME{bA!7p5-92*KI|Caw1bv{u2*5i}J``lb?q8PW1M
zwmlFwDoR%Nv(aD|8cZLXR+xD^fBxVOY4K{7j@+8vuoRP)(k2Ep2=)}_1VXO&tQ31<
zxdowUJX2KVki?`=bqeyMnL>k5Z^1jx^7USZ<p45ag5DjtV?!G(+5);5TmGiKVBQ0F
zVBWW@u2lj_YI%F%`)7SWwo^6MsBmPL?Zn6?()l1iIATi+PAm(%&CnMnEU}D+VZ8V)
z^Hbr?fCwlYPxrAiFB~Doa}fHwnO#QUAfSA);wKMxrM^nJ{yJP=1@nbFIE)9j-3f-L
z1;%vrnr@t7!35z7EOVc<UP`L>t1@jNLbfVHHdPoMA$7gVEN%xe=>+Q~_S*b-?bEA=
zq`n<7twQWY9;h7{C?C*b-&lGgZ$%@GG?hVYkVxB+i^GuZgsP<i{!xn-lR!vz*79?K
z>3X%hg29W)VR~_Kl1{Gc3-E2%-(kA5c2D^pKMmBv28zieA)g`%!H2st@NRL=)qbX^
zbv<h%9CKN8yWz=Gb_^0xT;Q<&d9{d_k1Z|6$y*k?OzwjfJIMR3OV!z|z<<q_Ji*5;
z$mEF*Kbm1JI}_rdiY-&0i(xo)C#(GgcENVhlxyRNKLz~$ByZ+B<qwDM*5v8%^j*>Q
zHx>5Z6s{!;!xgW*V~RsT1_jI}7z_vb5oy_DwS89{#)0>}kd2iYmVPwBudj*J0>^kJ
z1%lXne2r88z^x$hVNC$5wz{?Ou2~sJ(Or5DZGSkfOx{+z{*H@802{Q|s=0_FdpyRJ
zrB4W8m7Un?e1z21k|yL8&+tkKI8I#ttmr|I`j(5@3u&_OlmH&(4pUBk_3(27W#h4M
z&59*6&|o0E;4LfF1WU2AO2IAUeis44YbhWk@gn=Ax4_G>#-||HK}k+>HmyDWeOBN;
z==H*zI_Z@XUq7Klo2Av|H?`8^;BY7fy*-F#wMwREo>Z}=JzU7o<HKhqIH^`^+{oIr
zc4oUMd?o@x8IZrGM;+eQYqD_zvZ8J=jkC~4Co?XnQ}o)X0T&C1Y};2}XJ=lG_@=k$
ziM*22YDA5A(-?UyyMTRyUaeoH>%i)py2QwV$0(*e(q2@&y$sq<p)BzofIegdW$Ygi
zuQ1-X_EOUFb$JLzYaZX2teaIVa$ayv9}_e}4?4~iX8S6&8{TbaL&U}!&J@OcuVMs0
z8DArOiK{kd<zM7KvzrE7f!6~r)M7x;4$I7<t&l5{n525``C==jgInF*``Op~j+~WS
zhq19Be|ijt_H4={`1qT*?Bdqzx^nPLN`2zxSL1F9oG<6Ei(VMd<X`PKyr|ZPNdzEd
z4yJwO7YDs_;-B<Mnk{0Qw<_3j^o0>7vfS^kdLaSZ4HBN}bxiY<m4_lMm4}dU(VSFi
ze(Q!J<haSl)2gs%hNgQ$dhH{=72xPoUtSG`KbNj&`_B<%qbK~D5%YNMvjudem`3CI
zY_*!R8XMj*t-oc8-A>Y0<!Cm`FK$HYg+~moYGnsjof){kR1^A4wX~7dzO-iMavA}1
zeU<)oA4P$UlImu|G{z^<(;Z%`SPS(|&i?V{+sOfO727M-m_RQ6JL<tFiF4t*yw=+5
zklS+l>5wR@?F*bs;Tt@Q*SNoruhqwg$-j;}twzS$Vd4xam5U=0*1Ca!Z!o%^WG`vk
z7mSY1?6)7t`#%KyLz$XOdFf)I!o}=Q*V9%N{w1kKl|4M@zFk>!0=JK#WD>WJm?@q3
zE@`4?|3*<Y5q80T6)lwO_}{_a!JiY!h>IF-YrT@<en8*~d`-MftW6hH($f*hpE%M-
ztgX!bLs?IPi@2EUaTNv^qqxt7vJFYrOv#jH=GrUy=GwgC9=>3^+ZZtu_eYw4L|M$&
zCE!~}6=;FsG7D=nbBhrcrZ7JRwqrM;#q4R$(;V!hkNLTJ9mtY|#)oP5`V^Q=U@wje
z29Lw>&QNowo@mZD)-}>@*K>AU<&T$Rm%12N-jRk_lKftja0Sy%3G{S3_&JHq+Lm&D
z0d}!Gup8~}yrT*ioPVd(Co$B~G7sD8$nsmSUV2-ho<A#4D8t#S@(?exE1?HZMTJv^
zqSVXh^M`3z;p!#glX0*z&J;PEQRq7JFBH`;0}U8{Ou%GMd9U@{=HRPY6tmL~EsJvr
z!=(1kj3@led=0!taT*Op_SL2q##TOXy<2&$@tF$ce2dLW=+_2ym4>--!>*o#dghNn
zjov=uNtur?IEEAqf1wuPVv4XE$FCyZ2;89#`08NSt9tuZNm!QE>xFvFlD^rld_C09
zs(>Bw-=dMAv~yPX$I7jsux7L>&RNV4!9DuoDdiw^T2(u_CP#)T6&TEcV=peO3-QT{
z%xwCmIXNDzzD?97M|C#Lbe+t5_GP<%IompE)$_%YkxaUd#so53&b*K$U^^mBrf4g3
z6+5YixZr_iZ(&y0ML5Fl@F{&%rKb7y-=y>*o6|@EK4q)AdEUhf`PYb^fON}4cWvcR
zjO!S8;M^(ei1$%TVYfq8-A^z(j)OeSPc1e~4YqxsDbL$FEW&#AE)e6Zzjt8ewecxu
z?CDQ~iNx$0!$jbx<AZ56hUH@$Vdaj+K~HPsnG8kR$l_p-CjGlK3FyPuy5^h=AD_+l
zRSej+epSP}vOoPtsubUtwbuTk?G6iM_qxPFIssqSi_$XcZh&v;X#!Xl$m7vc-pm>@
zt!AwvzAwLJIb5ZPVq~BIXldO6dOl3*X^#jtGqqua4v=-c)#7i|O;7?47w)kI3Wu=a
z2&j0+y-9YCZcCk^Z4v#&qtMM(c`wqIQXlBcdg<s(TV!OMu~)em8Rsn1*5omE^OoeN
zbV+U^Kd@Z&V85*<NwJVh={LNmkc!1uTjg(fj_3mo1UMZMqZsu%`lMAa@gdZk=zjZ~
zF184LUiS^Lzo{PfN6Ig-XB%qMy^jJvFr+_VvIEq#n!^1wUN(iJ3bfFM^{l@8q#r}?
z$MPLjb6u{xI8)i7kDuWM1Q(tZ!{j}J_VIRU73rg(H4{&3u=Z~j-L<Y49jvVR!P(&o
znB=0{1=!MGUVcVHUq`coRGx-G!{jKYZdvEU>-9j>a*p2n?Bdhd%6hsqn-s*y@M>@U
zWxuPK6MDb>igqE#)?VKv<34@O0g;jy1u;%~GBE3?A4RAC?X8%U_wEX^-qH{x!1wF$
zu;0kjCuNF4%ICxL(1NuSBH<&nsITDJ32ZmSp)s64MFvhr0qef0w)_e~p6mi{ENi{;
zb^~PN06B)0kBVy~R*1bjR-*s5VcKB<7uvsBa(nRr2LW-cF`jQMlWxB2$oNf@!99SE
z1oW2P$;T|Q@H?3;!W>Ufyk_3dVfimSSWLCiE#|CEOTte{EY?{?2TRJcwW+W~<1rQr
z>?A3EJ~>PCwip{2kLb)Siz$UHVl4{eknaOC?qoQ9GHzAxx$|EYE4{hcLP?c_&j}zG
z_G$UO(GlUotx6mNg2ZrKkSu~|F<OoR5FA(zC{fs?sAewPj<lyB=}I)Hm|n=Eb(zMj
z`iy;q-T$!a&pP)-<JE{foJ7yN7yL*ulMvD<O4&aTwq`V1peJLJEH1p<DH9PvdbS;2
zM9Zu-qSA5E6BW1HpC-Yd+_ZUAdIgABs$cKl0PcRXUVk*6^+$#z)Sl1>%)CA@cyW9{
zy+&?YKSqpBvCcPQzeA!sF6t)BNSNR-D3zMqh~N|G!%9)_x-MHZ0aGh+YiHC5v%bbW
z+Fy_=-q^X*UdX1X!Z^`r<O>jNw2JX=Xd7>A3J{!`<aZvaayW<XO^CvVdf)oxKWYUK
zoymGrJnGe5nF&agi3d+|7=r>fX4pI24*++grsWsVgLdS?PkGP@aL(N5a?KhCm8LlK
z8dP$;$0(gYwhsGHs3KCv5&{aSni_(q_zvZL1+y#VK9Hl=(L*wOT7IuWl&B+I0kzHl
zP#TPmY}w^@eW0*Ckk$H)qDpJaLy@!ZRD8pVj(78u(qGM~*dz}w`A4l(T5eF-LfaU*
zE(f-wiQow^R;iD=)fono@^a3{9iNb9-eY)TfVwKI#JmID+ZY@vICu(Yd731TmlU44
zcnL==?fTRFX=Twi#Xen{Ww=3u#-#Mnp!z%|PIHGjxDhBUl_jyuFU0vY>gC)Z-f(sf
zQ3>SZs0<mg-wHVR??FNz6Sv+Hm9A$xu9w!k>nz+pz>X-i#dV>%tfQlVJ%YR#r$tZz
zGo&Nn+e1G02pFoeF~c@)KT5d^R`*nQ4>+FItlfs%^pcajoYQN>iDR@^<*;*o{CfjN
z8=hNpp|0t&KKWLrE*q>}kFe~lhR;Ii9)I|APVN3)a8h)zF&6*wnjd|jftd!a-cUVv
zW&!=;8DtF&85|4A>uzdn^q0Et$vQ&k1n1TL@?)izE>0VypB12ivHqIP3bU96+@S@=
z1Q#V5l!5vBDz!qUm`j&yz{e7n4T}N0EQpUqM8}BqAN%VFK45vBWu;F>jCpB&`z8^B
zOS8VUe5Q{D!AW1mHZB2fW5uflA|qb9ye&z|MsJ%A%f344@}4`gX5IN9f(5T)f@V`W
z7-bhM5ht|OJ=bF5p$^OSy;UsEcpaKK|4{BtBAaC1>$UR&$IJq9Ku%tPIjUiQjR7^u
ztSy3U=33v=7O}Gx)Ah!A#VQOt2;FsXCl|DX-(<(ka(H;=pate^iD5gkKzx`SNSbVw
zTh*iZpBVmh=w8N>?jzuJ4kYPYS;;#7&meR2POvea6?YE$JJ#ml)Y_dGrz_nN-|!RC
zG%jaNX8@lGl8UmixpMse>fJF-f<@>TN@&*LjwHePLP}UQ@ANa3sE;tupHdpF^7kYB
zrNa2NN8ULmzEKu)pFz<VYz9?1sGC{OFU8rFF=#2*W4k>sG(G%5T%0>*t*vM%bmVH|
zuUAW2*@}H2!W&|#U->N5n)!5$S?04U$G9;m_c+u5PeZkp)AJib(nFS6(uTWb#H^z>
z(Df>?tgSjF*dH)t@)|q({^v*i)8zW9tYaM%b)J=8A0u^nCv(z|Fmk<AX7s!*hu8S8
z3kM$r-ra~hqy8=%afl~!JcO2Cm-75f@OA^>DEveDf@fbeDs@~x>oC$<zknU1HB0D|
z>|f+yK~7ZWiedNa+)O)*?$R{ZQ`2L1oIH43epwi~3{V90iYdQo5L3=^zcDK(EnupH
zg#X@nh~js`cwQS0WmCsi5TNLemCZn2G24?KV#?)j-fPm;hkQi7VgpsYP~~Tmgqm0h
zXn5)m_RY1#)(otcK5YIRw|;kUX#HqRfWSYL=C~V<H>L4awEnBJ30DlhJj<1?JyPBl
zE*({)TqYGwz_<CqtFy-5s;1~wS$1-2e^Z+LwSCOgRV`^q-(+CsdnHYv=p6zLa_2Fs
z1<);z1mkM={)!dx#55$#|8xk(;1AsFKB720UGRl{5x^6hE;LFjB*}19@SKJ7LHA$b
zBzY4p=5Au=T#cZWu@J>P@5^Kb`@zVJ_gUU+xV<f~&Fs=~&h-s8o{1hKfzl0CwO0m5
zPqkJthuGa|UkAs}f7RYq3L9uoeJ8kgNB$2*3;N1lJ>BTi6PT05W0%%D>+<WUO(~z!
z2}d1_v-Nf3qU|5bIGAwJ(o_6{U*u$m;mJbfYFrTdVNtFsL$OtK*_yqo5<c<YjLc_{
zla1A(3xi<OBVBkGeRZ?j9s6!X`Ea)Hm#ytKj#6)RbEZsZV4%65i%3{eX1>#a&)?cV
zlLP~hxS;$zJZc-KT6G)fwIv1TJ6a+Qhen08drzV2$;_@wU8iCI4eOS8zNc<VqR|*z
z;NL{LFtJ2Nx#n|Ci$3%LNugloB%u9}G27%|%n&^oOU0R<$OqGULYt6Xe!fG%*2-b6
znvghG;jg&5=L@93gJ^tpd~;|^`8CwUkscE>#7&BIsUkY<?E54xrCB3YTGf@qQTDr|
zV*h_AcJzN?Wx+G`38CGS3qFB*LT`<lv#{4Sh$W@RT!0mCf|VT>JeD)<ytpu4n6G+>
zVUIl(I=N$sSxNWdhR4jmZn&zDshU8mZ5U6_B5&Ju=ykYXAY*eh7LWS66P_U}*l-0F
z{B6-DmxQALj&8+id=1mEXK_rQ=0G4~+e8{VSx0<6)$)jpHV70}VXSTD&9{*4_-WYL
zW%)!UW#cV<nJ*^C*Ed<#kN{OVjJyV=Y-?l_f0IuG$GopYPX>ta)7s(95xw^sDN0WM
zjekUag+29?Oc-^yT5nY^DJdp;tA)woRpl=NV+s38iTbQzly+ZB#~!-kqt7S5A8r!g
zP?V<$n+vl0Ivi<wc9qjIHJr5;L)-PURl!t;s%K(@b>Q6Vn3%i#?IsE|!P2<b_)tK~
z_c)~g8pljKAaOZ_&xp}mTJWcb;!m&L(fgz||2cOtqBb>?On8R6z+b%pdm%{8b$L@?
zEPaQ4)r9PIZ525m8@U(n$5?gg#ZpI`w^OYAR+MHhHvw61s;bbx0;>ij?WTklVpZ+!
zc5lzGfqmgBQPp18%zS`_{E-ULDGvEf8kEv3f?RZYKPHrCv%!h=UH<h#hPG)XS0^@>
zis-o#o-S-A1A_}Qec~7)izor6=!g|fxO4bRcT)d|Wvee*+P*`7fwfoeHwt4%yTd9$
zF{JVP$_q<yF)cRk9cP{TCP)i|LVlXfB%k5lI^E|$jyDVQ6x*MeP8KV{o(4Z$6D*|E
zu;Ti-i;rGf+(lC8b+p7V>tZh8P4_w50)BVyjdr>(sKBsQMOeQsjX2770xtMzA!yA7
z5b{Z9^&X1UEcyD9kU=p|jm2sB;N3L~|NAKN&i>s2$vkT>r!JKz^6)2$v+e9cRfUlK
zK%y)M-O&+MTQ4g@|8kSO^M=oW`P<SDD$x6m7{gmw*?O*?L?A3n)=Pfyr7<56#{N~S
zW~{Y=e%gS)t`LQk%Es{WvnJWVa2g~*#2x<zIK<i~z@TX%P!7Idt?|I1m@brFxG&&g
zo_d-zwMXdYXxF#41;9zlXdynx?YwuvuWkKYJ3Hf4u){aB#V8{H*n{>VIBCLNm&@8K
zHB__qB=ktUbveE^TeSD}dkv~Uz|6!&67a6yhE-GJCHWQ^uri!)*a^rY5N7c`I6djR
z7KKoGCUU7_V&2RjoeI&iVW~WgvW-KrhT3&}(=j};kSG3}N}u&UT6S9a&-u&>6{ACZ
zX$$8eraQU*UpUC3MdR>EPq7N3%q^*+XbTk-BdL;jvTSfaIRMPAe|v0wWSjZM@>-C6
z@CFm(_&zwi!7M}uD=gc~WwX9=B+w0=k?dD)W2w52w#ojyn78>D2Tt)1es<-B4<kM9
zz|7a0nd+(2%C!DKjx?Ze6NWW8x9rsTM_C1Nb6GA|%xe3Eh?Xc1lE%|(oxflOfUb(M
zr*J9HqAq!dnwu`Lg!^l0U=y*Tn8hZ@i}QDc?^~g?#o}dMbAkR+x#Vyrip6CM2$+{X
zYr4sATPn@Ht&iui>IM*KG$N+_3&Oo$KJ&4wQoB+21`lE+lL7hSJ)+h<@3vfuc@_`v
zMK2Ts4KHf++Sl;UGW;cw{Y_+4(a*vl3G25<0E;N?^CzkXOC%T9;&m@SO?e6*sd-lA
zy`Qx9%u!(GpL4Z@G<bpR^OAk0Wm>dcDAG&1lr|gW+!PpgQ|8{`p&Bu@suR=;i*5Vz
zRyNkD8T%JG_H5r=Xf)cbi$6|Xe`>!_%bDecI&?HhRxS8fu=Dg{tpdK|PAXYC6@VEQ
zH3b;17W6!|xou(`F^P=4U)dAGX5f(xvO0%EmYltMG3?^G@7%zGL+e%N`tYRJ(dU?e
zk5UXrT_{mMS3V!6&J(-b#faQjNSW>ymZ}}BtP(>ha~<XbLfK4Pm{=R{5$)r{EY|@{
zHZxnZEw>sl7Pq;gyAC}=W*AA#LDod{J|>c<(<VUjbV#BO^A+;*0v#O_<v*Sd;|(DZ
zCM_K=JrAF(4go+;*V4)(JQ<5Y#`9B3VcjG#{|9Yrug@E&G<p_EsYN}tzb+UHiUs8B
z*Ej#aN*tCHT6yT|o?ad{p`RlS#Nt}_AIe<bn&KMhTuJ)U(4XU$hM@I3Na0yJl-M!N
z%G-UW3!rE2_tk&puma2VjKkhK{gs5Z$6()cBY?i*tFtgq@7T=Q4)r!{bb%vYyViIa
zf=Hgrqu#TWv(LJAb|CMiU@px&?`4XR`iJ7p^yh)&dxRK+OL~Km<tKdk#|eB9@MM=r
zX$GscuULbPHtfes92aeYg7|dKOXxODkj8-2T9PJ%-elLwSqs9+G=WvmcWIpOeHRDi
zL4}X;vSBA_+1-m@rJbj93?GcrmZd>DD>k1L4C$P&I7>QW?jg7A21e_^@2w4CcVCk#
zNrti+?RXFBmYYzo-oJM}Z1D+v2Dpr7k}D{weddp97%z2ElLU}S8_i*x8@7KWH~Dpf
zCZ@q8uWfM4>%<>FTal$1xUcp1%3Eq+YI<b4Wd8fv?&Li(ai^G0Q`kzZ%Jm(;SE@p~
zZQEOj?dB6<bc&Kq3Kg?h$7af!Ce_rJf-}~iR59}0-`CPLmn*^|H-#{;P>oT&+tDP6
zJ$?tXdpW&WQ~a2x5~?uNunaIO9b(7g+cWARMJFR(B-8AUep9!nxoS6&OHFnOol-(J
zJbZgu@r8^CR}E$J8z5u?BmP-|qd*dKU0B3uMb}Y_jOn+=d^_YFh<f`t3E|qN$?~yT
zq~D+6ABt(b@|jZ1U24ygQUzuUr1<G1)gQI?;M_&CHRSo6Hbe+S+LUr;RF&86QK;E&
zB9~@7Pae9jcAE;J?8gjs!01=SXz>*2-$X}m;EjhX6_H`JrBNPi%MCF1B!3H>y1HPE
zYE1&w_BEZmNTcX?qnL!Sd(W(1IZ6<so^hOY9(XbD1K*^oTKV6l-<n-<oTWOyT|eVc
z=QTSl@S|$dRr$g_bXn@ioxph>mq=)FtxW|WpqjF8zjX(7DiYIl?ud}5UC<(*YLez%
z3tguTy~I>Z-NO1g=1lm(Il6a;3tL~nGTL|Zd)-6KzS`nu3dzBSsEH=j%Zj`wc9_wc
zQP@53ns;~UBOj^@<6AXM2o7$`SMn4xv33pZnhwYjeh-!PWBia!uVGNXKlN#U8Pydv
zeP11&|59)HCY6jwMB-ON@8^kwr;_%F_QZ0+m-neT&YCsi8q(SRNYdAFV20%UjgVT+
zWex0PT|4`NV_ESl=bbS4^R%6Bg!qRae~5MO;Inc8<d2EB*1C_T((#Y1i7v<EuIvc!
zRH2HM>-3EWRrjZoKTRoDG;)WMjGc0>(I(Y`w`s8>oeTyO9>|lWE6%Qk4=Wi9AMj4<
zo6PnV{kPBP<Ob1#Z(9_f3|WpgSFDxEi)6&s^rf;|$K*nj{-NN;xYC@<(OxxI|HR>}
z=apSHSyOyck#c~!0;$w{T>}oVRsW``DIagPR$s8MWVa=Yh|_j`VkE<0GT9g}nB<H0
z8CKW{g#P;YNYr~ST%JHWFwY)ov@UJ<dRbXm3~nx;p|ijBA<`F^v+;(!)<iLC-st1K
z{$WU3w-BxOE#jv^_(zGU7ZJt;Ei*TWQR4&Xn=GE~=tmIvfQ7)f^bIp-7KLrU;mLi5
z{j)1!WQN`M&Y)I9aU9gyb@{NRW3{;T`%JM;j8~`_q&g{UIxD|g?m)ltx>`$XjC#ku
zpBs8}mb4L1RmF$50BbwaPgv0hEJ2SXmqJT8F4CU<lGbW{BAe^J-#@$KWO!OFnmVdG
zIJ)my?^v@)f-?Gd+(r6bWbhgCursOYk2Tr8oiGy0?i<amwhg(nxFb%Ck`@!|TW8Hu
zp4kzeh+mIG(fB`2xBFe>LM}&pU-x6q<l!=V`sEz9(BHr&oi@5CAQeV?9aAdDR1;Px
zE6J$brTz@Jdg<p~=cy}%HU36v(3z%V9Cr|=p|=U;N^NWUYE=_C$HT0)(MPjrQ0+bq
zyFnGbHBP10O0?_*T158=t*TNFCb~&V*70(!rV)s(X?^*c-B*W1ygYB}TTxTe^Q2zP
zjnRE-`hH*Lpd(Hqk^ZTaN+dF!XJ3FnXZbl9gFDZ`)n;bfkbwBOb>T&H$cqI<=8tOw
zF3I#4AHGqGp?J1r&70<Z8a|{Du?okxX$eH6d2R*?4`tQFZ$7g9Ce4e0CE@-<QEAM1
zT-r_Ii1bXXjnu3AcqG70LJ&Al`=x6*z6aGc#^77T2-$4~ozYHy(@p<ZEQzALz;~~J
z`zGH*-U;+7Hh4*7N%BJ=f}jP(L{AyQ-A4R{zXI)?6D5{QHIfsCRa?^~&!TUivL5tK
zS3*@Ey=|Y8AJjGy18O7k9yYJ#uBDvNw(r%;RYo6oM>v00h70)`)msMsLkWo`uVJq~
z0!<)fYQNx}Ig_Qvk+U(q754BMAN_}d7I?WgpW!`iw#ji)VAm^khZB_Qis!=lJD_@%
z-C_K>vEmk|h`(qHu5c2T*AL$ScIS|s*%atMdi(k#+Br+$&!S5L6u7S5^`Sczf}L1c
zxAy-~MnM<1iMPUE={iw+67l|&fH@Z`aktjyr>K9(KDdOC+{4XQ*(vL^E!Hl8p{qbK
zaNB<D?W+_ihuPKR8z`N|<bw4-l%O<%r7~0A=M}cPiv7GZph_jgk@Msz8F4W~5u~4{
zl(C;@GdWm=S#x|a*d|EPu`huuw{4O`twT07tHQg!XCpg4W4HV;1)r!bd|HH;{G^}{
zJ=ppn)2it1E@BKsk>r&3G*FdfwBV5{G3Kgyys{F$_10#x4OWV`HCh1i@h$`Ka`3Nn
zrft7vW^Cu9_f5on7wZI|t9nZkTRwCw{xQ~UzD*hFodrLa%$ipzp%OA64fI_I19kaj
zC7+belH^IW&&Gb5PfkU>QK{euNe_=}kQ2zb1c%p+G<4sjfSPxS=RU(prLkq*qy;Fz
z1tjVqszj;<xI*{0?VePFMnO}-V<H^}>KvVnoywZSRjQ-IEn82JWm8F;(Tw4y_NrQh
zM|Fp9`b||WNc-G3Lj>4$Sk<*$<6Y%}$Taaa`iFAGjw0TcamD$)60{n*)!~gf)tY`9
zk~aOoexI@0g?Y=FA7XP$ZO7mmzGxsx{Of7%2K;d}w7c~&`{WWadk;K#VlV%PqE=BC
zI#CW=Els=7SEbMvs8L-|X%w1Q&!~m5H$IP*CfYw0{q=t1I6cX0I+&g^bq`KFF2DWt
z$h)>?^0}+RXd`0}IF|ko1^bZEXf=3dm)Z;K<9&veYbN>8J=Vq@%*<80^O<Dus<&|!
zeLft7c(A69d<A@}MWQ)|z$b)O$U8%1$_z|j>JsN}+WiS_Mc3rMIRhOzDIC~?H}<1_
zc$3y=qs=X)u97%=GoG&qrF=@dqNmT;?X`lY&q67U73*HyR!(=_D?N!<RNK1U+N6a(
zcuIl8X69#oNpX=vY^Xk|Qm~9$oZN)xVPu#%s%viEn)CavA4a9I&uPe%Y80a(swmMF
z$*<1`Ss{Fbr^^@SKaE5}3<{q`?fznCRkt4chn%P#<L-;vm!unX)m7K)k4p(t>oRii
z<*e+cCi&->wd&}4HCi<rPfzQ*M*DbE6O}|8bYC1f{zLg1MnHXEeNKvt{{)f17wXX5
zy}1d{pHF<K@K*ilTSrJ*9z1)I8B)>-4^0~i)>k|L?jv7{5!;F`*MW^m(I3-^mY~MR
zd63w1Iq+(<t-FfkypqcKjGfS_b+F~YB(S4oCO)&PH|Dwa3uP#NhR4#(X8=F3zV66-
zcX?a_+nWK-rqiU#2NNTbfk<Jv<Q7GZWVH_G(0OPByyN4w#9`G!Vreec%;?X;!KxS&
zmJT7g$B6=EK7(_kg*FNawkhx7<+S!M$LxM4p`5C`oKdSm?58F&-dufqK;VH1(k4wc
zI)>bV$aT5iNxup|c_l&hKEt54qkB<Su;x~~nSQ?a_2UXtXliTP7jcfhG`FZH_L|U%
zFej$t<Bi|#J5ElZnc(dCGi46zNytxfHvZD_7%mgRu6&&V<r<g|F+emv0b-{m1Dv~T
zGbqU}%Wg<Rm#?`-$g@M4_?%hRt*Dt1v1R{I&WUYj-b~5kChQg!=Q3XgCtAme5n0cI
z2I3Mt%gb%7)*e@6c!~2I%ZeU26q)gO-H#xngY&1?Y~>F`PR`NS2yt+YA_xE`mMZ^9
zLbl>_+7^|BTKdp*o_-zF!ZEh8?xkAu52cOp@W&IISlC_qwI2IR2>vjlh@JXK1SwQ!
