From 4ae4cdfee4fef5f4d1240d31f682cdd78529fd0e Mon Sep 17 00:00:00 2001
From: Moshe Immerman <moshe@flanksource.com>
Date: Mon, 3 Jul 2023 08:29:13 +0300
Subject: [PATCH 01/10] breaking: inline auth and use url consistently

---
 api/context/context.go                        |   83 +-
 api/v1/checks.go                              |  282 +--
 api/v1/common.go                              |   22 +-
 api/v1/zz_generated.deepcopy.go               |   48 +-
 checks/alertmanager.go                        |    9 +-
 checks/common.go                              |   57 -
 checks/elasticsearch.go                       |   13 +-
 checks/folder_sftp.go                         |    4 +-
 checks/folder_smb.go                          |    6 +-
 checks/http.go                                |   55 +-
 checks/jmeter.go                              |    4 -
 checks/ldap.go                                |   22 +-
 checks/mongodb.go                             |   13 +-
 checks/opensearch.go                          |   15 +-
 checks/prometheus.go                          |   16 +-
 checks/redis.go                               |   46 +-
 checks/restic.go                              |    2 +-
 checks/runchecks.go                           |    2 +-
 checks/sql.go                                 |   21 +-
 config/deploy/crd.yaml                        | 1962 ++++++++---------
 config/deploy/manifests.yaml                  | 1962 ++++++++---------
 config/schemas/canary.schema.json             |  225 +-
 config/schemas/component.schema.json          |  225 +-
 .../schemas/health_alertmanager.schema.json   |   25 +-
 config/schemas/health_awsconfig.schema.json   |   55 +-
 .../schemas/health_awsconfigrule.schema.json  |   55 +-
 config/schemas/health_cloudwatch.schema.json  |    5 +-
 .../schemas/health_containerdPull.schema.json |    6 +-
 config/schemas/health_dockerPull.schema.json  |    6 +-
 config/schemas/health_dockerPush.schema.json  |    6 +-
 config/schemas/health_dynatrace.schema.json   |    3 +
 .../schemas/health_elasticsearch.schema.json  |   23 +-
 config/schemas/health_folder.schema.json      |   47 +-
 config/schemas/health_helm.schema.json        |    6 +-
 config/schemas/health_http.schema.json        |   28 +-
 config/schemas/health_jmeter.schema.json      |    3 -
 config/schemas/health_ldap.schema.json        |   27 +-
 config/schemas/health_mongodb.schema.json     |   29 +-
 config/schemas/health_mssql.schema.json       |   29 +-
 config/schemas/health_mysql.schema.json       |   29 +-
 config/schemas/health_opensearch.schema.json  |   24 +-
 config/schemas/health_postgres.schema.json    |   29 +-
 config/schemas/health_prometheus.schema.json  |   69 +-
 config/schemas/health_redis.schema.json       |   32 +-
 config/schemas/topology.schema.json           |  225 +-
 fixtures/aws/ec2_pass.yaml                    |    2 +-
 fixtures/azure/devops.yaml                    |    3 +-
 fixtures/datasources/SFTP/sftp_pass.yaml      |   11 +-
 fixtures/datasources/elasticsearch_fail.yaml  |   21 +-
 fixtures/datasources/elasticsearch_pass.yaml  |   21 +-
 fixtures/datasources/ldap_pass.yaml           |   22 +-
 fixtures/datasources/mongo_fail.yaml          |   11 +-
 fixtures/datasources/mongo_pass.yaml          |   15 +-
 fixtures/datasources/mssql_fail.yaml          |    2 +-
 fixtures/datasources/mssql_pass.yaml          |   11 +-
 fixtures/datasources/mysql_fail.yaml          |   11 +-
 fixtures/datasources/mysql_pass.yaml          |   11 +-
 fixtures/datasources/opensearch_fail.yaml     |   21 +-
 fixtures/datasources/opensearch_pass.yaml     |   21 +-
 fixtures/datasources/postgres_fail.yaml       |   11 +-
 fixtures/datasources/postgres_pass.yaml       |   11 +-
 fixtures/datasources/prometheus.yaml          |    6 +-
 fixtures/k8s/http_auth_configmap.yaml         |   21 +-
 fixtures/k8s/http_auth_secret.yaml            |   21 +-
 fixtures/minimal/http_auth.yaml               |    9 +-
 .../minimal/http_pass_results_mode_pass.yaml  |    4 +-
 fixtures/minimal/http_pass_single.yaml        |   13 +-
 fixtures/quarantine/smb_pass.yaml             |   21 +-
 68 files changed, 3025 insertions(+), 3130 deletions(-)

diff --git a/api/context/context.go b/api/context/context.go
index 088bbb592..33b02b749 100644
--- a/api/context/context.go
+++ b/api/context/context.go
@@ -9,6 +9,7 @@ import (
 
 	v1 "github.com/flanksource/canary-checker/api/v1"
 	"github.com/flanksource/commons/logger"
+	ctemplate "github.com/flanksource/commons/template"
 	"github.com/flanksource/duty"
 	"github.com/flanksource/duty/models"
 	"github.com/flanksource/duty/types"
@@ -55,12 +56,90 @@ func (ctx *Context) GetEnvValueFromCache(env types.EnvVar) (string, error) {
 	return duty.GetEnvValueFromCache(ctx.Kubernetes, env, ctx.Namespace)
 }
 
+func getDomain(username string) string {
+	parts := strings.Split(username, "@")
+	if len(parts) == 2 {
+		return parts[1]
+	}
+	return ""
+}
+
+func (ctx *Context) GetConnection(conn v1.Connection) (*models.Connection, error) {
+	var _conn *models.Connection
+	var err error
+
+	if _conn, err = ctx.HydrateConnectionByURL(conn.Connection); err != nil {
+		return nil, err
+	}
+
+	if _conn == nil {
+		_conn = &models.Connection{
+			URL: conn.URL,
+		}
+	}
+
+	if conn.URL != "" {
+		// override the url specified at the connection level
+		_conn.URL = conn.URL
+	}
+
+	if _conn.Username == "" || _conn.Password == "" {
+		// no username specified at connection level, use the one from inline connection
+		auth, err := ctx.GetAuthValues(conn.Authentication)
+		if err != nil {
+			return nil, err
+		}
+		_conn.Username = auth.Username.ValueStatic
+		_conn.Password = auth.Password.ValueStatic
+	}
+
+	data := map[string]interface{}{
+		"name":      ctx.Canary.Name,
+		"namespace": ctx.Namespace,
+		"username":  _conn.Username,
+		"password":  _conn.Password,
+		"domain":    getDomain(_conn.Username),
+	}
+	templater := ctemplate.StructTemplater{
+		Values: data,
+		// access go values in template requires prefix everything with .
+		// to support $(username) instead of $(.username) we add a function for each var
+		ValueFunctions: true,
+		DelimSets: []ctemplate.Delims{
+			{Left: "{{", Right: "}}"},
+			{Left: "$(", Right: ")"},
+		},
+		RequiredTag: "template",
+	}
+	if err := templater.Walk(_conn); err != nil {
+		return nil, err
+	}
+
+	return _conn, nil
+}
+
+func (ctx Context) GetAuthValues(auth v1.Authentication) (v1.Authentication, error) {
+	// in case nil we are sending empty string values for username and password
+	if auth.IsEmpty() {
+		return auth, nil
+	}
+	var err error
+
+	if auth.Username.ValueStatic, err = ctx.GetEnvValueFromCache(auth.Username); err != nil {
+		return auth, err
+	}
+	if auth.Password.ValueStatic, err = ctx.GetEnvValueFromCache(auth.Password); err != nil {
+		return auth, err
+	}
+	return auth, nil
+}
+
 func (ctx *Context) HydrateConnectionByURL(connectionName string) (*models.Connection, error) {
-	if !strings.HasPrefix(connectionName, "connection://") {
+	if connectionName == "" {
 		return nil, nil
 	}
 
-	if connectionName == "" {
+	if !strings.HasPrefix(connectionName, "connection://") {
 		return nil, nil
 	}
 
diff --git a/api/v1/checks.go b/api/v1/checks.go
index d73c7adf1..83f08d338 100644
--- a/api/v1/checks.go
+++ b/api/v1/checks.go
@@ -53,9 +53,8 @@ func (c Check) GetLabels() map[string]string {
 type HTTPCheck struct {
 	Description `yaml:",inline" json:",inline"`
 	Templatable `yaml:",inline" json:",inline"`
-	// Name of the connection that'll be used to derive the endpoint.
-	ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"`
-	// HTTP endpoint to check.  Mutually exclusive with Namespace
+	Connection  `yaml:",inline" json:",inline"`
+	// Deprecated: Use url instead
 	Endpoint string `yaml:"endpoint" json:"endpoint,omitempty" template:"true"`
 	// Namespace to crawl for TLS endpoints.  Mutually exclusive with Endpoint
 	Namespace string `yaml:"namespace,omitempty" json:"namespace,omitempty" template:"true"`
@@ -79,16 +78,10 @@ type HTTPCheck struct {
 	Body string `yaml:"body,omitempty" json:"body,omitempty" template:"true"`
 	// Header fields to be used in the query
 	Headers []types.EnvVar `yaml:"headers,omitempty" json:"headers,omitempty"`
-	// Credentials for authentication headers
-	Authentication *Authentication `yaml:"authentication,omitempty" json:"authentication,omitempty"`
 	//Template the request body
 	TemplateBody bool `yaml:"templateBody,omitempty" json:"templateBody,omitempty"`
 }
 
-func (c HTTPCheck) GetEndpoint() string {
-	return c.Endpoint
-}
-
 func (c HTTPCheck) GetType() string {
 	return "http"
 }
@@ -154,7 +147,7 @@ type CloudWatchCheck struct {
 	Description   `yaml:",inline" json:",inline"`
 	AWSConnection `yaml:",inline" json:",inline"`
 	Templatable   `yaml:",inline" json:",inline"`
-	Filter        CloudWatchFilter `yaml:"filter,omitempty" json:"filter,omitempty"`
+	Filter        CloudWatchFilter `yaml:",inline" json:",inline"`
 }
 
 type CloudWatchFilter struct {
@@ -211,8 +204,6 @@ func (c ResticCheck) GetType() string {
 
 type JmeterCheck struct {
 	Description `yaml:",inline" json:",inline"`
-	// Name of the connection that'll be used to derive host and other connection details.
-	ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"`
 	// Jmx defines the ConfigMap or Secret reference to get the JMX test plan
 	Jmx types.EnvVar `yaml:"jmx" json:"jmx"`
 	// Host is the server against which test plan needs to be executed
@@ -235,28 +226,6 @@ func (c JmeterCheck) GetType() string {
 	return "jmeter"
 }
 
-// HydrateConnection will attempt to populate the host and port from the connection name.
-func (c *JmeterCheck) HydrateConnection(ctx checkContext) (bool, error) {
-	connection, err := ctx.HydrateConnectionByURL(c.ConnectionName)
-	if err != nil {
-		return false, err
-	}
-
-	if connection == nil {
-		return false, nil
-	}
-
-	c.Host = connection.URL
-
-	if portRaw, ok := connection.Properties["port"]; ok {
-		if port, err := strconv.Atoi(portRaw); nil == err {
-			c.Port = int32(port)
-		}
-	}
-
-	return true, nil
-}
-
 type DockerPullCheck struct {
 	Description    `yaml:",inline" json:",inline"`
 	Image          string          `yaml:"image" json:"image"`
@@ -320,12 +289,10 @@ func (c ContainerdPushCheck) GetType() string {
 
 type RedisCheck struct {
 	Description `yaml:",inline" json:",inline"`
-	// ConnectionName is the name of the connection.
-	// It is used to populate addr, db and auth.
-	ConnectionName string          `yaml:"connection,omitempty" json:"connection,omitempty"`
-	Addr           string          `yaml:"addr" json:"addr" template:"true"`
-	Auth           *Authentication `yaml:"auth,omitempty" json:"auth,omitempty"`
-	DB             int             `yaml:"db" json:"db"`
+	Connection  `yaml:",inline" json:",inline"`
+	// Deprecated: Use url instead
+	Addr string `yaml:"addr,omitempty" json:"addr,omitempty" template:"true"`
+	DB   *int   `yaml:"db,omitempty" json:"db,omitempty"`
 }
 
 func (c RedisCheck) GetType() string {
@@ -430,14 +397,12 @@ type Mongo struct {
 }
 
 type OpenSearchCheck struct {
-	Description    `yaml:",inline" json:",inline"`
-	Templatable    `yaml:",inline" json:",inline"`
-	ConnectionName string         `yaml:"connection,omitempty" json:"connection,omitempty"`
-	URL            string         `yaml:"url,omitempty" json:"url,omitempty"`
-	Auth           Authentication `yaml:"auth" json:"auth"`
-	Query          string         `yaml:"query" json:"query"`
-	Index          string         `yaml:"index" json:"index"`
-	Results        int64          `yaml:"results,omitempty" json:"results,omitempty"`
+	Description `yaml:",inline" json:",inline"`
+	Templatable `yaml:",inline" json:",inline"`
+	Connection  `yaml:",inline" json:",inline"`
+	Query       string `yaml:"query" json:"query"`
+	Index       string `yaml:"index" json:"index"`
+	Results     int64  `yaml:"results,omitempty" json:"results,omitempty"`
 }
 
 func (c OpenSearchCheck) GetType() string {
@@ -448,34 +413,6 @@ func (c OpenSearchCheck) GetEndpoint() string {
 	return c.URL
 }
 
-func (c *OpenSearchCheck) HydrateConnection(ctx checkContext) error {
-	connection, err := ctx.HydrateConnectionByURL(c.ConnectionName)
-	if err != nil {
-		return err
-	}
-
-	if connection != nil {
-		c.URL = connection.URL
-		c.Auth.Username.ValueStatic = connection.Username
-		c.Auth.Password.ValueStatic = connection.Password
-		return nil
-	}
-
-	if val, err := ctx.GetEnvValueFromCache(c.Auth.Username); err != nil {
-		return fmt.Errorf("failed to get username from cache: %w", err)
-	} else {
-		c.Auth.Username.ValueStatic = val
-	}
-
-	if val, err := ctx.GetEnvValueFromCache(c.Auth.Password); err != nil {
-		return fmt.Errorf("failed to get username from cache: %w", err)
-	} else {
-		c.Auth.Password.ValueStatic = val
-	}
-
-	return nil
-}
-
 /*
 [include:datasources/elasticsearch_pass.yaml]
 */
@@ -485,59 +422,26 @@ type Elasticsearch struct {
 }
 
 type ElasticsearchCheck struct {
-	Description    `yaml:",inline" json:",inline"`
-	Templatable    `yaml:",inline" json:",inline"`
-	ConnectionName string          `yaml:"connection,omitempty" json:"connection,omitempty"`
-	URL            string          `yaml:"url" json:"url,omitempty" template:"true"`
-	Auth           *Authentication `yaml:"auth,omitempty" json:"auth,omitempty"`
-	Query          string          `yaml:"query" json:"query,omitempty" template:"true"`
-	Index          string          `yaml:"index" json:"index,omitempty" template:"true"`
-	Results        int             `yaml:"results" json:"results,omitempty" template:"true"`
+	Description `yaml:",inline" json:",inline"`
+	Templatable `yaml:",inline" json:",inline"`
+	Connection  `yaml:",inline" json:",inline"`
+	Query       string `yaml:"query" json:"query,omitempty" template:"true"`
+	Index       string `yaml:"index" json:"index,omitempty" template:"true"`
+	Results     int    `yaml:"results" json:"results,omitempty" template:"true"`
 }
 
 func (c ElasticsearchCheck) GetType() string {
 	return "elasticsearch"
 }
 
-func (c ElasticsearchCheck) GetEndpoint() string {
-	return c.URL
-}
-
-func (c *ElasticsearchCheck) HydrateConnection(ctx checkContext) error {
-	connection, err := ctx.HydrateConnectionByURL(c.ConnectionName)
-	if err != nil {
-		return err
-	}
-
-	if connection != nil {
-		c.URL = connection.URL
-		c.Auth.Username.ValueStatic = connection.Username
-		c.Auth.Password.ValueStatic = connection.Password
-		return nil
-	}
-
-	if val, err := ctx.GetEnvValueFromCache(c.Auth.Username); err != nil {
-		return fmt.Errorf("failed to get username from cache: %w", err)
-	} else {
-		c.Auth.Username.ValueStatic = val
-	}
-
-	if val, err := ctx.GetEnvValueFromCache(c.Auth.Password); err != nil {
-		return fmt.Errorf("failed to get password from cache: %w", err)
-	} else {
-		c.Auth.Password.ValueStatic = val
-	}
-
-	return nil
-}
-
 type DynatraceCheck struct {
-	Description `yaml:",inline" json:",inline"`
-	Templatable `yaml:",inline" json:",inline"`
-	Host        string       `yaml:"host" json:"host,omitempty" template:"true"`
-	Scheme      string       `yaml:"scheme" json:"scheme,omitempty"`
-	APIKey      types.EnvVar `yaml:"apiKey" json:"apiKey,omitempty"`
-	Namespace   string       `yaml:"namespace" json:"namespace,omitempty" template:"true"`
+	Description    `yaml:",inline" json:",inline"`
+	Templatable    `yaml:",inline" json:",inline"`
+	ConnectionName string       `yaml:"connection,omitempty" json:"connection,omitempty"`
+	Host           string       `yaml:"host" json:"host,omitempty" template:"true"`
+	Scheme         string       `yaml:"scheme" json:"scheme,omitempty"`
+	APIKey         types.EnvVar `yaml:"apiKey" json:"apiKey,omitempty"`
+	Namespace      string       `yaml:"namespace" json:"namespace,omitempty" template:"true"`
 }
 
 func (t DynatraceCheck) GetType() string {
@@ -557,24 +461,18 @@ type AlertManager struct {
 }
 
 type AlertManagerCheck struct {
-	Description    `yaml:",inline" json:",inline"`
-	Templatable    `yaml:",inline" json:",inline"`
-	ConnectionName string            `yaml:"connection,omitempty" json:"connection,omitempty"`
-	Host           string            `yaml:"host" json:"host,omitempty" template:"true"`
-	Auth           *Authentication   `yaml:"auth,omitempty" json:"auth,omitempty"`
-	Alerts         []string          `yaml:"alerts" json:"alerts,omitempty" template:"true"`
-	Filters        map[string]string `yaml:"filters" json:"filters,omitempty" template:"true"`
-	Ignore         []string          `yaml:"ignore" json:"ignore,omitempty" template:"true"`
+	Description `yaml:",inline" json:",inline"`
+	Templatable `yaml:",inline" json:",inline"`
+	Connection  `yaml:",inline" json:",inline"`
+	Alerts      []string          `yaml:"alerts" json:"alerts,omitempty" template:"true"`
+	Filters     map[string]string `yaml:"filters" json:"filters,omitempty" template:"true"`
+	Ignore      []string          `yaml:"ignore" json:"ignore,omitempty" template:"true"`
 }
 
 func (c AlertManagerCheck) GetType() string {
 	return "alertmanager"
 }
 
-func (c AlertManagerCheck) GetEndpoint() string {
-	return c.Host
-}
-
 type PodCheck struct {
 	Description          `yaml:",inline" json:",inline"`
 	Namespace            string `yaml:"namespace" json:"namespace,omitempty" template:"true"`
@@ -609,45 +507,17 @@ func (c PodCheck) GetType() string {
 }
 
 type LDAPCheck struct {
-	Description    `yaml:",inline" json:",inline"`
-	ConnectionName string          `yaml:"connection,omitempty" json:"connection,omitempty"`
-	Host           string          `yaml:"host" json:"host" template:"true"`
-	Auth           *Authentication `yaml:"auth" json:"auth"`
-	BindDN         string          `yaml:"bindDN" json:"bindDN"`
-	UserSearch     string          `yaml:"userSearch,omitempty" json:"userSearch,omitempty"`
-	SkipTLSVerify  bool            `yaml:"skipTLSVerify,omitempty" json:"skipTLSVerify,omitempty"`
-}
-
-func (c LDAPCheck) GetEndpoint() string {
-	return c.Host
+	Description   `yaml:",inline" json:",inline"`
+	Connection    `yaml:",inline" json:",inline"`
+	BindDN        string `yaml:"bindDN" json:"bindDN"`
+	UserSearch    string `yaml:"userSearch,omitempty" json:"userSearch,omitempty"`
+	SkipTLSVerify bool   `yaml:"skipTLSVerify,omitempty" json:"skipTLSVerify,omitempty"`
 }
 
 func (c LDAPCheck) GetType() string {
 	return "ldap"
 }
 
-func (c *LDAPCheck) HydrateConnection(ctx checkContext) (bool, error) {
-	connection, err := ctx.HydrateConnectionByURL(c.ConnectionName)
-	if err != nil {
-		return false, err
-	}
-
-	if connection == nil {
-		return false, nil
-	}
-
-	c.Host = connection.URL
-	c.Auth.Username.ValueStatic = connection.Username
-	c.Auth.Password.ValueStatic = connection.Password
-
-	c.Auth = &Authentication{
-		Username: types.EnvVar{ValueStatic: c.Auth.Username.ValueStatic},
-		Password: types.EnvVar{ValueStatic: c.Auth.Password.ValueStatic},
-	}
-
-	return true, nil
-}
-
 type NamespaceCheck struct {
 	Description          `yaml:",inline" json:",inline"`
 	NamespaceNamePrefix  string            `yaml:"namespaceNamePrefix,omitempty" json:"namespaceNamePrefix,omitempty"`
@@ -768,16 +638,10 @@ type SMBConnection struct {
 	// ConnectionName of the connection. It'll be used to populate the connection fields.
 	ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"`
 	//Port on which smb server is running. Defaults to 445
-	Port int             `yaml:"port,omitempty" json:"port,omitempty"`
-	Auth *Authentication `yaml:"auth" json:"auth"`
+	Port           int `yaml:"port,omitempty" json:"port,omitempty"`
+	Authentication `yaml:",inline" json:",inline"`
 	//Domain...
 	Domain string `yaml:"domain,omitempty" json:"domain,omitempty"`
-	// Workstation...
-	Workstation string `yaml:"workstation,omitempty" json:"workstation,omitempty"`
-	//Sharename to mount from the samba server
-	Sharename string `yaml:"sharename,omitempty" json:"sharename,omitempty"`
-	//SearchPath sub-path inside the mount location
-	SearchPath string `yaml:"searchPath,omitempty" json:"searchPath,omitempty" `
 }
 
 func (c SMBConnection) GetPort() int {
@@ -797,27 +661,15 @@ func (c *SMBConnection) HydrateConnection(ctx checkContext) (found bool, err err
 		return false, nil
 	}
 
-	c.Auth = &Authentication{
+	c.Authentication = Authentication{
 		Username: types.EnvVar{ValueStatic: connection.Username},
 		Password: types.EnvVar{ValueStatic: connection.Password},
 	}
 
-	if workstation, ok := connection.Properties["workstation"]; ok {
-		c.Workstation = workstation
-	}
-
 	if domain, ok := connection.Properties["domain"]; ok {
 		c.Domain = domain
 	}
 
-	if sharename, ok := connection.Properties["sharename"]; ok {
-		c.Sharename = sharename
-	}
-
-	if searchPath, ok := connection.Properties["searchPath"]; ok {
-		c.SearchPath = searchPath
-	}
-
 	if portRaw, ok := connection.Properties["port"]; ok {
 		if port, err := strconv.Atoi(portRaw); nil == err {
 			c.Port = port
@@ -831,9 +683,9 @@ type SFTPConnection struct {
 	// ConnectionName of the connection. It'll be used to populate the connection fields.
 	ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"`
 	// Port for the SSH server. Defaults to 22
-	Port int             `yaml:"port,omitempty" json:"port,omitempty"`
-	Host string          `yaml:"host" json:"host"`
-	Auth *Authentication `yaml:"auth" json:"auth"`
+	Port           int    `yaml:"port,omitempty" json:"port,omitempty"`
+	Host           string `yaml:"host" json:"host"`
+	Authentication `yaml:",inline" json:",inline"`
 }
 
 func (c *SFTPConnection) HydrateConnection(ctx checkContext) (found bool, err error) {
@@ -847,7 +699,7 @@ func (c *SFTPConnection) HydrateConnection(ctx checkContext) (found bool, err er
 	}
 
 	c.Host = connection.URL
-	c.Auth = &Authentication{
+	c.Authentication = Authentication{
 		Username: types.EnvVar{ValueStatic: connection.Username},
 		Password: types.EnvVar{ValueStatic: connection.Password},
 	}
@@ -876,11 +728,11 @@ type Prometheus struct {
 }
 
 type PrometheusCheck struct {
-	Description    `yaml:",inline" json:",inline"`
-	Templatable    `yaml:",inline" json:",inline"`
-	ConnectionName string `yaml:"connection,omitempty" json:"connection,omitempty"`
-	// Address of the prometheus server
-	Host string `yaml:"host" json:"host" template:"true" `
+	Description `yaml:",inline" json:",inline"`
+	Templatable `yaml:",inline" json:",inline"`
+	// Deprecated: use `url` instead
+	Host       string `yaml:"host,omitempty" json:"host,omitempty"`
+	Connection `yaml:",inline" json:",inline"`
 	// PromQL query
 	Query string `yaml:"query" json:"query" template:"true"`
 }
@@ -889,28 +741,9 @@ func (c PrometheusCheck) GetType() string {
 	return "prometheus"
 }
 
-func (c PrometheusCheck) GetEndpoint() string {
-	return fmt.Sprintf("%v/%v", c.Host, c.Description)
-}
-
-func (c *PrometheusCheck) HydrateConnection(ctx checkContext) (bool, error) {
-	connection, err := ctx.HydrateConnectionByURL(c.ConnectionName)
-	if err != nil {
-		return false, err
-	}
-
-	if connection == nil {
-		return false, nil
-	}
-
-	c.Host = connection.URL
-	return true, nil
-}
-
 type MongoDBCheck struct {
 	Description `yaml:",inline" json:",inline"`
-	// Monogodb connection string, e.g.  mongodb://:27017/?authSource=admin, See https://docs.mongodb.com/manual/reference/connection-string/
-	Connection `yaml:",inline" json:",inline"`
+	Connection  `yaml:",inline" json:",inline"`
 }
 
 func (c MongoDBCheck) GetType() string {
@@ -1011,7 +844,16 @@ func (t *AWSConnection) Populate(ctx checkContext, k8s kubernetes.Interface, nam
 
 		t.AccessKey.ValueStatic = connection.Username
 		t.SecretKey.ValueStatic = connection.Password
-		t.Endpoint = connection.URL
+		if t.Endpoint == "" {
+			t.Endpoint = connection.URL
+		}
+
+		t.SkipTLSVerify = connection.InsecureTLS
+		if t.Region == "" {
+			if region, ok := connection.Properties["region"]; ok {
+				t.Region = region
+			}
+		}
 	}
 
 	if accessKey, err := duty.GetEnvValueFromCache(k8s, t.AccessKey, namespace); err != nil {
@@ -1107,7 +949,7 @@ type AwsConfigCheck struct {
 	Description    `yaml:",inline" json:",inline"`
 	Templatable    `yaml:",inline" json:",inline"`
 	Query          string `yaml:"query" json:"query"`
-	*AWSConnection `yaml:"awsConnection,omitempty" json:"awsConnection,omitempty"`
+	*AWSConnection `yaml:",inline" json:",inline"`
 	AggregatorName *string `yaml:"aggregatorName,omitempty" json:"aggregatorName,omitempty"`
 }
 
@@ -1128,7 +970,7 @@ type AwsConfigRuleCheck struct {
 	Rules []string `yaml:"rules,omitempty" json:"rules,omitempty"`
 	// Filters the results by compliance. The allowed values are INSUFFICIENT_DATA, NON_COMPLIANT, NOT_APPLICABLE, COMPLIANT
 	ComplianceTypes []string `yaml:"complianceTypes,omitempty" json:"complianceTypes,omitempty"`
-	*AWSConnection  `yaml:"awsConnection,omitempty" json:"awsConnection,omitempty"`
+	*AWSConnection  `yaml:",inline" json:",inline"`
 }
 
 func (c AwsConfigRuleCheck) GetType() string {
diff --git a/api/v1/common.go b/api/v1/common.go
index 82e303b36..f37f15876 100644
--- a/api/v1/common.go
+++ b/api/v1/common.go
@@ -169,8 +169,8 @@ type JSONCheck struct {
 }
 
 type Authentication struct {
-	Username types.EnvVar `yaml:"username" json:"username"`
-	Password types.EnvVar `yaml:"password" json:"password"`
+	Username types.EnvVar `yaml:"username,omitempty" json:"username,omitempty"`
+	Password types.EnvVar `yaml:"password,omitempty" json:"password,omitempty"`
 }
 
 func (auth Authentication) IsEmpty() bool {
@@ -306,21 +306,15 @@ func (d Description) GetLabels() map[string]string {
 }
 
 type Connection struct {
-	Connection     string         `yaml:"connection" json:"connection" template:"true"`
-	Authentication Authentication `yaml:"auth,omitempty" json:"auth,omitempty"`
-}
-
-// +k8s:deepcopy-gen=false
-type Connectable interface {
-	GetConnection() string
-}
-
-func (c Connection) GetConnection() string {
-	return c.Connection
+	// Connection name e.g. connection://http/google
+	Connection string `yaml:"connection,omitempty" json:"connection,omitempty"`
+	// Connection url, interpolated with username,password
+	URL            string `yaml:"url,omitempty" json:"url,omitempty" template:"true"`
+	Authentication `yaml:",inline" json:",inline"`
 }
 
 func (c Connection) GetEndpoint() string {
-	return sanitizeEndpoints(c.Connection)
+	return sanitizeEndpoints(c.URL)
 }
 
 // Obfuscate passwords of the form ' password=xxxxx ' from connectionString since
diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go
index 4e19aebf1..e8724addd 100644
--- a/api/v1/zz_generated.deepcopy.go
+++ b/api/v1/zz_generated.deepcopy.go
@@ -66,11 +66,7 @@ func (in *AlertManagerCheck) DeepCopyInto(out *AlertManagerCheck) {
 	*out = *in
 	in.Description.DeepCopyInto(&out.Description)
 	out.Templatable = in.Templatable
-	if in.Auth != nil {
-		in, out := &in.Auth, &out.Auth
-		*out = new(Authentication)
-		(*in).DeepCopyInto(*out)
-	}
+	in.Connection.DeepCopyInto(&out.Connection)
 	if in.Alerts != nil {
 		in, out := &in.Alerts, &out.Alerts
 		*out = make([]string, len(*in))
@@ -1514,11 +1510,7 @@ func (in *ElasticsearchCheck) DeepCopyInto(out *ElasticsearchCheck) {
 	*out = *in
 	in.Description.DeepCopyInto(&out.Description)
 	out.Templatable = in.Templatable
-	if in.Auth != nil {
-		in, out := &in.Auth, &out.Auth
-		*out = new(Authentication)
-		(*in).DeepCopyInto(*out)
-	}
+	in.Connection.DeepCopyInto(&out.Connection)
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ElasticsearchCheck.
@@ -1812,6 +1804,7 @@ func (in *HTTPCheck) DeepCopyInto(out *HTTPCheck) {
 	*out = *in
 	in.Description.DeepCopyInto(&out.Description)
 	out.Templatable = in.Templatable
+	in.Connection.DeepCopyInto(&out.Connection)
 	if in.ResponseCodes != nil {
 		in, out := &in.ResponseCodes, &out.ResponseCodes
 		*out = make([]int, len(*in))
@@ -1829,11 +1822,6 @@ func (in *HTTPCheck) DeepCopyInto(out *HTTPCheck) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
-	if in.Authentication != nil {
-		in, out := &in.Authentication, &out.Authentication
-		*out = new(Authentication)
-		(*in).DeepCopyInto(*out)
-	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPCheck.
@@ -2076,11 +2064,7 @@ func (in *LDAP) DeepCopy() *LDAP {
 func (in *LDAPCheck) DeepCopyInto(out *LDAPCheck) {
 	*out = *in
 	in.Description.DeepCopyInto(&out.Description)
-	if in.Auth != nil {
-		in, out := &in.Auth, &out.Auth
-		*out = new(Authentication)
-		(*in).DeepCopyInto(*out)
-	}
+	in.Connection.DeepCopyInto(&out.Connection)
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LDAPCheck.
@@ -2283,7 +2267,7 @@ func (in *OpenSearchCheck) DeepCopyInto(out *OpenSearchCheck) {
 	*out = *in
 	in.Description.DeepCopyInto(&out.Description)
 	out.Templatable = in.Templatable
-	in.Auth.DeepCopyInto(&out.Auth)
+	in.Connection.DeepCopyInto(&out.Connection)
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OpenSearchCheck.
@@ -2386,6 +2370,7 @@ func (in *PrometheusCheck) DeepCopyInto(out *PrometheusCheck) {
 	*out = *in
 	in.Description.DeepCopyInto(&out.Description)
 	out.Templatable = in.Templatable
+	in.Connection.DeepCopyInto(&out.Connection)
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusCheck.
@@ -2479,10 +2464,11 @@ func (in *Redis) DeepCopy() *Redis {
 func (in *RedisCheck) DeepCopyInto(out *RedisCheck) {
 	*out = *in
 	in.Description.DeepCopyInto(&out.Description)
-	if in.Auth != nil {
-		in, out := &in.Auth, &out.Auth
-		*out = new(Authentication)
-		(*in).DeepCopyInto(*out)
+	in.Connection.DeepCopyInto(&out.Connection)
+	if in.DB != nil {
+		in, out := &in.DB, &out.DB
+		*out = new(int)
+		**out = **in
 	}
 }
 
@@ -2628,11 +2614,7 @@ func (in *S3Check) DeepCopy() *S3Check {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *SFTPConnection) DeepCopyInto(out *SFTPConnection) {
 	*out = *in
-	if in.Auth != nil {
-		in, out := &in.Auth, &out.Auth
-		*out = new(Authentication)
-		(*in).DeepCopyInto(*out)
-	}
+	in.Authentication.DeepCopyInto(&out.Authentication)
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SFTPConnection.
@@ -2648,11 +2630,7 @@ func (in *SFTPConnection) DeepCopy() *SFTPConnection {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *SMBConnection) DeepCopyInto(out *SMBConnection) {
 	*out = *in
-	if in.Auth != nil {
-		in, out := &in.Auth, &out.Auth
-		*out = new(Authentication)
-		(*in).DeepCopyInto(*out)
-	}
+	in.Authentication.DeepCopyInto(&out.Authentication)
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SMBConnection.
diff --git a/checks/alertmanager.go b/checks/alertmanager.go
index 6ea68c9a3..533aec8b5 100644
--- a/checks/alertmanager.go
+++ b/checks/alertmanager.go
@@ -33,14 +33,13 @@ func (c *AlertManagerChecker) Check(ctx *context.Context, extConfig external.Che
 	result := pkg.Success(check, ctx.Canary)
 	results = append(results, result)
 
-	if connection, err := ctx.HydrateConnectionByURL(check.ConnectionName); err != nil {
-		return results.Failf("failed to find connection from %q: %v", check.ConnectionName, err)
-	} else if connection != nil {
-		check.Host = connection.URL
+	connection, err := ctx.GetConnection(check.Connection)
+	if err != nil {
+		return results.Failf("error getting connection: %v", err)
 	}
 
 	client := alertmanagerClient.NewHTTPClientWithConfig(nil, &alertmanagerClient.TransportConfig{
-		Host:     check.GetEndpoint(),
+		Host:     connection.URL,
 		Schemes:  []string{"http", "https"},
 		BasePath: alertmanagerClient.DefaultBasePath,
 	})
diff --git a/checks/common.go b/checks/common.go
index 6c927c242..40a63e4bc 100644
--- a/checks/common.go
+++ b/checks/common.go
@@ -12,66 +12,9 @@ import (
 	"github.com/flanksource/canary-checker/pkg"
 	"github.com/flanksource/canary-checker/pkg/utils"
 	"github.com/flanksource/canary-checker/templating"
-	ctemplate "github.com/flanksource/commons/template"
 	"github.com/robfig/cron/v3"
 )
 
-func GetConnection(ctx *context.Context, conn *v1.Connection, namespace string) (string, error) {
-	// TODO: this function should not be necessary, each check should be templated out individual
-	// however, the walk method only support high level values, not values from siblings.
-
-	if conn.Authentication.IsEmpty() {
-		return conn.Connection, nil
-	}
-
-	auth, err := GetAuthValues(ctx, &conn.Authentication)
-	if err != nil {
-		return "", err
-	}
-
-	clone := conn.DeepCopy()
-
-	data := map[string]interface{}{
-		"name":      ctx.Canary.Name,
-		"namespace": namespace,
-		"username":  auth.GetUsername(),
-		"password":  auth.GetPassword(),
-		"domain":    auth.GetDomain(),
-	}
-	templater := ctemplate.StructTemplater{
-		Values: data,
-		// access go values in template requires prefix everything with .
-		// to support $(username) instead of $(.username) we add a function for each var
-		ValueFunctions: true,
-		DelimSets: []ctemplate.Delims{
-			{Left: "{{", Right: "}}"},
-			{Left: "$(", Right: ")"},
-		},
-		RequiredTag: "template",
-	}
-	if err := templater.Walk(clone); err != nil {
-		return "", err
-	}
-
-	return clone.Connection, nil
-}
-
-func GetAuthValues(ctx *context.Context, auth *v1.Authentication) (*v1.Authentication, error) {
-	// in case nil we are sending empty string values for username and password
-	if auth == nil {
-		return auth, nil
-	}
-	var err error
-
-	if auth.Username.ValueStatic, err = ctx.GetEnvValueFromCache(auth.Username); err != nil {
-		return nil, err
-	}
-	if auth.Password.ValueStatic, err = ctx.GetEnvValueFromCache(auth.Password); err != nil {
-		return nil, err
-	}
-	return auth, nil
-}
-
 func age(t time.Time) string {
 	return utils.Age(time.Since(t))
 }
diff --git a/checks/elasticsearch.go b/checks/elasticsearch.go
index 688ebe411..c51840952 100644
--- a/checks/elasticsearch.go
+++ b/checks/elasticsearch.go
@@ -34,14 +34,15 @@ func (c *ElasticsearchChecker) Check(ctx *context.Context, extConfig external.Ch
 	var results pkg.Results
 	results = append(results, result)
 
-	if err := check.HydrateConnection(ctx); err != nil {
-		return results.Failf("Failed to find connection for elastic search: %v", err)
+	connection, err := ctx.GetConnection(check.Connection)
+	if err != nil {
+		return results.Failf("error getting connection: %v", err)
 	}
 
 	cfg := elasticsearch.Config{
-		Addresses: []string{check.GetEndpoint()},
-		Username:  check.Auth.GetUsername(),
-		Password:  check.Auth.GetPassword(),
+		Addresses: []string{connection.URL},
+		Username:  connection.Username,
+		Password:  connection.Password,
 	}
 
 	es, err := elasticsearch.NewClient(cfg)
@@ -67,7 +68,7 @@ func (c *ElasticsearchChecker) Check(ctx *context.Context, extConfig external.Ch
 				fmt.Errorf("Error parsing the response body: %s", err),
 			)
 		} else {
-			return results.ErrorMessage(fmt.Errorf("Error from elasticsearch.[%s]: %v, %v",
+			return results.ErrorMessage(fmt.Errorf("Error from elasticsearch [%s]: %v, %v",
 				res.Status(),
 				e["error"].(map[string]interface{})["type"],
 				e["error"].(map[string]interface{})["reason"],
diff --git a/checks/folder_sftp.go b/checks/folder_sftp.go
index 77bdaf8fa..22df10b29 100644
--- a/checks/folder_sftp.go
+++ b/checks/folder_sftp.go
@@ -20,9 +20,9 @@ func CheckSFTP(ctx *context.Context, check v1.FolderCheck) pkg.Results {
 		return results.Failf("failed to populate SFTP connection: %v", err)
 	}
 
-	auth := check.SFTPConnection.Auth
+	auth := check.SFTPConnection.Authentication
 	if !foundConn {
-		auth, err = GetAuthValues(ctx, check.SFTPConnection.Auth)
+		auth, err = ctx.GetAuthValues(check.SFTPConnection.Authentication)
 		if err != nil {
 			return results.ErrorMessage(err)
 		}
diff --git a/checks/folder_smb.go b/checks/folder_smb.go
index c7d873698..92c23ebca 100644
--- a/checks/folder_smb.go
+++ b/checks/folder_smb.go
@@ -30,7 +30,7 @@ func (s *SMBSession) Close() error {
 	return nil
 }
 
-func smbConnect(server string, port int, share string, auth *v1.Authentication) (Filesystem, uint64, uint64, uint64, error) {
+func smbConnect(server string, port int, share string, auth v1.Authentication) (Filesystem, uint64, uint64, uint64, error) {
 	var err error
 	var smb *SMBSession
 	server = server + ":" + fmt.Sprintf("%d", port)
@@ -83,9 +83,9 @@ func CheckSmb(ctx *context.Context, check v1.FolderCheck) pkg.Results {
 		return results.Failf("failed to populate SMB connection: %v", err)
 	}
 
-	auth := check.SMBConnection.Auth
+	auth := check.SMBConnection.Authentication
 	if !foundConn {
-		auth, err = GetAuthValues(ctx, check.SMBConnection.Auth)
+		auth, err = ctx.GetAuthValues(check.SMBConnection.Authentication)
 		if err != nil {
 			return results.ErrorMessage(err)
 		}
diff --git a/checks/http.go b/checks/http.go
index 23590f5b6..15a5251b6 100644
--- a/checks/http.go
+++ b/checks/http.go
@@ -8,6 +8,7 @@ import (
 
 	"github.com/flanksource/canary-checker/api/context"
 	"github.com/flanksource/commons/text"
+	"github.com/flanksource/duty/models"
 	"github.com/pkg/errors"
 
 	"github.com/flanksource/canary-checker/api/external"
@@ -60,7 +61,7 @@ func (c *HTTPChecker) Run(ctx *context.Context) pkg.Results {
 	return results
 }
 
-func (c *HTTPChecker) configure(req *http.HTTPRequest, ctx *context.Context, check v1.HTTPCheck) error {
+func (c *HTTPChecker) configure(req *http.HTTPRequest, ctx *context.Context, check v1.HTTPCheck, connection *models.Connection) error {
 	for _, header := range check.Headers {
 		value, err := ctx.GetEnvValueFromCache(header)
 		if err != nil {
@@ -69,12 +70,8 @@ func (c *HTTPChecker) configure(req *http.HTTPRequest, ctx *context.Context, che
 		req.Header(header.Name, value)
 	}
 
-	auth, err := GetAuthValues(ctx, check.Authentication)
-	if err != nil {
-		return err
-	}
-	if auth != nil {
-		req.Auth(auth.Username.ValueStatic, auth.Password.ValueStatic)
+	if connection.Username != "" || connection.Password != "" {
+		req.Auth(connection.Username, connection.Password)
 	}
 
 	req.NTLM(check.NTLM)
@@ -103,17 +100,35 @@ func (c *HTTPChecker) Check(ctx *context.Context, extConfig external.Check) pkg.
 	result := pkg.Success(check, ctx.Canary)
 	results = append(results, result)
 
-	if connection, err := ctx.HydrateConnectionByURL(check.ConnectionName); err != nil {
-		return results.Failf("failed to find HTTP connection %q: %v", check.ConnectionName, err)
-	} else if connection != nil {
-		check.Endpoint = connection.URL
+	//nolint:staticcheck
+	if check.Endpoint != "" && check.URL != "" {
+		return results.Failf("cannot specify both endpoint and url")
 	}
 
-	if _, err := url.Parse(check.Endpoint); err != nil {
-		return results.ErrorMessage(err)
+	//nolint:staticcheck
+	if check.Endpoint != "" && check.URL == "" {
+		check.URL = check.Endpoint
+	}
+
+	connection, err := ctx.GetConnection(check.Connection)
+	if err != nil {
+		return results.Failf("error getting connection  %v", err)
+	}
+
+	if connection.URL == "" {
+		return results.Failf("no url or connection specified")
+	}
+
+	if ntlm, ok := connection.Properties["ntlm"]; ok {
+		check.NTLM = ntlm == "true"
+	} else if ntlm, ok := connection.Properties["ntlmv2"]; ok {
+		check.NTLMv2 = ntlm == "true"
+	}
+
+	if _, err := url.Parse(connection.URL); err != nil {
+		return results.Failf("failed to parse url: %v", err)
 	}
 
-	endpoint := check.Endpoint
 	body := check.Body
 	if check.TemplateBody {
 		body, err = text.Template(body, ctx.Canary)
@@ -122,9 +137,9 @@ func (c *HTTPChecker) Check(ctx *context.Context, extConfig external.Check) pkg.
 		}
 	}
 
-	req := http.NewRequest(check.Endpoint).Method(check.GetMethod())
+	req := http.NewRequest(connection.URL).Method(check.GetMethod())
 
-	if err := c.configure(req, ctx, check); err != nil {
+	if err := c.configure(req, ctx, check, connection); err != nil {
 		return results.ErrorMessage(err)
 	}
 
@@ -137,15 +152,15 @@ func (c *HTTPChecker) Check(ctx *context.Context, extConfig external.Check) pkg.
 		Name: "response_code",
 		Type: metrics.CounterType,
 		Labels: map[string]string{
-			"code":     strconv.Itoa(status),
-			"endpoint": endpoint,
+			"code": strconv.Itoa(status),
+			"url":  check.URL,
 		},
 	})
 	result.Duration = elapsed.Milliseconds()
-	responseStatus.WithLabelValues(strconv.Itoa(status), statusCodeToClass(status), endpoint).Inc()
+	responseStatus.WithLabelValues(strconv.Itoa(status), statusCodeToClass(status), check.URL).Inc()
 	age := resp.GetSSLAge()
 	if age != nil {
-		sslExpiration.WithLabelValues(endpoint).Set(age.Hours() * 24)
+		sslExpiration.WithLabelValues(check.URL).Set(age.Hours() * 24)
 	}
 
 	body, _ = resp.AsString()
diff --git a/checks/jmeter.go b/checks/jmeter.go
index fdd87bb57..44b4c8531 100644
--- a/checks/jmeter.go
+++ b/checks/jmeter.go
@@ -55,10 +55,6 @@ func (c *JmeterChecker) Check(ctx *context.Context, extConfig external.Check) pk
 		return results.Failf("unable to write test plan file")
 	}
 
-	if _, err := check.HydrateConnection(ctx); err != nil {
-		return results.Failf("unable to populate JMeter connection: %v", err)
-	}
-
 	var host string
 	var port string
 	if check.Host != "" {
diff --git a/checks/ldap.go b/checks/ldap.go
index 125e89399..50cdae424 100644
--- a/checks/ldap.go
+++ b/checks/ldap.go
@@ -38,22 +38,22 @@ func (c *LdapChecker) Check(ctx *context.Context, extConfig external.Check) pkg.
 	var err error
 	results = append(results, result)
 
-	if ok, err := check.HydrateConnection(ctx); err != nil {
-		return results.Failf("failed to hydrate connection: %v", err)
-	} else if !ok {
-		check.Auth, err = GetAuthValues(ctx, check.Auth)
-		if err != nil {
-			return results.Failf("failed to fetch auth details: %v", err)
-		}
+	connection, err := ctx.GetConnection(check.Connection)
+	if err != nil {
+		return results.Failf("failed to get connection: %v", err)
+	}
+
+	if connection.URL == "" {
+		return results.Failf("Must specify a connection or URL")
 	}
 
-	ld, err := ldap.DialURL(check.Host, ldap.DialWithTLSConfig(&tls.Config{InsecureSkipVerify: check.SkipTLSVerify}))
+	ld, err := ldap.DialURL(connection.URL, ldap.DialWithTLSConfig(&tls.Config{InsecureSkipVerify: check.SkipTLSVerify}))
 	if err != nil {
 		return results.Failf("Failed to connect %v", err)
 	}
 
-	if err := ld.Bind(check.Auth.Username.ValueStatic, check.Auth.Password.ValueStatic); err != nil {
-		return results.Failf("Failed to bind using %s %v", check.Auth.Username.ValueStatic, err)
+	if err := ld.Bind(connection.Username, connection.Password); err != nil {
+		return results.Failf("Failed to bind using %s %v", connection.Username, err)
 	}
 
 	req := &ldap.SearchRequest{
@@ -63,7 +63,7 @@ func (c *LdapChecker) Check(ctx *context.Context, extConfig external.Check) pkg.
 	}
 	res, err := ld.Search(req)
 	if err != nil {
-		return results.Failf("Failed to search host %v error: %v", check.Host, err)
+		return results.Failf("Failed to search host %v error: %v", connection.URL, err)
 	}
 
 	if len(res.Entries) == 0 {
diff --git a/checks/mongodb.go b/checks/mongodb.go
index 8c20ad68c..9ef51e17c 100644
--- a/checks/mongodb.go
+++ b/checks/mongodb.go
@@ -36,20 +36,13 @@ func (c *MongoDBChecker) Check(ctx *context.Context, extConfig external.Check) p
 	results = append(results, result)
 	var err error
 
-	var dbConnectionString string
-	if connection, err := ctx.HydrateConnectionByURL(check.Connection.Connection); err != nil {
+	connection, err := ctx.GetConnection(check.Connection)
+	if err != nil {
 		return results.Failf("error getting connection: %v", err)
-	} else if connection != nil {
-		dbConnectionString = connection.URL
-	} else {
-		dbConnectionString, err = GetConnection(ctx, &check.Connection, ctx.Namespace)
-		if err != nil {
-			return results.ErrorMessage(err)
-		}
 	}
 
 	opts := options.Client().
-		ApplyURI(dbConnectionString).
+		ApplyURI(connection.URL).
 		SetConnectTimeout(3 * time.Second).
 		SetSocketTimeout(3 * time.Second)
 
diff --git a/checks/opensearch.go b/checks/opensearch.go
index 0d4b56cdf..b3994c119 100644
--- a/checks/opensearch.go
+++ b/checks/opensearch.go
@@ -31,14 +31,19 @@ func (t *OpenSearchChecker) check(ctx *context.Context, check v1.OpenSearchCheck
 	var results pkg.Results
 	results = append(results, result)
 
-	if err := check.HydrateConnection(ctx); err != nil {
-		return results.Failf("error hydrating connection: %v", err)
+	connection, err := ctx.GetConnection(check.Connection)
+	if err != nil {
+		return results.Failf("error getting connection: %v", err)
+	}
+
+	if connection.URL == "" {
+		return results.Failf("Must specify a URL")
 	}
 
 	cfg := opensearch.Config{
-		Username:  check.Auth.Username.ValueStatic,
-		Password:  check.Auth.Password.ValueStatic,
-		Addresses: []string{check.GetEndpoint()},
+		Username:  connection.Username,
+		Password:  connection.Password,
+		Addresses: []string{connection.URL},
 	}
 
 	osClient, err := opensearch.NewClient(cfg)
diff --git a/checks/prometheus.go b/checks/prometheus.go
index b96930014..b14dde923 100644
--- a/checks/prometheus.go
+++ b/checks/prometheus.go
@@ -33,15 +33,21 @@ func (c *PrometheusChecker) Check(ctx *context.Context, extConfig external.Check
 	var results pkg.Results
 	results = append(results, result)
 
-	if _, err := check.HydrateConnection(ctx); err != nil {
-		return results.Failf("error hydrating connection: %v", err)
+	//nolint:staticcheck
+	if check.Host != "" && check.URL == "" {
+		check.URL = check.Host
 	}
 
-	if check.Host == "" {
-		return results.Failf("Must specify a prometheus host")
+	connection, err := ctx.GetConnection(check.Connection)
+	if err != nil {
+		return results.Failf("error getting connection: %v", err)
+	}
+
+	if connection.URL == "" {
+		return results.Failf("Must specify a URL")
 	}
 
-	promClient, err := prometheus.NewPrometheusAPI(check.Host)
+	promClient, err := prometheus.NewPrometheusAPI(connection.URL)
 	if err != nil {
 		return results.ErrorMessage(err)
 	}
diff --git a/checks/redis.go b/checks/redis.go
index b1b16d369..95f2fba3d 100644
--- a/checks/redis.go
+++ b/checks/redis.go
@@ -40,36 +40,28 @@ func (c *RedisChecker) Check(ctx *context.Context, extConfig external.Check) pkg
 	results = append(results, result)
 
 	var redisOpts *redis.Options
-	if check.ConnectionName != "" {
-		connection, err := ctx.HydrateConnectionByURL(check.ConnectionName)
-		if err != nil {
-			return results.Failf("failed to fetch connection %q: %v", check.ConnectionName, err)
-		}
 
-		redisOpts = &redis.Options{
-			Addr:     connection.URL,
-			Username: connection.Username,
-			Password: connection.Password,
-		}
+	//nolint:staticcheck
+	if check.Addr != "" && check.URL == "" {
+		check.URL = check.Addr
+	}
 
-		if db, ok := connection.Properties["db"]; ok {
-			if dbInt, err := strconv.Atoi(db); nil == err {
-				redisOpts.DB = dbInt
-			}
-		}
-	} else {
-		auth, err := GetAuthValues(ctx, check.Auth)
-		if err != nil {
-			return results.Failf("failed to fetch auth details: %v", err)
-		}
+	connection, err := ctx.GetConnection(check.Connection)
+	if err != nil {
+		return results.Failf("error getting connection: %v", err)
+	}
 
-		redisOpts = &redis.Options{
-			Addr: check.Addr,
-			DB:   check.DB,
-		}
-		if auth != nil {
-			redisOpts.Username = auth.GetUsername()
-			redisOpts.Password = auth.GetPassword()
+	redisOpts = &redis.Options{
+		Addr:     connection.URL,
+		Username: connection.Username,
+		Password: connection.Password,
+	}
+
+	if check.DB != nil {
+		redisOpts.DB = *check.DB
+	} else if db, ok := connection.Properties["db"]; ok {
+		if dbInt, err := strconv.Atoi(db); nil == err {
+			redisOpts.DB = dbInt
 		}
 	}
 
diff --git a/checks/restic.go b/checks/restic.go
index fe4d77984..d7fd2883a 100644
--- a/checks/restic.go
+++ b/checks/restic.go
@@ -75,7 +75,7 @@ func (c *ResticChecker) Check(ctx *context.Context, extConfig external.Check) pk
 	}
 
 	if check.AWSConnectionName != "" {
-		connection, err := ctx.HydrateConnectionByURL(check.ConnectionName)
+		connection, err := ctx.HydrateConnectionByURL(check.AWSConnectionName)
 		if err != nil {
 			return results.Failf("error getting aws connection: %v", err)
 		}
diff --git a/checks/runchecks.go b/checks/runchecks.go
index 9f365a452..7df76e095 100644
--- a/checks/runchecks.go
+++ b/checks/runchecks.go
@@ -115,7 +115,7 @@ func processTemplates(ctx *context.Context, r *pkg.CheckResult) *pkg.CheckResult
 			if message != "false" {
 				r.Failf("expecting either 'true' or 'false' but got '%v'", message)
 			} else {
-				r.Failf("Test expression failed. Expecting true from: %v", tpl.Expression)
+				r.Failf("")
 			}
 		}
 	}
diff --git a/checks/sql.go b/checks/sql.go
index 3dc0a3412..9ae59b73f 100644
--- a/checks/sql.go
+++ b/checks/sql.go
@@ -3,6 +3,7 @@ package checks
 import (
 	"database/sql"
 	"fmt"
+	"strings"
 
 	"github.com/flanksource/canary-checker/api/context"
 	"github.com/flanksource/canary-checker/api/external"
@@ -84,23 +85,17 @@ func CheckSQL(ctx *context.Context, checker SQLChecker) pkg.Results { // nolint:
 	var results pkg.Results
 	results = append(results, result)
 
-	var dbConnectionString string
-	if connection, err := ctx.HydrateConnectionByURL(check.Connection.Connection); err != nil {
-		return results.Failf("error getting connection: %v", err)
-	} else if connection != nil {
-		dbConnectionString = connection.URL
-	} else {
-		dbConnectionString, err = GetConnection(ctx, &check.Connection, ctx.Namespace)
-		if err != nil {
-			return results.ErrorMessage(err)
-		}
+	if check.Connection.Connection != "" && !strings.HasPrefix(check.Connection.Connection, "connection://") {
+		check.URL = check.Connection.Connection
+		check.Connection.Connection = ""
 	}
 
-	if ctx.IsTrace() {
-		ctx.Tracef("connecting to %s", dbConnectionString)
+	connection, err := ctx.GetConnection(check.Connection)
+	if err != nil {
+		return results.Failf("error getting connection: %v", err)
 	}
 