z+H95f4+ZBdl^qxUb^(MHh;F;s)-kbNHS$f#F>oY}NN@n1+AG=ypcdcBlA2XWD=2~C
z{&P=af0xxV_0|ZWCXYnE!<T20d1e%7k_LavoLM4ZA;1dmlj}m6!yKNc<#^k@^}wa&
zUPbb<*r?ip#aL$G<daUtyE)Wbn-9<mg0;0?q)}0-;Vqg61^D~4V`oExs~;3OBq-u9
zN+-0%UJPlTK(-Hq32m507u>WDontAIRdLLA^gZtP;Rvc+mn_pIouj)(jImZYu8-PZ
zi<X+dQlP@}n2hgHe*{8{gAYm-jj`0pYdnpQgKfwnmC7w5Y6TXYNA5$BBX5?;mUJ*g
zFHEWtO=_h~bey{$RJm_W*Vh;104X!HJ567L;c~ciEJo$**~gcy`ljdSWc!0rLh5r~
z0d*WF>2s$~dv@8+kYewqyc3;@y<b5hK>bikx1JXVThF47h2bc{8Fc*fm%qN@S}rXE
zcozBFDk`6pwjPwQzN)rWcoIyv34f(sjiP(J(~dI{UkpEH{27{NJ|TUb(@@HIA{SQh
zRXUy4W~vU=_qoKEPT?XEM|ZzszmfA#;q>K{JII;s+f^W&dLF*!GhKm@(<s#(!ezFk
zY;4}SdhAna4COof!b6%};9RnbO3}_6O&Q6N^3~jT{(<%-u@91|DiUcDj_U~#HM@cZ
z%{-kBB=O8ve`!_y9S+EccjU*^_e)|Ir(mnXs<f{Dor%kX@fx_+bNzdN>6>X2Ycf<H
zx)+G~_4QN92}KPKm@5z^@RI!U1j7I>{)|cbYsJILQTW2NwoQXzO0)QK-cqO^2tRZx
zVl#B=3zwi`T-b@je<@z&#)NSm;%kX`8b<di`0LXep)cf_lNNkisoZ?6Bf>lw3wsf3
z9^AP7uIyh4ckJBOE9r$imPh(CxIdj%ggNc_W_?ak42|~EN-V*{v?O2%8QeDzb~TZ4
zd9~^ye5)7d7F1`IlC!-=4ghGRryi+b+png_a_P=HI0i<T)w4U=#FW+sM0?Y(TG6MQ
zjwqWM>O7TUeNNtMsJ&k?dV)GVbzO&`Yco>ZA9;yi@$7lku$8a7TdnOvsYA%7yxTw{
z2P}K{AUVF4&Dh!)eaX?tQf$gxN`^OmYKvrZbQy)aX->a=r}g?*I@ES-Z>mZ<(AU6m
z4GU8)PGH1szO!YgHGtUotPeIDDB7t?b6tZXgZu|t20%(|G82rIV%-!r&u40%Cpsb)
zkM|?PNeG`Wvhp$9TjoW0!o@H>ZQQL<YOxlVRqHQ28c;k(7S$6wpJT^Em$ag-{fO}<
zV$=fgg|BpmcJ*K6jZaHFs8kGtXIeQUHI44rV4^W`eM9<uZNU<p(aMIP;@5ITV@}RJ
z5)3!HB+@he+x<JX&$A7>^88q}F@>BIM!5lS&ud5P8O^$bHZXSccN_j>Bv7XU_o?)<
zveV?NffuHHJh_4Y5u}=>OISOMdMm2XHo;cb?(-*U-f!G>y=xs=x$(~qbK=iMbrZ;q
z+E)(|7hO3T{I#U!7G?C0P5hx~=&N!bn`(YGJz6EOFf5PFO;y_P<LzGX%Q-a6d_$OC
zy72>RX5V<zug}h}+x&pe!Jm@azYtvhFhz@mx15xfWSP9S6AFJT;ncaMj=pF1rZ3U~
z`cNV`vOs)AtRPw~H9zfde(yk+0cL5XzV~JT5JAR|Sj1;KW8crK*V7%s3$G;I8U;uF
z%V6OVEgG}#I}Ek=9MtL>`2+(uhyqECwaWli^FKR@n}fUcP}t$y*9yt-q97*b9%4C5
z->SsMSY@5|g!nPVMEo{go(AD4)dWKiWkRkQ!XMk~bBo8C0quWY<-d5Jvwbcpu<bE8
zplTB9egz>h1}jvgv?^>i5qI{JWLs`B#hv|LdDc^(1qVrz()GPQS_2)6Ncu%-;*<W)
zqIfS?<Eh1P1H2T%Y!)y;y+r&7W)Ik3j2~mX?nSM7-}I-=hH1Vsbg|qdPJ8RGGU<J^
zl1*mB@tQNe-`t<r0^~jR)tin4z*?~yjj8Whx@h07m3O})CodeBlQ=^Z813lQ=uK<x
zBnkZ4u#=xC7yL|+%v6~ithDn-W7hE1b-aGX`C4R^sURylEZa<Jdvo6m=jnY?Kw3F&
zBDYX&X-W(AUaObGc8<MNty7L)2qXn^7!cJdYQV;r8<V+I8Pasos&~t7W=xY*GelBa
z{Q@3M`eg_s2PuJ*^h%jAVjOnp+oV3C)g>uBR+oO0>RZ-*bE>pVOyjV+4LL9|DwZ{u
z$Y4*{fA8~5Vcfn~@H0iMJMxlKi*y^*+O@W|PpxyOP0H>$c!WRI@(;y9iE+Wy^)a*2
zo1L7zd0ugB1`_&ZA{}aGrM5GvCn{o|Sv4xWbr~a4;jFDotuoKB(XGyzp===e6VZ!s
zbvGCoKGaJKge2H%$xSvYXR}k6AD3uk)^rcDX*gsJQ|r<-nRPdp#$?ocwn5+JzWUXm
z-O>U0b2(nlG(VwgQn!?Y7csGO6K%6+nI@6qG@F}2(t=n$3MM3Se#Jq-x#k$Si|vD@
zxPR7zAyoZ)*{s+5tNuV;jnRN%6QW%SuRSa8?Sa{;2R-G{x?_4K`QPq3u}`{E2pskz
z%hs_Pqeqr`@2W0FWc}87?B9LF`usU5$i2>a+3-PcN{iM@I5ul>%u5JcQ8-9#aW%A6
zFOV&~<k@LSxMn)-i5jjwrqgE?mwbNFpO?3|=~(Lt-Jf#ho|x8d(ykj|CSPGLoX}S=
zxlh@XQQL9j6)sVDX${!9Q)IpTo2Sfg^1f?rn%hQSUhdtJf%yCqlJT2Kg_p^a{=~0H
z0o8*Ox`@)!*V>-KThFoop@e^5>50kBfu6N7J%fpas@tn18Lif&6VAV@1*b?7&m^X7
z1Fy9iR=BQPZwkohMJQwSv6dHVdfzAQjjHUfXCUi$xO|iz3}Q^q4f48s3#*$Ub!vTF
z3{9=4Pb#SOa`7=C*PhQ7w7}H#(FhU<G+|Vg!9v#goM(n3$~W!gE4wmSZ7+fgG+{eJ
zW9s9MOrSnP-5N8Mqk#T3A2+FzXK!WFoqs5bH-oZd_XC?=nMyOK5PEvfQJ>?T<eq@V
z9-AqU&Zf~f#K&eejFT;o$eK^S>`A=PWx!3dn^;t|g{Egp%hzPk;;j~S`1ji7FN#Ag
z$WRq)H0KN)V3}cGce(0mw}aIH92+dh0VUBG%)knX(KA%7fX|%vtvpWQ@=3nv>q#lx
z$bL+H64|k$I4tpmMleWl70Nj{zx`D!FxSNF-c_Ujp5c32esovixYpaSAYM_0z1zu^
zx`Ovf^|dmF>g3<8He*a9;jF>lNC3B2S647RA8N3;SlCm1S@V8L&0x4W=NSJ%H4w!_
zCIkmY=Ohj_RduaPdURJz_}Q+api1L4w>eYrq=eFxN>Iy^$UGc|Q~eb70&Lrc7c`=2
zfsS?Bpe0$8ynE2si_;=%)?cngne(_Y){B(+j`)Tmw`ZHQ7@A&Yb&IDXPm=9_*%ef7
zRmL@$70gl&_ja2+^tOq;f@h^>TJm!ymsd@1WCKmp$ZUi-(*=K=3`Q%`7gI>2KsO?Q
z%Acqi0#ZiF+s=B&^8cX-a09IvG?Ln#E)wPS*`~NDg@ibnp7&mr_KDY|A$*akY}r3e
zRLflt&UqCQ^e%XWt(a8mUvZNS6n}B=@-|zL!H_C<QP_W0rGHWfQ6Hk;S{GQ~k^Wu;
zH_(;yP+dCfc>&NxGbzcD_1yZeg5SdvvcRR9eCCN9BHnYqZnp#Z&wK0q7<5fZzw7*D
zAOJPAzw@{^`=e#AiE&sKo<}OOoTy@N6T>KeEKK%Slc*>$@j{n@AiL2xXYY-_FrJ?I
zvPGrKr<~)>kaDM6<}k^071%9wpo~lPAIhe5`>f5x{y-v*QU8_rbP(!sf(hP(I8?P_
z$lL8px-ID~_=`n1;DKmp>m}Dumk)OVDNP(b9{VP$ZbFJ47$3b{e)_;5<+1Y&E{S!k
zBXW#R053N|mcK+r86w+><E+E^{*9tlksA0{ydC0`Um#HJ8|CK5g<O^nHe4~uVXvAk
zKBIx+&tLn=%ilxGsBK6~<dc(C+c`ikB(5Z!9`WJx-Sdon=V>I9_0o-r9E!dS6XQ?a
z7i=gv<fKkB_sYRso7d%a`ih(pA9UogG*)*z2p5Go<@=lXJocr{TPxoLE+aK!6E<DM
zV8<q^Fd8WgA@+HfbL89%f>nHNA+>EGdOvai@6RT;S<@^m5AUL~9X{F4+e9X>rKY;o
zf@8iIr5DGKS?x<q>G}+IX4&S6CcL~_;-|9wt^B@q3DB8o5B2C%rO&T$NhjtF-Hv)r
z6L0g$!;1^@fP|hh_cL%!`f&Qv311e?_z~Oq*_=(5I(7vVmqy<8%_}TlCJ)WCHa0D&
z=c?;LF}ZT~ks5syGqHtgk;xEuia+bczF35T<-s0{txa^?%U|fPfvX{D?Nrn@BuOne
z5rH&6gj&35-bZell7-bS_qNk<Y+}rNQ0ZH}TX_p2$mZ<Di!fKfgz5fxAPrFT;8EAH
zEm}ZU3xkeLUB3&-P?pjEF1}(59B);EmuKyn7l$M|jt4lTk_*DoRqI)nQuRH>Ua?sh
zKaJ*uen6@RJs+0NJpkkMB-PcibNt>?=v;UD9(47vm<M_GrW%WSTwJz_)&!(g-e<a!
zHwQv93V{t9+peV4DpgBAJElR=&(Pk)Ew)$N=G+H$O#O@V3$PVc0~RxFK!_v5pVjP1
zALWaqmx3XS;X+<j#V*8NAvemrw%sp%az)s`z3n+fTn@KNdD~4S@DJbX$GtIH13H-p
zaY&;MHx(-SMi^Ht-1((vk_;$DyW)Ihs30Vc{D+cej8cW7hT$oe8TzExhjXLtPhA`F
zv5T)+_kFi2bnU~-JKfxEqFAkk>9Z+K0lE78$jo-!#F=TNuc{x+Ab>kRO|-wSuxA&N
zR}!l_28Wgba$Wg(l;(;)cGPFJN_9OA0vZZ|l5h@Yy|%6jE{9`_-L5?gBt}<$QG5+l
z-+9yciq{iLbed9v1pfd^qh-ane<^C4I0NEMT%z?Q6;o2Ij_);9i;IP=MVhl>bB1h|
zj6$%k$7ZyL62nCr3X%C>S&u@OE{^VcOr0buw6SFGws$@!eJENWXA?0PV4Q#_2w6l{
zc5un>1Mpqe7~i`%*6i#iVM(L4K)<92%illL45hi|JQ%aBdj}8U_RfmELsb3z6*g-b
z+{65OZ2-Rw55T1+oK%lO72giu=AKOSht<@NyA{5E4^jw-eEG?wd*+-@Ze$kc#%A~v
zC9ScqxFiEQnKC4KEJ%b2i&_wG(i3{TuKSdW8+|8JLQ>>M&0Lakkv<V=_cUL(C-|0e
zR7$oi&(2Fh*{h!37ZLLoDIWL~ny*PNA8{ut*eH0z`s8|?y8SNmLu!rncFQ7ulH^Pv
z#UgkGBYG7Dd<>#HqiHl~sq$s8KSl3lCd?Q3C1mRy`kZNeyeT^2C1AF;{SW0&#J8Rd
ze?=9g7=>0vWH5MuJ@Che2gW608$n@-<bb*K0l0Y^Q%TvL2={IVn6~@2!cZdNxX4_n
zbP?63YM6GM#|SG}$ry*ZD|~5|mZ8TJn$8;M>W^a(<#vv^Y4dN^5*oNYFY90H7=pRM
z<fP9$Duhv*O`DP~D~tgz(fNh%l7h9`Io5oXvyE(~eyZy%lL{rjD!SBWEr%Ca*Yrsd
ztNJZ}9vfl32q<SpGV!5^rzz!YYqeyN0ANe|6RCAk=BOW`7^%Bmp2}w$aY>E$MZQJS
zyp|q5qW&JN^!CRWLY>8{b?=se=Mr)%OA~5``HszeDGd`w>~~<<`$0ePQLxKO;ck7&
z&D3*;lSsY*f%b^1HsFe<5%gn#?h0OEJ9q{$yv$}6Pt<i1jq3W-Xx!YS-R@eJZW^QC
zO#Yy5v=IzFM2vU!4o0E(`wC$<$E~aZc{+z`g>KVESk=(7wiYWsXcJ}BXR0h{6SxvV
zlZU5K#1KwO%cVPH4;4-5>yY8$n=_jfaFfzm25${gJBft#1mFKPaMEHeo*N6tGVJ@h
z2QC?HNA^>ya-guEQLGl}i!ELC`m)ASclneQwnlG5_}tNyqt#Hda_~g9p2YBA5wp^=
zgyaIl9ji=?`g<sqac%=?ADNqHtt-Bi>O2juM@Oc+<uv+okCS^JmD05CxA)dQ+yWyz
zkHvir(4yi28JuzmH8b@8(e#y3ZFFtdA%x)W?o!-cg1fszaf)kkcPUofodPZH?(W5{
zxO;(O_m}5g>&u!oKPPi0Idh$Toh^0(-AojbV$(AA3WGTF9Rhn_K7W6fN2wcJA3V*t
z)0s0XdR0~g^Kf)($FD!!2C0_*-B~}KD+tW*^8Fa{m6MyGnD}});lnv7fHzGnC^2?M
ztPZDXd|L8X;jwk77jF3{c`r>6c^2$*xqeRePZx6R)X9qg4J!UCqist%9}9A|i+b;B
zU8jiOJ2aAOlJpHbNOgWJ53FsWJJdj!2H?NEiPmt0o9Z;@uI8$AeAS7!ZCv-8sy}Q%
zpJrn0`ss^Qd1Y}^<m2&$&!?m(hYwZD6eOiyD*KmO%oXvIw3;O`^ZR{chu;a-8a*wY
zb0$tnHeXaC2|ZHBfOImag2FCJdG~el>m6cV6(bjd-PoPcGJild6(?n-IUz5uzIxqm
z{@fS&xgD(QeA2MA-^#NbUW`+SwVNm%Woi-%%Pju#SVv7;W!xVs)!@=a{z(72rATee
zL=N58SrdW(0qq`oYKz(Q%#HLnm&9EwPfE_7zLJZTKCS-;@V@szU#l&H^Mp07#>H9u
zm*8)jGiR#=eRWx9YR2k3C?~JYoN{+)_3b(wE=3O>Nv(NO-V}YMr3H+M+0%^p)b$t{
zGb`}Tl3~8GPM?kVTy5hu*Y2v<H)<<9Nl$LtTkUA+UEOgs2v+2}DK&FHxiwm(ecq;L
zML@?dJ=V1VNfcx)xObyvvyxkDiD$F2SvmWOrahe}vU&WZBUcDG#&>T}a%!U=jLpVF
zU_sGPxYn;aNgK5r&)uAHPdz9fRGz;25zwfsM6S<W-@@FPJjs|;|4o?VkR)InZ*i?o
zeX>^J!jSqaKh^vPBX7_S$KIE2OOqIqIG&=617Dciq3J4Fd>oG9QSQLjR+-ElQS0{Y
zM%B09`ZDGv6)Dvki04Mz@*+45A0gu62t3yd360ZSjTSt9tQm6;{{havi#JuB>%#?3
z7er>uT91yFEi9Zpl79`m`f#dhX{H95xU3NivwD;ASc=p#_n!azu_;=?^nvOfL!zAA
zIE#*TezbRF5PbKfKCpjF4!@gK&GF~zLC(Z1P>YSCw-IXq{+NWryUYHWxOM2jv^Sz{
ze^)Zhy>r4omy1)eEF(0ZbwzQ9f+}*9mDUw%C<8CU9JW3hLXTf;7~b;y{UXqYV%!pi
z|1i-AN*X7A5hYtmI6I7oC3~nkQiox=>bv3%bZGQxLYSJ!_9b#?bMtcc4{TMy<>tN@
zvpv{iktbzFvAIoKgim>L73!<3G)GI<|3dwKwszs+#S&T&MJCUkfp>EiGoi{|9Fpyu
z(jwFPZz}Ln%f2jPuc~pM+3CO`uvyG@0brNMrW)s$-Cd(-Ef2Rt;yQbr=uDTNQT8sl
zL!*1kGvPyPL0+@E!5nx$ugzE<u&u|KLoat#Fk|sMn^dn`X^SnF{@+q0{1P9%pj;c_
zwbm>5Qg%X!zObvxQEPoA)LHi}ZJdyTIk{cBVq|pmU!{TKUZkv_VchrlutQyR7D9`m
z1H>c}ze>~{&dxfx?O7oH*MFXxN9V&`GrKk~ADqlI)<+MuU%IJ$Tx_D6m8{mhZUxpT
z?rxpY)ETle2MKP+x0B`WWYN)i?IIq7(3JO#A$YI)<+5$y7U8ezaQkb+^(@yEPxTH8
ziOLBI`zQ-1+B#34x-aS_iY(3<8JRqqZK@IjL+<=aEz|2}PKgJ}G>S(cPls&C=KJpx
zC~JoB_A{h|l_zDP=*v^#zn#~F7=%_7k5z5XH20m?4dBPF9PF$<1g)1ha3$@QB-dm~
z2p~Hv6vT)m{Ck<iD1~R^ufMr-@E8gzPia$9YF9b#eDyzP%>77h@`BT5Ub7OiaL$AL
z2k^tGs~D8ipCn85yLeKNaX6}z=jzZG5$-wHU3!p%clDP$KO$KE53u<lf8l~&Fm>Q=
zky@ZypYieXAr+Y&kgBp~`K8>U-edmtH?6WCxrW>Lj6-|<?aONM<x$j&M1jSiK8wzH
zqTXIv4(o`j=at%s;@1vsS6<4uP5mO9f->T9*FWwq5cuoo^rt5swA$~<tyyc72?64_
z7K{V-*;TvWV)ZsJpei}->W^-u&Z^?xW_%*psna(jHC9GFmg&TBxqWGs88RDbEWp6v
z_FgP~btddz(#d$mSb`p%p@KMAP~vDr*Gnaq@*C4Flr}*GcQ>wzD&^qs#)mIk))y1=
z9mkn9p&Pl4klvBe(&<%1*2ts8qnW36CGVv-w}hC_%)ysxd1O1vMx*|{pmt6V#{A+5
z1K)hOW^WRtQUX5}y<{~{G(}#kyAt--^tgCbkgZIN^i!bLQ>+)StgqZ&f54_G8Qn)S
zK$feEaRxr3zI~0yURt<tpM;R7%OO$UGgbHvmfEoJEK9^7CBw!Mtfi@C&r8qKEtd0A
zS*A@hFn&&RQat%hR<{|tJS(C3>Yq4X>r9Q!MoG<v1$Rx2SIgVW*BMcJTX;{JDE#B-
z^3hFw>&;Cl0|#Esn-7a^(d<6TDz$8|<UwIyF{(R-_E*TPbBRaS*>qn9A1l2Z#cRXx
z>dng#|EkHgM~o}{z)>^olJP~QUAA+ar`4Y)WBhB~{i#ft&4ODdgH843v96IjUp^04
z>(WHh1f#cR;z4})Dk;qiqS>sTE8MvYSAbVJYchLJOMU^~{(LJ>p6oh)-B$}I1fslF
zW42QlT^=6Qcj3wu`Oyqko<Zj_3`sPTiR}?TVMeTFWS+L0*6rapEf&-n6C9J1;db?1
zXTAtPe|M#fObth86zkqsUK@PtqZcWCZ1~35PK%>Qwf6qZXH7;M+Cylp1z<tdvvPZf
z>wBGfLJz*L)bs_|&LWn%^P`y~<Oa;s)=KXywnRyo&m_O~rFZ2ef_OaS@Q+((g*9ep
z%z8b=lQ7nb+gZ&}Je}y{FRHdoJa?-UkQ{>ZQO#bcZhgJXHr|a0*Hz=2UggInTj^wk
z;dH*xc8vMa(80Awhk-Tbf=h?qyTOh)ZvCxHn{Bc4^hdXb4~KLj|NeX-oJbFjH9Hp3
zX8N-tY`dFr0cR2dTlp#R^jR_$%wPKS0Wj+*N!edHcnCb60AB(ajJ!{Otvv~NXKb7V
z%Rli=uFD4g2blh@UzYK*coZD`<~Clr*%tX!Z-9%f_vB`e66@DE^qX**UnpW)k`T4j
z86BUB_ByS}^EQy|8&vjm(ir3&i>P&PO&ghU<;s^FpZa3dVbb{`NE0%!X&9R#{#y}x
z2g{0!fqz8hA|{(QH`7>LNXx5xS@dV|AJzBkQ<ZBIYX3Hz)N*}(-XJy{4$VF|9oe4V
z%+9ak#3o*gbN%9`<3N8FV>I&TTZEzX=wM<>TbYjzMi;)fn+|(1NgsSeytR<4?9kDl
z>^JOSy3Jl7+%Nj51IhIxS<lE?3Cc&?$(U))x}9v%YkH}O;pYZOvg-n0gfoZ<3|}pf
zNghGWb?Qc~M8D2U9<zB8W1AHe6@sm-0CUU3@o@O;w%79n`%FBwrCa#VL`KlZ@^^<<
zlGe9Avu%<*RzfKC(J;z-oBr!T#zK*IXS%Ea{Q7L=>EYhrZWPl;+?%??KN=zfhqa^h
z-XivXm-)umMAqJameNfZhUcX+DO0hh<FfN7N$p5Wk6L?zJ#2>8=(mY2Cg-IR1>PA*
zMV@bk6vy58|G5n#8@(A+$BK+upzc(Yu^uP|w0dW6^H6W1=(VU=LVgFKdv=|m75%xc
zLbE~D$7HD=(XDDQZ<W0t3w!C(tDGMGUI${b+rV`Yf6o0yFnDA*i13)9{jH(K1mWtS
z{UVz38;h4w)o$Nlsv28)?B-7=rsBkDXQV_CiJO`4Gw$8==gTm=8Lk3rlmyh*Xo+;U
z(rafAKZJr|J#L-kt^hn;GuLCm?qew`8MHZI@ogFtGrzlZ;jeAn52@gsRV|Lrs@los
z!BR-aXZ`@+wgUEJ-``$ilYS~P_ncc7MxEB?d*i0Y1&kupm;xJg&uO3OkK7L5v6y>~
zI-}x1&wcn_6+XxS<aRf2s&8LsyDn1qCn!@(y*WQz5r!9pqSOgVxyVQd;|yxsK*(}*
zqBQ+xM%PGuusJw4bCWU`Mh7tcVSiMcl2HsZ7zJQ1ZYuw<wNI7}cg4Iu@#y8v{5dq1
zO4K$Zzo~J&q!zxZKeBOY-Wqa7B_KzU!$$pty623d`e49#Abrt1-5-4edF#$>!_6ji
zMq^xwMvnlHO<GLGvT?Ed%ijUXNjPM2^qyW=tO&bj{Wg*%o#^;trkw-Wo%W6%MHc+i
zZBd<PD^?3x!7PWvoO^pJG_PFU6VX2OY+sV~%U4@epzT=;B>X<h5MJMw93;3J3x)G&
z+;t3L7JI(rv$ZW@;O(9S<U{A~!`__q8Y?+#qbzx~TukGzQe<N=C$^31O6e;}!@c(o
zRppj{&R{Gj|7QDUW&NTs+PU^$vR`gmroi6)cUvd&J8|M`<;_+A|9^n$v8{gcYd6Z9
zlCHaQZYSp`s2fp+M$pNe^7G<T{<4&qfY9B6@|}p_aaVQ@)be+l4=NMMCZ2s;5$Y-a
z)>lFvx)~a`FAeuX1GUDNialq7a*vsy++!FJ;{T$jp*aTs`@moVC^>E@*dgL->gKM=
z7$NoZW<~vfZvTJwv>0V6$Z0wu+8`o6)K-&D9hVB;XlN*@b3&OOJHNK~d*}X~F+s@c
z#i%n<T>s+0<Mp1*8nSHaQFNLvE%#SJdEjdVOoPPGz*F{?jZ8?{sEi9IbqHRV@+OP8
zHCK!o0rgE#Kqu=;NdMd#q6<8oKKFz<*99G0(K(Hc?xJ0^J3sg4f_d3!e;D|)b^I=)
z0sn$AsX*giqmcF%FR#8>jt60W;`{oEDiY)+)F~9v%`+0W73_eK0tUc{ug`@}S}&)4
za~pcA)zG(gKAnEr#i*n4J_es|*t*FT0S<zdD%5GSI$E(S=dC|b$n}09S|UcngHw4u
zUCSMER(@L&urz}hjOWGsG0i5XQq>>zW}y<rEdA1NwzP(+2KQi{StTDiX&A6s7U9ch
z2CeTYLI?dDF5zF6I4pl}_Lc8Z;hANP_w7z$0wWmWDV2D?nkOd`?QDupZ@ZY<me+K$
zudJp0b%~*E6u7~3;Y0|g)9*x+udPDK(wSy=z~+nb+8eX8cO0-sV99B3&`~BXr_p86
z$xEB`iV`C!SBBHhCA<ts0#N9iojp2C(AGyil4|;LQ2oh<pAax8G$+L4)~EB=PGtm~
zrBCUQAoHiI<>^?Ho5`$3bilT93ZaIp_2~_!4kv+zW+dn^4N}@TRjLoRnT=&!iq;ig
zXr9n6ljLj4k)#>&zStviALW)vun@2>-bcyaY5xW`2p}}TrA>g?%k(jlNxo3`<qpXc
z^6G8z!3DoF;cWa2*Xoh48N!ie>V)K*O8>Dh;&!YTJazbm<=}5C)D+p8DMT-h=ShK`
ztf>-~3TLj`DruIF<H}m}6$J)tIZZjAUL4MIfELP+>i!|ngb68SP1R==G<QQeq@u_4
zSFNr{o6F2Fq_f_jlQj^;v%`~X7nw_DjcUqU|6A5rLMX78Fmk={y=hU#V!UOBOwLIE
zlAUeQjgQ#`D3XquC<z)1SxL!QulyMsCu5P0k$~*V=9^RY)wX1*)WFfxCVP1;b%t~(
z7#ZsmtA$Ybr+WU<*NofPewiP&ZfYJV^u*J<AvQy2Xx3Q${8%+Ng@lekwFoX)SXdWa
zi+vpOi6qQQL!*k+9AWH!*HF6oI#O{YPEwjxeTqIwz%>>-k>y8rg|1B6CB0^q!#W=_
z*u|(km(#;9qqHiOw69eg)3spOrJ=+d$7(i2pLvHiGc~2^jx8f`HvLIf>(ym-rDQU=
z4^^hIn0_*QnHrBV*|2a^EyI@)q*meLKM)&iWGYd$M$5a*9>i{cy_7Ke2>ex+RJ<=5
zUi9~d&12CyhMd-GRH`lIY2u|Pi+NtH_IP&kdvl@d+v4z;!ifKYV8+Q@pGxKa4^ogG
zp+C$J#xn05C&;NJ)gFJy^rtAZ>K?eQkqGrifDG&j8XW7YdnLngr;EZGy!oqp!od8R
zhvUU5B=fd8%pt`-H>j2gbAbu3BagdnuZcT$elwx8-(y-=+|!(jcCIqB8pc{W<hU+y
zV2jHx11q&_Ma^N~_7ksdUM!8tdG5^UPDI|%_5mM>nxomPA;Ux_$!TfQoq82rT!HQC
zTn{g9rXze-hi|yZPKD}LZt&A5{U!2qZdw}lt}%1^N9T*Vv`H3}d>tt=J%xWasTP)e
z=+xkC5Fc2pmP=f*jI6hkASeNV&9ZwT$w@O5wt14Wz@03j+#sBWYWDGBcME73&lrhO
z+7$Nm*88|`%k6Y*h!%!_x_#Z4yaKH+rl>g4pU8&Qfu3xo?xYnBq`5V-IqNy6WaB)P
zt;SOSWW?IcMlPgR%CQ6$d;}}fl|j+N9j}!MYZs3$rCDX3hqbC~nu@~ORpudJh=Y{V
z<N1-w_?Lszmfr%7;ap|iI0vb`e=4MM_>8{BIuRN+if%6a2S{cI*eGUQLYTXLP^|sP
zi}XH>1UUBxFfV)RBwr{(W(<&OX^}MrcVo#V={T8J3r$fllCj5Q3+KNn8<azKo{Rmf
zLNk9(?6RoQZa6VTV0zI2qm`PM6&=>Zc^z}X@}$c>l(|gyWO-X|mGapjm~D)jYV$ye
znNu}=vwD!wd6<9?dZRTVcA0e`k}^d!%>a0<hYcY+>lFWcGA<lf3~M6-DcDIqBJz%8
z;7B9gL1r3rWik#|<!G~cQNV(>Ce60ovaX@@(yflLEe6<G6(t%sF!+GERK}xV{>y`k
z)s<+h`AbWsJ*b{`A%3=RFu2+J20N8DeU)aJwgF=1hqIfGVYT-sj*9*dym6IUDN|s9
z<utdaPoMK{TXiaZOoo^-SiYl+7B!l0%p(M^D8{sHZk<>oigzb`%%mYV#<Hb{IrS4A
zQHlAAaHs|$5N#7)N&8N%jUDEb*YgUAzLkMz$LHL9N6(okz}j2Jk%DtYu%{hAh=ZMU
zSFs}}V3qDiinJmtq>nVUQFwWcgh%cRf_Ao2)pDImU#wuqh$1mNC&z@H1mIj*O@23j
zhTrA$*w|^9n+dwFA6u~Uwm;-<nBg#DoJA5HwP(a7szixbf)CNgZJi}uQPE0*Hh17X
zthGWX=kx04#CCl=To|%&6Ii@5=C*LgT7Bzp%9KFvv^A7*gRo`f1o)?h4YuRbR!wVm
z$g@a-tWuK6yrVs=j;9qJ6V}<w6%%#26_Q&fa*-ejE?%2<{1kPr;DhE1+)$<bT+~Cr
zk9wXQov9Zi>6?M5NeQ@_S-;pv%S$JIenTrvR;3L$_=M>99s<c-#Kq-lLM~45SigQ6
z^-r^5@Xu%YNj7Kt!B0O$`o(RYn)`Uo5?oLVJ`t(Pzk9`foIN(tg_ZmMCPx)iY4eda
z_zh3JPaoK!crdAXONuKhJZ9x4eQofi-*-{BsK+<+yD6PKrabJfdIF_rRFEj_U%*|{
zwD&)vats#ugbuhPxSEsSDjd(17jFsc7%Uw1XT<{iY6=U#%BiakoMc86@nIkNhVy~7
zF}VZXrDjQR+FuA9%ph&_yfvqd&MEP%{{ccYABuK=x$4-d*%Ihp0a+V_E_Jw-!ezpM
zmM5Z3bLoCCc5C63PcD^y<?#}?3S+AW^_7GRdHf$Y8N|cGe4t*OOO~7kT|3GBwQG@T
zJqW$_h+agJ4laS2AJ>TZ)z1iDL+^@96E#(o8mHLuea;mIu*;{BTJv^KnQX55{7eqs
zt(bOmtr#8+#zHdl#FCQI*aAM*y6)E*eZTzAuiWuWDVCD3@MA*aM4z+~JH-}PMI?oz
ziW!;Dn2j2lrn-(9>ds=n$0b!RzIzi)=`ZEhlY3_ZqV>-*T}<@Idn8a?l=0&OD$S-v
zrTpoTW37Q>h75$dPVCw`baLy;#et}~(oe!t#?_lDy~D;QoX(i_bgiAn2QJ+Xo;lR}
zRzcvw^@GAM+H33c=hDWU7~U#xGL~|9jmH$^oy|A{sz76;?P)JYnI8aC^XpMPv9t$x
zMc#CU$MH*@()bZ&1)Ck|tySh+;%a_Axg*CKRmC&Qf9veX3)IN94x?+mXIkw7yUd95
zJlJFvnM{Rb;Ox$?#Sytpvf`T-O8mB>Dh+tn_{v4}6_~b&My-;LOm7YRbgI$zZOCJO
z>iR76O2jHVZdc&hqdJ&58l?uukrnC;4$+u~#(L(iQMsaNVp?eqV|4wQxDHKrBYg?J
z@7oH$Ft0%Ky>zFfsfM|Rde7L_9}K78aN>W!pAVar2IJ7;r5k8ZJTjY4eL|Yx4DT|;
z#X(0Op*3>bn-?Evm9Q?TEeaGjs}W@-$Zx>7yA>`q+(NFYFxnR@rCfhi()Tfbq;9iL
z;NL57=iWNC6pcTpcX9nf(r38Z4tHjw%fl&R`s0yL{%dcg5!^*U-}YxH;aQdr(o%rz
zY|8XmsP5$0#v?YNjP!vo{=9_n8OAgo1+#?MB0%pHv7po!&U#hI)6YBAK&!cWI93Xg
z!p-YEmkPU13{t^3bLKQRpa35H7l*X_h^}-uyY&=_MX`xL39+>#Zp45cM9_w`m+a>d
zRPh1oKuHuzMp%d`#;NcjY(Ok1Zz!5Og}4viwEfwF;ggixmEcWp79N#p1J;SI$&kT6
zzb8LTL@ZwBB6xNBNy2zzRNnDkyYBk;zV&a@m!SwiPWQv&UyO8j-k)jqR3x-q!JIcT
z!@}&o*Gk(1u)(M>1V|@;f+42>7z(sR%d`{~%kJJe7ATZJf##+G0kBZKfx%E@VbyQ~
zS1u|2_)>>Me%UZc-*_$#R<{N9Ni~E}ViTC9z=A-M5U?HuglE>bOOXPg2u}u3rHR*p
z<X{{S8rbPl(f~Dj(wr)&5vB+&FmUX0s7(umz!ysJlsO#$raVOow;vS;_z5G{(NoX?
zFAPu`MvFm#kdmF4o@xn>mc}7c-qWw5TBHDD!{MzVg3RPG=24SSrGX0wn0=X{NS5^C
z%uT_c(qSFahd{-0aNGcGO9lHMg8(cT2q%?XdT?cuAw$}%eDF9;X(~l{m{o&53r8wU
zTEDH?0>vH-Lg)fqDKfKVHp*Nq0(-v|`#NfypIv0A9xtI|a4=vAnW0IN5^TzX!vJ|q
za>UxOYEm-;rOM${G?%kmF?7IiD>{Uyf{w?`ntoNK%Tcya+F=nW2I|QdvRd)xSYc=u
z)xmJm<rvY0C|g26#o~^Xm_mACQXNE&{*n%K$t03tS~Tm9p(8Nq8bTl<nkEFx!ceIc
z36K-i<w>6fsAq?|p_SMMhqocl4wMAB(0o=0EhHhT5ugSyiQ}XcnjulZj?*X0J2VzE
zG+|1IN`No`{N>UPI2aI&L6p*Ubv!u|ummDto>nG_0T7H3zXeHxAOgNq;+4qPYm(E<
zSqcVYU?d}IgegQ2;evvd?Bx(akWYf2;c#rxEhA{LQsk&4Aw>g}Tv-oI$*6QmEP@6R
zO%ir6g3>r>1VxKh08P7aL<SZOhbApbx*P~^7IV`&3OllGL#iu6813!=ph3~0N5Cvx
z8?98rABVuP!A1GI1_-Qd&K;*5j^&t?iW8BA(Y9<B>COyBa%fqlUXO7wfWY7YY)fOL
zqxvLV{xI|A#<DAzhorhBnJK$PSkiDocuR2@!cfLL5Xw(JVTfDKVankV;Q|dHp@t~I
zN;Wt|3gJng2R6MUDG_i-B_KKUk#baZ6A|UX%7tNy;eF;!<IL$u^63sdEn^I63UZOk
zHWK0&4f3CW{iHaU;$;gFNgHy(UzlzFV9-)Xx#(O+kVwzLOB+5z5jp+;;syUNSn&TW
zd;brSQv&{%Ea)1NTyz7?6#R3GLGgcR{C`P;7>yy%r5S4fN+(nQLJhX<EEf4_4Zq&m
zN)UKwDt|WSl){82Kim!WKUa6WRhjR;X>Th#36qED=BrM#2$RPe`G|?#`}MySLu}yT
z?_v-IGYZxp3f75x;SA6oC=%QLTr0kzVnmtu<1)!^`#e|uS}{pvfUpO83eAB*?0g*y
zYdBQkXlLy6>MQr4EyiUUp&FNr7td<BXc@TqQ}_FB3`7(;S^|`2h9tB?ED!E&h+H25
zN*X+hP`E97!*~*yPK}ZV5fPL&g;OEI)72d0>Q^yVy(J2Vk~fjK!;KQ%^YUQgtm9HL
z6EycGQu$fhA(#%Wd`)v0!zI*Vb8ho-Nez)Ua%#l*hN>8CoqZ^u3~GWDIU1&xCSTOH
z8=A;cYkaW0-~Wv3bMUsX*#BHMnkoh0q#!w!MvRzAlPAzSm6k`FUGl1636Ql{rKM8M
z#Cs3~U`fT<1+Jc*{#`NEA$`KpL^)P5M0@a3jQLAQqn=5`DH}CbOtS!fqdf9k)(@|r
z%j2sYqJSA#Hm@uy4aG9Betkj3tQmahvI0F7+QIoH2Cd6U{H|By7x0Y=(q>hQDArSc
zA}r0x&mg*lttF3ssovg;R+<Y>fz{w!(vdzsnYG7GDa7(py3UwaDV7$efxtb$D+sXj
zD$?xh49aKboTyBRpA3Ztx{DXaBpnC-Jn*iDhu#0+1R%ofaY69z9!`X`-+Ioh6k+#%
z2^VBrs5Ty`r)Op4L5ihP7EFTdW@LLWDGz#u;>IqU*=A%nTsO=W?~@-ly;gNv+zXcX
zTXDQR@rgDJrHN@SOf?JggDz*?b-RaI-v0wMwLX2!=Z%Ts%}tim$y<8nNs1wbBr%-$
z2XUhi>%EbWT`EWs0LWsbHbq~T8iV4TS<8HmvKB0l^O?|kwJ0ndJm*<^#LHqdIOi=4
z<4+;p`ZSW`ykv#nF@rJDKVjGNzYGf^>3?6|8fEyR47zrG5<N;upl*HZpbI>)a+mnf
z#wrTAh5ma}@=ivIBRT(m8<avp{tp1hyES?>+Wdd#`q~@OZrS?U>jD=)ou{yW(lpdk
zYI1erg3<YI9z|S~2hgRL;YX(3-`MsmrtrTX%PXm`D(na+P)Z#`;ULxCNk+o(XFLlh
zK9Tcz(rrFbJ6P%=!*?P^j%3?&NA3?bjLdS6?!{dl(!ff~RW;q7?HU9`IpmXrgcAqO
z>BY~1IBL-}Fwx?C8!bR=sSpNG4rR9C>wf@S9P#bIlN5WDlLVE(-my!~+^eU;VgM~1
z{ZS2cCdMQLN_2ND0d0szy5Ht;8hHG#NA2mWe;GfCOpE^9yl%g;%TxXJ@Wee+(c6*#
zV23B@D>yE!UPajE?>{Z5pYG(nW4=1)&7$&pAw=}o=(;tz*6*kH#@KQqlM27l{^ygv
zX<|>a^9COF>3&$uuHHjZwH<!%%W}ISPMG<#ItvmthEVS*lQ|Bbvfwm0GYvA25{jgL
z2CGX<=|45=ug8gziPEXAJ}b^0QgUF9g`a=^nrNG^oJHcqTS0T)a1NsUTwzbYtH_{E
zKXDDm?9L%#LI}G1H-fSe%*IzV_hON-V!H`wY?bxCis6`B7kJ~g-38kJ@4fW$7UAbv
zDfcNZaHe|iXNs0yLea_xF&Qd`K4fz*M{;$38D;&$hQEXc8ekO_5P=L4iZ;A%FNPIQ
zwYu}+8J&I5u=2*i?9ta{bI!ymHItp%$nUe0hXHyb?YXXhE&dXUGT`IWNENvh4`QVg
zb>v221mHTN>9!P7nk~6`Z0tobFkz0<@9(OM2mj_^xlDA8g%FRi+!wu62G0d*Z;Dn=
z)Cj(-!Kk2Xk&g;GOE~h)t%b!>VPG!0zws`I%b0~lh2b5}fi1XA``$EWOg+Du{-~cF
zHzhul%1qbwdHDT&^|13>fpJ!tw$;g=f_`oLbxj><E5rnOX3(HL>J$p!Z~EvJC`eFt
zom<Jg3jY9KV191;tcPI0#Y&i6G71Xfpo#Ntd{b7)<nrh0GH`n?vkjqq!BE(khrvwR
z{g%#bZ%#BtI&lLZaGpTHx%lxpl4?Yf!LlO3Il@;BR2t&^q~RGNYm^*-))_?g0155(
zMJ&iWfm%oOyqP4xkrH6V8~&D#RV_Cq${8X`0@-NdtFL?^vQXbx7DO8T_1on1hKV)b
zuu5^2+eK+>Z{^IR3XsKC?f<KTiKJH$l6P`sjX(dvvfTui$#+NVT}Y9R5Eh6EqsI3N
zeQer40~P9c|1nr%Z{JgYtxD{e9bA2^L3>uSW?NCfsG|*6DUq%i*25s?Hdzy?MBtXb
zarv-o5=p=U0yxpo(p2PS<VPP{RGlxSSq2VF>fiu!aXZaqvuZ9MFEA2L1|nwXd^yrU
zyb<L!0G{OI14H9(s-?`wk3LYA%ahl>h`R(vBx>@G>ULVOBTRmF%}L>~FaDg`1DMXK
z%YSzXkc2h9%+r5sPb*-@DCECL(~dH}^Li9Fum>>a)#tXNAzbH_I0IA$&%dij7HC^7
z6tS5tS`KYUb_TRn@Y4pXc-k&a#ijU(eP@miNB7YmJw%{`aNQNbP{4gu%D@urKRo?X
z35~5_mep*&mV=Mx^Kh(tD+bDhpZ=4|e16-`#m!?LJ?)w=4*y3z(3Uq-9%FlICeY=4
zD+3nC1|YlS#0}Hwq|hMt$i;$5EJ?r=9|hnzB`4QT$8Yv3BCWQ(A_?53k{4cvWNFm^
zw49dpSUGA0CGw+S_0pIOqORenX^a#t57h2n+w>)TyB>T6x-rFE^g*d;N<^f=yIAIp
zac_D}9EeR(^vMY#Qxs~r$8Fb9468<~U=2|055nP}52L5TvG9<{_z&+=0@Ow^ORrTm
z)W{vYmgv7wGRoi=zkq)}Kh0Mb5}G|^G!0D;U&{!~U^{rbFXvpP#`0Amw!6gxG;+ED
zvuF7by#7Vcgb&7#is?#uIqaYxFFloL@GXNkkA<a{{&~i~nuReq!Mx1KGL2>O-@Rws
zZkvhsO#_7;A?yefUo>QYQ4Ax1ws;$8rjE*k>GPStdICWNEeEz9&!sB*4Lh_%1Pt~r
zABpczKSf7_7B}Z9L|nYzMNZ5qP`>Bfm)@bWBCLL-KsC2^0~DLz@&ky~ta2+iv-ZyI
z<8gNcNa+fN;&a5eA90)$0-pc(&G4=D`}Pu4gsf=fgnQ|*0V6(z!O5j}R=3-w{a-~?
zGw*OuC?GAlA3j8Lwjlw0V)-&n01%7=z%$4`yN=rG$Ho<J>6FALG>@YX25TTJ9rxx$
zS>4<y<<?UdDZ>ly@G}~hb8K+(y5lPo9uD1gE%e6vfd3H8Og1*MF$ic(`_G@Ktb<AO
z9Sf1Onn^ZsJo$wjQ01ALb|UPtQwb6(&~iZafr>}B%OL<T+{ogK08jVs2ejCUYe8}t
zW^@`(DJh2{7DcCl08ezWrYuI}<kItLR7)7(s)f@0g4(P=jsc<JeD>N*!QeC&M>YQ6
z5QywA-5@J2)<}5_LlakeV|><F%iye1?oxJ?5&kuUbSGH+wHI4scAlP@2X1Sb6=!uK
zHLBoM%9@GXY)Ug`36Wfng<wD~3i-tLziM}WKJS;JhyI0Ep%rwoi9g5x6#O1V>0<G?
ztwdbfw~YZ!Y-NCG!ciPZ3fbY8==GS@Je<>!lu8*g7YkwXyO^vqz<yp+b`lJk{?Mr}
za|yz}qeSc^+Lou5mw#p^v4)=Vg+f#>HU{H~5jxd73o()-8AIg^8XQ0f`>FAMIT7dN
z2!rHa&6N0^kF*8HDY?LS)UmQ?3_n!L)M)C)w!ua#@z==;tH;iRs4_g7Cyp@0&``?8
z8yZ@Lap-3}a}8hHdjXb32^2XU44CLbt(P%lDCo{R^Cul>K5^k?9XMuCTdmXguep>0
z&8Wa1I)BA|AN6FawNI1r>>1OAj@Y={RYv!qv`d-bzT&T}Lig4GRzL4E!|SL>Awz@5
zEK3sT3*9(CqER7(r<KpPSjs8Zd)`I2uiCji=V-m!$LL`uif3UcDe~->0rSPl^gkQC
zOEb}p?79)H-)#P%Mqu%cwE3ZTNn_$TkvbT;vg*_;#(>G3a}C~42HkwF+P!ORiZ1@l
zMUtb<&m5&gfx-Ivo!FNzWADW!1Ont*+%pzcx?)-YkUB!!YOPn%_sH?ooIlwFG_3P}
zT^hhXw1PX$nw`9nZLjLyuItfkOw4Q78>Y><r|~E4TUj$M{QQpVUfd1X*-o;hPKng}
zU!(S9IWR2={&O!VF9cOT6K3}HiZ0rlXMQFj8FAomc0QB@>qNyTIEBwqd7<ohYsB}z
zRtp5o1G0cnY7dW6oQo}LZlw^K)bvv+B*lL_a#V|sr5hoJ0^kYU&OL>M7lw$k%wA#y
zhmWFd9=9xEU`z=s&l3?5xG-C$36hqV7Guzn9%mY=UHFn`2GF&1Wg9|$BJ3Qm-+z)p
z#|{vO|MkezgGxa!ch_^ahxzL^&lY3K^%N>BLJ(Agz&2y6OYu_74b65(jg<hj2u}mr
z&Q3CMSV&G-)fPrlXhN6LyqioWeVOWKP!QK2y<)TAQm&m^YdObf($|ReS{v)Krj#*r
zwoLORCZaP-Vd$J2zv%2Gj(u4`oICSXzY8%)l<Om(!1Zjbf;XOeD7FHQvsdt2Pd?@r
zx`k32+tqf>jVB!7X9RLIW5QWE<(%KyCJ7Ghuvz&^3t{I?f5*fkLrWV&ur!OCV+W;-
zfyUd5I5>xPpcS+a5oS7b#hKb*U=bcu;PgQA=h6Lk8+6PQ=gck^Z|B|EZZk<Hz2mFH
z_?m8E^ZT<FvM>#1lYBB;7R~tMGoFWSm-3#!sy4m$KaA|$E5=IhU(_JXAx%%MnZ-3j
zo%#ALxz`GZXX9?4@6CPy;_3pf*Rync#v3c=)x?t{pUuvzwAh(R!%<|qjJ=B~k(Enk
z*Vp4{tdeF-ZmJF%-8a|f$LbS$E2cEzjQRscozjAVBULS<K1E=dB~0ilr+OE;A69n@
zU1-rN+yN=ISf>a9pLFh_M^u>r3>sUV$q)7@0zhO@pU{FSipK}^)|QzlgaXi%`HKn}
z^j&*!v9NUH``=29$ZicwR(d|b-+xL>r{q1|aF-d0jkat{V~1kt^$Iy2e36bo)q3zx
zT!J7Poc<5zsCObH|GMNt6!uJ9Xyr0UGG4BE$6OCB4FTUo!(aKSXL~LNj27A{f1-EI
zfL=EZ1x9}VuHIzRwY+KYfaqS@^MGt3))Gl!6!TD$%4O}U4h~-ey<iF9eLIGx9;StF
z$BT3LgvhMC+3Yxg;S7uDN>vp{-||~VD{-qV4vY@w)EbI!WtGciQ$aD4F=V6YmAV;~
z!Uk4SI^>3@km|+b+Nx{LQoay&mw^m;!SH>IOh@Q<v{VrWZr7(QZ6QBoW?xdz;)dW=
zfc*`Jx0>v5oaO$|q5y972#cVn;G7xqRXCOSheIV+_^fknRU@@mhj>|tjSpYmIyBUj
z0Tw;do7Zb07;zPIiFj1AgImA>&jzK_buSX^jKSXW?_UW@%Ba~>dBAntLk*0R=t_cZ
zO0a150jRuuTuSP`==*l)l9ACKX^?mIfD)-nML^V#!i2)36S%yZ2m(C;%PZB89%G>7
z*unIk@=@%-Zad4)*Fp*)AR&_9LFkI1gEL_CE^BF?CX_Jgr)^%k)xmoU=~D%rOwjK~
z(x+dVGjBfY!A(F=*w8t5v~j_quj-*pLLe%oOfS9rjoqP>>Gy)4X)bsa*mR;kT9Os+
zJ+EX-K=HZr3gd6~%rJGZaf!zybI*F8cX$(<+Z&j-q#Dakn3I*mu76AE0Y9C)1SNYy
zqRVI`IlV@m4-xAWLRC2FAA=F2yAu8qFG$t>TP%FtOA-P;XN{~GA(6m1#uK*e;P@d;
z=|Phh;%wD(>>ul96=;J;q)UW6E*K~j97sysgM{a?bey<JPl+wayrYOU*inQD0%*G}
z>?dOI>fbV!<5S?`OGK$s6uc<KHw6K<GJ8saamAm9GvGDbhMznzkSW0z>e%cwKuk*v
zUIy?045&^T1s-&zJ^ptgbIJEV0J??Jm+QjEvW>Q~jmEpwNEOLD@xBq;!X!d<00p8z
z*11XYKj<N2_9@GMFJ9KHAn-ILv3=)eUL2+!s6q~XU`ZA+8}8c$=Rd>TH|L{+iJP<<
z1${is<drNjpa9x-IXEL=bh(+7peyew7M>15D%J`=O&ZdkaW%5B^5cE=k((e=J}ddx
z&A-CZ9E6kqA<Ot*LEVpcJjJ$i8<?KAo!sj4(XiM(=-IaQU(lz&S!fJD3SZV=YQVh;
zVH>Ik>n={tBpY=F*~t$IiP=i@!O|VAy=h9ua#-Vkw3Y<x_kX?KjsoJXe)#9vVQ?!)
zMoc`YCCVj%I4Kb2c-+Fon;7uaY2<l9Nt4M`i?lgM(G;nA!Re#l<Xo)R3tD~MZ0Iky
z!^J1MpMq?Ii6=2s6l@aT)CcsLjm~><z-TyUNj+>e`#5fh8iZu^z@0RRB>Lzx&TiuY
z58wBSSMg6}Gqu+1J!x1}(=sxb`L+mQu--&hn?8jA7+V10VAA>eo0gh%&hWuHo4|T9
zN0XuiE>z=#OZz4I_o2#*Rwy8@<;dclSp&TLFf`pd*$vl{kuX!T5AO>{!cF|g{U{iL
z1#UIa$uAoWKqdK@=R~P-@i=%>$5?P`6}s?uguqS`0X>eV3F&it(n9Y@dO8#L!X>8y
z(W~tjRX;oK7(nA&|H+;B5rxWNg@yHP#~`MdhqKVvoI?O|7;t^$hMvWCqppO6JuO<F
zP!KSnZp^O!bChwQXiOr6Y$^FPIcO;beG(4#GYDtEFdO4z3b=;!;kw*r^qgrG`PV*e
z&XocvgILBz?Oj0-P`KDuM~8oCp<I$gPq7guT{I}pT%p%+rXm|l@tanlnm(h*#-cpC
z^j@Gg(q7XE;@G7)Sb=Xdfmf8l7B-s;YbG0so9i&kC+<<3k$ut^m=x5IfFy^+JYUZ%
z%qXW%9efcY#@eK#g+@-@GLXy)%l{YJfs&m=rFH5t8MC8`NbW+e2zip_)Y*1D@+p*!
zC_a{dmk3cVw3K;FXf9<Qn;^pG06%I$o=8xiY~9?srGOG<*yh23QPW@`01-gpJzcOa
zSHy~_nrNubeMa`@{oWA$;Z3B9$&YFSIp<O-m$EO1nOOVxh$HYNjRe}%0)%7nV+J})
zOv&L>W`1YD8N+n*pg<e6J_)rDGW??6NYm<Ob!YA>sLoICnp)*0j5)p>Jq`<C#=@RH
zkuVE)=EEA-Z=Peok(Oq_KpQ;4za#<uH5FC)<_m%e)0nY3R)<!gFka$}pKaf$4U$qG
zC5^%VD^3J6K5vOK%@pkP#<NFf`JAjjYoMvcX|yGd#OKgCimwzrQ&JK&3{d2yJ9e{X
z@e||*+0q;gc`t_mNwVY%GIQp#WK3z=DwgU&KV1uy5#=7ERfWCEc}R!Z&12@G7Giun
zbH3+mEZPGBr}vo1*s7RRFPm0lWZs1+3G-cT<E!Vcvh*&g)SBhxDJ*2KnB~XAq7^$Q
zPlf&%Q`l!J?%ib0=ETIk_tRjm<x8&pY3EMT{{X7KV8I;hpogcjoRZ2FCt)>CwX{g6
zA+)31xIBPH%@1ypF~N!*s1KOV1f|4NSb||?r3j_^i6Ah9lr`q;0Ajt({<y5)rO46M
zN^e_(5xVkK+jo=y0Y0UJ@iM?jtD!z<dl_L;;8un;*-H$BwBd=}68jjC6SLyNp!RoP
zkGR^y0H1R4kY4P!`)08hq5X<sLTVQ8w>zFH%H(8=FMoslmh0K+G5xOltDi$B4BSPf
zD-jV$002{QPM#ugVU&emqDADsy+({_IfBp(#kmqpr#KtDr#JzP>=H}c87cy$4J-!U
zl-jXo%P$82KeT5$mEkV2ET5;+L3<Pmo|fS!MGv&M%;(#%kobw5&sMnlasoq%39op$
z`>%A0KQRoz+GQOKo5K0DqhcMUM1s@K_u6gu4TGhcTFh@Aal3Ela@S4@lIMW>u?<c$
z(eG-zx~;#k<3x^WCFK>hn<D}u5xi`N@MG%%P>bjGqO;8aMnlpqexHLe5W$@CXXz_n
z8hlfb^gQZKFWC#3F|t%K<I^L)leBWSTORx3h=Vh{-wGWzXpU%7u2-sxNl=m}WdJeb
zC$}<5{2(Wcp6G5fJ{K}^wxq(0WG^O5uaDRb(%vRw0Dz3Om+^rQLHhI{37$d8_T0=t
z?OTas;u3Zk;2dO%na^DWfaRC$r=mHgF^I)MWQj(ptt&i0MCn|snH~|q(axD7e0~sQ
zkWl^e&{k6Xjn;6Qf`&NSfN)mS_On*u3)`izq->heYq7e{&iz0HS=5YISK?7NMOmLq
zYS%ZF2Uoc|pk?|)yIb)#fH_@9ZpSGtJVXU{Q~<wzuUwM+$?=2(P|V9^VY@N1B!x|N
zeC;GW4`8OjjIZMu&8tk4V@WZ$%xe|3!;;5tc}2ai1?YpEEDFR9*%3*_%a!6!7t&$i
z4!fZA1zQSxta-%rF@|uUjR&sbkta+NeQ&nb$cS!7;*wNmN+A?4r3EK}Zpg2i2;y&P
zs1rml6?Sok<$|;5P5|@(a4-%aPNJ+L3rCaLlt`raD_=2{OjOYSHcrTl9N~ScT?vSG
zynS8Y-^Gj;bKPHGvn}<0V1RfLb7B+g5HOlD5W1!Z*Q2v&K<?4Du0gRJ<0;Y8&>28A
z6D^HEfow(Sp(15`-oBVTrw&5{1Ih4HY|k4;Kmby#)eZOZ6?ZGk1g)B$0MEVTdyyxz
z?HmQWuSJK^fRtNUf~lABd(j|3)*Rm$Tj@d{5&^^_aw&`|md^KW@S&qSJL6p~m{9NF
zrQP^bF=D7yo`&-Yk9v`=<+acLG&@<OoB^R|L6{{qMsm^W&#S0lB)0iJvJ$1LF#%NF
zWD(oaaEnx*$A2X>(G(H%Xslo^+j0m8<=4ymdx%u#&VGPxEJidVV96(|<wYHv!g!Ue
zK)&$zkqh4@CVnAFI7TL1sAnuEExm@5OeZd+R4<00fFHbCETK|%{1}T4Z@Lchz$Qg3
zr1%x!z6ka4`*X&CA}#<zPT=OMzLyIR-33su>4mJ@+ED}K)d*e}n~5nC99thzktom$
z^yrF}QqV)5FS`ZpfIv_`i};|>NZOP;OW0!8+!sB}1smhAk7b4!{rG}Id4L)U=2h#z
zZW;`RP;rp|?5nq42uzp@Z$&WOV8CCZklgL)sq^c)OL2-w8u*^A%CvRseYbXWO?&n_
zUJA}Wg^h=1Fhv6m6CwSNa-fd!ROiuVo^Ln|Cs^rl`ss?dxE|ni%y8Yl$E89TDV}$c
zjll5hFqQqM$#+h?)|eI+hrRF{x-qQ%=tXhcLM)0^u(+9@qd?&xqEWCV`P0`zpc=0m
zkC5?0krL4tOTZ=Bk56<ossA=(c_Ns-C(f16^V%<)ImR-cT18rls3{AU?ZELIWetsc
z5mB%oF%<UFFjORFj!vt`zEq1aePbvDbJrndbRqN+&-~q&F23}uT!l7_F%5{~$5&~a
zVT-R)X%In<FW1}z7>F*wp%oIDBjwtqRXd3!acsgwo}NB+<uJ=}z?sK^(@7m5OO8ed
zUeF{4U`s?^+lg6=N$Yh?7Pg*I?Co<rjlPN&73hC04d73LOX|w63t_2530>qK%2ILR
z2o5=6(9i=R)0B<(j=Cv3fcCvzY(WT|m>l1l-0Y;pfni^!2tOQUISI{@-9x?Rd`d8u
zVaB`k^s$d|<Pez=Y#e<A7kBCP1i2iSuIJ`K@}Cg}iJuImr2!BrEOrm-TEZ+F;R_FF
z5s;+rvT^K6u(dQkQ;Z>2TN8-B{H|C%^B<t1z3lh#X8uEV*BmC?hJ`r1vcSeSo-^o4
zNR#NB>7NT*4CK$Ey@RXEIEAu6`s(j{3=HyT@F0~m2SUrAia8}4H>K79_QYM&m<@ZT
zq~1v<>iUHO;{aLGmf{{qcnyzvBtasv`Qnc1LIu4|Qa<YGQ)<cpZ^>Qn^#;VT84{=Y
z>uw&m5KMl?%l$FJVhDB!^E+9WGAwvb>R7T@a=e&}<ak@wmw?gD@rCr%5*PypBS88o
zI8ZR?X?P)&G((tP8wJ*hNq`m3_eBMS;P%n`)rHsxDIrX*C$66lgH8w?-eNvW`tul|
z6h#609jo%8FiOJT*q0|`1RStqRDg|c0<$9n?;wdqUjj%BzXDgztUcf>_#aml;k9(6
zo5xD_!?$(LRQ`m)(P@*+{e--8zrMHHS=hUFKh($7N1n-zfAyD!Q0DvkhIffzf$8c0
zwxohQMa~?YB>X?;189;QUiRIk-3;kA@|(8IOyW*Cq=52SG@FP2+r8qu3i1}2HeAx%
z+HqtEVE2Ib5xIgmIlHwmogEKnvE?lC9B#+9=KCefif789Hl`1_?wgB(`A0D{7*nCF
z?ox^&Y)akF_sy(fE4^f1MO2_}=G5&_+zD&r$C5ul_9m`*G=U0;bc!GTYi}$~bg`qA
z(|1?QIExaf#7)r2!}q)lF7i*|+$x1DehE;IzVHeEycUE+p%*St_c?y_C;AqSq#4Z0
zd-c0`V)j>3Ws&$e&(lX;ZtLb*cPsT(RpJD?4B0@h%_r{myJN>$U(2DaUa?sr-L8A+
zGK8b@+T`ncibB7Xw?@Z8G|d>x`5&YhT5*C+H$G?|N~vy~`B(1`POkk|8L*4%dm$vH
z0jdX)JJ&gK@$8xSUAb~?Kqvo~JW^QQJE-Jo7<Y99^HJ1TTIBtS^z0aFLsVCina8pa
z3KRYMr5S)o!|eo-lLjMva-fix-}Ruw_hph$hxdXpHo8@S5YXbztd$W?oXO`u6Bbb%
z{4`?^EWwF}0E^<oqKhoC2&emZd;wD&E4f&lRTi6WTnPik+%TGnq$H7vy+YCQ>oJ^&
z^wixIS{?Ht^{G%b@JwQSjd@~a$<y2lU4S>VovI(K(U)LODr?We<yEl0b@4GD^4Waw
z*q2Be7<YDw8T5luImNrz0DxzOb-Y*3mBRJ&<s-#59GYFV@o}tV_w7y3^Q8zCmSDXE
zp|!snp4^@fx<}24utY>9L77GsO#(0G=Un?x#^TI2-SaY!pkam$Mn3#jBqfJPr#vn|
z^tVRG<NU2KUBYrB;32@CHypm@-{mk)Fni*Up#<vwicp%NEGl?m%pG5Z5*onIz{{1r
zSa}R|IGbgEo#SEPnEgHMT`&MBvqCZJcNq&?htJ~k^<KGT7&s@Sb_6Ct==G(<f=4bp
z^}2Y6LhZ*84Uu6WF-PGmFj|mDPY_C+!x~sKQN6dPIqzMsL>2!J0R4UX69DNE?B{=V
zJN%IzPVD<f`{vsZ-u?p&Di)K;>}-!J*ft1#GyA@kEh^zQ`tz^LBbn;jy{6KM8zYT5
z$)iT}A}P#zwDi}R3VSRg!#nToc^RC!FFw~4`K8k&VZ4Dsv7R3Nk^25u1M7dOVgB0e
zF2>jve9n>agXW;$i<9K-{ktu=<RVkObo5_PZ<#DZvq||C@E_oG;@#<2OgD(4+Rj#h
z@?Rll#)=z8O1_r|BvE|j*A`AUk-x~DEiLxO@D_+u=xb+5J(J|Gg4Yby4w&`bpVsMe
zBpW}v@s2F~oN@H_SlCT3aZ%~~{yfzFqG}OkD8t7l{}c9BJd7PUeT!M#4J&*2wc*e@
zve9KGuh~7d7AGPda;1E5KMbUxA3gehI=8a*r1KY#&wE1wYl*ad-MC^en!W#i7utFN
zG1DP0k^F51KPYdCe@*ofbRH(c(7557LyVH9P<4V*-4-J<BNmkQH*`w_=gd9=3&O-<
z|Gh9Rh<#ZIf*!W!u9Fz)bl>351W{b!`KyuH^8N#O;8wYkwHMd97as(WjVh4L(we-^
z?RiQYY%CIzX1u3re(|g(4OB*>%{o0U!(($rjuMX!C;!}as`J_Ax~wVyigeKJjnSc3
zLbo@Nz`6+h50IlKmqWVzEnu?f5P*OPF9Ag!1oNTX9`vP1IJA|xneDK7RiUiiK^!J|
zs03p+!gKXYE_XdlZjiR=7gX?Hgw-#`KE3j83^?k^>=!P7p$dFXvpR7?8?vLsBt#ml
zzT9`jX^d#j{{ZB7k&smH>D$XZc)Wn1<_jo7?djcyj?^vy{{NBn-a$=#Z@lm(1PIm8
zI|c|%QRy8_AVBC~K|ny75I{hw(nC>tN2Qn0ReD#dNK-lpNS9uO&{5j=#^0Sg^Ul1P
zooxQeOwR7f+2?%Pb80jFF0hCAp8HyJH9qIPe0E%zfK_Ai*I^7Uwx8#Hvo#JEL!;D3
zczm6yZpCP_i`!<3xHl?e>6wm%Dys`#_nME2qKZ3E?VXg=`6f5%^_iV|we>uUR_G0x
z`YHR6^g~$2`XgDVzZQ$$3pomtjl>Jl>YZx{DbV4fj5vxiBr{bCqEUQBa+jsSLOQoE
zWckxg`T4T1Y*dlkqv&D!18cj>6Fe?_|5P3F+AFz*B2BUX$yzWTg(l&eY%HZeB!54y
zNCKwWgU*T?uh_lj1vfyFpUX^yxxQo$A!DgR-Cz(tfL+(!QPaRJN1x0Z!FLXh3>MR#
zyUv&tCa8RjJKcItx)J&Gy?mzE);`M2Lt&?J*U|4YOU}sbFh9k{liu9uw?y}sR%roO
z>eVo^3iDfwb9Nt1@|1I_{@wk@*QM%KhSwB><aX+4`PYL+<_lnYI2wzw@2vPLQnAp#
z4PGKxR#kOC#%~u(<$JUqFaQ>zq&)ZE)Q2`vmqo0b88AvaRP5!_Zf|b$4Ny;8tJ7sz
zjEll_Z$pPp{i8e~g9D(Gnco@^ButZyb>_Ch16G}6$XwFt!q+GeIGHDIqZ&8q3nUCb
zji~4Lf4H)o1s|FJBfs#}QN95*tv8MYZeUuwRFQG7I|N1!S4N}JV@PGm7N}(CGpJL+
z?R-<1qDs}l*@n<>qQqz<PO1*U-=8P$%2f&#@o=W&3h<<>0o!w2|0YYuW+1;bS#qmB
zbhDDsSo*v5e`mY`Nl8T8z!uQ)t$sHHH5E8n5IBxct{nSr_8a>(<AeK=WDA7ialk1%
z`>eg0(y5We2hL{a3RBrFH`31WeJz8rj3I@k%#zn6fFHY?L&5}yiJ<v4hC;z`v32~u
zY67M3oQ3Op8Ci^(blzQp7MMg;FDToq@XYDrP!%ReO8z8gPS^?_*3L?f`aMp>gj0yc
z8!@CSPP;G3L`?p|Isr=6@V5}mOYMB!x?yg!Y5yE8P%M7jr!W#>vvl+onxRN?s>$>A
zmDAQYWgk2Rg9N})L!P`REW-Gkk^Yf~?Lv!?fJ)1myGjC?ZF88ipFxIE%aOt(D|tel
zB2xhU*2f7e1B|G^Qm<5SUUdmlMgG}|yc7B>M)g5qU)<acgRj=-ZMvlXk!cE(HCM!A
z6!!Mz6A!4#?`!1lAIDAQ0~(Y{a#IE~2u;OFh<Ujwr!v`mkxIAIC7ibIugCfe0!N~V
zuwXbWih6x1k}O4;dx)fNL&%Y$#cNr|G*xE3rQ>SgxIlMN=QX9$StFiTwQ-SfzUZK)
zVb!s4+CCba2JaoZephl&xbV%p(@A|&&fMsR__TbLz6>4uhxOMPA+v12RLu2Hto{^p
z>y9Tu(*c1&SU|%kE)Hw_h2+pTVUN&PcQg$xW+F=xfNuS?4STE2Z`i_9>Wy>x(G&XA
zzzvejx8o>zf9~zZOZo!hMz<<NI<EV!yc)ZIMD&i1xJG2F(VVlUg2ln9@^?H=aeL!Q
za2XP#ilBB^7@?&95j`Xy6jj9U({iwsi5wa@m0fG$J88*3iJ(%l_bd+^ZinNX=Pj^~
zfW=3`i_)mjduLm>8qz5QBA!+rFPH-bA;8VkmCJq93*_4d&|}FaG*a3$hY>~HW9}O4
zC@oYP=sA5z){<~pfw{!{D$o#@-}C^b@J6Lr)`9{_*pG|02koq)4<pRD?_6P2c9~c0
zy!u&-(GwVV#1s8#>-Og?yZPW;hgtn6fu&(pJz4STmX-4hH+R!1be@p&6VTM@tiG8Q
z3eE;bZRYz|CAnlTVwJ-W#`(+lJ{|n%4NFaWmc@v>gX5m&+}E%rEl309l*h$Tv4Rv{
zpg5%$Z1M(#u4;c(5i|hHSLL`(zWO_=a%9rUGg>NWR-_U!T4lkPg5I<*ok3Zr>$Ftd
zS!N~LcLV*5?TP2VMO*~%7)#Xp-tE#_Q$GHhE9YG;hp?srz!S4Va;+=-h?Aycch=sq
zM)cAUbUC~ed-(1J{<qLplc9{Y>xWzl6&GpCv(LIRd{sje)f@f0a#zFFWQGC0V<a&v
z0Y3XJ@Y@oJ$LrlkqOe=3%M1goO8`v8H(DM9t=BO7N>V@0f_OxJ)|N76ZG=>aIT}nv
z@!T2t^^QnWsvk0p`ai7vD91KWd~U)qqqL{yjp+))k{pS}<#7n!$SN|;E1h&6HaMV&
zhbA#FoT_$WAQVWXjvSfgysIy}CQ205J?rNt+*=vSf4!8I(=tz1z_!P@aUy{Pa}P7=
zJRr(AStV%RYHHw!F(&L{!Ok~*S*aJ%g6WJG6s=+|b@JoexYJLEkA~t-?UySqD)$0!