-	details, err := querySQL(checker.GetDriver(), dbConnectionString, check.GetQuery())
+	details, err := querySQL(checker.GetDriver(), connection.URL, check.GetQuery())
 	if err != nil {
 		return results.ErrorMessage(err)
 	}
diff --git a/config/deploy/crd.yaml b/config/deploy/crd.yaml
index 4653f81f0..44a6df73e 100644
--- a/config/deploy/crd.yaml
+++ b/config/deploy/crd.yaml
@@ -64,69 +64,8 @@ spec:
                         items:
                           type: string
                         type: array
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -146,8 +85,6 @@ spec:
                         additionalProperties:
                           type: string
                         type: object
-                      host:
-                        type: string
                       icon:
                         description: Icon for overwriting default icon on the dashboard
                         type: string
@@ -163,6 +100,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       test:
                         properties:
                           expr:
@@ -185,6 +150,37 @@ spec:
                           template:
                             type: string
                         type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
                       - name
                     type: object
@@ -192,83 +188,39 @@ spec:
                 awsConfig:
                   items:
                     properties:
-                      aggregatorName:
-                        type: string
-                      awsConnection:
+                      accessKey:
                         properties:
-                          accessKey:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          connection:
-                            description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
-                            type: string
-                          endpoint:
-                            type: string
-                          objectPath:
-                            description: glob path to restrict matches to a subset
+                          name:
                             type: string
-                          region:
+                          value:
                             type: string
-                          secretKey:
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                          skipTLSVerify:
-                            description: Skip TLS verify when connecting to aws
-                            type: boolean
-                          usePathStyle:
-                            description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY'
-                            type: boolean
                         type: object
+                      aggregatorName:
+                        type: string
+                      connection:
+                        description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
+                        type: string
                       description:
                         description: Description for the check
                         type: string
@@ -283,6 +235,8 @@ spec:
                           template:
                             type: string
                         type: object
+                      endpoint:
+                        type: string
                       icon:
                         description: Icon for overwriting default icon on the dashboard
                         type: string
@@ -294,8 +248,44 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      objectPath:
+                        description: glob path to restrict matches to a subset
+                        type: string
                       query:
                         type: string
+                      region:
+                        type: string
+                      secretKey:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
+                      skipTLSVerify:
+                        description: Skip TLS verify when connecting to aws
+                        type: boolean
                       test:
                         properties:
                           expr:
@@ -318,6 +308,9 @@ spec:
                           template:
                             type: string
                         type: object
+                      usePathStyle:
+                        description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY'
+                        type: boolean
                     required:
                       - name
                       - query
@@ -326,86 +319,42 @@ spec:
                 awsConfigRule:
                   items:
                     properties:
-                      awsConnection:
+                      accessKey:
                         properties:
-                          accessKey:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          connection:
-                            description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
-                            type: string
-                          endpoint:
-                            type: string
-                          objectPath:
-                            description: glob path to restrict matches to a subset
+                          name:
                             type: string
-                          region:
+                          value:
                             type: string
-                          secretKey:
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                          skipTLSVerify:
-                            description: Skip TLS verify when connecting to aws
-                            type: boolean
-                          usePathStyle:
-                            description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY'
-                            type: boolean
                         type: object
                       complianceTypes:
                         description: Filters the results by compliance. The allowed values are INSUFFICIENT_DATA, NON_COMPLIANT, NOT_APPLICABLE, COMPLIANT
                         items:
                           type: string
                         type: array
+                      connection:
+                        description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
+                        type: string
                       description:
                         description: Description for the check
                         type: string
@@ -420,6 +369,8 @@ spec:
                           template:
                             type: string
                         type: object
+                      endpoint:
+                        type: string
                       icon:
                         description: Icon for overwriting default icon on the dashboard
                         type: string
@@ -436,11 +387,47 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      objectPath:
+                        description: glob path to restrict matches to a subset
+                        type: string
+                      region:
+                        type: string
                       rules:
                         description: Specify one or more Config rule names to filter the results by rule.
                         items:
                           type: string
                         type: array
+                      secretKey:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
+                      skipTLSVerify:
+                        description: Skip TLS verify when connecting to aws
+                        type: boolean
                       test:
                         properties:
                           expr:
@@ -463,6 +450,9 @@ spec:
                           template:
                             type: string
                         type: object
+                      usePathStyle:
+                        description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY'
+                        type: boolean
                     required:
                       - name
                     type: object
@@ -606,6 +596,14 @@ spec:
                                 type: object
                             type: object
                         type: object
+                      actionPrefix:
+                        type: string
+                      alarmPrefix:
+                        type: string
+                      alarms:
+                        items:
+                          type: string
+                        type: array
                       connection:
                         description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
                         type: string
@@ -625,19 +623,6 @@ spec:
                         type: object
                       endpoint:
                         type: string
-                      filter:
-                        properties:
-                          actionPrefix:
-                            type: string
-                          alarmPrefix:
-                            type: string
-                          alarms:
-                            items:
-                              type: string
-                            type: array
-                          state:
-                            type: string
-                        type: object
                       icon:
                         description: Icon for overwriting default icon on the dashboard
                         type: string
@@ -685,6 +670,8 @@ spec:
                       skipTLSVerify:
                         description: Skip TLS verify when connecting to aws
                         type: boolean
+                      state:
+                        type: string
                       test:
                         properties:
                           expr:
@@ -832,9 +819,6 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
                       description:
                         description: Description for the check
@@ -1092,9 +1076,6 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
                       description:
                         description: Description for the check
@@ -1183,9 +1164,6 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
                       description:
                         description: Description for the check
@@ -1239,6 +1217,8 @@ spec:
                                 type: object
                             type: object
                         type: object
+                      connection:
+                        type: string
                       description:
                         description: Description for the check
                         type: string
@@ -1414,69 +1394,8 @@ spec:
                 elasticsearch:
                   items:
                     properties:
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -1505,6 +1424,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         type: string
                       results:
@@ -1532,29 +1479,58 @@ spec:
                             type: string
                         type: object
                       url:
+                        description: Connection url, interpolated with username,password
                         type: string
-                    required:
-                      - name
-                    type: object
-                  type: array
-                env:
-                  additionalProperties:
-                    description: VarSource represents a source for a value
-                    properties:
-                      configMapKeyRef:
-                        description: Selects a key of a ConfigMap.
+                      username:
                         properties:
-                          key:
-                            description: The key to select.
-                            type: string
                           name:
-                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                             type: string
-                          optional:
-                            description: Specify whether the ConfigMap or its key must be defined
-                            type: boolean
-                        required:
-                          - key
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
+                    required:
+                      - name
+                    type: object
+                  type: array
+                env:
+                  additionalProperties:
+                    description: VarSource represents a source for a value
+                    properties:
+                      configMapKeyRef:
+                        description: Selects a key of a ConfigMap.
+                        properties:
+                          key:
+                            description: The key to select.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the ConfigMap or its key must be defined
+                            type: boolean
+                        required:
+                          - key
                         type: object
                         x-kubernetes-map-type: atomic
                       fieldRef:
@@ -1826,186 +1802,162 @@ spec:
                         type: string
                       sftpConnection:
                         properties:
-                          auth:
+                          connection:
+                            description: ConnectionName of the connection. It'll be used to populate the connection fields.
+                            type: string
+                          host:
+                            type: string
+                          password:
                             properties:
-                              password:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
                                 properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                  valueFrom:
+                                  configMapKeyRef:
                                     properties:
-                                      configMapKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
-                                      secretKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
                                     type: object
-                                type: object
-                              username:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                  valueFrom:
+                                  secretKeyRef:
                                     properties:
-                                      configMapKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
-                                      secretKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
                                     type: object
                                 type: object
-                            required:
-                              - password
-                              - username
                             type: object
-                          connection:
-                            description: ConnectionName of the connection. It'll be used to populate the connection fields.
-                            type: string
-                          host:
-                            type: string
                           port:
                             description: Port for the SSH server. Defaults to 22
                             type: integer
-                        required:
-                          - auth
-                          - host
-                        type: object
-                      smbConnection:
-                        properties:
-                          auth:
+                          username:
                             properties:
-                              password:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
                                 properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                  valueFrom:
+                                  configMapKeyRef:
                                     properties:
-                                      configMapKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
-                                      secretKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
                                     type: object
-                                type: object
-                              username:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                  valueFrom:
+                                  secretKeyRef:
                                     properties:
-                                      configMapKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
-                                      secretKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
                                     type: object
                                 type: object
-                            required:
-                              - password
-                              - username
                             type: object
+                        required:
+                          - host
+                        type: object
+                      smbConnection:
+                        properties:
                           connection:
                             description: ConnectionName of the connection. It'll be used to populate the connection fields.
                             type: string
                           domain:
                             description: Domain...
                             type: string
+                          password:
+                            properties:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  configMapKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
+                                    type: object
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
+                                    type: object
+                                type: object
+                            type: object
                           port:
                             description: Port on which smb server is running. Defaults to 445
                             type: integer
-                          searchPath:
-                            description: SearchPath sub-path inside the mount location
-                            type: string
-                          sharename:
-                            description: Sharename to mount from the samba server
-                            type: string
-                          workstation:
-                            description: Workstation...
-                            type: string
-                        required:
-                          - auth
-                        type: object
-                      test:
-                        properties:
-                          expr:
-                            type: string
-                          javascript:
-                            type: string
-                          jsonPath:
-                            type: string
-                          template:
-                            type: string
-                        type: object
-                      totalSize:
-                        description: TotalSize present on the filesystem
-                        type: string
-                      transform:
-                        properties:
-                          expr:
-                            type: string
-                          javascript:
-                            type: string
-                          jsonPath:
+                          username:
+                            properties:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  configMapKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
+                                    type: object
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
+                                    type: object
+                                type: object
+                            type: object
+                        type: object
+                      test:
+                        properties:
+                          expr:
+                            type: string
+                          javascript:
+                            type: string
+                          jsonPath:
+                            type: string
+                          template:
+                            type: string
+                        type: object
+                      totalSize:
+                        description: TotalSize present on the filesystem
+                        type: string
+                      transform:
+                        properties:
+                          expr:
+                            type: string
+                          javascript:
+                            type: string
+                          jsonPath:
                             type: string
                           template:
                             type: string
@@ -2164,9 +2116,6 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
                       cafile:
                         type: string
@@ -2195,74 +2144,11 @@ spec:
                 http:
                   items:
                     properties:
-                      authentication:
-                        description: Credentials for authentication headers
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       body:
                         description: Request Body Contents
                         type: string
                       connection:
-                        description: Name of the connection that'll be used to derive the endpoint.
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -2279,7 +2165,7 @@ spec:
                             type: string
                         type: object
                       endpoint:
-                        description: HTTP endpoint to check.  Mutually exclusive with Namespace
+                        description: 'Deprecated: Use url instead'
                         type: string
                       headers:
                         description: Header fields to be used in the query
@@ -2338,6 +2224,34 @@ spec:
                       ntlmv2:
                         description: NTLM when set to true will do authentication using NTLM v2 protocol
                         type: boolean
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       responseCodes:
                         description: Expected response codes for the HTTP Request.
                         items:
@@ -2385,6 +2299,37 @@ spec:
                           template:
                             type: string
                         type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
                       - name
                     type: object
@@ -2429,9 +2374,6 @@ spec:
                 jmeter:
                   items:
                     properties:
-                      connection:
-                        description: Name of the connection that'll be used to derive host and other connection details.
-                        type: string
                       description:
                         description: Description for the check
                         type: string
@@ -2649,77 +2591,14 @@ spec:
                 ldap:
                   items:
                     properties:
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       bindDN:
                         type: string
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
                         type: string
-                      host:
-                        type: string
                       icon:
                         description: Icon for overwriting default icon on the dashboard
                         type: string
@@ -2731,83 +2610,79 @@ spec:
                       name:
                         description: Name of the check
                         type: string
-                      skipTLSVerify:
-                        type: boolean
-                      userSearch:
-                        type: string
-                    required:
-                      - auth
-                      - bindDN
-                      - host
-                      - name
-                    type: object
-                  type: array
-                mongodb:
-                  items:
-                    properties:
-                      auth:
+                      password:
                         properties:
-                          password:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                          username:
+                        type: object
+                      skipTLSVerify:
+                        type: boolean
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      userSearch:
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
+                    required:
+                      - bindDN
+                      - name
+                    type: object
+                  type: array
+                mongodb:
+                  items:
+                    properties:
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -2823,77 +2698,74 @@ spec:
                       name:
                         description: Name of the check
                         type: string
-                    required:
-                      - connection
-                      - name
-                    type: object
-                  type: array
-                mssql:
-                  items:
-                    properties:
-                      auth:
+                      password:
                         properties:
-                          password:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                          username:
+                        type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
+                    required:
+                      - name
+                    type: object
+                  type: array
+                mssql:
+                  items:
+                    properties:
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -2920,6 +2792,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         type: string
                       results:
@@ -2947,77 +2847,46 @@ spec:
                           template:
                             type: string
                         type: object
-                    required:
-                      - connection
-                      - name
-                    type: object
-                  type: array
-                mysql:
-                  items:
-                    properties:
-                      auth:
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
                         properties:
-                          password:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              secretKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
+                    required:
+                      - name
+                    type: object
+                  type: array
+                mysql:
+                  items:
+                    properties:
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -3044,6 +2913,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         type: string
                       results:
@@ -3071,8 +2968,38 @@ spec:
                           template:
                             type: string
                         type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
-                      - connection
                       - name
                     type: object
                   type: array
@@ -3152,69 +3079,8 @@ spec:
                 opensearch:
                   items:
                     properties:
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -3243,6 +3109,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         type: string
                       results:
@@ -3271,9 +3165,37 @@ spec:
                             type: string
                         type: object
                       url:
+                        description: Connection url, interpolated with username,password
                         type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
-                      - auth
                       - index
                       - name
                       - query
@@ -3327,91 +3249,30 @@ spec:
                         type: string
                       namespace:
                         type: string
-                      path:
-                        type: string
-                      port:
-                        format: int64
-                        type: integer
-                      priorityClass:
-                        type: string
-                      readyTimeout:
-                        format: int64
-                        type: integer
-                      scheduleTimeout:
-                        format: int64
-                        type: integer
-                      spec:
-                        type: string
-                    required:
-                      - name
-                    type: object
-                  type: array
-                postgres:
-                  items:
-                    properties:
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
+                      path:
+                        type: string
+                      port:
+                        format: int64
+                        type: integer
+                      priorityClass:
+                        type: string
+                      readyTimeout:
+                        format: int64
+                        type: integer
+                      scheduleTimeout:
+                        format: int64
+                        type: integer
+                      spec:
+                        type: string
+                    required:
+                      - name
+                    type: object
+                  type: array
+                postgres:
+                  items:
+                    properties:
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -3438,6 +3299,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         type: string
                       results:
@@ -3465,8 +3354,38 @@ spec:
                           template:
                             type: string
                         type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
-                      - connection
                       - name
                     type: object
                   type: array
@@ -3474,6 +3393,7 @@ spec:
                   items:
                     properties:
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -3490,7 +3410,7 @@ spec:
                             type: string
                         type: object
                       host:
-                        description: Address of the prometheus server
+                        description: 'Deprecated: use `url` instead'
                         type: string
                       icon:
                         description: Icon for overwriting default icon on the dashboard
@@ -3503,6 +3423,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         description: PromQL query
                         type: string
@@ -3528,8 +3476,38 @@ spec:
                           template:
                             type: string
                         type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
-                      - host
                       - name
                       - query
                     type: object
@@ -3538,71 +3516,10 @@ spec:
                   items:
                     properties:
                       addr:
+                        description: 'Deprecated: Use url instead'
                         type: string
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       connection:
-                        description: ConnectionName is the name of the connection. It is used to populate addr, db and auth.
+                        description: Connection name e.g. connection://http/google
                         type: string
                       db:
                         type: integer
@@ -3620,9 +3537,66 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
-                      - addr
-                      - db
                       - name
                     type: object
                   type: array
diff --git a/config/deploy/manifests.yaml b/config/deploy/manifests.yaml
index ae2f36d78..bd3b22d37 100644
--- a/config/deploy/manifests.yaml
+++ b/config/deploy/manifests.yaml
@@ -64,69 +64,8 @@ spec:
                         items:
                           type: string
                         type: array
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -146,8 +85,6 @@ spec:
                         additionalProperties:
                           type: string
                         type: object
-                      host:
-                        type: string
                       icon:
                         description: Icon for overwriting default icon on the dashboard
                         type: string
@@ -163,6 +100,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       test:
                         properties:
                           expr:
@@ -185,6 +150,37 @@ spec:
                           template:
                             type: string
                         type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
                       - name
                     type: object
@@ -192,83 +188,39 @@ spec:
                 awsConfig:
                   items:
                     properties:
-                      aggregatorName:
-                        type: string
-                      awsConnection:
+                      accessKey:
                         properties:
-                          accessKey:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          connection:
-                            description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
-                            type: string
-                          endpoint:
-                            type: string
-                          objectPath:
-                            description: glob path to restrict matches to a subset
+                          name:
                             type: string
-                          region:
+                          value:
                             type: string
-                          secretKey:
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                          skipTLSVerify:
-                            description: Skip TLS verify when connecting to aws
-                            type: boolean
-                          usePathStyle:
-                            description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY'
-                            type: boolean
                         type: object
+                      aggregatorName:
+                        type: string
+                      connection:
+                        description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
+                        type: string
                       description:
                         description: Description for the check
                         type: string
@@ -283,6 +235,8 @@ spec:
                           template:
                             type: string
                         type: object
+                      endpoint:
+                        type: string
                       icon:
                         description: Icon for overwriting default icon on the dashboard
                         type: string
@@ -294,8 +248,44 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      objectPath:
+                        description: glob path to restrict matches to a subset
+                        type: string
                       query:
                         type: string
+                      region:
+                        type: string
+                      secretKey:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
+                      skipTLSVerify:
+                        description: Skip TLS verify when connecting to aws
+                        type: boolean
                       test:
                         properties:
                           expr:
@@ -318,6 +308,9 @@ spec:
                           template:
                             type: string
                         type: object
+                      usePathStyle:
+                        description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY'
+                        type: boolean
                     required:
                       - name
                       - query
@@ -326,86 +319,42 @@ spec:
                 awsConfigRule:
                   items:
                     properties:
-                      awsConnection:
+                      accessKey:
                         properties:
-                          accessKey:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          connection:
-                            description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
-                            type: string
-                          endpoint:
-                            type: string
-                          objectPath:
-                            description: glob path to restrict matches to a subset
+                          name:
                             type: string
-                          region:
+                          value:
                             type: string
-                          secretKey:
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                          skipTLSVerify:
-                            description: Skip TLS verify when connecting to aws
-                            type: boolean
-                          usePathStyle:
-                            description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY'
-                            type: boolean
                         type: object
                       complianceTypes:
                         description: Filters the results by compliance. The allowed values are INSUFFICIENT_DATA, NON_COMPLIANT, NOT_APPLICABLE, COMPLIANT
                         items:
                           type: string
                         type: array
+                      connection:
+                        description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
+                        type: string
                       description:
                         description: Description for the check
                         type: string
@@ -420,6 +369,8 @@ spec:
                           template:
                             type: string
                         type: object
+                      endpoint:
+                        type: string
                       icon:
                         description: Icon for overwriting default icon on the dashboard
                         type: string
@@ -436,11 +387,47 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      objectPath:
+                        description: glob path to restrict matches to a subset
+                        type: string
+                      region:
+                        type: string
                       rules:
                         description: Specify one or more Config rule names to filter the results by rule.
                         items:
                           type: string
                         type: array
+                      secretKey:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
+                      skipTLSVerify:
+                        description: Skip TLS verify when connecting to aws
+                        type: boolean
                       test:
                         properties:
                           expr:
@@ -463,6 +450,9 @@ spec:
                           template:
                             type: string
                         type: object
+                      usePathStyle:
+                        description: 'Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY'
+                        type: boolean
                     required:
                       - name
                     type: object
@@ -606,6 +596,14 @@ spec:
                                 type: object
                             type: object
                         type: object
+                      actionPrefix:
+                        type: string
+                      alarmPrefix:
+                        type: string
+                      alarms:
+                        items:
+                          type: string
+                        type: array
                       connection:
                         description: ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
                         type: string
@@ -625,19 +623,6 @@ spec:
                         type: object
                       endpoint:
                         type: string
-                      filter:
-                        properties:
-                          actionPrefix:
-                            type: string
-                          alarmPrefix:
-                            type: string
-                          alarms:
-                            items:
-                              type: string
-                            type: array
-                          state:
-                            type: string
-                        type: object
                       icon:
                         description: Icon for overwriting default icon on the dashboard
                         type: string
@@ -685,6 +670,8 @@ spec:
                       skipTLSVerify:
                         description: Skip TLS verify when connecting to aws
                         type: boolean
+                      state:
+                        type: string
                       test:
                         properties:
                           expr:
@@ -832,9 +819,6 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
                       description:
                         description: Description for the check
@@ -1092,9 +1076,6 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
                       description:
                         description: Description for the check
@@ -1183,9 +1164,6 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
                       description:
                         description: Description for the check
@@ -1239,6 +1217,8 @@ spec:
                                 type: object
                             type: object
                         type: object
+                      connection:
+                        type: string
                       description:
                         description: Description for the check
                         type: string
@@ -1414,69 +1394,8 @@ spec:
                 elasticsearch:
                   items:
                     properties:
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -1505,6 +1424,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         type: string
                       results:
@@ -1532,29 +1479,58 @@ spec:
                             type: string
                         type: object
                       url:
+                        description: Connection url, interpolated with username,password
                         type: string
-                    required:
-                      - name
-                    type: object
-                  type: array
-                env:
-                  additionalProperties:
-                    description: VarSource represents a source for a value
-                    properties:
-                      configMapKeyRef:
-                        description: Selects a key of a ConfigMap.
+                      username:
                         properties:
-                          key:
-                            description: The key to select.
-                            type: string
                           name:
-                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
                             type: string
-                          optional:
-                            description: Specify whether the ConfigMap or its key must be defined
-                            type: boolean
-                        required:
-                          - key
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
+                    required:
+                      - name
+                    type: object
+                  type: array
+                env:
+                  additionalProperties:
+                    description: VarSource represents a source for a value
+                    properties:
+                      configMapKeyRef:
+                        description: Selects a key of a ConfigMap.
+                        properties:
+                          key:
+                            description: The key to select.
+                            type: string
+                          name:
+                            description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?'
+                            type: string
+                          optional:
+                            description: Specify whether the ConfigMap or its key must be defined
+                            type: boolean
+                        required:
+                          - key
                         type: object
                         x-kubernetes-map-type: atomic
                       fieldRef:
@@ -1826,186 +1802,162 @@ spec:
                         type: string
                       sftpConnection:
                         properties:
-                          auth:
+                          connection:
+                            description: ConnectionName of the connection. It'll be used to populate the connection fields.
+                            type: string
+                          host:
+                            type: string
+                          password:
                             properties:
-                              password:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
                                 properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                  valueFrom:
+                                  configMapKeyRef:
                                     properties:
-                                      configMapKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
-                                      secretKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
                                     type: object
-                                type: object
-                              username:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                  valueFrom:
+                                  secretKeyRef:
                                     properties:
-                                      configMapKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
-                                      secretKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
                                     type: object
                                 type: object
-                            required:
-                              - password
-                              - username
                             type: object
-                          connection:
-                            description: ConnectionName of the connection. It'll be used to populate the connection fields.
-                            type: string
-                          host:
-                            type: string
                           port:
                             description: Port for the SSH server. Defaults to 22
                             type: integer
-                        required:
-                          - auth
-                          - host
-                        type: object
-                      smbConnection:
-                        properties:
-                          auth:
+                          username:
                             properties:
-                              password:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
                                 properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                  valueFrom:
+                                  configMapKeyRef:
                                     properties:
-                                      configMapKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
-                                      secretKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
                                     type: object
-                                type: object
-                              username:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                  valueFrom:
+                                  secretKeyRef:
                                     properties:
-                                      configMapKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
-                                      secretKeyRef:
-                                        properties:
-                                          key:
-                                            type: string
-                                          name:
-                                            type: string
-                                        required:
-                                          - key
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
                                     type: object
                                 type: object
-                            required:
-                              - password
-                              - username
                             type: object
+                        required:
+                          - host
+                        type: object
+                      smbConnection:
+                        properties:
                           connection:
                             description: ConnectionName of the connection. It'll be used to populate the connection fields.
                             type: string
                           domain:
                             description: Domain...
                             type: string
+                          password:
+                            properties:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  configMapKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
+                                    type: object
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
+                                    type: object
+                                type: object
+                            type: object
                           port:
                             description: Port on which smb server is running. Defaults to 445
                             type: integer
-                          searchPath:
-                            description: SearchPath sub-path inside the mount location
-                            type: string
-                          sharename:
-                            description: Sharename to mount from the samba server
-                            type: string
-                          workstation:
-                            description: Workstation...
-                            type: string
-                        required:
-                          - auth
-                        type: object
-                      test:
-                        properties:
-                          expr:
-                            type: string
-                          javascript:
-                            type: string
-                          jsonPath:
-                            type: string
-                          template:
-                            type: string
-                        type: object
-                      totalSize:
-                        description: TotalSize present on the filesystem
-                        type: string
-                      transform:
-                        properties:
-                          expr:
-                            type: string
-                          javascript:
-                            type: string
-                          jsonPath:
+                          username:
+                            properties:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  configMapKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
+                                    type: object
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        type: string
+                                    required:
+                                      - key
+                                    type: object
+                                type: object
+                            type: object
+                        type: object
+                      test:
+                        properties:
+                          expr:
+                            type: string
+                          javascript:
+                            type: string
+                          jsonPath:
+                            type: string
+                          template:
+                            type: string
+                        type: object
+                      totalSize:
+                        description: TotalSize present on the filesystem
+                        type: string
+                      transform:
+                        properties:
+                          expr:
+                            type: string
+                          javascript:
+                            type: string
+                          jsonPath:
                             type: string
                           template:
                             type: string
@@ -2164,9 +2116,6 @@ spec:
                                     type: object
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
                       cafile:
                         type: string
@@ -2195,74 +2144,11 @@ spec:
                 http:
                   items:
                     properties:
-                      authentication:
-                        description: Credentials for authentication headers
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       body:
                         description: Request Body Contents
                         type: string
                       connection:
-                        description: Name of the connection that'll be used to derive the endpoint.
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -2279,7 +2165,7 @@ spec:
                             type: string
                         type: object
                       endpoint:
-                        description: HTTP endpoint to check.  Mutually exclusive with Namespace
+                        description: 'Deprecated: Use url instead'
                         type: string
                       headers:
                         description: Header fields to be used in the query
@@ -2338,6 +2224,34 @@ spec:
                       ntlmv2:
                         description: NTLM when set to true will do authentication using NTLM v2 protocol
                         type: boolean
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       responseCodes:
                         description: Expected response codes for the HTTP Request.
                         items:
@@ -2385,6 +2299,37 @@ spec:
                           template:
                             type: string
                         type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
                       - name
                     type: object
@@ -2429,9 +2374,6 @@ spec:
                 jmeter:
                   items:
                     properties:
-                      connection:
-                        description: Name of the connection that'll be used to derive host and other connection details.
-                        type: string
                       description:
                         description: Description for the check
                         type: string
@@ -2649,77 +2591,14 @@ spec:
                 ldap:
                   items:
                     properties:
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       bindDN:
                         type: string
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
                         type: string
-                      host:
-                        type: string
                       icon:
                         description: Icon for overwriting default icon on the dashboard
                         type: string
@@ -2731,83 +2610,79 @@ spec:
                       name:
                         description: Name of the check
                         type: string
-                      skipTLSVerify:
-                        type: boolean
-                      userSearch:
-                        type: string
-                    required:
-                      - auth
-                      - bindDN
-                      - host
-                      - name
-                    type: object
-                  type: array
-                mongodb:
-                  items:
-                    properties:
-                      auth:
+                      password:
                         properties:
-                          password:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                          username:
+                        type: object
+                      skipTLSVerify:
+                        type: boolean
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      userSearch:
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
+                    required:
+                      - bindDN
+                      - name
+                    type: object
+                  type: array
+                mongodb:
+                  items:
+                    properties:
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -2823,77 +2698,74 @@ spec:
                       name:
                         description: Name of the check
                         type: string
-                    required:
-                      - connection
-                      - name
-                    type: object
-                  type: array
-                mssql:
-                  items:
-                    properties:
-                      auth:
+                      password:
                         properties:
-                          password:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                          username:
+                        type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
+                    required:
+                      - name
+                    type: object
+                  type: array
+                mssql:
+                  items:
+                    properties:
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -2920,6 +2792,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         type: string
                       results:
@@ -2947,77 +2847,46 @@ spec:
                           template:
                             type: string
                         type: object
-                    required:
-                      - connection
-                      - name
-                    type: object
-                  type: array
-                mysql:
-                  items:
-                    properties:
-                      auth:
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
                         properties:
-                          password:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
                             properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              configMapKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
+                              secretKeyRef:
                                 properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
                                 type: object
                             type: object
-                        required:
-                          - password
-                          - username
                         type: object
+                    required:
+                      - name
+                    type: object
+                  type: array
+                mysql:
+                  items:
+                    properties:
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -3044,6 +2913,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         type: string
                       results:
@@ -3071,8 +2968,38 @@ spec:
                           template:
                             type: string
                         type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
-                      - connection
                       - name
                     type: object
                   type: array
@@ -3152,69 +3079,8 @@ spec:
                 opensearch:
                   items:
                     properties:
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -3243,6 +3109,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         type: string
                       results:
@@ -3271,9 +3165,37 @@ spec:
                             type: string
                         type: object
                       url:
+                        description: Connection url, interpolated with username,password
                         type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
-                      - auth
                       - index
                       - name
                       - query
@@ -3327,91 +3249,30 @@ spec:
                         type: string
                       namespace:
                         type: string
-                      path:
-                        type: string
-                      port:
-                        format: int64
-                        type: integer
-                      priorityClass:
-                        type: string
-                      readyTimeout:
-                        format: int64
-                        type: integer
-                      scheduleTimeout:
-                        format: int64
-                        type: integer
-                      spec:
-                        type: string
-                    required:
-                      - name
-                    type: object
-                  type: array
-                postgres:
-                  items:
-                    properties:
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
+                      path:
+                        type: string
+                      port:
+                        format: int64
+                        type: integer
+                      priorityClass:
+                        type: string
+                      readyTimeout:
+                        format: int64
+                        type: integer
+                      scheduleTimeout:
+                        format: int64
+                        type: integer
+                      spec:
+                        type: string
+                    required:
+                      - name
+                    type: object
+                  type: array
+                postgres:
+                  items:
+                    properties:
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -3438,6 +3299,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         type: string
                       results:
@@ -3465,8 +3354,38 @@ spec:
                           template:
                             type: string
                         type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
-                      - connection
                       - name
                     type: object
                   type: array
@@ -3474,6 +3393,7 @@ spec:
                   items:
                     properties:
                       connection:
+                        description: Connection name e.g. connection://http/google
                         type: string
                       description:
                         description: Description for the check
@@ -3490,7 +3410,7 @@ spec:
                             type: string
                         type: object
                       host:
-                        description: Address of the prometheus server
+                        description: 'Deprecated: use `url` instead'
                         type: string
                       icon:
                         description: Icon for overwriting default icon on the dashboard
@@ -3503,6 +3423,34 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                       query:
                         description: PromQL query
                         type: string
@@ -3528,8 +3476,38 @@ spec:
                           template:
                             type: string
                         type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
-                      - host
                       - name
                       - query
                     type: object
@@ -3538,71 +3516,10 @@ spec:
                   items:
                     properties:
                       addr:
+                        description: 'Deprecated: Use url instead'
                         type: string
-                      auth:
-                        properties:
-                          password:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                          username:
-                            properties:
-                              name:
-                                type: string
-                              value:
-                                type: string
-                              valueFrom:
-                                properties:
-                                  configMapKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                  secretKeyRef:
-                                    properties:
-                                      key:
-                                        type: string
-                                      name:
-                                        type: string
-                                    required:
-                                      - key
-                                    type: object
-                                type: object
-                            type: object
-                        required:
-                          - password
-                          - username
-                        type: object
                       connection:
-                        description: ConnectionName is the name of the connection. It is used to populate addr, db and auth.
+                        description: Connection name e.g. connection://http/google
                         type: string
                       db:
                         type: integer
@@ -3620,9 +3537,66 @@ spec:
                       name:
                         description: Name of the check
                         type: string
+                      password:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
+                      url:
+                        description: Connection url, interpolated with username,password
+                        type: string
+                      username:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    type: string
+                                required:
+                                  - key
+                                type: object
+                            type: object
+                        type: object
                     required:
-                      - addr
-                      - db
                       - name
                     type: object
                   type: array
diff --git a/config/schemas/canary.schema.json b/config/schemas/canary.schema.json
index 2bdf053df..953269aa0 100644
--- a/config/schemas/canary.schema.json
+++ b/config/schemas/canary.schema.json
@@ -59,11 +59,14 @@
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "alerts": {
           "items": {
@@ -102,11 +105,7 @@
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
+      "type": "object"
     },
     "AwsConfigCheck": {
       "properties": {
@@ -134,8 +133,29 @@
         "query": {
           "type": "string"
         },
-        "awsConnection": {
-          "$ref": "#/$defs/AWSConnection"
+        "connection": {
+          "type": "string"
+        },
+        "accessKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "secretKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "region": {
+          "type": "string"
+        },
+        "endpoint": {
+          "type": "string"
+        },
+        "skipTLSVerify": {
+          "type": "boolean"
+        },
+        "objectPath": {
+          "type": "string"
+        },
+        "usePathStyle": {
+          "type": "boolean"
         },
         "aggregatorName": {
           "type": "string"
@@ -189,8 +209,29 @@
           },
           "type": "array"
         },
-        "awsConnection": {
-          "$ref": "#/$defs/AWSConnection"
+        "connection": {
+          "type": "string"
+        },
+        "accessKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "secretKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "region": {
+          "type": "string"
+        },
+        "endpoint": {
+          "type": "string"
+        },
+        "skipTLSVerify": {
+          "type": "boolean"
+        },
+        "objectPath": {
+          "type": "string"
+        },
+        "usePathStyle": {
+          "type": "boolean"
         }
       },
       "additionalProperties": false,
@@ -663,14 +704,15 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
-        "filter": {
+        "Filter": {
           "$ref": "#/$defs/CloudWatchFilter"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name"
+        "name",
+        "Filter"
       ]
     },
     "CloudWatchFilter": {
@@ -980,6 +1022,9 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
+        "connection": {
+          "type": "string"
+        },
         "host": {
           "type": "string"
         },
@@ -1097,8 +1142,11 @@
         "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -1376,6 +1424,15 @@
         "connection": {
           "type": "string"
         },
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
         "endpoint": {
           "type": "string"
         },
@@ -1418,9 +1475,6 @@
           },
           "type": "array"
         },
-        "authentication": {
-          "$ref": "#/$defs/Authentication"
-        },
         "templateBody": {
           "type": "boolean"
         }
@@ -1527,9 +1581,6 @@
         "labels": {
           "$ref": "#/$defs/Labels"
         },
-        "connection": {
-          "type": "string"
-        },
         "jmx": {
           "$ref": "#/$defs/EnvVar"
         },
@@ -1667,11 +1718,14 @@
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "bindDN": {
           "type": "string"
@@ -1687,8 +1741,6 @@
       "type": "object",
       "required": [
         "name",
-        "host",
-        "auth",
         "bindDN"
       ]
     },
@@ -1753,15 +1805,20 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "MssqlCheck": {
@@ -1790,8 +1847,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -1803,8 +1866,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "MysqlCheck": {
@@ -1833,8 +1895,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -1846,8 +1914,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "NamespaceCheck": {
@@ -2053,8 +2120,11 @@
         "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -2070,7 +2140,6 @@
       "type": "object",
       "required": [
         "name",
-        "auth",
         "query",
         "index"
       ]
@@ -2206,8 +2275,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -2219,8 +2294,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "PrometheusCheck": {
@@ -2246,12 +2320,21 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
+        "host": {
+          "type": "string"
+        },
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
         "query": {
           "type": "string"
         }
@@ -2260,7 +2343,6 @@
       "type": "object",
       "required": [
         "name",
-        "host",
         "query"
       ]
     },
@@ -2281,11 +2363,17 @@
         "connection": {
           "type": "string"
         },
-        "addr": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "addr": {
+          "type": "string"
         },
         "db": {
           "type": "integer"
@@ -2294,9 +2382,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "addr",
-        "db"
+        "name"
       ]
     },
     "ResourceSelector": {
@@ -2424,15 +2510,17 @@
         "host": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "host",
-        "auth"
+        "host"
       ]
     },
     "SMBConnection": {
@@ -2443,27 +2531,18 @@
         "port": {
           "type": "integer"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
-        },
-        "domain": {
-          "type": "string"
-        },
-        "workstation": {
-          "type": "string"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
         },
-        "sharename": {
-          "type": "string"
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
-        "searchPath": {
+        "domain": {
           "type": "string"
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "auth"
-      ]
+      "type": "object"
     },
     "SecretKeySelector": {
       "properties": {
diff --git a/config/schemas/component.schema.json b/config/schemas/component.schema.json
index 8b8e2f68c..82b2ca9cd 100644
--- a/config/schemas/component.schema.json
+++ b/config/schemas/component.schema.json
@@ -59,11 +59,14 @@
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "alerts": {
           "items": {
@@ -102,11 +105,7 @@
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
+      "type": "object"
     },
     "AwsConfigCheck": {
       "properties": {
@@ -134,8 +133,29 @@
         "query": {
           "type": "string"
         },
-        "awsConnection": {
-          "$ref": "#/$defs/AWSConnection"
+        "connection": {
+          "type": "string"
+        },
+        "accessKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "secretKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "region": {
+          "type": "string"
+        },
+        "endpoint": {
+          "type": "string"
+        },
+        "skipTLSVerify": {
+          "type": "boolean"
+        },
+        "objectPath": {
+          "type": "string"
+        },
+        "usePathStyle": {
+          "type": "boolean"
         },
         "aggregatorName": {
           "type": "string"
@@ -189,8 +209,29 @@
           },
           "type": "array"
         },
-        "awsConnection": {
-          "$ref": "#/$defs/AWSConnection"
+        "connection": {
+          "type": "string"
+        },
+        "accessKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "secretKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "region": {
+          "type": "string"
+        },
+        "endpoint": {
+          "type": "string"
+        },
+        "skipTLSVerify": {
+          "type": "boolean"
+        },
+        "objectPath": {
+          "type": "string"
+        },
+        "usePathStyle": {
+          "type": "boolean"
         }
       },
       "additionalProperties": false,
@@ -569,14 +610,15 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
-        "filter": {
+        "Filter": {
           "$ref": "#/$defs/CloudWatchFilter"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name"
+        "name",
+        "Filter"
       ]
     },
     "CloudWatchFilter": {
@@ -1143,6 +1185,9 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
+        "connection": {
+          "type": "string"
+        },
         "host": {
           "type": "string"
         },
@@ -1260,8 +1305,11 @@
         "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -1572,6 +1620,15 @@
         "connection": {
           "type": "string"
         },
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
         "endpoint": {
           "type": "string"
         },
@@ -1614,9 +1671,6 @@
           },
           "type": "array"
         },
-        "authentication": {
-          "$ref": "#/$defs/Authentication"
-        },
         "templateBody": {
           "type": "boolean"
         }
@@ -1723,9 +1777,6 @@
         "labels": {
           "$ref": "#/$defs/Labels"
         },
-        "connection": {
-          "type": "string"
-        },
         "jmx": {
           "$ref": "#/$defs/EnvVar"
         },
@@ -1863,11 +1914,14 @@
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "bindDN": {
           "type": "string"
@@ -1883,8 +1937,6 @@
       "type": "object",
       "required": [
         "name",
-        "host",
-        "auth",
         "bindDN"
       ]
     },
@@ -1999,15 +2051,20 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "MssqlCheck": {
@@ -2036,8 +2093,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -2049,8 +2112,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "MysqlCheck": {
@@ -2079,8 +2141,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -2092,8 +2160,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "NamespaceCheck": {
@@ -2299,8 +2366,11 @@
         "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -2316,7 +2386,6 @@
       "type": "object",
       "required": [
         "name",
-        "auth",
         "query",
         "index"
       ]
@@ -2452,8 +2521,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -2465,8 +2540,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "PrometheusCheck": {
@@ -2492,12 +2566,21 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
+        "host": {
+          "type": "string"
+        },
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
         "query": {
           "type": "string"
         }
@@ -2506,7 +2589,6 @@
       "type": "object",
       "required": [
         "name",
-        "host",
         "query"
       ]
     },
@@ -2599,11 +2681,17 @@
         "connection": {
           "type": "string"
         },
-        "addr": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "addr": {
+          "type": "string"
         },
         "db": {
           "type": "integer"
@@ -2612,9 +2700,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "addr",
-        "db"
+        "name"
       ]
     },
     "RelationshipSpec": {
@@ -2760,15 +2846,17 @@
         "host": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "host",
-        "auth"
+        "host"
       ]
     },
     "SMBConnection": {
@@ -2779,27 +2867,18 @@
         "port": {
           "type": "integer"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
-        },
-        "domain": {
-          "type": "string"
-        },
-        "workstation": {
-          "type": "string"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
         },
-        "sharename": {
-          "type": "string"
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
-        "searchPath": {
+        "domain": {
           "type": "string"
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "auth"
-      ]
+      "type": "object"
     },
     "SecretKeySelector": {
       "properties": {
diff --git a/config/schemas/health_alertmanager.schema.json b/config/schemas/health_alertmanager.schema.json
index e8b21a521..93a6c0009 100644
--- a/config/schemas/health_alertmanager.schema.json
+++ b/config/schemas/health_alertmanager.schema.json
@@ -29,11 +29,14 @@
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "alerts": {
           "items": {
@@ -62,22 +65,6 @@
         "name"
       ]
     },
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
diff --git a/config/schemas/health_awsconfig.schema.json b/config/schemas/health_awsconfig.schema.json
index 3fc17bcba..b14fd834c 100644
--- a/config/schemas/health_awsconfig.schema.json
+++ b/config/schemas/health_awsconfig.schema.json
@@ -3,36 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/aws-config-check",
   "$ref": "#/$defs/AwsConfigCheck",
   "$defs": {
-    "AWSConnection": {
-      "properties": {
-        "connection": {
-          "type": "string"
-        },
-        "accessKey": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "secretKey": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "region": {
-          "type": "string"
-        },
-        "endpoint": {
-          "type": "string"
-        },
-        "skipTLSVerify": {
-          "type": "boolean"
-        },
-        "objectPath": {
-          "type": "string"
-        },
-        "usePathStyle": {
-          "type": "boolean"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object"
-    },
     "AwsConfigCheck": {
       "properties": {
         "description": {
@@ -59,8 +29,29 @@
         "query": {
           "type": "string"
         },
-        "awsConnection": {
-          "$ref": "#/$defs/AWSConnection"
+        "connection": {
+          "type": "string"
+        },
+        "accessKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "secretKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "region": {
+          "type": "string"
+        },
+        "endpoint": {
+          "type": "string"
+        },
+        "skipTLSVerify": {
+          "type": "boolean"
+        },
+        "objectPath": {
+          "type": "string"
+        },
+        "usePathStyle": {
+          "type": "boolean"
         },
         "aggregatorName": {
           "type": "string"
diff --git a/config/schemas/health_awsconfigrule.schema.json b/config/schemas/health_awsconfigrule.schema.json
index e3c0ba95e..245ec69bc 100644
--- a/config/schemas/health_awsconfigrule.schema.json
+++ b/config/schemas/health_awsconfigrule.schema.json
@@ -3,36 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/aws-config-rule-check",
   "$ref": "#/$defs/AwsConfigRuleCheck",
   "$defs": {
-    "AWSConnection": {
-      "properties": {
-        "connection": {
-          "type": "string"
-        },
-        "accessKey": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "secretKey": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "region": {
-          "type": "string"
-        },
-        "endpoint": {
-          "type": "string"
-        },
-        "skipTLSVerify": {
-          "type": "boolean"
-        },
-        "objectPath": {
-          "type": "string"
-        },
-        "usePathStyle": {
-          "type": "boolean"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object"
-    },
     "AwsConfigRuleCheck": {
       "properties": {
         "description": {
@@ -74,8 +44,29 @@
           },
           "type": "array"
         },
-        "awsConnection": {
-          "$ref": "#/$defs/AWSConnection"
+        "connection": {
+          "type": "string"
+        },
+        "accessKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "secretKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "region": {
+          "type": "string"
+        },
+        "endpoint": {
+          "type": "string"
+        },
+        "skipTLSVerify": {
+          "type": "boolean"
+        },
+        "objectPath": {
+          "type": "string"
+        },
+        "usePathStyle": {
+          "type": "boolean"
         }
       },
       "additionalProperties": false,
diff --git a/config/schemas/health_cloudwatch.schema.json b/config/schemas/health_cloudwatch.schema.json
index e93212c60..821187ca1 100644
--- a/config/schemas/health_cloudwatch.schema.json
+++ b/config/schemas/health_cloudwatch.schema.json
@@ -50,14 +50,15 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
-        "filter": {
+        "Filter": {
           "$ref": "#/$defs/CloudWatchFilter"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name"
+        "name",
+        "Filter"
       ]
     },
     "CloudWatchFilter": {
diff --git a/config/schemas/health_containerdPull.schema.json b/config/schemas/health_containerdPull.schema.json
index d770e9562..073ebc88e 100644
--- a/config/schemas/health_containerdPull.schema.json
+++ b/config/schemas/health_containerdPull.schema.json
@@ -13,11 +13,7 @@
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
+      "type": "object"
     },
     "ConfigMapKeySelector": {
       "properties": {
diff --git a/config/schemas/health_dockerPull.schema.json b/config/schemas/health_dockerPull.schema.json
index 2991e10a1..5bf82ae0f 100644
--- a/config/schemas/health_dockerPull.schema.json
+++ b/config/schemas/health_dockerPull.schema.json
@@ -13,11 +13,7 @@
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
+      "type": "object"
     },
     "ConfigMapKeySelector": {
       "properties": {
diff --git a/config/schemas/health_dockerPush.schema.json b/config/schemas/health_dockerPush.schema.json
index 37eee6a5c..598c86e57 100644
--- a/config/schemas/health_dockerPush.schema.json
+++ b/config/schemas/health_dockerPush.schema.json
@@ -13,11 +13,7 @@
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
+      "type": "object"
     },
     "ConfigMapKeySelector": {
       "properties": {
diff --git a/config/schemas/health_dynatrace.schema.json b/config/schemas/health_dynatrace.schema.json
index 07c64266b..8ca1b569f 100644
--- a/config/schemas/health_dynatrace.schema.json
+++ b/config/schemas/health_dynatrace.schema.json
@@ -41,6 +41,9 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
+        "connection": {
+          "type": "string"
+        },
         "host": {
           "type": "string"
         },
diff --git a/config/schemas/health_elasticsearch.schema.json b/config/schemas/health_elasticsearch.schema.json
index 7fbf163a7..16a9311df 100644
--- a/config/schemas/health_elasticsearch.schema.json
+++ b/config/schemas/health_elasticsearch.schema.json
@@ -3,22 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/elasticsearch-check",
   "$ref": "#/$defs/ElasticsearchCheck",
   "$defs": {
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
@@ -63,8 +47,11 @@
         "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
diff --git a/config/schemas/health_folder.schema.json b/config/schemas/health_folder.schema.json
index 080b7efe7..6f6ec1b01 100644
--- a/config/schemas/health_folder.schema.json
+++ b/config/schemas/health_folder.schema.json
@@ -33,22 +33,6 @@
       "additionalProperties": false,
       "type": "object"
     },
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
@@ -219,15 +203,17 @@
         "host": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "host",
-        "auth"
+        "host"
       ]
     },
     "SMBConnection": {
@@ -238,27 +224,18 @@
         "port": {
           "type": "integer"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
-        },
-        "domain": {
-          "type": "string"
-        },
-        "workstation": {
-          "type": "string"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
         },
-        "sharename": {
-          "type": "string"
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
-        "searchPath": {
+        "domain": {
           "type": "string"
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "auth"
-      ]
+      "type": "object"
     },
     "SecretKeySelector": {
       "properties": {
diff --git a/config/schemas/health_helm.schema.json b/config/schemas/health_helm.schema.json
index 38c27395b..e7bb864df 100644
--- a/config/schemas/health_helm.schema.json
+++ b/config/schemas/health_helm.schema.json
@@ -13,11 +13,7 @@
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
+      "type": "object"
     },
     "ConfigMapKeySelector": {
       "properties": {
diff --git a/config/schemas/health_http.schema.json b/config/schemas/health_http.schema.json
index 86f00743b..2a703be73 100644
--- a/config/schemas/health_http.schema.json
+++ b/config/schemas/health_http.schema.json
@@ -3,22 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/http-check",
   "$ref": "#/$defs/HTTPCheck",
   "$defs": {
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
@@ -87,6 +71,15 @@
         "connection": {
           "type": "string"
         },
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
         "endpoint": {
           "type": "string"
         },
@@ -129,9 +122,6 @@
           },
           "type": "array"
         },
-        "authentication": {
-          "$ref": "#/$defs/Authentication"
-        },
         "templateBody": {
           "type": "boolean"
         }
diff --git a/config/schemas/health_jmeter.schema.json b/config/schemas/health_jmeter.schema.json
index a05060192..dfbcb3c42 100644
--- a/config/schemas/health_jmeter.schema.json
+++ b/config/schemas/health_jmeter.schema.json
@@ -59,9 +59,6 @@
         "labels": {
           "$ref": "#/$defs/Labels"
         },
-        "connection": {
-          "type": "string"
-        },
         "jmx": {
           "$ref": "#/$defs/EnvVar"
         },
diff --git a/config/schemas/health_ldap.schema.json b/config/schemas/health_ldap.schema.json
index ecd98cdb4..715f818d1 100644
--- a/config/schemas/health_ldap.schema.json
+++ b/config/schemas/health_ldap.schema.json
@@ -3,22 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/ldap-check",
   "$ref": "#/$defs/LDAPCheck",
   "$defs": {
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
@@ -78,11 +62,14 @@
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "bindDN": {
           "type": "string"
@@ -98,8 +85,6 @@
       "type": "object",
       "required": [
         "name",
-        "host",
-        "auth",
         "bindDN"
       ]
     },
diff --git a/config/schemas/health_mongodb.schema.json b/config/schemas/health_mongodb.schema.json
index edc955f9d..965c98918 100644
--- a/config/schemas/health_mongodb.schema.json
+++ b/config/schemas/health_mongodb.schema.json
@@ -3,22 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/mongo-db-check",
   "$ref": "#/$defs/MongoDBCheck",
   "$defs": {
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
@@ -86,15 +70,20 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "SecretKeySelector": {
diff --git a/config/schemas/health_mssql.schema.json b/config/schemas/health_mssql.schema.json
index 6bbe145e9..6c8d42c87 100644
--- a/config/schemas/health_mssql.schema.json
+++ b/config/schemas/health_mssql.schema.json
@@ -3,22 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/mssql-check",
   "$ref": "#/$defs/MssqlCheck",
   "$defs": {
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
@@ -95,8 +79,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -108,8 +98,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "SecretKeySelector": {
diff --git a/config/schemas/health_mysql.schema.json b/config/schemas/health_mysql.schema.json
index 412c22a59..987204f58 100644
--- a/config/schemas/health_mysql.schema.json
+++ b/config/schemas/health_mysql.schema.json
@@ -3,22 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/mysql-check",
   "$ref": "#/$defs/MysqlCheck",
   "$defs": {
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
@@ -95,8 +79,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -108,8 +98,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "SecretKeySelector": {
diff --git a/config/schemas/health_opensearch.schema.json b/config/schemas/health_opensearch.schema.json
index 62cf19442..b7aa49707 100644
--- a/config/schemas/health_opensearch.schema.json
+++ b/config/schemas/health_opensearch.schema.json
@@ -3,22 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/open-search-check",
   "$ref": "#/$defs/OpenSearchCheck",
   "$defs": {
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
@@ -98,8 +82,11 @@
         "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -115,7 +102,6 @@
       "type": "object",
       "required": [
         "name",
-        "auth",
         "query",
         "index"
       ]
diff --git a/config/schemas/health_postgres.schema.json b/config/schemas/health_postgres.schema.json
index 196dce3b5..82bf8296a 100644
--- a/config/schemas/health_postgres.schema.json
+++ b/config/schemas/health_postgres.schema.json
@@ -3,22 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/postgres-check",
   "$ref": "#/$defs/PostgresCheck",
   "$defs": {
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
@@ -95,8 +79,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -108,8 +98,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "SecretKeySelector": {
diff --git a/config/schemas/health_prometheus.schema.json b/config/schemas/health_prometheus.schema.json
index 9e7a1de14..b4dcab392 100644
--- a/config/schemas/health_prometheus.schema.json
+++ b/config/schemas/health_prometheus.schema.json
@@ -3,6 +3,48 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/prometheus-check",
   "$ref": "#/$defs/PrometheusCheck",
   "$defs": {
+    "ConfigMapKeySelector": {
+      "properties": {
+        "name": {
+          "type": "string"
+        },
+        "key": {
+          "type": "string"
+        }
+      },
+      "additionalProperties": false,
+      "type": "object",
+      "required": [
+        "key"
+      ]
+    },
+    "EnvVar": {
+      "properties": {
+        "name": {
+          "type": "string"
+        },
+        "value": {
+          "type": "string"
+        },
+        "valueFrom": {
+          "$ref": "#/$defs/EnvVarSource"
+        }
+      },
+      "additionalProperties": false,
+      "type": "object"
+    },
+    "EnvVarSource": {
+      "properties": {
+        "configMapKeyRef": {
+          "$ref": "#/$defs/ConfigMapKeySelector"
+        },
+        "secretKeyRef": {
+          "$ref": "#/$defs/SecretKeySelector"
+        }
+      },
+      "additionalProperties": false,
+      "type": "object"
+    },
     "Labels": {
       "patternProperties": {
         ".*": {
@@ -34,12 +76,21 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
+        "host": {
+          "type": "string"
+        },
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
         "query": {
           "type": "string"
         }
@@ -48,10 +99,24 @@
       "type": "object",
       "required": [
         "name",
-        "host",
         "query"
       ]
     },
+    "SecretKeySelector": {
+      "properties": {
+        "name": {
+          "type": "string"
+        },
+        "key": {
+          "type": "string"
+        }
+      },
+      "additionalProperties": false,
+      "type": "object",
+      "required": [
+        "key"
+      ]
+    },
     "Template": {
       "properties": {
         "template": {
diff --git a/config/schemas/health_redis.schema.json b/config/schemas/health_redis.schema.json
index adc3a6bd6..153d4cc4b 100644
--- a/config/schemas/health_redis.schema.json
+++ b/config/schemas/health_redis.schema.json
@@ -3,22 +3,6 @@
   "$id": "https://github.com/flanksource/canary-checker/api/v1/redis-check",
   "$ref": "#/$defs/RedisCheck",
   "$defs": {
-    "Authentication": {
-      "properties": {
-        "username": {
-          "$ref": "#/$defs/EnvVar"
-        },
-        "password": {
-          "$ref": "#/$defs/EnvVar"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
-    },
     "ConfigMapKeySelector": {
       "properties": {
         "name": {
@@ -86,11 +70,17 @@
         "connection": {
           "type": "string"
         },
-        "addr": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "addr": {
+          "type": "string"
         },
         "db": {
           "type": "integer"
@@ -99,9 +89,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "addr",
-        "db"
+        "name"
       ]
     },
     "SecretKeySelector": {
diff --git a/config/schemas/topology.schema.json b/config/schemas/topology.schema.json
index daacb364b..480460cd2 100644
--- a/config/schemas/topology.schema.json
+++ b/config/schemas/topology.schema.json
@@ -59,11 +59,14 @@
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "alerts": {
           "items": {
@@ -102,11 +105,7 @@
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "username",
-        "password"
-      ]
+      "type": "object"
     },
     "AwsConfigCheck": {
       "properties": {
@@ -134,8 +133,29 @@
         "query": {
           "type": "string"
         },
-        "awsConnection": {
-          "$ref": "#/$defs/AWSConnection"
+        "connection": {
+          "type": "string"
+        },
+        "accessKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "secretKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "region": {
+          "type": "string"
+        },
+        "endpoint": {
+          "type": "string"
+        },
+        "skipTLSVerify": {
+          "type": "boolean"
+        },
+        "objectPath": {
+          "type": "string"
+        },
+        "usePathStyle": {
+          "type": "boolean"
         },
         "aggregatorName": {
           "type": "string"
@@ -189,8 +209,29 @@
           },
           "type": "array"
         },
-        "awsConnection": {
-          "$ref": "#/$defs/AWSConnection"
+        "connection": {
+          "type": "string"
+        },
+        "accessKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "secretKey": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "region": {
+          "type": "string"
+        },
+        "endpoint": {
+          "type": "string"
+        },
+        "skipTLSVerify": {
+          "type": "boolean"
+        },
+        "objectPath": {
+          "type": "string"
+        },
+        "usePathStyle": {
+          "type": "boolean"
         }
       },
       "additionalProperties": false,
@@ -569,14 +610,15 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
-        "filter": {
+        "Filter": {
           "$ref": "#/$defs/CloudWatchFilter"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name"
+        "name",
+        "Filter"
       ]
     },
     "CloudWatchFilter": {
@@ -1113,6 +1155,9 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
+        "connection": {
+          "type": "string"
+        },
         "host": {
           "type": "string"
         },
@@ -1230,8 +1275,11 @@
         "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -1542,6 +1590,15 @@
         "connection": {
           "type": "string"
         },
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
         "endpoint": {
           "type": "string"
         },
@@ -1584,9 +1641,6 @@
           },
           "type": "array"
         },
-        "authentication": {
-          "$ref": "#/$defs/Authentication"
-        },
         "templateBody": {
           "type": "boolean"
         }
@@ -1693,9 +1747,6 @@
         "labels": {
           "$ref": "#/$defs/Labels"
         },
-        "connection": {
-          "type": "string"
-        },
         "jmx": {
           "$ref": "#/$defs/EnvVar"
         },
@@ -1833,11 +1884,14 @@
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "bindDN": {
           "type": "string"
@@ -1853,8 +1907,6 @@
       "type": "object",
       "required": [
         "name",
-        "host",
-        "auth",
         "bindDN"
       ]
     },
@@ -1969,15 +2021,20 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "MssqlCheck": {
@@ -2006,8 +2063,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -2019,8 +2082,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "MysqlCheck": {
@@ -2049,8 +2111,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -2062,8 +2130,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "NamespaceCheck": {
@@ -2269,8 +2336,11 @@
         "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -2286,7 +2356,6 @@
       "type": "object",
       "required": [
         "name",
-        "auth",
         "query",
         "index"
       ]
@@ -2422,8 +2491,14 @@
         "connection": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "url": {
+          "type": "string"
+        },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
         "query": {
           "type": "string"
@@ -2435,8 +2510,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "connection"
+        "name"
       ]
     },
     "PrometheusCheck": {
@@ -2462,12 +2536,21 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
+        "host": {
+          "type": "string"
+        },
         "connection": {
           "type": "string"
         },
-        "host": {
+        "url": {
           "type": "string"
         },
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
         "query": {
           "type": "string"
         }
@@ -2476,7 +2559,6 @@
       "type": "object",
       "required": [
         "name",
-        "host",
         "query"
       ]
     },
@@ -2569,11 +2651,17 @@
         "connection": {
           "type": "string"
         },
-        "addr": {
+        "url": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "addr": {
+          "type": "string"
         },
         "db": {
           "type": "integer"
@@ -2582,9 +2670,7 @@
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "name",
-        "addr",
-        "db"
+        "name"
       ]
     },
     "RelationshipSpec": {
@@ -2730,15 +2816,17 @@
         "host": {
           "type": "string"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
+        },
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         }
       },
       "additionalProperties": false,
       "type": "object",
       "required": [
-        "host",
-        "auth"
+        "host"
       ]
     },
     "SMBConnection": {
@@ -2749,27 +2837,18 @@
         "port": {
           "type": "integer"
         },
-        "auth": {
-          "$ref": "#/$defs/Authentication"
-        },
-        "domain": {
-          "type": "string"
-        },
-        "workstation": {
-          "type": "string"
+        "username": {
+          "$ref": "#/$defs/EnvVar"
         },
-        "sharename": {
-          "type": "string"
+        "password": {
+          "$ref": "#/$defs/EnvVar"
         },
-        "searchPath": {
+        "domain": {
           "type": "string"
         }
       },
       "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "auth"
-      ]
+      "type": "object"
     },
     "SecretKeySelector": {
       "properties": {
diff --git a/fixtures/aws/ec2_pass.yaml b/fixtures/aws/ec2_pass.yaml
index b70ea01ea..618dfe225 100644
--- a/fixtures/aws/ec2_pass.yaml
+++ b/fixtures/aws/ec2_pass.yaml
@@ -7,7 +7,7 @@ spec:
   spec:
     ec2:
       - description: test instance
-        accessKeyID:
+        accessKey:
           valueFrom:
             secretKeyRef:
               name: aws-credentials
diff --git a/fixtures/azure/devops.yaml b/fixtures/azure/devops.yaml
index 3c1f0062b..db6095f49 100644
--- a/fixtures/azure/devops.yaml
+++ b/fixtures/azure/devops.yaml
@@ -7,7 +7,8 @@ spec:
   azureDevops:
     - project: Demo1
       pipeline: ^windows-
-      personalAccessToken: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+      personalAccessToken:
+        value: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
       organization: flanksource
       variable:
         env: prod
diff --git a/fixtures/datasources/SFTP/sftp_pass.yaml b/fixtures/datasources/SFTP/sftp_pass.yaml
index 7f956fc4a..79d7c459f 100644
--- a/fixtures/datasources/SFTP/sftp_pass.yaml
+++ b/fixtures/datasources/SFTP/sftp_pass.yaml
@@ -9,9 +9,8 @@ spec:
       name: sample sftp check
       sftpConnection:
         host: 192.168.1.5
-        auth:
-          username:
-            value: <username>
-          password:
-            value: <password>
-      maxCount: 10
\ No newline at end of file
+        username:
+          value: <username>
+        password:
+          value: <password>
+      maxCount: 10
diff --git a/fixtures/datasources/elasticsearch_fail.yaml b/fixtures/datasources/elasticsearch_fail.yaml
index e2fac9271..db0ed8422 100644
--- a/fixtures/datasources/elasticsearch_fail.yaml
+++ b/fixtures/datasources/elasticsearch_fail.yaml
@@ -18,14 +18,13 @@ spec:
         }
       results: 1
       name: elasticsearch-fail
-      auth:
-        username:
-          valueFrom:
-            secretKeyRef:
-              name: search
-              key: ELASTIC_SEARCH_USERNAME
-        password:
-          valueFrom:
-            secretKeyRef:
-              name: search
-              key: ELASTIC_SEARCH_PASSWORD
+      username:
+        valueFrom:
+          secretKeyRef:
+            name: search
+            key: ELASTIC_SEARCH_USERNAME
+      password:
+        valueFrom:
+          secretKeyRef:
+            name: search
+            key: ELASTIC_SEARCH_PASSWORD
diff --git a/fixtures/datasources/elasticsearch_pass.yaml b/fixtures/datasources/elasticsearch_pass.yaml
index 7cee8c31f..5981488c8 100644
--- a/fixtures/datasources/elasticsearch_pass.yaml
+++ b/fixtures/datasources/elasticsearch_pass.yaml
@@ -18,14 +18,13 @@ spec:
         }
       results: 1
       name: elasticsearch_pass
-      auth:
-        username:
-          valueFrom:
-            secretKeyRef:
-              name: search
-              key: ELASTIC_SEARCH_USERNAME
-        password:
-          valueFrom:
-            secretKeyRef:
-              name: search
-              key: ELASTIC_SEARCH_PASSWORD
\ No newline at end of file
+      username:
+        valueFrom:
+          secretKeyRef:
+            name: search
+            key: ELASTIC_SEARCH_USERNAME
+      password:
+        valueFrom:
+          secretKeyRef:
+            name: search
+            key: ELASTIC_SEARCH_PASSWORD
diff --git a/fixtures/datasources/ldap_pass.yaml b/fixtures/datasources/ldap_pass.yaml
index 4804ef707..199a2e282 100644
--- a/fixtures/datasources/ldap_pass.yaml
+++ b/fixtures/datasources/ldap_pass.yaml
@@ -5,21 +5,19 @@ metadata:
 spec:
   interval: 30
   ldap:
-    - host: ldap://apacheds.ldap.svc.cluster.local:10389
+    - url: ldap://apacheds.ldap.svc.cluster.local:10389
       name: ldap user login
-      auth:
-        username:
-          value: uid=admin,ou=system
-        password:
-          value: secret
+      username:
+        value: uid=admin,ou=system
+      password:
+        value: secret
       bindDN: ou=users,dc=example,dc=com
       userSearch: "(&(objectClass=organizationalPerson))"
-    - host: ldap://apacheds.ldap.svc.cluster.local:10389
+    - url: ldap://apacheds.ldap.svc.cluster.local:10389
       name: ldap group login
-      auth:
-        username:
-          value: uid=admin,ou=system
-        password:
-          value: secret
+      username:
+        value: uid=admin,ou=system
+      password:
+        value: secret
       bindDN: ou=groups,dc=example,dc=com
       userSearch: "(&(objectClass=groupOfNames))"
diff --git a/fixtures/datasources/mongo_fail.yaml b/fixtures/datasources/mongo_fail.yaml
index e1ba27aca..69492e5c2 100644
--- a/fixtures/datasources/mongo_fail.yaml
+++ b/fixtures/datasources/mongo_fail.yaml
@@ -7,11 +7,10 @@ metadata:
 spec:
   interval: 30
   mongodb:
-    - connection: mongodb://mongo2.default.svc.cluster.local:27017/?authSource=admin
+    - url: mongodb://mongo2.default.svc.cluster.local:27017/?authSource=admin
       name: mongo wrong password
       description: test mongo instance
-      auth:
-        username:
-          value: mongoadmin
-        password:
-          value: wronghere2
+      username:
+        value: mongoadmin
+      password:
+        value: wronghere2
diff --git a/fixtures/datasources/mongo_pass.yaml b/fixtures/datasources/mongo_pass.yaml
index 5c037a646..46e4dabd6 100644
--- a/fixtures/datasources/mongo_pass.yaml
+++ b/fixtures/datasources/mongo_pass.yaml
@@ -5,14 +5,9 @@ metadata:
 spec:
   interval: 30
   mongodb:
-    - connection: mongodb://$(username):$(password)@mongo.default.svc.cluster.local:27017/?authSource=admin
+    - url: mongodb://$(username):$(password)@mongo.default.svc.cluster.local:27017/?authSource=admin
       name: mongo ping check
-      description: mongo ping
-      auth:
-        username:
-          value: mongoadmin
-        password:
-          value: secret
-  dns:
-    - query: mongo.default.svc.cluster.local
-      name: mongo dns check
+      username:
+        value: mongoadmin
+      password:
+        value: secret
diff --git a/fixtures/datasources/mssql_fail.yaml b/fixtures/datasources/mssql_fail.yaml
index 2027f9565..fb784396e 100644
--- a/fixtures/datasources/mssql_fail.yaml
+++ b/fixtures/datasources/mssql_fail.yaml
@@ -7,7 +7,7 @@ metadata:
 spec:
   interval: 30
   mssql:
-    - connection: "server=mssql.platformsystem;user id=sa;password=S0m3p@sswd;port=32010;database=master" #wrong server name for failure
+    - url: "server=mssql.platformsystem;user id=sa;password=S0m3p@sswd;port=32010;database=master" #wrong server name for failure
       name: mssql servername
       query: "SELECT 1"
       results: 1
diff --git a/fixtures/datasources/mssql_pass.yaml b/fixtures/datasources/mssql_pass.yaml
index d318f833b..032a1e867 100644
--- a/fixtures/datasources/mssql_pass.yaml
+++ b/fixtures/datasources/mssql_pass.yaml
@@ -5,12 +5,11 @@ metadata:
 spec:
   interval: 30
   mssql:
-    - connection: "server=mssql.default.svc.cluster.local;user id=$(username);password=$(password);port=1433;database=master"
+    - url: "server=mssql.default.svc.cluster.local;user id=$(username);password=$(password);port=1433;database=master"
       name: mssql pass
-      auth:
-        username:
-          value: sa
-        password:
-          value: S0m3p@sswd
+      username:
+        value: sa
+      password:
+        value: S0m3p@sswd
       query: "SELECT 1"
       results: 1
diff --git a/fixtures/datasources/mysql_fail.yaml b/fixtures/datasources/mysql_fail.yaml
index 4b1f947e0..e11bcf9a6 100644
--- a/fixtures/datasources/mysql_fail.yaml
+++ b/fixtures/datasources/mysql_fail.yaml
@@ -5,12 +5,11 @@ metadata:
 spec:
   interval: 30
   mysql:
-    - connection: "$(username):$(password)@tcp(mysql.default.svc.cluster.local:3306)/mysqldb"
+    - url: "$(username):$(password)@tcp(mysql.default.svc.cluster.local:3306)/mysqldb"
       name: mysql wrong password
-      auth:
-        username:
-          value: mysqladmin
-        password:
-          value: wrongpassword
+      username:
+        value: mysqladmin
+      password:
+        value: wrongpassword
       query: "SELECT 1"
       results: 1
diff --git a/fixtures/datasources/mysql_pass.yaml b/fixtures/datasources/mysql_pass.yaml
index ba8d9a5cb..4d785721e 100644
--- a/fixtures/datasources/mysql_pass.yaml
+++ b/fixtures/datasources/mysql_pass.yaml
@@ -5,12 +5,11 @@ metadata:
 spec:
   interval: 30
   mysql:
-    - connection: "$(username):$(password)@tcp(mysql.default.svc.cluster.local:3306)/mysqldb"
+    - url: "$(username):$(password)@tcp(mysql.default.svc.cluster.local:3306)/mysqldb"
       name: mysql ping check
-      auth:
-        username:
-          value: mysqladmin
-        password:
-          value: admin123
+      username:
+        value: mysqladmin
+      password:
+        value: admin123
       query: "SELECT 1"
       results: 1
diff --git a/fixtures/datasources/opensearch_fail.yaml b/fixtures/datasources/opensearch_fail.yaml
index 58269133f..8b3659bf6 100644
--- a/fixtures/datasources/opensearch_fail.yaml
+++ b/fixtures/datasources/opensearch_fail.yaml
@@ -21,14 +21,13 @@ spec:
           }
         }
       results: 100
-      auth:
-        username:
-          valueFrom:
-            secretKeyRef:
-              name: search
-              key: OPENSEARCH_USERNAME
-        password:
-          valueFrom:
-            secretKeyRef:
-              name: search
-              key: OPENSEARCH_PASSWORD
+      username:
+        valueFrom:
+          secretKeyRef:
+            name: search
+            key: OPENSEARCH_USERNAME
+      password:
+        valueFrom:
+          secretKeyRef:
+            name: search
+            key: OPENSEARCH_PASSWORD
diff --git a/fixtures/datasources/opensearch_pass.yaml b/fixtures/datasources/opensearch_pass.yaml
index cd88474bd..14b1dbe51 100644
--- a/fixtures/datasources/opensearch_pass.yaml
+++ b/fixtures/datasources/opensearch_pass.yaml
@@ -20,14 +20,13 @@ spec:
           }
         }
       results: 1
-      auth:
-        username:
-          valueFrom:
-            secretKeyRef:
-              name: search
-              key: OPENSEARCH_USERNAME
-        password:
-          valueFrom:
-            secretKeyRef:
-              name: search
-              key: OPENSEARCH_PASSWORD
+      username:
+        valueFrom:
+          secretKeyRef:
+            name: search
+            key: OPENSEARCH_USERNAME
+      password:
+        valueFrom:
+          secretKeyRef:
+            name: search
+            key: OPENSEARCH_PASSWORD
diff --git a/fixtures/datasources/postgres_fail.yaml b/fixtures/datasources/postgres_fail.yaml
index 1eb171236..07bedc172 100644
--- a/fixtures/datasources/postgres_fail.yaml
+++ b/fixtures/datasources/postgres_fail.yaml
@@ -8,12 +8,11 @@ metadata:
 spec:
   interval: 30
   postgres:
-    - connection: "user=$(username) dbname=pqgotest sslmode=verify-full"
+    - url: "user=$(username) dbname=pqgotest sslmode=verify-full"
       name: postgres blank password
-      auth:
-        username:
-          value: pqgotest
-        password:
-          value: ""
+      username:
+        value: pqgotest
+      password:
+        value: ""
       query: "SELECT 1"
       results: 1
diff --git a/fixtures/datasources/postgres_pass.yaml b/fixtures/datasources/postgres_pass.yaml
index b3a4909b3..1663cbed7 100644
--- a/fixtures/datasources/postgres_pass.yaml
+++ b/fixtures/datasources/postgres_pass.yaml
@@ -5,13 +5,12 @@ metadata:
 spec:
   interval: 30
   postgres:
-    - connection: "postgres://$(username):$(password)@postgres.default.svc.cluster.local:5432/postgres?sslmode=disable"
+    - url: "postgres://$(username):$(password)@postgres.default.svc.cluster.local:5432/postgres?sslmode=disable"
       name: postgres schemas check
-      auth:
-        username:
-          value: postgresadmin
-        password:
-          value: admin123
+      username:
+        value: postgresadmin
+      password:
+        value: admin123
       query: SELECT current_schemas(true)
       display:
         template: |
diff --git a/fixtures/datasources/prometheus.yaml b/fixtures/datasources/prometheus.yaml
index f87ed8974..85ca519e0 100644
--- a/fixtures/datasources/prometheus.yaml
+++ b/fixtures/datasources/prometheus.yaml
@@ -5,10 +5,8 @@ metadata:
 spec:
   interval: 30
   prometheus:
-    - host: https://prometheus.demo.aws.flanksource.com/
+    - url: https://prometheus.demo.aws.flanksource.com/
       name: prometheus-check
       query: kubernetes_build_info{job!~"kube-dns|coredns"}
       display:
-        template: "{{ (index .results 0).git_version }}"
-      test:
-        template: "true"
+        expr: results[0].git_version
diff --git a/fixtures/k8s/http_auth_configmap.yaml b/fixtures/k8s/http_auth_configmap.yaml
index 6080740b9..803ec0cc2 100644
--- a/fixtures/k8s/http_auth_configmap.yaml
+++ b/fixtures/k8s/http_auth_configmap.yaml
@@ -6,14 +6,13 @@ spec:
   http:
     - endpoint: https://httpbin.demo.aws.flanksource.com/basic-auth/hello/world
       responseCodes: [200]
-      authentication:
-        username:
-          valueFrom:
-            configMapKeyRef:
-              name: basic-auth
-              key: user
-        password:
-          valueFrom:
-            configMapKeyRef:
-              name: basic-auth
-              key: pass
+      username:
+        valueFrom:
+          configMapKeyRef:
+            name: basic-auth
+            key: user
+      password:
+        valueFrom:
+          configMapKeyRef:
+            name: basic-auth
+            key: pass
diff --git a/fixtures/k8s/http_auth_secret.yaml b/fixtures/k8s/http_auth_secret.yaml
index 431c960c2..20290d7d4 100644
--- a/fixtures/k8s/http_auth_secret.yaml
+++ b/fixtures/k8s/http_auth_secret.yaml
@@ -8,14 +8,13 @@ spec:
   http:
     - endpoint: https://httpbin.demo.aws.flanksource.com/basic-auth/hello/world
       responseCodes: [200]
-      authentication:
-        username:
-          valueFrom:
-            secretKeyRef:
-              name: basic-auth
-              key: user
-        password:
-          valueFrom:
-            secretKeyRef:
-              name: basic-auth
-              key: pass
+      username:
+        valueFrom:
+          secretKeyRef:
+            name: basic-auth
+            key: user
+      password:
+        valueFrom:
+          secretKeyRef:
+            name: basic-auth
+            key: pass
diff --git a/fixtures/minimal/http_auth.yaml b/fixtures/minimal/http_auth.yaml
index 562aca01e..d557779f1 100644
--- a/fixtures/minimal/http_auth.yaml
+++ b/fixtures/minimal/http_auth.yaml
@@ -8,8 +8,7 @@ spec:
       responseCodes: [401]
     - endpoint: https://httpbin.demo.aws.flanksource.com/basic-auth/hello/world
       responseCodes: [200]
-      authentication:
-        username:
-          value: hello
-        password:
-          value: world
+      username:
+        value: hello
+      password:
+        value: world
diff --git a/fixtures/minimal/http_pass_results_mode_pass.yaml b/fixtures/minimal/http_pass_results_mode_pass.yaml
index eb68efac3..95335ff03 100644
--- a/fixtures/minimal/http_pass_results_mode_pass.yaml
+++ b/fixtures/minimal/http_pass_results_mode_pass.yaml
@@ -6,14 +6,14 @@ spec:
   resultMode: "junit"
   interval: 30
   http:
-    - endpoint: https://httpbin.demo.aws.flanksource.com/status/200
+    - url: https://httpbin.demo.aws.flanksource.com/status/200
       name: http pass response 200 status code
       thresholdMillis: 30000
       responseCodes: [201, 301, 200]
       responseContent: ""
       maxSSLExpiry: 7
       description: "HTTP dummy test 2"
-    - endpoint: https://httpbin.demo.aws.flanksource.com/status/201
+    - url: https://httpbin.demo.aws.flanksource.com/status/201
       name: http pass response 201 status code
       thresholdMillis: 30000
       responseCodes: [201]
diff --git a/fixtures/minimal/http_pass_single.yaml b/fixtures/minimal/http_pass_single.yaml
index 0781868a2..a3619f58c 100644
--- a/fixtures/minimal/http_pass_single.yaml
+++ b/fixtures/minimal/http_pass_single.yaml
@@ -8,10 +8,17 @@ spec:
   interval: 30
   http:
     - endpoint: https://httpbin.demo.aws.flanksource.com/status/200
-      name: sample-check
-      thresholdMillis: 3000
+      name: http-deprecated-endpoint
+    - name: http-minimal-check
+      url: https://httpbin.demo.aws.flanksource.com/status/200
+    - name: http-param-tests
+      url: https://httpbin.demo.aws.flanksource.com/status/200
       responseCodes: [201, 200, 301]
       responseContent: ""
       maxSSLExpiry: 7
+    - name: http-expr-tests
+      url: https://httpbin.demo.aws.flanksource.com/status/200
       test:
-        expr: "code == 200"
+        expr: "code in [200,201,301] and sslAge > Duration('7d')"
+      display:
+        template: "code={{.code}}, age={{.sslAge}}"
diff --git a/fixtures/quarantine/smb_pass.yaml b/fixtures/quarantine/smb_pass.yaml
index 6733a4e3c..612dde49b 100644
--- a/fixtures/quarantine/smb_pass.yaml
+++ b/fixtures/quarantine/smb_pass.yaml
@@ -8,17 +8,16 @@ spec:
     # Check for any backup not older than 7 days and min size 25 bytes
     - path: \\windows-server\sharename\folder
       smbConnection:
-        auth:
-          username:
-            valueFrom:
-              secretKeyRef:
-                name: smb-credentials
-                key: USERNAME
-          password:
-            valueFrom:
-              secretKeyRef:
-                name: ssmb-credentials
-                key: PASSWORD
+        username:
+          valueFrom:
+            secretKeyRef:
+              name: smb-credentials
+              key: USERNAME
+        password:
+          valueFrom:
+            secretKeyRef:
+              name: ssmb-credentials
+              key: PASSWORD
       filter:
         regex: "(.*)backup.zip$"
       maxAge: 7d

From 2dbc3a8b683425a01895bfa4ae334071b0f40ced Mon Sep 17 00:00:00 2001
From: Moshe Immerman <moshe@flanksource.com>
Date: Mon, 3 Jul 2023 10:02:35 +0300
Subject: [PATCH 02/10] chore: inline Cloudwatch.filter

---
 api/v1/checks.go                             | 16 ++++++++--------
 api/v1/zz_generated.deepcopy.go              |  2 +-
 checks/cloudwatch.go                         |  8 ++++----
 config/schemas/canary.schema.json            | 18 ++++--------------
 config/schemas/component.schema.json         | 18 ++++--------------
 config/schemas/health_cloudwatch.schema.json | 18 ++++--------------
 config/schemas/topology.schema.json          | 18 ++++--------------
 7 files changed, 29 insertions(+), 69 deletions(-)

diff --git a/api/v1/checks.go b/api/v1/checks.go
index 83f08d338..206a10dc6 100644
--- a/api/v1/checks.go
+++ b/api/v1/checks.go
@@ -144,10 +144,10 @@ func (c S3Check) GetType() string {
 }
 
 type CloudWatchCheck struct {
-	Description   `yaml:",inline" json:",inline"`
-	AWSConnection `yaml:",inline" json:",inline"`
-	Templatable   `yaml:",inline" json:",inline"`
-	Filter        CloudWatchFilter `yaml:",inline" json:",inline"`
+	Description      `yaml:",inline" json:",inline"`
+	AWSConnection    `yaml:",inline" json:",inline"`
+	Templatable      `yaml:",inline" json:",inline"`
+	CloudWatchFilter `yaml:",inline" json:",inline"`
 }
 
 type CloudWatchFilter struct {
@@ -159,11 +159,11 @@ type CloudWatchFilter struct {
 
 func (c CloudWatchCheck) GetEndpoint() string {
 	endpoint := c.Region
-	if c.Filter.ActionPrefix != nil {
-		endpoint += "-" + *c.Filter.ActionPrefix
+	if c.CloudWatchFilter.ActionPrefix != nil {
+		endpoint += "-" + *c.CloudWatchFilter.ActionPrefix
 	}
-	if c.Filter.AlarmPrefix != nil {
-		endpoint += "-" + *c.Filter.AlarmPrefix
+	if c.CloudWatchFilter.AlarmPrefix != nil {
+		endpoint += "-" + *c.CloudWatchFilter.AlarmPrefix
 	}
 	return endpoint
 }
diff --git a/api/v1/zz_generated.deepcopy.go b/api/v1/zz_generated.deepcopy.go
index e8724addd..838328380 100644
--- a/api/v1/zz_generated.deepcopy.go
+++ b/api/v1/zz_generated.deepcopy.go
@@ -741,7 +741,7 @@ func (in *CloudWatchCheck) DeepCopyInto(out *CloudWatchCheck) {
 	in.Description.DeepCopyInto(&out.Description)
 	in.AWSConnection.DeepCopyInto(&out.AWSConnection)
 	out.Templatable = in.Templatable
-	in.Filter.DeepCopyInto(&out.Filter)
+	in.CloudWatchFilter.DeepCopyInto(&out.CloudWatchFilter)
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudWatchCheck.
diff --git a/checks/cloudwatch.go b/checks/cloudwatch.go
index 2b4a85d45..aeb745aae 100644
--- a/checks/cloudwatch.go
+++ b/checks/cloudwatch.go
@@ -49,10 +49,10 @@ func (c *CloudWatchChecker) Check(ctx *context.Context, extConfig external.Check
 	client := cloudwatch.NewFromConfig(*cfg)
 	maxRecords := int32(100)
 	alarms, err := client.DescribeAlarms(ctx, &cloudwatch.DescribeAlarmsInput{
-		AlarmNames:      check.Filter.Alarms,
-		AlarmNamePrefix: check.Filter.AlarmPrefix,
-		ActionPrefix:    check.Filter.ActionPrefix,
-		StateValue:      types.StateValue(check.Filter.State),
+		AlarmNames:      check.CloudWatchFilter.Alarms,
+		AlarmNamePrefix: check.CloudWatchFilter.AlarmPrefix,
+		ActionPrefix:    check.CloudWatchFilter.ActionPrefix,
+		StateValue:      types.StateValue(check.CloudWatchFilter.State),
 		MaxRecords:      &maxRecords,
 	})
 	if err != nil {
diff --git a/config/schemas/canary.schema.json b/config/schemas/canary.schema.json
index 953269aa0..225d7af56 100644
--- a/config/schemas/canary.schema.json
+++ b/config/schemas/canary.schema.json
@@ -704,19 +704,6 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
-        "Filter": {
-          "$ref": "#/$defs/CloudWatchFilter"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "name",
-        "Filter"
-      ]
-    },
-    "CloudWatchFilter": {
-      "properties": {
         "actionPrefix": {
           "type": "string"
         },
@@ -734,7 +721,10 @@
         }
       },
       "additionalProperties": false,
-      "type": "object"
+      "type": "object",
+      "required": [
+        "name"
+      ]
     },
     "ConfigDBCheck": {
       "properties": {
diff --git a/config/schemas/component.schema.json b/config/schemas/component.schema.json
index 82b2ca9cd..bb155fe66 100644
--- a/config/schemas/component.schema.json
+++ b/config/schemas/component.schema.json
@@ -610,19 +610,6 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
-        "Filter": {
-          "$ref": "#/$defs/CloudWatchFilter"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "name",
-        "Filter"
-      ]
-    },
-    "CloudWatchFilter": {
-      "properties": {
         "actionPrefix": {
           "type": "string"
         },
@@ -640,7 +627,10 @@
         }
       },
       "additionalProperties": false,
-      "type": "object"
+      "type": "object",
+      "required": [
+        "name"
+      ]
     },
     "Component": {
       "properties": {
diff --git a/config/schemas/health_cloudwatch.schema.json b/config/schemas/health_cloudwatch.schema.json
index 821187ca1..dac455c88 100644
--- a/config/schemas/health_cloudwatch.schema.json
+++ b/config/schemas/health_cloudwatch.schema.json
@@ -50,19 +50,6 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
-        "Filter": {
-          "$ref": "#/$defs/CloudWatchFilter"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "name",
-        "Filter"
-      ]
-    },
-    "CloudWatchFilter": {
-      "properties": {
         "actionPrefix": {
           "type": "string"
         },
@@ -80,7 +67,10 @@
         }
       },
       "additionalProperties": false,
-      "type": "object"
+      "type": "object",
+      "required": [
+        "name"
+      ]
     },
     "ConfigMapKeySelector": {
       "properties": {
diff --git a/config/schemas/topology.schema.json b/config/schemas/topology.schema.json
index 480460cd2..2db544f6b 100644
--- a/config/schemas/topology.schema.json
+++ b/config/schemas/topology.schema.json
@@ -610,19 +610,6 @@
         "transform": {
           "$ref": "#/$defs/Template"
         },
-        "Filter": {
-          "$ref": "#/$defs/CloudWatchFilter"
-        }
-      },
-      "additionalProperties": false,
-      "type": "object",
-      "required": [
-        "name",
-        "Filter"
-      ]
-    },
-    "CloudWatchFilter": {
-      "properties": {
         "actionPrefix": {
           "type": "string"
         },
@@ -640,7 +627,10 @@
         }
       },
       "additionalProperties": false,
-      "type": "object"
+      "type": "object",
+      "required": [
+        "name"
+      ]
     },
     "ComponentCheck": {
       "properties": {

From a182ee70bc8b08fd67af9bf47ce87f25141315af Mon Sep 17 00:00:00 2001
From: Yash Mehrotra <yashmehrotra95@gmail.com>
Date: Wed, 5 Jul 2023 12:28:58 +0530
Subject: [PATCH 03/10] feat: add test for component check relationships

---
 pkg/topology/checks/component_check_test.go | 73 ++++++++++++++++
 pkg/topology/checks/suite_test.go           | 96 +++++++++++++++++++++
 2 files changed, 169 insertions(+)
 create mode 100644 pkg/topology/checks/component_check_test.go
 create mode 100644 pkg/topology/checks/suite_test.go

diff --git a/pkg/topology/checks/component_check_test.go b/pkg/topology/checks/component_check_test.go
new file mode 100644
index 000000000..5f9b6d64a
--- /dev/null
+++ b/pkg/topology/checks/component_check_test.go
@@ -0,0 +1,73 @@
+package checks
+
+import (
+	v1 "github.com/flanksource/canary-checker/api/v1"
+	"github.com/flanksource/canary-checker/pkg"
+	"github.com/flanksource/canary-checker/pkg/db"
+	"github.com/flanksource/duty/models"
+	"github.com/google/uuid"
+	ginkgo "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+var _ = ginkgo.Describe("Test component check sync job", ginkgo.Ordered, func() {
+	component := pkg.Component{
+		Name: "Component",
+		ComponentChecks: []v1.ComponentCheck{{
+			Selector: v1.ResourceSelector{
+				Name:          "ComponentCheckSelector",
+				LabelSelector: "check-target=api",
+			},
+		}},
+	}
+	canary := models.Canary{
+		ID:   uuid.New(),
+		Name: "Canary",
+		Spec: []byte(`{"spec": {}}`),
+	}
+
+	ginkgo.BeforeAll(func() {
+		err := db.Gorm.Create(&component).Error
+		Expect(err).To(BeNil())
+
+		err = db.Gorm.Create(&canary).Error
+		Expect(err).To(BeNil())
+
+		check1 := pkg.Check{
+			Name:     "Check-1",
+			CanaryID: canary.ID,
+			Labels: map[string]string{
+				"check-target": "api",
+				"name":         "check-1",
+			},
+		}
+		check2 := pkg.Check{
+			Name:     "Check-2",
+			CanaryID: canary.ID,
+			Labels: map[string]string{
+				"check-target": "ui",
+				"name":         "check-2",
+			},
+		}
+		check3 := pkg.Check{
+			Name:     "Check-3",
+			CanaryID: canary.ID,
+			Labels: map[string]string{
+				"check-target": "api",
+				"name":         "check-3",
+			},
+		}
+
+		err = db.Gorm.Create([]pkg.Check{check1, check2, check3}).Error
+		Expect(err).To(BeNil())
+	})
+
+	ginkgo.It("should create check component relationships", func() {
+		ComponentCheckRun()
+		cr, err := db.GetCheckRelationshipsForComponent(component.ID)
+		Expect(err).To(BeNil())
+
+		// Check-1 and Check-3 should be present but not Check-2
+		Expect(len(cr)).To(Equal(2))
+	})
+})
diff --git a/pkg/topology/checks/suite_test.go b/pkg/topology/checks/suite_test.go
new file mode 100644
index 000000000..a464679fc
--- /dev/null
+++ b/pkg/topology/checks/suite_test.go
@@ -0,0 +1,96 @@
+package checks
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"os"
+	"testing"
+
+	embeddedPG "github.com/fergusstrange/embedded-postgres"
+	"github.com/flanksource/canary-checker/pkg/db"
+	"github.com/flanksource/commons/logger"
+	"github.com/flanksource/duty"
+	"github.com/jackc/pgx/v5/pgxpool"
+	"github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	"gorm.io/gorm"
+)
+
+var (
+	postgresServer *embeddedPG.EmbeddedPostgres
+)
+
+func TestComponentCheckRun(t *testing.T) {
+	RegisterFailHandler(ginkgo.Fail)
+	ginkgo.RunSpecs(t, "Test component check runs")
+}
+
+var _ = ginkgo.BeforeSuite(func() {
+	port := 9841
+	config := GetPGConfig("test_component_check", port)
+	postgresServer = embeddedPG.NewDatabase(config)
+	if err := postgresServer.Start(); err != nil {
+		ginkgo.Fail(err.Error())
+	}
+	logger.Infof("Started postgres on port: %d", port)
+
+	db.Gorm, db.Pool = setupDB(fmt.Sprintf("postgres://postgres:postgres@localhost:%d/test_component_check?sslmode=disable", port))
+})
+
+var _ = ginkgo.AfterSuite(func() {
+	logger.Infof("Stopping postgres")
+	if err := postgresServer.Stop(); err != nil {
+		ginkgo.Fail(err.Error())
+	}
+})
+
+func setupDB(connectionString string) (*gorm.DB, *pgxpool.Pool) {
+	pgxpool, err := duty.NewPgxPool(connectionString)
+	if err != nil {
+		ginkgo.Fail(err.Error())
+	}
+
+	conn, err := pgxpool.Acquire(context.Background())
+	if err != nil {
+		ginkgo.Fail(err.Error())
+	}
+	defer conn.Release()
+
+	gormDB, err := duty.NewGorm(connectionString, duty.DefaultGormConfig())
+	if err != nil {
+		ginkgo.Fail(err.Error())
+	}
+
+	if err = duty.Migrate(connectionString, nil); err != nil {
+		ginkgo.Fail(err.Error())
+	}
+
+	return gormDB, pgxpool
+}
+
+func GetPGConfig(database string, port int) embeddedPG.Config {
+	// We are firing up multiple instances of the embedded postgres server at once when running tests in parallel.
+	//
+	// By default fergusstrange/embedded-postgres directly extracts the Postgres binary to a set location
+	// (/home/runner/.embedded-postgres-go/extracted/bin/initdb) and starts it.
+	// If two instances try to do this at the same time, they conflict, and throw the error
+	// "unable to extract postgres archive: open /home/runner/.embedded-postgres-go/extracted/bin/initdb: text file busy."
+	//
+	// This is a way to have separate instances of the running postgres servers.
+
+	var runTimePath string
+	homeDir, err := os.UserHomeDir()
+	if err != nil {
+		logger.Errorf("error getting user home dir: %v", err)
+		runTimePath = fmt.Sprintf("/tmp/.embedded-postgres-go/extracted-%d", port)
+	} else {
+		runTimePath = fmt.Sprintf("%s/.embedded-postgres-go/extracted-%d", homeDir, port)
+	}
+
+	return embeddedPG.DefaultConfig().
+		Database(database).
+		Port(uint32(port)).
+		RuntimePath(runTimePath).
+		Logger(io.Discard)
+}

From 611aa51908644bac6b4b0646a9d5b8278539bbbb Mon Sep 17 00:00:00 2001
From: Yash Mehrotra <yashmehrotra95@gmail.com>
Date: Wed, 5 Jul 2023 19:29:08 +0530
Subject: [PATCH 04/10] feat: add status for pods (#1123)

* feat: add status for pods in kubernetes topology

* chore: update status and status reason fields for k8s
---
 api/v1/checks.go     |  7 -------
 checks/kubernetes.go | 20 +++++---------------
 go.mod               |  1 +
 go.sum               |  4 +++-
 templating/js/k8s.js | 33 ++-------------------------------
 5 files changed, 11 insertions(+), 54 deletions(-)

diff --git a/api/v1/checks.go b/api/v1/checks.go
index d73c7adf1..83063bc1b 100644
--- a/api/v1/checks.go
+++ b/api/v1/checks.go
@@ -978,13 +978,6 @@ func (c KubernetesCheck) GetEndpoint() string {
 	return fmt.Sprintf("%v/%v/%v", c.Kind, c.Description.Description, c.Namespace.Name)
 }
 
-func (c KubernetesCheck) CheckReady() bool {
-	if c.Ready == nil {
-		return true
-	}
-	return *c.Ready
-}
-
 type AWSConnection struct {
 	// ConnectionName of the connection. It'll be used to populate the endpoint, accessKey and secretKey.
 	ConnectionName string       `yaml:"connection,omitempty" json:"connection,omitempty"`
diff --git a/checks/kubernetes.go b/checks/kubernetes.go
index 4d1272472..7367aef78 100644
--- a/checks/kubernetes.go
+++ b/checks/kubernetes.go
@@ -7,7 +7,7 @@ import (
 	"github.com/flanksource/canary-checker/api/external"
 	v1 "github.com/flanksource/canary-checker/api/v1"
 	"github.com/flanksource/canary-checker/pkg"
-	"github.com/flanksource/kommons"
+	"github.com/flanksource/is-healthy/pkg/health"
 	"github.com/gobwas/glob"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
@@ -50,8 +50,6 @@ func (c *KubernetesChecker) Check(ctx *context.Context, extConfig external.Check
 	}
 	var allResources []unstructured.Unstructured
 
-	message := ""
-
 	for _, namespace := range namespaces {
 		resources, err := getResourcesFromNamespace(ctx, client, check, namespace)
 		if err != nil {
@@ -65,15 +63,10 @@ func (c *KubernetesChecker) Check(ctx *context.Context, extConfig external.Check
 			}
 		}
 		ctx.Tracef("Found %d resources in namespace %s with label=%s field=%s", len(resources), namespace, check.Resource.LabelSelector, check.Resource.FieldSelector)
-		if check.CheckReady() {
-			for _, resource := range resources {
-				ready, msg := ctx.Kommons.IsReady(&resource)
-				if !ready {
-					if message != "" {
-						message += ", "
-					}
-					message += fmt.Sprintf("%s is not ready: %v", kommons.GetName(resource), msg)
-				}
+		for _, resource := range resources {
+			resourceHealth, err := health.GetResourceHealth(&resource, nil)
+			if err == nil {
+				resource.Object["healthStatus"] = resourceHealth
 			}
 		}
 		allResources = append(allResources, resources...)
@@ -82,9 +75,6 @@ func (c *KubernetesChecker) Check(ctx *context.Context, extConfig external.Check
 		return results.Failf("no resources found")
 	}
 	result.AddDetails(allResources)
-	if message != "" {
-		return results.Failf(message)
-	}
 	return results
 }
 
diff --git a/go.mod b/go.mod
index b8473af16..73afdf050 100644
--- a/go.mod
+++ b/go.mod
@@ -23,6 +23,7 @@ require (
 	github.com/fergusstrange/embedded-postgres v1.21.0
 	github.com/flanksource/commons v1.10.0
 	github.com/flanksource/duty v1.0.113
+	github.com/flanksource/is-healthy v0.0.0-20230705092916-3b4cf510c5fc
 	github.com/flanksource/kommons v0.31.1
 	github.com/friendsofgo/errors v0.9.2
 	github.com/go-ldap/ldap/v3 v3.4.1
diff --git a/go.sum b/go.sum
index deb0c11f5..966e764d7 100644
--- a/go.sum
+++ b/go.sum
@@ -1096,6 +1096,8 @@ github.com/flanksource/duty v1.0.113/go.mod h1:RJ/kcZ7dbL8/52tem757szVIA3IomS8bO
 github.com/flanksource/gomplate/v3 v3.20.1/go.mod h1:LPpzujBIg9HBXRUngDKK/zNmEjHpEUieKa/2oRjkCzI=
 github.com/flanksource/gomplate/v3 v3.20.3 h1:mnNaO37uwvv8Kvi4Xswj1tHKP5UMre3FLNaKvAwqhSw=
 github.com/flanksource/gomplate/v3 v3.20.3/go.mod h1:l4iCvp30TdhZk89eRGuNkPwlRjJLXdUSblr+VyuZfAk=
+github.com/flanksource/is-healthy v0.0.0-20230705092916-3b4cf510c5fc h1:CPUNUw2pHnlF4ucBHx44vLTcCa4FlEEu6PkNo5rCvD4=
+github.com/flanksource/is-healthy v0.0.0-20230705092916-3b4cf510c5fc/go.mod h1:4pQhmF+TnVqJroQKY8wSnSp+T18oLson6YQ2M0qPHfQ=
 github.com/flanksource/kommons v0.31.1 h1:WZjrIYbSAR7xzIvP2uSRQcn5wPi4W9gAasuOM5CD854=
 github.com/flanksource/kommons v0.31.1/go.mod h1:kJfMnFWiqsfE8koab54W2GsmgvrlESDrcUtwvbQS9aY=
 github.com/flowstack/go-jsonschema v0.1.1/go.mod h1:yL7fNggx1o8rm9RlgXv7hTBWxdBM0rVwpMwimd3F3N0=
@@ -2292,8 +2294,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.5/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
 github.com/subosito/gotenv v1.4.1/go.mod h1:ayKnFf/c6rvx/2iiLrJUk1e6plDbT3edrFNGqEflhK0=
 github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
diff --git a/templating/js/k8s.js b/templating/js/k8s.js
index 7f91018b4..4f53b5156 100644
--- a/templating/js/k8s.js
+++ b/templating/js/k8s.js
@@ -1,21 +1,7 @@
 k8s = {
   conditions: {
     getMessage: function(v) {
-      message = ""
-      if (v.status == null) {
-        return "No status found"
-      }
-      status = v.status
-      if (status.conditions == null) {
-        return "no conditions found"
-      }
-      status.conditions.forEach(function(state) {
-        if (state.status != "True") {
-          message += state.type
-          message += " "
-        }
-      })
-      return message.trim()
+      return v.healthStatus.message.trim();
     },
     getError: function(v) {
       active = []
@@ -45,22 +31,7 @@ k8s = {
       return errorMessage
     },
     isReady: function(v) {
-      if (v.status == null) {
-        return false
-      }
-      status = v.status
-      if (status.conditions == null) {
-        return false
-      }
-      ready = true
-      status.conditions.forEach(function(state) {
-        if (state.type == "Ready") {
-          if (state.status != "True") {
-            ready = false
-          }
-        }
-      })
-      return ready
+      return v.healthStatus.status.toLowerCase() === "healthy" ? true : false;
     },
   },
   getAlertName: function(v) {

From 87d0ae029642f49d5f612da61d334ca68663f9ae Mon Sep 17 00:00:00 2001
From: moshloop <moshloop@users.noreply.github.com>
Date: Thu, 6 Jul 2023 05:42:34 +0000
Subject: [PATCH 05/10] chore: bump duty to v1.0.121

---
 go.mod                       | 2 +-
 go.sum                       | 4 ++--
 hack/generate-schemas/go.mod | 2 +-
 hack/generate-schemas/go.sum | 6 +++---
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/go.mod b/go.mod
index 73afdf050..2cfd94cff 100644
--- a/go.mod
+++ b/go.mod
@@ -22,7 +22,7 @@ require (
 	github.com/elastic/go-elasticsearch/v8 v8.1.0
 	github.com/fergusstrange/embedded-postgres v1.21.0
 	github.com/flanksource/commons v1.10.0
-	github.com/flanksource/duty v1.0.113
+	github.com/flanksource/duty v1.0.121
 	github.com/flanksource/is-healthy v0.0.0-20230705092916-3b4cf510c5fc
 	github.com/flanksource/kommons v0.31.1
 	github.com/friendsofgo/errors v0.9.2
diff --git a/go.sum b/go.sum
index 966e764d7..1260ca9fc 100644
--- a/go.sum
+++ b/go.sum
@@ -1091,8 +1091,8 @@ github.com/fergusstrange/embedded-postgres v1.21.0 h1:Sups0nR31+OB4iOZ0ZU4IwUDsB
 github.com/fergusstrange/embedded-postgres v1.21.0/go.mod h1:wL562t1V+iuFwq0UcgMi2e9rp8CROY9wxWZEfP8Y874=
 github.com/flanksource/commons v1.10.0 h1:Mc+fzxq1rOJ08lapF0cc0bo9ZKNDxA7/81q2D/5jt0Q=
 github.com/flanksource/commons v1.10.0/go.mod h1:HpVjPtNe7v0UPk97kO/uUhOrYQ8yFD/mGglrTCkc9Ag=
-github.com/flanksource/duty v1.0.113 h1:iQeMhn/Vjz+Rap4TpniGEwLOXcFeg9+X1GtcUsWp3+g=
-github.com/flanksource/duty v1.0.113/go.mod h1:RJ/kcZ7dbL8/52tem757szVIA3IomS8bOAZIK0xb4rk=
+github.com/flanksource/duty v1.0.121 h1:pSFCbwV+ic9gKklwCtJxKsrR5M9CJuooK37l34gja6o=
+github.com/flanksource/duty v1.0.121/go.mod h1:RJ/kcZ7dbL8/52tem757szVIA3IomS8bOAZIK0xb4rk=
 github.com/flanksource/gomplate/v3 v3.20.1/go.mod h1:LPpzujBIg9HBXRUngDKK/zNmEjHpEUieKa/2oRjkCzI=
 github.com/flanksource/gomplate/v3 v3.20.3 h1:mnNaO37uwvv8Kvi4Xswj1tHKP5UMre3FLNaKvAwqhSw=
 github.com/flanksource/gomplate/v3 v3.20.3/go.mod h1:l4iCvp30TdhZk89eRGuNkPwlRjJLXdUSblr+VyuZfAk=
diff --git a/hack/generate-schemas/go.mod b/hack/generate-schemas/go.mod
index 276823dba..04357b847 100644
--- a/hack/generate-schemas/go.mod
+++ b/hack/generate-schemas/go.mod
@@ -73,7 +73,7 @@ require (
 	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/dustin/gojson v0.0.0-20160307161227-2e71ec9dd5ad // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
-	github.com/flanksource/duty v1.0.113 // indirect
+	github.com/flanksource/duty v1.0.121 // indirect
 	github.com/ghodss/yaml v1.0.0 // indirect
 	github.com/go-logr/logr v1.2.4 // indirect
 	github.com/go-openapi/inflect v0.19.0 // indirect
diff --git a/hack/generate-schemas/go.sum b/hack/generate-schemas/go.sum
index cd4aa426e..bade3e1af 100644
--- a/hack/generate-schemas/go.sum
+++ b/hack/generate-schemas/go.sum
@@ -811,8 +811,8 @@ github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSw
 github.com/fergusstrange/embedded-postgres v1.21.0 h1:Sups0nR31+OB4iOZ0ZU4IwUDsB+dVGmcqj4S2ko0qTI=
 github.com/flanksource/commons v1.10.0 h1:Mc+fzxq1rOJ08lapF0cc0bo9ZKNDxA7/81q2D/5jt0Q=
 github.com/flanksource/commons v1.10.0/go.mod h1:HpVjPtNe7v0UPk97kO/uUhOrYQ8yFD/mGglrTCkc9Ag=
-github.com/flanksource/duty v1.0.113 h1:iQeMhn/Vjz+Rap4TpniGEwLOXcFeg9+X1GtcUsWp3+g=
-github.com/flanksource/duty v1.0.113/go.mod h1:RJ/kcZ7dbL8/52tem757szVIA3IomS8bOAZIK0xb4rk=
+github.com/flanksource/duty v1.0.121 h1:pSFCbwV+ic9gKklwCtJxKsrR5M9CJuooK37l34gja6o=
+github.com/flanksource/duty v1.0.121/go.mod h1:RJ/kcZ7dbL8/52tem757szVIA3IomS8bOAZIK0xb4rk=
 github.com/flanksource/gomplate/v3 v3.20.1/go.mod h1:LPpzujBIg9HBXRUngDKK/zNmEjHpEUieKa/2oRjkCzI=
 github.com/flanksource/gomplate/v3 v3.20.3 h1:mnNaO37uwvv8Kvi4Xswj1tHKP5UMre3FLNaKvAwqhSw=
 github.com/flanksource/gomplate/v3 v3.20.3/go.mod h1:l4iCvp30TdhZk89eRGuNkPwlRjJLXdUSblr+VyuZfAk=
@@ -1481,8 +1481,8 @@ github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W
 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
 github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
 github.com/onsi/ginkgo v1.16.2/go.mod h1:CObGmKUOKaSC0RjmoAK7tKyn4Azo5P2IWuoMnvwxz1E=
+github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc=
 github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0=
-github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
 github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c=
 github.com/onsi/ginkgo/v2 v2.1.4/go.mod h1:um6tUpWM/cxCK3/FK8BXqEiUMUwRgSM4JXG47RKZmLU=
 github.com/onsi/ginkgo/v2 v2.1.6/go.mod h1:MEH45j8TBi6u9BMogfbp0stKC5cdGjumZj5Y7AG4VIk=

From c84e7521bf527ca6c099caf026daff59627c24a1 Mon Sep 17 00:00:00 2001
From: Aditya Thebe <thebeaditya@gmail.com>
Date: Thu, 6 Jul 2023 16:39:46 +0545
Subject: [PATCH 06/10] feat: add aggregation to graph api

* feat: aggregate check statuses into windows

* calculate the window duration

* do not peform aggregation if the number of check statuses in the time range is
  within the limit.

* chore: added notes

* feat: select the closest range

* feat: limit the time window we select to a few options

* chore: renamed func

* chore: use total runs intead of uptime.Total()

* refactor: improve the partitioning window calculation
---
 pkg/api.go                  |  5 ++
 pkg/api/api.go              | 80 +++++++++++++++++++++++++++++++-
 pkg/api/api_test.go         | 40 ++++++++++++++++
 pkg/api/utils.go            | 11 +++++
 pkg/cache/cache.go          | 13 ++++--
 pkg/cache/postgres.go       |  4 +-
 pkg/cache/postgres_query.go | 92 ++++++++++++++++++++-----------------
 7 files changed, 195 insertions(+), 50 deletions(-)
 create mode 100644 pkg/api/api_test.go

diff --git a/pkg/api.go b/pkg/api.go
index 2d61d7b7d..3a0b4aadb 100644
--- a/pkg/api.go
+++ b/pkg/api.go
@@ -202,6 +202,11 @@ type Check struct {
 	DeletedAt          *time.Time          `json:"deletedAt,omitempty"`
 	SilencedAt         *time.Time          `json:"silencedAt,omitempty"`
 	Canary             *v1.Canary          `json:"-" gorm:"-"`
+
+	// These are calculated for the selected date range
+	EarliestRuntime *time.Time `json:"earliestRuntime,omitempty" gorm:"-"`
+	LatestRuntime   *time.Time `json:"latestRuntime,omitempty" gorm:"-"`
+	TotalRuns       int        `json:"totalRuns,omitempty" gorm:"-"`
 }
 
 func FromExternalCheck(canary Canary, check external.Check) Check {
diff --git a/pkg/api/api.go b/pkg/api/api.go
index 5b72e7474..4e4465dd5 100644
--- a/pkg/api/api.go
+++ b/pkg/api/api.go
@@ -12,7 +12,27 @@ import (
 	"github.com/flanksource/canary-checker/pkg"
 )
 
-var DefaultWindow = "1h"
+// The number of data points that should be strived for
+// when aggregating check statuses.
+const desiredNumOfCheckStatuses = 100
+
+var (
+	DefaultWindow = "1h"
+
+	// allowed list of window durations that are used when aggregating check statuses.
+	allowedWindows = []time.Duration{
+		time.Minute,        // 1m
+		time.Minute * 5,    // 5m
+		time.Minute * 15,   // 15m
+		time.Minute * 30,   // 30m
+		time.Hour,          // 1h
+		time.Hour * 3,      // 3h
+		time.Hour * 6,      // 6h
+		time.Hour * 12,     // 12h
+		time.Hour * 24,     // 24h
+		time.Hour * 24 * 7, // 1w
+	}
+)
 
 type Response struct {
 	Duration      int           `json:"duration,omitempty"`
@@ -20,10 +40,13 @@ type Response struct {
 	Checks        pkg.Checks    `json:"checks"`
 	ChecksSummary models.Checks `json:"checks_summary,omitempty"`
 }
+
 type DetailResponse struct {
 	Duration   int              `json:"duration,omitempty"`
 	RunnerName string           `json:"runnerName"`
 	Status     []pkg.Timeseries `json:"status"`
+	Latency    pkg.Latency      `json:"latency"`
+	Uptime     pkg.Uptime       `json:"uptime"`
 }
 
 func About(c echo.Context) error {
@@ -41,15 +64,34 @@ func CheckDetails(c echo.Context) error {
 	}
 
 	start := time.Now()
-	results, err := cache.PostgresCache.QueryStatus(*q)
+
+	summary, err := cache.PostgresCache.Query(*q)
+	if err != nil {
+		return errorResonse(c, err, http.StatusInternalServerError)
+	}
+	if len(summary) == 0 {
+		return c.JSON(http.StatusOK, DetailResponse{})
+	}
+
+	checkSummary := summary[0]
+	totalChecks := checkSummary.TotalRuns
+
+	rangeDuration := checkSummary.LatestRuntime.Sub(*checkSummary.EarliestRuntime)
+	q.WindowDuration = getBestPartitioner(totalChecks, rangeDuration)
+
+	results, err := cache.PostgresCache.QueryStatus(c.Request().Context(), *q)
 	if err != nil {
 		return errorResonse(c, err, http.StatusInternalServerError)
 	}
+
 	apiResponse := &DetailResponse{
 		RunnerName: runner.RunnerName,
 		Status:     results,
 		Duration:   int(time.Since(start).Milliseconds()),
+		Latency:    checkSummary.Latency,
+		Uptime:     checkSummary.Uptime,
 	}
+
 	return c.JSON(http.StatusOK, apiResponse)
 }
 
@@ -87,3 +129,37 @@ func HealthSummary(c echo.Context) error {
 	}
 	return c.JSON(http.StatusOK, apiResponse)
 }
+
+func getBestPartitioner(totalChecks int, rangeDuration time.Duration) time.Duration {
+	if totalChecks <= desiredNumOfCheckStatuses {
+		return 0 // No need to perform window aggregation
+	}
+
+	bestDelta := 100000000 // sufficiently large delta to begin with
+	bestWindow := allowedWindows[0]
+
+	for _, wp := range allowedWindows {
+		numWindows := int(rangeDuration / wp)
+		delta := abs(desiredNumOfCheckStatuses - numWindows)
+
+		if delta < bestDelta {
+			bestDelta = delta
+			bestWindow = wp
+		} else {
+			// as soon as we notice that the delta gets worse, we break the loop
+			break
+		}
+	}
+
+	numWindows := int(rangeDuration / bestWindow)
+	if abs(desiredNumOfCheckStatuses-totalChecks) <= abs(desiredNumOfCheckStatuses-numWindows) {
+		// If this best partition creates windows such that the resulting number of data points deviate more
+		// from the desired data points than the actual data points, then we do not aggregate.
+		// Example: if there are 144 checks for the duration of 6 days,
+		// then the best partition, 1 hour, would generate 144 data points.
+		// But the original data points (120) are closer to 100, so we do not aggregate.
+		return 0
+	}
+
+	return bestWindow
+}
diff --git a/pkg/api/api_test.go b/pkg/api/api_test.go
new file mode 100644
index 000000000..9721e3653
--- /dev/null
+++ b/pkg/api/api_test.go
@@ -0,0 +1,40 @@
+package api
+
+import (
+	"testing"
+	"time"
+)
+
+func Test_getMostSuitableWindowDuration(t *testing.T) {
+	day := time.Hour * 24
+
+	tests := []struct {
+		schedule      time.Duration // how often the check is run
+		rangeDuration time.Duration
+		expected      time.Duration // the best duration to partition the range
+	}{
+		{time.Second * 30, time.Minute * 5, 0},
+		{time.Second * 30, time.Minute * 30, 0},
+		{time.Second * 30, time.Hour * 2, time.Minute},
+		{time.Second * 30, time.Hour * 12, time.Minute * 5},
+		{time.Second * 30, day * 2, time.Minute * 30},
+		{time.Hour, day * 4, 0},
+		{time.Hour, day * 5, 0},
+		{time.Hour, day * 6, 0},
+		{time.Hour, day * 12, time.Hour * 3},
+		{time.Second * 30, day * 8, time.Hour * 3},
+		{time.Second * 30, day * 30, time.Hour * 6},
+		{time.Second * 30, day * 90, day},
+		{time.Second * 30, day * 365, day * 7},
+	}
+
+	for _, td := range tests {
+		t.Run(td.rangeDuration.String(), func(t *testing.T) {
+			totalChecks := int(td.rangeDuration / td.schedule)
+			result := getBestPartitioner(totalChecks, td.rangeDuration)
+			if result != td.expected {
+				t.Errorf("expected %v, but got %v", td.expected, result)
+			}
+		})
+	}
+}
diff --git a/pkg/api/utils.go b/pkg/api/utils.go
index bf8e2b9dc..242cc276d 100644
--- a/pkg/api/utils.go
+++ b/pkg/api/utils.go
@@ -8,3 +8,14 @@ func errorResonse(c echo.Context, err error, code int) error {
 	e := map[string]string{"error": err.Error()}
 	return c.JSON(code, e)
 }
+
+// abs returns the absolute value of i.
+// math.Abs only supports float64 and this avoids the needless type conversions
+// and ugly expression.
+func abs(n int) int {
+	if n > 0 {
+		return n
+	}
+
+	return -n
+}
diff --git a/pkg/cache/cache.go b/pkg/cache/cache.go
index 1e360090e..699e7de16 100644
--- a/pkg/cache/cache.go
+++ b/pkg/cache/cache.go
@@ -28,6 +28,7 @@ type QueryParams struct {
 	StatusCount     int
 	Labels          map[string]string
 	Trace           bool
+	WindowDuration  time.Duration
 }
 
 func (q QueryParams) Validate() error {
@@ -57,10 +58,10 @@ func (q QueryParams) GetStartTime() *time.Time {
 
 func (q QueryParams) GetEndTime() *time.Time {
 	if q._end != nil || q.End == "" {
-		return q._start
+		return q._end
 	}
-	q._start, _ = timeV(q.Start)
-	return q._start
+	q._end, _ = timeV(q.End)
+	return q._end
 }
 
 func (q QueryParams) String() string {
@@ -80,6 +81,7 @@ func ParseQuery(c echo.Context) (*QueryParams, error) {
 	} else {
 		cacheCount = int64(DefaultCacheCount)
 	}
+
 	since := queryParams.Get("since")
 	if since == "" {
 		since = queryParams.Get("start")
@@ -87,10 +89,15 @@ func ParseQuery(c echo.Context) (*QueryParams, error) {
 	if since == "" {
 		since = DefaultWindow
 	}
+
 	until := queryParams.Get("until")
 	if until == "" {
 		until = queryParams.Get("end")
 	}
+	if until == "" {
+		until = "0s"
+	}
+
 	q := QueryParams{
 		Start:           since,
 		End:             until,
diff --git a/pkg/cache/postgres.go b/pkg/cache/postgres.go
index 40665c4fa..3e1d9c0cb 100644
--- a/pkg/cache/postgres.go
+++ b/pkg/cache/postgres.go
@@ -111,8 +111,8 @@ func (c *postgresCache) QuerySummary() (models.Checks, error) {
 	return duty.QueryCheckSummary(context.Background(), db.Pool)
 }
 
-func (c *postgresCache) QueryStatus(q QueryParams) ([]pkg.Timeseries, error) {
-	return q.ExecuteDetails(db.Pool)
+func (c *postgresCache) QueryStatus(ctx context.Context, q QueryParams) ([]pkg.Timeseries, error) {
+	return q.ExecuteDetails(ctx, db.Pool)
 }
 
 func (c *postgresCache) GetDetails(checkkey string, time string) interface{} {
diff --git a/pkg/cache/postgres_query.go b/pkg/cache/postgres_query.go
index 9ee342754..fb4fa43c9 100644
--- a/pkg/cache/postgres_query.go
+++ b/pkg/cache/postgres_query.go
@@ -79,33 +79,38 @@ func (q QueryParams) GetWhereClause() (string, map[string]interface{}, error) {
 	return strings.TrimSpace(clause), args, nil
 }
 
-func (q QueryParams) ExecuteDetails(db Querier) ([]pkg.Timeseries, error) {
-	clause, namedArgs, err := q.GetWhereClause()
-	if err != nil {
-		return nil, err
-	}
-	namedArgs["limit"] = q.StatusCount
-	keyIndex := 3
-	messageIndex := 4
-	errorIndex := 5
+func (q QueryParams) ExecuteDetails(ctx context.Context, db Querier) ([]pkg.Timeseries, error) {
+	start := q.GetStartTime().Format(time.RFC3339)
+	end := q.GetEndTime().Format(time.RFC3339)
 
-	sql := "SELECT time,duration,status "
-	if q.Check == "" {
-		sql += ", check_key"
-	}
-	if q.IncludeMessages {
-		sql += ", message, error"
-		if q.Check != "" {
-			messageIndex -= 1
-			errorIndex -= 1
-		}
-	}
-	sql += fmt.Sprintf(`
+	query := `
+With grouped_by_window AS (
+	SELECT
+		duration,
+		status,
+		to_timestamp(floor((extract(epoch FROM time) + $1) / $2) * $2) AS time
 	FROM check_statuses
-	WHERE %s
-	LIMIT :limit
-`, clause)
-	rows, err := exec(db, q, sql, namedArgs)
+	WHERE
+		time >= $3 AND
+		time <= $4 AND
+		check_id = $5
+)
+SELECT 
+  time,
+  bool_and(status),
+  AVG(duration)::integer as duration 
+FROM 
+  grouped_by_window 
+GROUP BY time
+`
+	args := []any{q.WindowDuration.Seconds() / 2, q.WindowDuration.Seconds(), start, end, q.Check}
+
+	if q.WindowDuration == 0 {
+		query = `SELECT time, status, duration FROM check_statuses WHERE time >= $1 AND time <= $2 AND check_id = $3`
+		args = []any{start, end, q.Check}
+	}
+
+	rows, err := db.Query(ctx, query, args...)
 	if err != nil {
 		return nil, err
 	}
@@ -113,24 +118,16 @@ func (q QueryParams) ExecuteDetails(db Querier) ([]pkg.Timeseries, error) {
 
 	var results []pkg.Timeseries
 	for rows.Next() {
-		vals, err := rows.Values()
-		if err != nil {
+		var datapoint pkg.Timeseries
+		var ts time.Time
+		if err := rows.Scan(&ts, &datapoint.Status, &datapoint.Duration); err != nil {
 			return nil, err
 		}
-		result := pkg.Timeseries{
-			Time:     vals[0].(time.Time).Format(time.RFC3339),
-			Duration: intV(vals[1]),
-			Status:   vals[2].(bool),
-		}
-		if q.Check == "" {
-			result.Key = vals[keyIndex].(string)
-		}
-		if q.IncludeMessages {
-			result.Message = vals[messageIndex].(string)
-			result.Error = vals[errorIndex].(string)
-		}
-		results = append(results, result)
+
+		datapoint.Time = ts.Format(time.RFC3339)
+		results = append(results, datapoint)
 	}
+
 	return results, nil
 }
 
@@ -193,9 +190,11 @@ SELECT
     checks.created_at,
     checks.updated_at,
     checks.deleted_at,
-    status
+    status,
+		stats.max_time,
+		stats.min_time,
+		stats.total_checks
 FROM checks checks
-
 RIGHT JOIN (
   	SELECT 
         check_id,
@@ -203,7 +202,10 @@ RIGHT JOIN (
         percentile_disc(0.97) within group (order by filtered_check_status.duration) as p97,
         percentile_disc(0.05) within group (order by filtered_check_status.duration) as p95,
         COUNT(*) FILTER (WHERE filtered_check_status.status = TRUE) as passed,
-        COUNT(*) FILTER (WHERE filtered_check_status.status = FALSE) as failed
+        COUNT(*) FILTER (WHERE filtered_check_status.status = FALSE) as failed,
+				COUNT(*) total_checks,
+				MIN(filtered_check_status.time) as min_time,
+				MAX(filtered_check_status.time) as max_time
 	FROM
         filtered_check_status
     GROUP BY check_id
@@ -273,6 +275,10 @@ WHERE (stats.passed > 0 OR stats.failed > 0) %s
 			check.DeletedAt, _ = timeV(vals[20])
 		}
 		check.Status = vals[21].(string)
+		check.LatestRuntime, _ = timeV(vals[22])
+		check.EarliestRuntime, _ = timeV(vals[23])
+		check.TotalRuns = intV(vals[24])
+
 		if vals[7] != nil {
 			for _, status := range vals[7].([]interface{}) {
 				s := status.(map[string]interface{})

From c47ce6243e2e36e6e08e2b739a604cb4ba0e8a7d Mon Sep 17 00:00:00 2001
From: Moshe Immerman <moshe@flanksource.com>
Date: Thu, 6 Jul 2023 17:14:38 +0300
Subject: [PATCH 07/10] major: update docs

---
 README.md                                  |  210 ++--
 docs/API.md                                | 1268 --------------------
 docs/canary-checker.png                    |  Bin 69574 -> 0 bytes
 docs/dev-guide.md                          |   68 --
 docs/images/cc-blue.svg                    |    3 -
 docs/images/cc-white.svg                   |    3 -
 docs/images/dashboard-http-pass-canary.png |  Bin 30244 -> 0 bytes
 docs/images/ui01.png                       |  Bin 161597 -> 0 bytes
 docs/index.md                              |    1 -
 docs/installation.md                       |   33 -
 docs/introduction.md                       |   31 -
 docs/operator.md                           |  133 --
 docs/prereqs.md                            |  103 --
 docs/reference.md                          |   20 -
 docs/run.md                                |   57 -
 docs/server.md                             |   58 -
 docs/swagger.yaml                          |  296 -----
 17 files changed, 104 insertions(+), 2180 deletions(-)
 delete mode 100644 docs/API.md
 delete mode 100644 docs/canary-checker.png
 delete mode 100644 docs/dev-guide.md
 delete mode 100644 docs/images/cc-blue.svg
 delete mode 100644 docs/images/cc-white.svg
 delete mode 100644 docs/images/dashboard-http-pass-canary.png
 delete mode 100644 docs/images/ui01.png
 delete mode 120000 docs/index.md
 delete mode 100644 docs/installation.md
 delete mode 100644 docs/introduction.md
 delete mode 100644 docs/operator.md
 delete mode 100644 docs/prereqs.md
 delete mode 100644 docs/reference.md
 delete mode 100644 docs/run.md
 delete mode 100644 docs/server.md
 delete mode 100644 docs/swagger.yaml

diff --git a/README.md b/README.md
index e476f4a00..629b50c2c 100644
--- a/README.md
+++ b/README.md
@@ -1,141 +1,139 @@
 
-<div align="center"> <img src="docs/canary-checker.png" height="64px"></img></div>
+<div align="center"> <img src="https://canarychecker.io/images/canary-checker.svg" height="64px"></img></div>
   <p align="center">Kubernetes operator for executing synthetic tests</p>
 <p align="center">
 <a href="https://github.com/flanksource/canary-checker/actions"><img src="https://github.com/flanksource/canary-checker/workflows/Test/badge.svg"></a>
 <a href="https://goreportcard.com/report/github.com/flanksource/canary-checker"><img src="https://goreportcard.com/badge/github.com/flanksource/canary-checker"></a>
 <img src="https://img.shields.io/github/license/flanksource/canary-checker.svg?style=flat-square"/>
-<a href="https://canary-checker.docs.flanksource.com"> <img src="https://img.shields.io/badge/☰-Docs-lightgrey.svg"/> </a>
+<a href="https://canarychecker.io"> <img src="https://img.shields.io/badge/☰-Docs-lightgrey.svg"/> </a>
 </p>
 
 ---
+Canary checker is a kubernetes-native platform for monitoring health across application and infrastructure using both passive and active (synthetic) mechanisms.
 