z$^uf)3!Rkm3`5yhIuc#23?U(_TdSL$J30~kToilX_l1O-=xW?E7Bcj0Gyt_Qs0Cpp
z3IWKPT*WGK<55<K%zcWZZ4^xWr-#&H4&!D5b$nWQp5kXiIsWM6tWzSP!6~S`ZZjPM
zac&zSmh~#EQ`@cQ*=wn`^w%Gke_#28gpfg#BpTC&MUXcK^(W1bFu)GQkv&-&YntBg
zqi^%UmNK>RliunHfFTxpwyCZIjqKU57dWXC$?d~tR0rHm5e-9|q>$7`>wX%pWkpA@
zi~3|AL4*;=@x=X{PEEA#Q`(8MEK7slX3#qXyl8$JyAcwJP^{Lso*b-A0n}3Wb4-8k
zxd>j<=1?5xaq=O~j-%qSg*`t58K5mNyv|o+hqq_>q}Z2B)MC=YiMws4YESMT`b$bx
zjd$&$!Oarjeg2_XJh)o3kxhD&H>B5OSy%g%4iyLHlgO<#&;f4m(fk}eoUXg485-Vr
zL_mQJH;iml+g_AWL(?n~`TC2w272#gt?cWUxVSYl67Dp55s1*Y3pa{=yKfg8T(mAN
z;o~DsE{W7>f5EpKo9wyg4nHYO5MSl5w{bsI^9T+;ee`9}!H#q_#(dqEO@#t3)EwM8
zmo1z?Vk~OQQ2$Ec?90Zrkh3K*RWORffAR8|k&PZC%30Q^w8?{G3R8uf(Xjm;;HWeX
z<z?lUHL<r>e@>dA`n~U-m{Sd!UVu7;vt`myJuD(b&W2-{2KeR$KkmNvgBs3SD{xTR
ztRSjOZ5wL`lRqqu;u`aJFV!Q3d{Os)G;$|3R|r|Z@Hu-eMT@)U<WTKy#g5<I9k>0<
zil>*kl#r~amO>uSs{OY2!nxX(z#aF<=pL(@d9L9o;9e$%qkaT^XsqA%Z$nn8F>%_^
ztr!)mB-{|hG^$-d@M68f6w!ARkxdA=pb<)7hT&PCnr-iE15_{=8(n=0#u`Y25iDh*
zB1pxx$lYxgBBDpCfsr?Fj$Ur6(+S@5l=pp|qC*|gQoDJo<=`YCV0>Em#H|CY8%%R_
z7cfAvQ1t^=9N_GDUtT>BVusBuD0i44Oa;DUja;XFp=O|CrxzH1kfaH_l|rX-7O68k
z$R7fF6_K>U5dDi|)!;idjJg+-9M~EqJRwbXpPoFRBrj=g*S5_F3+UoP9g+#871M^s
zr2WvUt{U_-k~y^6ytSWzxz(NK<~LYNqJ4vGyYB3h94p<o{15?<|IEv=G8SASGqJC`
z`PxT@t-E(Ors5!74Fi<bw7I^Mg+Xx(0r56!f|y_bcv^qz+c?SYzu6CI3bN2M?vqg@
zuxCBTl5z<t?F!KX<0TlKLMEHh>5)c;Tkx46FZ@zsL{S{lg;{t{@@?=|)J^slT^{bV
z`Ysyk-%kk7*hzc_BG2w_NTNdfV%3I~*J61Mg@8B5JTKGb8C!ZomX(t=CNZ`Wyg2^1
z56Jh?a4=W}1BNhDY<N??!_ZX%P;ry$cN62nlOP-~3Z_k3=?dROLYcoA2<&kN(db8f
z!$i-lf{1-aP~c#MLhTO!U`jTI4#d`bIC!LtORg6EyP#Ja#6$b#b2Q0<c`1ZJGlok&
zjWwM~RNyr_^A3ZhyW6t~wO+P^MbEta=M=r29UV&Yh6X4ED?B>1H1h8UKx<sBVUvh9
zF*CgKm4Nom2nI-x;+{%mE@!EJTvYY%n@2()EEZpTm^dNSL9OvMa?j7uKpaBZ=VRS@
zUtRZii%sj1?cDbXg)B$Z#KG+{yO|N{`cdykUD*y@HNuL@<N;k|LOzc#XfF&Sn8jx-
zJSV|n2c$8K=j*0cz}puGriLJ1esGH8%7YGi^G=<dIcRRdFOhsoSNzq;SGY2IUWqms
zvgjp(d-RkE8q385z=(~sYq_MCqN1pqUw{#|dGDj|;YC>=y*O>fK8I7ACl026B`&&s
zw#gzjm*CO&gBW67?*jLGu^5)mH@d}E*ODG}idEUPk8EhZjriUq+kMm<Or--k8GQvO
z<;dtTnR3e7<YRKGdg@YKlV8gpqD@ksYwu>xR)T@n22=WN2w|)jjlB?0&ed`wLV?{8
z14B_fS5+U|iBKdo7}40DPrY1teWFv$T~=CFFC0f93YmLr=XyKr6#$Bkr-`-BQ*AJx
zFM4gj(7gMsBsmFW9ce^rCR_+J<p~8zk7j5;cQ4#f%D`Q1Bn&+-DbU*<wi{!*vBNS`
zo;uvc!ZEvAMgn0A+0BJ;eW5oJutA<iPeg7n>wU{hXb^O>zZ~GK&E!$k`lO5%K=i#f
z7@|4}28k=T8tiWLTNKUi^kkK)-5PQ1r`o_i*9?}H$vSrzh{5K5Gs)a36r`o>o!S}G
z*${e+!@$&`V}d5rvA=6UEAgHRV<DC&>jCFC5Nad}Po6H#mDD1IY7OUPHwziyN!bNy
zj}8wpA=mEnbar00l;+CQFSL0ugPan0vZn&r(t%)T4H2^=PS|b=LAYVZ5I##(3!p<}
zDh1V-&`V@>_SEAULuJLiCY`ZRO9YdU*QwbECr{EyEupPTwvudcNj})Y1DP7Z{fjHh
z*I8Xfk&n=r7u;-Nw)97T06<oPm?G*egznig2oMl&PPjI5QH&acIVpys_nU1u8VY~j
z)MA(Ak{_9TAVPMqXFdMwW_QVTL&bFdov+Uf|Gdm+!ab+0-*L#*nt9Rebp%0*kp6se
zaF>gj3?)o0#XjTqipw6o7Idp|B9a8){LO8Y_QU$MrjwhdW-($gI0;Exn=jn=2ju2V
zb0d&JI%nDUX{cih>+6UI$2`gv_Igz5!_1MOliiq`5>3C2aqdOq_oH>o(>9+O^jUv<
zDG?~9%FL501QO@M4=5jz@#=M|zAA+*)xY9M05uzfrX18@S}~wS$W6Ogal6$*m$$iz
zf)zu4u?|l|P{Z_60}c4kF^+nApF#66bl}9>d#*n{OY*BU1#{#_!=_R+td*h-sv6T>
zSYz}VpC-atp)x%;Um#Ts5@^bQPQIGJf!iB2<S_$ay5|t%*`3mEAx%`~EqP~czz_Ew
zek>V+OVGCI`+Ynho(FVq#0rOKAMa;vy$rs=(x85cwNV{)E#`ZV??ZBI((FnRd~KoV
z%j8*xLxb^N2|D7Un-0Y>-1T#j$unh;|NOW{3{|PB^DfVPmVl;Gl|e)(snr;!u7(QP
z8wP#j6%l!U{!WKy;B)h_Qhh1PW9#<Cy6Hm(aRE`!<<GvHv*7DIq<x_vepm@f=~ZlR
zx+Bxump<{K8fhWHR&mK1^yAI1_$*QrcvGn()a06ItUeMLkw_O3g-{2ty^V69E7FE!
z^(ME_RG4NTiC)BrdJhoCog=CF_zr_#%*e5}wfrloM2RAcBSx^?*!@pMslMc!e%O*c
zAo$U{(5634j3AhxYzOT(uYz2XN|&!=aM;V2(w~lpkz^#He7AXCmVUCD`?YK|Sfz_=
z_!1fF3$lEID!~JAfC)!NmZAc+`yPEuYJ*EMxy{MH1^#KM5YwMsac0lA@Zt<Rf>@;2
z2N+b)u<++H44h8suoSZAGRC3K;1Z030t1WDKpXau3rwlEYTYmtw5p#?#QR#YUm~R+
zUzoUHx1T;wt-Z>$!&$*?_1V4hKdrJUyL;AUFrvUQt4`0m6+hi*y6<M+AFkG5RB|+W
zWc50lMD3>jCz$H<kW{Ocj>(s~VPKHG?A7!US^GPv+Cgg<_3O~0>$>vyJ0X3Clpg6o
zXR0B&w%mN0Z9m;<$DwAv(oMXrO-H`9W@yqgYO{<AN$6r&3ofVKZ#Xl8Ponj&;V2Hy
z0<n$RpkeBBx-Z0p26}~g(%P&lY}CU@s0Y3@&-CU>+}2Cax$e0V5EU;08Foc4M`T7E
z8_MKPDR<`1ki(T9$1N2;JC`T+RynWQd9vKFU^6wjOrw4TiDDq@Sad+qYl1Z!`PO&r
zB~R;GTszDR`RGl~S2$lv7K&af>~G~-k;PIdKcHq$XJ;zC135pevx`T(^?*FysL>1Q
z<cT~R4S|wI@R-p#*>d@mI#ahPIORz~Qf*oI0%~UsB&=1(;$745(1ctb@^`O2?Akdg
zX(^{zeQn{)D_vRF*eeU9rv>}A(<O5hdV0LDI5B8wQKsb8!vj!FZm7qK;FSUE4Q0~u
zm?$jAt&C^0r%Y_p5(i^BOq{8MpQF3teSu#N^&q17<cJEOIm|#P`Q$->xf$=`tj8Yg
zW<2f<l8Zg|TMuj--LGFO)Uj$Nu5Va#|L?{l625G~5@0<-;k$H2h83p)u$9htrvU_b
z7_I3V^_t6dDrWl$p-o0<fb5d6RxDR&g>gG2ad{^O209U-M){T!6~Nt+N}lRHA{9nR
zRFdVOlyU3gb!j@C^7;UVP*o!OO-DZD7HS0VWI@seg>kOz(fcS?@LO<#%|#1T9x$Pc
zMfT;h@=JgIbY`k6#IqfHG?|U<js6|G6YO*!Ou?4md5))p>lu?jj+4%(2yLfd55%^!
z2H?*LXd(k*9r(k7Vy0JGx$OO^K7?*+<Zt}@2gW_}J1$XU>R_G(wXjOHs=|*4j)vZd
zXh#3_Ie;4ZsyRe%^ay2Vn?R6sgCV~(^ZUy<g)-8?fhN*Oul;bwN01Ja%2QVSp};yJ
zpgGpb|8$*ray->f{D+3OjI9ujQf-@HOZx?@X&mjBb&e|yM?ei{ulv4-WO2N2NO3qA
zAl+9X5xxDQiKy7e#aLcmWgqe22b=|3<fDK+u}!fqe@TpD-`^6lVE3q@;yFMD=vF`a
zDi*B8`UF*cGz>C+jCy>He5qV99R^YrTzR;g!&~9;htW>(kx9BlVzh3-WU&_S*Bq^?
zytjgU>qmY+n)SPM-if-(=DYX({SU|?+AanDKekJv=aTpW(f$8ym;ZBJg8#WL|K>3M
zao`ob>btu4#VT6bk@i0zDimkl*>Do0)0#6)w1*k~y}Y?}VMN3)-nZfY6gFRNdjEK@
z9OPIxx%i{JO`z%J)$l#4DzB>_Srx2_McEFEQY?g$-=9W!#F7)wF+GXrXh<w&&ng%u
z#i#$xlAr3yb_-KNirGPpCc-v(F{`#jQ(hzCxpFC~MBAg-W5wYwtF#HxE-4uJXk@n3
zp(MtN+%t_?*1{p7l5Uawt6mCwl5H-<!1P}CQ7#hl^zB7bTD=hXIh}=f>-+MRK!+Ty
zk1M?AU-prUxElkR%dJv*!sN1&tmx`|_p=h71dM>1s5mK%j=5dfvKbrwB}1MpEQ8v4
zu)8`{b|$@Ta^>Gt0;_?sx6h(~EXTipJhYo6wHes+LUk>0Yw}4b5)-ViOO&1>wW4o2
z`>rmZ8+kV`>FB-j|3fS?1S%wvA?zvxV*FIer)}I=R$iLZg+Rp}Z4@)<$XM<)uEUIx
zit^}|$du{Yub+Ywh3Zt}Zz2<p=L@wcI^;L+g7YA_Xx4~315h;3_qJT02_lZ>%UNgM
zL`u`53Ts|~AH49t>|zrs_skfa{Wvnkd#615qXqZ)vkc7(qN((2Z%_Gh;|E;o&+|t-
z>}K23MG3YPMxUSB56HGlQ*(dV5)uNzZAn50z;Lp#Jg@t?)H}9@$Y86mMD`Fc=Gbo}
z3-l-n*_97D%HxEGvhr7Pdqdb$T9T3Mp^XhvGW`|X!4_Gh{zK`0o=ls=kLFI1qFfDk
z|Czo%eU};NPR-dNW388w_uw3sg$Y_VOA{TZC{aOI^AZ(}kHZwfF*KVr<iuohS|U7n
z{=x9apBo3>Wx-RA{>Fa;Sf8~6PaG4hlQ6XFX=e|R!&Fn(B9^<y4d6J};N#^k*i=)y
zV}PVhhx*0SnU~Y$2Z1F6ojEz}JL+z7ee*arz-MKG->P8lp!t3*cTd(&Nk%GM>wyy#
zg93OX?x?11Y5<jW<Pu+v(rnkYpT$B3^E*c@vUFjsx3cK`wXT}}ji>+bCGAq{P@*~{
zYEAU!?s<h?@l_}D$!+CVfF)N&*)i1$6FQMhdi~xl$H)&Ps~<BB7{N7vrQYecok<&v
z3b@o@)&;LPnDRc9BXS$=DvUtYEq{I^Z&Yo<t30jtc<Y0|b9jy(@7%jEjKR3j@=dbh
zy?tL1uV%o4=jQlGHT4&k8ia<U*wT}J2UnU;wB$5Doicl^V^rFu#Zzw+>81CtEyMpf
z|Judk?L6NE9IC_9syCCou1jSa&C!~(J^xKo?LUA_(c^pa2Mvo#JjAG~D8FHBhjCQ>
z_`>9>^>l1ErhoI)=+i}d6`kC=w{KKWhNG`n0X1}bXG2WYs&V(#Ygs(6t=VR4kALRC
z?biQ*(CHSz1L6_(lh1jXWAlaY%@C)2qB*Dg{BXw6Lrg68l;~h+udF!y`%a_4xFbm<
zw%#rTV=K1R|Kd8+kH^<nLTq+(Z{-j>qQLATK&q_#q&>}JoP7for2|aRM-dr>;QL>5
zG6<AWp$s>Cd_LfIxaO$Q!l^ZK#N_7E7a%AwhlzHd`UJ<2^ZCqen=FBWJ?Hr_ogNXV
zi(RP?Im#aOdPmR#d{1JT|F?zp(<`btjRDv=(#Q4iGCx}QDC76v>^dR`C?-)nM;v{b
z=U+)_sR{4SO%%lI#$NUzrtzkL)RSpA4!sM}nLccFs8epM+QnjACfzF+_#|O>+rn3d
zc}OgRgg^u!*FrCh$nd#Y$=+C9R{3;qWVP*os)2t-)=1C>Sk})~LW2Xd@w6eD*QEw+
zHM?UasC^X$qJ|DDPw&c)0JZSHefu&T_a;ohEb3SMFZ9qtg6?_CTVc6j{!e^7nC0`t
z0ye2>R9jBFXaGSq@a_n~Js$QHrb9RB3*!>=<2_j@gtOh3PdRxt0O`%38kF&kOCiP0
z(9T#_ZXc_~n4G^=+>b($rW{G%beJ7Rh0Fvp&W|$+va@6L)M=X^W|Pmcc~7qTYg~RW
zo-^Iv!#;B=AiS9f!907o+JdhLNgFJ)fAISjqhTMqK)2{JZ3Fv)SJk3P%qGfSIHFbW
zlHmVIRu4wt7V^Ho@BeYQJR2p(@4(yX3xrV{yEc?ZLg0u+tBz1Qt{Z<bY^EPJ3w3e#
z+k3Qh7^)BdwlKqx8-kNd5h_O05-yh;OV*b)grdxXKJJLN9<*yljf&iL&5u~Lq`oh;
z2$44Q8VwXeL2jj#OHWt}!GlxR7W=73b%3Aj=e|<mK-1X%%1DCUe?b2433KHQ1g)KC
ztMqKFCms^&aMLDtA_CwvmO->}{UD`iZ!dzZSUPo?EC!5(2VlGN8~>q-ur&IV`6DZY
z_tcNb-&YF5>@>O!#5zus)cK})>yRW`EMLxru3?VWT5v>c>ODtr|3!aVTNFKLpShlk
z5l_cuYG$Yj+Mj;0V2<5GVni`+d-~NCXbv*1=^Sb=$p@<NNX3O##bKR@92#OXjqk%`
zYKZYC&#we<yh!d}+uCMo7X(Rv6iD%S@@L+2h$$DX#d`mJ(Jg|fucuV3L=g)-{_sw@
z?EvZvc+RvmCB;=hzSjG?M^DnjW_myFYKQIEhT+3lS4}>BueyfOB8$$&AEEKVc#E><
z?8z5Dy0}$XhTZ#L=GClh1{7ry(`Nf}VFFO6yzdhsdtI0HzM~wccWYl?4(;6hBo`MK
zSZY4JGH`I^fPCs2TNWu<j)G<N)-1#Z3a=NfJ)Tc+!9X|?n!oR(p*m`xlwQAH^~$3+
z@_+2$0U?%0<_ZtOpZGA(43JPQJD)BOFhcK#;5`(5a&un-Y0=*92AduVa^_gbDPs2K
zM=q?|#bL?VqQm3t<shOq>9p~J2wf}G$Am;lR7d0qNZ<a!>`R^w$VKqI9X@3gAL$#_
zh2U^PR6Kik9hvVnwwybtvGG3p)^WJHmdFcHi|(1u9((TBTOWw9C|^S0<HDW&#v&h|
z*Pn&TdW=e*`aKS~!T(H|##r{;@Kzag{O%{Y2bQ+g9CotjUHW-FIl*XvDfK7Ad=$C<
zTBz!R?}RtaX}*U<jtN&|zDLZJvW9c1KwndkOE#c;r<yFdRK>+^7@EZ%;H-m`CEW^8
zDhVU$;Bmaxrz~{h7FXjLBQMO037R998<3T7Nyz@P@5`UTbGhSZ_YGSqaOUFjs!o0w
z8RPuv?C|k*4kCc^L6QqNyxVN}^T68D*-VjGQlz@&Z(HR}L`V2;AI;uFFeK+Z;>H#@
z)12LK0SVy*1Sogbq7I@(wx-*PqQVAmeeO<CvDJ9Sl?7`oKKgSsOd%=&cFN0t^)13x
z5HSL$0SY(fu6t}4Zw1B0{qKouWUfrCV3G})c_*IxI&GG2WJb8GD;nV5FdI!DAp|S4
zlU1xLeVu0<fuwI7Y01ZoI`jgRpRz#x<{A<r)%Hd;;fm~^5siHde!;a5yrmn8Ldg{Z
z$E_mP$9(03<+6>OZs&LsABKNkhc;XijgsmDEKgS15ZgxF*SeTl`^HTF8TZ&W{A4|R
z!pV4fB@CtLokt^90s_e$>vn0_fT*?sE!LYbZ=Z=Us!(~s7IKY0KW+iW9g`tE-}?>e
zczdZRrD~(D>(ID<Zuz&IbFW+(HHK!zBKniQ#STfgP>~j206IJDJO>+)gx6{f)zSnl
z)klHNUej-;7JmHsO|*LhO)q-c{sSm-Kj@#oOPp`XIUycJ?Ar>v^?4P+VuHTJrI9sl
zjBtg&4aGlXOAQEm(>Zi_<*va?7(D0hu2;;Ni+6myWj{az)1y=p;GP$v>eiq9we#eu
zv*#Zvr-}id+~0S9skJmTk6{p0D`4HrO-Hy0HOQ)q7%<T2b7e#tzCLw$Pw^GISro|r
zZqWYo75`!Ib@huIv?@>M92QzYD$Hy%u|w|K`E3eBiv?BfX5nC33n|o2s&%T2Kz`8B
zeEplD>z&o-hZp7C|9;#-+-b+e`Aq}lIIo6AO|sewsoSmmF_RLC`m0;4ln!irK{tt^
zDF411MJXQDLf_XiwDAAbZW~DZU<F0H^xMg`o$GA*)Cy<AUk@eyA%X$k7QTiH?UA7^
zHoHWbO#Gj?@T%eq*pjk-`ooaP!4~44<S$;^QooCy*6i#Cij8d{s%h(o&s`6+*^O)0
z3c*-I9?r)j&qf((jzqM#{D+ZQuiH|lFRt!OM=^)KtHEQ9v?KzuHVHe#A4WnP)3t8_
z+)5q)@AII1+}1;A2f5wXhGBy(&};M2h6p@BLMC!|?8BRX>b{8#jVNbs;o6tPfE19t
zVV{zD!@cS(sPo6xN8KrW(X0b!F2A1MQ~Mm+`ncSxR4J(U|K3~9`RYINJ@|0C{)D+5
zZ*=+j{+r{q(DvsPJ?2C)o~j4T-l#G)eIc{iesCNRgIRi4{di$;53R`=l*$;>_2v(E
zJGUgBgiSVjZ)m0{A_AeZj2c9+W2`7de@|x#?}cKbAF~UsEk)d*&J;QH_bB{=_9}a$
z6!CjA=Y2HD`i}oFKAD(cljAW~uVhoFlu6|~pDKweFY?`Pm5G}DTSg#D?VWg8pM#GP
z)iM5Tu(tGB(4S5NqAAl-H+uH)S5lCXD47;M60w>;c)73rp$Wg`mqYZzIyv>7OEG5l
zW}|yo+>!8FW`$A>Qvgw3#=>h{ZGl}(hz)&L|3PO`yZE5x-9a(88MNO;m7q$0j_GVB
zDBVyvky(hB!h3l#zdWpyzaMuGax2CV?FeW6Ih6L%5N9bdxtpqL<3dn9&%=Xa<Jhj}
z=Y*<)dv8TY@UIf~H56sm&lm%c&ax*xtw%_47p*J{vgs@#tT)-d(3zb42(M0b&Wnhh
zI)=2#$+#JV-u}aI8!dYjS>IiEU1AQxC{l1O%*@%Ux^9a>$#2!-dtl1aCvPW~`a~U~
zeI$c>e8^(qn~3<3c9y&RaC-|yaz5!Gq0ovt%TtW(Kj48F5b_i%AKNXcE5uqu?q`3$
zs5ZpQ*OmF#)kv%7DRK9}x-IWF)&-rK(eLhTJ!Y^W*ZrSw?`t9}c1vT1lSYV+q*3(I
zw?CyCkar`y1Qm5O83{+SN@w=Mo6YNQHgi0$4o_Mbc3UKN+r}mDdC>HYMtYcu7o+(1
zTki1RW^2D2q%cBy(Vz_b(t1=G_u6OSwd+!7f`~Ysk$@tNs|FQ)<GNKw-@pgSXyYl>
z^OBGCZDl>_a9c;2>&{)&Ov6mYQwA6?T^Qc-@)f&DTB6{s^|jZ=Zr*eAc?}DT-t+Z7
zV?V+Jx~RgKjXS4L$1SitAV@LCdPSF-70)s}?ONR%O+Gc9*?E(EtGh3y>UVUmE!7h4
z3<#j;Et5<AKE|he71Z0_yj&P?Q;{<uNK7OQdokA1eo5gVlV*HjU1Av>%Q`W^{zOZZ
zMBGm2ZmJT*FiN23$?<%wvX1U49@@y4b7sj<$dW2pe9-o#xWIeHW@-e{JwZHA$5*LN
z-Z?TgW;fVdt;$F~U>I{W_)cDay6@<uEnAfX@6j#Ewn5du>VB`2Q02Akh<KYu&`iQ;
zZt9zJaLiaZ0CZIy>lP!(#7KFUrf-9TQ7q3o=I731KLo7@H0(*{cH99nH@p_wM}xm0
zV3?}Uf_%G?ynQ-c>%Uu*9W{seRChLzqg0wy7XcfruPNwW#QnQrmekQ8nJ2SP?@z@v
z)iSJq$x8(T)Va^9E29@oN!tC%eWbsBU8=ukV>Vtg-8@`?i#I?;uWyAX=KCbO<UFVZ
z(K$2i9bOr%$<a>EhklKO(ClOjI=@F6$nf47<JQ$};ax`59kUyBS)=FHPDXpQ3@`ke
zHyT>t8MKMyBcm~&8|T`Ty@~y3lup+NIN_@S=Zpid_Z}Ai)*Eb4^d{ntqjvk!vz~I~
z1I*AXk}uy5r1B797S}VlyWfakCpKJhZaq$AaP{Txj^kzFTya$gb@pSgN+0CXk})io
zAIk>F**ukNd4BdEKu%;KL$@n`J3%?bo4!1tF8{G~Zb+}`FncxXNFsjSSKj=4Njy=p
z3|M~8u9@D~MAz%xOS<Q$FaklEwZQm01TWYhaN>YQBtOOo^cYhZk@iTY>XT*QR#XVX
zu<PI>q)-Gg%FO)w(FoaWcCOMVR0}DtMEcsooZ|}puFRi5`8+_){^=>QgVY|d3h!kk
zFY3%{JiNE>AmjRXtp>&MdFc0ZN4=t=fE2P?HtHyMZaG);t=ac(FKB-rtR3k*qaYVr
z*|Hx|_pw(#T-?-tnwN2Py5~`hN)25JtW%G)@~2{GyX9c9Gc-1zh`{R?t+%L?StD8s
zq&QuX{i(dJ1M7)>C6Uase!Go-_)LXGMg0i#5-t4Vs$z#9rXy-^xft0e_T{l|<e;W#
zNGW=U#Af$fNVN5ucbbaFGPh3VOr``AS(>!G^FBy1XJqjvbk?w)xhTB24?L{`)>vn~
zrXv}tq{aN3j7F0gc-60wV8a=0Lm`3_5(V?=kPg~a7>X@Ho}^_1haMQcJx5gbMp&$d
zUs*>c>45#NLX(jOkbaVk+jr+SdNV&St@9CXN9PXwc1^S2#d0LGzIjS=@z}r%A(7G6
zyQ$7d&+g!;tVZ8EvUI+dIjcNAt!PLk?DkA%*IHT@uS9F@o)N7}NLRx#MWn@p<Gxwy
z#-`3iEXBMV)SnTX-B#CL7u@Ly*cf2nKAG}fih^cN<uq`e;%$?~J@3Bho4ulhJ`BJA
zddFq_LZmj!j^O(;$=PN9AFBEIm>@%RzGm9W2VvRZl0<bVHmj4D;5>Ln`9L+v?FCJx
zyg}?h-KC3yGpaXP(EQXz;h7MQ;<m(da6|UELH&Zw;^R7GLS67xnS!0reT0mST*H2V
z0f;n}hMb1(nL#q7I!`IRZoTdfU$^WtzhP_boz@w4ekeV<UAE!OCpQTUuZ-*^XI*j}
zuZ9!kCaMH9VZV1~N(+z(Zppw*0~HwExxzDS5!tBfB*hYGS4kzj(vq(Hl}b7k@CXL2
z<}?p4QKbMw(hbBg-9HSc$O2R1KLd+1uyPzBP;4@aKE7twpYzZblE*s3JNdy&pzHE>
z%4e^@d#T9dK;g>3AR(fu59Zo{QZwUR-Y4n`@$_;G7ta*-Rj!?hDf(g=5tIT(>xsN1
zz9T9~7zIfowT|Vv`yMub*yAb+4thcUTzTUQX@m}$z?@9sf(N*@?&_G=S+`rRaECY8
zCSdQKl^T={1{HcMa-hAVvMWkueVbWu)4_OO94X=U>>5x5LQ%$GtW0<?R;lZ@7`xPt
z*C4|MftSHnQNX)I7QSCiMZJhMZi|^WYF~_+dzuX}uhnjBNbD>{JQmt?{Q7H0D_9jR
z6REpg@vxK8*OOpTT5&pX^Zc8I9Deb(jxE!hHeXAQcxP*Mc?UDECYgn`(8mI5nnUX5
z5U@Jw_YB*!J30xZA!%k?J22*P__w59F4vYK#c=~2$Zs_LakK?}7dt9}Vq%W97-Z)x
zC_h}O-C8s1e3=_T#-O`E6@b;j-K%0b&nlt7@(#-{+o&g7TAtX>yfNcxT(P~=vH=3k
zz$A*-ge(o%Y)$Qr8|{5l=t!<*(e~sP;2`wO4dmMuT8fFYrFY@eQ$vih2o^8a81ZIe
z6rb8V&68~J3ai%hKkSBvvwvMY_aw_e%~^ii^O1{CM6!ph<l+nuqITM~J#`1om`v7>
zXXvYIU))p$Q}CiWQVhurpb55MVtK~vNwuXGZdb%b%J}5*8Fa`LiWkuRqoL18BIw<m
zeDS4?i3vpg8}^CjsU5B$3FBT`utLcRW1F87QV~TdK#UgQTec3TYHNOP5<BnZhxI0S
zHYbET#!4N}{P7zZ2+flB4)0(@M_3}9SXQQ^c)$^cFX684g>1~wn|#JIu5twlr8HEw
zz}tz5Or$1tGBgRr@}}IO0BSI@YO@slBXBK@{NC`w+;OfbXijG8K3a2!jbWjSEy>Ki
zem#lkl0#dAXWt_dNJzjSZ~5D`j0QZG_n!CQ&p;?`YG!dhf(9c>0G(vlf8IrxQf;pj
zB>kbItasV`j0f2#peys%z32}(1qcgCt+h2;+!Z<o9^?9dwuWXH=v(O<Vjs2fnR4Ku
zQ@pgR1XEE>5I@yhSXg0_9tdeL3jrso3L0*+kF?OMPgh;mZ4|wtXw+}cQ!24Ta&SZ*
z;qG{=GE#nf{wGO0c|II21-(tBZC@-27>oa`_p=BAAUx|iYJViN{GZsM1^m#*hL7jT
zR~gwl+AoS&=nV+XH^*q$Q`vtFur(h_qG6HrB9FSn<pA(#huStz5#<IqPE{;+!OS{J
zgPJj>lS9!)3rb=x2qbwbnr5tmcDvP;H=rOFa(}(U7EX+%q59uP<QC(Q@GuP-Q(X`b
z4}y2;r8#eCf}qvAqB!A%aYh1pd<R(!9vP#~U)Y-~`U0*q_%)zQha<suVe(Ft<(<3w
zO%2iaaU^8d%xV1$Df&||<os{8yFd~YU4*OQka`gnni%N%=<?0TDxP{F2TC~ZXQJr&
z(R2bJ{i>J#xT-{m1P8*mXC9&;B&J`6YdgF*b2~p&N+cO`EEM045|VIn5ol*99~Xr~
zUVUYa;k?5Lh4s~B(pw;vwqOiS;ImULF=iEu2fH)zXn>RxB>ASnUZ%M3qOA94EHMBk
zetOzm?V0~Qv6a9d1UI2*O+v$^2=Z3Qi>LUzN~j32Fl4nYqjeW}>Esih<?YaGRQ2!{
z7gX3<-;n=_ZmUp|ajKXMCuhJ29WEGM1n${$R)JcQH2^l}pYy<w;~JllqX$AV68!=f
zm%~Mu4fM)<12iH;W)f>=5r?Fpg-VOuH0Tv7vRlbH5D<zG=pwJI-B^khNN|5!vylGM
zn(_xlpoS<`h!Y95^fV`Y)n#K%5@m$SO^d0};J_F&pnW@IID;1huI<662a_16@Ea>y
zI-uwhD<^{+Jph0|S4cTMd-sO3jkKKq<0v^%1T-<XO16r*7(oGsGkpB3JUgJ4gn`qQ
zDn3y~nx+EU`;`6!tuU)lQrZ=w5LKEBRW;6f>TW;=fHx4NW#JKdsobMM{TUYZ%{kLk
z2SHxB<g^i&Bf*)RL5{>sJHO&~qJOSZKN(5ar-JAt>JfR$NZ_F`%Vw6&*LQ^|i89)?
z5thG2jWWz57izr5ozz0o<`($yK=8A^J@ZnP%!H_g=h)Y7sZD~O@x0LpQ}^eC=RS<?
z8R_Y(yZXAN3c}!_?=#L=OYJpSm~Q@7bg)DfWcwp}gT0GR&TMhsV{_dRpal4Mk!Oc>
zWMODkiA-pfylHF-(imi0Sdg`$pTcc=v-b}kgBE8Ku?;xIw=>xrPSPq-;t)j9W7GVs
zbr=*$Vg(Q7Rv&!G3qa*SjLf=&8vOfOcKoSYJLh%u2r>};H|OOjid^bc0PjjjRu>ty
zd|hmgoWP<Og{Odu+S6@GwS-6zt7Y#%;*U%wRe1Of5z6ktB-%r_;~6H0Q^}{rKZpco
zdvE1o-$V$M6<Jkw@*!Su{VIbguXL9Fq=qhSoh3>cV&@WN|5M7<pdHc-7{!1Tus=g$
z`fOZT7s}O<C}vQ|6|YxGH#u{tM+-03+VW>oR&PQ}3%85{m7v3*XQ?fNC~mU+RwEt;
zbQ|0?;Om`8rL}i{vT>+g$)VQvV_$=e6C3_zi~9#0Ef`X}T<7e^bwb<_y!s0IOuE??
zTnJtK5{6;by)JN4+7FTz%XtqWed{f)6>u>unuKUHebaTmgDIf53imGg=^RCEZEMDR
zoVh)LlZF9{DKrg%mG0EK4dnJ}A&*?!&XKNsZau#q9BBsmtjXqemQPMTIC|Fti9>R8
zuRj+(NryHpj8=0{saM#eHj~Rvyzw-A*Y9>t|KnyUNTUQ;KgToY^Zj2y=HI-V{+kB?