-# Introduction
+## Features
 
-Canary Checker is a Kubernetes native multi-tenant synthetic monitoring system.  To learn more,  see the [docs](https://docs.flanksource.com/canary-checker/overview/).
+* **Batteries Included** - 35+ built-in check types
+* **Kubernetes Native** - Health checks (or canaries) are CRD's that reflect health via the `status` field, making them compatible with GitOps, [Flux Health Checks](https://fluxcd.io/flux/components/kustomize/kustomization/#health-checks), Argo, Helm, etc..
+* **Secret Management** - Leverage K8S secrets and configmaps for authentication and connection details
+* **Prometheus** - Prometheus compatible metrics are exposed at `/metrics`.  A Grafana Dashboard is also available.
+* **Dependency Free** - Runs an embedded postgres instance by default,  can also be configured to use an external database.
+* **JUnit Export (CI/CD)**  - Export health check results to JUnit format for integration into CI/CD pipelines
+* **JUnit Import (k6/newman/puppeter/etc)** - Use any container that creates JUnit test results
+* **Scriptable** - Go templates, Javascript and [Expr](https://github.com/antonmedv/expr) can be used to:
+  * Evaluate whether a check is passing and severity to use when failing
+  * Extract a user friendly error message
+  * Transform and filter check responses into individual check results
+* **Multi-Modal** - While designed as a Kubernetes Operator, canary checker can also run as a CLI and a server without K8s
 
-# Features
+## Getting Started
 
-* Built-in UI/Dashboard
-* CRD based configuration and status reporting
-* Prometheus Integration
-* Runnable as a CLI for once-off checks or as a standalone server outside kubernetes
-* Junit formatting for CI/CD integration
-* Many built-in check types
+1. Install canary checker:
 
-## Getting started
-
-The easiest way to get started with canary-checker is to run it as CLI, it will take specifications in a YAML / CRD format and execute them before returning. The CLI can be used within CI/CD platforms and also exports to JUnit XML reports.
-
-1. Install the CLI
-
-```bash
-wget  https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker_linux_amd64   \
-  -O /usr/bin/canary-checker && \
-  chmod +x /usr/bin/canary-checker
-```
+  ```shell
+helm repo add flanksource https://flanksource.github.io/charts
+helm repo update
+helm install canary-checker
+  ```
 
-2. Create a new  spec called `http.yaml`
+2. Create a new check:
 
-```yaml
+  ```yaml title="canary.yaml"
 apiVersion: canaries.flanksource.com/v1
 kind: Canary
 metadata:
-  name: http-pass
+  name: http-check
 spec:
   interval: 30
   http:
-    - endpoint: https://httpstat.us/200
-      thresholdMillis: 3000
-      responseCodes: [201, 200, 301]
-      responseContent: ""
-      maxSSLExpiry: 7
-```
-
-3. Run the canary using:
-
-```bash
-canary-checker run http.yaml
-```
-
-[![asciicast](https://asciinema.org/a/N3jELGSn8HoRQHPpCdeK7MDBV.svg)](https://asciinema.org/a/N3jELGSn8HoRQHPpCdeK7MDBV)
-
-### Junit Formating
-
-Canary checker can export  JUnit formatted results for use in CI/CD pipelines
-
-```bash
-canary-checker run http.yaml -j -o results.xml
-```
-
-## Deploying as Kubernetes Operator
+    - name: basic-check
+      url: https://httpbin.demo.aws.flanksource.com/status/200
+    - name: failing-check
+      url: https://httpbin.demo.aws.flanksource.com/status/500
+  ```
 
-1. Deploy the operator
+2a. Run the check locally (Optional)
 
-```bash
-helm repo add flanksource https://flanksource.github.io/charts
-helm repo update
-helm install canary-checker-demo \
- --wait \
- -n canary-checker \
- --create-namespace flanksource/canary-checker \
- -f values.yaml
+```shell
+canary-checker run canary.yaml
 ```
 
-```yaml title="values.yaml"
-flanksource-ui:
-  ingress:
-    host: canary-checker.127.0.0.1.nip.io
-    annotations:
-      kubernetes.io/ingress.class: nginx
-      kubernetes.io/tls-acme: "true"
-    tls:
-      - secretName: canary-checker-tls
-        hosts:
-        - canary-checker.127.0.0.1.nip.io
-```
-
-2. Install a canary
+[![asciicast](https://asciinema.org/a/cYS6hlmX516JQeECHH7za3IDG.svg)](https://asciinema.org/a/cYS6hlmX516JQeECHH7za3IDG)
 
-```bash
-kubectl apply -f https://raw.githubusercontent.com/flanksource/canary-checker/master/fixtures/minimal/http_pass_single.yaml
-```
+  ```shell
+ kubectl apply -f canary.yaml
+  ```
 
-3. Check the results via the CLI
+3. Check the status of the health check:
 
-```bash
+  ```shell
 kubectl get canary
-```
+  ```
 