z@k<W@OejOfNJ@_31=GzT2{dzvbp7>%f{2c;a>*iU+wC$&Dq7l4_aae!=hNTrym*<*
z*v{=a7nBle^X2j2RQiqcol`E;+*IifiJ}`eG+*dQS{Tzfp&92=2(Y)R`JFm8fENs-
zV4aTSueNtjw~`iV0^ex?!s($%k1ntZ#XE`8x}71$YrODhx>tO4vWz;^{{b9rfn}Lo
z)Tac`C{~D+$IF*Hf%_;c_k>f)I`gK}%e+*zf$z~<Ub4A3*(<E{4hkWnkH;cGG2HSJ
zCOw98T1B3xqe1ILM}c<5NsHjWgGd06V)xJgdEsu6*AuN`(_sZfpOVdg06m<7MrwgI
zcai1!&SgG{tnAfTxVRl{ja9_}#QpR28`t#ZUYDUX6i(K!)4n~M@cENBm3^&WsYb;s
zW=P@UVVP%Ow1IK`!d`BO-^<VV1c1KxxpwkEsUch(B=|t`Eba{mdTsj*`%aL=soJ2H
zg6FX*8JxeaAg92mfR1c&Rr=(7G$M@pbyMf3pSQN26VXg@PcB76h-QLv{9V|2W}XsA
z{-j$nitk+j>_GBmXxaz0{1ERwUR;REpVm9t4dp@+kgqh1NUO~Au`agLY9%6~K&``4
z8FcG{BtaOuc*524nUb95N{!XUGqlGm$4hwFo+SU}jO0p!NU#-4J40X!5=(Qd)SGAM
zw;>QbL0bRfANxipDi#;C8Xmg;h+BW?g2=yr?l}9PFSugJ*`j)M`oTQ##$;1*in7o6
zg<(7Ac89_ax@+!7v)KRu82nb7nSsWZY)%roCp|!-)>85Moq1$=9+NH%+d6!=r9K<C
zd@>A9(2etSVi}Fu;<1OMW=Z7YMHp+}HXZGtP%1GdZF66W>1Y^Uh!3j&Xg4O{$FxqK
zd?Q*fgqZ2^b^^+}B_&C^QPjsd68eCGn8dSISDLYc2!07^A7XKBO<mQb=eKNvzlPH-
zw5HyR)pXRQS30@6G}Mg>_=~72W~BdSY$%&UK0pm(XxQ5wm+xk7-g{5PoJ~B4xv_7#
zX^1J!l9833hl*hzF0Q|?JP1_t^<Z+U=pc?-my=^Pr@>KHq<5g^Z>t>^In#Z4SX#9f
z^G=vcy9EMhp(zmL<lcq+!LlY^X|?h^$!=QPlhNbn6w8A%!|08eT}3Jf70KJHSj|(@
zuqwQvhTr_fm>4#Vgd9>PZ(v5nfdA$hWkNf3pl2a()YJ2;h@4ONWeG|iB2RuJuF%pX
zGM+LrY{Ypst92tGnos-i60g~(yy|~n@5_9{p*pf8)qi!QxG%ExXuUo5U~sO)fF9OV
zO^;2GgolO+iaQ@Ww%*n~sh@sG)I?Nop8f|=ZzzS2o_Oc|_PMl<YCm-TT_Vko@oN2H
zwQ>=4v~h!|CAbf2n*&hh{w>_)q)>Y9H5X3>{}CLoZ1m}&4Wp$Gb(O>AXqjdn2;6zT
zkF?lzk0p`>8!_mUPW%ZoFJHQ1l}PEl`=e#*{m(6o$Ik8nwBxMSUy#Wn0#LTM;{vD%
z@tKJDPvEXTVsyz>Ojb!6y}IUYaUYyMCRen5C@-D<??U5rM>;qq|8CdLmYZH7ZOx5_
zsJ^swdVSycxs#dR(uYmk_4Der#R#_;!RAYY)JgT1pK}q$Tu19#Q22j<jC*BKsm8rl
zr2%^-a{C)Zf>kO<zwIyUHP`iDJE--M3ni?%hyT^);r#%Gg=Yo;1GD(w2Uc$SNkXqJ
z^8WZejB6vq0hJ6gv+36W$=J3|jvIdHmi8Yn-e7c2`DOY1Bs4e|L!jdUt#lv0!jN;{
zt_hl|sH{Ob(_)QUwtnjbc+`<u(>)p^?#Ww<Oyb=i;XOrO1{}3WS~mHD`tHtQ=L+CD
zz-}fP(mlo?Dw?#T<8MK)HiEF+HsxWUGB~5rCXayF*}B#o_>@!}A4~R#CmzF#aAsla
z-fO!FYi=*k^`j&d&qEI!Hzn3b_f;961~<(}oa#xlDi2n<N-_mu6twHz-mfH*%VoW3
zl<}bMjdrr+rdLj9wDezi#)T!NQDuqFva8_CYPc!oWr&#fJd1xHcXsk5BmNUWW=*<F
zXwr0g+<UxGM9QZTK-AaRXjc$}u1*S8#qUIJAJ>UiADqfhbhZ-Kvr6|f&0L9Q@uKhF
zWfTZiAG#@BUVQhY7*3>V!<_B<zyKGO<O*3X>`anM<4&Vb3nT>cON#s>JG-*Z*Vqqo
zoY&HxNb=;`a0KZR!z#NtgaAytMFhBPQOp_&lWCtdrguO>>E$m+HIR3PVm(s3*ft}%
z={>86^X(bD{ayK|jQxoSNJ-8+hvxZX)~2fSfYUsRnB?pr%RhyYX6uj68jFXIa^^lt
z7SY8KjYG&>_rmCX={M?T16_5pFTFj`ZtE#{@q)D&y*2s4f$e7_{NLu!1JcDA*pFrP
z;@Z_)2WNtp;<CBkDLA4E!${gbvA+}-c|a!WdqWd~Ow(pj2w1}PUo$Lf`Ak5szYX&9
zkslFWPd=ULn}{bf$;i^*Iw|Gd90<GcVjtmHPi`f~t`%Go5shptPvhg=!=Zr9T&A+`
zF6*sF)?p+Of;Toc|7?J7O0$Ht$mKyXu;BjyzLO|#pqq|x*Bm>|6|(Wve_t<E;mu19
zgSVkm8^XA{oPZm862cM{Mnm2jhy*l+KyOF2?FK&71jGmhSHsm{a#jg0$acY(t%pVt
z7KiZc@4wzdM3yRbuZX_1@?R+nH9?FnguYiT`*obOY8>10J8MT`h^@iUzs)}eY1dQt
zgBa83>*D1$#nPkJ-&%+D4GFG#=EtNwmH4yf>wJHfAqQ<A;P~^k=GZkCf5S8eE(|Z+
z-c%%!r)`_7cADbGCd8E|+R|Oy&2I^M{y+c{X~K0)HG0&o3A-hKAL3^J**o9;Nv`P`
zTa(w)(W3MV!Py*1dg`*LeL*!Hc}c1vC)>M6Din76f+u$$a?;retg#HGK9Kqe?aH6q
z_$|tVm~H(lKYUYNl>ricc&zsZlzZzrZxqzF?9VYHufmsg<2$~0M4*!wWkfKh(myDj
z+GH&ZhLYG*`+GjXW~)sXS}gO!5D5Xoq$5-?a8>|m9aau%;()gd$clbJBvRdLn;p1C
zjia*s8_zuQASu!P+xZ7B2c2s11q)>?{MW>q*SA<*AUZPmo6VzQ-#2xAA>PbRTBN~b
zvlVb(;cDoD$nmb<1Gj6;6M@9kcxEE$E>mi$)5kOT=~RA{Gn$20V(USOmf1Rx$W~u#
z7);`Svh%4lkACtEwrO-QI1y&MF=?C!3Wj4WFVh8j8GNdoD)TFwRz&rGPy)uDH+f$?
zopeOA!8dPTEl5I9{0jBc!@GVXjCon!3%fDB7b{uk21s!>k~zPoyd)2$Cqv`+VKHl?
zdwTK@Y8is1HmzfG$-vSk`xg(801l>PpsX(3o;h22@^W4R4Iy`PF39xYDxm|a_zeH*
zq0ruRQ-<^yS-G3rCpZoy2tuZ8qa}$)!0AOuzd{wW92Qe_h~OCvBZK3iQ@5f=O0zMY
zIytB*VhMhqmY<0Vxh71k?tLD;kms?3F?gh8e}I*t5mV-iacT<>ePvU6Zzbl-D`D5x
z#cuouwC~r^BSjy?a*Mn(;f;m&WyAEU%8%TD<gA_#9@9}|=2sUA?~)zm`egd9=4Wrf
zAoNx%%l5!zH$~(XDJL6UM*aNEFz_19>b?=Osan0mCHu@l{Y7iM^Sscn@~-4V*M0-E
zN))=IVe*}>S)};)K`t&sch?wG%Iw;&9ssQ(wR4#XkOD}L%?z;9vChobycJ?rKM$mp
za8hFjzeIiTTHUSDh!L&WJf2kpe!bQF)<@M~DvXn3(=g1aIB_(AsWOu;!d6BS$=m#x
zuXJIo;(<ZMA{J4nsKFkuIoQ{vdj-?p%Fc!fUZ?{(v=`o1wQfmw60;N*(x)@K>wM_b
zk^dTPJiBgiw}g_7nS!^IqO$1v;~Q8~Jrz(wleUq^Gkz81Isk@>a2;QLlBbR|8lg|s
znos8eRH1@4uOj`&g^U4TT5iQ3H~|FIe|A~#hmt6DT*bUOcpDz+L(XzMOm=s|i!%#j
zsP-Hp0h40i?UL)YxX7v~-;JX0I5idF5Xrb$m=F$$e`M<!D-c7<RdrbYM?Hon+TC4*
zb#~!)&J%m*9(QD4Q}V&dtheNY$ixHQxj&4Sk%P1rnWsw+`04cp4Mb!JXr!Uo$gXr3
z3&6}QnjkxDkb$rdv6^XoHNXi4Mbf;~a7~9M#XW^FPT!e`L<-7tVg9Hm-v$q?xoRNO
zg!*iKTDy}ew@I_LNPCpA&w?rWu6=bzJQx7RPy4(-+(St?bxv*gKd3k4=%y_k5mM5Z
ziDn5Lzl|!oKGUCJFXctuBR6I8WQ3I-g5$;)+<gy=Bn|0J6xp1|ny}}(Q4l^w@qU#P
z579)zFnu_5?hhs{R<xl|#~r1V4Oj%7nA+#^!J=`lUu<-o3QnJMZ*y{(#bl58D)6w7
z+U?zvuV91-0$@6mnK7dkz1B!^-+R7Y`Kkx1btMpFDUxE6Zlh4_Jfqy1f0(h5?dnGJ
zZ_Q1<&*!B&-R{MG0c%Hl&MoD%#}tS}vZaQxd7%WADwD64V=Cg}o@>eNVb`50{?sWy
zt-M=*YygCWO8>Yt2nODw?S|qz)H1C5gC|+-EAvc{I=8aJg=Y%cFalWzO`B7n@2!x+
zBS=KF$OB%y(*=7fySmQTwljcsXz#qKje@E2kmgn9-E<BVT94%E1w0#RDb8|BzXBBP
zZ$8F0;TMDx$ssufpQrA*kkK4-mQ46^5L2H*Y-7VkODxCldBpC13NM2|vM5gJ_Df@u
zK$Cv0Oct~dH6blg;{-#hC_X4qpYrNzfWkeZ!&j<Z=6VVh_q}!s9g3#zj2mKr@NH=v
zQZL8T%@#5ZrxV^Jdktr#1R^00gfG>-YF|5_$Q7#WslC4Z<>X{q@T;A@*@|jLk|Kn-
z5(iXp-hiQg9}kKwtG0mH--VZVN5pjhAClg~pUTJo|3BwAI5;@RJY*clu}Ah+=WvW;
zA0vdaL$b1xWE>oO6QN_zva@AJkwaFZ%(9AvR~fy3KHuN<KU}xlbv>Ss`~C4|L^ovi
z&Wg1Xo?tq*=bQF?Ix3TPF7+{!sKHp&y-?+(&y#>;D)5~@mnwnwnVI;$s@1m-Y9-6%
z_o{z1Rz_3SNVfl!wL!@|!Wwp`QROU~(eLtn{kAc4&oZTbIn$PIOk{#?>;L`Crs@z|
zJ^D(4{Ak96{JqMM;CR~xn>R=+^wr{7$wvqS?XTsBo+YDPzxjTb)&rA79KXPy<S-=z
z3>=w8Rc=qi93i^<Qdd@=W)e7dV9ZmG07k~42%jGZgR)_8*3#kbqu-Ib7?Vn-mN+?)
zm)kz*C>bdE*QJ6?HYqMq8*ruQlA(T9_dRm}84J+INaM8O%K9*5R*TZ;%PukKD*j#1
zSDIg8)GW_oSVY{DVS;C+s|^aSWix-?C9GfrAwv;J<^p?aI#zHb0bR`hLq$(AJwp{C
z>-&R4AMG1*#mKCuf?J9Ld=9?6=o~dU=)N|iYy2wot5sR~mE`=80za|!9H*%DhEfNg
z@!_kQjVIiPm*VA<x=nr-v1?}fxF`wFsp8uFLR7<<bP%o<395l~v!4Y^N?B3)`bF9k
z68{5;A8#5x&*^IzD{&N(<C!Rq9pR<H-tkoqVW~YM0RyB!h_p6*b`()tRqr+m0Di6n
zg`QQH@Y!fh$sF*a{lE}Fx`O<Z;OgJ3%@?mYT6E!B?bZ)8y5fYnVTqw_qcLIBW`J}A
z_p<D$IweJsh#ttGZeDqILUt^$_0=*iTkxMoq@c{NH+XTBKkv}_$&+8UiNIz$W@Tuu
zM~)yNY>f;^Iywx?IA+!xDPKZ{0Rx0Gaj+yL5(#hSLr}H-XUQd_Ybf-zIcOT89i6Ba
z88nbOn2gVmDD(Gx(1n*FQO9jc$S5mpmpBc%7IECzzN)OQWP$f8`Xuynf4pI=4KHtr
z2w4nPxE0Lv?=^1<4C#2_X#G&#9K&)8eGvS_<+lE3KK{p6JJHOc=Vj%QQ<;y&<+u^d
zHg`F9x5p}}G+j^aETDmO0sfmIHRrazZM6G5t?Gm=MtQN|fq(HPyr2Kse)yRTpxG=D
zHu(HkSI&`~@rICfzsxW)S{h20?U`f+(VIGi{8oS<9g#e%zYm=g(uen3=@NzmO+-mF
z0jrNhu)nleCgLL9M={k)9xxDuOizc)J%j>Sl1aeKOg2Rfl)-pVIGV&FMBO06<l+TG
za*5i2C7X33!Q^r0@8INDxDQ4Rr#Y8%z(Bj=;|6URBYL3}iv)6j3I|>`0PsAE%l()y
znW_~4XF*_=TlqvsbY%fB7coZ~JRlP<nW@hJ%nVBsHhI<-QyNTz)MZ%kJfQ}H(xYhw
z=hVI<iP}biA!V`5Y{Sw9YBgtpkJ7JvX+rMU;<FZA0BrS+_8N&hSOL1hCBw8d#i}=k
z#3g|3LQK9ju&^q~C2&%wsg57uycsA7ht(b_sY@?~M+<Y^aGSq5e(4MZ03A|{-ghRX
zOj!QF=xt?>q*n*$k|UD#yyRc?>zrClYJeQ0sZyR4uolJ$^i5y220I0utp!~fUuaj@
zk%j?{f&lkGFXw0EsAssS4b!7|SrPYu$&2x7t?Miyrz`$g2#B6~aMbRDVi4L70s=Z_
zIm#FhaYCZB##CC7p8ybmAOIi<Af#t!ur#8RGSHcL*G%ITaX9*$+?O|&>!heUE*H7&
zbXqP^z-{4GXtI4RZ8aFo(0iULI>XuWFl|YuXifQ>sIov!IIP^`tbhkF4;g!g3m0X@
zg2t%H{gFP;Tp1s{q!Pr~(l9^OQN$MR{^Vr8$u?2Mb#K`WBpwyY6`i>EO4QLGEubuy
zKk*<|r++n{hIit_BD*vd6*XMI=Ivy)Id#@Nt<SBkS=R@DM~ibRSR<)~0g4{iAB5;&
z5<#2X(7vpxv2-LBS)ttZ^<5$o+Ozv4wAv^#YD)0&t5b!Cbj%Mk{b<t^zyM?;_|qS5
zGYHnv;ODF0nFK#%R<z=*p4|Zs&|k#n@I2e?mx+<gkz!bqDH~97jBDO6h#Uzco-iAM
z?y6I?DB#r7wS}T>cj7kuztXc(C1yQ!MvulGs+joWi_ek(F1Z1Y>*`FeX62wD5qR^J
zw$l$ScxzYieAW*I%Z~<Ze@woe0@9b`lE4ps${wy<q^8Lp8Hi*26-6$fCiWwNoEeY4
zJ;0G-afOR4?o9teDnW#YZkt6?mt_dBKHB~rTClBf566I(?--x;)gbV`_5ZM;MsI*|
zh!Z~lZnLAe$dGmIM&N%?_k)eSYtswi85%1Og2U(~F{;kzFb&DH!Gnqc;oosKrxbmt
z<2WbP($~)Vt9LaW@by7r37;5}?Wg?(Nz=2RkHKI{is5hBpjIl*HtTs{<;TbYbW)rG
z=by4^4*-Zh9m-Vf8zz<<1<eUCJv1&Qrem)DGd!kEfaiJtW@li$hw)EBYxGHI8!z2>
z(?lq*;$8kgI7VwVsH~sh-&^s{@{@Wtsc5RR5<-lU)9fffLmYvjqQe{OWf*6U{m0`a
z3!H*dWv3Dx%YVb)DKF0~T}^|hJ}`z2>?d9UMa-O)swNlz_(mg1_@t(mrB4R23=p{?
zdzB$J8~Dgjpk^Xgch=jGGmE6+n*7y3RQI;D&VNE;BIlSGA^9xUk?wVpf#dqOO*s6k
z*E8JE_>hu>!Yyt=h~X{HrDUGieY?J2Y1{<7u{2QhD(Zt=fv0EDh8ejbuiI2MCIxS=
ztnq$cNaQmURt$c$D@4&E9sv{D9kwgejVXFIzkQFHATeOTV2ABS!R<v%H?9ou8T+1$
z!~=ddJoN2xOh7kNXk<*FC&7WC=KA?=&sT2NO+zBNG7UQyc3#A*!mucrqJwQVAf2l^
zestdxb6Xd0a)smdLIFAj0k73k9k>&2;Msj#+En~v?zuPa1j-6p7Z-Q&R7vtPI5PEE
zfHSp(?!H>7Mc(IG`S+(>pGL&IUU?FX&5n8|bLUKu<wOx31#smel&&#V-R1@tV%=pV
z+Y+v<r=-n^(UIxlNNCeL_j#4?VGo^EyGDNOnBy{GMzMAKr(|k+#{{oiDvvFypC$7e
z=JW~nLg0<yF&2Bz)jNzlku7Mx1|LN>ltC7`N0TWbO4dtc7%+A_#s9Jd3fZQuh2$ku
zAkknv1R=Z`R2E4KIMN?o+EcB7;oJZFd|VFTjsL!7q;c)VoE=aSl9k4wgF#89Kc!Bu
z+*E9wtMhJuS7Prb`~Lf7APCsV=6)o|Hv5UTd?GxE%{x0r+vi`I{(vC;_u}g~e>zS9
z&+1+cRnVqK>j(>k1ut6@qge-|9Y6SbS;2zNc*oI_VpD?-VfFl8Ij7o$EG~JUdtD3Q
z*AKv$g>C5l!n<#dq7R~Sw63m8jL@vt>rognfeoo+^#dF-JJLk<g6TXFzdgnw!}rz;
zE-LVDv*DNiDkBYsTbCw~yMR8LleG01Q9yG=6IHFvM@7@?4jt8xX^!2vVQdiR2Z&eN
zKvb^-R&2f(cxHquaTI?JpXrnUAh0e60x9Q1Yif)C1LP>{3I}*!T$qP~0X6^?;q@PP
z;$g!q7)sh<+7?R&egADY=#%3*ni;9d#z1l#z(lCqu34510g%04^6BoIMc5}!&7dz0
z2_^o`Z+?RW%=T!aBT6~L01zfOJ=SxDPz;hS`2reTT#|WoWl>y;X{1|>IxJH#!`sWH
zyy&H7k(1j9s>1)!i_-Nb9`hWteHeHBRa2C%0DK_)ZK3B|27u|M&iunRWQ?ELw(LY`
z=~(B2#gWLQOmv%0=d9^Tn{hS<_4c}{k|myyr>wzT^r_cb`0!El_PuKa&lp#iNqDq3
zt;@N#P*Qg2{DNJEzH{8>K|=5RY#<;LGyYBFb#|mXHd2g5<^hmmM)`Z=%Bb8aW9oO=
z%_y4Z7{`K#UMs4ysYsB+f^;UQrvpn8M6W4xMLtO@xQ6vZ_;w_Xo=<BD34=Rreg`Ge
zizDBK@O7IFfI7q;f1<1*0FiUaP~X7<fB;XXjmeYWUVvv1eLNM-L=3~zS{b8!Vf`$X
zM-gJx`mC;D7iMmaw@?=U=ko@zrb{-U{#*EqxWRZMxqbMzZu#PFP-bp>aOtKlS3LJ#
z(J$>xjE7;;-pkw#D>G0?-`%E~FVBo}&7R+!`=tv+PmHVnD%Z%+gJ+VCsg8xN8S6wv
zV)B_8eATDZfnx#;44YhJBoe~6%+E$((Ok~DQ=|jwci}OYq#{@4JT&{zqy<tFIFq<o
zJJ)6*rqG-{HC13UfE_B&1P(4GvB3P~e=ZZiD7XwA_ae^t4KDy`lH0C}nmMUJ#@A?x
zSR{&O@VbR`EnTG?qed*v)Df2VbvlwH`|kWbFROTrKKZXe28kV+a_oADxd+~=Sq`7Z
z$jV7OJYT3^GN$8@)%30CCiDZSK}HWRs#$<MRI4%7J=0f>6)Gyn`J!4J%QWh28Z3G(
zt7GBxwAv_h@#w0O{Lt7v-Qh#`G;vyV<CbQODGPn^e_xZCMBQQ2S+!!ap#EdFM}W-m
z?jP8G2wh{gNE7sLS+lF2`z!SnPc=;8Mw(Bp1V}P-5lUH%K}SAvOkTU`9If9ksZWiU
zI~i?7Q6pda3@UHeS*g)2{IaRlF#00>1kS*|GiyC}CE}CjNh@gdyK(bdc;D`S9SXWT
z2b~Q?w^YNqQN-tI1y?=4g#y&X^TOX}ULVR<t*T<MrxC_>3r7t+({NA;&L}~qb1C<~
zlKiZ~qUv`Uuk9#*FYDIAr`ZL4Wi@}}0+dv@ek({nT@}PWQ7&<Eh)Q>W^gATN8YTUd
z$X8ooO_LG-b~hHbtdGlNMYz<bSp$rqKkoh?lL`X>z|>UKK;ZxJsQ>S|f>Qr)3iR;*
zwm|>?DbWANqyhm~OzQE#$@dS?7q07&VK|O?Z@;BlG>2`j46aCtldg4`85iKU_^EZH
z&+yL}krQ{F-Hyhff2mgix;(x&z4e}VKbV6m<cH;s?C5<xx33+EUhC~|F=00}o{$xP
zuYK&$+j%&zOc8bZIGUbG9&|k$g!uXYGLukzZ&I2p`IU=t(NQ$v>x}*M#`dF$w7%D|
zEXKK#ToyZ-rGg-w!OE`v^az-P)Wl~uFhZM;pZ7-<#{`H%fnW}JHgP3N18W4)jVAR^
z8)XT~3ktxm%Am`VBzeRnl=M(p7$tK9U{LdcHL46+0%wI+JEt>Gd$iM_eeZn?R2eo)
zOff$k%I1CQ=-))elPz2UP1Z4&7X**7;?iqnLZ2Un(2$j(mAJ7L>^}=Nk4!jA-RLnv
zLCo({YdP8up}l~TUU`!l-LWT;XEM~8O6nnEPo2ezW5-nriIS|Q{iOK5<&>&1EwSbR
zMJ(SZKrN&qv-p%rtQhXf<_bi8dFlrW5!$10Hx`{KBJd0LF7iY4z3%$#s;3HOP2y#<
zB$b3vHa)DB;M2+2%}eGz@+I<UEr>snj~G8aKvyn&*7Gqs_||(ZfuHmi%YQoN2nl9?
z^@sZB3}s$)5M}Q+_gC5_R3BP+zBsUPRxYL-qo_YyTg&t#Tz=~5s3IlbeW5ctgZ#So
z?nyf(wy<%-VtcLsnp!XryG-NQH!rIvku+?e&ps#cy=<4n@O)OzN>Nx5-lM;Q*B>Sg
z$gLd-uT8xAe59&k*+!fF?=U<DTTE=e=$IusJbU1QiVE7Bxu)R%aDrgPeH=d{y9WK%
z{Z4uiWG$bguo!6AcYm`mbv2e<c|OgJoh!tp+y`BP;Io>kMMbi;b6<YM7_b=>nu@bQ
z?xo3paj9+4#*1HK^of5Thpr-;1e}K6IC8aG89s>?yKm{kP3_7(rL5hYEA@BKoKZ&A
zlgjycBOBlL`h~V_W0pLlDif*n?oIunbh6!zh+)SlhA&vj%5tkBH`X-ipNUg8YYhoh
zOkDKacI9E@>@$PG$Po;5#kYUcVE1Zrgr;BaO(FUf;hgt?r}yo{FYHXz@(X*Oupf80
zroOt<96#sCOnD5tqsb#>`yV7yhNEW)TgG`q-p?nK)9bEHtg~KohwhNLb91s5ZD^<$
zeXV(7OUSGdrVjPwB98AUb%cbWq`JqY)(g%{aQ+-$4bnPVDDje%==t#Or2@T-uPy88
z-cy$EFr6uD%}1MvvhK=H4QhjLyrss%Sl)H?8-$FL#UeEFN&@lw9^Mx=kEj~%pc3FG
z{8?#EB>b=K8zf<|2p)u#ztlvU6$v%$ad)#<bbuo`{}aVt3oupeJpFnQQ^~qF0W|bc
zzx|Dize{AgjpdX0MBB<=m)QjU4+*m<A*juP6f2G|RTA2BYw4xhfAKk)$+hfAl?)A=
z>x49+(BLPc6<uQet*<83US9L%(`!>sF)SLTzi^$q+YwaQNW>KcscP^lwYyEf4EG<@
zdKKWYBMR_X_&OxZfGm5R^_!l`VAAe-j_snFR1xQmy!6_<M6_rx2+0*HXTpt26R&HI
z0NIzn{}?&=Y(MrI9bn~Kwn-lft#`K*$NjF(PC)cobq*_BjWAT=Jt-n9jIM|iIPTcW
zmHj6u7ULB1=z(<eCyo_C9!&W_#-F`{WGmKQq5fxVU*%lP5|U?pVgk!vY29M#PMuRL
z%=gC3ik<(;{rOiGC!Xt$JLgWZ*)U-ID<ok2V@dr8>4k{#c225Y2l}c^2s~&_aWI)@
zHM%*H15Ej%RB3AVWZ^Tpu@)axK0^F$ilXOapf53ZncD~_tyz1|3=4@6$7%WKH?;d_
z4Y!zTN;)RQ%YyeYu@#S=-!pe%-!6`GbLum4&>efDn=M@$wXI!0|Cup<cZSD=Nfpp@
z=M#`!Dkvx9NQNFCYD$&itM)beS%+pg)|ybt<DvKZmkS-8l%A@Fi`|t1kk4@9*)=k+
z^wB5}k}g74Gt&v9_SON#^`_?h2wV3e@yY5%blAn=?VNd4ZThzfBPZjDO=Y@WK}0sk
zeb0faW)9QZi}rpJ*QM%g`!i<|m4~Cdg7GBy{f2#H6x_CJ-QL)+%c#3hQkZW2waypO
z!Tt66JaN(Zgs-(k@a)h;G_>H}_sOkT>#k8h%G-Vk#GX?#!+|A)s!dQ)qXe<YQ}#9M
z&x1maN83gY-8Emu)}Bsg&u<A{dpju+)(Rf%eK_Jg3w)_zm4H@(p=}C=ecoI6+#Q?4
z&LzhCQYItx+Cihep^Ds)5@+>*)(j{?A-0LC8XbH#kRNYQgp>3x%uveVvk{!0p<U6c
zS`PSv$U!*hr?HvEg^1(K_Lw<+*Ksb4VQ)GL{flL01MqSPk_`QCJ2Z%;Z_|z3@!l6v
zJJi~E!+j8>{zc+26%{QTu+gYdeVbn`S*B=gMSKW6xpO#yXnmDUF?Qlzc1mV(dM5@H
zps#lAK{VHjwf7BDG1lgl4YIqMqKAL7qvn}k9y?GoU&*805Ybq^2|=5mC3)39ha^Nk
zmZa87-hDmf2J5{3)zfA<(bx?~GitTE;7|fg;CA(P{;r+Mf4eg!v|2kbRg{9i-!!?j
z5m#Jr52SGT>eiUZp7sYx`#8bM&MpCC7tUoUA<0&wYJGs*|NU3$Vc?CP_r=-tCCA6S
zEb<FAq2R%q6*p!aI*ztL@BN6-^eW0EP5%y0Lg`8G_M0+CdQHtE;SOt?b=)Jj>OX3n
z9cBT|Kh0lb`=+MkShT{K(QLfwFN{wKfl@P1+LNIC;R7EWiLLCK$8aw5y&^H%#1~(V
z+!OOtVl1m(m5vGga$?dFUh3NXHHNdL`oSW;&M4}X=e&K>j8n}Eddev@wyVg?AWlI<
z(F9sNkI=Vq$lU-&^@U&EIMsdcw8Js12k$FRI0O)uvlvjz+w%Bz;8)?U^#mKwu{AC#
zLAjWS0if?kFZL2xqS)rVN7=5ebfy#9xGx{1MoX}*xUzlua4`YZtD<2R1L^t+@8@n@
zXK#IWt&95+Tf!opR(xh5#E)s@t+A^!s*-t+RPFub=lApu%ys#{#*XlkBjqomno)5p
zG&z=OeYaxR>m4hq%4)Mhcb-GWKGs+-<z~R|>S(Pfvx|&{4)ahk-l~%ZRY#BIe40NJ
zLna+|sxku}PEVDb5c=-~m{T%_s#6kb;I?Q*Aa9r^YmK7LcQuT6;~$nMJ)(x>{{b2R
zk?@g>H38ZF?D?AUBPWH-+|=f;gtJJF%eQ7C9_P}q0D20M>V@4M2uJHJ5$?B@Wn}bx
zsed`GZJU;zjuZhstbty>g9V$d826CiWh>108U5Q$8!cD4oAae(ry8Bn&yRLKB}d@n
zeWGgro8eXRsc9~1_KJbe-)z4&UiZk85mdK%nVLLz=h_P;*d&KT$0nw&(6CtFzE=WZ
zFi`4iX$9~64w7T&&8nEAc%@0axN8h_)sUqB0EY?M)yp5sWINcEP_i7S;#@g=$8Y63
zBn}d7+t#}jqYxeze@oNoSzj0UZS;4DKA;uM#?hy>LH3^Zk+Kut=zGC|!sD-=^^dgB
zd^Yh>hak_&%da-D;j<?}fjq4>%tq;KM!s}5yt-hAnn&Ke*M_vpJ~ti~-Z6a{C*XSg
zm_D&;>M27#t|{cu#$cP{GFNWd7^V1kEY9wqMQn%eZ()OCstV2`b)0D1mixc6kAT`4
zznH<J;NWA_-@zxRWLbgwI}x+HJgNTSC#<*-?lPCFimO(s($VR8V^D0b#vwc`aj{Z^
zDp;~+0*A%5zs%Lw$m?Y`$wiomCWal$u4zofJP%S9ojB-OLekx{>a!i7>U@zbBKPE<
z=Bsg+1=q}Eu#)b(xci(w7IoB)hp>YZk~H0+`eGRDvBN(yU6qgNOWd&2ALGg)xivLP
zy2Lp5%<YVQNlj_}zcjA8@K-8B!LzlQq=b@FWW{1##3XC=YzANA(;6N6s1SvV^=Bm7
zp&{nb+RFa{&^cuD$h?n3{;3HpyS)xW{Dbv}PiDENO_>!q3H5(kD@@sPUj!y43)mNo
zE`zp&e4_S!?Rylc$5lRc6gtpu&s~I3ysxw6SyxasJhZ=C=KQAlNv*71&Oh@~kC3$t
zIhu^S(9v^*u;4nIn@=dDMJe`%H=Sea3m(4~teUAqraNr08C`ivpVw$MnpIfuepCM*
z;}uiLKzK(_Lt7SDS7J?H<tjuBvZYHb9Z4zrfTlC?rhDl61t1sM8~n4@U51}dgc2cF
zB$-vp1OArm;MMgH<5j{wYC=5@$%Sh}yn%@nt?)(fI*q?@UD?;3S5jP)?kfM+L4M98
z<Nx@7{B?Ah6{tQmApc?bVIRVsQZR3Dp+}%r-)h${PY(lUy}4(b=ImF+QwS#dzk%PO
zh{#61E#oc-pwNDatNHTdar%CP*-XWmWT~#~RFaXng_wYJT`L>q@yzU-K?o^&{PNmP
zcsQyCS(~X>{xlkeHuZNeK^)n-Z}@|FTGMDs7a63+)RL?oDXlLW>V14muoMbinkHBF
z(#t*C8cA>iI@M!IsjYUgd+_M}axG?x1Hqxp5hM1+t}m{C-U7&de{JR^gMhfLv@06S
zT1I<Gp?H$nlcRVF4VZ7Yv$C4Gi`D=9601X-kTOqi(-eoVIbIFuWD5Or6Jy3G-y>n|
zDuwkUY){QnRNx@he6cy5WG~sF)R!*2hZ7rl<cntQHbs8SaAAv3K0U>=_GO<xw|EMl
zQWfDPsQcPwOu)^L(2@5d^4(m^VP<1b{=@NsKsVns%kdIyKK8*#p0rtVmNaGgwyh6S
zw{+6%Y$`98xyMA-u2;%o;;PfW6M`sX31Q=O6^fZev^weUujCDifLC?As<)4`gcnce
z>ns@c2hY2kz#5GCVql0+?z+))LPi8%sHN6PjP-7{%}!sU%>XQCaHKvx!b69tM5}Ky
z&Pl3M{o6*r<Rcv(NXl2|bhD(<qyed4LjiYdLRFhV*hF2*S9~-^&+uzJ1(7oRBXAIs
zz+UXLbt8CG^i)IOFrgBc{I;h3unD@*73sT1t2MpzVD!Bhm#SFPNBsoz_<MMje&P5h
zPpB+-gwR7jktX`z^0Tj%e!2h08T3L(gOu+&dM5@DIHa5$CsEd{%Qw1qBhMy}%B<o;
z_!(GDm9VHecb4aw*ct8nlwKL=qI&brotW5fIB~lV(z!1u!a;=4QJEt-kI>T=9IE}k
zc*`GM>6cT?wONEu>P^^|`fSS^T<(6J4}{V<S7Y;01$BzwDGqkh7e6(h`G0kE@lVQf
znq$lD5D3j06#L>x)K1u4`0kHp{8QB$Lig~Nq#uEl_t9luD=64iuAmB`-T3}?U~7dy
zjE9eOgLwg*;(hJ>j)e}3NUaNes6TE_#rLTq5$yDil1f?8UT$lXlxzI~=5Bp%TuBiP
zUeXQiwOWOEIG=l`e+W8L0gm`)(dYP>N>nes9y<Z^*Ru>!#1ayREl!WW3lHp_mqoz6
zWnQ+{i7k&$zUSC|kwi-a$sG-=5<%8{acJ1`R-Zc9nZh=Ty*2f9YDE7Ib+d{y=?$oh
zY}i<FmkJM2oNsW9e(km|{)jI(`K0k@R!><+N6~(BWn1;iRT2|)jp<S-z@=kbBD*yd
z=HBvfQW|d2_VY!R5@!G2(hYGq*T1|QSQ`)R(NOs9y8`q<ytpjklw5&ER>^=P$MqP~
z&kP^*dHg#C8`1#r^S*N{R96>jsSBym>|iysE+T@1dRCQ6P=Qqm45>Ci1^D>ur*|>g
zL|y#uzdUG?_f6&VN2tl_pDg<1E3@tU93Q!q8O>kStK|(t!u{R3uyQrn@Ee+OWOJzk
z?t<m8Sf@J-nj>tF7`XyD4MivYE}2UhUi(NYtqAd|Obh#QAF9tgtL2LSC{PZ_zt8%+
zqr_V-6zAXg=fRydzI&N2=3%@}R9kbyk^Yz5V$9Vh-T}4|x`S>?>lsPirLT1(#@2^D
z_^EmYKE4333M88jKlqcS1$hF9`_c`%1s1+(0x{SV{{1v6R>IZj_py$z<6(T%S7C^a
z_UxV>wl31;gB1_@59tW%evh6ZTUCJG!&(@b|63!69Fw2CGO;`{JF@ukgZpDDUTuy(
zM?1?m*zvH<Sj+5;spgFny>C&t4eN@$QSe7)E?4>uv9o(9aE`qP)0S}gxwovv%gY*>
z5me<hnK^XB(@IIsc-C9UrKMr%EsU3J712o(KhRfhc%Qmw)Ig}uUe%dZQ|N?y?l?X*
zCL?6)6e|CFLVVKkl=D{Bap6R%Feg!|;GD&vNlDz6W<AW>eOX?KP<^8C1GAcD{$??V
zXIO}7<|r91XjM2rphu-QRv!bQ42%DF$Xnj4d87dih#NM0Hau_8wY^HIAh#H@6lqrj
zP&x_y=3oHb_p!AGJh?zgR$Db)D;=rj%<@=@cAHC0&ya~U68s{yH2d8C+Z|l6S}Aj<
zac8XlW3A4KjVXdry<eZ1_g%Hi-;=TjcRURk3xl<Wkh^!oV|rIL=$3x%_(zG|{I;RP
ztf?H;_-nX&s8m`jX`jof<#1=w%w#vWPv@J>LkQ#d6@1ypYRm7NYX?w*t@+(r@1H5O
zf;&wAC34Is^?2M6vtO9L?*<O})V=V@OD!eM!o)6`OXPUNW+?nc-VOUWBy-S~l%7O_
zU*}3gwk>ii;Je1vjgrqQ<AMJe&B+fA9hznjbuik%wbMIYM<9-ehZ4q!(wBmqlRQ{P
zX!(9~k>85>xy+}*=pRid=mG$OUtnTa^vg}TA`-CVwS6F`#~WU&b!85D7b$-lGYeB`
zEzAP0=MQ^Kl#{CoPDP^nEcU-Rn1yJ*{>Ap0QGkZ4v@o%`dz7XWCx-c0oQ$R%l(V8r
zqs@lX(yV#4nz}^F$k7ZOuaLc!E-a-9Z?dZ?aUhMhYR%0>Jb&d&hMAO1ZufZLrvaY2
z$Fo+N2UWgCvUvW{Ri|=4AO1!Uv3tT1v>2Ed@w=Aaddho!U96Ql?^Ux+mY6ZS+81N~
zQ(wgJQ6T}vQ5(^3FK%G(G*K=XASW-QDrT9MV65Wln5?BOr1#(3Vfi4{iF6#Ah!WHQ
zL=jgi;cJd`E42*USFBTdIG2Yc2q}g4K@Mc4I%bD<VG>QNb?POD1^1dtNpOSnSFkae
z(1O%R55J2c3vhS*5bhLnVUN>I9>qOCn8cI<bZYuO%tE8{*_E@y^jk<DMQXx?JY<#f
zY58g^K7Vh#-eYp4!outf{ds2Z!+HPBj6gK%wh$;{J2ZNIovsa3a#+k#UMVi<Tz__d
zG0bxAfKqVrykYJ|`ua6#m&O?bt2c@qbYovEW{Ke7yLDaO8UnH(qN^`2Sg|dWj}d1=
z+&TXPIHQG?)*U>`LWB*vos*DL!j<-HmMl~Qe_@<fw2i0cvY8{Ig~{p4Sjv(3z0y*!
zu~D+CJ5ErpZ?Ejih6qbe7@IUGkG6*Gq))+mwIQ`SR%e?1pbQ?RHDh1`P#4Rm6$wz2
z=s23fCp!1Xh{>wHdrV_cCe&IrF$$U9FUPy{vL*cESWb-!{G#8=4)BxT^YBp;PrviE
z7J}#3HoiYc)21`=eiWnkvEL&TB?TkpEc|S=a*arGc~Q#l)6%Y%l&;;Aa?is<omjf~
z0@p}2DKux?N@C+e-m`Hgd(w*cSxgGYGDh$<^PwHgV-sO;C5s)}yaVXQyb0-z8b?el
zJa;mJxFkw0IlL{q^qbf3mQtTQQ|*k-)k4GLhET(?lH^-v-KV5}ltzF7x$<cMYkEFu
zRtu#phm%L)j!OpwVMq)LNA?9yzg_&v7z!0bf5m)IZ7M9hQQDk|>uKj|X18!mLI%5L
zXs1PkJEV&$wfBpxOZUr?;b%LInTS12nPmk}Q$wqLR=AI`;-E~kYfLasTb!Ra?tg%Q
zasiVKkb84Lwm!C~NtHB~3U$Y23gR)i=?LazX6`U>X-zKs*@Q7kD(qQvrtDk8K`j(j
z)fa7&Nxny(&u~>Ie>g<)waR~+UdgFUVL#}CwMre(hswN>AEp*WQbRURy3$>^Bc`9~
zwjl~<qUo=Te8Xgy#y9N#5CK=qA;lbwG4MYC4Xb$<7COi6wQQ$O`7zx~OF!1XqH<77
zoPNuKnTNMU{`c`}fh<L_B_I(d_A>TcBLURqt2_2=SJY5Jcz^hYNAx?*w~;3PaVy9C
z7C9;19M3BbLKiub7_&@W+<;9Z8|wp6E9YNsPat&YD<Zg0j6o$X?r$qb+1n*PWMRC-
z1%GL!qeRRSHss{*p#qZmkPC?q<@H<XoCFU96cDAC6rIoqT9QNx>DA8m`EDe|j^C|0
zh4}Wig8zj2;Ped}AE1U_F*#dLq5F-mj3m*#VHt<TYMim*Ob4Y5j%^{p@DzbANs^I{
z^w;tPe1XIhaxq@Gg$FHP#+itSYMdZb{4UWM9kRe7s`F7Os&pW^h~Zbt+igY=m#h<*
zPs&9>v^Bc1<9ba`FeK)-lr2sKt)nO*o1jnS6|~w_ST6I5YA)Atc#Vm2`LzU4pe(Vw
zq2Q#r&_&CFd6b)y<btVl8$Y+VESr4gZcXZ;Bl-D11Q?$PF7CidD(eOp(vqgoGv-M7
z?1i1@DadPD_8+LQT)#u9T#0g0v|q6hxec*=;ZbA0K^mds_$I1`7^R~vS!#aOVdK@c
z^|Awv`$@Hzrtt0R(?e~;_4Ir3$GMN(ShLvHL}neM$Gh0TIL`Z{eK?#%!@g=JB-w0B
z;Z8d{?W<lV!E`Ge!05unn2uyQLl%6U{<I9>EmzuGN&~F2p5q%jj*}AFsLrHCX%<5f
zF)JPm6+d0?`u69$yHr+2%NH6&3n_G=`D0r8Rpqk=OvK&gQRdMZJb10hexdRy{Zdpk
z4jF5MSET7<Lm>=4S}GA=bUGn*sHDzw7BT(puORI_y=EtgAv?g8nlIhj8IcZ$FX}C|
zm$vvCxdBnG($d7PzfZQ=ebgj&<o`g8w_EGr0@68E5xq3aaLb0_K;A`|UZAGWH?_3}
z!+4>0)>+x*%1E_?1TH2_5j0If02^fbp9{q&!g`<Y%7}XSo-gK?UD$J!AH>Qztlg3x
zcN@N*{p=68@>Xx=4M!g2(8eU6IGxH1bM$w}V5txXq@->E@gZ*wN#)zHYR0ol6}imD
zopD085?ZX;if>h*i}cIab{Q{#SLk}^$lrpjzkT>Y+&%<?E+xRZ!S*F=t8of2Y=+iu
zZ5%I_6<PMTT8I_itgHi$CTavFY}4snOBa%Qovn>4&~FKgWqxPzTM)q$uC*Jd$o6LP
zmWP7j`mI5iYsL!YmqOkrn2&Gc^36=hSAxs(S~XJqxRT_+KR2N<kYa4D;_4XMnKC5#
zL?PggBC&@k_3Q`BURFN?{oxs1;<xnphJK@Ot#hizKsj{RI!Op$e(|#uWq;4Wrd2bx
zqZWPiB71~Qcch7b>3;wv?&GHf(P<q(Y!wcnLL+@LhYDvN*63#6aY`t=+*QG1kdzB%
z4*>O=FVc&u{93tjQ*nQ}(cN3E!pmPB(y7qi7V?!KyurP4P)F0iu|?lNqz#m3r!)%N
zamP(W4d;mXw&nfoBJYRY;yn(ScCV5E?t78i>5UtvF&`6f4|sVhYo|YNKko`u38)wo
zrGpmhM?uGI7E`}7Yzp(HnifH^h)_OdF9xL7i;STg)w5BCV~WDDsS+JQh*t+*eA%4n
zlB-W4646C*E~JuNl-}DH=b>Qo-szp+Up7R>R%+Iv9G|SYfiy#=Z0Z~8;agmxg_bUh
z&qrqCG{-MKLA<)kSrTi%(&RbZ@H*s>4b(qr6g0DRwk?b$n6cpNJ&(i89HZJ!@nCXd
zp-Zx;7E{XHt7}9h+Aa3d6(NE4cX7ofY%uNtUHLYM4-1`~goLV*V-yV_(p7M*?5Ie(
ztRtEHC9IZwa`N`&XwJ#WHz0WH8q0%nMfx_!$6Ja1G=2DIEqOV-3%~B>B2YULYcVp#
zg3IFuMQFH{qc3Aw<2Rgu{U=8QNSRvJ-HaW~^;`5dTTVUerH)LU7ZzXEB0m-65rwT(
zqrY2TORd|h)gcby<(t)WM$0E$BLDQ}?|jjvW7WE7;M79wkJmJf)5zZQ_*_TCyN|yf
z80q3)CQS$02od0Y@%56?A-pza&Y~h&0)NWYICB-1cyW$DDCyz|6<Q{}bQ?bsLWgF)
zxCUTg1C-NWu%jE1nf>~j6Faax9Qy1GH0Y^yERH18!EZ%2#(;-C-`x)o;TFZ;-W9MQ
z_}#WD{g#KQyvP@c2TRx%Nljm*PpjIAQNmDtgbiBjf4mkVu{$bcIct1Xp~LKO-Fwf0
zT1mKZVd32%6&XCcjKe8{RCY6<vsS&l?W?&JW_vQlTzW^{-p1Jc#1cjyT6}scbANcj
z!l25QmIl9YC_(5gfT70!rO^(D!09|pE1&3rpBk@)jRImzcI3A{R|rUjBPORWh8`uv
z?q;Z&v=a!NQ(t~vkA@X%K%#VbTI;PNYv_!=<s=Trf<Y}ljU1qz^QGHVQKC^E|D=bq
zkzmsDdmZZ1^)Rctm)W32iCbq1*}}9Xqf-JfYOI{)RxijrS!(vPa1upJy?8oq5ro^u
zH@e8L7Fg3ONY48ifcT(KoON`TraQU*{<(O`Wu9aFQ;{D1VTGZ8T<-{UoG)PM%w!R3
zbpC7~M8Dt7w#vI7`L*-I8O5vgCDbIH-)!(igvBP6@yP={rXq`ki#6SMA6w*IONHFF
zOyPwAS*f$bq)%5SYSr=>CC;8S$DKc%EvF34!ETRlmhz<Vk7lHpT}wYKy?jbd-9A=s
zvQ%!Q$b8%7P!dZOBqg%yJo>2P2pJjwIB^ER>E2q$MqrR>G?}=|W;CXKhu;Z^pouh6
zgG9na8hWcVqT}XrZhE-T-T2QrB?d5%e?g-|eV-bDv-h&=Wu?c7@OVEX(SbyYb-BLY
zU2gm-{|24j=u;3l3RCk;F8&`t$L`0fvBBfnt8_IlW9&riQHLT8Zps10Y-Rq*d=Zy>
zFo*9V_y6&fOV>ycP<nNM*wJ-T8hpoS)++w;b}8<rlJZ9^rV_rJ;X`p|Sotghdj+}V
zUeZ34zNu5-(2xh2*FJbXIcxQ?0`l7lJXhF{lz*e}xqr#>4l7$SLfBaKIya{W;MPWK
zK6viVd){9<I3$bN3t=9&C}8*Q5LhPY?V*}EwM?T+4%;(Hq4d&Jn)}Lg2LLY7(;B<S
zsnss#p-Esg*BR>lT~Q^o0p_0qvwG^*n;G0*$h+m|YP|5TZ{(NpxS{=(s0><-ht+R|
zJN>I=_vCueqQKZ7vPPWi#6+8@*^K2+^@0hD`4+^N|9;5^*55QvPLz(7HQKI`{UB#(
zlI~~1d%gZDjP9P8R+rSyPK@ZQ5CoI>M-!|+B{0X@y<N2V^l+<Mqog*!|5H}aS~#X4
zK6vprvcojom~o&6rSX)SorRWbFA6v}YR-t_RJL!<<c+4PsAHF@XR;jVlsMgmYmZg7
zcd8gM`BpEDvYY!6c(#|oGORTA-1{5s<TYVrDQ9E##$rJtlh}heAb(b2bib>LyMS1!
zuC8wDCU>efu7n9~ubqkoG;IwzOxK)M?JThx>xx>6#Pq&Wc7FGmNNX>pI;byGTYAdV
zl+3g2{Jf{w24PDy(<KIqDp19l*@SY!pZ^!a4&wI-iM*tqWRi;vV17Pl;7ne58hGR`
z9`{#mW5Pm=4j#(EE@)G;!Rd4+eZ6wInpkr8hNK?B!lqp8Pwl$U>EHDbez4elLBGzs
zN2hD7H4hoIVS{>!#Jdk?v^)guL)Bnd4c?M%L<UqeB4r@IM=wMc$RT^}*F&-*ibBVd
ze+gs5^ap;{jS}Ec(XtfCSP}I=MLtuf-OgbXQ}a-7GFe#Tif?vlrH`PN6#*|-?jQ~~
ztT>!FCz;9?XFx@_Um?lbP*FHGM!KU4Ih1+51y{9dEZE@7SLv8$9-1hl<0$pH<_ik4
z9WA>okR=xjl1uJmrM{_uTjAC_=(N#M!LoyU(f+Lh#Arl-DAh^o(viyT7Wy(RtmpMD
zU4hqU)6_#vVd93}P*%Pd^)SOXG+%_^pV`QJb1U^jfr9CBHZPYY_Oo17p;3Zci)ZRa
zSVQxI*F_a=pR~HXEw*LfgC^mzIs!LM-x7Fqy~71JX|2Ev&|8+9F!~(OMIv3l02P?@
z7($j<f$k$?X!}p;V9{*e{3Snhx)p{<hpK$pp9I<QB_}lhnTu%g5N9L&;`yEEOGHA%
zo5T^{;G3cpaC97Cb9Q=o4D(8JuW>Uq;jg#fD$%^kUZSIboglYEDHj$9e-q9qWXCqG
zgbb}ukxaV(GK`8wB0zCWmI+|YBXvrHX4#9SX4k6kdAxm2VjX_a_$PtOvkb9isQ*yY
zFx>oH_7)p`iX`vu+0qc8)VfEV(FS$Wimj!ed-@a$k-6RN%oJUpOeRlbBC-!**xu**
zwFfNRwfReS4cc((BuYhdFkI)}Hvz2PjHA@D8+|mM0Amp*H+;ta6#!Ci3oW+GVeX{b
zJrm+UdETf?iWbH5Vf=CiZs`xzX2TKh^2mw;SwqNwUzu=dIzb&F@I6-KH2b*HwWh_<
zT1onIy+s`X!1#N)-HmQ~KuDf!{ah@R;xp~eS86uzk-q*f8tKUxuCv1pNeB`QdIz4?
zg1&QB`7y{$Z|cP-kyztfS!1YgrA?5lm(5l|-_fNryRvrM(y%I>^ypdYHeP=Yi!S_o
z&l*zwz05Zd4lsN*fKi_+wGwq*jr!zUFkysUOsmeEa86BeGjTs#%uJq%nDysmITP1A
z{U4w{S<Abw&n}j4(0RZiJ)&BmA?F&BiqR+Wh<;lydgx86S)<}5a*5*NOs)lUb1n{e
zh@x<d-IOhOQ!Z^>sJ*jxVDl}iZisLETcv8MSd}8WN@8-O3i}{jIP+e!{gj^z76nYG
z?Snaj01eUUBq&4ctD%oO>4z6gI2w~M_5%xY##!{C;7MCf+&c@!>CNY2RLWZL8PRe|
z+E_Hz6Ubtr_=?rk<V*jqME0|Par9jmzW!f;#DnwxWd>z6Lo&HKasH+GI>vK8VWs;y
zIF5NO@5n&b_44u>y}`!pdI_8U@2of0&n{pES0SZcd*EOc7pY`1<9inA0%(}vluQUs
zc|;0=-N8#ZCO*Cw{U)VgR~(<M+)Rz{_mS4SKJY`FPNUO<2S8P_Ja(Q)#P~?GP%NWa
zG~M_Z=UZVqtUg(eyZbC5nlmUeWQ{J5F^YqT5See{iEKmyM+o=T_UhFJx3%c6lkJR+
zVD!&`94By@$iFa`)Sr&?T$3G|v`!CtPgI!3J|6Bf@=*Rfvtt~J>&l4bs~!$R@$>0S
zvi?xH(VCQi7qGLo7~^A~{brwx(Fy*~KN_jlt0qR?9$x5ctc~VK+DWUY-Q}1{oDiM1
z5~&yF#{cNrnFD@cHHeTzH~`abwTh5W^QY8OqU?w6%IXO0Ja-mtUdlyGGYE#hZ<}0K
zfa|nVbXgScipe;>YHWM?K0OjJ$pgQ{Q+fU@evHcna<OhWP><^)$GacHO2>SM`Mi~7
zOSTq+Wf|_zj6tvk{3UG3U03O<;*((jfR34%gA+9)b+;;%L);PvfX_CnNm|z@TqrSy
zMv2x=j0sD&Vn)ZkU2qPS$fz%8^AR*ii_06}k%UP(Wp3^JdivSJvzPMkY=SJzYfYcD
z%PP`UUyL|J6Gz!z|H9F$uii@$!sUW)1g$=TnQWz1xv{gSUTV$D#CKYqjhGAYwtvOy
zSXxA!2ps2%P8;E9DdKkkc{+w$-ZJo4G2_`yUmIe$=b>+9OW~J9@t9j}UOlWjQHjJz
zCkan&BjnHclk`VOwj@I0>VO&Za&`Kw6#fj<XC%()sL@ty#$99lOHu$6fuY{xE2kVP
z?*&9b-_s<BUE|RYOh_);jD|pt&?54F)sozMd2_<_-)P858j;?k19EaYClq@?dF|ER
zm9PgV({{Sh&LxOjzn<gt0V_i2D<|%8$XMxQ+w-7yb5{#MUx+(dBa$;hr4ebf+?Qp{
z7+Qmxb6FDJkbTdHz*=v%*ko*0Cf9W!00v%tty!(&u<!*%3x7SFVTsp@CX^;e{YW@c
zm#vkqds_6h=3kb~-6Q{oL3T>)jR*72Vme&k)_^nGW6DlSAl<_!uvoBJ#sraN!4^4*
z)+*35TP1Y%;a1n4eBfevo?fT3mIE1(O{GQFWU-rzqSMS8Dx$ih0c*ez@cm;>fWSZa
z;QO^^11m@(bC6BK){sG0^(IcBuz;LqRX;xE*cb(xV+g%Oaz$hN1piP+8}qdCvEAm<
z4`E8}KTUC01hx3S1q%Y+4Fvl3H}!9c-g?60Vd)k8dHv^BFVh{A*wQ`8oT{oTD;x)t
z7&ntyhZ_E4J{sq$Kl1lidL&y!bB}*GprYz6eYW3Z(#x2d_3^bAPBQ5U>77o`s_|<r
z+%iXTkOd`K;vfNi7r1D|-}fEjfa9<Bv6G@<Pv1MI<&K6)GFED#q!}jgmBNu^^e@4W
z0VIBfJHG>1W`RTr-i*PW>fS{{cbb8;-p7tdQlbbk?&J^Ina0AzobIsu(Pn~-Mu{F>
zH_abKFYPH2eZE5(FXGGugxEg!mzoIAx)Z0;4HfhyCl+ssB-gehfJst;%WA|O+*xK!
zB#z4VRRc)c1Thy^0t3cr-_x#s#Kx#K>9Pc|=f5V<cuds$;VR02<49yP_%GzL2b+Sc
zvvKlZeuTFv@?3PJ5&Ulp4poy35Nl%EHhU1XhgIA&oK6$NDe0{*C5WPu>#ENL<WDte
zMUCKD@R@;Ol*>VqD1}*GINAV)2lq(U%d$7=25dT)Z&A^UUUwmERpipk(BxfOcMzCj
zi><B`=w(W5SVmuvOX}%uzWwQn@u@QoY&0yaDJfaUtBGxM4o=!)t<?5V1mE-`rbG+X
zx;H3{Vzb!iL!TDbI##S6y@o+Elxih=r(WL$V0#(?Da6|K;B8A)6;rr2y3(d0iVNGT
z+KfU017`mFBB|@EXqDBVj956$=2uBIG2}thBG&LJ%NT5qx`6AiT2pET-NRQK8Ek76
zsw9~PJ+lPD=>a_mxyyieI8T=wpq~G`Ofsr|d;3xU@^gqA)J&g?23D<olsP`Y1hQP`
zbo9_q9lMD=;_Z@R*C~3o1!JN0Kz+C|rbZ>*T%$*Lk6PzVcV=ye9iwT8_bc=QSwUgj
z{S$gvd!7emf_1`6_O0b~(RHWmKjXTa{#7?Js|swHB^2RlK(N=3<;@8ClzD_phIDf8
zt{UB+(eg)x+TSzsb93J*Ye@oK=GnG}b^hz34o_*y;mjxB+#o7Hsjk^bCvte8L2m;+
z-{P#e-Gnuc6<7d|bDJN+2ASdqDIu2J6@2%1t08J1w->3@ElZAt+u&LLXs1niWpsel
z%4Tviw<xB)M2PT#gAAkh3SfnU(%<rRiS$Lq8+r=96AZxQe{JYgb^7^J8Y0)sA48DL
zC4AUaa&ocRSms6{&0DXdFyJ;ZBY{5B*who(QX70AhijJ==vNt}NQf^x2kemSSJRU*
z8JqhydCveN(=3#JHAfyLt`;>`j+=kE%8V_~OJF@Tgwt?nzOOwem@l_CXLxpqWsg)k
z(*_MBo|HX!IUL!fxjW{-5b4a&7!$8RGJ>w^ihWKSa$?g=j=w9A)qtIPl_@`?m3Pnb
zX$vo|{8JaZ8c54!EcGIgeFnK6<!brIgN7q;%k5PRAXA|diA+&={^?-$YS~>SyB$#z
z|3sIB%zAD+cqxEYnMvr-0FoNf@TYX6VjkF>6+@QwC$dPho4bcgwUEkpIu7<M&Q5Cb
zi$4Y2!<M*JsUE<jzL$Xg&<_y0D0PC*VLUlfpoA?ad$#N$w&mK@Un$s1Sh^7H1G-Dq
zsg6$OB<5XpzDq$fAEh{a<s-kmL_I~TMXp%QFa^=fs2Prx%RArG2_&Qxe7II}NH<ec
zk~<~}_;S&K)r_~y-hE7iF@G)@Jcg*9P}zTf-Fe?<D8IZKEo>_GkI{<IE}QLKsZv)$
zI1*>Hwq&m1i>q4<$2_Teh$IW5l{X4vWaLEMVn9wTscEZG3A8P(We)2y)PH6(oYh66
za_uT-A)@#ri;HbK3|FtE0m(pSVtQqj8+t44u}K-5+m{Fy#BjPz=kLX6x{{#VHba*1
z3(Dt!*)SkuPWt=US~SPTAVTt+E+mrZAs*V&QcGnSgn?ZINRK-k3eE<!(H*bMVs+jy
z+%&)H>ezJs;e^H=<*>)S(@{?P^FWW##J_y}Jci#dpG#NP>4yQkI^U2v+-I^N9_hH&
zx!1C<Xq(LzldpRbD`&e=PYDI`sm8{TCvtshqkB$)qPf-?jV#CAdDErl7Z<BTqDk-9
z<YYW^^!uiOo)UMgNB12&b|%bi%CPr0EzQmI9N6TBuY>=wQyZ+<RGJNAUU>ZtXdHoo
zf^}h7x8j);+6o1Naa}b*`$#;S^=^rgP|7rSIAJlD<z*MAqv^aEt-iYbeWBO~jU#4G
z<X<QLlF-0kYYMW^1i^-n+iRF)@Chr#QD&;ULJtYE@>v-H$mcPs4`A^HvNL!%iLkzG
z6`3$zr0<OQv+N5L5=xsc`ysS*h>H0zl)O*@^#VUEsD5!<(#a)VWiNFAXEx{e47;2a
zn6{qZzlhWMp`YG%i(;wArckA)Tq2}$qpGH2sx;b_Hn>d^dz<n53DFWkJPOHxRG%jH
zB{udzW%AY-rvi9s%uJdUY~!sEF&`AjS|-A#EXF=`UMld}<0fQ}*?7?PRpRsaQ*!8Q
z&BXT<@8rHb$vPUNi;I5=`3zJ%#lOI8fFKQ{55h>H64qMt6RZ#`pi^yr;NepD2<meh
zJ#5qD<c}~w;G5#F#26<<Zryq-OLI;Tcg3KVgnL)Q_wTPqGa~P+Mlfx29&3@##uO_*
z|8~lO4(G0yLdKe=>lJ}n$2Dt7;>35{%MqaeFTDXm{%400I|l({f>^4Z7(fCi_#~xq
z&?&qUW4I-t(bpjz0yHH3_u)wd1_Yy?Mk7it`5@p{rtjb~5)sg?kPbpey`E+6W6hFo
z*#-)V!|BRy$~>#AOAtX0B7S+|7=_BiP=45HY3OVXAeN+gA)*NRrdAad5sPe*RVC^b
zK?OQK*44(s4BxIusvk(Dc7?>!nkgS!(?XIVA*e)z5d^5k0$V$Ts)qwR5EPPd5l}@F
z8JdwrVkBZ525Cp2n+S8duz_=wg21FAItWtO#J$~6>P9Fq(Ll8eA}SCRi)2bfLImta
zQZ0xT<*8y$2*`!4RA*=sCct3Hhg8O9W|@sT0+A*}PH-!R5y_1%OmL`Jy&djVLV#mz
zOwYJ+ry^!@SWqYsNOd(+bv5K;h}}W{V39DZLm+XPt<ED;7&x(uCz;Q8LIb6l#LQ-w
zP$-11LbyRRp_-sTM3N-*1tz4C3_-cXXLB_K>k5Yn(8hfNoLJOUK!jYRMIjLc(j!tW
zfqBjl<QgY3A~3gps904L5HyHJu|i&A9B6JvRU?79M5nko%o5~8U5Ip^f^-46IVNVk
NK^Eje)Qa*y|Jm4Qe5C*Y

literal 23340
zcmb5VbyOTd*FJ~`x51sk9R~Mc!{8F!-QAtwE`vM4LxA8KAjse@!4sU|!GmXc-|x5I
zp8aq4R-Znny82Xi*S&S?xzFwTxAJcb4p$MZ0EUByhl7KED{%kT;bh=YkdRT3kx)>O
zQQo~nK}E+!M@K_LC&0$R#3d#mAt5FpA|j(?pe7@yqaY%pVW**EWMW}uA*JTv=3wS#
zU}j<dPbcv2-n~OdMF*gx1DMH($e90s%fA6QJXH8~cu7QfARGc7JR%<aKNuW292^27
z{C{5e{}x0fcm!k=xOZ=jr0{V6@3yy(LO?`9{<j8)i3ksefQyLxb|og&v$*uT;)Cx(
z>vTpd|JY36{B`Ho;_N)lc6|Q=uGv>VVVcu?8@<JNGr~&L*667vpwmO3Rw1AkXVsNe
zqKIAT$m>3jw`D6Sk9o82XVhnN;nHbmCChrv5W%lU2R;<hh4jjrM)kU5Q|u^2suJ!u
z_4(Z1Jpk*>oNBWH?lV6+7Q?uymqT;LrXQuf=(@`)k6mK7rht+@LcxXrqbZan@!<~&
zhr?~bG=GY1y^?oLw)x6CIh&#R__bd?Zwfr>POmApHQ+9qr<rp9;IzaNvGW62>h|Y~
zWH|zTSZipyH1pJNP%Ow-EtuqI{#b2z>vHly=<1k<i-Of;e;KxuEB_YTcaf>v^KAGS
zmS-FBM<}2m6n#9;oVR6{IWIk0`na&*0SkxD%t6b#k_Pwlooejtm3H}(ek$Mv<(+(z
zm>vHxcBM{|phw|oy8me~x*-{<h=`m&XLkDZ5ril}bj+*Zmeb*njvdyRzQtl~nvOxq
zkVBerD64o@1NFq9+`AG0Qy31HKEc@csS}$=gq^HyL7p2H@*jY@zkLgZf{OuVg3wc;
z(-wq%1Ag1QL;sQ?GylUM**%QPPzU`B_Bj^Ba({~W1ykf6CG4_}*=L-wba9xxigF>U
zL4|fgVq5f5XWUwo_#og18CTh-EML-f_eTHYuCD=`*(bv0btic0e@^&!bfyd}^m+W@
z`^%-SfvD9%IbQ-XP59t+f;HaBh>!8<N#D}(=dIz*r=XOso>a_rj%rX!up;LBVQ6x|
z%%eGWYIDDcv^Zi*&wmbkve73?&s1N$)2gZx&bI$!JrK}3745hTsuL&m2DkDC(dr4{
zmFrR-pb|v*b8E+{_}PxtvHKBSQz38X*!wxuaU6)vU->EHjuh1IJ~Zmp(%PLq&_)bj
znO#1^H3rcv-dg%dFBe6nHq~ML-k{15%bzRWy9v(UyI~R_tungLdeO|vk8(k2YRFHm
z18=Zt2%;BepU(g6IN;G{*RFwRL8_ws5|Eh<=HF*@3ep5&u6nTYB_B=Ve;^<_#LS7%
z{8h^F$B6A9mh`e##}dcGp#Sdtc3N^aNF1a@r#bC6{Fo%&F)eyjP$_cVd)T8?@K?jf
z!+kNnir%)!xxus5Bf#IgT{wxN_2*@DevMgJSu8zDf)pQ{gQKTwOvUFV5nIp+{;YX3
zAk+8o7q$JcFI7E}L>s^LZcDUPVOqgO{^tIYNBmmz2LyMGc{4MGo{lcJ#&4V-$_nzB
zy-1B!81jr=QrCCm$dsB)zjn9$r0Jd>{@PP+m(Z%-^NU#3oXWxQ_Y&EULs)ok`SKJ`
zNYapHyEqY9SsSAWh|)sOZFY)PB-x~5tDq2JX8u|jJ6$|}>iWRMQLnQ+U1s%?`0Enw
zntQUge{fw#wfw?F=G5KQ4QavT(D`-y@%pdB>-P485tj$F{h)7M2TaQ7RJc$2Joal9
zIz??}gR-pf5<9<$xl}%T5AgCguNkl@B>|8=ipVkMSra*U5}IrMq3hy%-&1WOZ(|>9
zn0I_T)Lj1?u}{Fp;P>YN^oypyO%C$<w<?auO~~e@EcV#r$2~K1dnIsnO<rFiiW}he
zl8<#Y?89i)w!odVXQ`i}1{fZW;3%~P_B)@B&EmNOi#83|Sdxgq{dpc6JY~0GO2DiU
z(ty2Pi>*oSRp1_qlB#)Ih4PWDJ*zOQ8CM(!!v{@=rMU8N7Zy$qBH6Ue>b4^H)w|ow
zwvFc{>}=4N>K~9A{(|wq$1_{a;n)^?L=J5xop+do;;C^o*~Ex4T7uc`AhKG`?>VjP
zT|LTYo-6%%ZK)QS-;h+y?e%z+=DdgrfAp!<K$VF-_43Z@IgD#f^2PZAFkiQVB)DV?