 ``` title="sample output"
 NAME               INTERVAL   STATUS   LAST CHECK   UPTIME 1H        LATENCY 1H   LAST TRANSITIONED
-http-pass-single   30         Passed   13s          18/18 (100.0%)   480ms        13s
+http-check.        30         Passed   13s          18/18 (100.0%)   480ms        13s
 ```
 
-### Dashboard
-
-Canary checker comes with a built-in dashboard for displaying canary results, it can be turned off using `--set flanksource-ui.enabled=false`
-
-![](https://github.com/flanksource/docs/blob/85bdd4875d0d3ded16b7aa6c132d423852fcad90/docs/images/dashboard-http-pass-canary.png?raw=true)
-
-### Prometheus
-
-The helm chart can install a `ServiceMonitor` for the prometheus operator, by enabling the serviceMonitor flag `--set serviceMonitor=true`
-
-Metrics exposed by canary-checker:
-
-| Metric                                         | Type      | Description                                 |
-| ---------------------------------------------- | --------- | ------------------------------------------- |
-| canary_check                                   | Guage     | Set to 0 when passing and 1 when failing    |
-| canary_check_success_count                     | Counter   |                                             |
-| canary_check_failed_count                      | Counter   |                                             |
-| canary_check_info                              | Info      |                                             |
-| canary_check_duration                          | Histogram | Histogram of canary durations               |
-| **Pod Check Metrics**                          |           |                                             |
-| canary_check_histogram{metric="creation_time"} | Histogram | Time for pod to be `Pending`                |
-| canary_check_histogram{metric="delete_time"}   | Histogram | Time to delete pod                          |
-| canary_check_histogram{metric="ingress_time"}  | Histogram | Time until ingress is returning requests    |
-| canary_check_histogram{metric="request_time"}  | Histogram | Duration of http request once ingress is up |
-| canary_check_histogram{metric="schedule_time"} | Histogram | Time for pod to be `Running`                |
-| **HTTP Check Metrics**                         |           |                                             |
-| canary_check_http_response_status              | Counter   | Response code counter for each endpoint     |
+## Getting Help
+
+If you have any questions about canary checker:
+
+* Read the [docs](https://canarychecker.io)
+* Invite yourself to the [CNCF community slack](https://slack.cncf.io/)and join the [#canary-checker](https://cloud-native.slack.com/messages/canary-checker/) channel.
+* Check out the [Youtube Playlist](https://www.youtube.com/playlist?list=PLz4F_KggvA58D6krlw433TNr8qMbu1aIU).
+* File an [issue](https://github.com/flanksource/canary-checker/issues/new) - (We do provide user support via Github Issues, so don't worry  if your issue a real bug or not)
+
+Your feedback is always welcome!
+
+## Check Types
+
+| Protocol                                                     | Status     | Checks                                                       |
+| ------------------------------------------------------------ | ---------- | ------------------------------------------------------------ |
+| [HTTP(s)](https://canarychecker.io/reference/http)                                 | GA         | Response body, headers and duration                          |
+| [DNS](https://canarychecker.io/reference/dns)                                      | GA         | Response and duration                                        |
+| [Ping/ICMP](https://canarychecker.io/reference/icmp)                               | GA         | Duration and packet loss                                     |
+| [TCP](https://canarychecker.io/reference/tcp)                                      | GA         | Port is open and connectable                                 |
+| **Data Sources**                                             |            |                                                              |
+| SQL ([MySQL](https://canarychecker.io/reference/mysql), [Postgres](https://canarychecker.io/reference/postgres), [SQL Server](https://canarychecker.io/reference/mssql)) | GA         | Ability to login, results, duration, health exposed via stored procedures |
+| [LDAP](https://canarychecker.io/reference/ldap)                                    | GA         | Ability to login, response time                              |
+| [ElasticSearch / Opensearch](https://canarychecker.io/reference/elasticsearch)     | GA         | Ability to login, response time, size of search results      |
+| [Mongo](https://canarychecker.io/reference/mongo)                                  | Beta       | Ability to login, results, duration,                         |
+| [Redis](https://canarychecker.io/reference/redis)                                  | GA         | Ability to login, results, duration,                         |
+| [Prometheus](https://canarychecker.io/reference/prometheus)                        | GA         | Ability to login, results, duration,                         |
+| **Alerts**                                                   |            | Prometheus                                                   |
+| [Prometheus Alert Manager](https://canarychecker.io/reference/alert-manager)       | GA         | Pending and firing alerts                                    |
+| [AWS Cloudwatch Alarms](https://canarychecker.io/reference/cloudwatch)             | GA         | Pending and firing alarms                                    |
+| [Dynatrace Problems](./reference/dynatrace.md)               | Beta       | Problems deteced                                             |
+| **DevOps**                                                   |            |                                                              |
+| [Git](https://canarychecker.io/reference/git)                                      | GA         | Query Git and Github repositories via SQL                    |
+| [Azure Devops](https://canarychecker.io/reference)                                 |            |                                                              |
+| **Integration Testing**                                      |            |                                                              |
+| [JMeter](https://canarychecker.io/reference/jmeter)                                | Beta       | Runs and checks the result of a JMeter test                  |
+| [JUnit / BYO](https://canarychecker.io/reference/junit)                            | Beta       | Run a pod that saves Junit test results                      |
+| **File Systems / Batch**                                     |            |                                                              |
+| [Local Disk / NFS](https://canarychecker.io/reference/folder)                      | GA         | Check folders for files that are:  too few/many, too old/new, too small/large |
+| [S3](https://canarychecker.io/reference/s3-bucket)                                 | GA         | Check contents of AWS S3 Buckets                             |
+| [GCS](https://canarychecker.io/reference/gcs-bucket)                               | GA         | Check contents of Google Cloud Storage Buckets               |
+| [SFTP](https://canarychecker.io/reference/sftp)                                    | GA         | Check contents of folders over SFTP                          |
+| [SMB / CIFS](../smb)                                         | GA         | Check contents of folders over SMB/CIFS                      |
+| **Config**                                                   |            |                                                              |
+| [AWS Config](https://canarychecker.io/reference/aws-config)                        | GA         | Query AWS config using SQL                                   |
+| [AWS Config Rule](https://canarychecker.io/reference/aws-config-rule)              | GA         | AWS Config Rules that are firing, Custom AWS Config queries  |
+| [Config DB](https://canarychecker.io/reference/configdb)                           | GA         | Custom config queries for Mission Control Config D           |
+| [Kubernetes Resources](https://canarychecker.io/reference/kubernetes)              | GA         | Kubernetes resources that are missing or are in a non-ready state |
+| **Backups**                                                  |            |                                                              |
+| [GCP Databases](..refere)                                    | GA         | Backup freshness                                             |
+| [Restic](https://canarychecker.io/reference/restic)                                | Beta       | Backup freshness and integrity                               |
+| **Infrastructure**                                           |            |                                                              |
+| [EC2](https://canarychecker.io/reference/ec2)                                      | GA         | Ability to launch new EC2 instances                          |
+| [Kubernetes Ingress](https://canarychecker.io/reference/pod)                       | GA         | Ability to schedule and then route traffic via an ingress to a pod |
+| [Docker/Containerd](https://canarychecker.io/reference/containerd)                 | Deprecated | Ability to push and pull containers via docker/containerd    |
+| [Helm](https://canarychecker.io/reference/helm)                                    | Deprecated | Ability to push and pull helm charts                         |
+| [S3 Protocol](https://canarychecker.io/reference/s3-protocol)                      | GA         | Ability to read/write/list objects on an S3 compatible object store |
+
+## License
+
+Canary Checker core (the code in this repository) is licensed under [Apache 2.0](https://raw.githubusercontent.com/flanksource/canary-checker/main/LICENSE) and accepts contributions via GitHub pull requests after signing a CLA.
+
+The UI (Dashboard) is free to use with canary checker under a license exception of [Flanksource UI](https://github.com/flanksource/flanksource-ui/blob/main/LICENSE#L7)
diff --git a/docs/API.md b/docs/API.md
deleted file mode 100644
index d38d55646..000000000
--- a/docs/API.md
+++ /dev/null
@@ -1,1268 +0,0 @@
----
-title: Canary Types
-hide:
-  - toc
----
-
-## Canary
-
-Canary is the Schema for the canaries API
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **ObjectMeta** |  | [metav1.ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#objectmeta-v1-meta) | Yes |
-| **Spec** |  | [CanarySpec](#canaryspec) | Yes |
-| **Status** |  | [CanaryStatus](#canarystatus) | Yes |
-| **TypeMeta** |  | metav1.TypeMeta | Yes |
-
-
-## CanarySpec
-
-CanarySpec defines the desired state of Canary
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| cloudwatch |  | \[\][CloudWatchCheck](#cloudwatchcheck) |  |
-| containerd |  | \[\][ContainerdPullCheck](#containerdpullcheck) |  |
-| containerdPush |  | \[\][ContainerdPushCheck](#containerdpushcheck) |  |
-| dns |  | \[\][DNSCheck](#dnscheck) |  |
-| docker |  | \[\][DockerPullCheck](#dockerpullcheck) |  |
-| dockerPush |  | \[\][DockerPushCheck](#dockerpushcheck) |  |
-| ec2 |  | \[\][EC2Check](#ec2check) |  |
-| env |  | map[string][VarSource](#varsource) |  |
-| gcsBucket |  | \[\][GCSBucketCheck](#gcsbucketcheck) |  |
-| helm |  | \[\][HelmCheck](#helmcheck) |  |
-| http |  | \[\][HTTPCheck](#httpcheck) |  |
-| icmp |  | \[\][ICMPCheck](#icmpcheck) |  |
-| icon |  | string |  |
-| interval | interval (in seconds) to run checks on Deprecated in favor of Schedule | uint64 |  |
-| jmeter |  | \[\][JmeterCheck](#jmetercheck) |  |
-| junit |  | \[\][JunitCheck](#junitcheck) |  |
-| ldap |  | \[\][LDAPCheck](#ldapcheck) |  |
-| mongodb |  | \[\][MongoDBCheck](#mongodbcheck) |  |
-| mssql |  | \[\][MssqlCheck](#mssqlcheck) |  |
-| namespace |  | \[\][NamespaceCheck](#namespacecheck) |  |
-| owner |  | string |  |
-| pod |  | \[\][PodCheck](#podcheck) |  |
-| postgres |  | \[\][PostgresCheck](#postgrescheck) |  |
-| prometheus |  | \[\][PrometheusCheck](#prometheuscheck) |  |
-| redis |  | \[\][RedisCheck](#redischeck) |  |
-| restic |  | \[\][ResticCheck](#resticcheck) |  |
-| s3 |  | \[\][S3Check](#s3check) |  |
-| s3Bucket |  | \[\][S3BucketCheck](#s3bucketcheck) |  |
-| schedule | Schedule to run checks on. Supports all cron expression, example: '30 3-6,20-23 * * *'. For more info about cron expression syntax see https://en.wikipedia.org/wiki/Cron
- Also supports golang duration, can be set as '@every 1m30s' which runs the check every 1 minute and 30 seconds. | string |  |
-| severity |  | string |  |
-| smb |  | \[\][SmbCheck](#smbcheck) |  |
-| tcp |  | \[\][TCPCheck](#tcpcheck) |  |
-
-
-## CanaryStatus
-
-CanaryStatus defines the observed state of Canary
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **ChecksStatus** |  | map[string]*[CheckStatus](#checkstatus) | Yes |
-| **ErrorMessage** |  | *string | Yes |
-| **LastCheck** |  | *metav1.Time | Yes |
-| **LastTransitionedTime** |  | *metav1.Time | Yes |
-| **Latency1H** | Average latency to complete all checks | string | Yes |
-| **Message** |  | *string | Yes |
-| **ObservedGeneration** |  | int64 | Yes |
-| **Status** |  | *CanaryStatusCondition | Yes |
-| **Uptime1H** | Availibility over a rolling 1h period | string | Yes |
-
-
-## CanaryList
-
-CanaryList contains a list of Canary
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **Items** |  | \[\][Canary](#canary) | Yes |
-| **ListMeta** |  | [metav1.ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#listmeta-v1-meta) | Yes |
-| **TypeMeta** |  | metav1.TypeMeta | Yes |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/cloudwatch.svg' style='height: 32px'/> CloudWatch
-
-This checks the cloudwatch for all the Active alarm and response with the reason
-??? example
-     ```yaml
-     cloudwatch:
-       - accessKey:
-           valueFrom:
-         secretKeyRef:
-         key: aws
-         name: access-key
-         secretKey:
-           valueFrom:
-         secretKeyRef:
-         key: aws
-         name: secrey-key
-         region: "us-east-1"
-         #skipTLSVerify: true
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **accessKey** |  | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| description | Description for the check | string |  |
-| display |  | [Template](#template) |  |
-| endpoint |  | string |  |
-| filter |  | [CloudWatchFilter](#cloudwatchfilter) |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-| region |  | string |  |
-| **secretKey** |  | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| skipTLSVerify | Skip TLS verify when connecting to aws | bool |  |
-| test |  | [Template](#template) |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/containerdPull.svg' style='height: 32px'/> ContainerdPull
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: containerd-pull-pass
-     spec:
-       interval: 30
-       containerd:
-         - image: docker.io/library/busybox:1.31.1
-           expectedDigest: sha256:95cf004f559831017cdf4628aaf1bb30133677be8702a8c5f2994629f637a209
-           expectedSize: 764556
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| auth |  | [Authentication](#authentication) |  |
-| description | Description for the check | string |  |
-| expectedDigest |  | string |  |
-| expectedSize |  | int64 |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| **image** |  | string | Yes |
-| name | Name of the check | string |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/containerdPush.svg' style='height: 32px'/> ContainerdPush
-
-??? example
-     ```yaml
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| description | Description for the check | string |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| **image** |  | string | Yes |
-| name | Name of the check | string |  |
-| **password** |  | string | Yes |
-| **username** |  | string | Yes |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/dns.svg' style='height: 32px'/> DNS
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: dns-pass
-     spec:
-       interval: 30
-       dns:
-         - server: 8.8.8.8
-           port: 53
-           query: "1.2.3.4.nip.io"
-           querytype: "A"
-           minrecords: 1
-           exactreply: ["1.2.3.4"]
-           timeout: 10
-           thresholdMillis: 1000
-         - server: 8.8.8.8
-           port: 53
-           query: "8.8.8.8"
-           querytype: "PTR"
-           minrecords: 1
-           exactreply: ["dns.google."]
-           timeout: 10
-           thresholdMillis: 100
-         - server: 8.8.8.8
-           port: 53
-           query: "dns.google"
-           querytype: "CNAME"
-           minrecords: 1
-           exactreply: ["dns.google."]
-           timeout: 10
-           thresholdMillis: 1000
-         - server: 8.8.8.8
-           port: 53
-           query: "flanksource.com"
-           querytype: "MX"
-           minrecords: 1
-           exactreply:
-             - "aspmx.l.google.com. 1"
-             - "alt1.aspmx.l.google.com. 5"
-             - "alt2.aspmx.l.google.com. 5"
-             - "aspmx3.googlemail.com. 10"
-             - "aspmx2.googlemail.com. 10"
-           timeout: 10
-           thresholdMillis: 1000
-         - server: 8.8.8.8
-           port: 53
-           query: "flanksource.com"
-           querytype: "TXT"
-           minrecords: 1
-           exactreply: ["google-site-verification=IIE1aJuvqseLUKSXSIhu2O2lgdU_d8csfJjjIQVc-q0"]
-           timeout: 10
-           thresholdMillis: 1000
-         - server: 8.8.8.8
-           port: 53
-           query: "flanksource.com"
-           querytype: "NS"
-           minrecords: 1
-           exactreply:
-             - "ns-91.awsdns-11.com."
-             - "ns-908.awsdns-49.net."
-             - "ns-1450.awsdns-53.org."
-             - "ns-1896.awsdns-45.co.uk."
-           timeout: 10
-           thresholdMillis: 1000
-       #  - server: 8.8.8.8
-       #    port: 53
-       #    querytype: "SRV"
-       #    query: "_test._tcp.test"
-       #    timeout: 10
-       #    srvReply:
-       #      target: ""
-       #      port: 0
-       #      priority: 0
-       #      weight: 0*
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| description | Description for the check | string |  |
-| exactreply |  | \[\]string |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| minrecords |  | int |  |
-| name | Name of the check | string |  |
-| port |  | int |  |
-| query |  | string |  |
-| querytype |  | string |  |
-| **server** |  | string | Yes |
-| thresholdMillis |  | int |  |
-| timeout |  | int |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/dockerPull.svg' style='height: 32px'/> DockerPull
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: docker-pass
-     spec:
-       interval: 30
-       docker:
-         - image: docker.io/library/busybox:1.31.1@sha256:b20c55f6bfac8828690ec2f4e2da29790c80aa3d7801a119f0ea6b045d2d2da1
-           expectedDigest: sha256:b20c55f6bfac8828690ec2f4e2da29790c80aa3d7801a119f0ea6b045d2d2da1
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| auth |  | *[Authentication](#authentication) |  |
-| description | Description for the check | string |  |
-| **expectedDigest** |  | string | Yes |
-| **expectedSize** |  | int64 | Yes |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| **image** |  | string | Yes |
-| name | Name of the check | string |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/dockerPush.svg' style='height: 32px'/> DockerPush
-
-DockerPush check will try to push a Docker image to specified registry.
-/*
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: docker-push0-pass
-     spec:
-       interval: 30
-       dockerPush:
-         - image: ttl.sh/flanksource-busybox:1.30
-           auth:
-             username:
-               value: test
-             password:
-               value: pass
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| auth |  | *[Authentication](#authentication) |  |
-| description | Description for the check | string |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| **image** |  | string | Yes |
-| name | Name of the check | string |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/ec2.svg' style='height: 32px'/> EC2
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: ec2-pass
-     spec:
-       interval: 30
-       spec:
-         ec2:
-           - description: test instance
-             accessKeyID:
-               valueFrom:
-                 secretKeyRef:
-                   name: aws-credentials
-                   key: AWS_ACCESS_KEY_ID
-             secretKey:
-               valueFrom:
-                 secretKeyRef:
-                   name: aws-credentials
-                   key: AWS_SECRET_ACCESS_KEY
-             region: af-south-1
-             userData: |
-               #!/bin/bash
-               yum install -y httpd
-               systemctl start httpd
-               systemctl enable httpd
-               usermod -a -G apache ec2-user
-               chown -R ec2-user:apache /var/www
-               chmod 2775 /var/www
-               find /var/www -type d -exec chmod 2775 {} \;
-               find /var/www -type f -exec chmod 0664 {} \;
-             securityGroup: WebAccess
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **accessKey** |  | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| ami |  | string |  |
-| canaryRef |  | \[\][v1.LocalObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#localobjectreference-v1-core) |  |
-| description | Description for the check | string |  |
-| endpoint |  | string |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| keepAlive |  | bool |  |
-| name | Name of the check | string |  |
-| region |  | string |  |
-| **secretKey** |  | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| securityGroup |  | string |  |
-| skipTLSVerify | Skip TLS verify when connecting to aws | bool |  |
-| timeOut |  | int |  |
-| userData |  | string |  |
-| waitTime |  | int |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/gcsBucket.svg' style='height: 32px'/> GCSBucket
-
-??? example
-     ```yaml
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **bucket** |  | string | Yes |
-| **credentials** |  | *[kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| description | Description for the check | string |  |
-| display |  | [Template](#template) |  |
-| **endpoint** |  | string | Yes |
-| filter |  | [FolderFilter](#folderfilter) |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| maxAge | MaxAge the latest object should be younger than defined age | Duration |  |
-| maxCount | MinCount the minimum number of files inside the searchPath | *int |  |
-| maxSize | MaxSize of the files inside the searchPath | Size |  |
-| minAge | MinAge the latest object should be older than defined age | Duration |  |
-| minCount | MinCount the minimum number of files inside the searchPath | *int |  |
-| minSize | MinSize of the files inside the searchPath | Size |  |
-| name | Name of the check | string |  |
-| test |  | [Template](#template) |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/http.svg' style='height: 32px'/> HTTP
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: http-pass
-     spec:
-       interval: 30
-       http:
-         - endpoint: http://status.savanttools.com/?code=200
-           thresholdMillis: 3000
-           responseCodes: [201, 200, 301]
-           responseContent: ""
-           maxSSLExpiry: 7
-         - endpoint: http://status.savanttools.com/?code=404
-           thresholdMillis: 3000
-           responseCodes: [404]
-           responseContent: ""
-           maxSSLExpiry: 7
-         - endpoint: http://status.savanttools.com/?code=500
-           thresholdMillis: 3000
-           responseCodes: [500]
-           responseContent: ""
-           maxSSLExpiry: 7
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| authentication | Credentials for authentication headers | *[Authentication](#authentication) |  |
-| body | Request Body Contents | string |  |
-| description | Description for the check | string |  |
-| display |  | [Template](#template) |  |
-| **endpoint** | HTTP endpoint to check.  Mutually exclusive with Namespace | string | Yes |
-| headers | Header fields to be used in the query | \[\][kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| maxSSLExpiry | Maximum number of days until the SSL Certificate expires. | int |  |
-| method | Method to use - defaults to GET | string |  |
-| name | Name of the check | string |  |
-| namespace | Namespace to crawl for TLS endpoints.  Mutually exclusive with Endpoint | string |  |
-| ntlm | NTLM when set to true will do authentication using NTLM v1 protocol | bool |  |
-| ntlmv2 | NTLM when set to true will do authentication using NTLM v2 protocol | bool |  |
-| responseCodes | Expected response codes for the HTTP Request. | \[\]int |  |
-| responseContent | Exact response content expected to be returned by the endpoint. | string |  |
-| responseJSONContent | Path and value to of expect JSON response by the endpoint | [JSONCheck](#jsoncheck) |  |
-| test |  | [Template](#template) |  |
-| thresholdMillis | Maximum duration in milliseconds for the HTTP request. It will fail the check if it takes longer. | int |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/helm.svg' style='height: 32px'/> Helm
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: helm-pass
-     spec:
-       interval: 30
-       helm:
-         - chartmuseum: http://chartmuseum.default:8080
-           project: library
-           auth:
-             username:
-               value: admin
-             password:
-               value: passwd
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| auth |  | *[Authentication](#authentication) |  |
-| cafile |  | string |  |
-| **chartmuseum** |  | string | Yes |
-| description | Description for the check | string |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-| project |  | string |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/icmp.svg' style='height: 32px'/> ICMP
-
-This test will check ICMP packet loss and duration.
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: icmp
-     spec:
-       interval: 30
-       icmp:
-         - endpoint: https://api.github.com
-           thresholdMillis: 600
-           packetLossThreshold: 10
-           packetCount: 2
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| description | Description for the check | string |  |
-| **endpoint** |  | string | Yes |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-| packetCount |  | int |  |
-| packetLossThreshold |  | int64 |  |
-| thresholdMillis |  | int64 |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/jmeter.svg' style='height: 32px'/> Jmeter
-
-Jmeter check will run jmeter cli against the supplied host
-??? example
-     ```yaml
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| description | Description for the check | string |  |
-| host | Host is the server against which test plan needs to be executed | string |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| **jmx** | Jmx defines tge ConfigMap or Secret reference to get the JMX test plan | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| name | Name of the check | string |  |
-| port | Port on which the server is running | int32 |  |
-| properties | Properties defines the local Jmeter properties | \[\]string |  |
-| responseDuration | ResponseDuration under which the all the test should pass | string |  |
-| systemProperties | SystemProperties defines the java system property | \[\]string |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/junit.svg' style='height: 32px'/> Junit
-
-Junit check will wait for the given pod to be completed than parses all the xml files present in the defined testResults directory
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: junit-pass
-       annotations:
-         trace: "true"
-     spec:
-       interval: 120
-       owner: DBAdmin
-       severity: high
-       junit:
-         - testResults: "/tmp/junit-results/"
-           display:
-             template: |
-               ✅ {{.results.passed}} ❌ {{.results.failed}} in 🕑 {{.results.duration}}
-               {{  range $r := .results.suites}}
-               {{- if gt (conv.ToInt $r.failed)  0 }}
-                 {{$r.name}} ✅ {{$r.passed}} ❌ {{$r.failed}} in 🕑 {{$r.duration}}
-               {{- end }}
-               {{- end }}
-           spec:
-             containers:
-               - name: jes
-                 image: docker.io/tarun18/junit-test-pass
-                 command: ["/start.sh"]
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| description | Description for the check | string |  |
-| display |  | [Template](#template) |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-| **spec** |  | [v1.PodSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#podspec-v1-core) | Yes |
-| test |  | [Template](#template) |  |
-| **testResults** |  | string | Yes |
-| timeout | Timeout in minutes to wait for specified container to finish its job. Defaults to 5 minutes | int |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/ldap.svg' style='height: 32px'/> LDAP
-
-The LDAP check will:
-
-* bind using provided user/password to the ldap host. Supports ldap/ldaps protocols.
-* search an object type in the provided bind DN.s
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: ldap-pass
-     spec:
-       interval: 30
-       ldap:
-         - host: ldap://apacheds.ldap.svc:10389
-           auth:
-             username:
-               value: uid=admin,ou=system
-             password:
-               value: secret
-           bindDN: ou=users,dc=example,dc=com
-           userSearch: "(&(objectClass=organizationalPerson))"
-         - host: ldap://apacheds.ldap.svc:10389
-           auth:
-             username:
-               value: uid=admin,ou=system
-             password:
-               value: secret
-           bindDN: ou=groups,dc=example,dc=com
-           userSearch: "(&(objectClass=groupOfNames))"
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **auth** |  | *[Authentication](#authentication) | Yes |
-| **bindDN** |  | string | Yes |
-| description | Description for the check | string |  |
-| **host** |  | string | Yes |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-| skipTLSVerify |  | bool |  |
-| userSearch |  | string |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/mongodb.svg' style='height: 32px'/> Mongo
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: mongo
-     spec:
-       interval: 30
-       mongodb:
-         - connection: mongodb://$(username):$(password)@mongo.default.svc:27017/?authSource=admin
-           description: mongo ping
-           auth:
-             username:
-               value: mongoadmin
-             password:
-               value: secret
-       dns:
-         - query: mongo.default.svc
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| auth |  | [Authentication](#authentication) |  |
-| **connection** |  | string | Yes |
-| description | Description for the check | string |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-
-
-## MsSQL
-
-This check will try to connect to a specified MsSQL database, run a query against it and verify the results.
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: mssql-pass
-     spec:
-       interval: 30
-       mssql:
-         - connection: "server=mssql.default.svc;user id=$(username);password=$(password);port=1433;database=master"
-           auth:
-             username:
-               value: sa
-             password:
-               value: S0m3p@sswd
-           query: "SELECT 1"
-           results: 1
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| auth |  | [Authentication](#authentication) |  |
-| **connection** |  | string | Yes |
-| description | Description for the check | string |  |
-| display |  | [Template](#template) |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-| **query** |  | string | Yes |
-| **results** | Number rows to check for | int | Yes |
-| test |  | [Template](#template) |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/namespace.svg' style='height: 32px'/> Namespace
-
-The Namespace check will:
-
-* create a new namespace using the labels/annotations provided
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: namespace-pass
-     spec:
-       interval: 30
-       namespace:
-         - checkName: check
-           namespaceNamePrefix: "test-foo-"
-           podSpec: |
-             apiVersion: v1
-             kind: Pod
-             metadata:
-               name: test-namespace
-               namespace: default
-               labels:
-                 app: hello-world-golang
-             spec:
-               containers:
-                 - name: hello
-                   image: quay.io/toni0/hello-webserver-golang:latest
-           port: 8080
-           path: /foo/bar
-           ingressName: test-namespace-pod
-           ingressHost: "test-namespace-pod.127.0.0.1.nip.io"
-           readyTimeout: 5000
-           httpTimeout: 15000
-           deleteTimeout: 12000
-           ingressTimeout: 20000
-           deadline: 29000
-           httpRetryInterval: 200
-           expectedContent: bar
-           expectedHttpStatuses: [200, 201, 202]
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **checkName** |  | string | Yes |
-| deadline |  | int64 |  |
-| deleteTimeout |  | int64 |  |
-| description | Description for the check | string |  |
-| expectedContent |  | string |  |
-| expectedHttpStatuses |  | \[\]int64 |  |
-| httpRetryInterval |  | int64 |  |
-| httpTimeout |  | int64 |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| ingressHost |  | string |  |
-| ingressName |  | string |  |
-| ingressTimeout |  | int64 |  |
-| name | Name of the check | string |  |
-| namespaceAnnotations |  | map[string]string |  |
-| namespaceLabels |  | map[string]string |  |
-| namespaceNamePrefix |  | string |  |
-| path |  | string |  |
-| **podSpec** |  | string | Yes |
-| port |  | int64 |  |
-| priorityClass |  | string |  |
-| readyTimeout |  | int64 |  |
-| scheduleTimeout |  | int64 |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/pod.svg' style='height: 32px'/> Pod
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: pod-pass
-     spec:
-       interval: 30
-       pod:
-         - name: golang
-           namespace: default
-           spec: |
-             apiVersion: v1
-             kind: Pod
-             metadata:
-               name: hello-world-golang
-               namespace: default
-               labels:
-                 app: hello-world-golang
-             spec:
-               containers:
-                 - name: hello
-                   image: quay.io/toni0/hello-webserver-golang:latest
-           port: 8080
-           path: /foo/bar
-           ingressName: hello-world-golang
-           ingressHost: "hello-world-golang.127.0.0.1.nip.io"
-           scheduleTimeout: 20000
-           readyTimeout: 10000
-           httpTimeout: 7000
-           deleteTimeout: 12000
-           ingressTimeout: 10000
-           deadline: 60000
-           httpRetryInterval: 200
-           expectedContent: bar
-           expectedHttpStatuses: [200, 201, 202]
-           priorityClass: canary-checker-priority
-         - name: ruby
-           namespace: default
-           spec: |
-             apiVersion: v1
-             kind: Pod
-             metadata:
-               name: hello-world-ruby
-               namespace: default
-               labels:
-                 app: hello-world-ruby
-             spec:
-               containers:
-                 - name: hello
-                   image: quay.io/toni0/hello-webserver-ruby:latest
-                   imagePullPolicy: Always
-           port: 8080
-           path: /foo/bar
-           ingressName: hello-world-ruby
-           ingressHost: "hello-world-ruby.127.0.0.1.nip.io"
-           scheduleTimeout: 30000
-           readyTimeout: 12000
-           httpTimeout: 7000
-           deleteTimeout: 12000
-           ingressTimeout: 10000
-           deadline: 29000
-           httpRetryInterval: 200
-           expectedContent: hello, you've hit /foo/bar
-           expectedHttpStatuses: [200, 201, 202]
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| deadline |  | int64 |  |
-| deleteTimeout |  | int64 |  |
-| description | Description for the check | string |  |
-| expectedContent |  | string |  |
-| expectedHttpStatuses |  | \[\]int |  |
-| httpRetryInterval |  | int64 |  |
-| httpTimeout |  | int64 |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| **ingressHost** |  | string | Yes |
-| **ingressName** |  | string | Yes |
-| ingressTimeout |  | int64 |  |
-| name | Name of the check | string |  |
-| **namespace** |  | string | Yes |
-| path |  | string |  |
-| port |  | int64 |  |
-| priorityClass |  | string |  |
-| readyTimeout |  | int64 |  |
-| scheduleTimeout |  | int64 |  |
-| **spec** |  | string | Yes |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/postgres.svg' style='height: 32px'/> Postgres
-
-This check will try to connect to a specified Postgresql database, run a query against it and verify the results.
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: postgres-succeed
-     spec:
-       interval: 30
-       postgres:
-         - connection: "postgres://$(username):$(password)@postgres.default.svc:5432/postgres?sslmode=disable"
-           auth:
-             username:
-               value: postgresadmin
-             password:
-               value: admin123
-           query: SELECT current_schemas(true)
-           display:
-             template: |
-               {{- range $r := .results.rows }}
-               {{- $r.current_schemas}}
-               {{- end}}
-           results: 1
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| auth |  | [Authentication](#authentication) |  |
-| **connection** |  | string | Yes |
-| description | Description for the check | string |  |
-| display |  | [Template](#template) |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-| **query** |  | string | Yes |
-| **results** | Number rows to check for | int | Yes |
-| test |  | [Template](#template) |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/prometheus.svg' style='height: 32px'/> Prometheus
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: prometheus
-     spec:
-       interval: 30
-       prometheus:
-         - host: http://prometheus-k8s.monitoring.svc:9090
-           query: kubernetes_build_info{job!~"kube-dns|coredns"}
-           display:
-             template: "{{ (index .results 0).git_version }}"
-           test:
-             template: "true"
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| description | Description for the check | string |  |
-| display |  | [Template](#template) |  |
-| **host** | Address of the prometheus server | string | Yes |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-| **query** | PromQL query | string | Yes |
-| test |  | [Template](#template) |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/redis.svg' style='height: 32px'/> Redis
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **addr** |  | string | Yes |
-| auth |  | *[Authentication](#authentication) |  |
-| **db** |  | int | Yes |
-| description | Description for the check | string |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/restic.svg' style='height: 32px'/> Restic
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| accessKey | AccessKey access key id for connection with aws s3, minio, wasabi, alibaba oss | *[kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) |  |
-| caCert | CaCert path to the root cert. In case of self-signed certificates | string |  |
-| checkIntegrity | CheckIntegrity when enabled will check the Integrity and consistency of the restic reposiotry | bool |  |
-| description | Description for the check | string |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| **maxAge** | MaxAge for backup freshness | string | Yes |
-| name | Name of the check | string |  |
-| **password** | Password for the restic repository | *[kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| **repository** | Repository The restic repository path eg: rest:https://user:pass@host:8000/ or rest:https://host:8000/ or s3:s3.amazonaws.com/bucket_name | string | Yes |
-| secretKey | SecretKey secret access key for connection with aws s3, minio, wasabi, alibaba oss | *[kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/s3Bucket.svg' style='height: 32px'/> S3
-
-S3 check will:
-
-* list objects in the bucket to check for Read permissions
-* PUT an object into the bucket for Write permissions
-* download previous uploaded object to check for Get permissions
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: s3-bucket-pass
-       annotations:
-         trace: "false"
-     spec:
-       interval: 30
-       s3Bucket:
-         # Check for any backup not older than 7 days and min size 25 bytes
-         - bucket: flanksource-public
-           region: eu-central-1
-           minSize: 50M
-           maxAge: 10d
-           filter:
-             regex: .*.ova
-             minSize: 100M
-             # maxAge: 18760h
-           display:
-             template: |
-               {{-  range $f := .results.Files   }}
-               {{- if gt $f.Size 0 }}
-                 Name: {{$f.Name}} {{$f.ModTime | humanizeTime }} {{ $f.Size | humanizeBytes}}
-               {{- end}}
-               {{- end  }}
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **accessKey** |  | string | Yes |
-| **bucket** |  | [Bucket](#bucket) | Yes |
-| description | Description for the check | string |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| name | Name of the check | string |  |
-| **objectPath** |  | string | Yes |
-| **secretKey** |  | string | Yes |
-| skipTLSVerify | Skip TLS verify when connecting to s3 | bool |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/s3Bucket.svg' style='height: 32px'/> S3Bucket
-
-This check will
-
-- search objects matching the provided object path pattern
-- check that latest object is no older than provided MaxAge value in seconds
-- check that latest object size is not smaller than provided MinSize value in bytes.
-
-??? example
-     ```yaml
-     apiVersion: canaries.flanksource.com/v1
-     kind: Canary
-     metadata:
-       name: s3-bucket-pass
-     spec:
-       interval: 30
-       s3Bucket:
-         # Check for any backup not older than 7 days and min size 25 bytes
-         - bucket: tests-e2e-1
-           accessKey:
-             valueFrom:
-               secretKeyRef:
-                 name: aws-credentials
-                 key: AWS_ACCESS_KEY_ID
-           secretKey:
-             valueFrom:
-               secretKeyRef:
-                 name: aws-credentials
-                 key: AWS_SECRET_ACCESS_KEY
-           region: "minio"
-           endpoint: "http://minio.minio:9000"
-           filter:
-             regex: "(.*)backup.zip$"
-           maxAge: 7d
-           minSize: 25b
-           usePathStyle: true
-           skipTLSVerify: true
-         # Check for any mysql backup not older than 7 days and min size 25 bytes
-         - bucket: tests-e2e-1
-           accessKey:
-             valueFrom:
-               secretKeyRef:
-                 name: aws-credentials
-                 key: AWS_ACCESS_KEY_ID
-           secretKey:
-             valueFrom:
-               secretKeyRef:
-                 name: aws-credentials
-                 key: AWS_SECRET_ACCESS_KEY
-           region: "minio"
-           endpoint: "http://minio.minio:9000"
-           filter:
-             regex: "mysql\\/backups\\/(.*)\\/mysql.zip$"
-           maxAge: 7d
-           minSize: 25b
-           usePathStyle: true
-           skipTLSVerify: true
-         # Check for any pg backup not older than 7 days and min size 50 bytes
-         - bucket: tests-e2e-1
-           accessKey:
-             valueFrom:
-               secretKeyRef:
-                 name: aws-credentials
-                 key: AWS_ACCESS_KEY_ID
-           secretKey:
-             valueFrom:
-               secretKeyRef:
-                 name: aws-credentials
-                 key: AWS_SECRET_ACCESS_KEY
-           region: "minio"
-           endpoint: "http://minio.minio:9000"
-           filter:
-             regex: "pg\\/backups\\/(.*)\\/backup.zip$"
-           maxAge: 7d
-           minSize: 25b
-           usePathStyle: true
-           skipTLSVerify: true
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **accessKey** |  | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| **bucket** |  | string | Yes |
-| description | Description for the check | string |  |
-| display |  | [Template](#template) |  |
-| endpoint |  | string |  |
-| filter |  | [FolderFilter](#folderfilter) |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| maxAge | MaxAge the latest object should be younger than defined age | Duration |  |
-| maxCount | MinCount the minimum number of files inside the searchPath | *int |  |
-| maxSize | MaxSize of the files inside the searchPath | Size |  |
-| minAge | MinAge the latest object should be older than defined age | Duration |  |
-| minCount | MinCount the minimum number of files inside the searchPath | *int |  |