zOk`aHu{!&2wz8-5ZPFeL$pS!l*#7nc9`Jf}pFrF`&8#mM-CzFX2y=N0<n7llDHnXB
zM3v?a2+>{I8aK{xu$E?)WLBpMHf3qf{99--dF?zzVQ^~D<-L70P1RCH#2-v}UF!EM
znpj+|&;ZkGKcNerC00?;!@Y^S#Fh842`VN^6Gm?@93=6Z<HUm#P)|_zd;a(v_t0<I
zWok8rU>wn!oQ>Z%kG#jndk;P6{-5pLg@i+yZ0fu>1i`!kWTZ*VL1SbevULX>!gDNH
zP*+YJs}1zCFgXvrcl&k@&3yJYEvV{?T?=h*RxoD{{Y|Dgj9g1S4So;#7F@N9x}Nj@
z_FB`qBN!sQa?&<@hdpYvsf2kl*eDiseqQ@LB-^*e%VxK@1S@R97k>72F`j?sG<o>@
zphu2&J$|<)y!?J!_v%r2!zBW-*I$60qwECzlHJ4cOY*Q<HSD|T<i5wrhG{0#J5zZl
zCXH&RCx)@MMz0?|-mQtzFsL&A9iwxorV%og$gdmvlIvh;frYs~N=nZl(c^%UYu}1)
z%mF0{n@AP+&P^H00`aFjoYeUhB^jKYlLpZT9+KA8>N05a%-8H3VjM892>NL&$+#GY
zsO_VQwC!Xa8)JZM>zJD;U<y5Pz|rXT{n_Dk*(`}uVrdhUYWNRveE!f`ElRC__gBx>
z@LnC$vK<GTqrG*}6%v!FoyT842wH5=sl?&yls;9WDTtp0TR7`?(tnt|9Xa$g2w=U9
zAG93kP3tD=INFgfXf|87W6J($QHJm2N9;J>d{kajrsL6t&TpQKhzdi_lZ;^I4D`>n
z8`HV-It~9T5LXV86B7kBa;nhPq$|4R(;3XEDz<m>ggI#E=6q56O8YBVk>iiOL}~!F
z&{A+~5B|P^O5py6foI{CMYxLteYqw%`C`n6J`_v^a~e1@T<FJTgT(~(M?>7Yibn6z
zxlg_hXo{aQ>cC1EQvr=fUnz2Hy~Rm&Y+7pTwmi02RVA~Qas`y1(Eh>Eq6TPu2|$|e
zC^5vLjQ7qXSn+9LyZ1Pw%dusrRvuO&R>0%|M+n|@1>BW)P?~TZ>>K^$xA;2XRA@OG
zsH1+F(a1iFM<-!I$g6H3^V5_uRIVcRQ%16!O1WAcJ8=@X`b3mCfM%%w3p0kgiIzTf
zMS)<e+Vm*Gtp+MSB0KYFZoHoI`T~v3uRP)&JTP!s$|9ZXeVIT`%5u5rPYb@uXlLU7
zn=GjokHxd!Ey&PRnVjA)TncHJ2n=r^iwzeJ0RbKn5$V4;?7u+l4P@aV;RA4Kd5~#<
zQUoA6UTJQ6LZUa=h5Cln;E@qb94{+FpCoc|#Q8%@%yA@Yo7Et(VAQ~nF1070zeFGE
z^_^6m`L7biMKVKcq`8-sSdppln9pf<sQA7Wl}gso{;sUKVW<1ONMtt#RX~S)0AF!o
zr0&VH3Tuof+ZBBNdF@j$dLZ4)#3$##;J{DBf-6S_q?du=j4#;pJqjCFN9@NLFDZvR
zFqYjuHJEq@A3E;S1A)@g1S)05*@+|qIsFlc%nCC}<hUo`FDxSCc&G`mAXP*A`6>OX
zn|#UZy_C!ajmPi2#D(%Vt1oG|v9Z#J&!l%&Gb*5m`@<>IyzaSeYB~3f%s>@_i=EMj
zl<<FW_%G$btH0{x9h>K@6cT_NK`GEUEG5$1+}ws&nFpLb2`h>%&q?36(&XY%O&HSP
zFA-maHq(|DI`-j=n)@g;?sf9%9~{|Gk~}0<8n<f;k{#bI>4NonaRmQ!-CZ43fU2MR
zPf%3c{AllOZ}xrrU+T==MIC-hAT6r&Q4y4Br(&Iw+pIr1uXwFACmtxxRxz5WWo~+>
z342<a%=Y{CmpX^4_Iq|`v>cBdG(lig9oi<NDKNRpBW*L58kq*0REEL!f@Yu`u;$+H
ze6ey87NI$z*6cF@Ik~P0|KQwH#f^iy-p58V&0Ab9i-QE-tJQs9HO<o}C66y6AZ6KM
zohig0Ee>d6&lXH5o^;Z*X@9VWCG&xs%}N<gXH<WCes7ZSp>q((8nR)oH5M*m9u96!
zZ!tzy>S3#R<#<_{xek0)zEd89V!V<bkA|!sPQ+${n0^qRDs}9A(rUJbnAl6yU;5th
zJp6+b{0C>dq%y1=mkY8QEB2&&vKrkp7|n!Q(B+Ozpm*GrgwkvLRk#gJlK<b^TfN7M
z9YMaLzdJYl8D&34j{YS;YG~;>@Bgc&^z0znB)|Ev7-}AqNW#t8A&{@~*&XuqS1gNj
zj^@Hu7-E$6Tb|8Tr8-KpxLPV@k;w5D0{aJdx}<;nMfQ)!n-e(j=oT86r$`oXrm%7!
z-G#QMFpWM?^MZy+H`Z2RQ_=m4$;|ONO<FqcOF}wMA5X%%ph{}7Gs?pDV<M`<7Q*j;
z0z3ri{Kul}A%#Z;BRrEKsyO2epU1{M-YVms6ayW;1u?X5wMk#>!PGs$f;3@z56B*L
zj5jE0UJ&w=j{WU8w=SH18)hStH#3Mp!6Z3}uy0v$63F3Meyea>R$_Yfr`%g^hIe!-
zEt+FtVGeRn@?s7iMVlu;Qift%=7{p%?Y@6@m>H>k4wy!ND<l-$LMQ(z0`FG=PRg?P
z#Q^4?056p}LD@|}fH2-6nW`cGUk-4Wn&U4Q@SZiPv4;m_lkWe#Qs?HY10yE6^4ok9
zfL40)^(FvMvSJp#cuxFTpxPig?Ba3>-A|{pQO*@DoROIq2Ulun%cQ&e6nXmCf6Zul
zP4}8otJFZxE$W$UW<O;o1*?C%8RQ=QAt17sRGX+OO4{$w-oH0a;K3o5dw*wpX-jv(
z7=o12m)auCe52>S;F6+L*}D9t-e<Y{IiDP+t#GC4rOPHslzv%FTlwkPS-4+Hgq1t8
zQQY?~PjHiwv;Y@cT?D)p&#X<ZC^=zg5LWp-mboZR0*s78akfn0xlG9PShPQGtHVxL
z>pfZ^JO2Up`QbX|z+Ccq;)BaKZDSq~OrjxplIqj<)QYXrkzRn@iI;yB!h|&tZ}f{r
zRm+$D$}(0yyoLBMb=Igzc6@ySK+M(AR~>uDFN$Y!qF6?B&f1%oU);HFIaKzQ9z@1$
zgpMB_cOF0NzmLqLSeK+61Gjc@D*#)&bnU<C>a6se>49v^q7AC|W!v08Ro0GapzpPf
z8B#Vhs;N0Qo-XZ@s|XggHVwsj4Xc!w^a|>Zh)bTPLK6vB3VashnDa%CUIClEnrQ-U
zVD>dLjdijM=XmxX&PxuhVqI%_>(w)ovFwV4RuUpPb@NsgvGz|yKK>vV#=kO*5Y&s?
zmOs(OPq;a`6r?A3pbrmhs+PHA%&rDCWh9%m+PY(GsLL_vuDXvR_dh8<%Q@9=QyYCT
zbn*eKS~z#iAZHzjP90nkrDq3^L=XGx{Ahx?2tuLV`@)blk8VTH8ByVtdfW2ViKEwg
z&jVj!ic_Dq0B!u-%KG4_4p>DKS%Op8m&`0q&a2=ntFd%COMj3OEU@f+<vb-^IkAcE
zq+GvfIpn9;T0Y<T1jR}cfiOQ_owf=nQMsMmN%qulQ6ELIV^=+Euct0?bo8(K8B0mr
z-M71D7?Ae<2ynb9PTc5!6O6F#nxkVXnOr(4CvX3`RP;BY&`%+JW4A|%92+VY>z;~E
z=fZfFW6^Vu!$_W+xLaTC<%AZNhX5x_EdHP6UtP%J3|XAl(N2KL!Sk8uhX#co0u#Nn
z+r-PChC?_q{FZa>jd4fj={W9apCP8{Y7A4#C4&|&6HW@ofqT72ih%U-#xnVub=4X}
za^h>q;4mh>$!e(pbG3dikZwzwj9PAf(?&rNL||cWa^lr`wy-hJucIV5^Wf5aaB6j6
z|JA)HE9tSvNr0TOtA)?ZvHUFlL%aJ8@NLCNS#@osqhw7_d|_R8UO2XJu(~sLQFz#p
zI4It?$;UM~Go29-_Od)KnM3pGgJQ?V(SEHal6~_f<Y=%pFjL8T8(ELB{*Pl2e^)#9
zRovFip;gg2m&(m;fBjd&e3i;M*oqS^Rp$vjBQrF1ONhc|5b5Ph&vX(od)ZOz0-8ak
zVUTxfuPce6mYW)-IM?Hs`}Gi^)^S5xg55@PjYe$dz8$lE0%w8DlJ|+Iur-lska~Yh
zhUle_Hia#zwkfmIg0A<HOTpic^YA}ie)LyYyt7M>KZ9E?H>+;_I`mcaQ_%X{3f`d$
z0i6X>YqhPkKs;+Z@};N3V$~o*59$QKC33m+eBZMjbz(BR;>pSC1neBL$Ive9lnoBx
zEU~}swu@|&|FLi7G;a}Li)h}UamGxJ6on_7h}EGDgT!;2sS_wJ(QTaj-f?Z3DmMH$
zkG*bPTZ1%O=qcL`E1tN7WV5KrAB$#HefaD%GFSUkhTB=-Z-zz$y%kIRplIykHQDGO
z%AoylQUduJ!78-blOTC_rL1N@OtgHm8Vu<#-ZPFu0XIErnU*;cUfc>hm)7T&!}x1{
z-jzxNA*C^`T0{B`kpA%LxxUEYEv3rpAr0##E!7`+As+(l2J#*InTG`1CGw4&o6hip
z1i+lyGcwiDy@hI(Mnw@y7OlLD%DG3V5Oru1cqw)x*@}(GlE3h0d;at_q4KUpgwQl^
z;z~edo33?!-0N$4nUSu><>GSZPcT95At<W3t%7+KCE?}?!eW0mzey=aXS2%)9s)8e
zpaD&rWYwXXq<6VUmvJPiPxy;FYWm?O<)xC^PCo+jpn~1uE>r9Ri_gXa8=q?V7th3T
zcy6&R9C#@`t9uxCl|E-BpX-cR5*D^6)S7`&1j_x?FQhCakbqnmZn-BS3HD!qY9<tw
zA$|RIvasn{KgX|W`WmufCr%u`0n)Iktf8r0RK(B?Voy%{MM!BKzBIaEO0LA-y2`<>
zMO(Ym=+Fc{7@dq<?cM-ux^^o1sA%Kq;z<J|<p`X?^Nx5tt3+~&!~rTq1dlFh9lCP-
z<zOZ9xd}iXT`PVY!@8AedF1A{SRMOFMV8|i4Vu4Xy?Qbf3IftcRXU&QHJ}1E()fIh
zFpFR`jImqCi4j?)p*AO`dg#M4hQ^oFtm>~Adm;2GLwzlW+tOc{cjH)>{GcMx!L=#L
zz%rqlv~=(8I<fJaEMB$Jb#`pvHS#ZDU*u#N^9G|>Tj^Bo+6WqU<uqdCZvToaLbl5A
zw%E;6-;zp1ILAUYhgy|Yvx>;LZFnc1fUkEPEL0Q-MZTI*#!N<yUn$F^h}{<~h`#pw
zolbWFC0wVZT{tzFB+{%jK6+p(YeO>HD)S)N8R=oZ!^57V-80d_e&~aSai)|qPUeoT
z$&x%n63#h0L0w{`Af>@b{eF}Vph5!a<EamD8FKSvGCi!(Ne*Q}OZ+p(6oW_-46@p=
z&b2wP{jN-|5vhSRIsi<RBZ=qXPLw_M;mE$Cm3T_L!-J-t&mR>f<p$%0p^kV;a>haR
zd6F9xFc2W8KBC?sVq?&;qO`+q5SQb|8!AmY&B*P^&&^_l4eh_Kke#N^;UiZnL!m@0
zzHiS879>)`t8coJuQ|HC>)w(PD6<gA;qI!pQ5gtccu@HLrP#$P`9nTJPr()8SwXGB
zI)f4+um&S`_s__B;))adeXD>=uxQC|jIQj+$(u1K)>D&JRAC7%uOw~n+!=xTt3JpU
zWtUMocFb{tSY=qP?TPNsA54WeKR5j55wRjanOW(lVJgoA<+5IO=CAhTum0y8?;*(3
z8yjpOIdGx#w5P1>@di~p#+X*F8RjK`@-wUNqB?%L3X&%sY(q9|8=@cO%U*QDB|I1z
z1zZHlr+(9Z69?u-Tj<B9X2cH5n$vXwKrU}RY_5{rt^c5<qZ+$s^K+e%|51v9b#NU(
zFgltz*F9};CrJu?$sBp}qIj(&V7y2lQLo}-rk}m_>qW7Bk#xsY>O=F!#B%fBm%j#<
zNsRd&em5x&*?f!hfOv3-|5N^#ZimN1z{N+Tq2=b00suAs8{WO~?UL}e>5fYC85I)5
z%e3_`jE(bDCE^<Ix>F7==Wk-@X~$;1N(T<EWpq`^L%vxoaMMl*+p_ONQzL0Eg@mZ+
z=M4w-no{UWdNvKKkD{}x4)%5uP(3`P0j4-b>A!G`8X{>0`4ynk@|fERi0Ns#kv9{x
zeA5tF=|X}Embp1ajY6z>jP1GC*wfRope6RM!^07Db`3mK>nGuPtuep{6J@3a<co+Z
zc0Ccgtu>iz$*t?L<3Z})GcAh}MK2$(4_vh)B-Z>-JkL0D2@6anjWULjjP*_H^SGO>
z&m0s-_QC8tFSwDk;<RILlCGB<9C*nF-5=(KbqNUx;h}m+6H?N>;H}xX^r-k<{buzq
zhFlO-(26r((vD@r7}`SR{{n`$=jMDC=!C7P<RNEN%Ab=_66wTpNNgo7l<uVgO3Gk0
zeXE(;{RF_Sq_pV`zeX1BrN3m#JSpfn;kG<o7_3)N$|1{ay{k{^mxn)bZ~3dM45n9*
zg5R`fl#unQhh?@srR-M8+kv7WU3VFYPlYyhFY?FcP2}59TSLw$>B_yp)842m1NH%Y
zGU@5*)UzXPBk62xY&-!KEU0gxWk7kEEIv@u<mAH4s)zJV`3!h(K|TWfe`EarlW2iQ
zz<X0ZfQFU_3CInSlKvn4Bm77Iamcymuf)Gsnu(=}tfRU5CM0uY#gh*7g0u9k^U2NY
z5%7?BEP@wxtwA|27#MT3sCz?iE!nF!gQ*SKRu|*=Y}Ye57?--vN&mV0)B51rzxRZ_
zn|~ENClJ>q2tM3c`HwVR67bD6S~p$F5okabYv;BW!6VJ!>2wjNqb4r=>B`z{1{`Q1
z*c(|A_@Z*zig#neg`0h`7a}_ZKFs)m|JOE++vA2S{`(viC!c9}ZMt~EvV)h}se_#z
zC(mUe5Klw4Fjb8UqtoVF>1V5)!aIFG$k*k_s9ZFQC$^rQsc#M=TitrA*4YUH6iHLD
z!BM+n$))aURvta7)r%rI&6ehkldDP1V+YehT1s3Ljce@pzYZT{th4m~^PxkuqaTEN
z7sM?tO;8mEvvOxJ;=rHX*=@t8=2|lxhK6U7PzqDVmQ;=zJ=)6bwhn%3Obm9lo(84A
z=(my+@uXmevrq)7+x?)cMpDY--?}P{S9m0U)EH^eCoN`*aBWe|=V$gSO;QLP$jC0~
zY!c|n$CfM9@g~Jd-93#F$=Oi2IT>bdoZL93)^P;rrD*Cc4{P$%InI55p>G6UMK)R|
zt+OW<sxROJM51?cebk@m8J!b|xX@zlAkr^Nr;YuM?#-3c`6AX8TPrR4jke8mPTd-E
zgbC~`D<PNE4CeG;X7@M^R{GLLIl}C$M!b?*MiY**RXM_Vl505(5P)3<82V;dyl?Cg
z91;>D3d(=zqyL)Ln_<!NAmZZFyjd0Sy@t6v6u>L39#(=xXVJJ#koJFABos*m{}5k^
zGk%%YH51#v+Z|%t{KrdnuMz}33g1rkJDGxKEYGht>vXv2c3?MEc4`1+?y>v$z?`ST
z1R|C$M&Ut5hV6bUlb&s-EX|E;D<dUa=PY);deYN`)09&{?5DpHw<d@icbt2FH+n}p
zPwN8}F@FE<JPkf?XI7-L_*OLXYcEdfAxQq$J{IjixFFrM5HYqQQFi@8CD4qmn#aXc
zv2LT?OS0bnp-O+k=?4sw2fwPZVF@r-r`qnwKe#!;$mP8U_rQYU=JY$SzY^&svxi<H
zl;Q~$_rlqYQ;%;aj?l6L-UHquV8G5_;r}^`JAKcMpH3TRyX8$in*WZ+@JyPrWpf%G
zZMc|<W^-j5of~y}>`!EKnu@+`OK0lGgvGo~HCPpeQ=?O@UZcfON<P}P#x>qGPVS@d
zX5-`p%!ICbvC(zab=CUZfZFruuSCR=MA}8M!fe+a*CS`bYr_6NxKbvF2uUNGDg?TC
ztk-_p==Am!ALDH6r`nRJHiuVb1L80u;>&Lu<9job4J(aeM#5Wz?ni?$*wl2*G32Iu
za+KD4O6aJiH{klc)(D)llx+*}u8AnSp+rTl(}U`V)IB!%ah-j<QJ?Cj{fRf`PG0CA
zT!Y3xI3_anUyubPd-Fba-N?lUZ$H9LMY@KgJ%_ld3@zZT<k3Gk#eZ<kuUT^VTe?A;
z=<Xe~G4oFMDMkj%?2`%uCo1f-JMD37vXEj;CJeXjaZiVszE{x#*E~-A>CVxwYZ*q=
zJTm-W2`!jQ<7<Ba7GvGrwDts&^wQi)2J)h*flR`^-SmG|PSs1?v>sDWqV5V}R!wX^
zcV&HA_z;z{^?rk^j3U6Rw}y-MH0vOjqsgv`CF5@uA?{)flDnXOrQ*BQ_$2=vx4Ci_
z6FRgPOt(>)>HxA2;H;rG{|VumOHQNCOW?ko>6XFySd}z$W#zGhQnk>g<K+GioG>Ln
ze3$5MCYRU@gNlqRLxv{*nIygaO4j1V!?7XVqFOzZG_U!l?&v~={<X+jq+OO@zhdOQ
z)P&5vR8sp9ODX|<O>W5{uuN9g_CsM7PIB3&a-ojmFr^X?a4bbmiFUA|1U;t)olX_f
zSHE7e*soe_8@L&gho>85P#?#n#1D-t#;nmTO&f}v9lFfkdImVO@g|c>1LZ{;L>Y2%
zy;zWM@ws3bOk!G<sZ2_aMNRurr#8*Q(GOa=?0ka62(?$|aU~84w9`Z6>4zQ}Yy~_I
zWM)i+#Ub;H;7lFa!k0MRWh;#kG}@6AtN`T<jsV{TB94sIjYW-zxUF%L%-K(IiVTZ>
zeyKB)isioxOv*V{PKPRen8;%A{JoffLvMF)P@TC?wQmWPsL4<`BxV=~6jp&Oi~MS8
zuVM`N&0pn?GXFCXtS5>X5{Sl!;(C_E-bI27qqjsY)7w_OJ>*yYA&WKdwBA2=5Um=Y
zggOj&3#609g(y_nW{eR}0de9cKbyDmV}2E)mfHR{*gKSfKd&e^k<FEP&oMmKPjE59
z+nh(Gps-QEqculuOKSQYSI|N;xAZK0Unn%?O~F&WSFyM^?nyddh{jS%7^ByN^<n-;
zOjOd$^5kpmqWZmlUZYmUTepOq6V26&&Eq2_9uIHRcUOxV)+uEn`%PaSA^P(_IJ(Jy
zaD0$>QU;0AD4!^@cnz6ZjltzG9aB~(r_!IA`Z}@)B{B-f<g`&HR>D5!vTM~}$#Ipg
z({s)keX4o-g|{UL?&>a{8B}YHD|as02qvhPqsW<vVsQ#_8td_ntrKvzxdy4a8FQIc
zhqcA_g7^wh3%sew;@!N)pZt?;wA&IWJ~s(#SPZqbjH^(y$Q?`%6X3oIY;;Wz@s^2(
z?0t&2PfkyWILTHSbE%||<IYtUrWhj}VvED`Z6#XW&*aTtpY7G1e$XJYP9S1U{*cjV
z;lYvlroUcC76Fay>4;!L&<!(3BJ@8V$^~O<3D6WzS+3PPW85Nk)%N5XSlu-gZ+p_V
z3f#Zy^mthCo(sWjS1BEBny8#O_%=BHthN~#$kDc{SHE(qx6iJp{zizt`M}dkU9R+V
z{wa>SOCr}UHK+SOXE;6Ue`?Mp-<BOF+&3uuhG^d8f0v!NRYyt#*W5h}T0(Q#*gv;@
z@qZ^QBxyJA1i*hkHN{BoFqDN7&V+^Hed@S~T#3S!F4dw?e?|H1yk^7SBgX*W%I4Pg
z4-OIbE+OX7dToY1m`qH)OM5fH-Dw#X6e1S2jrg4<6fSb?6%XRTMT&4t{JtxwBE}~*
z<0@*ArxfQ?jl7n68DohBj+@2YC#%c=0(c%r#%Z4bA+U=%YH(Z>KzG-FV%+o-*C}px
zJgqSXVLwhJ!x6dxkPS6EC$jDc%@wH)pDsrpB3D2gU)qhiM(Ng!GCB}Rf`tNVr1qjs
zP0XjH3~~~9APqu6TA2QY$)lXJod6HYu$1b_VuL>o!ig(??~YtbufbLjfD7xl5)Q>W
zpyrtvyg<QOIYQ$l&Z$6UI2X9%Bone;87k2nu$|<R_U7efYVl#R14=<jXzgh_m`X_^
zGO<mm1dDri1}C^oXtJY8e1q7=%^X+{Wec2!M`6j}*gQF^NFYWTlA>2CdrPc6YNDP|
zPtG$1a(~N9*mo2cqgRPtE2n!snypSjtL9{IH*r{OI)43FU#Tn<ej~W?qnNCu>%EU2
zR&nHJSc5Q|^s8Ah;hITciur)0FFpFoQ?v@=X)nP!k2hJpfGPY$>cTz<qi>5^5+Og2
zv_6D+&<8}`uL3PsY}`hRi+)Me0A+{Q@JxViNTmpxm`W&-ka4r|VLUC|%;ES!SXS#Y
zc1^P@en}=sC0?%xc@T#LM5a-bkx}1f@nRd#pk`B2#wN!`@#dsPR^4=3hL%0ey6<UQ
zjL0*?$s?mhCW>m|ue2F*Tv1ncI>@7gR+gwM_>`9ke!>aqht38~RFo)!4_U-OF=R}W
za48(Ko@WyvDx;P_<iwx;PJe<S-jA<X7$q;g1p}Ys(h;@z06e^xQoQ%1pHzAwuqWmy
zN<fH%W}~2@oF7e<WrOZa{L?ia`}c_}+$aRZ9R9GrE#;_DS?+yQ3<~TpOBqh&LoVr9
zSWX_*<O8kQX94%V#d6lADYu!1RB^`({2+w3vAHm6#K#a>yZ5uTr4t}z*C3+Jt&;jX
z=y%&S3ZDDTo6_EKfCamG2=g6zg<?gS`@2qwv8#V@PO4eo1>C+*s{FpN;RwM@m^o(~
zAhnkYkoyNW#3ok^c-&)nkq)<4_ymkIi4ZW|`tt~pvUyc|t)4ecd&Z7E@m(F%+k#JG
zdZ0Piwq%k{d89^sNiuyDm#UKX!X{0!l8O0F4qy~8FdPHxEi=CAST>2$=4mMEh8d@<
zC=%*l08S@9zDl1GLqYF)14p_g`u|Y%J*^b`1P+Dh|CMmPQnQd4ePS++9`ex$5nw!3
zNFVqn5dxu3M)RY`M?<BF4M&ZoiSz3Z=aNyHP1}dA6340m_EZ+g&YIZq!ZGUtq(ydR
zR-UP%1K%|SA_aG&*dS0;aa~f+Qq4+<Z_d5oy|^7kzw(}isM6e`;81gwe}Ces2wlBR
zd1Pw8;C8*dOi{ORJr2J?{Fe9{|2A9*+Ub@n7C(B!`zn8jeYy>i$=XcYPRDv+eI3%+
zy$eF#6u(}@Q~C!7c^y@2zml|(Uw?+)O(sc<N=uB64#)dFi%}Ph+X&SQrO61Psu4r`
zDw}#)oB?+dfA;t^u&h+`sl)sjxsy=K`YKdV!L)c0h<19hpCF>tiYEPSvz=db{6?SO
zFGRvpt_c{moEbUv?@?}4|G~i|w6*C6S%gWAL7k<Ip$#`7Ftl52`CrN=|KLU^WLGIx
zR1MM9#rpoiB_=(}_F}4G$I;rk9vX&^w#ZwYQr6#t6sh|i?N%yP#7Ryr-hFY;i(1dU
z(jAQs*J;~q<9nYQa>yBlKE&W9<fM^=^q{}Cs)RCVv(v&kO!YX(Ow;n6c7ZxID?9-L
zjldLPtD=YeLgpa#LwB?>NOa>+;Xwiq@C-+Lcy|+XmKFn37|nnEoT5gRR)libhYg$M
zpF)iNIYP(;H~XXY-JFK2J-X5V!P(8bhBtFu(1|y%j0DFoto(5u<Z(sN2iav0Znuib
zMcScE54=QI#`Afq4-snN_rG9XN|Du?HI{K6Es-koWc8}Kl%hP>vL61W$OZAo&88dT
z^CoI$OQA>HT}+XBS&3nd?BuR#UbILpc4HIL_BHSyM(d?U@~4TzhLC7>RFE_5uy<}4
ztbzbLxeB4OQ@az;B}$swZc*%yGFjhrdQs$c=9M$ajU(%V^4x5c7d6RAwu%w^!0N(v
zx4SUiFf+FwjRNpz8Ubjf24DKJ@EUTm8GdHWkGZ#X2H>xptOLUzEh<oNp0GSeQ#5k4
z+_!VLlY67niza$$VmU3dv(@lLq*9Moid`df#7HV<2XPlDN$(ZOP)M<(VlDjuv1)Wy
zd7=Ym5L}|W8_p4C^(b#lD}$jHv$|QnKibMKOcrN|%rj+xE`G576106%ye(HNWUtBq
zpBCGwY|ptdlW}!BPK^(g{fkq2%U~t;W~4uYIK4z@?mquq{I}T$e+utL=gF~jx6azT
zf`-;lMoa3l1wDDvU+p}i{DPCoO>+H776c5+P{BD}7p3v!etJd2L~A78>IG=CwuprI
zqwdiY#lW2m<r7j{I&w1;3@>%c+39W{dc`~A&P4hrn;A!;==W#Qz{=Ul^JspN@#t~E
zE!VB+TSioVf&n%799wEc;R~nF6<4J;8WRk%Ym>A9t+q9$qQylqG1Lc5LC(p97d~aM
zj)z=*hPd0$(U{B>S(?Xpie$l5;cJ8t2m<YP4{rFiUPffM*M;Fl2$34SX32DufI0`t
zkV&);=(h2W)^nZ?Xj!q0dY;sGwRa)^Ky3UI{k&7wOIB8q{1R0%sowmz%05KOeb0m=
z?0O$fPPK}z+D+hxzZ<`^dhe3}XOWP4cE^TPq2tfy17)lQ*DXstfu=dN#oj0Ku}{U5
zzwZ%E0CM2yXetB{lguxbZUqb|w;65``-+n^06<<MXnAO3^_-SPA;M~(ak_yH6p59U
zON5kis<qRRcS(pT7YbGJ$4z47NY(Eul8}P!!#t^`retX<i<rR+cylF;U=T^8YC>h+
zp`((8So2?!VSgD;+)4g#lve9ODY2C>yb_Nldo_z^v_@u`NU-vauG|fn|L{}IL?8g>
z??;R@T56{3_X!$VcBwF%UBV@MfX<y&>f0}cCDv^vT^BzkRe(HVp6$1ds=bbBUu=^H
z`pZE(nVs^!|GjzPOiI+fkZdF@4FJ?9M!BI7u=65U<iMaLw=0SyM8hPC-h86Tnw;HE
zJCsMm-spcqTz-ul!MBX&;@x^i{DtAc7uQY)>;f>2`NQ{0(IOmEbv)X_%O4Xh;STUw
zpku?IG0Vl1jtcTbl3b8##O5?`X>jC&Mfw<C2dbkDn$%PEl%Q99^GH83QpX}4x%Lce
z#T%6C(4|U2<6Cj^L`bcC`LPKMqrD@CK$QH8N%SbaGRE0y#7|s@7P`m~T0V39Lez{z
z@d)`!8FKv9rP#SRMBJ*_Y8>*>)qeib80V?mL+@sFWeN2eahxu#xz~u4W}?)L<417@
zY2wP<3r-kX`H%)3n3AgG!~`=tj3}}rb)1>9-U754Hj8#8PMRJ0ovzuUcEI;IOAA^)
zJiCe_M!zs-liOV|-WyeO126#FCSth!ik~iHYL=8?%%eP*j}P?yU4opIi*=N9I1Obv
zN()y!7VhV(P13zj58=sg89U2qqn~b4p^a|PTRcEMBwZt?ST#qZHXyXhU0D;Om?PFC
z;1GyWw%as1^x<oBrMS3BL}JuIU1JyVNs;a(6j!fjALY@!1CiOpT=5KO_5G2q`7T|L
zItnzG`*@NSwOY0oR{&T8C{0{IoP@l<YYb`S6LO0WSdHi$e$x6M1}o*!+-RDN`<F<j
zQAd<eVC$+_wHj}6zhiM<T&DHH4ZSzpyr{fIye~Z47vt0nXuSz$yFSWb0Gd75HMhag
z7Wx=t2Y51RKvfxEDH7Hl99N-co{W$cZd7^_y2XfL)*@BSr)44sa52kN5<_(c+{=MZ
zg?adMF(=ZL<_$%)4CNwNeli;3D%5@Ni>hK+ICSwVv~yj}oz}oBLJuvT<D@E&QbBLI
z1!%O+lo+G%fD@b4n8ty&5mKC1m#1Y)S9GDDERohZ`L{}QK}ZAQUvW2j-+g9uwb8WA
zu=4QWb(&X}^rE#=JqvAQ%4R(B{BoLDoAV+8`(nR+jOD?yr?T=F%4Oj;mLuil6RG1l
z7Onq)N3X}jLCg70qmkdk4kAA~*cg`a8<OV6CLhLP7lajVTZB4e4&+LKE-*0ih=eMz
z<LlvmUMG$9Wf!enVD^hCnNh4+-!FjbcC#}Tq1Y^*pL%|H!f@jlKHQdESy-{PbyHh4
zPOVD=Xs1l7GCETXJySnOW4_XTOergWM#IQt${-l6z`x++W+PbG!ESIZK^Ak`x6u8;
zA|iqyR&qysgY#^5M=o75Iuaw;5*H6%oN6vn?sSNB4(8nM&y70#T6uyC(sla6q>mMW
z6lcpGmzQwLC`7LG&R8QL(le}b{F%b4BsN5^Bqc(JXD#IjV{v45E&kgbvf~BT@A@!d
z+u%6=PzxsgS)39~DL--*JlGB(P--v*Ed0(Z#UM_9%8gq!o>0Xa#);n`0fiE~O=Kjj
zj&GhCI*c^Z86)+|)+I@G=r39PNoF=Me~t@?(@7n;h?0S0xZx@}Tj*O0>)unL$**4(
zFiWR1UHv#nXSY%gNrx}k674@7Ycp(q1XjF(8f)q58{S&>mf$%b8;rm$NI@z7VF%-&
z^bST%U(fCx5m$y3Q}kuh_C3e^lT}bYtsFu`K$&AE)`ggxRS|9iTxpN$b`c4%mYuL*
zWb6@ncxYl;S>-EMQeM5~c8Fff=do;djII~*&{_K-yye3jU?5Fl37RFV4$0PfUqqHA
zS)04OqjBP7l!?l0FQ!)z&PUxtv!3BUX{JQ<ei%ZfCONznPGfduuxF%gLWsxJmBAO*
zHGg~;^Ae$$SB1crDDmE*qY~BdVBA|A3o>Ec{SUEDeB9{?jg{Is)*W-P<9b_a$*|eL
zv9JK#*<TvQc{O|bl}J^i5EVeF^vYxTnmLCBHM}S-{Um{JONI<Rl&ZumrZBl&%yG53
z?<Mx47<DO-tz36NMpwp{Ziao?vZg7$rJv5CJ3(Oq8YfMkerLrxmO9s%yowuV1yQqe
zH&Y@^#|t3Yrj|Wr$lo)Ip5Q@mjTE<q7R&XWEyXXd_FXvi{YH!*70ZXzTUdyXnCGG2
z(;8MpNFNFK<d`-5#KxR0L)Q|g+6CoUXXV5hH?(vTHVK-n#+Ft`jqa|r)$~%tN#$5|
z$4W>uvRMVAtjQ>qZ2?aWl>3wRrsj%r!^$H)=x3te8(}qSbctckaiQfEifqOIgKG?R
zn|<By2!Uv`Wew*{uw6L7I8DQtxKGTvvMfPc*==;wFzzcxloeINtx-nN)wE{P(Qs!i
z#?uGv#3=AHJxG`iDLlRrs0-6)q3{v=Ae1NAm!qH1P-(R4OuVv^l#>agaS`BZsG6<w
zGe*aE1<dmI6_-Bp5UvI%`%75Gz*_Nt4=4Tkc!t*p5mn#oqxb6t?feMSwM4X8J>RSJ
z+_So4$9o^^aZwll%7Fb`GbojybmJ%BK>m&<KLu<_Q;hdWPU>H4Ykg;}tR6&5puE1N
z$vmX&#V0K*j*16Pr_(6FN<_9Oph{b#q^sM$qFLG#EnP;DK94?OgtXY8WhVOeN5jMt
zx06r%9$B}Em!qsh;Z|}ldH1#ZG9ZCsc7I?Bryq)Tr427*^-!r`pc>N)c$)WJC|zh?