-| minSize | MinSize of the files inside the searchPath | Size |  |
-| name | Name of the check | string |  |
-| objectPath | glob path to restrict matches to a subset | string |  |
-| region |  | string |  |
-| **secretKey** |  | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| skipTLSVerify | Skip TLS verify when connecting to aws | bool |  |
-| test |  | [Template](#template) |  |
-| usePathStyle | Use path style path: http://s3.amazonaws.com/BUCKET/KEY instead of http://BUCKET.s3.amazonaws.com/KEY | bool |  |
-
-
-## <img src='https://raw.githubusercontent.com/flanksource/flanksource-ui/main/src/icons/smb.svg' style='height: 32px'/> Smb
-
-Smb check will connect to the given samba server with given credentials
-find the age of the latest updated file and compare it with minAge
-count the number of file present and compare with minCount if defined
-
-??? example
-     ```yaml
-     
-     ```
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **auth** |  | *[Authentication](#authentication) | Yes |
-| description | Description for the check | string |  |
-| display |  | [Template](#template) |  |
-| domain | Domain... | string |  |
-| filter |  | [FolderFilter](#folderfilter) |  |
-| icon | Icon for overwriting default icon on the dashboard | string |  |
-| maxAge | MaxAge the latest object should be younger than defined age | Duration |  |
-| maxCount | MinCount the minimum number of files inside the searchPath | *int |  |
-| maxSize | MaxSize of the files inside the searchPath | Size |  |
-| minAge | MinAge the latest object should be older than defined age | Duration |  |
-| minCount | MinCount the minimum number of files inside the searchPath | *int |  |
-| minSize | MinSize of the files inside the searchPath | Size |  |
-| name | Name of the check | string |  |
-| port | Port on which smb server is running. Defaults to 445 | int |  |
-| searchPath | SearchPath sub-path inside the mount location | string |  |
-| **server** | Server location of smb server. Can be `hostname/ip` or in `\\server\e$\a\b\c` syntax
-Where server is the `hostname` `e$`` is the sharename and `a/b/c` is the searchPath location | string | Yes |
-| sharename | Sharename to mount from the samba server | string |  |
-| test |  | [Template](#template) |  |
-| workstation | Workstation... | string |  |
-
-
-## Template
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| jsonPath |  | string |  |
-| template |  | string |  |
-
-
-## Connection
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| auth |  | [Authentication](#authentication) |  |
-| **connection** |  | string | Yes |
-
-
-## AWSConnection
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **accessKey** |  | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| endpoint |  | string |  |
-| region |  | string |  |
-| **secretKey** |  | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| skipTLSVerify | Skip TLS verify when connecting to aws | bool |  |
-
-
-## Bucket
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **endpoint** |  | string | Yes |
-| **name** |  | string | Yes |
-| **region** |  | string | Yes |
-
-
-## FolderFilter
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| maxAge |  | Duration |  |
-| maxSize |  | Size |  |
-| minAge |  | Duration |  |
-| minSize |  | Size |  |
-| regex |  | string |  |
-
-
-## GCPConnection
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **credentials** |  | *[kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| **endpoint** |  | string | Yes |
-
-
-## Authentication
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **password** |  | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-| **username** |  | [kommons.EnvVar](https://pkg.go.dev/github.com/flanksource/kommons#EnvVar) | Yes |
-
-
-## Display
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-
-
-## VarSource
-
-VarSource represents a source for a value
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| **ConfigMapKeyRef** | Selects a key of a ConfigMap. | *corev1.ConfigMapKeySelector | Yes |
-| **FieldRef** | Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations,
-spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. | *corev1.ObjectFieldSelector | Yes |
-| **SecretKeyRef** | Selects a key of a secret in the pod's namespace | *corev1.SecretKeySelector | Yes |
-| **Value** |  | string | Yes |
-
-
-## CloudWatchFilter
-
-
-
-| Field | Description | Scheme | Required |
-| ----- | ----------- | ------ | -------- |
-| actionPrefix |  | *string |  |
-| alarmPrefix |  | *string |  |
-| alarms |  | \[\]string |  |
-| state |  | string |  |
-
diff --git a/docs/canary-checker.png b/docs/canary-checker.png
deleted file mode 100644
index 85cae7f3d6ab0650117348be4e8c50100692fc69..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 69574
zcmZs?byyT(`~JPObSaHkNS7krAp#PLbT`tlbT>#UDc!krcZagDNK5CkbS<5~!RPxt
z|Ge+Pa4gL1%-l0`&wXFl=RB`(%8D}hI8-<w5C~uPgVbjb2yGbndzuIn1VX_I(ia2%
zK{ppy5C?&(VsLK^F@V)UUnM1#WhEt_**n^qeYG|Pff#>y{}BGrBSzDwuad9IOyHvI
z@Jl(JHSCGQ1oPu;iJ~W3&YVprxGCJP*w~{3th%~l`bq*LYRU=91D;)=tgdh7ZN8wt
z<6x={J6dj}JJ=WAUqq3}9pZ*qq5e53NtWyF`{<&I*P4SR`A9<Qqgf&sgRHDubcN@|
zg$FrYa}jYz<828u@>6=1VH%=IzxXU;v6L$9{98{cBcvD6yY^c5`^Ar)aHw4xE&;C4
zTk8T9WUrx7)t@doteTu+VkKgkFA9ZT&)2F4-6Lw$%B!Y?FL5RLy-kyMxMjX~zDRub
zNe0J~F*}kur*=C}<HM-We2?hv1-&EFI<x-|W0WTr-)TiJ=x+9>1_xd*<SEl^`c&=3
ze0o-i%e_;7>uo(ZOxk&mr?X|_n~yT&6{}}w_2XrhFLh(1t<~UD`zACz5z1;N!Pv}#
z?;~gj<|hi82Fqldx?oSMy|ojR4=U=vsh5|DC|H!wng?0})7x%63nrHcbIcr@W!^I!
z0nZ21NM1$?bpP;^)m9h>tiiVbpa}+na7iD2Q9vna6u?R>Cs_q)taWV4N3YqoNU)kf
zpl2XiDe*6EX}jsJZjUFgE|%W5Fa?oW{@VZiid$T+S{$8~QE&IWBrHcAgIWSd`V+DC
z?h|4cwD7^c5Dbp(C)DZ~@dYNXC|wm|7Qgq$v{9d%y21`(&RzG-cxQ&JmtGwp+>foz
zHiq~QhSHMHTM?}YVbG_3i=p2R0vxTJvv3kAuo!h&Ky~%;F%1EXA8T1>*OXNYP716J
z*Agc&25D-JGRHg%V|>Q#Tnc{{R`8)WwKX}}-5rZS$N7mdsQPBFp)SUu-K%NRl7|}4
zc;LMjL4XCpg?DyTf2&X-@@j{TtVXl&`dB_cvbqL&OcVX%r70!IU~g6#qeg4ktW9sG
zA2v7$t(kK@=qHqX|Go%ll5u|pepI@;zE}2y6xl$6o=H>)xS{3jX+NmmR&`K)*rDI!
z>?A4rSqf<hcUF(X2A*wx9%KIbWGSI=eCqYpPTKtmsd2+RYNeUN!Qx99)LL6%o7r}6
z=XaGI<jG(dWeZZVpJMIi_WU+MhG>|wPtVrNP^%u@AhK%UsTE&3qHl0;aJX(R)AtUM
zN!bD?i`!~B@HlN=#qpD8pQ*E25Xe8K7`K?WEt?t-Dj;ui|DKSLdEm6@s$U9MmNzrA
zE$`v7(<_A&p>taI@gqh=4-ObDr&6e@Z0g9!sPJNh&8mJ5d)!VGtLv)j-1HD`%Y$3q
zQ6*WO+n$;eDWJjl^=lcYJ~RGEPEJBNnVG-sr|6t0u1b_4I^nB@CZv^))>^{b)FG!f
zZ_Ld$5OjR@zv<;Jzab|Gtng`5;@0e)_NXFv(MP|0I(ba}<`u($E!~@5*ZZlmingiz
zh{`fbq&IP&i_r@))hA-k@5Cem5MFg0whIM983-475;56tjQUJ;z%yiQ{}cO4Hgd+=
zXfAV)`RuyAXvud8GQBwpnybgBTWk{qT6NHI--QKgSoBy4PUS@#N^|eQ*KM9)Q%^L#
zyl?<T^;@ffpRe^Rq}E$LK|m9SQ(d?6xApDw2_rfP!)H${M{rMX3`U^8_?$izj$67O
zD9VEcblK}J(chF(_%!hkAoB#+K02RYjw>DA9If@xS9}&3Etd%oz)1Nq;Cem5R2xxJ
z!kQ@N)91d}@nT6j!qM^d$K{*r0|te`Uyp831KY|Ckhmrk>?!c~a_!1H3Rwd+)sBvG
z@}8$ScQ>8uPk3rO62Df$4ceEyNOzHVsT>UzS!B?mWK1-Wm}7O{sw@Na-8)m$Q@H)A
zlnW0??CaK_>^o?cMux9m1y<uhJGs8sfv_J-x!dXFLJLYSE?v?5$_|@3-g054#4yIe
zQh~xK`*e#}i?Gh6v>mrZ?5nTS?4@Ws(^#qUmB*N~0Y|R$W^YrSo2|;RYrVufYs%u=
ziB^M=%9>xfJ?dZmhIik$E_?)O)e?0qHqr41;6tk4wBAJGExomRsb}3kTaRC8BWye0
z=#XZ`o%2;o|Mv<rE=bg7lyy4u_bVM&6wn`c#zjLsgWj;eFiMT4&rH&J>ky>G{f@rA
zPjb@0W$(8nJ?2t%FL4&;!_yD4#rly8E$>o7!mH<w`nV}tS^A4repXb5YBij}I#d`w
zF4fzxwzLazJdPgFE_)rPc;1b>>ZYdV)82Em7IP60^>pDc^vNSSFGDNsvK98{Z=~jw
zy3PYFxHmQg(xHi(tiizo3ylt=u}Tv9n*&ct1Mr^eXk8r*fIzCMi+z`#KQLa@xmESq
z$ztDylWRt*CMB&=+RPcXw{ui;U}Iaho6pR|h}t%Uj<}S{_pBZLc<BLmY&VNK@Ybxi
zo_W(xWl24$RLh-zu^g15RCF9po&fIW>)0yzkg!I`rfBJQ=Wbmha-N3x?zR#eyDeB%
zQd0W`f<Ym2Gt7Iw=XoTZI&95DVK#F1q|ugiey`ul`}A^ays<+Sa>W52c`78y-6V}9
zrCUAQ<7))o-;bDq$4MjS5!(lt5l(|!FIB$g>atITe#-4ut(sh1`jdC&WnbCncw&*&
z_G=|^8g3McEZ3D5+1~kN55J^mVc{6ry4kG>#<go^dK-s?a%2j*F9>`(yt|bPc$7M#
z&rvtK#8TdPe>Vx?zh8~GJ~)_)LU!C;O?P}&;pbq#TaV+h;mZ^}Pt<-NmE%77BVeP9
zS5abrnDk=jiy@w0l?+|q*Pk41dGVRQ%nz66=h3h*@%~s)#KCRmykfAJc|VB~PZLRf
z!M+j?-ez1$kLmH(7D(@KvWUZ@G^$Ddh}o0K*7fV-M80~(&5dqLZ0v09iV!`#7u!p3
zux2~#;?+8boq<A40IIc`HtS!j>(gmD^Y0<g9-Rj5Nn<w*_h~r4Gfo%KWQ`!(a*~M&
zVbKq;7z`4QwCfQmYH?XntI)gHR!X<5NgnoS`@NnX4Th1D@{2m6pT~y04l5$E&9qqZ
z>Pesz=f>*ZfYLH)C+S%Sgh?Lu>9q1qITA^!ytZU9f9AT7ke;4-U~gjfzCkD8SvStR
zbnF+$Qks&a=)|%wL}*O7H{kp<bM@J_PdUYQ$;C0-jN^#WiE(h)lOxCs4^H!B<tT$8
zva}X<O{08YKY#ip5ztp{@yVs0A(B&^Tjp`f{Q1JPvh~ZB+bG_6eG?c;BI_rX@3Rhj
zvjmJ=Ta%NPNQSV2kKaF0_tjUtK9w@={rXc8F_tgvG4BQT@My68_Klt%M6TBeMugz6
zgjxRLM@;L6qTH&NDk~}xDP(@{S-A4#VqxAGd3dx?j-@6fA`^v~Mfg(>l>o=z<FEq%
zpSP+y)^AStbyc5Oxl>U;KX+vLI#I&x7atEE*_&c}E*{iJNZ&CuG_O-w<9WWEN5A^y
zXdXZ0*s+Y~PW11Q03PH*0*fkDUP|b4CA7Mlr2_rCX+NLuVV8K|=g&NL1g$jsQIQc-
zdvk@a2!Sg`&9KQg!vMhsqCC%L0<khZ<TPf^7X=N(9FH@7QA;%(wkMYE6@R>W^nxTv
z$a_qG^SQolyZiQ+IP7J35}l{@6e}pg6qXi<b&Ig#ezRf!b65@XJ8v2RUxC~n4QO<i
zHH05aan_e<E4&UA_x5wk<r3}4d-XC9411Tdx_YJZ`;A`a`#`wOU%zXP#!mfqe|GoP
z1EB+CkAC?9xJFCRWnzn)$}a%5fBXIN8NN%Qld%7yepO*<sVbzmx5m6m2)=W|P}s3{
zcK`-v;G=2%qJXQjQ{jyG`0vl4v;x+DIbCh1%Lihvp-bw~SBaV~0(Olkeq6954s{mu
zzmE;F#$WER`vZ5<9Z{^0T3B0Kd(ua41@th^es?pohf(fq?!~?F02$lZ7N4m7a@9cZ
z?zULil#`OPeC{vDBKZ|`t@0};42-n3B5A&)+M^_&iK1_$=lcqZ1YZ=Z^jSZV?q2#2
zQd@}p&?{kBSLDKDyxYum#+Ccf`Q1-oVYLsG)}m9W<Qcs`W8Bbj&F*Jzim!t@VDLfl
z3>^)V$k4lNDgd?ZZqZX(V_Dd9w!yUprP;~-VrA9nRDNYS>7s{FvTfgf#cs52GjZvA
zzo5s&*5ji_7M6tLh>2TOh`&8ka?XpT+t}Wptc27XEuuPfF8O45Pt`jlJSrW7TOSi3
zE*fkX(p}H?aKER`H*mB!c3a`Hpc&_A2FuT$?9Nmf-?Eroe7+B-ZgH8hE-nVm%=li<
zWlQ?&pcsShZ_J;WgL=!=-|Bg&ROL)Pbvu!<Kj+oCXwk2xN%o}pi==$}x)C{n>>$6o
zK_Zcav{XVD4NDoG>}<m=qO*d^K3Nx-6X)JGeK@o){`iCvEHXJYU+JA_+j(EC&<Y0p
z2<7tYmbk%#Z(w@3^d??Lx;I5~xm@r0&kml#Ne6H76Eryd#}99{D?z?s#~00yqkFn8
zgRrp(?`{uLdDT_<X&T9b53HQdtb6*d+5KOtH4}x&A+7@$=vRoB$S-|g+}&>!X=p<X
z;{^#T;}on3skp%#U4d-c%!v8gu6H#eS0AjW+hZb&&ws?6-r}F2k(ZOp7n9<~$lRe7
zw(Zpi1!>lR932<k5e-WqA&&A2T|^tRiFj8$lj}Un;mNpslFuPZ#)`|@E^{Gxr8_4F
zkvYBfTInq9Is25Wvn+itR*vWSRbnSfQE9Ki-Pf;a#*~&?k57FyZwpE16xz0;)SJCq
ze$txPr3?$`8X09>qI>!V(x2p8QyA~AMo8`{l<P;U6x#dF)mzF02effGE4uAg&DnJz
zp2Ff{O)iHh{VLkG|E!!&>-(mIVf?<!C`$gPgy2WwJLO;D^0yF8pWD-MCD%P1Wu0C7
zlYM+n>%X1;a}8)td$S$B(iol5w9?XL+Gs*&e~VQ*?r;vT4}ya!DY^A%*)a(-gqmu<
zR7_jcYROj5{ie%uAU+E&ONhRfN2F$WHRYl$APS_3dg#;8O7%JFZ{9g@Q)w!G_@H#2
zBwxwlv3yK|-$T(kRd#W2RWa&qJCA<5j7gC8#`ONqWsih}o2pFhH@KjhWN&V#+&B^p
zt7szw`Bi-#j~~p&c~7*BJwB_JL(YAI(SULCf>dfb=(nUSr0@OlSbjUM_L|n&V!M8t
z-P}fMw4Omg*z@;md9sS;a&mcIIct5A;m@c@#jPxKKC<783dpLEN*!`Hkz>8PPI=ep
zeAH(o>dp8l;8|F|6sZnhU{$jo1YMj6eYDZSF&qzZrQ`GoNQWM_D_c0?P_;DfTxFa6
zi^l(S__CV3c-SKL?V4-GVXZ%EO(%DzO^|JP>#;xni>S$P<0*>f?+-iYDEz9zN6!{8
ze8=9fS7UzUq4F73R6VG%oR)GLjlYH%I3q}$(E_hHGog>)I8B@NZtNXRgcK_gmBnBF
zksPM?Yqeh$%^Pg1cO4x>oS79zd)ck~%bP8`gU<GnSWz0!W+x`@Z?FvJ8-+a+InFtz
z{ZRP%LkSx!6XIXVzIz9U`~MEE(gZa-&((hILTziWodD+<2D3iv`$&W?KJhvdM?C$-
z=bX~Ws_^i2ll+ACftZnD-Kqd&U&Qs<@NbmH!|rrJUTdQ8Dy!)_tLqa=5t{ReKjx7b
z6_2V6pF2{C2pzIWejp|VF2geHXU?NqXbKqApk2{0Gqhp5kOsR#UT+l!p@Wiks-bFS
z+vA9w2+-%x1&VA;#nd7ixn0UPwhgX9HHS`p5%d9=gle8onalz#gf4tKW^4Jqo12@Z
zBPJn9to#TXcpufbD`H6Z8_dqj0tMjF(d{r;ckyF%Mbp2<%o^pRX=llI8z7(&o&}rS
z-PkS&!I!H?U6<GrVN?ROrci}c5Ra`8_%(&+w8apRiw;Ds(fC!3h~Nrg*-7YMM*+{u
zLNQ1|9HQwcU)TeB5$QgL(Gq>z`|bLioP6ylGSc^+`Ux_MH+=2(nt{P?Nl#rog3JC(
zysT{Qdxf+{S35^XO-+c}w{PYn;ZByR6sH`ZSN)aRb;qv4c}3VjR|$EfDbAujl!nHt
ziMm|&6QiqqR7*!kbrM3}+52s8jziONElNI-MpVQh2XV1AJ`jC*5GMEWF+4tjDPg?{
z$8T-GhNnie;^0r0zCdfnR9Ql~@vrY`G%eo0z7MC8vvN{MB{gXTx=yi1^jS}B>3PVe
zJ7tq@Rx|vq0p4Vu)S1$8d}=jcpRUN6HRhxC2zdzo+qb;aD-@y`T>T)CJB>Z}|4bWd
zUrgRO?_FIV_$N|Bc7*S5=5<=yB(ahrxccSf?CpALa48_g#8zmz^G3flMm#A}Dni_l
zv9S`v9F>ke>b}&>16!r#{X!%pH~F~dr>m}pv)nKgKHoL`{1a7GTEPsV<oH@|Pw_54
z6h=En^u@P>{Kjw1G|GU?A-%fQl8cH#ftgwE!?F+;m+-=QbI=Nq4adh^?X1ukEQvts
zDwQil5orc+04NMQ^G%iYxLWr<%0Hosnk$<$GYR@C3_0XbD~rDmBlf;3)xt1%qwv%I
zdJn|UA3^SWjNKW4F|F%5X9EINr~LqOr?zW`OmuAz$uDZFtY71YExc|VTD%v9Ad^6z
zP@r_qaF56=%+qni?o{Aa{ZgvA)+8#Q7)d(^Ax9uLoVSjl97#GxHBZR4ojPtvuz&Bw
z$@>{g@-A5exj$x4wQ2i6RDT*xA+j4+yP>?OsDzpMnD=#3a&oFw10fx(>3z@TXl^R+
zNaj-APPwlC;7c<71}%lx>HE|AXu@>ottYXsP&m&PJ;~$;qPMmLUCqp%3VSSf;`1(_
z`rI{jcuh_%xi#snk1LH9uK8ol@2{`-_No-t&eoVO?0+LY!cHCDrs~frl=0rwS@N<M
zA55c($glikpwXyoBjTU9#>63X+OTqcy;D)m3Qbc=pUsi}Oo9+}`Jy&8@nI}ZX_Yqp
z9YmxF^zrpWhuSGr#6P<tO2yBVS4*5lPD~jKEtzzeHRHd}uX6h$RnZ!Nv$qoJ9fKu^
zNxSRJ)HiBjQU7D1-QyhyWSpc!V$p;z+HrfmU<;$)O0lY)O`!@kMkoR~fpasI9SyX6
zGiTRlo&P>3Yp4E@EwSZbe+nOD(CN42i?uut7x1R?<0`9HWdXrVn@Vu}xMYuO*CxTM
zy+><n{V26oNwL-DO3%#I)N<l~|IQxTZa*1o0`n_<&}eJU@~b+;uqeK61?JGRxlhl%
zPChjbVw1%y4WS+~hJ0x2v^+N49b_3@y;;Emn1q_%ZuxYazM|sSuN8VA0F7jXNE^_d
zh2zXyj=uQfPQ}h}e9HTUfh(7bciJ}dO)$8hLc3CIH^x?Yv7NR-i1;zJ+6TKf3{dCa
zJlU>9NRSo=ZSgt(%e6nx(-k4Q|8m%g5uOtLi~!Vl#8%;CKB3NCrQkOv|A2@pJ$QK-
za%6gEx*S8J@vwfbKL!i*LE*IBy4FNEDRS`RCE4y`*(eBPVlr|5bGB~Wf(q8Nbm`Az
zR&(i(g-M9{3+j1$%BC%JtzMSG6<C#$Lgzyvd_{K;YCIl{V87ai9G*)_X>swEgSbz7
zF2kQ(WZttYh#R-*L7ck+%5@_mywkbSkjY^MMr80_nVvE7QDZ+x&&N)cQn`AQYD1&1
zZ}5T9oHVi4PM9z{0QIH}lGP*q2Zw6Fh=30B(50yPV%6vN?pojPXe|_9yOpBT!fS)F
zED>C$mP_oCrMILE^E}I1-I=LbIUAm-x%jJ9ThuWtKw}ZJdD?w<R^ZdO`<$tGWxDI!
zE4vaOlT~TUt5==t+Oh9RAg1?ef}_Y$KnHoxo=cO-jKSY(_%Lsa%jvzPi76Z*NF#a|
zR##F#?ZbK`S}-$FuI@$TT>;I^u`R`q?MF2RMJi-Qi!dQK`m{1WWPdrR?BARJCW-ES
z9ipYkXA+Hhzw?=t*XZK#>$uCoMjBG35Oi~|#X2HdG48x=QYCcXsz><D2LWqai~dH6
z5`w=oj!4o6S+Z<|5Eu9M5aW!{wTI7aojhfdSE|tGVo9K5l`w>;4EevvP^zTs4SCt(
zo;J~qkBF2V^FxsfFDd@>rMzLK{LhFeFBK9gFZTy3Iqd!;o+0*>cdE!42lt6niPt5(
zS%wp&ng=C!Q-Yid+1;$3ZmnGsY^(#|G6NDHbKnyhq&dy|T(8)evQ+<m=&iH9;JZi8
zjPaqOryd)4i#*xC{s=g<C}k$T@@oR?`&=GFQO*vO6x)|k{RZgh1kWbbQO3sbLax@r
zvHOa~-C0aN700vM#N7N;{P;sow(A6+msIExhQ40(Wvy)#0+&B1w0JCxZ==S1<Y>+N
z3KU7rYqwaUYV<+O>G@N^0>y&niKWl9LVwkdj8jkR=Vt5o{)iW9*YBQetql;;ZcoR6
zHC<XnFF+~;lsPBjW|3gc#dcjMChWp&mBLqByEA<ebM<8<mNTDoSA>|bJ1u(O8|WgE
z`Xy9a7O%E(jg1E!fzk4<OQ~J6#xK&}SJXDG6(eh&D!x6fMPXe1^ZQ3@C?zEXbnHyP
z?y`j~%c!O5_jkMnI}@^70&HY)vK5){SXfv@m$q&;sD<v6^o4#rw{pdXzM0zn@e)!Z
z;Kb)VXsIA4;FxDK$7QTM86na^D_A+dtWJEgWc*S#?f$aRZRAEb)6Tn#Xp(o~i?4SR
zBIDT6FFZU(L{7H2`0GNmjds*~NCLc7h~};DD)#7i;&Yb2JD;KVk82x=`iIOwpizmt
zW2kH#dwXN!UxUplo2B-UYLf7xl5j4+IxB^OT5eEWajg@K#&30Xef?7|sB(OxFw<V^
zH#}(?CjLccB^=p92r@%@9-z2A9qNyY5psm_gRrrG|CWHii&P$BO!CF$<sv?ZL=m#*
zEwnWFJlStq&)<B#_XlO<@mjLmlNvMO;}41iolp+n3q!-~%|Bg_@d>ffL+yfLuneBz
zmCZTz#06Wwj=OFq2l=GL1X|&3CwAR!&-Pbexk0yAOmHiJwIn1G(1cY?OqF$iEl{9_
zseC45UDlaDzseXKO!%wnb-u9Dyl+3QQ$DRv{z?xqsXie0w2HR;ikjmBnK5w9Vdkpi
zM9dQ(9)UtaIzEn~TopdSp7bcaw0(ZI221FiJiR5u{XHY|m#@@3ujpxoQ&P6m$(EP9
zl%Lf2UZPS590^yPoyNy+I=v7hn@VzBvKhyGMh{<bMXA*~c>WQFqUZgj<?qXipBP+(
zr<6tNYhlEurodp#X{&R87eR&+N#hRC83GgwZhwCBgd{rt*zX{NDpu{OY&5^gW_P4J
z0>$gr`TC5b{gJZTYgvH>j*ev~|7P2>Kum=UuR{X_Osh<7$AwPd@wPLGl#t5O_0Z+!
zC|}tjBGZ_jT%6nVMLFjm?2YWuN{r({mT=Tt-@->QeuUTH<N38Ere|YNop9`XSy`Ew
zdMouW=%CKaPJg*e%pI5#(daAXOiW7)5~-80tB4S~An6GEo%ZX1VFs;nzKQOi?|U@P
z_sO8G?gHsyn^Hj3PSi!r%eK=0PIqlr)A|`V&F3EviADgu<v!BVV7FmuThwv=(cRst
zI`{gr*QKNHK<QL8t#fm8gu%nkQheW<FleoddMwsPJSPD*Jw6VQh{WoLOhh5(r{<qU
zoRQq0aj_&MCj5FW(Za|WO0@5AyAB&2UF5^=#?Q@gv{;uI>rFLdO`4Q4@u@dpd$W@@
z?BG^EGVg)t#*eh+j;J6%NNk#`9-j2ehcu~Q@_`{QJiTac2M&QwEWc`I&8rjS`R;K5
z(Dbm^4)8jKhqevVejfVw1)1+guOD{g%SmS3p!1EaLw{JE9b%UKlYgm(Vd~Apw}Yrs
zf{o0q$MQ6wVh{gYTAYlBMm}g#;1vlV=FAjoTA9Eibc9hLVub#~Jg*OAWaJ*ssVp<k
zVwRTF>c(Ze;H;hpHU0=GD<0iqP2^qN99`@5|Bxi}aL77r4K6@|0Vt!@^sF_l;I<RF
zKAy62=TFv9`K*gbX<cPtP|xrY(BaR?7qy|%x>DDVy3}`&ZaiiHnoq@0@}x#I_%{W}
zc)U=X)vQL5*G?}B)u7#KYI&-U9LvL}*08kss?)z$D#CO$XLmOxMQp^baiz)-jd_#!
zr9?v9LspU&w0jdwwnS}b@?R;)as;WS+{LoqD+Oa=34WE3pv5MpfG?KBjt$Tdk1;MF
zLyA+v)Q<K;_V%8fY+J@JttfkDoL48Ec2OV>+Q>`1fJ>8Fd%aw4onLO&&u6~de$ATL
zEs?&T?ushBL>JrJ#HtTg`1HxpaJqcSN6^zn5ynzs?=vEd*@Hy~V%2h5m9k|Q^Js?F
zxpDw1ikh}6#^G-U^N~eYI==;&hLMq@qeIp2i56E?Ro$jzByBXCwsIFC)#D<sJ0k}c
zeGWuqnU*P_lx;gD>5^GAJ+x;0g$1JGQ!Wk;-?SxkF#4&p0QLSDoTjCOQpN5Q3%_AP
z(n#ub4FiHfv2g(aQ^*Zk{x`;$od+FBN#^EgH;0m$BI-IQK&*d#=6%B@CM)ag++dre
zr}f2z$8~R8vwf8A$G%aa^t*>%b@d0+b9H+X10%9Yr?Ky+t9se`q;$F7b8s|{{O4UG
zQKw&UIeD}{TO=ej1b(WJK`2KH-g3IDQ?uYc=x-gQq{P+E&-=Or;&~#*L;=W<gW;6$
z!(X%|Dpb*ZOZI5deZH5bm6s3wM<KNmgF;-oU=-c;EJ^=L<=5hPK1k1ti^J~B8YX&k
zcyTmmht+twK`WTZj^PGRfTb5Iplwc9s6tka{95*BJC-~X-yqTm>7J%}WotL)eaFr@
z;<VQAxvMg^nO!C#4+f^{<m9F%m+Qk7K4@V*FA)k+K;Jy4@7*^b+=j^e-k#n?$0u;9
zed015T>nid+Ums*sC24d@Tk=^lan=dZR%b#RA_wCa9atE<WIL4E!Ry=(aOA%*5<uh
zgiV+#5Jh2)zEx9snI`wmo+NYJa4qIh@cI|Xci}KBo`15GC#&5`>FGvlMJtfMZff=a
z?YPUIW_ZPyzKxWb{M+uG<!EXKs6#Z!4Git<q8B8<P4Oq<>7!xCsP%N!N*UjBH1xSX
zn@oD2xa6@jCa>LacZpDzN5(Wh?WaKdDe&&(<`|g{i(tnIwf@&l=q)2OUeVLP`sFAm
zXJGDpun#%p>OW0n>j|l|ZZed-Sf>`^1A_B|afU|BkeSGi$;rEMd)OsM2Rg^|2e?D?
z$UTyug$2lbFLpTcov3++(&y@csI-y3wULF{zC{`r?ihpt<wx-IgZPZBxi^6L(zxIL
zX<A+MW%&0T|40mZ662W}wVj(wf%LwB>tkf`P73gvJ__d47>YzW+1t6d_$Q5A?#mQ1
z8j9Z^2F{LEg55PfJ2w2+3($o+!h`Tn<9J-yfT~*YUHXHfU2y4BR`ri>A4bbZb}!Zw
z_PUHTYd;hMgm=l|%O7>U<m6-kQ_p*_7y|%7m&)3mMeXJi0nAw-iyjXf%QlE~a|jzE
zq#)tRV|#Yl6+N0>I!#TLg7`!ND)g+;4`YdJmLvZK?7oheb6}!Ya>2!hp`lzELYj*!
zE4(g`)5&d^vp|(jo5-Q#k4=5MJx6`-Ck<w>FLE*XbHTVaJaMvx(BH-SwxMY7HxvPJ
z195c5kz8k2J7f{R^TvfQ46-hnlE{;<c5r<%GkmBzl<-5(;9mdBrqx+uNVa##5uocc
zO(5I%xaCI#X_b%uOx<x}*ADSc;9bZ&YyB|%{>YVXA`#K%_J`VzF~6c@`|r{E@4URd
zIb0k}JPV7W>g?n4j;GM;Ra|HD8EbKtiqg_zm2|~iVzI=YQ3oqP+48s@pd+N=GabCU
zUGmNRo;7Mw2Pgva_iHf(GA=F)w`=`vH^&W2s5-uFa|^jxofzaomnJsk)%w2P`%TU}
z0G`sS{q^gSR5w33Je<$>sBc76)QiI4Y}fY=xee)2KU(xYzq__;{)Y72XJQl!t@%ab
zk>qJYMIcemV<P}a7$hXEXfqQ4UI7%qA(+|j=BGmNc)_yV<d&u2wSx$_pwH+HB_4PK
z-ILZ5`_2P}kMPFBf$>A}D3u#ppCCz=x$pX8N2i?%s^DE&K^v+;UK_1S9Oj2UyVbga
z$?AUTcxwIz^G|MQqi9!B3?f$o`(*cUt)lSL-YJHs@I#1EP@tx|a+&E94v(UvD?a`{
zG(^-~ZK~OXaky3Jzi~A{hfD5q;IkSuhTpN@JX4dzfmQh*!Tb9w+3rT;P(r{YAR!?)
zI3kLs!3y4>5!$@O*Lm(~fVT`2<Y+S4Q3Ju!6#<=TCHQ>FcZ(jby;MkOtX&VvE07!e
zMw)S(q|4*HU2l`7?`}E}t=)jhp#F@}`%ka;`FVu-Q-M4kz;u%7T@X(vvNEr;R5Kam
zp&Ed+nd8GU*eyu4w4Aq1f_QtvDC6>A>0H6XYUeaCO3%HzPWg!2QyhK@YC$!PAX{EU
ztka@9<I+?a<3OJ5qGN?FwPi8m{Yp>vMy}M!w%zSA(sT2<=9DD_GFKO8s<|Qb_N|7y
z_t8i4GX3Y*E$kqr%{Ar0^UMq`7_ZH-db@>&k=Ba*V*$nySb8IT>+6Y6OakoO^_E9l
z^1Oz<VV>mT$wV-6fUcq>79JEdRmP8H-%|B_=rTuoRT#etw=BDlwFE+GHAB);9UP~=
z33obJtXkV&06~*Re)<!avM~43z;kj8<d0%lrzhf*&_2Y@30uZHUM0UxV)sVS0@F;r
zUB`Aw^MJk&KRrAE7qsgVxYAFJ((Jm_e41(pGJ}0o)T?=Y!mjE|5f%5EKb?swjp4PU
z&qn0=sJ?HXqjAIT>-QSX`vTVbcL-6Vj?ZYrnHZEs`9zlFnpwS99y^074Y(;ttBSsi
zK)ZJAlN-QN5~g;G-v)8o{?c+gCeNQ_+Ha|}`56B-@SY>>P(rmtref^ck7x%!3D7~G
z;FHC4_kfh{$nUWq*G-2W3>0RrUOOO%jXGYT{Hi`q!P3;^=g-e?^T_^PZ<X{n2LCi$
z@&Q;Ds!UOIi4ZO!|35tU&pYB&_9rD0X9KBrdf?%*22{|iS6(N?VnsN~;G~_CuK@1R
zWTpE?tCNuM-q;)Ga{YIRUd*&!%U-?b!Kub^dq<M~-CyJUd=M#v;!jSyr=9spuw)e-
z*61Cl-1ovKf6n$+4uneX179<1>`r&p18lABZl}WgoRBI$)2;zaWQy{j_xjXmq$~VM
zS4K>iGvJo;I_`D7eWJmNL{Q^F)Fy?y`4RVbu349+CNu(h<HhGm;=$nIckS1oJ_((E
z=`o+K6YI(UJ{j;_K;LUr{kd_E+1RVP2%<}76MwDX-Ka1VO5q%y7)|U_zIX3VJr#2E
zTg?f@K7XDrXVXRnS#aN8O~S+(CqkGwDvB=F2tf@kIjfoXQhh*Fs&xUFnm{xHPIs4p
zr;KoQ08r-bq|;KuKVP~Cs;Rmc;wm<kYn@)Kp<#mN?Ip##DmvbKI59kZA4ByX;@ncj
z!c%P^FL1VFD6`|SV-6n_8{q`V>TFw!jrP*5w6s}`UWcu&+xoH0&9r{q@_G6GZmcOZ
zk<GX?+j$->J4?()E>dtbTheV%6*E20Y`EKQvsBZl!~SV+Mo7aFK|4AOWvYVkgjLq)
zW8y(G%Y|d$%T>J@R6y@t+Da2h0OY4kUZp+v?y*u_ty=%F=F=+UB70Jj!#YKU(~Mv?
zva!vvd>?7w4Lr3BGPYJxTv^%1Hc#H@AQKbr69HOLpG{@QH)5)j$#1Ff#XLMlGV1pH
z;ZXCT#?2Rg@*Eh;IuKPy9Gu6kA)#~x>OSoTNwX!YfAb5>h@RDR_BXNm-tqh3y#Dy;
z<fh-Htvw6w-uI*(-)I!RKhli=xH3P`lQ!k3FR!Sn`y-DQNVggvX=+|xx?E$BU+_3`
z?g#lI=IjF%KXbHiww*&cdJsatC_2N4{TD|L8+ou4dmq;v;EM&9-g!m9XUso6PfA#k
z|68D7-(ayM@+Dr_BP(Zj;<xt7)keh^MQGyUK=2DP?$YlVfCiths)pKnwVfxcsR<$!
zuC@3vsl}_C%2VBH7+4AG;hp*x&UmBCU6<);Ty0LVrW31}(fjrJ_J~#KG$dozc-eBB
z&e*abJ4h~X+YT8B?uQBUPJNz;x$lcg5inF4+MBJjcHgDw+-r!TX|f>hOi(AF0_1Iw
zZgZ^_!X7;~PT8s3@iZOjdByGXRIBdzjtB=%FN79+^#o@osm5GV<pMQ3%=<~Lzzvg0
zSDezK+gczY>J374M2NIB==3=>QZ`n@?rP3Xa(Lt|kJkMHo|Bej(XmuYfk#^oZcRx^
z!TZ=~THF&a$fU^|3bUcGAnQ78*V`!d7i|Kx9=!Kw)I3fvRKvCSG4aIs>+Q&|CDYI7
z4FDs{*0{r^?x}EnRrdkK+mKly`>cYE3kQH4!j#e_TF8C9(^GtI9L{#d13|A9X+&Bp
zIUfh_MpOiEYkM=Z964YI-*m{wZ7XpQ>5k@DX+;ue3Iul?5vT9m-;JzL@Ns@_3awyK
zhQQOR#y&6IDmc$Tfd=0-bB;0%<Q5$TQo60T9F9#iR|^y4=LQd(y~!_}-gD;!*xcS(
zv!cn5#2(9csm=n$(Rw&_C=i~k53SEG1$5mXAK-Fqp6WJR)KMw)Fb|%a(Z3EUygk@)
zqCc#&kBg&buh^G7d(Y?-g$d}jeM@35L+M|y+BrM(i9*2$pYsJ3rAY$%6hH}>K2v)Y
zb{L4JghWK_T_q_D4<6?M^WcnmF1@}A8nu%%q9Nj!_Glu*mx>!@13b3%4~(1r-S-{#
zF(g!PH-5-W0l2to^=P2Q1%r`Ev#tc7<T0jOb6mTS5Gitptc&R3r=rm@(i&s!9oOf)
z^Ukd6Pju&v+G{v+CX^-J!tHIki&;N&_G>KrYv-tpP7bizQE@Nq)Xm`Fo?d+&_d3sw
z(_S!qk`|J~{zi?Hdz#QWE1NSA3r+iCzwi2b>HdBD&DE<_omdLU0_Y?W>WgUU_-YoF
z-)?c_zm7=#*suTy_^-#qh;Of_d2y8}v%h<{C1B)0H2y9v>P|q^+K%Ns1Uh#r==iJM
zxH{X;ExF?u&~Db~&KJxZrjzu~_wfZaFJ1hvRenmeB_&OZE-?M!viK39JkcF{7FwjU
zNS9t(IzZ>jw=ps>FSH{bI;P4zpCT2+1QTAkUwq=S_CE5%TNi6bM+sEpgap0~w}Upf
z8+ej8oQP{=$K!Nr(M7;i6Oxek<E7`h3tzJn6Wc;Vg$hHVN@1L-ENUY>@xs^i`-W3n
z<n0j_2!uex%9*|-RqA~o{cCc`txLc3wi#9%i82pXa_1M5?vtU*&zqR2wOyz$d!IWw
z=%|<BrbuD64^R5XAkRNamS~p)ZW+R-IvuOcH;zg%%!tV0<ha<eYEy~saV7OHY5XcG
z<L$ye=Ro)jP3L^BbKX$&%VccFhKIEy5B=O_C!{0NkZ`qbS_=rEF#`v>$;XFo*wohB
zI{yDSsHC0q$PH34JxA5<mDe*fWEe3bZTwHI4UCZ1vQg!4rUaP*`T6-$$61OVA*a{H
z?u?)-D(6%^8z9)|p4}j^2srDF`f{Yzb^HFFPIKrq`idGynwmB(L{dgYkSE21ZqDYq
z0{KSxG!!#R?*%x8QV{B85+WWGf})0_EKDY&rA5WXw?98U??4jt6P)+X;;RRXK_!2=
z92(pfvp4#20p8J-Ll;z!OVc0Sned>B@{TQhf%I2RI@PVN2m1?OzbY0&;s5Na*o#(G
z6q0M%#rhmmN#cPwwB$dsb6Awtx9wW9PTGxM0uXTS!M&DW{TVW8xv(!8>P4-{_v+}^
z%N3R+E*PEH;qFX$`1W@7oB72CB}S7|bqWeb_4EBx`7f?indk1YL2@%oMshPVY2fnF
z$K>FQpFcD7bfaANlk^YW7AA>b4&Q&lG1hIihyATItTCV4qZOozdic!vn-!U#UwkwR
zDVc5IeU4(#72tV5%Yz4KAG=(kXu!vfLnzvE2}I9#!PeY*t-rfl#5?|pf{Tk@Mvs5C
zC<qjSPtEVx6Vk~sA!%vp)=GH3FO9*P*5`G!=RuAvlpaBimOl7fWedy_t0LY=eCGA*
zecaF>eE%mr!V7{^`}H<*2t(W(NX3n_?yNP?DSCD)JO@I~+%!wjJk=>uMHVb|E5!=0
z@2)#xF;9ngJa}zS7D)GgDF=K2dT_2wq#dz}CT$v8>y>3C{?!#es;P?f#F`is_Y3>d
z?I70#5Hc-Juil=jJLfm+jN1A!i&XBEr*d!2+40l8-B|yP$UyEcwKkbTtBg^s>l4`q
zVnn^ETKHgsO0`+>$M{YHzehxsGDQqPVsrKB0)~8O`Q>2$jxALqyx9imT<X{un>OIe
zcH1eFjsWy7MvkPsT5i9gp||ED*LY$TBft1O$+En!Vd;<(&};)QMF|9jn`&1;)Oq`F
z6<{iWIKv0e_E30ittYqlTTpzi%TyuQq<S8|0jha=B}1p$ObD>X?fx-LgWXXXhpXT6
z9DSd80xT?p+A4r_0AK)a>%`W{%x#s0O1S~H3$yw-N8%qoEVovZEZ<!dK5gA*_OmKa
z=C7%JoCQYQ-3DqxO$MUhS<TjCRBDJ^mr7y*@V-tfn-d6u4xhpA!ltWO1C#@QzJ~84
zD4eD|dm+=SSK8US1k30n7pABGgOt>@1M+#<RT_h#pE)_*5^alX2}Nq`qxoMS?Bd>~
zMs%c7J?Pu{ayZG)UMTgFRXy6pupNEzhY;O^{%+5%YcTX8Gn)+>IZ3chSLBuV{hJ#m
zVqhvgWHrVjrixe!{MwRj$$o?mR~;&>2Y(S}@gLVZEF(&<Xmc3)w_G<3tx-o^?<-)-
zTxjM`uS$#q4ECSYpJg*ka5)I+K(pOB8q{2!$?LvLJmA-E@uA1ECNC<zjxZF%E)FFl
zqqNleDG-sTyWfzz1s}UeLh-O=zDCmW`5~E|o9);CAyck~!#8gqX3ws`PyV)xG*<5M
zM8-B%DIKx^5aYHnD*uTQMIXZCtoh&>`SHp~Z)Qaz*P*3uHZsy8VL-##+0@k1vUczv
zH=gaCKkflxT21HRZ)3L=Prac9%<hOz|7=Nm*;o_Jpua6=S_fauVIYwGT^~7M0!aUU
zIH8it!>02yvEDr9^IdzQS7Z9f160Z3dCu-kA<&LPc{D_)W(43U+_7<9o9?oma@<Ul
z)0bo~JK46!{#~{FP;>Qd6jN@#SKpJW@5LhaE8lQAP8MR00rv0x?ExSbe4Ka!&LR#q
zQuy>^rgXYOTm60%mY&Ok|3H`~zBL>5E2lUo#q`*&jEF?k3uV7C5EJh@+mo~6c(`b(
zw3p4*)KG3FapQ#42f|D99r^jCc+>Mv{?64tH7mnxJ>L=G(YQ!p+rK5}t7Hf`jnrbK
zDGZw9(#!*#<v+_PrvqJ99H?{D#JScwIdQ59EGzpe|M~yz1{hktuh5)xVsbi{%uYbm
z$scpRUJZL7aQ|7dC4i$E*QI<E&^63<l!KuRLSJ$a|97htG5`<p9%O8(TbINZQTpnC
zyA2b*NlV3x<l-?9E6x9J6M>fsI2Qt)L^Ty@*z-_pvU@fOdC5xlzr)q|C+3C|p<zCL
zY`p{wus_{)H7vJ{W3pRLcW2zbK%&Z=06N`ip6LK<niDn-88+i_-Pv&J*JA$9Jpk^y
z25=YrD59F06wTGh5Rne;KEnG7a^YoPMnkzke)Bs2d<x{OVRb_PYwM2}Mj>yTDeM*_
zwF9wu8PQwT2mo`()RxE%=jY?1K8rN&-&?zXe;@&pPDtC`M$%M^g@=e-aLb+4(kL4D
zK9VlYM-lt>a5-s;4b<nH9j6`tu}ZD48pRd69+Z?={QmHNw^Qnd*rmrEu<EbzO<TD9
zD|A59SNaJC$u?hE0@iayrThIBdnm)Np&=*>)94lj+8+y==nn~`1ig5OSu?%4deA^L
zN}2%1pKM9%bsS8fe#L9!V?-YiO>Yc+b8`0|BCde0^r%6A9#@zjtp2|nLq$qV?Eo7Z
z8flmVs1z5B64xjB6(Bv`97ApDyCniw3Nr(S2LRU-n9pTbjI=~4(*TK0#_h4^qPdY)
zb<ja4L;)1*cpm6h=T#nVq*AtAZp_agw6A$hv&&NP*>?xka>Hn&0iUoJMW+GC?QAAK
zo=F9i;g*wQv?AdrcwoJ7Rn`EStyfSiFGc4}j;2ZG!GFf}134(?7e$SW`}WOEOcBBV
zm8~#CW6=+fp>F!NZSS<sdy+~@qG^>fKFZCuw`Bo_kL_&(q`0JJq675)lo#E&P%#@z
z%F?pZ@qZoODeQ{IoZDKhw6hGTs1U+>$U_^naDia;$4hE<na1_^vy)frvi&6x78cKw
zN)0l$!C!#9t3Nn2^q>n(meBe9`qg-I{3+MADZlYzEe56ivcPU>ryQ+utAJKe<Pv=u
zIdXkQEBbV~8`pJzz7i$NTnTo6fwtUses$7x@8hTME9}MhmNd(JgpBR%0IR6z!^hn}
zD9igT@^Xuwgdnj*(<WED|9UDU+qz3j=XFBY7F<Uu+OGGNkt(Q&?}Yzz;6GS|idFW`
z<T>CviImruh-JCrl9FPF7Txlb6VW@3#!Am~QU-~C!^Fd@7FHlLkB$W$8X9&MIA}!E
zbzkxoojSe%Fa@Z_Yz7DbJZ_;JSgA1-#JVl@N|`G?l-GL=)z!P!ev0WNq%pK;oD?La
zv;=-ob{2NMntt$NmN-SYbyq;UH=Wm?nkCzcavlm$f6P)t#aW{WBJHgUBArLuFkA7w
z3#)4o5;V%^ebw&0wFS7Cv9XWHgQ*A78tew1nIY22t=#`N>Ui}=t?b6wH!fl-I&i^k
z_7((n_yOZ2Afj=!Uv#1|F)4}gTTT6~!tC+A-{JQ;>T7W+)5TSO@SW|1h?fFIYId!k
zAiAv-%l=p%XI|GfBadoHA^|VdMk-kZ;A2xrCMn-h#*HqGp@mX_5ShMD%Nzk`5&yxQ
zD-=+%0u2!`iv;=qzLn$j`}pSKuXHPVxC#Mtf+P4INe4UMPsqEwMX_!DQ6(J#dLOwt
z@pVVduiaa_VX=Ym8NGBYGc)M50yC34K;{TVz4q$3j44RPC&MGg#|UUNI(#<&#K$Y7
z!bE}OZg3C@L%TQ{&}(CF`_i@&X+0A_3z7^$_taf^p#xsL?V>OSsp}X5^&}p*g9$6J
z%!lWg^3pQUy8bKp%E{R|f()V#xc^}M2??X$qn_RPqw&qm@cGqzjr;6j%^_pu7j02$
zVa(=7^4?f4V|=E94gpG&F)M$Au$jAJ#)MHCTdzo@4x5Z^IXcE4Yc$tZ9v=9fx7xS&
zv%!e<8f^D~vbaz}I<6d5mZ*Z(d9c?^wJDSW+=7Ll!jD|;0(t^-NzpHui1%zm+QgTr
zjb3cOIEICNm%aErOE=2O56hxj?v+2vCcBzg(OOT*Y}3Jtub>a+*M}v?ow#9#)cnDP
zlYYJsiiy0x)vtw`118?WkHnaD2;K+N1ws^Um@rV+eS<2~*GF#fpkrDg>8IOS>71}p
zP={A9&E{Vf<<6#8E8fK=B<Bn+P*1K0xZPkS`oFnjvp0Q(H6X~)4I&*8F!BxTH*4Iy
z5&#Aiv_I2XPX(L?<0V6ZdO_DjVAi0<vuodSnwr==1sV6(+O|2;`vJutvE#|HFUEeq
zF$Ue?BWk(J&X&9E_2b^SrC*=9mtO;fUZoMn@H(W1wg2wo<pj+yzlTWRVR@kg^kyL^
z3q{yUk8X3&Q`OW5VB8HanXM%Tli3r1*Aw#{|F5>sE^v15DQ8xe!L>__VUyF=H`0a$
z%s=gIYM#45KmGPC4FPvYoUO;*4Q@@yLWCWq+H}w`*Vk!8=1UT0PZ-b1^)FoTmPhv&
zCX-4DXuf4~c3t!1Q^o&Zbwf~M3uo4vab(87b^&8SzwG>wgG&p2aluBXzro1BOrJ~3
zKWPDxsqae#D^sg!a&fZdiVfFZ;lZP4V%pjqo%pgch<6B2Vo*W_4W-RAAt4nwO?n>K
zF)SS5$tq)m5b)>NSCasrjyV1iOL8;0bEKa8Dbv`(9`^H<^S(8pu54}HRhaaIG=W=O
zgnej)i9Aj^37#CKp-LA*2M2)}=%8cC@?A0>CKvgGD)w)YNd8F;)6{f#S48wjfwF^R
zx}7~*T<}kXXts7od$cpA^<~`6h92p?a5gckw=k^YG^<G$PECM|E_@?pSGQyaatEs6
zVwLQ~*)r`S{-U0}{%Z(+bH<9m#PvD#LpXo{kE}d8U5mlWAVoyBUB13k3aQZoCT&1?
z-YM^K9vX-lU@yew=*`t_Ubd6Q*azgC@iP4w2bk~GZ-DNMkBeSC0tuGCpl6thDP@Jx
ze?yMuIvkiL872#R=8XFcL^BqKW%#b5-`!m@OhFP@;^OMGVC1Ysw7frJlOExDv`c~W
zs=R!^T~WR($?^l2)tB!6<thaC<5|NO-CjQ3TcYzNC3Wcd8PwoW$7;n5vg>GbN8Vg|
z++Lkl{Sa}B?3aymIk25e1myblb;`GuXS&|+fWbHMhd(sG-WDJ5imdcpXzN5m%5QGo
zPA!dy^uWK|U$NAykDpkSpT5!Q720i{H6^%t4%M=8c5ZP=<?T4?=SM7C*z$Fm#$yup
zlY1aH?BOjgHkl$lp=j2#P8&m)2(+P}EA~UF2+>=+4&h6a^L>z(&F5Gs22d9er?kIB
zxa`=p(3P71w7gy5EpkK@<?gJZE0B-|v^km!HrK@bAS<glWdVwf1F-HpiAkMLpLBI~
z@s&S2u7|Or-P|DSZPEo$yv}Btoh3sWbtqn2|0YR-!X2BQ`dq|_lCkeD>T;U|GE7_r
zK-IiYpRj8?15)+aH|HWSShxJ^xXAs@qUVwqc&56b_M`u!eV3D>aZR<5Ypwc7wXH7p
zYocu=VL}jke{9@b{p}uaT(KmU!;%EUAJexv7(7lMCq%RwKiDg_M3!!D(69uYyD#p2
zZ-d`;cwgJYE22x7y$)jI`Z6A-=9b$_#1WLwv;H%|s9w3WjkiH*b4pbr8(X4ugi~{P
zxWz9rs;Hf7>YejyAD;`9inT!&WBRU2!|?)If%rr<l{J?ZozV!9Kw5t#A;W)lb>I<c
zh>rj0PoQ2{F+F^*D@3b&B?R2R=mE84W1RphLe%7Fci=^+-ge!pJ}PBN55s!T5lqlc
z=AemT{*t9j!}-)7?b|o5x9F7;$sZfxf&=Po*)bNF;Tm@C=liwXh2wA>o=n*|tp;{R
z5XD=wlg)#6w4Xwkg_-SlRLh&A$H%aA;Vm+b4DKz!{z)O!=y{&=V&racu*O`w7DT~+
z+=Ku;SQ*}DQ`+ifsEt?KySqNOoC-oe-P2kY%tuf;3r1@#Q0&)#eIupj0eKz&=IG!{
z2gxVi9Lw7RNMscZsF3+L)&Ey!iwbClvvpAYW^%ov5~{bD%SQuovF+CcVu@|EV>>=s
zmCxUr4pte{c`dsvIVZ7-BJn!ce@B*Ss(cCB3MIhbv+X6ghXzTL-z>MC!~)~@&S{JY
z)#l~J0wZH*Sz!ha#2)1(RD(kzbDO9l1ng}u;!*pr4qfz~X1{go@;&B*1`&$S!u%$=
z*`=%{BXAb;DFPHJd|mo*FsD0XhajBjT9Ff?#EU@|{6Z0TlFYbc)TpYQDqr8Var-m+
z<Grrk-PYEzu}`@slwz@JW#M1={d*_?+o9G&32cLxdm}hzH~#%8x~0bZIs5+WSAd1R
zLuN(mytQcps^J?dbsJW-LNoj8IbvEb0-Vxu`8ur{qkFllsR@e!k0NW7^EGs?o+-cK
zL1G<ZwGE@hj%>g9uNUAg8HW#0VB7?@YdaOa2ju)|MR%cRJYj{5mZa>@HyqRX(d@6B
zr2E33fXcKPUWfB9oPv+@>}%F(o^jayj*SsP{oCj;UH&QesmCMTBYjVWJT-0KV<aI>
z<2s2SOGWQ~5Y|&Z@WwDN%GoZzr^}x#5pSLHprGyTDC$B5K_`oeqO(1YmQq(cke@VA
zYF(g&<+hQ`4?aF#&BlGfR~c$MK+vk<eZ`nR5OTCV`Ii$gSO1cy&_`e73K_kY=Il0r
zM#W?}I3=TPPRKF|CtAN*@#J^5Y+MiH9zMNf_OE)??5a*J|6=U8__kf<S_DH*<?^n?
z`{~LXbaV|4j&_P2c*;A=k%*!5qan)q<I;dtLd`@|7yxJN^eQ_I9xbYTYTPy+?o2e0
zw1-g`<C4!>1J5KWj?}uT%>#}&m`#YED8NTBF>Pn&ssXMITEV+JPs8jk`(2Gncxc22
zU)L(VFc0^mKDjM=*<2LBT2o}PDAeXNKu`zg*6~3WCskb$T#i}bBiugyd_mRt*}jHe
z-nRYn;l<&rRG?192W3g)wq6a&IsMt5{(nS$1yEGq`!`=PK&4fblx9Ifx>35jQ$f1B
z!JtzR=@5|aZWg3->4qhwB$v+J_n^Q3ygS1%12^{8xzF>dW49*b{2LwZom|YX#vWDk
z9!Gh3?H3=ZX{f6#z62t+#?Znos*81&dmOc2pc!*=E-RnqDz1*%Ocb=}7?tlV@O$&L
zhCbz*t8+kO(xs*O9*;inI@c4u--P~SEITJI?!GE>9GA`P1M()6Q0r_pziT+z&8(Fc
zoXnFxmNAr8Tf4p<yW7w&BV??$ROQm$BYh>poO5Zlvy6!C!=Lfd(ZyyO={OpTjUlaG
zJf@_%BlSD`-RXWSll2>1DVGQDW7(OQn%0D`S#2Tr`m1!xy|Z5Hfpe5|dJ_?Uzfi0A
zZf&fF^b8cv9Vl<V7Gfg*U4!o8Nb!|j>&JKfs&r9@PWJUN-#C*rife3rcB`57{og-D
zI(}{3@7hLALGLipjrw0TCV&4PZ&qs@PSQmyuM+o?Ee%bLg_w2}o>8YA$*_n=)qf6<
zHA4j2garEjM4=%RNL|r}1PMvkKpinvX9%4rd@XN8Ni=|onRev=Nylrhu>n(6*E++h
zij7CJ-nC_I4X~kP{2*+gb!&`H(ZC67-R+qEBeg}fd5@+BQ3M*0bj9nbc<C0m=^2!i
zc)WaU`u>fVF^B6`g#%Tqs^WtCDmo4*eLMy^6$PJ$w!LZ{T_0>b8sgu7LUxDU%+dGH
z6SR$Qbg)!lTS~bqfs(QWzm$>BZhK~RFhqYgKor5ttB{K^JLW#q<bk{{(eHeMv6g^0
zePqogsZ$~~GM`q8e=dmI_C9uV-lOMhzA9-X9@Q_#fWtrd2us$nGwzDJTrQOE@hdw!
z^Yf#lg{56gYij~jHVGK4uHlFC3dJ=QqieGboWs}X><K`5XMnYC|NhqHoLXr*(ZYg7
zJOC6o)5d9Q>g`sn+*6(}>^cMrT&rIEUkTjd5-+aw#i~@@$<_vaf*kI9b<i#vbmwQb
zL*zO~1DRJ|(J>Fn)q^jGXn<?bFCOzCcc@3xsgYA4<H4OciW2sW^qkMOvb1f$M8#9j
zqh`z&FP8QZtL`NF*^SP4yg&^OnYVr193AUFhg`=|S6@#2Wi9OT@ajtd{|6nSMd4_>
zcB($I4u|MJo5};Vs&t&Nc5=IBPOHh*PiSXw)TpfA^?zkn@q=+m56fJ(OQEhi;J|mr
z^E*3TV7he&dyRJW;?}9W#vHV?d?dOxOAjo2zAn)`#L=>1m1$<{W9EtoxNYPceGWf_
zPeO<m+Zrb+=@i}-t73EcZ;hA6lcDUf56)N5*UWoZ*GZOY<_=KrjMeEyVcZRB>b;I4
zBHNQjyrO<v)Y5VP0rOC?(#HMJ1Ujs?gofy}>0v!6R31y)R4%3ksbh1wIoPabc;8si
zs{lr5+=NB~6wwU1U8f4yEkSLRk4;i+&sW0E=Z0V0I=Viqdh9hYjvjJCJzu1A=(K}t
zzcq$KvN<9eqsOfM?4jlinrowAjvjr}$>fA4-0{&H*VCS8tEoHVsawQEJh=~ks2BdE
z_RA2%CM~clwLf8oT&z4oi^`bI_+p27K9_->MiCj-=yduj$9zU*fsx|z_D|}01^K7g
z>L;oifft(Un7n^j%wS|YhPHFhqJm6WotXQ>|0CfCWQ!wPYb_kPZ7Ar8rssQ6TpJg6
z=XftQ@r9JND@in&z_j_@vN`ZB{X!eU95&tRVUvE(&jRha7wX2mhX6b9aiWmV{^Gcr
zv|~L!foRlF2{zt5mG2j9@rRFTt9|(I6D!M*UfyJE5F1*<Ti(6h7y<(x$wCm>FS}9{
z{nP0;{9ez9$C-5QY8E(lKZ;yxx^cC?kPON>zp+W9_q#}XD6u+{h21?}uEk=^B)@}u
zzp^3L!^51F@R@``#Vkj<=ZjK~*#{r*A1yZ5W!rXWVcE=9nLGS>^3ed^a)Z1<19pfp
zn}vsE7Gn!;XPf`ME0;@OthTcGqWw}rZ-R2t;MgoKjd#r6H&<cVf#mh+%Noz)H|^@r
zyIO)BeWF6~Oy1i|K1@}3zN0nN;$!}De{uJQalYbOU-BI*t#k_dKw9&M-W+)}O+%k4
z{j1aesA*~GxUDz22f|-y>YwaX8g~aWzjtocq2%LTA+-Lgsd3*<Y5DN!Iec@Z&RRZK
zLBpy$k}p-_+usHb0s)$(l(XHieu!Mc%g@LD7mh?&Dg6}^1d+^Lf#3|n$Fci*F46?C
zaupQ1>YHVh%LJE>G$Yv-a^!C}Q}K3I%lsAGF!SOi@O75QQB3}j980z<khS0n!_&WB
zXc0Wb$49)GmPi4ey}-p%+fZt?PVwZf?+PZz0Igil(B6#G&E;fqcLXutaq}5kAkO}n
z*&xx!I40dHB?A3f;a^3CMaNvM;={#Cyxz~hC-0}|`BA0y_F}~|O4tW@Lm(%)!VY)F
zs;xGByivX!6pe0@=!)U3_gAQui5)bWjtwwH;kJ??Vv_!K1`boJ;s$n?Cu7^FbE-*|
zm*J^=z!l{&SA!gV2m3>yxHLJMJrXS^m>1lFBCCxhPG}o?3b3|T_U1Qt+wr0M&?qN&
zziYhx>CKT(>x$zzg7B_;o}(W=&^IDq-#-`@-NdVT*S0=r*A$&*z%5g2rVWy__IssT
z>|4x7{tA1=Td3$rI0E)rGWK|ld{A3-K$S4M%>otBsR$tc>yT`@#)t1~$rA7%2+1XW
z)>X|3C*pKiS#0j@H8CmHp`m3E$N2*{^d>JiK0SlK=0ldfUyd#3o#=PZj$97MK^B(U
zZ}0mNUJ(#f&w{{)YO8ejOi)At8^{T1#`Y-96J;@5TW+o>d{9GUh*L4>1y=lMAo9Dp
zSB`(*Wn<`5#K+4<GI)K<uXnC|<s`4!7#~Z0vg>~P<Lqtme+&{ef`OhNUOzwZ1SBQ)
zfB5P5E0-oTHH+L&wY~i=PmbmxByckJoV+|>heYlBQ85KcQ1z#P@#ZgGD&3xcb;ABX
zBjsNRbSScxY=f~xNoLvcb(hCf$;j704DMrZV&Y76(cX`zrx=Bb-(+H_LtZ*##hbCt
z`}rN<OUCD%+}N~$UI6VeQAhn8R+%3Z6+2kjjs-`F2K^#c7hXJw?Ay7Bg!rIXL(eWY
zrnr9crn7Yd>J95YC)F(SFx&G5j?{C5n~MG>#?RgF_QvybOsAMXo@|qQ(o<#me&H3s
zV3*Fq>*ol0r@9C=qE@+%i_em#(Mv{mNjw#|z@vY!bk*=A%q93{nFaqRYeGQAD=<E=
z{OaVNCw(w6aneuD^ks(7?`_XYSSmjb*$$liN8S0-TRq4uaf))Yqe<0g4(r*fcb^Pc
zRzevc<S*YkN}C&I%~QArw{|9(Mh^psfyksQHj5WOg21x{5u$^G2H#IRbJWb(Ah+YF
z-M3TiG)m-F%w>cq6T29WA1$|=4bU@Txkmc!VD2<;&%Y?;*Le+DdEk&PhAW<Zym_a^
z{{8Mg#eMw8;p;jqt5_lBe=MaBQJ;ieUqSNC6oH$uc8;Zio`@0?UA6FOTh4*z^We0X
zYUgteoJ0wf!QZFJ8D6}Ye)|z>HuR3X!Y`7veYNF&^=N5pdd5zeFrl4a$+jh?>-}<i
zzz833Id$|vSy~(=a)>1{D?QfwKsbSI^TY=g_Q>!viSSl2vg<M&@<`ou--6gQr`qJB
zo2$+su3OU6)^F*PeLv^BH@A>h-$=+`Q)biA_?nK=M@L4MN0J>6j=hubx4js~D#jVS
z%`_oozAzFuMj`Prh7hoUyTGp5xF0*JsXj3-r6L|+wr6EqG6rIyqGMQq=C$;vSZ=%d
z@QKU91Ic&yoh=K_^x$K;4<6IgPq*k>;4;_)hX!c2KB2d#+LZ;r3|;Zf$6}5HW#fi(
zAKM~JiqaE|!D@r9M=l28xoMu;#lXtRLjPRYw<}!g2}FV`;J=?7+&pY`3(wWIbJL%_
z8s0*iEOp~yZhrD^t#5q1n_SYVOudlT$^QGgB>9O;HURzs?{RokPG>QcQdBgSD~#l!
zpy0n6NW>9B+ngvggS7|!HzepbT~@({mRcf-lR`nE7u{~MB>Cud=3ZlyMjamWY|DK|
zSeiNImG6MhhR~xgy53bcgAvcj9?B@UBd$TUm}Ubfdw0A^XfWMy(vC9{a1hBqZlK<T
z+q{NJBmr!sSuc3X^30Lf%=$GpNAb*zjC9>w0%v;8o|<I&p`;Z9)9RYq#gCqCIveek
zcmnqHFlA`R+8Ocd=^`=ZD3znpg3&D~W#|_XD{$<+or{R5TXE#l)|QOoOKo#DbsU;5
zP`{-O72IY_mg8B3%&p;upLFWy{^y{7WJfr4kfo6()hvlPB)OMqOoml(z;b4Mt8GtJ
z%>~HwhS7_u>5S9*uFFPZb3x4N>l_1?)ir*#Zc^9IP@6g1dXw3z2x4+y_nxmFN6Za*
zMMY(}Z%Ru`N_L+sX+xxKX3<i3GA3O2vA;&Y_I5X+X&vNNOc=ID1&z+Hy?HyegZ|)E
z+%qP$$s+9r4koOnGx&d?!UUWXm(AfJPrM0Qam|lbBgm`q?R1a(t;Q-dyXRMJ4;G<V
z08jz>L0b3wKUC--gbURLrrFKV(5NjY7;1^%jpYFKfolgo^IA09kBO3RJ2-}-yejvP
zqN&VBL)Y@JDdMv6gRj>4RrcrlA&*VrT`8;y;%32a9g}PQaChS#+>e9?Jf6;-p^5B3
zpws&<f&Bqm>pP{E0{70d_VB>|@0yv*ne$FBm_KO8E$o@}+xMd|o)9sh&isI91i(9n
zDlyS*yc<OFK8!X55tyDW@&O>Z=EIETy*KDYl4|3rjQ#Qp@1Akg?6W8fx4>SrvkSwQ
z>#iM1oWi|d5g3*+0hMHQAKd75qI1K=k%R1YCWUdWv6fobxF;?rxn;M1*&OudHVLD!
z<S^dgd7$|w+`F>V2mstGg6f88)3$$3*fjj7E8mv`3q!`2k%aFc(qhWc?>7e8o2%12
z<^bX5gvwU~%<;e&Y>-mvb+BaUS8e_u@T);li#1HGX@ZTe)m9JQRaRTN91Wr+bAjI*
zspiPLt7w#frDJvcy*_xfv3&xv%)Azmxcvo78Y(dwjMB`6tpG5*vOe3ZRt>#+DY5w4
z9z>}*n&an@zEuxn{SdIc3sctD3#xN{zj#TMgZ+RkB*Ln?b+^l)EP`0G<d!Tuf}yUR
zR>T08W;15`XS~^qk<o;g;{EW;<<A7N+8`}~i0XOqbr0US8!7*#?9{o$<ZXh&x?IOo
z&`7A}?7-nA3*>&U^roA=4&L7Vwfh;DIbgSxE<bN`D;MiNT33gjjp6m+G8U@otCD@A
zmF08v>2l)}ph*9(#tyX{G_Lk>0k~tyI55CX6vsp-hc;cy!h7-gQ6$OxaHlR)SdG@h
zM=lL+i-`FBuM{30*xfd@8NA35$>p!#o!)N>T~KeN$i{TuTK{u$vkD=n4Y%gG=$Dhs
zRkzGDo-|SF%5A=&3r}C4{k#%yQYzn2%3JXgA@e}scd)8eOlajb4rkKFx9%mv+Ti3w
zOXY9W1L`ZF#MW;%e(+{vh?A4wEmQOmAPUmb6?z7db8BnQ`HCBey1i6Y&<YBu^VJ!h
z(d-t8^fwz_(0P3I3U^1)m(CIX{$zq^k)&gmUZ))nAC;1rK5=;mVh{H6de_Mk))JdV
zJTR<ac`nxlfJlz#8bug}w{|>vV&}ES6OCI6X&X?EyB-q8z^msw$eH3alrX!$7fqGN
z&F6-#VQ`D)2h&6h*+2W|L>q<*8>jRi0-5y?d`$*`!8+Bm4JXx84bE*BeQ1CKlS^-L
zv$HG!lCF@DjG*NxR~Wy<Hi=-;>#pZli0)xWr+Ovd{fjoV%=aftU#81EcdLi{@*hQL
z0qV|Q;^&uMppcD;Ntn(VY;Y-U8qHVr@c7wxD{crjAO7$d#~SUGVWjRdPGzKgm}t<j
z+9Q`XH`INzDpsOgMR+ZXV5(C*BSqWRW2V|n%Im=)Z2gMM5%Ukc6cmC!V>$O8@wo}P
zv#Nju$G03Vtg|~YG|&A_fB7pNwM&s6ZOr|pQmZVMzy9@Bu0+rp^IUxnJO-Xn4QGuX
z8eLmrU$jf3s;NK!U--)nYP#{LHLsx3ZwXfaO_199eXkrPf3UUbeK9eJ&iG`&WJ89_
z+rp+dw3JVk=Vm3ut3tD5?#@pYRBIW;7pUvmznx5cdFOLc%mDSLvVb>niS-+2-ADX(
zQq%*kX3~c@*X(kR`}ME^Qrq?Vjg*a@or(V4Q%_^ksLbsKW)p+OK&&vrjo;^no1`Fw
z6o88=vo<U9Dh38`-+ElAYdRnbTKgL%yBhZoFJWi%tM*R_lLvKcCHU_cF#irD4i5ea
zlxj$e{l$?;Q48~)K0a?AUXP>oU%%eB>oBH(lv?n?^&zEou*Eu)D^yQ7Iy54dmqfIp
z&mS3RJ>Qo4y8znt)<KAqY=-)yfXN@hgn$25<)TxB9?YG>s+fSg&GT=umqITcg!1d1
z(C2JVEGdYH85v??)L@qVlBHAIoQZW0Yh!`rxHnJK?Yb^jM9KqogMMF4J#i2dv$&ZI
z67n<UHPvw3ZBSPHc3~;y3&Fn|eM9YXPEplX(jT7DJ-D{Ew$Z5f=otpZ-4T7aRL|`s
zB3~4rTcm>Xzb~-7T_!lhrR&===L7foL_2^5*rbGnXuOE&S$u<9ry&ww*QM6{+M$8p
zM%GOXT>o~UJG|_v;PHaiU{9*AL(FeZ7UGX98y6e*>}ld4yP1U0uNtQ54lNmqVCJT>
zs;aymql@3)q`Llh>O!%{R;?>%cA2M2^u<2W3_QeNe~0;&!^3e&S5~^p+k=|w&fmRY
zNCru#gn+Ao=zLS#skc7NlPWI$tlw)N4-d24{(aHve}5PI$SMWtD0|Otwl_DGuUcgM
zzrUXQlTC0@vakrlchgwkV#tr3+<U~c3$F_C>H;9lB;wy<Roqeut0@yYN=gREKE{-n
z;9Y1n_g;$k-<Hey##7d7w#Gv$eoYh#U(yrd{aefVE?8@PbHr_4S)13}-QG*zS@}ce
zzyEEze`W24KzxLv=mZ5P9sX_z%~|bsg=nfI4MXUAQG2fo@92<!XXD4}+g~KPt~>M$
zL>ze;6bFL-FLlZ(jsE-Jj##A<=CB|E=TlH4QV@g;K5x7}`PVNDyJVKOgt|QWxB1<B
z`0HG4sA20|CxlVu#npZm9@f8wB|rM}4oORkRr&f9t^Qkh(;R$3UW(x0zJ6m;pyUOg
zH<Dk#Vh%X$abf>XeJ~gGfP=zVaIi#FqzlQv^+>Vs*LgTSkBhXKr@m6mw+pzJL3fKa
z8W+|I@`AlT{BI$2uu%545cx<L%l%r-{l))(oOtEfKeC9}K{&6^mFL-{i~NyiuEO^i
zsXiyz8a&O7OxV;kaFXv#mVlRJe(!Ki<xfNJF%;GKzI~;0W@dXb0Ck%f4L-Bn)B|`i
z@$u>Vu8IjS??%T)3H&-Kf$`E!I;76G_=t&MAaaFy!L4F?R0-?iqx`$lM=jA`B(%xJ
zKU&usHYp+5)SgH3NQ-#p@`yej6&c8yzT5Y>xY*ynuXpXrBmbS0mpWfrA3#`Owr-7v
zo*`b5b}hV<h>ot)-QM1ikOm>k@dEWngzM{*6P^Ft2U?am$NM-HjFQFcK1LOM%#qS`
zTosv%%`62oKo1W2Aqjd{iQ6oz=lc6Ki(XRVub2skIq*102UAJn69h;p2<=vJT7`x-
zxRvIIxX2Zk&*aF@)mJ*1=_|^}NNYE!VNhm{DH4jvP>^{KFVjO_C#QQcPdfa)U~hI_
zq_N_VXepKXcsV+n=EPc9oSft?Hk1r)y<)D>8XXOfq*6;+f*#xvZd{9-mKfv0EO*Ks
z)7G=*!XbISt@WgkQyAKGy&U9Ga!QUIo^?%mW4E{i21eai?Lm?(B7e_eFn1u`09W$D
zo}<ldhf7ir)+1{c2(QCrX3N0$2|lNsIYDRo=p5;K6WOXLI1-bhgB;b<*|83bIvqJW
zeE3kW#4P=(h)m|3?IUMlq`*Tt?Y~>yY<;Y##H&ok$5GcjK5P@!z3Hyg-hFjER+B`Z
z?h;qRVo0`4e}^JF7Dsqs-_1u*`F%!gH1zc^(JeC=Hkb0hr$~u1w(gY{?yN5+W{MW6
zpry5dSbN~pXSRzeu^qeHe5m8kkHUo%%KTrhnESt+t(26Zl=r$YIk}Q$9y!S|lMlp}
zmzk|Auh!`AJ6BfUwKZpDTOX#O(=DEuu&ssV#x1a2V*DK<2Qe#f^ZxvMwldfS-mhmA
zoz1tyyjzBKz$ig5XWacOVq<`Pzb>oDdiclh-+%rv>#MCi56h?#!TlcVyw7Z6k{!Bq
zu@Mr?!6Xc|Gt@^RuUdRKBc%Fj;bcO3ed>k5zULGa?+2b|?k&jYpg%~`X}mcF-c8TK
zt&6hvDkTPkyE2J!T^sNFp7_d1D~pCtWW}mHbQqIwa<j2HUVK37kE`N~2$)Dp-*-e@
z;bJF)-86Z3J%$8)Wjl8HS$`fs_{>(|?};Bi6}L8jMQ4hMDW-Rqp-N+PRD`s^rh0bQ
z_6&>LJgLNL7Dw3M^?J#H^8iQ4p0BcE!1P-_M45@9LTl&r%LC40%~H`I_sz>#$jw!<
zobWYZyO#s>8(tZfObVt6qpHT_as<7CU3Z30*oR(vZlwN)&fHjZvU>W5#zZ@j&-ZK(
zx$=sM3EakpKHpdSdz2g;f4N`n1~yapV!n0WF7{6QLQVwRxUlp4rh-B7j0KzXAtc0G
zC@i4x1Al5p4f@|>*p(dj)VaO67#N0lL@^*PK1b_Ha|q86xg6vTx9uzDy#=qcy*MaP
z#XX$go3q;(KT0(F6~?C&5RhUobnp?%gu32%!A|BWB_qE*S***Q*(4yZTOGPNXO~UF
zA7?&a_w#3I3nc@D*V+8kI<whJFl|hM%5(W%<;CT8i0NQKk@p`+CXO%(&%sJq2*9fg
zWo4-vt`93J6oqa0B9+ApyTTJ+XB8Cq`K7}?9C}VfJopBgch#l4tL(xFe+Se9)x~vY
zo@cg;Eq3sCQIy%SVu}LFIyx#w<pYTX8a@9m6mw_MLsrePH1;4b9df_<V6N=zvGm|z
z{{(JW@Tr0V2E@>3V(S${U$3%g61t`e8<6@~sHAzArVFX7i}_s9((NzGAD^%CyA7pC
zbNC^b+Kx5|QoZ(Ygo|`0s^HCMrXS|LSd=%0EG!IIMzqbcb4#^FV-w8Tq@_9D|2o|@
z^joO%`B@+^XMJ&DVq)Aa1M$x(Hn4HNlIL+)Z-I*jotu5RA24OA{Q}C8oBGVx``@=-
z>>RA%)v$W|slVD!m`+MtyF4<tJ}~e<^n!wc_2c7g*?8usl;`y`Tp)~Zdy0-$AvGxh
zum}+mAt4KmZd)SGWAfVCr7g2n3s~GcGe=#-VqT{lTxrvG4c6M}Lh<?%<CSKPhapah
zEDh#Yr;5Tfe7<^p1e%qRlNC~W5tncjEf`|Cp&`eJ&vgE=t6d1JNGV!CHG|LaqL|OZ
z>LdqN+nS3PC>x0?3PVi;lIXdmW%`EFIIUVg?k$|{(-HC4sODB%CHpp7&n&lV8c0`}
zMRkvr8jg8(HhVo%);Jv#yZBS+wyRUKlN;h##hcpM$;%5A<!oDg%1y`flapyYZX_XW
ze|PCmX^U^#39b@b@&;^U?K^Wl^=$VPhdg_tL^!Lbt(9v{Y@?en^1LGiB<E=oV7-Wm
zsjwj)8O;vD*7sr>`4yn9?zX_`!ca;)U!2@4_8WoQd}#@SedgaB-<+MCn5B$xs5NH(
z+8!L@VrV!h)~yB6(wTt*PQ|vAtML!`Ilt4JeGogV`*-+cG#z{&CqcPJXlCYjPNAt7
zd5vIWx3VH8R#gSS>Q=Vz&7W=b1r|^}fw#gLR8dw|QBlG7bmluFxmS^7RF-6NT;<^f
z5pk`xc2%BYx>c#otldh-?i>_3yNd91S@>{y1&0Z0_PN1*wzB*BVq-HzLqO64_t|=K
zi2pDLB!tgx@}xb83eiW^zV!-HuEoZFacu*~8dxy;KP|wJFe&h>b+4LKm=1-jU4bwD
zqvb4|SW=9-BNn3P^n2DyRyHh*DQ>aZn3TM=H=I;g$$sgLX->E3_;4${C%fqs1gmAP
zcC$1)cSmMszWp+OScx{+Y4dAd3?uXNoxO5!DH>cRvPi5m=bxnFiaaJ4G7_`dz1p7|
zPx0CVIZT~mU+!Zf4%)@03_<$s19IH0hFH4ExKqz;IVpf#<W~OdutsiDQ5+sE?2-GH
zY5jb~2!ez$30(K|>SHzwOYdXxZIEORrOM|}Nrro`jkF22e7WziGC;E!uBlrX*BdH#
zdr+jZ25CTG2>d9<U6aLOE&^z6<`>OltI>xa;D=6*mR1D#{?p}DNh5D{3EV_0bS=#{
z7jF)hdzf&tw;T43e9rW5*LU=}b||}Y5&`BBtEnV8LIY3<IA+7#5S<OklPTJ<-@RfR
zX^lQt-0&jZv(>1G2%k%i-CPTmOK*7yM=9!R-f3+u0?@fZ*bY$;W#g>akPxx0tt8i-
zgx96KL=q8wu+qHeT(2rZ*uEX^)>6#~{k@Nz<s8yk>F6{y-L_Oz3AR@41-Blt{JyI=
zWm97@How=}Z{aXfv9eMMHK;Nle)(-HJD$w%I!0D)B)@XVGLiMlJ1NH^l|Q|yx<r2h
z8c8;BGBB`Y2<wS<T36G^$$bDda~}uer8I^<yb40p{bVJO__Ltl-#w!tJ8XUlcsl#~
zY9}&WeorA;$a+L!q7oC^9qDjKU+cMT7*l-6D2G1bN=JH%o_xgAoQ{qUgS0eR6b#5E
zuG89HaNC~lR8)+sO?)e|6%f0uV?taMlti97{H?ox+=R}7P_cmFsxx?$3&{?PU%Ae%
zYc2nAg|2Q52ghUL$z#1KPI(ZjaI>qaN}z*N3CrCUtFLd{fAKtd5EP7NgO=t8?i{=4
z2q{uJp8R~XG+rlD@y>+T<&k&)9>8o%9pfcPeR)!+=gLob5z3<Cx;M{3r-?xU68%le
zS}yzGExI-16R8doV@?!5pBU|E`CUznpL=Ie1IqV10+Stz{PG~1I;O&6)4ge!Lw?Mq
z`WNS!+rQVMKP9$TLPSwuaU6T-T}U?2Dk;2#UUb1HgK)0A^&2NAx$NF|VEA2i^1UDG
z?}xcH(#e?{G%+Ia*WwPr%e1dwG9vVUW&f~ir~I#!cul1xNBN`=a#mhvjwgTGzSOgv
zf58d2sO4Pk%J+Bd2!6rtdyUA&q{&Sx)X3kMnZd+-`V^@v<f%5r&L$EfjgdK~@W@1w
za&L=;#jsHWgW~7)N|@3dX6#tvcN4B;xrP#p1|fI*x?Kkx<mHJ($G@tMRCS(uAZ5uv
zeHx^TbecM;zAhdeT>%ZwsBHa>$I&kvczTD}HweY@(pyl!!q+@^%5&ft4o1HOyxnzX
z-Qb)zafJeACe_yan<K-X3E8nRn@Lu877R$C`E=Sc6qNjgS{PA5cGehg)wJmSOYEl0
z%$03Rh+f!lD!EHaNhR=<mnrr6*Cl)YyXO!rU<jwAG;rWi6T!8a??GK|U7HzfoFlIS
zUg85<MMPME6*2F_P4}ZaQW^xI)R;zG?j9^dAat|?Dzr3s^$Se87S_Mvpr{HDAIUm8
z(l41T)NoQf{1u>Q;)y~kMLu~f#ICOHZJc$YxsEvZHrW68-!fTgPENz@F7gc8Zu74(
z;Y&+6Yr3hT<Kn==T4*E}+JQ=rFViz~CBuE^EK_;Mc7;|SQ_6pH?2ogL^0TzCNTT&G
zfufLz)rPb<2@Y>}%Rf2t1;Nj9qv;r(o_YQnaMs7jj1pd7&CA-EX~%Sdw~R29bcwD`
zm8_BZp*n|Ju55c_gnY0`SL&J#kQRA@o!{t!YRLbM03RHN+Xn>8m#dc$){A;tJl0yq
z#y_rjQo{hG0;bOx{;>_vu0ee4&h<eTm-Zk6EV7i?Dw|}~E-`U7hwD?z@AQ%n==xZo
zB<7jdsv;N;ZTFVD943JQeQj-_F=!6^-(E;w@4x5z9Lv4<{7*|VH;ci1rI`)WZ6iSY
zZ9+$X*Y(O<qRTC_SeKY65SxaGomNnv$=8{o(Up{Uw2>Q6xzr#!6oT*m>^S^Ic6Mjy
zvwl^@fZ0f$n!@}b0S<#wT#?w=gGz|1h+V#M+5a_NkZ&<6DyFdY5bSt8P?m{2e%`7|
zd=BXAt5d{kB&i<bQYGwMq8p0rq~fcwjZjNj?HWwe*N98fG2B0S=&+S7CYI#db}xxG
z`?mDZ(AE}+6q&$SLcvuu)Dc*z6NLf8E))hn-|c?hoI#^Q2|s^1dPJ(MTaWyeKl8sj
z3m@}6+h9sBJj@sAgk<uoq~h~V2$t%TPd;w~sTPuv7!KF&$|JW))nD#&a&#~tl@Nzz
z@rFay&N*_+_k>`A@qUE{XNcA7BcChxM!S|}*luq6?UOV!Q`#)yd<codO^dv&f2=t$
znP07Qbkq-`ox)LHn$8UJb~&C#usx$Q|AUS<^kZ|KR$-v${Msqg<EWw%b?_k533js_
zl%w)a`1?1iwV_lo?)e|vApY-oGmCbt5=Qhi0>KdxygBbQRmuXoPmL0ef(4*cS=cqG
zl)#{b!1x%)T|eJ6{a(ApfT*JESNz~U8D!jxw+C)}Hkz&SkYY_;Q+!WK<>70unlWt^
zBQDg<{-<uU+Qx<4^dUl5&H&2MZEJG=F7fO8kF_e-d+EGR3JOAZ5J`Dc{f2}&3TrG+
zrVL?FPG27vN=it&_b6zChkEOehNP<e7)W=o8Lk`rZmb~Lv4?w&7o6!%k>!#QCeB3f
z7JvW35}jIb!y7ca?pDm~H95i3cB~=Iiya;5lSAeZ6+bgwcKdg?2DaYb#6*>x?1`zX
zIiXp^3nqh7=(U^Mu{pA_(KZ#j%P9{UAUrB({VA85`i=A8jPO_d(Q|{Uvn6##H<y{2
z^Yd>Sh%&8y_wYI~FpiB8fIJ|dmcitUT%XJ56D<HZ;C0GrS5}GnR{0@Bc{i}%GW9iR
zDt}8+ev=*}!A9mI#5Iz0j!jHV%%X^MLpv^`_B+;;bmJ4Xb?2rNk{XOUWm!(PH&C7g
z^hhLdWO$ocHphLX^v{v@XuF5qohi=C3%nwGh`Fl`l?akG>~gRDwe+Es-Y5$T2@+9^
zC`ka`fwcNS!2uET*>t4Xlc86$JtudM$d`V9D4YPVxQj;tu`@HvH6TPoe_<>4LCZ}r
zo@h{99KOEKNd&j=!GFq*743*CIDz0nYlVs5m2TY#?#b3z<;Ev;F-^VKrUNxLV#eLr
zWZpZ^LF)mE4T;#87$6RL6PuFq^=pdU`0&yR7YFVx-0!!PDEdeolZi=huNdmQ8-&i0
z%2Zits;k4&Iy<jh1QB-$&n~-#e?_Qb$giR>8Wf&ftYy;50gkn4W}~neKumyb^Tjv4
zMSpf%R<V(pU_OzQJhAP~wriYsn3y8ebd3vSQL!f{BbP=gX+xbG42%~z`v4wxS=NNI
zT}m;b%D7XbHdCKcm=3P+fS+`b%mQ6ByrvxOw%y;DGOe7`FWE?2t-NT2=cjY0Zb-GP
zHwoyUT>##rZ(NZi5{hcJgNKH`k=(N{j=uK3Egg-Nsaz=OsJ_s1at`O~d{XQTCA8VS
zB&G+qOZt9?V~zxCvWvcqyl$n0k3oGdSbcOf2EX#6n><3$U?~Yd^U^aN<|p!m0TO^~
zgfQ~Gp`r0k9W`Rjt|(KIkzb8Y;N-lnJU*5pug=e+E)(OOJQuiGW4V6y6&8T2qL6N@
zmN~yD6z}12@7~j=f}XhGb){Q-XxMMNpyrY#6~p#AT9S9((@JiGHOOfrI*3g0FgO~K
z@|e!slpPg+bGdClSD1I;Sy_1zm6hXwy39u^4JEs+M*P`k#2fkD%Qcs5hrjmQdE2!>
zm_S+@6O#-Fz=7)<EQSid?O$mftVW4pcM~Y8X>bWL>$<`O!M`K84eZ~dkYZmRZ2S&?
z{uUTCr%Kub9aaQBU?|JTI6A^x<Y5o6Ig%wKsgndecBUyrgOMktfDZo-D&P3+0d~?z
zy0pAJFfmaozuUeqLL71-4DePxYn#pCcW~}prxD6Z?S(dLeOQ`EN&)o4c;41nf8VRP
zNne;lgB}R8LaahBzvm!Qvk%s%y9tmhjV^_kna_4t>FDTaF1-EDMa!;kW!mG-jhE=8
zjNj;vHmDA_W4eRDaZM3lu+Z<`T-V6OW(_U_#qda$VA?kn*VnZx|CgSd6vkP66C*#L
ztfYC}nbGKbKpyTaAYoBB1$S?UC!g+=&)gPVz%)JEy|L}zP)%6x|NFPUc|%(truEM#
z^U9}BfL8Y1n<GeAv|?<s)uRwL9PtgafB@v#SC!!0bXUHxP)A3Qx_G@>I|a**RXN?t
z!Z%r+#p(ij=eHxJ!yq3H9Kg|r<hHwlnR0X|n6trKlIA+&L8DvpASm<4a?{-wdoBGH
zQ!gviQ~wD0O85Tmh2AhJ+uCYOwtW!;5lnWAec$Cn4hq!$ZnnYGOC@=_FKl!dFB-S&
z8IDy%PNJMQd0tCeo}ZsW5pT)Bz*;|eN~5W2t$8<6W-8qP0Myj<`ST&L8HV#+W{9eo
zn&92QP(OdZ(m5W3(@|4XV>oOVGx^zqL#@-ZgZi8;OiT!0CC)VY`JL?%8c3<>fZ)RN
zCPbhzqVu6)kDALdg{aZf?tkzrnZWbHRbt~`{_L<6-pWkMitX5LoRc6{qBEz}w~~BN
z5vhwS_=6gosgmf3>}-Y9Yn#{a-l%`?JlxD038p2fLrUB~<6zNx2XL>owPnHwC%G4D
z&70m?eBY&}=6gXl{@EU9a(3+KhuLx}m2O0k9Zw)MN#SQWnNK(A_wVgNPCxfsw(Y#g
zj9QHDDMlm+3C^#&Rl!WE5V2nquzRs_49~a!WcmPkYbIr-$GTkFoT~nysQ4aKc=%?j
z*lROmOkuTN2*BlK@5Sb73FK4xEJjy4!N7>TfC(d|V$=ODx4b=g>_6_0k??o9X*xP>
z4AJ!UzIeS-P#C=E>(zn5`I6~cJuHICKPUSqXi=xUj_IRgBO(a(#m0+ua}^>Y#27U}
zNZXIMB5Io3o>64PTza1QIXCCV#>PHAqN0wDwtHO>ih>i3+=T2FGi+zavNLL8nIYZn
z>_hx642)N2&=6oynX)@F&77&UvP$>W(a$SsimCP8q#$cJY=ncXJN*R~zl%b{lYKib
z0=${slM{B+0}TYbF}=Gt1rx)HS=)d<o=Bg|HXC~s*@-*IB678bb%X>2sL)c6kMF?u
zU1904jX_%+F66hu{N*&%Oyxyj*CQ7HS(T&u7_YNKMX%H2+VmWYq>{pV=aE!?h<|tc
zs>-5A5NvECeY+u6#CjIYc>{7oaD;#6k_-FpOfR=%Vd*#0Qe!A<P7S~8_(~ySo`gGP
z(2rNhEBuKq(cK)8DUL1aP~Pd-O&aa)Lwa+~wftI41;iM@=(2l{Pv;CuV`;~tgmZqn
zH+!9Nacp|3sKC+$Ju%+Ker>IlaJk`zF6Y@bMi|4Z@~f%rVO_E;2$z*k!W(f8*PSA5
zb@gUXaoeHVKZ$uIr^1y<=3ArLvH`(x7Sr9MOJWR2NF>?XD)K1(`h3yr`eLEVqUUQt
zfkE@>-a>hn+kRi4?E=q9D(fex;te8dUc$hDRr1NonBoL9+?P{;?ajmo%#xglSYZ_J
zRN(mzyWiY8p!nkBqloGJaYek3z^rdeIvBEX_R-uYgEZbExQTLY@w#hA?t`4*kR23;
zMzh=Y>?#LSwp`P_N=mGfV(pqI>YZ$CjDZ^b?wrEU2ohc&PZJYZ+9yTvuQBFxTxl})
z$ctq%XqGSYm!tLM0*uU970>2E&G<M|leKjXjYtx0U0wC>Nep88sj)s+NpfNhLJpKs
zs8p^9*i=t+fvd<k6oZ3h@9^d<qlSP*Tqp@g+gdO!*_Lm=iAFZqbnvp1Wqr`9x!Dit
z)ENrDi8Swv74iYaaquP>Av}WSPEnjJm(B~T`S}#1RUI7za+IJVo7JI=>fRRgPN0WK
z_idL@0krQN@vZttU=%ftv~-n6<($uYq8Rr=)ra1zeR7_!DJcng+x7K-?n?tA_*1{j
zc5w=;0Lt6S;bxs%Oi@t$_$d9#+pg*Dc(oNECL3_|{e0vH`S)=zyg@DYp=Z86B;;(N
z)+V`EO}pOm=?KiXtCp0xxhiKpj73Jq{li-hsQGiM=}cZ3k<YPUj4RgH1;v}w(i>{y
zaLH?w#|)dVYv)sB4R?W-R8i=+-?y~v0s-v-Zg*=CWq1Dxw-%^N?=uXayXS#ffOtu0
zXiSeLG>J(i`|F#F?I1KGX@UZ|4Ti#5s~DPI^~n3W$Nihzcl?+qB96!euWewG%nWRQ
z0@MDy$6|IUD*Am!ah=4i_b9MY?5CXEac#5mzA*gxLQO;|#+L_Ia|R~~hld%<be|<c
z#$DW2I`UP)WQ5ZB`CH=<2xK_2@#gB{+8-s~lI6o}>_e)ODMYO+L*ab0Q<>#6FSU#c
zP4`~0<M#_;Q`S!G72`1J`zb9@>9wg;l17>yQZX7!FAK7_M#_!5BlSIK;M*&syu~zq
zGBOXLLGw{U)>^f;a9`Qq_5#;soukcO$|Hl^hE9Ws)htQ4L-%5Hb+yQ5gO0?iS{xHq
zl2EGo*`9H?w@@aT;N@|C-pkAL)o3c1P%`M`2iB(y;WfqO<wZLkVjk`HOQ%e!9QhjE
zxRa?SzC807^cueglXHNZA~x3jBJ&xecg7l7!y6LbnCR%(ao4amMCu+3RBeJ6eF0|4
zL~q}S?w7tIF3AsV`x+BwpXQm|qv5bFb^-Ilww`NU=jpyv0_`$Sdv~tr?H=~|PF5rg
zQ(CpWN!7}lgMmW1E>K}fFsMM3VtjSRdMu|NB=&rw?b|6VU13s=j4do}xwM4H=Pco`
zU3!Aob2d1ytKyH>S!E$&2jb~TVd*aSF32Qa5{9Po%hOUCP<{%|D+(v~5o&3|A*ym^
zijGa<@^=53$r%|d1TQz1hXv%7qB>cE`CMcaN=mSEO<c;??{ISILVW@HlCiV3Wi>UF
zJXO2zwLh5f+G2Dyis0rjK1+g0S3*q-1nX9s6^b=(AsV(rLtXc2|4iESJ&6y?^E$IC
zWn!edY$xA2t#=B^QSey~AmtDCJWJzu>&8a<c<@FKx-Na}cljNxgTtPp`Go(I!4JFU
z>a3E&DWaBdTc|L8&7G#L9P^GR(u0Lg_f_=7WgroGW8}o(#=dM9JtFhvIS{1Ow$Af%
z^V8)?rJ>>FMO|ush_rj6=NFN=os_dZl6<vrz2Aa@)&IqXa&sh@DVed?>=?=ZI~-Td
zAg6h)ER)MVyvvK1%nHtQH4p}!{#kQ<pwr*Jv3k~B2NRdP(d!C(PCX!kd$LPx@JND1
z7gxZ58&NZNuFbkVl$~=pkn;A6`@6TEm*e^J(5E6}3MmyV*)YPv#95U;m%Y!nfSj-3
z@<5al6xhiT8_I_!G3m97-{y5pH2j=zKA<zm(E{E&#I|ww`Ur#}f{wVPKIg~B&BOj;
z4XPHQh!^bdTKm3>ZBN0H<G+pNk5NU<JCCKhkqM>T64s95&;pCHx^wBJiDws|_x$#Z
zy2qyTEEENn{TdHS%@F=m>W`ftes<XAl`!lUfJ&6>6c#cvJbT4jAjs)IlXq%#ZwlT6
zVwXlh_qaQUzK|9aZs6^Z*ZqwR0^#KyHcA&pKHpl4{0zZ<+JieYc~2)+0fWM}j^cQ=
zis=*fuBpl)YFnyEazR-*9zh|YUct^Ty6{c7BA4tpF=h(uf)fs^dpV#e+xt}8@5*I2
zDQ##Z&7n)v5D(A9O!#O(v3ATQYGZRGX9IBa-J;a~z0L(!qLxGUM}msh@nN>9bvGe`
z?J}aG#vtnxkTq&*0!NRdV_jV6m?wt|H8+Mbo;GWuq(AF3vh!Yy$LDSqO@et;sU(`t
z$VRx~0tc<FpWNo#41+a_g0G`R={l+`KG|%cj^>nkNnirTT#_h00xN7uK&30_GCL6_
zM0)z(EN3#)F@KomgP6g%{?sKVHl!sH^(a|GLO||O-l_z6WTRcr%TPA{Usag)35Y0s
zFJ%4Z?8)JFe#Ao#EC0EnX%~O8-FLo~t$>NPdJ|UO+J{s${P%3eq=j#EgKe?n9d>1`
z$j_ht4NzRM2HWdln(8Jz)Psvd*%NYc!G{!gqjg$-p;EIt!*Uf;*#b7dDXtHZas>Bm
zSea`z-GVitq3O1z79k-oUd(5CU-O)Cq+j}m$Lg6=P%L+Ja_gK*Z8wyV^Gp18)zk#t
zks9y~3%W7qPS7D|fT8%Lu!Qo@RH+y6!vD?)PI;!G8AT>fE#|@*|17Uy1r`4N`*mJ{
z`_!c4ow?ag@j*8pXZkWR&FZNbzLKOXk`$Xc5KC#|04(zz9SwY$PZ{^1sBm`Q)5`Tn
zW3_^Ma!k_<y=cQ}yd<|$iQZ?wtw=RFaN==46*Ue#T{${x7dEh7z9c3>4z-&o-PrX`
zyrZ<Zxm+;{6IX{sl51=aB-*+ysgl=Y*!}454>%kww7~>pT{>mL?wZpJyUdoNCood0
zMLHtyM;TGQ8yS4w542=XI$!eg&WE+uIefWato2q+&wEVX+fedmV_EWB$R;`JC8eeL
zQujAiuZi*Tap&!>{^XxIheaaaLg<;8UORMPWcuHgzgj|HJniV2K&s$3Bl*BImL(vC
zBzk7vQNEu_l2)FQvY=%BZdG~ohE`$Pf<o%K^1}S)WQ13V?xLXT5wBX*ev8i_f%!yQ
z=dUZb-9FfaZ}Eb+Qnx1Ph#TE_(B)ir&QIrtQbR7!$axQY@G?6(ep2hx>69(`A-gSU
z8n#PlWMyP80y}$!@Ls%tKsY(Y?%g9a6!7zXzueDaW+HuY(9Wpw<k>^KeizFxx{=w<
zMcuvPG8Gl)PNyJmf;gmqFyIU9=5TFU5@WgbB7)|`t>NV4YyG*da`c$C+7o1j_%-3C
z+KStUH{DH031Y<;+O?6;t$FXG{90_^jKTNq4<B*cDacShEW(#93sFBdPl~0IJcOca
zM@V2$l+*{(f3^DsV(ksA5sa~7GuDyTQEbYRNWHH3Jh}nzpo7-`6jDSj-cALW--v)#
z6)2cAxXi!iY&GQMpWr0JOkN)vA0Lm^E_zO=i-9=o=dJ3+H!QE81`iC3k53{~?yGpI
zVw9c%@;jJ_hzDQYT8^en(9`~BeSNM$r^;?A{?fp}`hL2MyZYxsGOrWMMFkIDa>Emj
zLb8>(-D>A^R`RKY3!Hd^%SQO_jOg*SaqWU>C0=%p>!05z_=AZ@$77%38(t;>le&Kl
zer9H7lu*Ndi_P45Zn-YzoTZ?B>l)wotIX+QB4R8{Y7D~Y>9SAz;RG*yrjp_9k61V=
z<PUH*xP>+wa`5!M%X7B)M)Exwep0IlwzL81itgLC#b)&T2N7RY35*7l-pxhDMLOO@
zJWx5j{EdWfgonSIQ;?a3LanAMVe8`pv70OCD8Gj#ry?(%<Sqm^dINT)?bS;|*w}Bi
z5Wdh%g!EQVdcQmV3B`=SPric{EIPaQOK<*9a?$e5aVMc6>sQDjj_^TE2BD9+d^|G*
z@&E^)$xz7WGSMt8fqrWIpp*L0Em=Vx%L9p!Y%whLl({-t?U=S+7pt!h1Eo$AROVX!
z^DayI2_0RKuA1OPfmtJ`iwj8*(cwaKBVP6+jUqt$rI2JE4K=PjtWECuAR~pb;qv#r
z|M}j{RS>zh`#D=uGVwMKrMUcer4Tisn=@X%?uy4Ee#TUx)p9{Qyeq0N|3(IqY-?Ss
zFb1e3wdld~vBgp-LS)Pz!`t78UOb*dernZ&0@i9Dq_$c8Stn~-Ok`)##<|fZ1eZ+l
z7_=u&FK~=lgJyymrUbnXi;U8q$^m-W_d_n1uea^qMmhnQ*3!<;Yf@Wmp<!)(5AL_}
zY?(GTLnWl)Pn)`E+ST#$-5I!kyK#3CT@RoH>zFGL<K*SY8(yL6`8b&aw|(1|YmNSl
znGBEJYDscZHvi3{N-%#+MGTN=$g&jYy=*{UdhN~BMD#45ACD<9OBU#G6QV!zCe_VC
zpb9606l&B{q<oI?g!%WIrX|q9bYnJ;kY|23Hh?u$k&!VM<wS=VRr=m!iZ^@N%|4O2
z8W{$7E<!>^pF5E<KJNglamg!ZH6m7Qa7y=eVDFP%7u}U8z>*exv7IhUWCu>RYm}Ea
z^Q!1${B?i-t}Yg6_^HE<w5+U50VsWk_C~XtQp|h4?(E1X2Ol1FM_g?ihCE|xIQW%p
zM=K-q2M)bhqZ|*b{nKj`0bNTt-C6EnqxwQ1Gx3F(o^za6P_P2CLfGfZaiwUnJFYZS
zlZDDN4opVswGS$KFf>xFcCb%o%SMr5VTqZgymqy&WAD3D8fhs&5$q3M3L4$qNl7|w
zFy;pO>6?qn=J)8RjQShbv_6Nf7Y24Rp}phz--uLb#Ei3W1w9W)n5)x%8%H6G%f2sA
zDDgmT&`Vc6Ce%OKkj`U8y$KCKz;n*ix91jtA6VUsFG_`LfAn>ZJcV2ivwpZO_oTBR
zMMnASbH}pY-lTN|i6Ecpz(C^F>B$~x$aL^QeK?_Va(fD}MaRd((pmhc7(o#F#hd|6
zQI^EXR;91tNHE^BurX;4dv@oCK;8HfO<L@&+PhK%-CBGTGa$9lkcf?r22m3PA;A;#
z`V&scNuGyk3KPZ!rgv&z>1B=zP7uszKdR00bkqe;Jwvp*T2gKxTcH@cRz$?$YB1-C
zZ$9tfh&FQp4QD*BvkHEyM~*V$uIy9*?n)4O9lcCZCM&jL@pJ`Eg3nLAnt^}3!C~K0
zWX?m2yn5|F%1l&KWQ!x`pO5A=@>~RVUE^gJ7;Kw2P5;vPAmiP_!l8WTdf%_MCUwHH
zR#Q#j_$xHaDhXFa&rP2`T2j@k5$USdme%cF7)fHGr)o4#?+d04D39pk(QhCTl2bE;
z-a_}<uSBM;T^swWt>Tl0Htqb<6~_e9LPN`q%?1k!{w#P6CefwuOcWOM<(-3biW5jP
z(4>Hfg?O`c*ur|Gq<KA^ug@7v%4U!VoXma}P`pWh3%>uDHM!Q7b0wG|L)}S#B8aML
zEznnnrY{sqF;%R7u7>IK1JhDP<!E<&TWw3vT|F~oJVvkJT%$=zy=nq?H;((Unw?Tp
zXEDZz^BDD|jBHqFMP;q^^4*sj%Fmg~c+Ev#>Gk-%yrcgNeFc5UPPa|)Vk3<)8&`#o
zq}Wc9dJRxzFa`Y+ojzgY2;9LVu`o&)n`_bBDt!tbnM;)}NfAjxK^Ze@$n?4Q+r<cq
z&EDpFyRx2j`SHHpU!L5qrMLEBUFdnfyMR#ol&&_f@AZ8B)tQ-TiQdJuv7jf3Ad#&A
z>4nn^#m{7cR@Fl(TaJRr^R;-mAF4oIWpBFNr2i|03Sa8chVCo7re$X#(0;P{UK1M5
z`=PdS2^KsyXyONw31u>iJc-mr=3^KnvORqxWMU`y+L=HE+U!lzn@5UyX(lJ0>gtx?
zLJT$g?^aab++eL~h}KP<7HsG?!x`RcmTKM@JS8~djup@=aB=zac7ZH-O6)>xd1x?-
z3=j}MnyyD>jY%bC{||b<+aSoY{ZXu-xb?y&nIsZm{Jg_1cR6h4>t-tZ`$P<p(Ytem
zi%0|`7>;mBfVhB#k@z*`q=UaA21K!XX)8oQSg@kJ11Gl<sI2Qxb^g*_Y{NHy{zQ`7
zS^q9C?J80wPdPoR4`)He6GakzPd8M4ZT%eHcHlm)#CcNZePNca@0u8k-AxsBJH0{E
z)m{qkY8M{X^LOQW;x50Oj?IsvzRP^nC4NW>VNkZoH}P&$!L*cRcx}TQ&%+dvUK?j$
zYpu9TzIiBX={4b0vS{Z*C350ixLRmrRE$N#Ei+Y;LRm<Bue^khEZnM85P_2S@VKTO
z2CCZ*5JSWl87D^zbbAL&THXIee>$40L40flk@mIv##!B27Q)39gH$8eXL1O26gL!;
zsqdVybjlC|oA9;g#hO+(9`m=}4XVp+L-d73(_}828&Bi7OY2AO48y5z4=Kc0_rHN>
zuyH{`Z5dO+>q4)KSYG{%Gtqz8MLnPbB7Jqa?X~wpAi;c;I(b(Z6(WXFa31^TBHYcg
z$G%Kwn?eJa7H8C9y0TByMfOX(dDRN&w0-WY35;Y4Jz!$#LR@SC!J^Byd-HZWKA1Dl
z92Wg}@AG0M-7PbXa8ebKfw%}J^>e=ASiY{Y$<C&sc@~D+eq@O7)fxL#su(5o#}0L}
zeXC(oEk==~&t9GoDpb9D`wsY9#JM7SbZc!9Mq$}SuZDNC<$x~Dpq4r2bthF&*6oEp
zGidqMe5&)~O1t>tf;nD!B93ne^eg6KVj|v`7FNX8i%rfJb?Ai(#cT5hoYeKzlHauo
zx|4{IPFcR>wvL(WqnBCu8x?H6YMoV|vs(mcY41;FSq`wt3TNXxOnf6@WbzuHm|r`8
z^$r+}?Vva3tH@enK|Wz<(N2skC8^@rJwa9tE0^jypId<Ip@fW#rze;Zwe!c1U2r3l
zyDJ>&+Fi^I0cLDrk4E;64Vainr;)2^(<ryt(C?GOpnu~&wzF5u>lP0uYU9wfi9+Ci
z7^hFRnS51yRW(LQta$CfCoA(Rj@VYIkn<caijf)q7@6W<b4^BGOXbIG4BJl~L|vro
zH@4iwZI(3doboya8+h4V9wTo;gizjXpLeV?L4x7=4=1xs5O!%RCrx3QbX0(^#hJ@B
z{2tR1!?nM@SKdiG8HW@&8{m1n?eazAhz2*DS4Q85zkhcqD8%2IBm<8=fS<Eu6w#ae
zi}2^-{vTUk0TpGpwmpD=N{iB=fOL1GNJvX}DAL`{prSNLH%Lp4bb}&-(nxnVLpahf
z^KbM$-*?XWeijRHG0)6X``P!t?ko0Tij(Q<jBXLg+v>$|`ovIdCE4LooUxY8R8|8L
z!*s#KL`*l7Dxe09011kb49Bg<H7@36GoD)=q(Ep#PZ<yWLh|F8whuiyF&XwoeZZnf
zzpg3VNvxtoEI`!M^m4&qw5Cfg_n5oB-oXUA^b%M?*f;YHEN02n+8fV&6`&swVFI_q
z@3Z{NL(pQ`=qoN$R*QLQe;69^rr7CqcQj_*ghle&bz?o5HH)Mq8jO2Vl$3(q75;|E
z1}??#vke)<I)~mTZ=PW%=*6gJvnNp|6qzA%@16_>wu$SHSb9*PMN#RSs*Un9={)>o
zYwhsqYqZvK`5iNX8zKf0Q6(GAYP8ug-*=9@BguseejYf^otl0bz)%l!=snSWIH2Md
zKW4P3Sx>rMsu2c%g)uArQFhos!|fXZ&8p`Z-kmYuUfIE`dm<5$=}v*$#b$-fFD-%J
zmmrrBSz~D0%8PrpXCaSN(mG9NZS8=O5&LY*)Ty+c9BJNSNsCi!B0y10O(Y#N)Zx<p
zVD;qm<>=;M>WULi$V#eJpJgqs-prVKMLV4OWV85a83RaO=DbQR!stlJtET`@&k@yI
zgZ1R*(cE6Y5XKzSgPgW`&>&vhsX3IT2*FDiaa(9p&5U%MV7?T&B`%2+yciJ68Nl2R
z1x5b*&rbe2B&HuJDgGcp@p0o70h>9J0lDOgy~x>T#3Ey=y$_~2B5X4KrIPKAwtu_l
z4oX4K)=XMM$IBEHo0hP0`+>O{U|4LHl$Mkt5Mf=>5*NF3&0%HZVZ;Q~8g9wxInhp9
zF%{eT_#Ucmy}7om&mE@H&R5EPN3}0s9d}|Ymh+WIgTObb5=2pSp>LX@D%rD(Vnj~e
z$%&6`WAyQli80_5=7Sgw(s+=>xkjH=QUnk<u6F-#;T_TsUhsHn{$ZC1w_Wmn3ivq^
zA75J9>~3SdxbwQgEjH~f&f6h=W9UvfSb2}GuJ)%B(5foU)WdQfu-KrG6~@)oZ}0y+
zBBIZ~D?L)t6i%E)>9p!85H&b(vVcJF4Onxao3yQOm-=inwGSdq3J4ec^OB4gdlCjE
ziflj=?tI5+^yNxdt(_9+=HgR5GkrQTa<acaD?<NugIIc`!MC~sL8_?Iyvw`y0B6_u
z&1dk;B)DelOifv3QwO?GvJ_-UEi`;zmYr!qO1nwle6VJbeCTrkEj21%m}z+zR^cYv
zWKBdATL|2QWS%@Rp6iOj@8%o)y>F_?=en99qOENMaG0Z`rmXbR9qG+;eXCm!3JMRa
z<TM1MK3fM~`K}V>nQ(1jY8D=#>^R$)3Q(QVun{%!FR+U+rqiNQUBr>^Fx_4}ayeok
zv%1RF?F4RTE$o`#BF;Cma(H%!xZm<m?><iHbY{k5B2y11r`V1`vS<USm4+voWnyRm
z2TY+6+TITL;cPhPr1T#c8J0}0JciPW)6jt!y<X`<N>XxAv1-51Yc(QdlD4p5)3tm_
z$YBbUNg^UL*@0=PB3Agr<K@N0?Wf<OsX<RGVWd!mDuQHf)gRe7?YH{<y3LxA5qyK?
zt@q(K8VT_%_zaVZ=*4cHd^R-8`oQdgP6Y#n<mGO44AleCtKU54wzi>hadGiyJ2EI_
zSJ`;!I}Q1g)8yQ?8$PZ6ElE2vl(NS7W6wNf@mdFe*dRU1ETl^%bvc|Mqhp78?Ww2T
zF^Dx*j;NTtIKwQ>fH@CY+1_O0D@3-*e!c=DF_;Glhhc$atp8$OuoU20`UF2+lKPHB
z9UQ(j&U}*fn<xf7K%)Fsjj)lWCFnt!+ir*7<7yp+(Z+0r1wUHhS@&4EWE~c5ms`n-
z06@S!EK^L0*%P7p+OZujwJ<V?G-4-|Y!+PrjYC~3-`t+tV4}uI{^fS5b@x|P4C)tY
zppKrkR`XK$?+Y6EazXj<U&=MGEgjCCZ`F=n9{;x8)cY;LC)4M_dOwamtbSn~;r;Di
z4i!uS%DJ*8`Wx!S->{YLSW+?H5UUwshI0G3`dGVlz8$sdX00tvyd{%L{1HC0;0IG8
z%_TKyfY$-8vtz^3UbCt9tIdga<YpdVV>_8v<$LX`Nmd$|LV?L1^hE5z=(CU{;HK<i
zuCA^MP!cDvrMI*J0DB>3x(&31uy*8jskHc^%tVE0fUJ8j$4s5W>{GzUFNOU&9|3F1
z97bd0o?LM-%tF29QE{&Aws5RsLSj;wYp<|T#X78EZG78p%oV@p$LOU;>9Ii;ULrG_
z{~KWBOY5^b;}quK=G30a&+;G#yjA#Db&w3mWiUFrGAww2;`6AcKZbt#q9@!AfAcjK
z5Hty>DK4|532Uz&Od@N*dFSt*D8;5(q@;~!{3c2x`|xh8ZMzS;hCX@m%IOMXtEs{*
z#!`I6;v-F9N;b9V-AR*nq{m0uQPJ%U-f1L^&c)JFCuvIDaaNYJ^=v(wT3dUiOX6e}
zG3d1;=x%L17eaf-V|x{mDg1fyU@16w)(A}D#COh*AD*w!qRuBKOqmo__kPOaafj|s
z&^pd-lvW6)hU%32ULDa$gbLbE))YgbxoT4IS)V;4pxKCz?~Zg41*h8mD#<Wo;GvSM
z8wN)gQ3If)wYK=5|4x!Z9ejQLx_UtLkco9lgEaeDNLGEFq{j$1j^yjKUMl9=_U);t
zyJP1dn4Duo+jI~ne@|^^ECQ?ma^Twm4kdN{?Yg&We2qDX?dFk_mDf8P%Gvt6vU|Mj
z!TEB;LnXN=TPX?JYx>1h*<K%x%d+n<;G5I*PO82|-M3D=R_k~|kI4xhh@vj_x-q*z
z3AHmCB?F{&tQ>3EXIv4RM~XJQ0w|oRtn1sJUl%Au;^Omkl9v#huH~kKgAR4zc9(Fn
z1)asO-u{^b19b*g1MbbxLmZlQpz)3sHBq`09lP5Add3Fbc=y^(=bA95N6N!L9#${5
zdwGrm!osDg#;||1#mU~bT2@*@g$<*oqoX5dETIXkn_fox^+dDPV447d#AuNk!#I%^
zZ3VsjwUTNh-HDeM%y4J>&}I+NeG6#o<zfQ)+I`B+nICf=k9haArXhMV2Flp0efm<K
zp5Weo%pf!Ji(Em0QPZ4WeWGG&s$Z!@*0x_Z@mUG$LJn|WVVzy7h?tw6eJ+6h_#O_9
zw)VY!Q|+<K4c1qVzO-rGIlf6}>JvWrr#}k_Bqxgq)LmR$e*sPC*l3EfzCHlFh@TsN
z_L5Ey|9n9G1)FviXD%DrDTR0P?y<!~6w3RzdPrWwq&<GX)7(GALR052VTVmdKto7`
z)s~@Tt)<-qxUh`|`z>E3<Y}Q)Q!AcS00W_fKCUsqxO&~-V(#LyKM(AF=<B>k$1B>M
zT`wD*wiQ+=A5>cr6Wz*LcdldCqbNDrIXnN|E!DMszUt0tVlRj~X}?qs9nQ1rcWr!!
zJM59IrfA|g5K8&Th;lR23rHez{r2?Rkw2I?k{o6_9E7G%{rl7IZ6-vvv|Rcp@BCo$
znY+-hmX>gozc7+B_)faKHR9B0f%Inqc^*A%8~ya#!{$RD*0rmM@0_Y1(UypOvaMhx
zAab-8_8xjkH(lq@pVp_GyWeiwE=m8!dZOYTR%xR3(RO5{q0>WFE;UvB0CGoIvXt-_
z-8_WV>i4Y?;23_a{PgM5gR``_`mxge)_PMZfQ3imYBNR@(;2ILD}KS3JVTo(T(6U%
z{IIh`w9dEUj>C~WawunA8)jbGbiVi{pCQ+xH!INhz${m2{(Fz_o=9$<yb5E)+JM;M
zTXe{M{*p8Y*Q!Dv@p3NOE>o)grU*Y7V61B0brT4z%ia@PddMp%W~)uKUwQuCoSvRA
zQBnnt!fnW2t}tHSmih4TLbx5!NBAByl$0qeQwc_HcGJek4~j<6f(G&T4PrW;!%|p&
zLY(#CazX+?@u3@;@33OzN1|zkmcPB@D{d2LX`9-c%ea3GFAd!L(~o{Js*b({qo~=|
z*OnNzwRRmDT6;D+F)<D}4e3H4EjpP~Ms)*<O3zgJJ!O?Cwh$n+z<GEUiiKBFda=uw
zo00Jjt0<oN;X{^UK!{RG22(Ii?(g4y%CO{*nnj$(;C~5sX<W0?rW>mV<?}&7(xjS@
zl9G_WBSWKRo>xdTHbE=p$O~>}D&hAjPqlQ8uTF}KW#nT(12IFn#?4Bx$7h2Gh&~La
zVNjJ-*K3Vpv)4`&VVdWZML~hA?9^1ro&W?A9PXDCL$zd;np*BKF(2WN23#=ixK@q&
zTgxbhe+BDl;No>Orje!$L|DcpaUx^M=fm=^XhT9)IZOwj1|a-x)O!jBb@)f10E^c%
zqB8N5;UHd{aiSIT{POzIv8DvP1f}z^BIo$)`Hb4pZ){y{KNQlqSwkbV&i?Flh0_>l
z|McoBz^oWWIr1|QL76LHC+g9(MnVTJ0q|$^AK8J=&AbHo{`kA;zfE&}eIrkhDe!cn
zKv}_tq9owdd2v`^Dd#@)f^rb<DGd7Ecb0cxfa;gcpMJ9Ukj@u*_RIha5~TT~myOxE
z(XllVl~tR?j04o7K!wf+#OguLwW(q)a>=zoH)||)VIPv0&miR0pSHO2W6-OS#!s2!
z=KQad#zs6meC%P74Jtq~7?HU;w|Hqkugw3VQ<jukQhBr}reDWUDIsmT)sJ6iV+;)5
zo4Gwb4l^2>VY7Q2hTtDoRzW9KCHm=hR5$I&&rnbJGR;)Ep{6ERTMFPWBqX>E*v!XO
z5Kvq{3^LM7*Do=n7wXFm&jKiUJ5zLlD#~{5k@++bZ$RZ@>HwMaaOEuNbi(vvhDM?n
z$kj+{Q>Bc|yZTbpwa41q2d#L0TE)C5rs}RaK%@(&yVZ|QcvxQzeqT%-l<@Tym%4m3
zT3s~J>_7<~urzA=<OCU#z6s1C`V)3`VHz6lSDWgfy{*#w-I~>N{qSaNQdj9Mubr;3
z-izN4M7_CrDxFNhjH^=E77!Lq&6f&R#axywP?TR_I|(PQJFN*w@MH|^eusy{^_uY%
z9ScH8L30?NwC*g9h@9GmZjbyAw@XX6d9GBqROb@T^bfe~GL7QZ07ukT(<t+X7(h82
zojXlCkq!YpcU3>n`&ZX;$i;AiOZn@UyRjl&5#KDm9NSVaxVp?-?OTjM2(!GF{MCVL
zsNu{XKK*S2m}WZ1lpc_N`u+P+`zFxttWdTAn%5v;&poA4>S4-Wr7ZKBC;zbmbObVr
zRHGdD(SI;SBdCN_X}Lh%5fmBUTj8dE8NVc>U!F%M%2IH5xiG!Mf$7=xXc7^DwY<>s
z17{w9iEHb1$9_oZ^&^T*W`zA3rQ@SqTnHg6OW0lmeVjbui+&0QVDvFWQ_~o%zeF<-
z8Tqt^qcc(0wPQm3LA=J%$HJlzzsSEV-Z9;;4ou!noSo!W!8755MK&^a6D1o!T5X~u
z_(BGevt2Tj!jlhjoUc(m`#`t={R}2#Q!n_wtx0AFvj%bn)Di$?28PnH)<B4He|mcM
z{ce($z+R@9-;rxGy|JX-m2aTE!A)^JjoUdkU*CQ66`@zP9}`W@6n#65U)05>`>Q<o
za3v}fUerBV8{x-_g&QgZ<Y?4km9qRh+js8dC-4e+!KdTmGBPl*BW-|x#eK<|vtWI4
zvAPe7pI`MU$H@1b`_|&WY$+~}dO7ILEf<}^S5(C-0nmT2sOIyvZdS*qT0CK6V;hf!
zKx%{pXQ;grlCz<03E;46Y%WK_h|emm)B?qwA1Ts37%yM>hGXj2|3}6G+PPQ{z*vwm
zZdOQ1JY3lrm}{4!&#TxwJ?!dAOVjJl^KNBfVbm;Ar4-`S8)`nOG_Q=7|D(|ITag0*
zsC;CohdAy(!plyRW~G$GP5d#*dk;bd9o+$6mOV*5?*(ahF?s8NhjpFfnvBop&}7$N
z$AzJ2;`Joq2U-%%Ha3-EuOmWl{gEITWn=>O)1|m?*!D;Dk)q^8eRjt9ANe)}lHYG#
zmDkJdoHCs(M`SQ}i~g0Y1Tj)GKGzX;3EZF#6!dYm&$H>TUvQ<nIGV^%cACoFktV!4
zcr)GcGEQTn)dUm+Dm!zAHy?zmibc^5ipVRngaH{?d9!EK7@G|qsZ_dfY((~T0Lwp?
z7uLmJANKY9%YUMwVy9{FWX=odYv~C)R>-+Ol(34433&V=9Uh#$peFvKqIqN|YTq$?
z=R_Q4@NMu@V16ZycTk8CDM^>;oj-pMdi3DA;{(ZX)7k)y+mGF^j;==lNiU^Srzp+e
z7ns>p;@>w>&Jgz4-kW1#sf^BRU2L4tEBgEX)0_-_sD;0aH`4%MH({+7tk=Lj&huwu
zNbv1jZYkG32MSxWKzx<of<o$bo0pyYvV;XUY_o#P<^{iP>BPd-%+C8)g$I$LS?5MU
zb?gG$dXIqnSjNa&^2NdvMH98gYw6|1f}zudqgP`^Yf`qvZ$c@2ikC8dU4*YUN7MvV
z6m#1zE&i|-EY^DB9astoeSAEdXRgL{r3s0mX!l_roW~CjM8I7J<_JOTFkBZpYd`^Z
ztgpD38Q;9&e0kdFcCtVC{bOlqDZ-mkZQa#;r5kYBUsk*LV_^RxYWA=zr@rPy?YH|0
z!MZQ|g_<}E3c)3^vC+}lpQjCwxt5fnCbkF`ZZZQ3tmj2>-M!`J{fq&iU-Mc0?i_>j
z=d=)VP)h<0-nD?BM^RN6bj%&ZfIEdj&BvM=AQDIwVDlyFs((}(uB5Pv&}Y8}M2a%k
zJ>}{D8nFa9yHARM*lN<d35l5=N$oQFk8}N9XXCF1#E|v$ys1VN)}4O^hi1X}>D-8C
zYXWxYGv||)-{nR;$0h(%{`5d#;zm;dB4_sRWjZVcw^qg{;NiA;3_z9w)@e)*hkq%%
zoc*TY*K%z~FCCqixqqA|AU91z6jI8^$@zMEfUxrw24K@IF#|0+u&R0bZOr7U0>c`8
z%#F4HAkMrvmgQyq^D$t*Q-V`LoL`MoJDy|qN;f^R(go1f0Alu?UD44NWo_ASTu}1V
zkAHVcdg9fc^~I+w!3lhppkq+?;-6dl^_<#GI%DY3*wcTGk`SMvuN*W)uRnh+QLlSg
z@E$34eE=YThyA(Kko)dWQw$d^3PBXXxJ!-p^<(s##xp{2tWOnwf5wQ7y!Gc3@81Q(
zH!1FED37^n>)6SH7}d3G>}W!sspMEm@d1Ci)u5)+nx`0GX_EB5A&_HY{kx+Fy_Uc~
zS;DWX`d`*6kWMC|9bj65kq+Eik9LTO|6uun=QhYKj`|xDJ=KGjmX;RRt~nJTd7e3V
z!p=Yc?|c38bLojZ-y<>*A?2BD_v>W^`N@EoTrFELp$w@hFzC1kLV=<7TFw8liQFTw
z$<3~qY%wnsGBUEMX{DQz65y}dj0|Lc3Gd$Z^-WKAb#WR4>cC&Aca+0lIp06;a-W~t
z(!~-&Pc5cnxN`)w1yX!XZ}b&ZC0!Zl>3LkfzyDrC@b4c;Na4<p5&UQ*v}OKD2wecc
zpFo8qU{3MxuemSz!CmkXS=k@In382H2|tQ4PS}}|$=)BAk;X>3+P@>>pN-6J^jTxw
zd_yQB&2DJv-mGy)0W2{o=Q#iUJ%fmbhH(k8SPDjuP8Nikj8%YB#0r=x|Luz#T{I1?
z<9-1UDcFsZ%{jWd`ub}8+#Zvw|F2KGK7t%zRm3djhYB>&^f_@fH<+se507q|o#B;D
z^*`0w|GqId33y-J`wxkLFlnit;l^;G%2NH`TkM|~5sGYDV{r#3$bejqktB8a|85I@
zlfk;){6TO6Ik{X7oy_Tf{WUJs0|If-|EHx~Kq#Zpc9g_ZzTE_#^o5xL$JhQ=R#q@W
zE9L*Z@LiuHErSU4%0c7!Xx^{Olba1FtO2jmZsM2AyifP!@!vV_pIzyA6KxrEe-hAD
z;j>eX)r2xYeIt(yy{1lz+3P)DTJKj-h?V;L?EhzzASiPt9=zxD&~0OHAv;!GS66pp
zQrHFX!4*Xusl0HreHei(#K)(_10;S&@Td7pg6DcWD(k7@gK-$C^vzt49kAAo-|FR>
zfSJ~O)P?n@hk0jiPImpr)i}hb?k7yf!e<9AnGzz6ZdQ6pugm|%1z;H&fu1Q{TVL_M
zh5AidT&85vG~X1vGj_P^>|A`{weXPcXH9_;b@cUvc4u5q?yqR}p92^UiM9+a`KOIO
z*1L0bCZ1(8lF#t7hMW%=fAtMSd-xMdJ^+X;c&?mW-%&tgW76JsJ>jepBPA@A|NSD@
zcz|pCL?4{*nSjG@vzezwQit}FZi7)CMuaiP`y1VHajUDHGR9o22DP?J9ka7<u+1s|
zdV&43Kc^$>qG^BS@@4Ema|$>Ikx<`xpI3W>c1Mnr_X~iqTxem}ol`$9z1hY5Wv&DC
zUkdFz*G@ozDNx_7g374d)09~V|AYImhgX|<fRol8!(~uoF0VfP;V~XwWi+h(`=2=m
zbk?W%1`m#4y0Arqvtz^T!JV-qC9bREnW8LU(bpIm{dX?^yLZ!Bf+NF!iK}yNG27m}
zbsj80>ipu^-o)+r2UC<oyF;wT&8$>$4_2>!sbey)D+`NnqJlw;+5Xb`J57@2??xKE
zT^#qKsVk$IJ#XU_jPjS(0xfgkHVbkJUQY?7VtJb)F#`-B&Y-)kKK{f<$0+E0e1VFR
zVUu)xP0ed|I;HqrI_3`_nZxNwg=8#R6*X_b8n{|%zrk4zM_xB9dB{HNWOF3FcSv_T
z|2dJ2{%w8*9EVqX4oN;Jr0~KCtfpqj;-|aFVE2;{<(~*izW5Wd{nUwzjJydh{oIy-
zzmYuu_EYpW+{BtjLX`fETW!;|aoJi)Nk^+~E!1$0s$e6P4}RRI{ALMWe>G!rpRhyA
z#U&7F9<#(Fb-~_NG=?=^KcMu2ZUgulFFJFNHwy)^V|>(lbzD+iX-8@fsS@`n>9?$9
zWZ0b|wvM^P<h-e0a}yGTI73{`WrgzB&y?%Dc_2Ey0KfK6{EzS9K${ck>d*FddKm*!
zD4Co*r-eF))|Lz&eaqeR9f!JI`&J|rWjAwd81o|mtixu#>4O+}jt9i<=9J+oC}ix<
zU^_40Fu!#Rl9&j2{(J+~Tnalr(}7`~BK;D#k7us-nLyg$$$}k!T)vK4>aQ6mrR3vH
zpf3K<Y6}=^TU)9dzqcY?@DI8u8+7BQ$0I;)+>c5FymzHA#~DxHM)^;+(LcXftGVCL
z@tJR-mtS5HIq|KXmO?@xi{f;2-1Aym*Iwca?(zL~_Nl`laqiXOiv2r+Y$+)&F4mI5
zF1SuH$Z$4`MDUoS!*xI0BG|YbWeNJJ(beST)hx1M6gTgyRDizdkFeCof`ArBFXzhT
z4lF*d&dF+b+Act{erChGOqVNBu{<e%BP$|oX?80^u)HCq^3*$F=i#mUl356PdB_WM
z5ieng=YA5%IvzY;shgprlRUq<I3V`5W8Meb40%b+q*HN2*tHX`s#tPmRPUIPoUnK&
zWZLQM6$bM`X6ul&3^H3(TW{0d#QBxtw-g3r*IVY04B+7*0x{2%$ACD`H`jL*)xTLj
z;sp_*F%p*57M2uIfMIMMvuzGSwZ*8QD6zsalQyc8DoE4}HhyqOa&q(B8*HcP8e45w
zR}T-f%l|s5AYM#j=y~w^xmoa@Lp>UI7qGc)&@IA=6w=ma7FJDrS#MZ=cnGX|bU2Fg
z^9ve5vT4|B&^lY1uZaDbRC(!tS7V|A^Swov<XNX>L_|akYK=4~61VH+S>JT++1a)2
zd=>EjIy|HlQv8|e)nsJi<oro-tR7}yYz#*@O!M2P7+kfZ3JS-82}RtEPk#06F=RYY
z$&EOMUcfrP+v($RG>}Oz-}5Wk6#eqx4TDNnq<SBS))GI`a{sNVhPHY1{CPnEgwF~H
zImQhk0s<M>m}tt`6(bzRx48p+r8~N5F)k0~J&t5a(fZOnb|(#;#%N{^mZ~ntbRlA%
zPk&BULL7z64IEVP3S9~Cb<T~J(J?bCnx=Ow>@U3);w%)Jt~>|GSNt!%FSS0L>l#-3
zR2u-t=KA?22Sc5tVLhW+9gcKml8CRbSU!;xcX)jWwn)a|yRV$`KEB#M)x@b9vy0%r
zZ{_>b^wc`m6)}W8wzjj5U0J@jgLo7SK7loZTNER=N$WYQxuaJgl2~oho=vx~&{w>?
zc2ZJf<2+rnh+F5hUr3u(U#C>JY_cuj>=%s$KCNR#LBidLZ(G395cuOw*1;>g*^@qg
z{1$;m<GVRp40=y3CE;$F6(zREyN+`t9Jg<!iV8>u!VQ2^xRN5H>J1=pC1xUFhdfnK
zFAhAzT+9i{%`^4Awhs;uFV+P4kFbv^;*E8!!+9d6_4xPc^Gw@8rXR@boH2u>@UDH2
zjgi7ik&@yE=p`DX3NKmPMTKD8*$yls0&oYODjc2#p5I!`MwOKr)!}|9!~NiQVsMec
z$Ee`q;^}8;>F@tM2c4-|_QQQZ502#Nnw)LSaKm>VQ8{(Ax{#z1>mq}gPZ(QO>w{hl
z@~XU6*m?+q0PwQNi-$jI+1BbY^F5cggV#k8GdVy0@*1<@{Sxrr=O&dlyZoP+)_>jh
zx%5Le!Rv_FG~3G6wI~{nUPxSxHPN1mf{h_pi^;6xbTF@KAh4k^_mwcu;Hz`V>n9;5
zrbYFz(b3fh6bxvi52#C8;F=B7feUa=K>@BjRSY6$zikQ(`BH!W%ow=30Pcfp$)<Y~
zPCW^20YZ*9PT}=EJ-wV5dacu2EnAF1Q`LCyv`ZlxnqND1J%emUqG^n4Z<~!WXYW@J
zLiQS&M1bZfND5U}yfv}Ed-LUE5E}OOEd+-|MotnX{`sSNW#vpAT3@=??&R_}h?*2N
zF<>`ChKC<K0J$xgm=+dGOAraa7dL)yj}@uTxnMuCw0yqwh9Jv<ww=kcx<4tgU}9sH
zIiM|}<7FCO_ZkH^<WZckX#?TOyep2Q*sqgho}gU10W@J+v2n-2K7I->ILId*$RK8F
z^1!(r$52m6A4|@czJqk|7k4~5uREpy?#TjnFZIhUcVp%MoDNCk_t;0L|25fwNZySP
z7&wwW+}@wS(&&9gnGVLOzx4Oky{6B;WBQ+F$m1=#)(2{*s;ZC9QCF~X3GP&OlA`Js
z|7m{xK;+rb5INuZ$-*ZzU?*Hv#bXY^r(tIekHSn50jiI9HHe@iJ4@raZII&}85;*?
z!*12V0elASc(1$y#IAsl%U{1tpwy3&M0AS>9JvHZK5yN4sumOJ4;Kh3tq6~rYdYE;
zeBS@^GR7^4tDT)Cl^bobAUT>AdU*&kv(1&A+NK=q!OX<f_H0|c_F)F!yVx_$qFiTA
zl0f&UgncANJ9S3;;X75*J9qB>KKN=_*YZoz-d<n-gT!^l@_&5iB69F+FkV@nIF{C0
z4bB?*3pi#>ItdP@d#yh87vC^}$szWkEAy4+7)$0C?|6WVGFpp?ewL^JlhxU;;NZDt
z47j%K_H5&|Jb>yhLvKMrPR`@U2JqCdpcty+kKAOCy=E?!t-Ki9lNf4BqQk3`TG-oz
z=I2jrwt{a#kzp*k7e{twbCu?AUJKe=8<~-0h;JceWzqUl-F7E;U>L%gG%;VCkt;7E
zd4f7S5zwlu4zdj}N*RMTbzk6^foZ1MsDA!72+Z4o<#|&O6O*aUuq~%&B;KPjG1>Fv
z(gQ&uCE7oJjE%iIiulh%2d=^uGRZO4j+~5|27tllLf2yfVkrEcNTcs)8>*W`6E%z!
z&DiUd4mVh;e2^%KnG*M_>%DiUqfw{#tSx|;(HVI>)9MSP!3%BIflfN+)0T-Pg0W|*
zz)Y;5V8R6FVAc)9qa&1k8V9=@4J0gaY3e_AU4ExuM%W4jbz^`D!P?rA@w3DU8Lm}U
z;;d1<m<YMq)%i$~QzK@5{d_ny&+!W{!QC{|z$we#K7KM9zp^tDQIb4)tC!9dI?0Lm
zNSloYrDCMpg;CTZm|h^Q3BnLod5hT9HHl*cluVEOWd5_p0;6D9HkbnSoL8S6zZ>M7
zKq8|k?wNVr#n2RUn(k~gFxKRA$!)h~W_vqjUn!jFHCHf(uBF|2GM}#yS+4g$q1y6j
z3$axMp};ejG=*=((4P4E{f6jOt#*cm(4e25ZT$Mh2D=d&zTENwvIs(XeUHVRAq8{f
zd}J#b2%!bs+vp$5c4tls(?_>Y7O+zU*mzuyY=hnt);3jDjkgh|6sbzMu6`v*6jP0~
zxH@>EoGD=u?wTY<V(A91kOi;H0NDnm;NpCi1jbIH>xU0*_NjAOi5A@aTIJWV+W+}Y
z_sRWibgCQ^GiM{~>(h~Fc78Yf18~LsvW0Ud2D4f%`_lwG3iMI0YZGFq!ors?PY+F6
z!z0LdhRu6PAdoH+F3U)s0jmKSDXvznJT&KKdU~#gM@di=wb>+hqU{uK(2SFs^5wZ*
z(D$cNg%9-oyCQ+O6O>k{!1`v>_8;-rb#$H!e0u5Y#^7M@$d+oBd-KYQkbP(rrn7KY
zBsp*A#!L(FT=v^nc?u-XL944n&q6R3>lavA-w}Y5)4Sw-;SfY1`BbrKC3@PEj*g+Y
zM(Yd_%+qq~R*&JH-Xs{(z5%NEZQ(Jr;=rH@=l1gQsBP`^262a*t?i<?J>GTxj2m)5
z?A3Ab|DKzHmz|;VG%W16IHhG}AbL1eIQF{6UXI{FEPNxyfN%>s-w$lsDro=2pP(vV
zkOR)^w)6_;V?sFfoixL+>l4l&UeXr%JZg$5>(MRWrH;?O6I5gv4Typ3Ojh^CT~Cnk
zRb6$E$yZ8wQR-2jUO74%&r~~2BN2H1!+P~{@e2|CJKX2?y-7s$>`D3gAeP}K!Gv{B
zk1eVqS32p*6STlfAa~s^MJrV41y0BkL0<D)V>|PHXms@2CGkvlQm`?_xS1&VA`NY=
z&@01w&~AGFO#3aYqDgTVb!-S3AfIU%e$luRz0y5AF{yXh#(?&n*TkWV8=2}Bbl{xW
zBXzit5kF+qyE%L^mz+*XWu%d-aptck8Rpl&4xazKWB_w#>b4!*X}=O2YWv?YB=bZ|
zM@Pq3{OWv(@4eT8M0J_AE{n4)7*$C_4N8PEej&k@Z$F35T4l@r;Gw4<Le}7B;)DDu
z<@g^jTpD@#&>$HD9nuMDRs)?0{igmo?!AIDJ&C>n>O^f6!p}NOfa6ia)vw-0H^eW_
zmiIi_Y6VTZykPd@;uy0AbJ~2h)y45zuitNB|H+qCdRgAfi(lyFXZP~+=UeINJ(~F5
zu79}SHS2hHFhDY~L`0I8gj^q*&7L=Dr2fUnn)y+^V`O5oIfr#N!F>jqI94_^RyN>L
zsyH8sMi!;0w|$-Y`r~Eg>c(K&TNo)<*T=*6?+3VxmoL+ulnZP4LskmYU0tiHB7yD$
zw?^$h7H@y1*Qm$RZfrcMKSweLVC{0RJZBpoU98Z)FjxO>*iM7#Q3*u_b_rYA_arnG
zM<!Zr3|REuxr0yjS@*>ZcgFsFX7Yw76XWq-W?b$_=9aeeCkAcp9P6pOUj!e1d-0<;
zA_g1stavo)IQgeWHWwZG2SXtRRxa2aEeWH7g@xkneh9?2c1ql7K9>IQP;e#=sN>Jh
z6!jgsQj~3MI43&8AaR{%J&6zyWX;3#>bMsL78g+Do2%VyRNtRvUUZZ5+y5OTe;+2H
z1Gu;P`#bHkB>cMZqu#ld3rYq~aNbS9#=Ti%`YHzs1*Q0`W$C>SB38TIwA!o#BJC&h
z@R@2*Q?<0z9RZ0wsGKVHX1tbVf<i<278DeJ+Qv|!O;)|FWUF|pD4P9HVL78R_{QBr
z%A%Ul4IBdOp&fxVg9kL4*2zieR8o6K$D6}dc{VpAcS%@k#43g|($ccBlD&RBtm<oI
zXhlixwH`=AcJ-H0#_?9!-vY;Aw6_O9E6_UTzaNIL@84kH7m9s_!N+^NH)e}=?ZCXy
zPJ6=0ggst*eA7H5hI|FVgXO$CnMyPSvO4K|Z9P=_cc;X>04S5O8^hX_;pSKkpV2i2
z7?4$adP4r#`ucK_FnI9zkH6H9BU5@RY?^6HG;EX|dNZ*kKYwdp=w5aV!XU?IMsUsW
z8A<io7i{B-PMLuK$$<qwf)f*;0(LKp2aUzEF4)I;pSbU4IJNK$(fl7+;PLw*e;Sz^
ze7E~T@N?M51?*PqNCueHk{DpRrJ3U7Z~0)P3;GS*;^K^QFevg&C7qX-jQAp5?b&-U
zO9RU_@lDT@EsRA^w~Aqib#0`NIE2*b!x)WZq)Sz#vG3N|E)QdG+)Mu4p!w4cMI{Rn
z_TAkp(M$$yt(xD~18bxk5NT^isg(X|D_YUJL}(wzu&}vIqc?U3#MI63YrLp44_7J|
z{1JG!2Qme;|0llsf5rwi8p{xV4YX$Z^weQyI^uJrKy0=*9rM$?*tJdT1ZC*i!=b=h
zTy@0hloc@g3^(G8>3*rG<R+@51Q;aW*3u-J8%gRNja!5tEUhXGh*;U9kga~DrPz2S
z0qttpi;Ec8kQxIBOo+7yl+R3DFtzM1a6k$wMDD#k+#a3*O&;<2Jw59*-_Dk(f)Jkr
zXys!DzAqY;%PsNIKVhd@G%Cfzmkcnt+4t&~8o4Bj>H>Iqv^pA_T@e|1Q6Ce>+GhOs
zkhqx(&k0?ZyDo=A%;5%i``+Q>)kr}ic|1?%1k=Y#CZGq8=Rh10VF&H)IyT*9q|M0m
z{NQ*82${!nL!R$2o3$ZDb)I?(f3p20aWV-e0rDs*<YWW&-9;#>wZwMl1M*5!!@Vhk
z3Zj7i-XbW1^XFC|m~tm7wzm`R5>5FZEKcdXOa)d(!>}$xRu&ua+$maVKJ!R4BiFEB
zNt9hL71g{NE&Dt2S0YGPPT2Wt%BN4b^j@V`GG%>69{p6pgYJzRx)|wI-2h7kY+8FI
zuAL6D&k4X1f+V8X<Mh*<W9{}4h$9e&{+}_lY5PpZO`>nThCg}dup13Rmd?*I1YjR-
zK}RE1Rm=4$bT<yVHU7fUOiAkc6th$WHqB?XGk=G*>Yt&Zt^*dSm9&A6(9+yy*H=@N
z-PRjG7WgRgEda50V1CD=QPw0z{yew)nHjP<CSS-LAqMk4Ou!Zz{mpSdG#Mm$G*vI)
z;3ek&`n68upxL;5yLt-DDS+I;5@G4)+cW|+gWi{%$-;xo+!2_#)W&9AY_G3+Yz4>|
zwr0V8iHLwgR@jL~@k&i{3u-!u2e2HetD0*l%~d6X%=-Uxw4%>s5GV{x%lI(2E@9}>
z+ea5~0%!eTb6Kf2-2N91O7Kbeb#eRxvkjQ}3yi&R5tWa8^y4goi(6HQRq<9fhP>i!
zInn)@kPha(wOPxV>Y}Qu=Q$$6rzZ>QoG<M=Z(bjPa8@9NosiVgU1Y1yj26M{-a9Gk
zJ9G-#+8kmfg+X@?BDj`aq)w>z^jpYc=-GN52YY_*#L(Q!rsY|VmA{SiwW9=l+1l<k
z;k4T{d_w=A%Qaxf#^RNg)`N}zQA;x0K*DkM7~Y$FvgvZ_Y{#+O5kqRi4dy87=t({C
z7{oful0z?m;$oy|B>j<>EiI?svC@*x$p4-5{~61}Qx9^^P_H`ntg<nu2_n_~SBaV>
z_(rTjt)E!eW*#zT%WXgP8kU=<sllFP-u>IR3!+s5YwNgr@{W1VaptQ?(3Fu*myfsb
z=ixj@FPI6W)z_w0J|=gl#jpM}e=4%0Y-;xB_^ji=o7V&L`wOA#=O4#Tuk=4b=#5F)
zg*CmgAs<Uh%G{d|7owOj_8S&GF1OjTxrFuN9Ge|Z_JF=(syesB6u!3l5`b`s4fFoh
zNxj&g)28rD%JRB@Fvo8by2kg&r2g-HefzpnzQ#cDvE@FY|K7f*=hSve$Hc@pVg^DP
zrb}d-=WJD!-5a^z9t`CO2=MR}sbOP2=idpTtxKduS}wG0Z@<E@GnJPs0jqoff>HFR
zO4}>3upzvqr3dCgwWgt>vI8f^dsABioVNZ{Ru6C4-HV~!cY4(*DIx;u*sIZE2qdFk
z@<r1cch^}8kDjL3v)4lZXW4H2ij#8KUT`ogVDp*GjX#m;M0!q&O5|?M<e(|}`5f(&
zmy=xA=T~&=+BdZ|3(Yuysd1-Pe+0==VDVRWty9F{_BQegt)g90+^Ew51A<FaHUgi=
zTXgji$9mEWr<F7^apXq_SGBPbc<=#u;0r*NA31XeNoiVnaoE~&Yxr$zrT5zkP)wBF
zs*$$>%h4)!1s|W4E`>ODzT*kgSBQ6R1Ie72-@h+j=EXq3bQHh#`Rs|i3>HBf3i<kV
zgK(l^!7tzaHcEi90W@zngbpKE@g6hE`SIPtP^;Yu(?h>@fa-Dd+8(6|C>HcMaabZ+
zeB`4$yD_}QZ9&>jPZa}?peuuUhFjp2#U?5U?R4vN=HNS`m98X?l#8|ML2(-WWAFI@
zufZ%(EFOt^uzo_;n#vT1r=^v!)&phBb>1>p3n8Bq0}~&BZVwL|Ub0Hkw6}x6PzW~(
zP2f6-TeWj^_3bY1H@6@`a&HU|TZ=2Y0@bzO^40Vx`WrtB@{Fdjh~!Za_0>wUAUE4k
zRfuDNog|yu*Y)*vc0LK2-oA9d`w``-&C4sCod4j-ZJf*j$pD5h9t8^in-_3QQZuNs
zV#gpO<FcSA#fiM^bE&Av&Z{q98t%z@c9Osd%wIfzsZO-#A$;Jww*KNcXV!>{37;mx
zqU)v4zDd29XjA@bjMVmgJ<*Mv8~iAT1+!x2YmgKG>+kT)BYE_@b~^O3B~Obb0}hmr
zw%@KW4de;$kK=V)5z#Gr3W+<322w#b!0I>7{Wo(GS@n#~{HS0gO=j#DumUzP0FZYy
zB}fLFr1n~DCT3jpz{RmMgt4+!&T+NhxCWPz!s6nBf|5un)Km=%{Tm)wy~EX(`1J~a
zBc!W$K(4!u03Q6qEgh@yE=layYvX)1VXNJ7LmoQUxu(x&!{UAGjc(M@Jm${~p0ta^
zgo0u+ipTny^Ffvbq&Jy~aUjdM8P&@Luux?PXkM>$%N8sr5t3prIz#dc-o68$|0sqA
z*k5biIOwJ=QX`<g{mFeRmY%C^@_c2};4Vpt7Puu>x}6rXGO20X1N=Tn*s_wTUv?4;
zqZv1Fzi)F!4n6rZA2fJZY6w;qUaiFJ97R%#{_eoR#H6DQX2-_v{<}44NC(z%pn`&e
zl3SziQ3o~~$YXiPz^KyUC8p~d(1lOk(TBZ^mVo+<e9pUcRx@=uXL9kOCV>aimF3fA
zS#7YglFWhe8B_Sxaal2NlUoP?_R(Jo3Z6eVfD25R5s>k`M(|<E9)8F(tpDsoaTCy#
zs2;^-`3(SgYh|S!DLO=RhO^yHU5y%-7k36zG$$uB*oH?xY3*=@hj>6>Vlg&M<8kK3
z2|j5}e*W%kYNiAK-t5%m#(|_T6SiqVKJ%DlU<?-Sr>QcX)<9HX!EPO?^St|7;^~Kt
zqU?lf_TEU~fTgPHS!aUk7wVaMNb!2Tz2|-0i^>M0;$r3-ECJbpix5YymS_6S4zd%e
zLbXW=3BTQoKzy{zz~OdjgD#AqOt;)(K~g`7AxOU(AdYo?W<Zbo$nUPT^{h4)G^%-N
zX>HB1UbX&TK$PN?Hbq8z+m&EjnxKmQPE{mMhf^~ipGDw#an-RQK~ysJn~Ff%X&d~H
z#kf={v6Wsh9m=~}z?9L?hGoy;W0Rxd!452?%J=l(a}A8@#d46){4!P}6!qCxJ3<cQ
znI^_3PcXui({2z_m+O#{Vyv$Dh=Z<}*L-UF#Sf<bdOLnOS!#*f2Z!BTTjt&9o9+e<
z78Wbn(3L3Kz!WK3vv1-1?I#<*u*!AHkG&ysQB9k<vqnL&^w_xH2eBJA>GCQIvF=Ms
zii(O;UEMp>6wO3k+OTBwx+>fP0p0iRot;5K@Ygo{#32g-^>(_0S&*Fxrx`)#58W$A
z;K{XwLEAN6HoPS*&7T${IbF4usQbdaw`Y3Z&FIxj-h1~Njn2**xHv1|R}cs@^Jf=E
z$+iNL&S0Ga^aEdD6POdi%DUIW$I!Wji$f`JdoeG@zpbW5yYzZtii=gi<S%1a+`pJJ
zhJ^`y5CCvKVM=S=K7G3-HdB1+4}dI-=Z5;zoyvUswxNofv9NsFfom}ekjLYIKaIAr
zUwMC>tHu8O!-ubqOL;CYKG#%hsK1&xoA;a9!ShkdK`LF<uRO0_^5+sb@&^pvjXsw~
zx#(4+IAPS8mBp1_J^oe0k&Xo%E9*}W<Z@5UpTWIfpu9HZ%6^2AN~$~3rZuE9b?9=U
z9bro0WhlLo32axJa6EKiU9A#+SmUL2mPgz3>G&WB=&vup!9faHD{`+{%ua?js+rnt
z)&VBX#|g<2As*bJbYga(#hkIq21s=k?mN_lQ~|vHE(I5w=udA2#DgHd{U^;CLy@uX
zsx6=AFZCq8`t>9Z@)C#?sKv_0gM(Gl(bq!S30b0M9bvk0pgpLGH|Ov6;VMmJWW(=R
zKWO!3xu6i~qd4xX9>ietoW4Hf-aQp1=GYW6>dbVUgRLUOhN;iPAO-<0p2HIDbRk1_
zNNVarpkKw)?FUbMk6cC37}eS?f3+jgpQ^w|uxWkdWEdVkM}PCq_KBCy%c&I>HViZ6
zf}gfLIjT>3WkB}{xS#>-e73eU7k%*?DWEc+I_p=IxHi9e4ak!jJV5}-yR}$hjQllW
zud3uGyw{rS)<tGmTT<W&2yzGjB!xzd*eWSP=AjEKseDCS&=?{{Vx||tKQ^+n_YrTf
zr7oQxKeqn(r`>mTiCF!SVP#Q}|9e|o>-P^P$Qx{?hi^kLX1z>hznvdd?IL&zbxw9|
z>a8rhx=Bguehc5SAQPW_!NUAhRi_lqUy{fr{ym`{3?0bSgqO$#%gPM}|8!kW7P@Jk
z3XG7OM^?&4fH_gQ6-kS_StE6nLwTbB6q^_OgFk+NW(MGZ4$arx-EQ~DLC&;&`6)*r
zZU#D>ax3BYRIbE~o>lq^7&O2I*Ti2$f+$)Ss?#IgwOuT%Y7q_&uKk}%B38<A31T!Y
z(3amnsl|Bti0{-nX!bbjzFlv(T1K5Y>C$>7=DGEyZ)*zu+G{;=cJgE6xg&gVwpnH2
z>8F$Q<zVs6tK*`Ap$0!jYOh%bE@{M2j@yQ4X0j=#LKW^O7y3PIQ3l(&ruo(w+KC+|
zHIr(~eu^%CNej3TEd|%0iXSak^SS>=WPmkk*>Io8hT{Cw`d}&KW*K_5+0OX42;w_3
z9?OP~L>HPG*S#ot+HVPHbg4BcP0UD2p_kvAJV2jRHRE)z8A1^yw{kez28Gv>L5)pJ
zjHyYm0Cv7J4qA_&yQ11rfh$o~Gk(8^(;a<({V;fScCtVnop2YDt(K(C3IM&#iu@a&
zcgicqts!)DE%R}Af+qE9n_8$A+b%RTW2iAw_-$6d(*{Cr;^5pOI$StnGmXe5RY&{8
zMy~)WRU9<olQZtu89Y%~Z>^%RKD4xylmPU4+73jn%!>ydu7K5cF_D$$&-{3%-d=Na
zCKcb4IU@QjAFRa@HRy%IwidWWe|ft%5lAIi)EX4{o^NG}C9{XcNV(=0AeVa@pr{#u
z)){ds%ianS5K8~*wZJ22ar<+I$l99QI;7=L&iUY@I;1;#%U#z94G3MdwbdjrpJ{$=
z{P_7<_OuJkC5N20to@fF%tSx{8=qZ|+hcocgwJaE;}!x9mo|C}O2Sc6Ql-b;h-=Q(
z8qD(LsTuxV4?d5@{qVtw@l;;!CpR}xS6prLRkCrQ3^`d4NoL62KX?w%#b0OP5!xj^
zJ<H4C;c;;vK7`&>2oL>Od<zc`2jN{~pl}-}o<V<IoDoac`FKBuz>Kr$CaE$mMexFR
zHki0+Ik~dW<)pcT+a+Et!RN{Ph2`LCmmI}W{|?iR462N$`!h@mk!Y7^Oq`KFdd-!S
z$lXLGXu24-MvI4@MRlzZ5xvvae*Bn-NG`AY%>qQ9M!ccr^3)|$HSf^3wDjv&a>SWd
z31Hd9xLsF`V6o0t@d(u^{b_IR%1css<1#0Ndu{As$(ug#Yz=7}bMr3fkiNh)*<i|k
z*$1zvpyB`6D&ILCa_)4sl8>ATJoKff>*<xqTIaI<?JGf($SPr6u2UM&)_#R|GTu&X
zb1Q?-vUa(BkoNi9{Nq<=#YG9VXH!-T-1YcrC_&{98|^Y~TT}?fY7vR6$;$awz|$z0
zuEel<icC))l})fcUB=m!N*BU_eE)?6m8@u{s@HO`Np?CVv8MjnMs}+&aMz$>R{-MM
z%1YM6!ET?0wn-<>cB%^iO>UwVzaW2+Wrqx8Moa{3YXJzi>-@NON~dCUr&7n#FSu*&
zU5-n=1unIylSyEpMjV4rYgLN{&Uloz=)Ic$!jZSZ*0ttcp^?eC-pU_799H?bj~-Up
zIUfgDCx=;AQ06dcY}EyDx&!oeH;l=?u8h64jZGIW!B=}gYP#5VxRO{^F=E3Hcr)2h
zWDGQt42_VOn8b5g1_58)$d+{AM^{b*2BT_HXk@rVMBUM7W%_*2J0>fwz^)urDr?=9
z^o)pZy8^I(?RlKi0dXc1qRrKL523AV9$Xcw+!a#TKpW%+BMsuI73HrvzB<nk^*H~H
zLShq=lT*#s9I4R3<$Oe@iOYA~GcX#Aiqx1GAT7xAt|$U2+)vNH4rInNCMNgtZp77i
z^AyJU!)puYA<G0WEE(IX^wO4>8oif+?lIjF{TaBNKQ)4sIKSNf(H+xUWkPV!$9L}@
ztOb41y~h>q`?G|#?A{xzIGzF7a*x_Hx0sC?r)*!vq#~6O>+tZ~x2f<!59T8?Bq;ET
z8-6n1D!H)u1rj5!VUm@q|15|NEvoCd>dvQ95K)?yl`Um^_c{wTMrzpv70DmDwvqQC
zE^FRIvo#ffh5M5^!>9gVz8oHYeTUi9712Nx6D8rw08n@IR_TUfBUc53w68?e@FQME
zozZjpHS$1Bsq^okV8(mbyr(f8=yo`vsMS)5M?hf264I2?51^^BcB%RMlIP4OVSfAH
zysiW^U79WQ0Rt%T%Ah%@wEP3o&#_4n_3bT&*L<-KKs!MadVrs&r;*X)R~pCZy+b*O
z^|f`+eNF{Q(`Q54x@eH^uHM3O9kt?a(E#)prb29h)=!;vtn?oGfMAh|T{-j>-NT0x
zb4z5rH})4OVLo&IAQl;jrkI$-#IDmw)^<JdtdWMvkNTlklwT0=dT*8X%R4ZHn$*;F
z)AaOWA3`^0GxG>h==Nq~qq3Vj_Xq8ukO($2+gI6VYU0DqUXNdywEO!QN<tSicmNjk
zV=!BcG)8k&PMeLYVGVKS4;Hw?vdx|r7UWUTtAettq$ewm#-cL~Gde{5$tG!8CPq}i
z+~3*6m;-%ZLnFcAA(vV~oJ9~3eVx<bfFPg~C)6&uTDNG$9rKy|46vTNXyK#}c+UE|
z(%eOZRY$T`B9dnvakOO)h)ax&G@^HzrKTyFJHuWrb>JA<In6bN&`^j}34ZfH5D9TH
zsXo0E)UBysJcbT3Kn%`T;~~1HnQ7rBC0gYtNs#vz*#y`c^^|Wn_=xkrSFw}cL!*)~
zcy`b)1b`k{IZos0%Y?NJd83oKI~jsNQuKPDC3CLzVv?tt{Jz*lJ1XF}dJueufR=`5
zx%1ZUl2UR{m7=z0d}gcLM%=?6KZ?{QRM4s|l<Zn@Z@(yOqF7uCQOg8&3z41Op)2_e
zkRSk{4@l4q)EWd$n3R_IF5e2uh8}x&MT$5>Vxkbu`{TB{Wt%g)u)#spCVdcq0VpAh
zaY}cH(I9m6JUq?p<}U#NQ&3<xfu14yuy=SkPi_hhP#KAeAo}U(goNwv4|v`tZrQ=k
ziV_E<toq;sgY9s^bcgE*c0RX9gvMd7FgE%`TyhQTKipUN<$VnQ+S*ef6VEV!R?+I&
z9bLx$=7BS!Iy!J=-rya6rkD`deh1FOFgJzsHB!_lqol{}!4Q*$`9XQBSLaSUo6J|b
zEC+#omc+1xN&^!UgC0E#3+28qZ&Fjix>qwV(irsyU3^^crTx$R@#(L)*iLQNWf}!;
zwPo%6*9y#j=nScGz$|<l!FbsUx~TpF4r#7QBG`cLwqv1O(6n7L*IYiHC1H3hGnk#C
z41llh1r#UU&%|02^#{Emz0!d{d_$pU+DVjuuZ~M}x<Sm>T@Gu**2Bi;c~0-qlvRW9
zQek>Rl_^_UiB@D3dHf%C71w$t9Gikm?8JL&_`INfi?_I%CsEFpwc_K=1k!>62JY;L
zU%$o;yjNp+%t85ZpGQ6Ki$}KfJ9~CKBNe=GM>=>8`^oMt$cKrQgN4!wj(UhSe?!vh
zb}4zD;w`JMjqDL*&-J_RjvIgkud3a{ge3H*aRzhcl#sw>WgI<@nGJ;ZtYc7k_|Km<
zBcKv;Z^FQ~g=K|)I--4{ZF#ci(H#cR8*G%6xATkKeymR~zD1JPhMn?klbS6_M~0d-
z9K@@=BY>XU03Mdtu5bXwhnkuyUOIF*ztz<SCTZult0U6Sp+r~bR|go6Y;9eCakT^Z
z476UKK?rGR?zmPoY(G?j?6n!Ti2B*c_?(3iQ{V+L0Br&$ns=*w%)4NSmM*P08O7}b
z7!(9DAaKEYF+*O~VUAUSh9Jn>Or_?Y2Yqxx%P;`EKi<^LCm??Ts^PFO&Scl)u;{+|
z)~P8Mm*o=?9wMg%8I)6iI<~%Lq}!zlw(A2k-GA#RR#tj{t+Bl~&mHzXbNmjuzQ!Gr
z!m)5%T85fa%55->f7XiCEL^<$MGIv%uQjay#0>}tv5L)CCw`!^?qB0gJrJ)kF_Qzx
zRT@PX4b+I-&lo!mbq5|>A?j3;UaX@3CAjho;RaTmzt0~kB~<Uw%BaAfe_aQ6|BEZ%
zY_&LXn!^lI(w+K@p=S!ed<D`7q&g>rW`{)m`a`;ma|=f0YAOu0f#3hCD_|T~4evYF
zGq`Z}5;N^h#wI4dKN!>PnbIMl;EElPG`Zuk#Y@zG`UF^u0J27Z*4#MUyu4l|o%^Ue
zg~wqo&`)+Np<`!aA>ibmE`%(~06v_D2gQOe`yO}7yjEA=+G-FIJ>MPdsp@_c#<V?-
zwbx?CVG_ww(M<dB;vC)Os{PoPjdi=Q$+H<vHJg)drW$+k_f}k7b|Csw<;d{!bGsVP
zejv4t3$ARavaeqeINxh7Jd2pA;%%u|T5_m<FC!x^FLT3jNpVrwee?7%@CpJ9ioU)B
zF|dHgfKT1De7lI4_L%|upVp9&2~L_djfbXo*xe_JfG%99)tw;gkQyGnnF2~1E7d^c
zr{{4D3RPuV4hjQywl7|&X5-_}Hw)35FFxw47)lya9DVn<zZ^w*cyhd5nphPfptiES
zd)(J|dfFjfuzP3Y-MJHDbMvacAf?~NMs<U4(Co(ltLm!5qUyFjC`u`%G>EiFiGVaH
z4&B`$NOw0Vf`F8CgVIQhbTcBQbl1=|Gz=qM-^Tae?|JY1f#Ab1`<#9D+H0@%i(Rqn
zqIiQ64gU_}7kW399@sUDnU<BRDnN9B(CAne?eVk}Jt?W>qM|Pm^fr|5cjb$t=8x`2
zHr^l6K`12CI-j|2vpO{A#T%6Wz|Nw<`ub)0{qmRu>7r+~2UOLa%j|rz{N_kCbaHtt
zJ7sr|!UN8?<2EDFeCLi*XR2oJ_YLDG4@{3|;^N{`ia>|#eZ^4%s1&-4=yb}x^4Upx
zzeE+QV)4PHb7}eZm>?+Z?z-OncKMQC^W$<mU`str?r6_Gyj6)7K6M)n<IW-AfC55b
z<-jepdsHWI2Mhb09Pa1)oD@XK0>`J{zCF8jtiNT$pJY}`d1t)4`{SI{;-Rl2N6-EH
zls~Ududilyzz+&C>daB+w#vq9Gh6KJcV1$*d{z4TgRLha!BeBSI0PSaea;{!MTGJ(
zAR(@O!2h0o_&e_8b-g#Qs3#C5Tf^$DW?$08>ZL2w#cI70$Lh`QbaC03+<51GygRf!
zAckI1S)c@4#zRZ9TNMA$YCQRUF-A&NZK5<y@Gvjwh3$g=jAi&}#`~j2`kw+())ggx
zAQg3FYU=kX@4n>ohKx+ra|;QH8p?m6)EgetC&R_#V2g-oIx#WZChT5Baeb6Kh!5iG
z_iLHfr-Z;?UM5-Mya4#u*8PC%5Zt^3-Oum1n$wqk?@DYR1y2ckl(li0N2uQ7R@Jtw
zl#tpwR1*Fg(Oib!7Z4UDhe+kS$=Gh%yYKzXPM!0%O`fhvgbOwp)BU)Ec7C+D7vlVr
zNHoM}opyDb7ca6AqDF{IG~inX&HWJ(xY^`&Q%P<8qU!eWeM)Cf{t$VmT((n#{HCpZ
z3ndXzVf$2FZ2fY{OUsC9U5BR$UEJpP%E;@Hk^o@T8QrBse(&(Q?1fo<1tMUk?(1vV
zIo<-Y%c0@->aF$hQXh|!+%ZA2xZE#abl+=^-b*xt)|T80IAPf6{WaTAls&MbFV$N=
zp=TK7P7%9EW-6ca3cap^=+aXDM08>~^~R+VG=z^DJjBjj>}%ndTTrxDuMGEcqBCLl
z`vsyS@1T9o1-Vf4NSOG+cxmMMve@XggZu+=M-2^wEH^>3miOX=ntV?8h<olpaCXm%
z>V+^xydjV}eYESV<J<TVH2BJD%Sa4NK(oI%1>y<T8ag`4pF5UZ{ZGvl73Cug15kZv
z<m9qiQ@ipvFpSevlb>Z1tY%tZCr;)vMJRrI52?cIFPFY!+U#9Dp2#Lggt+2}e#w)R
zo_+)Oj~3g16?kGsBidB$E&$CCKw~qU(e(k;;VZdx{8G(4)gmVOeNSIes1{qYy&d7#
zAPg!c63%`A=Rm)4S}5p#+ye^X;7m-2U0NH0FKaQ7e`=5Va>_Xrvtf&3(iyjQYY4cw
z-PO^V>B*aP;GD)TC@AXRddqCPn&xc^*Slyj$*)$O5g@@piQ4ODiEeCQ;$hsO7EVs_
zS`1dernP#+vrB~d2`CHtWnGWj5NDh%>(Le|5$yV*gnLRNc}<5k?>l?ehE%%bmS$YZ
zzml_VFHP_h{CaL0QSJA%zLV_VJxt+Do3d7#h%IOrUX)B8B~b)Agw1?MDO_xzNU>l@
zUGr9NIuIz8OS&bW;yh&rh2ebx|Cv3?j3Kco;dU6OlnG}Ny&IR?;^$<;vos%`(_uwy
zT3-HS&_uxilt>~R@$kDQ6k^B(y5dI;2Vw>g?pgfkKk8*yQRtq+V`HFd3v45`4Dpl=
z4Aj(ARL*rvJ42W1>Iw^0a{3=eA^p&z5qklcX#3vBdk!-+i<pQ<17=C+Hwns|W}=@c
zT4^E*V6f4iKHaYz8>=J!PzjHON(9=yi(^J+D2W!q6Dz7qf)TG?c{aa(?Zo=lqqJu6
zcN9TlM`Lhs@|oVG700VrZkNi%lr{86f*F&B^7nSF^ll10wf2!wcR}=s<cp0(Gw=1>
zt@k@eGcmdM@gw~NIEXEol#&?tBpz-ZdcU(NOL@LJ$%Pil^rTQA`gdR;PwM98^e;qP
zh*J7G{J4{HuSH1cd<!a)xw#1vTGJJ2c{`%yJnS9HPX4aUQYuXR-5KE2_^iYTT4EsX
z^|yBwAHTE|7<hGw)SR_7zxOin{222yL+9C_RwNS_;WZExtfkYEa(rgrF{z>U!Bp9b
zCF)yp&aE$B&}uR9mxu~JU~(yp(FFXekZenyZMn(ik;o_VwBX!v__X?61Xoscc|OM+
z?Jaauu?sY`A6{ED$tH>M;}cl+Fy(7TK~dOcjjL7kqps*Qu$$p^MUa#2R9Pnw)sXw_
zzpC`=r%JNfnSNO?+=*FOI}>=^mZYB@F~$kYRejD5ihuy(%-x%|-|Dw@=N<PB*U{B^
zh8ud6ETasXm)D7_0t*8RT_9J+?m-XoFk0-Xh2G0$4i&lAKPzGfxST}med|G^zi470
zB`1CLhxoD?YQ1im(TSs>_cr<sXepMc|8`vAZ8eK<Oqp&j-;;||FE2p@x9SO28G6Yt
zg}m-;-DzM<uhn4wAi{zA)Pekz(BSW$D&5HZ{JX|;O-{?1K6nc?aE@lzv8P<hx6#r?
zBSo!w#J}5E={<?)K7hiOYR3ArK1_Rex?%R~5|Y44qt{#oeVK)u%Ij7e!ilY+@Tv07
zI%2{qx(;rfUlC#5=+=iK$7pC6n7E6YxsRZ%>opIZ{0B6q>KR8zLzi18PES48Hl--K
z+P`2f@tc?;t39QQT@?`7bi%4{#JC8dzQ&JQ41JONiya+k!0x*b^s-BI4}muZ85-!N
zOlWD{1`6eu$26k%_E7^_0c8`nZKn>huGbIIa-@_}R~*r19NYeEScoRtvy<u*kRDGM
zp{4POUAn^jV_hc<baX(L*25X0!^SZ&e;vh2rd6h1))DplGwtzwRuXe!%bz`Hya53D
zMA-kibzfAQMu6yL-qH<SrD4Vq5b_Wd3OmdIBUHwHU2zpUA3G#h&;}dZ*ykllL95#r
zpD}a_)=p*CjbVT$xs)`k*P=;V^!B{u!81h*xcEBiCdImRKH>D`O3qc{rUI0Mob^xu
zsJ;SJH!Jd-*U#H#$GJ?^sl`46z?_ewsJ)x}NRmUDeczpRv&!nI6}{ETN#T|IPb!=d
z9wp-N94P%oQ*X^uS`c?j)Gc}XTwn5Y*8kIEizk-1ZgsL<c<Gy$?g+r6=xEBi)1_&e
z=j%C>oZQdjNfH4^qqFy;TE6Rx#rV#i#GxUuZCc&L$gP*Ft9Qo3=b9;fEdH#Y@AmZF
z$KznZ#vQSiiYg(F5WuY4V7eHUARW7IOr>ZdheoOs?_uZ)+LOtc^dfF2^MS&+ktg~>
zH){yq<&oaIAn=-*;TB`TP_3q@jfwdqeea8A9q~_~`^rWa8Ei}i3<sXrmm2HC{0Nb3
zhT)c!LoF|@-s?OLavZXM`?gI?MSNex86((oh!esf%!IP4&sq|G`0&e}H_R;9m&geu
zAAYrNae^5D?l+(m0ep8vDTxF0I*b>80@>9U_l!43nX_hKG{&QaGI5Yq$?LNmRj+0=
zz-KPkce($gw3b7s!V9$pb+HF6$Bqv7#v2ILS<$tKRaW5`fLXr|!Kr^Kz#x<8v8OrC
zq>?oRQaygH;-2nL;lPeBt843tDz%L2>pX__<4DUr=~y-w|D~Xc`u7xi>ZJUI*F=!z
zm6f+<<oCGE7jAPBvJ9qTj-;E8)0EcK9L?F)R?m&($AE4pe@1rVH|_636lA8`MFltI
zlc?|qDR)Cb9&D7&Jw(2y5SyF6FI|QAa5bJ&1x%=loaD!fqZ<3tqOdSvr1WRK*@yf2
zT|8Sca>GmX$fO<2fXF1s$hx>V_dB-hLsChXyWQa+igsRX(>TRkD7Nc)B!*~`8a#YZ
z>BILUTf(%fKOLKZ3QUFyIsr*yyz80k>i}8|bwVAuXi!7VYke=mR^aBGiB9;N9Yd9t
zft5OjHE6lwxvf#VA?{aQef%MRAF1@LeaDCXTLpvteI4`<S!y~0Kb}>mcd*jxlaema
zhhLhg%Sc<|-*PcCvntZP|J~le-F<HkO+rGkKoQe%s}$_+__u&@Unk`Y%5f@-dkeE3
zSpoh((BAFu7e1+_G#<{acfo)32bKknD55m)#=PhKJZA4W_OOSO*i9YG`Do)_!5xlw
z`@pShTiG|j-VPoblD*bk43cALWR5o({DS$2-<#*TYK}_L=;j`b6A<{F>s3{6?U25D
zf?akG#K?>ycf6Y^Lm|DJ4HK+KpH%CXCYpuZ{^Ab_KrQ+nynX0z(fj>|Lb+I48;?A)
zg-AZr{|*4dvXd(p`-|!6H@wYY()jNa#9u*@ld`^!VhT8v$~H4zP}fc#cDI^gyy)6r
zeDz8~VzzMtNQnWSSh=&Ar>A^G>*vH8D>ccxiTfK=gPv0@`xBlrJdqp>OI&wf^1i(6
zJ3;!L`JS=-sIeQ#H*iD;;>8Ndj?0l~<>h{7b@~XR<gJ3f{aR(_=?8)KE^04ANBh_%
zO4bD3??wNa<a#J9!B9&e92YmlokJ)>a?8Oc;O8dp^pa=07ipk-t$laZgdsr}A!!H#
z6^OfuGsr=j`TljtzIW)(Vp|<?QTf(9M<+;L0v~CQT1T8@K3^S@y1sa@(2B{;?Xim?
zEe$qz`6<oV@11|DtjNjFkI?mfk)ebjh;zb(O+QXW6v<C7byG&Fs7OWM(hs=&Oq=DG
zKXM0?d+qQOR$LjjX?H=?TYzS<rkNk=e|JNCpi&Zxyp>QF!}R{sW5HXa0od8A+jGq(
z5(AmcijH_cCj0nU%}5dH4lOCEXA2(`5mR|t@!5YtRwSIAT6DyIJ+0G4-D4|T-GdiN
zkEijk)}tYEi|H=ckf7l@xyR>6rz3)<l@`l^hBtUmB@g}@yT+ARkdx30PG{}Z5c3$;
zFkkQ)5+Mq3?_H3Sr_04M5R(W}wYF-z8u~6)P5(I44F4x7gg}CV(gigdBR_49mlhTt
zxmgx!>KWn@kmQdfBretDVgPd6!a^J~`p=(%ALQiF8{FFLJo#IoBUaT33Dr9on3#7o
zG|(~bSn+6Rpy`$Z18~!zH>jtKp;#*qm?=mWAd%CkQfE@<#NmoWX%=?t(~lpQG>eI=
zGt+8+s$*4xHYJjUR#{VPc^>yGH&?kGs~Xm|M6QENG^~=g#o_L4!;rJ0?*me%goE!T
zitpoC%T$N^Uw%(S<wOIre_wu+5yEukm;YtU^`nJisQYd@kJSwS%=uEd-JZ;sR&^WC
z@ceWQ`LKle-1Lqz?D0b1Yrk!jTK)-?u^+v=+c90YML$;k>ATu_z);#y{jfM7b~&+I
z&y{8|AnN*rE)W2=`L#!zXx~SzlPO>4UCBKO0r1Ywu7Jzxzx)<l5@Xoe1Web4)TYL6
zE}}XuQZmn)5C6Zl2r`?)V_5C@qa)PK2hg*!(!LqVABS&k{+(6Q;9yz3m2@tEMy`Q#
zb4LQ%*Mu4+9#RSqY!EUIoNM8>b5&Mj-&R%taut9^LY5r@Oe0)myiovo)K5<rZxiFv
z`SE_+#U}{~{^*M>PUyr|!fJ8ZbhS;#ryz_1wfdv!TNIqwuV?f5|BD5<_2o4Hh*IH`
zs{)V`Fu_#i>eQCSxnj%DO*a^+15EB)gB!})#4#=+-mZJQ&gcwG0P7)o?{oY^YQJ@Y
zm*V2;>h>G}JVZzc5`N%4{V`J*d$2T3QA_jgW0|K30o@564};iJlR^kHBl8+VqdJvd
z@J6O4kB2_&qpPTGxd%^XV?7F2AD}zX!s=!>P=CDgS_Svi_h*TAyR!1T%%G4Qi*oP~
zJeiQn_1)e4d2mWFFV_4BniL9(EGL-~5_gUo+&Pw(ezxJ_v|E1uOkf#sE11Dcn3q?`
z{R_dDT(eGo(C553j%Ae9-Ni}n+t}ckxM5%R*9Txc?Ihv2LFyl#6=WWS_%VJ5?J=M%
zoZEi0fCQB?w}m@I0bc*mDCmrH5#RPj@tCpap@#l1E@QO*m3$?KjIla?0IpnGhMn9p
zG79jsxonSR2f{3a(|LU-#yo!k<XYn2nb0h+<Op`KWxf>^mCdynY+QwgwFB^-7DGA)
z1%*f0$3j-yG6Nyc{mWz0hwU9jW7gFJ$ES$8fD^~O>9)q07C()r)w;1%cuh)E&2Vr6
zZ=M^<Io{T3Y0`qK6~tRBSy?tQgz8S~|33r2sp<RRDh0P>BKhsQBi*JcN+HcyhTmJ%
z&)+V*%yF9F=;VMkDP_?FU`Q({$WAv9F9hOx{|Sx22n_`#g2jiu?<Ic?(#6(@nm`F&
z3d!C#aT50OQb5&JcQIP?@DbA<W4~{x4*jM1rnJ0@Q$ynfTLo1sg-=*ivK@%wbk$+)
zFCRJcN4<~kPEDvKNuc%CW>E%>lYupT&sP3=RD^Aocxk9I2`)zaA@S(39#vLh>&hN#
zT7ZS6s3aodA?xv{Pq%iIz7U9`jX#~KxC7IpmwaLh6i7jdpO2HT*5~-96)vM_p9Ra^
zAp}eoP+c~&dnBr__TYh<>T}~CbIs)Bw=q>e(FE>ef;jv0`oG!A&E_=XH6&4YT+yRz
zALH`QX<7M)|0;3S^)LFqYLgcQfc+gU7Pb7NgS2)gOBcouyFBXGG<`PspNP8|t?m3~
zQ~l!j;uMX#`jZ>t9VorBgvPR*Y##JTpc%``I+gbvo^4HrSoEuxN%W)N#V28m`rZlJ
zSHXa%?jyY18TQL&b=roS$B+oZu0WF7w>DL2P?k&vnk@a$7C<z0(Qo~!y*GDK6oj#@
zEJ;82OF}9HG-8Q~(MIwk$zl@jfDQ6>$mSuMlM@%$>1j93=L4)aQ2+bzg@up7CWIT4
zEubw+<@69w3YBXb^Hh-M;T<g}!;9ekvOEg|eIw*&We5Zp0{KoLtCaDxw6G7Z`bOs>
zLAr>&KkmdITbDA0y?@}8E;U#z`-Q`04v{+p_6}A+$7>SWrtnMgL6R=D>$+(nx(-hr
za{CT9qAuDMb0@#h@$YV1tsinE(a{_^0Iu)E7#Yq<cH7u?OS2zfDfU`=e(Ti8L-8Tb
zdo{sa0QQYih@VSnSTvQ7Z8D5pTTMdpN-U-0$8FqjSnuL@&L<_4<!%2(q`E!DR>xQr
zyGdZ+ZOQPAtbo;oben1<vcA4<!q_rW;@urwRn;4I(B=7Gi3xQ2xPgxEZ}5eI5Y-*h
z6W<80X3nO;gQEckAt8Vf=A{TYc}4C6@%y_VF@2Aa<9a9G4lfCJBqZ|wvj3xnO=>O7
z&_n%YFmS-qT#JcmO=g4dprKWoFSh7Z%HL2Zysx}Kw9WEW{Y^qn$@{IUN{_F!<{J(v
z4=^iKi~^`_HtjEOg-YLd$_1kF%L%s6oOsLzQ){^z_p2C_2p|CK|1V7d6!7QxjX~sW
z^uQ+v3Hx&N@eU=mT_wA|B|r;bpehHBwlJUh0nw?R#A=K8IuM3Wscp9iQ=ZU?OXS)~
zg+c7u#oyVLMKFm5tYFDT(H&O72toOMODBLe$dvZ;C#=P@Ta}@oNdlNj2*@IzaJ|rY
zNg7!CT}^Dv!|&A#WvqZ8$EQ(RwjFKi$mYVx!7e)phQH#Uq?-E8E2&WvlI8dOh9yr`
z&;5!Gz7OsvT893Gs+gdOUb@0x=tD7oc-gY~2iP}Y)2D;Okqy?)B&~mvBWn)}%T19y
zC;INulXzeP4e;#x)i_2w^Uz$oPV<2mY3w9PTV;*$RdDjw>2E43vha>nDNMX4c1e#z
zb^lH@z4g<c3XnB~V=aN!)^x{{sM<MMg=(PTffD-x031)D9*3LbK!@maS~xz>$gr+W
zG(R8DHDl<}?I@qUrVr5gv}5Cqwj@JY1qG#np2ig-P{e2d&}kr!4Z)_R;sd-<uFgcx
zV<j7Wv50}&&2s=%$0!CnWYpBfjZDHoe;lSh{^Z&9Df1^F68p{}ORUis=C7gxyT;qU
zI_I{SbG-dhTDsPrnArbtO39MP?T#p6{ZkCOfS!OuwR_>elozFBuw~(Sd3B{Fwv<JB
zMbheoi@xgwvMJd|rTmI{gyKa6!dng!xz?AXBXofxVl<Zzy4bCcUL2R;zR|&|%f38n
zQGVr%AN-gTxYAlYh#io+ym!Z<;0LL=>*e%<TP@_Z@Snl+Js1j)iO%+l?-Lgn@@H87
z$W(!n_u2c~uU=j4^AZ?Cj@!e)t?i`;m%!q0-m5(AZ_$b{l`kbJ%8vhVQ|5m4A-)Fi
z3)w-4q;m{aPch_tC(G;kY}d}uiMELu-Zb@J`p?;38UPEl(W<T%<k!@QfKotzS0qqz
z%l7&wE=HjLI>?ogg(sNxGj7z*gY`H}g|}+m^3Oe&0i6{2X8->5znH^EAKb~{-(O8>
zsz0U5YB`f#*EL6NPlez~K%T%AN4_Fs*Sn=}wAwf(E>5#gyj|{J98Ua>yN!8En=M)-
zF$VoF!nE1vHX!^?S;WKuT^6aR1xGrJkt5wM>0gxMFCP%*i$At5`oe_qmbUN{mQFb_
z;x$(EA-zm64I!Z=i!fC!Ev=m%eBAiQQFcy(l~y`FEk7=L!<8n8i;J~&+E}}8cf4pL
zKB1=6b(DO|zM$=V+Ip;N!pewsE@%GGz4)81g_ORAN}JBj1kH~TUc#>0xSZzN&m;Ye
z+7Y^`v|n5fq62*QTj373x2NKgES|HNX+ZJu5yA|Rw=?S}lK{tH2n!G!w>*W<$Ja#9
z|K^+L`O6)#gWtvXKUoY698}JOZxl}Mq@*B`pjW^eGbKSzrdK5`<Ad>PH29436-MSi
zon{vor?AdnG2Pk;3}`a3xgtI{p%8^KHC0m^0U<H|VLIpK{B?E9{Z6#u5n$QZ{hZ?Z
ztoZOKbnPX|D9}<2jKxO$XQoKquk+o;gqmo%E<hdw%t)tt$XoWIaR5F)`S6$ghVtfG
zI_;$N16A?FNJ-y`4fSu-Uu~Sq0CNpMdH(L3z^x$uGGBa|aVP=ER+0(17UtdE$HW4l
zz3;&03mtgQ@9+1eq30`BPXX%Hf<u5_v-g(fyF5AAsd?+IccpqR&VZooSRX|VSeb<-
zZ0utjXuhJgjm=%2;}TdB;x9?zXU|LcpVCr=kHSs##IkFe>8&r0b|Yic2)<krm$L+k
z(DvfeR(&TJC?WWUI&cJb-Z&#6_<U^o;db^M_QCrTl@=(~H+%`5bO9Yx-?E%_AnM_J
zDwpwaac$B7&h1UtQj{9jF`{^JMpIq$?(~O-&@KA1@b$fF-eM=#GNa2a);Us^Y07g^
zS9{?{SxPzRbz2<8hmCt^FYKmk_Zqe?Mo3H>-A}um7jBNz%~vBz0+^q3fe%Z|oqlr4
z7xJZLWk;voJzV0xi2l|O?1_PaD{oifTb6({8q3%{P4ygOz~!b}>9WS30m#_X%viTT
zQ-a|AT{XaQV_idUIMOvMxr@o&S<iNj3}FMr^Q`NtaXRyE9hm4}TFrOeg#B1cfxnUP
zHQ<ir8(z0!CWmhy!4ql*$j}hSb9#DDS=swGe6KJ63#{PFgVR%d>@@h9wLM*JA|W0)
z5>}KS+1U{Dr(1-wgUDA&BzPVg$6P+{1T~bM5~Bf$i$Tn_(e@8KKDVc)5l&Zo0a<(a
z%<|GQI?WW|^bBp>Jw>1c;aglGuVGk!4Svwzlp#hviZ+NV@2&4cQ2|cQB!+iOOCK;l
z1ft>5%(aNH-CLL}zl|yW8r|AjITQ$0^MB92^(7!6uBhta<EP&&lvGyvo<SrQ$q9Kq
z;JD(SAByK`hYpSx6$O9cydc;>rBO_A_J8YAn}{OlwYlT!YgAfBSwC+`Y8V>oLHjHm
z^*KIBN)r|kwoJmCu|?l6rEuT=wK&C9I)9c4+%R!@bWa3vWoSDO^c+J8(SVH;3V=${
z0osPOIrjrsG$wN_-;D8J7zicbQ@HrK>Hfm`9_N$LaJAww>nw+XM>CY9h&^|twGh>b
z^@gg>-ThP1i$TCOc<{i0BcRqO>(z%xo(t<kzoh>*mpY?59&Yo^M`X_Va%*Cqtx=}2
zv&uoUgzKw!!iXoA?&^e@@>6b`rbG3*$PnqUgHJ%t1hntr4p&yt(;HBUBBC>LeQQjs
zb}pNZ+x_xTKwxUh`;u?IYR(Y#gSfS*$g{1+uTj;#t*xhL);`02BwwRA78sT!RKUlR
z`)&w=^is|oGU?YBm8$L%_c`;nGw?TIScmiZLpo;;K6lhC6_el5|2R8*e}w5&?|m%l
zuMbs{*Z&LC)y>*WQzl8hrn3{dF2#>*MC4cYruBFIg@GZM8D(N8SbN-sc6a8Q?R4j>
zaR=JF6HbJ8;*@M_5?Bw<va@TfU{1Z};f$R4awXEkZWD{Wjz2McJ=(EmWQmU8KD*`c
zN&tU2p2Ll(MF3PoP^Upa9N^C|q{vH1a7+L!XiK?ig8dyR+y?pv=5z8UZ-?)0WYYbS
zp{}0(dCoMcoCon=UnBZl_&?$$04{H={~3!Ah-`ax^uoYA4D;S(Q$4%EA5!rrR%{8i
z1Wo;XVZ~WEwf?zQYOB4SbW|Pw<-|YJRiEF-2@s_j_vc`nfr;^x0VR&UG<rI;s7E4>
zkA<lgCb_D;C!f7*3;FOtDguq)nc>NLMGsnckH)u0BC@j2h^K*EEk{p;-zlRvXri89
z!;W@E8p5{vZ=dY-uP@e8@8kYfeiC$7K9v2<FQ1LfOyOz%DLZkBVe_QHj}J`hc@)xi
z^WkMa!&2f_v<W+^1tJ^nat#7ZX)nL@W#-D%V9FA)!TFK)o~CTS@gunWdt%piX<*G=
zt*vW}UKc0+SLEgl^QTt1<dSEz=Z!{}-^%33!)BbM4Ce-w6(Y+9()jr6JUEA%yuJ>$
z_(8ZWrfo}0A$TB+3kbNZ6|Vk3Q<0Q3H|H<$PBy|h6z$LSy9)ZEGm0?xv^R2D4y%sA
zw&ATsK?JTy<r1v5sO2S9^~Ml3E9d+Nf;o@0X4!3PP<tMA41#;F+=R*cexP-wB=fsl
z`Hao|5-8xTZXPluwQ&&hdBK-t*_Uc`xmi6CIt_1Z%;?X$o<X3zfk1ht@_=4>cGaIh
z8&y?~$xj|W<scE4%}#Sz6Yy2P^)ixx`=02WRMh_ci``iu9Q#K2`r>>~OMPWELsVp(
zH5CuAoteq>YomaJu+e4rwkK1fG{eL0-tA3UMSEK|)}8^_0f&-r)4X32_zhy#GU3h*
zys&R!w%;y|KcV=>9j|__va+$UU}FG{Ul`(Y5q}Lrn@1oH$pLIglvlIMn!bMrADL0z
zHMQLKUI4MaN7sw7-87Cw_zn`|!}TAf3%@I7F)pFZ-)|;3{EfoH`=VA%78`^}^gT>F
zb~sq9><!C-`XG<pz@s^etyY-=MG3l?&@xV);lb~2Hum;DKDKZg>awIH(<KAW0=SnK
zZBFKwRFW_(WVq4xOuhf*Ct{FXTNoO;pgcdim#fpsF)B+knLi-v7gJRg@z28+)xhz{
zUbt?ji`lg|V79h8UHH%r0cNn%jeH^*h4rWHVO2cY`Ali0g`w-eVuFGaSOwnuqWWf_
zi~^^>2wMP%bIV&XiePMvm)8(F@>|5-|N2}maw9=&6egMJY=7L~CKa7uAeD2IICLk7
zySfw2I)@Wj^b^dw#t~rRN!Q!zn42>=|0(QPatsp3#3L{>3vL6>t!5S>Z6SDseaVDj
z>B2IuW1y>l`!=MbLrIhzi(uodH|0SkO@r)Uhm9x^uc~H3u98CJK>D0DLrp5ZF4(ZX
zwy#6-vNai}0E_I3q98NifWhNZnZB~Jav)>bXT?pDF?kHR{E+opxhJ}KYkaax#Z7zg
zusn;;nd4;WUKYExFbOnL7{|I@uxsPk!`**V4U(4!yWFX<gY@-LQ)gZMIoc^I($T3j
zFEzZGXK~*OwE>?!uV!uwcMlXG@*p@CRgvjHGOkHe!)=%J$0wXQQI+Dm?P(n*wH~f-
z-xkKob2hu?u^%8?uFih`99D&0(_Fn5dU*kd8CW%<5d`oDpfg1^G<?D-K#5(o0eh1B
zcil3&QuWXH`g@pz2=GOMFi<N&=kw+5S68IQY{Ff8KyGrHd!TMMFVFw_ff8txSY)m4
zl$Y7PnDSf1wJuxw_)#Iv+2#DKH)>tnah4jltg-yLJ|Qr4kOlT9o9kE@bKc>h(xI@^
zw8?Eo)^MrK+G?lO;t-m(BEu!IW3HQr>;ODuX)2r--yj{+)xa7F+>Y9r;gRJ-B5($+
z+?iM6@z`DJ@bd%K4ZIV7jvwUZt*!*MLBhfS=QolFyEP17VL9&SvpRKqhM(A<zJ6^H
zRiMWS_V#hhD1=@2l7|Nu7PFF7>4pgk>FI8}XA8KLHI_l6e=R<FvcAVGEB&i?#kJ!X
zq<l<J;DKI_iq)$}<kPb|$8cMq!Z|UTn@f<vk6a94VS(7$6)2j$CE(>{WGK;o<+`0b
z>p!9ZQBV+G^0bs5QB}pGUaGGuF1`=Q+|OzppipQ@Z%;9lnXbX{>z@-OfG@2Li1{Q=
zsQ<2_78*^z<=&VtLFa#6q(;&ccxPjy>Ef->ojaB0;Clb0&6ntPU1u0s_FE?WQ4JGG
zD5Qjj*U3tM<5&ObxFUTrG@MRvl;PdH>H8f%_Phq$Jb_H3`Cyc4G$*n*gN=j7`P8In
zc-k7zF=4W=cjfq1<hG{hsQ~pUKj#=yb0{($<yH4qfKw_eT{Fw((DzXE+a-RqvZzNp
z>Q^jcyLv+O!g1_rwnf%#JxWUKljQk%$j8{&mU9D+Hx*9wQi9cGzv6~|alVs~h!z>2
z%S@w;-1O$Zm~pvinGb-~t3+|KXkZsl`Yi(KZEw`U=yfjae72sx5?DygiRya!qCI=i
zZ}cwgb)Q)m{q4HSf_Qjsmj{%R4{zWrrW*QgfEdf8V;CA~8;HcH1AhQ;KA#%+I3T5f
z8^Y(XwgZSnhCvVB6KHPzc*)>A@7E-HDk!?ta4u7~+o`IPLhw;VPYzP$%ovT~zyIpd
zW73{;KH#Rccqh|jUC!uR>7jQ<ztCQU!MSPM;em<#)z+#ypLO;Wf|b)lkjD4(#3Nrv
zORy;bv2Y?oKVHTTYj%#rilQ(C9luv>;rGv3wT_F|d^SKlGY6I>J>g}ZqZ}HLAEO!?
zU2wog0)`k?V_U!15<<h&u=p{7b>2VC@&b_`Nt&>}$l2rPS6Zscs-mXm=O>F3Gas;T
zY(l3Z*Yi8>_iu<ltjx%VojD2$%Y4wus!8DHs?CN%1T+~KBt54Zuj-Yj6+NFyO)b^S
z=x_E3t6REyYf)>X%U>dEnp+TkBpi+Cq|EaAxV{)7cI^dCT93<0iwS$4@Q!lVz`|Zo
zzJqJ}*I0}TUopm^ry90;LZQ427yT#Jf+$lx$^vVRKrzEnL|JpjF<-^Ka9OhAV-0qV
zY%LN0uaGNCVhYLg#u#k-!{du9$()ONP#@0l7#;}&B<!vz;M#a~4zsH{+zO+hjEmiE
zD6Zur0-Cb5=Re-x#F)Xa<)#>51smz4WXw)?+Zde<cO|LfEIKE|S5;li&La_vLi39|
zaj;yrfQGHDdKA1E+UXNu{gwn;#F#W{WmS(-q|N1t2skB;+U}%WrXE-soD~sXz5C9~
z@yZY{9Y&z%=C-<u*VV(>sL#mgAK=6l&F{Zct-bp?bhhy{#HnTeeG%?4Y}w@+*O9AV
zghmT0>QN;7eBNKkL+|>i_H?3Qz(0{D!*=9*q-5j|c(oiBZSKW!0Ahar`b5fQ`4hFi
zhtq5%^CRqwrEvS>kM~;_GDTD+b5vivILIkKDb<zD7TR^J7tVb7m_S-yUbbSYtloTY
zE|Rjc!rQy7=`#Go7UPg>ouMLces35F)`>5^81VJ<s_$7vvKjR+&ztuy#78`Bw$aSi
zVf?6WrL7T|{6O{g?Tic(TopZd3_UhBq_mV-k%57rx@!O6&qja$sCsrHNwM2+B0AW-
zJtrH3px3ayQA_&zC`+;1qPXa#=_yYA%DfuT<{&1<>sl$@G16W~V%!3@tmP`y)S?@d
z^L2;g1zAkq>tEpx^9^n#BpP&1RYVB-`Mt&Aj*DNONkz)k4|1u5c9Ach4+$HZIjT#c
z^CBt*DK`DcQ#`e7Hl+s2IIi~Gs_G{TnA;Z0b^Wh@$ANL~0q+zsb2H$8b9{KYGfy-&
z&cqBgR2ZGJujbHQIYyPZQNGv@jlRB6s$9l&G4R<rJ5*56GBB&QPAvn1vOp-jPXFTd
z{>AA`rR$uqC?@Kle<wX#@-7n-5uuY74@({u)yg$-W5WsZ$Xzt+!>g<F<*qTRS^a>e
zoak&7+U%ju&W47A0|A%7R-_0HveFeO^VQUtTj;ShJPKno0_y&R#1DbvUaI@y7~;`<
zI@J~IDYu#i{eq^t2Cjr#g-VZdXtaY8K8==!PEeAnyDQeKT&ta(CRoi2!<rgrmV!hQ
z+8_ctg74b*+Dwq=$9o{UcU#-gi%Z;22DI~A?S^mOSXn*Z|3I^EfjXau#n$8syGJ10
zmnn2kn%X*kUUL3ukI6F99G|qToU$!Y1oD2fH|pM+>g|ZJz&on4GCUp}%zC1SEG^^3
zK*KBcL|6mCIPXzZ)RL<X`+azfI-Q*Qy;Y!u@)|%C#QXZ=IIV;dfM*dCFE{__P=XE<
zPrgQgm-(r_2YMM*S<<u2PLY&i>wcTmHxN3pQ<+z<jOLGaG`EKHE-yJ@@;o-0y1LJ#
z<Kwt}+@C;rOeGcj2MJWHH#M|^+aTE3GBQI?VrDawEy;X!3u9*>ZHx`Czh3zpFyjQ@
z#pI1FY)q4LIsW77u3Oq<UrFfZ;j+a4kb-Juc$P%Y@R5p5@fh%ORMATtYw+X(|Mb;>
zpQJ*@8jR5kn0X_wO^N8}O`D>ZCsWgQ+>6Ja;ouzY0KK>)TeoZ_ePQMaH6^6bSq@F)
zQPc3Sp8Y8@I&8e8ei@G!)s?3r##9*d^V`Z9WMe0X=o>O~S)0+2lkZIl(GP2T*M#q|
z$>I4=6iz}%=Yw$g(3@(a41N{0xO92or|q+smrr!~$1(U_M8x*CV=`i0b0QKX_w@9v
zHkP4J1OWGxf>BmpUNH(1>Ut^eLZhVaE1aXUOF)Q&q?(zXH823d+s8*OZdTEC30PFh
z;tUn3?d<&i-In(U|B<}>#S9`;G5tH-q3%7d8GHvc91yc>eJDh2txyIhOy9u3ppS3q
zuQK=Y!0LhL#nqlaNdH4=uJ#Y~hyn|9=!weVZhpJ^y&HG`{uY7WgM8s?c(eWNP|n82
z$2ZkXOmlvG_+hXsZ=lMKLU~~T?+3?JM&5*L>nec}btSB;TP$XBxIn>OK_Oikd0yYV
z+~u`f(Ag;s!3xhSFaP?rNthYYj_rRHtfn&4=6z`GzZ=eJIP@wsO(Crgaa0Slb7!D;
zlBsIkZBUk}@<N&S^7|%Ro*y~*yR6D)_t4;%dBgP!A0mGVq-&TsHxUgdrT(Bk)u9$(
zhSuk;k5O$GC{hb0ettPR=YR4{>(<HqwSqju=Jq{|*w|2AUA9Dt@Q<wMJbZ8<jpWo7
zec|iRS2Ery`3QO0%_^)~SQd5c+{X)ns2Y0A?l-(4=u7LGh#MVkhqSG4E~OOvc!v@Z
z-OFiAoAB`o0}eL;%QfS6=&2O_RC_=wPN<2j^VC0on1_X)FzVR1=)zHZgovo_ep+PL
z2s0yLuy|@>?DHlns)vCOHc8~%UqrJG^fPUOouZ=RWNf41tb|JV7k$F<&hlZikDCZZ
z!U1Q%6bx1|ykTn})#ZbGGa&@599l9mkH5Px&pVNl8tK@Smc~en2bOVazr*1EJ7X_>
z<&z<(w_3{kkq%W=y&1(;F`;jKPiP$!6kqUti^*1L`y9JI=d-oN`ZT?tTB!F^ZlUGn
zSxt>nfFQ-#q4diBn>j&mB9E(!)>ha>@Or<{KqfmYaOETA*xsN`6@wKP)+PaigT<fk
z(X->@)6=Dcq(grTnz)&)?}+$Ko6rinbnex{y{sw;GXzFvE|7=2yEQM$2p*ehl7KZi
zo0&Bbw#X>wS?|e}WPH_Y;fYZ?Ha*@+E$pf2lr7>@$I%Kjo5#GG6)j%hR<V_vVmH`C
zR@L;U6>LF<3T4~ZR@%Q^PR6JLPVF?1D{g8sXzY#p`=~z7#KD!54Fqprjr!`))T+lh
z%Hrwjn>9a~oSK@l;rQ@j6G~Ah<tg$%TK?rB5SQMB1eqc$4lOCEXD3JSrk(Sp3JWx}
z`)V?fSL)+>eUVl?etxNvZ^=AnHPqA$MSYHh_S$`-aY^D6ABo!57UapK#OF$Co11lf
z^Gj3cZV}B+;ci=8?g}&SkAOr`)2DLL6A3s4PDIl%gKw$qt?6WCpGS-ogz-dL%u7oz
z5cSB&kdwz?shF5Z-h~zvpuD}kd1Q09UZllC+=Y^yY32e{iK1U=a*Mcx9mmjr%2COD
zpv#`OViDYS`!<bIE&hEc>=Q>%M`f(+*4CRtE(O{8&T8zQh)Aj=5C0^*CvWN0sk%(E
zH&eu>yf;;1bhfXj(!y<agJE-b+-<IG3$M#@<AmG7RfIFT>wfeLxx)^UE+z`H1=U@k
zxTDeS*YW8-<@B_(^Up;~9x8v7LX^wzSkJxVgQ{Aoo3px+kKOCG@zVPGogH(jzZNkB
zHmW!(H=F$jU>D(m#Y;Z?tNu49)GgZ%Zf$e(z(IXiyW#)XAG`~H4{=FH&a?sFM0(=l
zZ@p0#wtjxV(tTCrcyvqy6f!PP2g>I@fIJ1`*7*^VB1w`jDIOvsqTk>%_B1nh&VB;y
z$gYC-UylU+>Ko%>2}@U0EL&SUnEyrt8Ks(ix|*8V&u&9eo0iylE)dYIiN$efPj>q@
z!hUaaDa*7!lNeYAhjK$HKgO%NyJ3H|60fR8&SQQMmoBn0FrY$k2K;s^^z3VsS{tOz
zf;P=8E)Y$WQ<v-OZXP36b=XvKK*O}@aI@HS%->h|S~#i7sJ4Gw`eqFpTdNWKvyo(5
z0&v#c^!z{%-~2=1gL8FZ(efHvJaT9`Y9ipvFHjGIL7~OP1zqOAxSOJSDmKo=Syc`5
zZf=$K@Gu*w))1u#O*{)4tYVbQjaLmd>jCBxY#eKQ=)k~cF9G|N>+x)LH7HF8oT<zI
zUHWJQG}1iLaiEcKSUNtw@;2Pe@fn5RwclKWXL-GfL1?@<7Vr|!8Q^otZ$pl%LCnm=
z3%x#YX5Lh6Zo#g2uN{$N&`!~Dxi&G+lS{C>i2JT_iyCPpw0-rrOu-QqtuXYPo3VE>
zRW<Yqeo$g`v9wxqqwLhWuv3egmg6KOl=+Q)6;=#Yx~c1&9yAC-J;qC}PiZRYZ+w2<
zZM@$D3}_dyanJ<JY<qH$24wjzN8Z7mo~DWt+AAq5D<fH2=FR`-T8xEhhir+GimP}C
zo^Y%|yP+-JdQw?Ao+d@b55z+)0je1oPh@Z-)`x~NH{5-|AU@s~R`u*jL`FEfR)bec
z3LfyTSY_&GrsPnm_2Em}xVk{}MM+_?1fMM8`?Y++30d};r`+-4o7q2E?&}K+`#L!I
zIbTE5ne;ucO()kVD+A+@Qb0H3MW*lYw&l&JjJ<X0D?n8tJg>1ahn{SEcMb68)+F6n
zZfs1up1Jy27S`3Z`1d4wp&A-`qkzW9&5Mkv?*T?qyk=fCjaU1OB?oo1?_7D?vrwL$
z7^%>E^b`gS@p9jhRP}4{>Ts!H64Es4Fde2f#P)m4wE+hk7ycRtF>fBe+Pqb8Ou?|z
zAt#K9*DU^xZpib9#mGpE-;zvoi@lcTg{G#t#qm)p^<Qrgc_n)fnXq}7zsLm8HRBP=
z9NL#&?N{85Jv&);b2D@>oZIuaaM%B5fX`kqq%tR8TvSwaN~ZPM@2&s(rR*X<>z-Dx
zqF^XafL-p!I&i<qzj+EN|1jP0Y9e5jS8@I4Dp0<nNKoxga}ag>l1<0CH%R->Jfl4p
ztc^{Kzwna|O<+A8LOz=ET|f(X4X;rMRhAAVHC$kc5ESg>`^V%AEtD91I6rS~Wf?vm
zMQ53T{+agWGqjw=<v*8u=f10}US3LKcJ9It65s}^MECr6K!l-PMGd5ZW0>PwL_9=%
z#$C_Az^lGZMa|S5^3MhR^L6=t*qV%aYvAy3Tgc8)6%WgU2eo$ebVN&YK7CO(COVCY
za&KY#fm1Q^Bpef_(RV(0%z$)T^=d=Oyo);qYiO7bLxsotd`HyC>vVgH#@E>WKg;Z&
zKX3jz+Y9HjD%PWvv*tY+mUc&$w_K5PM&O`-Zl@S;KWAI3$MzAqmUez*HwW^BAMd7y
z6!gu^RIO9tew*?0M(PlTpnSW@A1=A2hIa0*%fJv4?0@m#)F&c)`frn+^m!gxh$3gY
zr+a-aL+rt7lEC{H9%WNb3Tz+|cb*r$aWsSmB&f<}H#A5?MtF7>T5tTB($n*qvMZj`
z-fNrj6tmhGmZGt<>jS2~rQ?=WUw%Bh_o48+GO&xo!9CTn=i?-0d&W5&_JnA$jO_Yi
z09<nYNWE3u6yd)IB2OaCqeL%!P!HDR$r@iC2ud{9$u#9ty^;5fg_{l&$G&adSXs3k
z&$$e&u2fa0Py>;m|9|~>8w^456s-9wDlyB-p0(n8LiRv4FNY+&eh6JZ>NaN3<L40}
zkA9|i|NmRSH^}!8?(~Uo8pWD2MO$4_z(KJpK3<w7517K=Jive<8S;nH!7`O#X#MO^
zG;2c0qJJpIyzAc%PR|T1%`wp)sJXehRTB(7VNP~v?A!K46OBTQ)@Xk={wLG@=QE#S
z67@O05`Sx+N`3oBebDFU^ljTu{ym(0R)*BYz+B(UL*$g2OXc+P$u|CysimdwQKbWL
z(fm(x@y|OXe^T{18iHsb{QidmANgIvp-d4ZJT4yiwA$H81dr&ba7|Z&Iv_yXFpABa
z(8eC@Hs(DHT+j5W3(ltVPy875fUA?`x*wDu7|uqrJmLKrn#K8yOrWm%--2xPg-}v)
zZaX;m`qR+{0X4IePLBbRn|g#IqCW#U{XZUC>9}F${8AT0y<qP;S*`|9D!i^l_Hr8!
zTUJfm$-(i&xCeMrbc>EEG4bM-(+8{KSgqLBEMX*^YZe13+=fn((aNDoG=A;S$}&ap
z<Q(k*H>S42B66~1fy&0lmX`AJ5;ifhEBct(-Pl;;eH$a-rNvVG&9k^}X^Q}s<uSVo
z>d9VSjUGl;KL5U_H}U6vXsCYK@UZcIj}cR>YWMuL=!?>$qs@jl+ND}X%>e;sX727b
zHn!6l_qw}tN2_e0b~Zv@&qe&IET(LS0F)o+)K^0TPb%QrQ_?a&JG<+Vjl)1+q$Dpp
z6|gO>Wnu)SXW^fxTSf@Ne#5<ln*W(6L<o2;wY0T$Deh@%;sE2<t%<ID4HjO7i7=r3
zQslKOP=H!!ovgxDi-b47dHsyvA}W5UFup4asc8@`0T)--nix+^5~4burwKp$_k|gQ
z&_B}qpJ!JpdTj;c!yarv&!B8_=M@%h%R$1lE_7mXvWDG#=cl^n-y(^}e4j*>$9AaQ
zmV(0H%pQT@<FTENPlHd8!vDv6E1!lTwE#P5Ys(1#?yNms+vfvlz-s9Wy^?7}YzJq{
zFUD}##j18S?nwCGjtuM~FCL;QdS+>>mlTWm(1OUk`S1-O_c2-X@2BLM-_2q{u7Z92
z{g284=fL{>kF}i~t-WE5QFscJ6xLQcl}uo~t}Cd7q=D4KNmJp9(-Y)m4F?8un#V31
z+aJ%s*7>U!H9P-yxsnH&iIPgX@fGxXshT+}Vm=epOCEXuLI4y=4I5R|yuWb+fw*kj
zXVvbL$OuF{=nUliO-tO|z+ntW-SgkKwN4uRF|Kcao<V2b^?Z+Od_3&z%<|fhXIscw
ze0e@MH)3KhFOV@}t(^27_A$=m;?$W+y16wS{d+{u#vTs|2TQYH4A?c=8~7gc@IPrE
z99($3X7cd_C%B@bp<%piHOSGzLim`mz4@5K;H=c4x`v6l%SG(pV^KpV>QloiNC^uS
zJ$WqZ^I3Hy=y3y5G7I|6`sxB;&?{-s#wWEk6SKs4+Gn5WbI{SzE@@<6=0sCays+!;
z+t~_NI{%-)2Lg~<#2an4*RO%Ws_rwgG|jZs5>10zZS%fwMM&=q#mo^B<EEPgnV(8Q
z;p=DctK8;=rR7$aD>B6zp+P~!tR^G>HeCBL%G`^Gwp9Fma9O}>coE!X0{|1HqYd3{
zjHXeLqx8>@hhX9#B(IYi4pup8V?igtq&V}Ro%e-OFZ{e&Z9KI%*^ci5I&kjNZA|?2
zEHsf5G2mlDCw6?|#K8{pYm6t6<8N{@^}9@DN3FTJrJVndZy!_E^=*>|%mgN;y4ss-
Nm61?{l!+S${vSV-nDGDr