zJaYn!mVVh|Y}<#bk_4Hvu?Z!(rC(zO{P|6c{=wlDWH@KjxyUqqV*^;*T)Gb1%QdGU
zS9*y1zfmgx-FovzzrexaW-sH;3q%tiefh54rZH&VnJ<g#X3+zV0L(r7SU`Kl1ALRq
z^`yxV77j?`s(KD1vHSVB@!TzIpF$KVY3l(MK!~}iTb22Qt#+^Ps!)<5Pu!Qkhz&vz
zN7bfsGkOaZ(CEaBMAxDy!gi$plB{tK9nleRst}Vb3lAG&Gd(WCnaxD2&_F^cReeu6
z5bIZ?P1Ak>3<_cmHNG@+wS52Z<umrtZ1XQ1{P9UeCuzt~;^hzp!K+*tBuQeVsk^Z5
zYO_fC^v~&6=_KBX#dAUNf@Rrz_k`2&T+=37lO{f;{w?S+FL_Ae@%5o{WF{!DyvZc*
z*b>?3`MZH|n=EsEJx9KWG*M*2yQQ<4QKvHWX2US~*N`P1=zH3ek042ZJETzpDOhr_
z)R!bSl$bW1S6fRy+{3Py0MTaML;A|#D%oV~{Q-oNO#|eQ@BlW1#obou>eKUgctyN2
zocEf;;!_U7MrP7=r!`+3a_JI9!m__pRv741U}G4qT`|(7IP2*nETcPcM{cP9gQHj4
zvDb1<T8nx8-unpY`w~O+{vJ(s=$E{2z>Z7@AP$}ouh8-(FI17So|-d=o1`vmH60q0
z{YIuy;r%Bg{KljGKZ#*Dytki!r8LZG-2XQ#j9Yt5B{ouUH;<f)4<bPv_6#l%%XiN*
z6vgr%`Ei}ku9qG?>T5$hR;=zcb9u|;<6e~^`m-4N^0V01$42g=*f!im;1AhAN`Cu<
zagUyO*2f;@Cvhh=cn7>=i6tZbKt~_K&#~)~AmvbJ(d<rJ=T*z+FpEGZfk_K-Ji!jy
zjhNHBv<ddnlSIx628P0(<D(7v(UDunzsdjLoQ;FynyVXJcMk6~5w8UJn}~<cPD98g
zt(YWjL(K(mfqzJ%{9xOCTavXQX^O2Q&K*N(A^Js)emtc8^w#AG<x;OQ?Ko#?LUK=`
zi^c0qt3Q4XuG6mf#}WNx@KMg>bQ?5VB7XM_ncgmBaBZ-1q}dQcx>$|PN&7h&^8o1N
z;AtYS+aYfC=^0QLH6Yrxck#e9(Se~(CUE3-27Pp7|H~Duk5B5z(YAIW*jpR@tHN&=
zW1=?sJ|msp+@SRV8^Z8QVv{Ltucf!IDG<RBF5imCm}3b|h(3Hm|70=eH~cryz47-x
zf==tg5!H7Xxf@n?`l%~J1*;&IuXGW;RNH&R%5EJTI#}DeW->@cn5ylC$#7^8CE={(
zi^Vpm&pR{oMIiykp&B8U7}DY1sxxX-nOd=rnBgP_@GeOlIin&5*F)cJ|K!tdVtWR)
zK8OExLX*gMl_eV{wsHcn$F}oU)94Yq>Qp$J+6R0*4S%p-B(9~P-DC3ivHqbrlwzD!
zOnWndQE7uuNmNWz*OR2WMV~Z=lQyxzHVl$9r)E-ftv-Jk(_b1MIv!j>gI}4b_N~?_
z^UU!us-5u>v}x#BjrbfgWKzfdwfUB3-bkdqdRZ*cQ&hAYu+9BO5-C#c`L636*qHPe
zts^zITW78A$b7Wn(yakAkZ&cJM@0jjf^wvHCK0RUb|kZAEU~^_(MSinbc_jLwnkqv
zp`X?MA=&&<Mt_<A|H<0_lLN<%<wy@mado$H&f<Q*mO30~?wwDy<|Cf1V7op?^$#vW
zlQ0=E>PNNtANW#uP@vVH)OjFA6)1eM@8lzGFlTL7vrE=Y0q%;;1Nx2LOUo5|l?ydp
zDyP9T#;BEbtUyTLH$`J5k{tzR-!Ko<B<S%nGhN{>eTrq`x%1v*o6fqEV5oC@imSSQ
zvD52>&>itQIs6@r9J8X0V>NW0h*m=SA6&ZitJ<Z@&sXqph~aa~1IBesEmMK71<dOz
zl<kshTM}VpKT8&EhmqD4O-%vo`{z*3)5ukRB6c^Q>tsCvAjU>AdA}#x;jY9Si7<TX
zIl|B51sX#St>N#sBc8aU%I!x&YF@CFASYSixpL9yOY3D?^;#&B>W?j4WqeVHpaU;^
z5gr<sEPZBL`Iyh58l$m6P*GP5&}GG`lA>*FN7(upyFB7!gK0JDK|WR+yF!y7WbZo6
z9@7;~&o%vz4pTRgab_$jyD7&x6_V}fpPxrf3XJ5!Xg*d$2Q434#zZYMb9&Aavs`xO
zUJav_mud$>@uODle`A&Q^~ptqpN2CgjrBLSr7n3hEQcQ`tau7guMn?)R!Ypcd!_x;
z>8iwLNG|CPC$6mXqL(8dYrlUzijx*4{F!mXZv&wxVUkLozxRWRFN-&4DQ@p@XJgfp
zggs8%d7A~2uIDkO&+x!&v6DD^h(7&l`z3V^m9e{RFywFC9aYUkYw~Qc^KDU>snfWw
z$4L|Ru8*<?J64Tk)jN5ecNk5&7R#3FCRJahY(0^<tW#Ev(UvEuM?ry>bUaSk-l+KC
zrRsNvm3_PP&}?OoV~=2O?(xjk<z|Er^F9VoNZ%RsP0f-bWPOVSq!7y)PcvF+kC1uk
zaM)MZ>l!uzh?Cvv*&qC#k}$iJGK^i0%#I~UCv#T5Wh1~xIvYbE6BMMvPBjSf<V_5#
zo)cevMw=1U7%@b)gaBuW>0ZqW+hJtM(BrxPr0yAU-?q^HkGyTB{g1%I{Wpj5-xNwC
z?p*)&#pVB|P;h-=W+}>Ux6G%03HK=9!$NYdZiRP0H^$g0=92C3N#oVzX%H548X=i~
z^3NlJRS073y0c9ZSrVM9v){*ZTW?&wd;gLOce{``<BsfU#WaSF{QDvYmk@wiMP{@X
z#<*@hIfokouNU4Y`~aZ2+mMG1Muj1M>~|g}4k_c!wN*AbNRP8EiFBpJ@faQz_S4Bt
zMk8JN_*2>57mw^It}B`sWwN7#Z_Z>3S;OO2J!l-LeZC(scD`HiZey1GVkYpIV{@GK
zs9b=C9(_QsD;o)SW00H0=Y3~D0;iRzNx(-o$`rYWZ2cuhi`xhTNj&Is=7Brb<Ib$V
zjV=$>R+6wHKZ$9lIV!l3fP@hb0_y8*LAnL0%>hb-<xEQfT~wcR(Y0|(C4rb$@oj)(
zVD+t(WC?mo5v{jGwduWPPZTMfi;d<Vb{dvkJ#)-oWUAJ=>L)o%hBSU3tq?FV2#a@L
zLrQTRu@befqN_3nbh6LcGL^mX@5HcVgrhKdxGapV4#Y<hr}~9C%M!~vV#t$57duTs
zU0AXL4wN;2C63ACj>F-pe%UbchCh)MeRP2#+lfSXM%-ng!Jb8vBiVre;DlqZ5^&!(
zvNXo3!-tLWN5MS8?>ps@2(__s1H)|&&4@P?Bci_aT6jDG$vu8l747D3qJB0Cx1eu)
zw5}jM(E085>k>=#(|`~TJ(ICkmvJkuZ&Y&D%y@Lpv1DC*uNT<%te8{gikCAQU(me~
zt);cEy7Q|ATQpi(t_&^UeX!yz`z3rg&kmxZ#3wfRTkN_Q=?=nUV)$Fi8sJNutRoM`
zBqAFbm&Zp7q-oH!kCIt`M^;uw){^#h4zz{smPdW~uw3(EqLSBbaW6+!-wDA!j3_?#
z&o$n}HQJgIX4M7;FnGxC1HMr+yn|&_=kq@}%0E`<<8nk>T7EJrPvPquONz6o#2>?T
zDP=wlh(v_%)A6cWLv2fvd)`>{LnX>v9=y(#e&OW(*jiY7Xs&0>wGhq$5n|d)e?N0z
zxbt#{=6uhjNX-T~Wn8}^c--)Lfavys9b0Uoz;vU^-*<zgG&5Rj{Qg|@D>(z!A~8!W
zJp;AwC4=ase--GScyZ`iF432;eSjMGla}EI1|9zQ7(R@qAU_;`R$hP<?#BiEYjkp;
zVV!iGUq^P$LmcPdp>af6g5UNU_{iI^FCJh-43Exe9Ne9=YK!spEa{@%F%9ilvx_g-
z3^M#eXYxk_<_?7YExWL(u*clvkV+>WW{i(wFd+sh()ey=#A@G0V24p@T`b5BY)=Pz
zZ#XH+<Q;)}fRE*%FRW#xyNdDmTcW|Htm67PNAx1LW7y(i2|_c1)>1I$SC`#;8i}jK
z4f#G;E-^`liY<jNOwK_=uQ~)+`dfsqyQy6pK~VjO6V}8y8;4-mj6>?4t3EY3WWkIz
zVn&_OWwNjXNBH$57Mt}6l{3ntp+DBHKN43WH<5^h9=_9?@U)g9qkz739QYJ@WJySH
zj(%*^$Z5)b;^yj>+B2D-@p&ENnmN@S_UUIUDh~;7t}BbSg|@73ON$Vwy=?Nk@{f00
zvg~4ga8tvy=q=QJoHyguc@sbw)oi$C$q=ifoo_$$QT(0-mXt_`y8HddV}Ut#Vx$F)
z+ymML4mX|;6DW!aZjtSZW`<haeAc*Aym)ds6=`KTw0&!$qUz{-2bF-&45}5$#V~R<
zR>Eui>eO!^L5n0Jb<Gg{Rd&uz%}GzagOV`70o^ybopcbM@`huBXx!FAHc>=PvR`PL
z@c$K%8E@tW7htmJgBMi{Dc1uBAoWel(Pz{VX-`A|Q|OMX&CDTGSBSAl@<alMo0wF;
zm?L0L!33*MvjJwmSX_IQrvbfB(MLFtSBh&uFwrntM_=rT6^H$9I*4nNf<h_4{{S(1
zF9BcN9kBBQ6+rf7bgV7E_?dyYf6`KC*#7`nZ5b)A>Xq;NJx)}7Lan3sLjsh|{{XsX
zuyp?bWDS8hKi*nU2Vd_wZTQP60~Lui!KOd1I4=SJ02qtIS=B$pXrH+LrReTsF<tkE
zaChYsPhj9!ZG7hO>$x&-@VMJyRmJCOxCG((g8u1BP~LKjHQveqt2|n$WBJ&&VDpwX
zfDd|`%6+B)Of=BWAwHt3U$QMs9%faes6hLP1f_SmUIXej7z0C(Q239G!M0ms?hkPS
zvfw#Dhf>cpLAy{URX*~bBkm<X3~a~TZN@(0y8W;pSdv~9MnT*02ee7sf<*y8;Lg<f
zoOSmO^8+gRovgH`2w;_#{z=J`eZOQ=aM{f*3@a$7++COXl(MVl1SK|)nE78Zb1EH-
zvlhUc%%jZ5n7fsSQ!jAxOWREw{6*IP0A#z&Q<PS%Gv?)a{lh>Kf-0aZ5WPTN$#R+C
zOiWAn5#WzpdZ0TWsCE7(9--ljIEWojLHUVJ9~TUl90YoZcq@WvcJ&^~L<cwZ5NiIS
zF0blcb@XTYlo%2LZH4lc2J54j)a3z;e;%WMT;R{@67Xi}*K}Ho{mNWEV-1~ql?%1d
zvep6Nvc^m4!p!~19lxb1lK0a~pP>Qvikx4$2g-L@LuK`aJf4tcv$RAp_mA!ju>R8}
zWAmGaJt))tlDaZE!v3Id`M=ahli~jWQx1J%{-An^yaH>MA<cg%8W`lP8DB{L=QJ5&
z@)bNwgd!&uKT}An2|AVcEPpy6sHdO&#DG8f>M1Ez_Jp}SL*e|wXcxf-tFj7zmS4}r
z%NdztA98a3)VrGe&UT+^XZA9KndrKT8zt{7bPB!0Qndhf%S(4V81pMzi59Z%pdTzi
zLw=)nSc+;fjlo7WomT$<s8ff4Zfn<=HGtu!4IJZ4vVv_@%nhf5Q#*!TvIsZva_eH?
zgNLXV;#t8QH9lWaDN%;ED&YBvO+kg{6D=?bW9|gzSW^+J7zK{5Zd&yZGNlaJD&Zgs
zsr3UkCyI)!@8bPHaW#>_T9!C{CNJ<x0WIRQEkPFGqe0tzOOv>wm9cW|gjQ=r1?<n}
z6kcH5Yf(iOs)Oyr3E{<M=sJ`L0KW+mmBt)uGzMeT<$Nw<#l57c{)p457F-9+shFvu
zeqdVmj1+$y%&;1L!4)#mW#>06&Vk6q6v~Ta?{Q^gPc!Ck-=Go0O?jxis|`u_QCPph
zFz-HMpnMUKGn$$`@^uFMjh3{N>6O}!F+=^#B2-@S28L0o@-1-~n}Ye&Wy`r%@t(%m
z8W()$F;apl7k3;plxb~x{{S%ZsuAJ6ZV;npL3~`iky<=fV&MskRxO6zHHZ=U5SMq_
zWiRUg0J<CYAMOZ@_+ZKSh$2mKh%3<PI}h9|e$b$Wc$$b2<&+YE8GFGS8;Yw%%x`~)
z%ZPbp$zTI0nxq;m8C4Z(BBBHPC8`#wmatBOwT|>T`DJxL_5y*U5rQ-k8xzG4e7R9U
zO4D$i&9(Fs!z}w}CmvYS08+3t*SI3^aaR`RA-H76tK4eY_CON;>1h>F7C`xoE&b8D
zv1Nm>#j=dG0Paa-;ZWS#w+t_ff@m3JibD)SY#LzW1B#SE+Z&z`7NGi;&}n%fEB@lx
zKA~zUQbiF@#7$8p8H+Sc2?T+Lx_~m3s!&C^1<tis;%U#20d+G_^bdXbiT1YcYb1N-
zOOTsa!|gOMQ;Ly59AY|%Wo=?F6Uq(`P;hn=6Ky2o<|v^|!|rO0dC>T|%)rMO1q5Nk
zI*KY%^BEPAGFbBr%@({xVtFK_rcJW6sV>b&7E}!ar9jr=B=;@olmn9|Cmeod5JJHC
z7l<YRfSGsd0avQ<tV(sLsH>@XA}E`8xUlh*UEFoywj0_YlIsC{#H~^1P|1`W9%G%|
zZ@AiWnVw?sinYTWoH-+R19x(j+EI);3=)`IHNQ!u^$wW+64+QF1DabD+m7lBLL*59
z5y@HcIEU_4k!B|d3<0?Wqy`X8t2;2ed`2g05Bh_pWOT8x$JA}vV#3hs;@*9iHm?=Q
z2zS>UR4kdxQAB8>i>Atrk(sP`ji3!K^pVXDP@Q><v<=#tNni-kT}5yxLcMS<JsClo
zn2M@l8sPr`*mSoSx!^`<hD<=q%2O_Xa>NQok`NW*7jR<);RH*7KBlxjrMX6Q#3r~v
zT2vq_P&<}JN1a)*{{Rsc3jxSu1x;fbQTRPZ8pv$YlSkJsOlB#>e9OCtinhja5Msr>
zUQ?-*<LDnbiG$*0UgB6eH1FPEh7pmDiJTbG<Y0uVNrAa3KZ60*p}tB5xtLiPg)6ZP
zcQ{N#03H}kjvx~zDV3QQsI<(XTPs5MF<r$O;$VPd-5+!6Wx;H(N)&JRE&l*$GomXd
zHu<EM#6ULed5KlTWTvxFriuYTaT}+0rWr#NZ^IXOktuKrcj|X?UNIQ+OuQqhw%xLF
zF;O%S#`uX8-vP`B3&N_FqcNkJjS+#niP|#qwMd+-?E^3f-IB6*Jrfxl85k>bCM8#3
zCw4??p{q=7Fnpp3OgTD>YM48o-^A#38VY~xx{JDqpoq*K@MCMlrU6v5j-@VIblW&*
zZC;}23o{kspcgEuzzlUe&a290_<$qERv-GA@&Fr|1(sr|(qd#vAWibuyC&DfWhQY_
z(sHczEE_q7?t7G{s3e@rH6a=$!_qt2CooyH{KUh=VJmkSBQjoQlEZn75|&XFL*`ET
zyi5|efpA_6Idkf2b0NGDk+?Ri-9xG)s4;VxnNJ18Ww*Aoqu(B2EKJxjaF+i7ClgtE
zqcDyYLU>?Kqv7I)qSiwK=S)*L(+1U!pz)S7H%o5f1;?n0978~<u4ck2SfLdc2r0x3
z!Awa?!DuaB2y?c&h`5!J=c{Jud@}C@W0$x|#1`fLlJ>)CYc~-PCedzPM}nsp#Xu~G
zPbioLIYN#D+4_ls(Jq<fma%46ABZ84K;02Ti1-O*v`%JRLXj%XGOx`*9)XxLT3Aen
zP+$`VSPLKmpu-MQ48i-A5RC5_Ez8tK2IZJ?CBPKHFu=Kb&!!>hWgqHQfO1*&Ga9yr
z>-R4{+$yzc_Z2I&J6X)KOHe;V8MxW(nc^pM7>BK)LnlQt_j2-npc-<ZJjbL|ZbnhW
zM0F@<f5CuSicP_|HdRbDLcSwg`GrJuBiE?z5e0GX;O=9H+j=Ei6C_H+ge5#&$OI^s
z2>B2oup9usSzI9A0W;=k>c-p$If{Ar6G{@iQXwogf@Jq9)n%3wCYp?MLhHfQA<;7G
zoc>A0Uje3Kw2smf;Fz`i8NnNmB0mw(iz9(*7f{>^jKstzqGH4}n6oKy*AuA)iHNtU
zV^Bi_aVrs`p>PYaWMI-dTqOJoz~U9KVQgRXEhJuDM=<eK3nr=v9J98LVr3P2BeQ_b
zEH_mxJw;C`dvMi$qg4pfa`WqQ{yA%maU8H>DnEc6FpZjsfgM^VYL~RziI-;(ZHPCi
z)*)bVDy&2;QH)|-7|YKv&x|yH+C~2W3!wpnDRZihHk!VtYViL6?SGhYTXa$I9mYjg
z^@VQ_GSsq3)j#rmMkX3=Z~p)yBJ8EqOEmrwNLr{rxXteY%DRo6=A3NAAXm%9J|5xm
z0%?gvO`y^z;v!&vrHzg}OD!0fiy;lvtOi*0N`X@c5mq6fRBlk5h{ROOFjk@)wF*_7
z9Jzgpqogtr7Yh&t1?8eMGT#%Lncv72Yk1|3rB=FM>3n?k0~O3z0pFLzzdMH}YR;m0
zRgN{pu&TYx=Q5?R4j{I9SEz=~HVZckKo)V!QR(X=UTTMd8moZIi^ML?lB@clukax0
zuhgsw=#)?!fmwp-#w8`OmDS&IR^?o<Mj2SF&{7gnpNNfsl&lD}Cf&>b0P-ni#4aQ8
zFElr|5h@a|P_i1ufYAZl6xa^e6C$XES0!-@#h^P~e*XYa5!{QLci_j-+j5>8wMLx(
z0FZ|4a0}h95nMJLbIn4hk-U)ELin5$JE61uK-e&aMZjt)bcD2g0;=5OsiS}+Tg1A=
zgcB^A%45e(UZ#A%IFziE7l?xe&Jc!GS%?Bz&;~9BxMCVCW*caZ4MAliT$0xVDI<JL
zVmJ*<Dl3L?Uf@DuySVN+22xV5t;U(vrF;+#YY~Oz_Z%rIxqL>s+>5YZ_wf*kWC6!-
z)Kx9yTr8uh3J#ch0Ie}4gI7qpBew@GVv`KV7IE-@%&<~lF?NQnoYXkN=~6wB6W>Uz
zM0u8oE~YxE)(8hdm}0=P38os5S09onmK8b!hB%%U>M6*FHAv%7&Th@(Rkw81uq?2L
zMj&uI)LsBWj0-ZKQM9WWRUkzpv|0-oZc`${XgDFv28^&)t&M5#^h&b|6L{26fT_*i
zVHgHWTuL#UYb{FM#?D~$K+&dP$?Ukdbu9<b_9^mrEukVPPT?r3+bqD@3S~|iPKNxE
z461xhS9YZbAny@Pj{QsnQ~|a7hsxpzvg&J_equtCD{{agz(vK`qlgPr*#ToB>>%1J
z+%TVYM4<u{cVLCUs)jO*u%Lm~a`6VMg9Q;(So}jw^0AI678cU@l)+la&1`{FoZDT?
z5u(|R=TfL|Geices;bc%%Sxh~^#a%%mTqWd4{<7(5Sm0bb1Q0%ECcTHM=bIBl?ooh
z>b6xBLU?rs)n4a;3tNoYmCDo4%*s5&4S^V2Pi(SPhlT2H5ULkXQt^^5$MH4bdX?a#
z>It!p87N>1x`%QS6R2+N0bWpxXf811-&0}r5Wu`uXw+iBT2~J;hC#KrJBbGIQvk6o
zZp2=2H3GmG=}?2WcucBWIEBlEHjYl^`7Y1~SVse(4cb}uz@i-mAHeA97d9gLUhBm`
zNC)g=6v9|e3e#DGP-%;C5U1KA)}VC&JwXe0Q=gobp?91hk5abH2IBx2m$0<pjIkFn
zQ_8tj7BdVwGQm0X?Je0IotP2B;g{o=#B)DH8iz4r!SxqoYjWHb>Y+nMUEdPf$}23%
zrw}6qTY+L*Fkb^QF=!aUU)(mW86M6fJ-&&B%<#+|?k88sUhDnFWxd9p7vc<7p!*Bf
zc+dPyF2<H6X4=V$ff}TDC$;|oY7)Wr$1}k92sWrIrHseFdEB6@t|B^EZ{k+5jxiJ#
zABZ7l{71bF+|F9g*rk>VuB9o#=5IqIp}O-D3LDIIV)s*2)OY~Ph#rdjiOoMOuL`TH
z%;J7_W?=%khai)OliJZ4T9~%f?unlu$U*(ekt;7yjZ6K^Jf<qsP<sa{vhV?~mN1ZN
znhxR6iqdg=CDU3as=4`{*Y+}@ggl%^1ACU6OFDCLtRS_(d5`33hyEBP(7l3tg%x^)
zZIGs4MEp&W1=d)&Qr8ebW9BAwFN{YU9~TpGM%*9w_bgIaz<Gj@=@+ubR^ot#b!5N{
z3b&ZkCNaB<O1N2>S5QwkG>8FMh6s-o63meEK^m*lo@h=&T$AE0U@>MUwqR%ahlDt?
z`xq=!=AThiw{*X_M*LA9a;!rYQ6LuIxo&8uLh_Fh^3h~n<Ve`)Q<KCg2mb&8ePU1y
zy~TI|`Qjh~+H9>qnM+9t7<rFjyHdh-8%|(4rJcNZmW(~cq@lKMBB^~q4czG}R0A(^
z_dF#4-M0@}?xSo(jgMFV0C67OpE*n;%b9+Qby(5UZ4#I%&O<I~vs6WYL?t{0ST}O|
zRlcB3Tkd3lySOgOoe>(D4DdT*gs6hc_X^wq#&z9F@F?-b0WDBw>J}QlVHC|X3O?og
z{{W}VxB40QIl!PkgmHVUpK*{)y+Bkr1+pVn(QwEu%4j6NM7nASJ^_kjuo=s5xH|G!
z8YQUG`;G;QCgK<l;!3Mpn@yfB1-y+^uo@laBGR?nOmQr+uQwSe9JZIbu}jOS6}1+z
z+%U+aNkh^QsC2#~fplo`kK9g8%UB#n{F73vAi)Y}4#>^<W-#g}K55{XlpCfOE6T#*
zijIXskJO^p{EV<wYgd?wr_@yuUx@wqF&2V?uz5eZh^sf$xQ4Ydu-{Qo9FVInV)%lM
zWwFcx2a1H=-x8YK9Y;W+yv5W@!4|h)EWWlLo?zw#tmn8?02Eut)UZ1E5B>iD63cgM
z3@oh~X*B^yQBsWZ;Vz(dyMqW&_bUbi1{fFGsJE58O?o-vWdm=Ckb^i!QCp_FCZ+uU
z0NqB(!m7jo1wBDT&@K^_9bBXD3`u(?`iQj;+(iLRRlP!}CTh&VAPcAWHjqXki-9cN
z`Gz^qw4^J2#Apg#k&UVx)X-;(B88sBLUy(iR@*}v)O#w|pQw*Pmkl|KXdYGH67fR?
z6#{)$*KU7MBv!PS4It$80cbD8%h8|%wx)MT0h)^OYTH-T5h@fHG!yKK%F60i>d#eE
z4UH101>)tnVaNb@imtgbm2kPl%muA_hE#F!5gvCOVu&QALh_N*uV)&>K~`RFHdM1F
zC8k7zlnBzX>H})}GU+QVLA|?(%U-b(Q69*w@KoTrve{aKs_d8%MmjQ>wwL&raA}vd
z=3?5?vWk_-cZ2Z_ybWSrlF+Mo?pWx{p5mD}zmUNIRlB5`LuG@RXbapJ+Lf#$uk=a-
zy=8zvc21X4mQ}v)QPTuuqMb`HW01@NjYn~KYT(?(G<D3d+a$DT(wPxh`DH^+>Snf7
z$f_hTtZE=CkG2Vs_KG<X=5#6XDZ&$rh;WTUAl{*p)<Ml(B|`L!L~q7LdHa|kS1WR)
zQy^s3<`&QbsJJ=60k@V?h;By#vF=*c!CA#r1YC)w1@O$IC}K^lsbOO2d14oIb4<7P
zE@Qu{7cv!av$;XBdiac8usF>|N*3QRpr994>IXU5xkg)8bATyaTw0KEK?7BQiZu(A
zU?^8mPQ!H-K%%9NL8H{Ij*HZ9(D8}3vw9kqSzwLYTsYLNr8NpDJtn1jh}b+25jMp1
zMa4kLf#RhrPZ21VTOJHbpr=&?#go*b0*ci})E?oAgHg^dINiMYW*L!`If#}szaAnK
zKo6SKtt=?jOrWzU3|zGt5v}>us4Ah~Iwk_?acZ>%6?9gRGnOn%aOfdZay3k)P$Rem
zbT#fFM?J@iWYohllTJY@0I@BJp{==CMhmkQ4O-RIQvl$VdyqM`g4ot3a8si&lZV8(
zn{}C_r5@)9u`@ngK^wL_GMfdj5{wvHIyix{v7lo!AVmc_4ko75f}oKhWy2<7D=Akq
zFmlC$rqvLymJ?z5m1ziK8D3)y4SpfCQ1J{{ki<ewULzvLN=|NFn|u=WQVRtWh=`yW
zb>J{8G;=H$s-`XgjQS8_5q!*8yMxGiN`T&K0MPIeR|j1{qw^o!CM?Z^JPd0u?8{0A
zL#eu#UV7k)0ErfnOJJ5&Rp1UM6hjaK<~;i)WjmE&cU3p`>k;I&lq@pmFn51(f}e?S
zK*Si}l$I)0(-10Hpe^25mA4Owk2HKi$SSE>Uji{8cGN>w68nRRd|#qn0(Y2}+|Cpb
zAhxb*kMM_8@gqhVmV=!@p1r{qwQg8Ji|?4A&j9K+5nc$OUdX{B-s`xtlpq4ayg_9r
z97e;O#G^KYa*1fvw=uii9UbGsjIy&-k2HHnU{LbTi0)9sm>RW{AZDU~(XfWfm|tm%
zDPOoH3rUK>jtfaMWqx8+f0?H90I(R1-5G1LX_nblwjnWB)JF@E19oG?1O|8>CK{+`
z<^u<)H*Hi?h`hMIBeg5$HL91yaq;d@uPE#)WNBJuC6^SyWuPPUS|v)n${HA0JOy}^
zP~p_%ZGPd3#beygM`gq`U?>ejl(L~l7pUh5OU~!4$B+!ybb}gCYcs1?>J3+H6{cz-
z=q^xEer6TD7c8^3iF3B10_PH#d5&9hTwO&dJ@CqE52!y+#19qpf-OLlQGv|6N*zWn
z%7p0kE^?qEW>7Ik6G~r*M15RP>a@lb<cU|g;x?~1nO$`OMdCLwz^2#+cLMb&MyzU8
zz`W)IV8hEg97-h@ugr8%0UQ&!>%kSQHhBb44k1EbSm#3lh#XOb8qUC}iv&>dQB_DM
zRW)e%mMn}bgv?9KzLu~|G2S3EGRrkJnz$`un0tbake2gO(_+l9EfcLi;+i!CWz5nr
zFt@lvTb0cm%IHg_97Pn&NY5^1lUZ2%l&ZgRS|4yifqvjc$qX}Rh_dwRI}>z{kkJ(Y
zp#%*Xf@z4AS(vv~OjWDI0G7<FyDR}!#JC&OS#U0Cbt#ip?g@HVsX|d+qAG#)8+#fi
zA}m23W3OTfaoCPXCJdt*xkL;Bx|(O0=&lD}sLZentf0_a^%s@g6=vg(o}vphL0U$l
zh>ETyI3jHfT|fZ!6af*>6)3W_hT&T^G4l}Ng}RukmNl3FyGxig1;Qs04N4_>>Sl9S
z0kj2~id{jKHZX!1Ov=GqBNKDi+$f3E;S;1lbWVW^%oD7L4k0zopvS}z9mjxyaf69&
za}#^w8fM4D7jl;6xl0VUGP2JiJ<RVgxyu^Z&5%$j<|fMX77;LfLuepxGL*>;6aU!@
CL2nWO

diff --git a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc
index e007d5caa..3f4d14759 100644
--- a/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc
+++ b/webgoat-lessons/challenge/src/main/resources/lessonPlans/en/Challenge_introduction.adoc
@@ -4,7 +4,7 @@
 In this CTF you will need to solve a couple of challenges, each challenge will give you a flag which you will
 need to post in order to gain points.
 
-Flags have the following format: a7179f89-906b-4fec-9d99-f15b796e7208
+Flags have the following format: `a7179f89-906b-4fec-9d99-f15b796e7208`
 
 
 Have fun!!