diff --git a/docs/dev-guide.md b/docs/dev-guide.md
deleted file mode 100644
index 026c79297..000000000
--- a/docs/dev-guide.md
+++ /dev/null
@@ -1,68 +0,0 @@
-# Dev Guide
-
-The guide provides steps to configure your local setup with running canary-checker.
-
-## Set up a Kubernetes Cluster
-
-Before proceeding one must have access to a functioning Kubernetes cluster.
-
-In this guide we'll be working with [kind](https://kind.sigs.k8s.io/).
-
-### Create a cluster
-
-- Install latest version of [kind](https://kind.sigs.k8s.io/docs/user/quick-start/#installation).
-- Create the cluster with `kind create cluster --name <cluster-name>`.
-
-### Install Metrics Server and Prometheus
-
-For installing and configuring metrics server and prometheus please see the [prereqs](prereqs.md).
-
-## Install Node
-
-The built-in dashboard of canary-checker uses node v12. Developers will need to install the compatible version:
-- Install [nvm](https://github.com/nvm-sh/nvm) to install and manage different versions of node.
-- After nvm is installed one can install node v12 by running `nvm install v12`.
-
-## Build the canary-checker binary
-
-**Note**: The following commands needs to be run from the root of canary-checker repo.
-
-For most development work, it makes sense to build the binary and run the operator directly, rather than building and running a container image. With this in mind, this is how we can build and use the binary:
-- Based on your current distro build the binaries: `make linux|darwin-arm64|darwin-amd64|windows`
-- After building the binary one needs to apply the canary-checker CRD inside the cluster: `kubectl apply -f config/deploy/crd.yaml`
-- Once the CRDs are present in the cluster one can start the operator using the binary by: `./.bin/canary-checker-amd64 operator`
-
-The above command will also start the canary-dashboard on `0.0.0.0:8080`.
-
-Now you can deploy the canary-checks in any namespace of the cluster and they'll be reconciled by the operator.
-
-You can test if your operator is working correctly by deploying a sample Canary (by `kubectl` applying the following template):
-
-```yaml
-cat <<EOF | kubectl apply -f -
-apiVersion: canaries.flanksource.com/v1
-kind: Canary
-metadata:
-  name: http-pass
-spec:
-  interval: 30
-  http:
-    - endpoint: https://httpstat.us/200
-      thresholdMillis: 3000
-      responseCodes: [201, 200, 301]
-      responseContent: ""
-      maxSSLExpiry: 7
-EOF
-```
-
-You can test the canary status by running: `kubectl get canaries.canaries.flanksource.com`
-
-Sample output:
-```
-kubectl get canaries.canaries.flanksource.com
-NAME        INTERVAL   STATUS   MESSAGE   UPTIME 1H    LATENCY 1H   LAST TRANSITIONED   LAST CHECK
-http-pass   30         Passed             1/1 (100%)   500ms                            7s
-```
-
-The above canary will also start showing on the dashboard (at `0.0.0.0:8080`):
-![dashboard-with-canary](images/dashboard-http-pass-canary.png)
diff --git a/docs/images/cc-blue.svg b/docs/images/cc-blue.svg
deleted file mode 100644
index cacf59fb6..000000000
--- a/docs/images/cc-blue.svg
+++ /dev/null
@@ -1,3 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="90" height="74" stroke="none" stroke-linecap="round" stroke-linejoin="round" fill="#326ce5" fill-rule="nonzero">
-  <path d="M85.4 8.0195c-1.5-.2-3.1.7-3.7001 2.1s-.1 3.2 1.1001 4.2l7.2-1-4.6-5.3zm-5 1.9c.9-2.7001 4.1-3 4.1-3-14.7-19.1-29.2 7.4-29.2 7.4-15.5 7.1-38.2 39.3-38.2 39.3C.2 62.7194 0 72.9195 0 72.9195h.3c2.7-1 6.5-3.2001 9.9-7.9 0 0-2.1 4.5-5.7 8.1999 1 0 2-.0999 2.8-.2999 2.5-.8 10.3-13.8 14.1-16.3s8.2-4.4001 10.1-6.3c2-1.9 15.1-15.1001 15.1-15.1001-3.1 6-19.3 20.4001-14.1 20.1001s30.1-18 30.1-18c-2.4 5.6-19.3 14.8999-19.3 14.8999 2.7.2001 5.9-.2999 8.4-.6999 2.8 2.8 4.5 3.5 5 4 .6.6-3.6 1.1-4.5 1.6s-3.1.2-3.1 2.2c0 0 2.2-.9 4.4 0 0 0 3-.2 4.1-1.7l1.9-.8s.4.3999 1.5.3999l5.5 5.6001c.6.6-3.6 1.1-4.5 1.6s-3.1.2-3.1 2.2c0 0 2.2-.9001 4.4 0 0 0 3-.2 4.1-1.7l1.9-.8s.8.8 3.3.2 4.7-.9 4.7-.9 0-1.9 2.5-.5c0 0-1.9-1.4-3.1-1.3-1.3.2-1.9.5-1.9.5l-5.3-.5-5-5c1.8-.4001 3.1-.6 3.1-.6s0-1.9 2.5-.5c0 0-1.9-1.4-3.1-1.3001-1.3.2001-1.9.5-1.9.5l-2.7-.1999-4.5-4.5c18.8-7.4 21.9-19.2 21.7-24.8001-.2-5.7999 2.1-9.5999 2.1-9.5999s-2.2-3.1-1.3-5.7zm-5.9-.2001c-1 0-1.7-.7999-1.7-1.6999 0-1 .8-1.7 1.7-1.7 1 0 1.7.8 1.7 1.7 0 1-.8 1.6999-1.7 1.6999z" />
-</svg>
diff --git a/docs/images/cc-white.svg b/docs/images/cc-white.svg
deleted file mode 100644
index e07c1a3b2..000000000
--- a/docs/images/cc-white.svg
+++ /dev/null
@@ -1,3 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="90" height="74" stroke="none" stroke-linecap="round" stroke-linejoin="round" fill="#fff" fill-rule="nonzero">
-  <path d="M85.4 8.0195c-1.5-.2-3.1.7-3.7001 2.1s-.1 3.2 1.1001 4.2l7.2-1-4.6-5.3zm-5 1.9c.9-2.7001 4.1-3 4.1-3-14.7-19.1-29.2 7.4-29.2 7.4-15.5 7.1-38.2 39.3-38.2 39.3C.2 62.7194 0 72.9195 0 72.9195h.3c2.7-1 6.5-3.2001 9.9-7.9 0 0-2.1 4.5-5.7 8.1999 1 0 2-.0999 2.8-.2999 2.5-.8 10.3-13.8 14.1-16.3s8.2-4.4001 10.1-6.3c2-1.9 15.1-15.1001 15.1-15.1001-3.1 6-19.3 20.4001-14.1 20.1001s30.1-18 30.1-18c-2.4 5.6-19.3 14.8999-19.3 14.8999 2.7.2001 5.9-.2999 8.4-.6999 2.8 2.8 4.5 3.5 5 4 .6.6-3.6 1.1-4.5 1.6s-3.1.2-3.1 2.2c0 0 2.2-.9 4.4 0 0 0 3-.2 4.1-1.7l1.9-.8s.4.3999 1.5.3999l5.5 5.6001c.6.6-3.6 1.1-4.5 1.6s-3.1.2-3.1 2.2c0 0 2.2-.9001 4.4 0 0 0 3-.2 4.1-1.7l1.9-.8s.8.8 3.3.2 4.7-.9 4.7-.9 0-1.9 2.5-.5c0 0-1.9-1.4-3.1-1.3-1.3.2-1.9.5-1.9.5l-5.3-.5-5-5c1.8-.4001 3.1-.6 3.1-.6s0-1.9 2.5-.5c0 0-1.9-1.4-3.1-1.3001-1.3.2001-1.9.5-1.9.5l-2.7-.1999-4.5-4.5c18.8-7.4 21.9-19.2 21.7-24.8001-.2-5.7999 2.1-9.5999 2.1-9.5999s-2.2-3.1-1.3-5.7zm-5.9-.2001c-1 0-1.7-.7999-1.7-1.6999 0-1 .8-1.7 1.7-1.7 1 0 1.7.8 1.7 1.7 0 1-.8 1.6999-1.7 1.6999z" />
-</svg>
diff --git a/docs/images/dashboard-http-pass-canary.png b/docs/images/dashboard-http-pass-canary.png
deleted file mode 100644
index 68a9529e3aad9d5f7b2698393e6d720147daa418..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 30244
zcmeFZcUV(fw>L@^Md^Zq^eWPn-ivglN$()NcL+UTL#1~C0XMz(8cI+Rq=w!JAUy$s
zlmrNY8}~Wi_wN1f_u&2a-sj|blB}$`=3HxzIp!$8F-G3$XsMDA(-Gs~;E<@RDe2<i
z5Lsi7_pe{WeolS!JHf#rmUdQD)KOPdWY+QVbZ~aF$H7s1mzqYTe|wXr7cq!bnYAEK
zs5|29;A8H%Lr9@Oo@$>?3J2Y$u4Varz30W->knSMXC+oqOuWyUXMCObeaR;i_Urc_
z8F#&Sa!p<102+kI20&VUfxeqr=tTs2<Krp*h}MBp9=rZEW|I#ONDqA0c}Z_>CS1cM
z)9u3X)!F!|r^Fu_c@Z(2`!iS6n=D~Fu-6GR1(v(4?zyd0ypNl3J?8a`+u?#eyLa0T
zlz-?)Y!A!(8k9L@@;!2huD$jMnX@rNn-iYSAo4X&!1l$<g@?n}n8$;py?Jr`xzaWZ
z4sB~CC&uq)5flD=9K&%}>R>ex4~LFuRidwtrzj{mJ9s9rf{`SIsO1^3oE9B__RI=?
z7+7l+<X~YH<L<G#?&)q1>+@da_@??UsC4wjrEk_nGY3~8Mq=s6c_ja}WtH*7XLDL9
z)qDGRz?y434+*uGBkt`p-}u2o+<mw3v9L8?p-Od*B~MEwc_l?}Z%?6*c@0(U#>w^5
z9$)c|q74U}@ul8D;c5gh<3=LaWhxa6cV@yi#CN0Gd`%&u-W#W`1Gs)vQ0u-;<Rsax
zO;rq8+aJG!r=vhO^XYooryIf6uZ}%Pkju9imv7>d-+Eqi>x7)B&v>((nMzcFbnUa&
z4E{GA;;0qzk1vFD$Tn9f&0lAE-2?q`hyCGo$n#sA)|3k5lwahH-?HYtabkP(R^p2?
zJq1}e(~ZYp64cmfC|I4<IO}Np6b}+@3T~Aub*c`tq$j}DxDIf(RaFv<z7yS!8ha*M
z_5${a^Zp%w1<Z)GA2(fem6Fhio1c{FtF(NsQOP69V5(gejxAq5dLnT;Eym(Fp)cOv
z9xXWL;{4aRdMbO@e-L}Gx44+IRgnOQxIV}JfUdp^q{(?H_GNyx<7f1K==qcL;B(Q?
zM;GFqq)YF?FA=@*D{@qK3G836e2!aIG}d^_QNg-KPJDy<mFXAi$70VD9xAX?uD=5*
z-OCeu6!Sse{ON*<w0s4ND3#PZ{BCc`cLi#K>=FrhYSOw7xT6~4{gV6=CzR>fJJ`m*
zyV&{GaY=mSWp_-x*~j%=bB+IiJSd4(akOaW8Qy)oe!70reu^h->ooQWg6gS-FkOa{
z&l3bNP8W*C%;48^s$rV>qry&24TKGWb1J43yTZG4mAS~A;evZ3i(3>&!e;?zkAj6T
zxEPU_pGTgH3w@z2joFQP(qrFa+atxDmQtG%pCa$_QvaQPwto7=P3QLwO%2gUg4?&Y
zA8*%>H5aJb-xrh=^bnNJI2Pm(+_Vd}>#;YfbEw0u>#Li$)BbLm&ft*rK~jUPC?aD>
zda!+v-g?D2lUIx;w=u*2mH%sz@0@l1v$8t`0gUL|Z7*dwdsFIDZYG-X8L<Ksv{>Vl
zrxQ_$+DS_+K$VM}^C*)C_2v%BkU7cnV8iK(X5xD4kJNe8KGZI^LDaJMeQwL#rlJOL
zPw~j=e&M0L&!=Nr=%=&&er(GP>4u&?pKYy&42GA)Jh*qCh`ZWAwql`5x+<^iM<J{3
zY_X4ty}p6vq=|?^qkN;fzfx@BMhQ)|;irISyR@ott6$WA-1at=u!Z%*pfG2cJ&XaC
zOb4Qi7OoR^5oUDO6=}_Ulu4M$muYM2VtUvh*jU!U=%UxqI_EtX(m3C+1lxkWg1L>B
zPSZ{qj2w>+jZ}{9j@xcYY*$Y3Ot+P5Pi(@tU`!)m_Xs*;+HTsEy9<I!B$XtqBxH93
zhFJz{v)MlC$rks%^;ok>@zA%Q@Z|N}@%(6S?s@)2X@GsfE?qsV&ry$OoPC_FsKY@+
z$f};VUZvh><Jv~(A?0Bk&8?f-(Ihk^Gy;4ieEEE2rqE^^lcD-Kn@OAFzPTP#Hw$+e
zn|ymJ=lZ3hsDX`ZKF!|Mvy|AgVlz3-VV;ie=`MhtJ+Tlrv=W*M`PJ8dQw1U;2<TGy
z8o8;n!R);zt|H0klOkR!_48wYc8<8K<js#fAEV5VEGW&jK<!>4{?u(#picjKU$f1r
zoj6~V55ym_Zyn5ga32}CQ@TP6H(8h1uwQSSDxb|--rejNXzNw|7KPB;7TR!KZ5wW$
zjNfY>sh&Z+14n{qz}}3K5CC*9DD1Ft^XBF>k$i-9*ItBbBq)*xA80ObPTum#?(;Zv
z{infCO|L6n58TNy7N^*uYiDZ#Btr8Vl=)c3SSVOhSv(aN6%Q3TqBUu%%|eAVxOrtO
zSU%onq_m`v?d-Pg%i(xQVMrlCfl7n%TXY<q2^QL`5AgG*TMnCrizboN(gm>|un9yM
z4d07DcsIu+(gRpUtjpaIze!BMHcC2rI;!}H^wH^~ueGGLZMLdEKK>wHRass95xr`~
z8OW8w*{*p@O*&0H^>(IyvW8ZihAfvIG1coz9(|(<%TaE@+v{)Hd3Fu=Oe8pwR7M5N
z+)wrBbZ2McTVyl^cC#8T{Cba)jsWG44YMuy+DuzOVX>bxD_!3RN(;qReXCxtcJI@N
zETqhWhwUw9gYCj5&eBLS@70Oj@;I6c45jkd`%#ozr%``U4|OA5T=-C#)bS`}`CheW
znNNXFw}gz@PIF3l^rh&<d|V}s8Oj~=k>`6yqGP7f2bA|c;Cw7%u#@M^!zE-88OJas
zMY_kncYCkBdBA!4XXxyC%z5PEVZb!C7qQPx=#EL}X7C^O&$lgM(1wmA*2}y%VW#MS
zJ+v{s(SpSfQ{8&2pvx(YC)ssUKL$TpV~aA~Orx_Eo%27?_Llbk>yqoQquxc0lgY_Y
z`V{QmM>*NQ)>XFrR&4vlHfdF%*Nn&g0gv|m+?i*u4GRroKgNg$p;OSMZ(Q<Wb#$kh
z?c-jOyGQj1HZT~_gU}c-*_(wiH2`O<2Fivi6=72ov6H=%PwBqUNkUF@T%8*{D=?!c
zy|$Z^kaY8ewwnBRb193${*P9F1lE@X9qH~AMy9Rvb)?_1>YN9CYFvH4l<I0EQ*G(t
z>)aMNv@&-J51585E<;Pe&SCXci)9^1uJT+LsR}8W$LxYji+f00t*?ipUb^0Nq0}Cr
z3VPfcQXdiy*z8b7?V*&8)b?)fk;$nA?;kur``QPM4SUtOpeh(o%)}$de`#{LN%yXC
z?J+n6h)#a39ZYnB4*{y5uCH1n^?Js?ur&VB|NL;}kS&L;IhQX;^u+uq)JJ&JXx0h^
z9trvR)pHo!7|+LeFO)l6;@D;0_1knW)VR}`mW&=Kohbe2R1}r{qiq$@ikO#u6@E9<
z{5bKbb}RX!xCauRi!MqkE>e<ygowV~^*pYp8>e0JTGw@a>%|_w$s}3~GO9;mg156Q
z`?5=j4iRmFPrrDbJSHeY2!~T${*JGMkUVn$)6T8$1Q+F(&$%DbYzQ?veJEnNt)<yP
zO31v89}3IJ%&f@GJkyU9L6d(9vQZJ!%6d@rJpFCNPnU-Hp$p%OYSDb|%cdS+?0(}*
zVD}Pk#K4fuqh-@stT}0DZ>;X1sfqIddwd-SH_91@0DFXsebZszI5_x8Z*YjP-;~(5
z(kHzC(@JFh3IG2b<Lv*sP(e>oT^;+aXX|5c@8Rp@>8F<xk8Q!7cGfrcGuG6QwDol7
ze{Sb#W6vMx?)9q+j&z_T_R!tl?>TdzyPJovWS|V|pI1m?kAIyOU}gUE5<gcNR%1;a
zW<^gQduCDohx`v&Wr>-YnWcT~93*v>RQ|g=_LmH+lb@fLq<{bb0N@7*@q79>3OtgK
zkPvt%C?F`vhrNQ&H^{^9c_5#MFWY|&@_)urviG(1arW|a_Vi%>HSTj8Pk%odR@PrP
z`oFLLdQSU5=YQSF!}q_Zg`J?luNHwv{0{~G@7UO`(!b71>Np45yO}6CyJN|Ny@#xz
z@I&c8um4BOzwY>#p2q*``AA$`{I6aA()90L4Sel=6g}Os_w<wf*V6oV=f5`ocSmV~
zUsL}JDgKMjf1bq>T9#N^;Qua~Eb&n2+ZY@ic^q{m1^qzWokgNR>Tfh%KYgi!Q=tW@
z2g=+JuIm=6Ba|tW6Y|~~Q&1}q;40)iF-Ty=%PV2Njz@F*rYO07u;(NF(!MZX(S-qM
zS};}8elBWpXKx4lLhvKdKl(Df#Wg92@vbvR;9U73|AO!_<pMs#@2<m+VvI*%9YjGc
zkAq8a)kh@r4e|&QO7_Ly4~ZR*=&GUqywU%T_dhP;|I+V2aN_^+%m4Drf6Ki8zw8fo
zXPl{RzbAo#EgvPrO#O0SL_CcEeC7B|bEPC^=D1m)KKME6_3OSdd!_-vl4nvF8ac2h
z6C&+lRN(cz)byCfd9*!aA*gpZ>5<~K_(S>v%gF9Pu_GDuNwT)g2;)6LwS)B`__Op(
zvZMHWmO=jQy=<cH3u<%|;DP)&{Qt1|{`EkS-4tFQ2ETqP&fA-5eG1JKwMYwVke<pP
z{wPr|ecHV`*67Q1gG6(zd%-w9@y(4pYJ&jVjU9m9pfO~5m5Yfl^*wbzSLiZ#K~zTw
zO8sTekhF?a;4)5--@bgjB<a;!gHn}wD{)xFby__+#I%R|q%1yQZ$TpH;&pmKSaFrl
z*2qeCkZEv76<+(j>D1gTwkvfcd!)P$evPMgE;rdRkX_;H1twmuzzl+3`#zd~0~QsX
zoQ{J~IXIKOOLDcM{c)YZoy2&^gB~^49g*)gU(~4Iwob!sTodt8HcaK>4DES}iRYU-
ztAXCxod;WiQ0-Q-W}O;>c4~;Q%+=eRU2Tb9Iv>7?zEYo)dq#dDu>Pu@lTw@;0!1*-
zHM_GZGBNNH60e~`!r{5|Yl#Z+@2^?x+M{x04zO!623}G`x*+vFU?)M0{&JW9>PfsH
zcp*sm^Mg^3y0P&Gi2OB~F{_?f28M?xWq0%|bf9*i@cWwg#12}+&tFZipZuhfJ=QOv
z$A!kG99lfmy_#QM-DDTXHx!~z=SP2cWM`ObOznMh>!1{6lqlirKq~_yG&%l8mpgv1
z^UPGT!4t0MS=|zPT9+|)!bC-IVWgG$vp_pn%V)ix<25l&Ly>e-^Kmo6Pf}S9NlEF$
zCyH4DUiQUhOAUb<de?q@i`H#-ddB@Muf?uEr7v8)0(mUk7Jx{!?Tu5P0biP;hEj!!
z*M^c+pQQ1!kVdifgtM}-$;`F%&{0ru&tINBMeZ$fQBW8agq|Mgj>U|lXO9?bTeUU#
z8DH-ECeTAk&^4^AtZTUpQWc1wb|>n6$z09HakqI4C!oAj=rbsTq@OV<gREO8WHpJ;
z%&;$44m?@B*W3JSdy{6#k}=7$7Hegv(M$NKLED3rdNUp=zBviFw=W4?^7TW!ZIbg@
zD>+_>il<K${^O4+U)Qvd&h{XDXm2<xKf;Uq5b@&0Ra{bVJCcCNdOEyyc+*7WlVs?O
zPVU*(1D{OhwdF{ByZ#9=nN0T+NiUp$-ni_8sUzCDv*<=2>;{U5n-i_~r=?b9OFe0>
z%I26Lcz>SisM^kq0M^W`PE0L{JuSE~(;@oPKjRP@8t+^6(#60tu{K{-eS56X+yJ+k
zF6QGS-zHv5(4c2ijb(|#D(UW=8aV2#Uvst|y$fGm&+WJU`X=OKmK=&<lzFd)D>seL
z?9wk6?rSB`=W&)Hd`bey-aFd$1xp`JP%-*nke(s$F~g@k_r)7eFhRQc!T#|ed7|mV
z#hQ3^{ObCpY}cZO99Kfp-AzBR?l<C%#SkSr5x3>Ae#FmbRMJ4;s7;0hdNBfF5xp@~
z0Dv(1xW>+yIP3VX0+t5OUq`PU8kA$8Mm%kPu=^;~9&I^*-<qq5imn1NQrHHOnypoo
z3i2NuXi8(<6fjR%&kcPr?l?%3&AMPU3djdk?~PTc+o~t`TwZo`A2WpSWfY$;zL&ge
z7ciR;n?F5_+1!`KxD`TD!_W&{t-hNFrSYXd!l@okFc)0&vS1o|cw__(4FL%|L!bPT
zsn+Bg)#EWEi2@zGm2-YIb<~*S!i*T``ogU5fzD+l?#t@Ai*zesauJ`YnSu}kzS|4e
zr19*y7Q4Q?Efj`lfeet0J#3(@FYv&q7(N^hA8rJmzDF2Ca^(c#Wn~xGPGBy;O@`*S
zfW>)jqY5ts(cEZ66JXx}ocx~p!8K5K@kMaQJ!IsTuM_iWs!=bRq|?QW#8htLk|N{0
z=W-|gZ1FN+6);xfe6!sB(<iXy$?SVbq24s(0qo=k=e=1W+u1f-5;vFq_RTOdrF)^1
z@FOz9qwFjRG(+y710vj3Qr4!<s13QZd#L3??!V>>2{iA#?80@P1!YTPb`G)g3;qnr
z5*t`nWlEPNljY6qgI8nejhrU({~s+OY=gWH^?q(1&A_P3@<Dku_^0z?jY3#1Xhz=-
zlBOAcz6ZaX)hXltCN+c3R?!Tfq}wF|{*?m}4dp5t11^*Ee7LPAB_n6E7Oe|!GAq<C
zO_CiF!|dlDZO=oBWkJLwJI7m#s%ZjdHujDx(}oad&LY`du<mi%16{1@ooxn!(G6Nm
z<+~zM;yR=9`2gp|y4QB!6QFH#h@Z#7V(mnS2Ony~@yDUNN5=Ry%F(wIMNv%$08`o1
zBOzKr;f=xP=x=m7a$ftNG%|!gBN`x*9scQi9X2v5MoYFmabn}ot&&vFdUqFnEUG_W
z>~)--5EP2s3!FM?mM)sUKqG(!VVfSK7k|7gx0*&~d5S%0Bek%>AoxIlnMp3QD|wXT
zI{STm<kG%ZuH(e5DPrn=^aN444Wbhx=<$Ueyy*O<NDDL9;LXPKa;hy+E9-3UBdWa|
z!|2MH+u>AG7g%e9d=QUGw+fnEH72VvZ)Jr@i;WdS4Msm*SQyr5;}=}?N9XsPlp{;g
z;p1eo{)XQs8!a)Ff55XBVT+&dxON^@B^mN%p(hB-S{M;;z_l~Qc2kFE3@Rv@xWE+-
ziLkR6ZKF(Fy89<(i1usl{!d(h%Jt9F!`c^?xM^Jl?K*n5TuNpKD$N>i%^+T>C*wOj
zX*=6*p4@C(I)4^{68-`cbVS~A<ujZ1KO=PwXau`iVNgYvQ%5pLqlU{-+t5pk6W4o-
zQajZ$zvC}8oohSqsGiG040<Y}=qQsuwNz>6BHt@px;DaEB^zD)4k5DcmC@TE)NH+@
z^2<CXUP~A7LO%_|k=mtkymvpGssNe|0KL?e<T#+xmSI~81NY@y4G~QF65gcong-g|
zsdc<Gr>n>k+!m>ia}iNb=g*!rEH1HV*}@Nk5?t;mzwCNsUp6;S20VXMY6Z?o;WseF
zYO+Bt7udWZU*<sfbn#49e?P?N>18-s&_pY#@D}nECSV>lW!M`wU)dZyp$zbnfyQq2
z98T;%H%t)r%#k(}Vptl7$Ou5;6E2^A4*0{v>a0~`j?O(AlFv^M`=o@5)MxAL7n-M*
zH@0f4`+smSf#80QYtaHvzqZ{Aw6k&zIBGw=DKobniPe6+aX$mo19qW&+OjfVxOmK7
z)-+F-?vAT|dVe|SH%TTvvBb4i4kW0thPEZKsglM&#kVig0>Xiu`=*eNsyYX0_*oA`
z=JG}F@l#oI&fOtUPooQT;~CQy^N19EiOliU0)R?Qr(nV=fe$i?V`L+<6)zX$P~<`b
zjdAugRd{H$Z-B_=cuEuGymmd;O_ijELC%}i@auS~v6(2immzdATDVJce8N?JtZiqp
z8Ilh(s#mE1WXP=Y@pNqvcfw9bM##5EE2I5(Muyv3cjg*<i-)bgeMq-Ti9*XbY4TKH
z3N^C~$BMN*Mfgk`-rhJdM73zt^ZS$N0N0Ci#n5)ru$hLXnKbxM4+6S*s(85vWXHQ~
zRm<f~<09{i!6F9dm5FV^L#FXnSYu>UXtJpj;OhuEy50#>#?n7E-HP5htQV<O(Y2Qj
z-!<Ue>YTyux1)~WuLPLg$k0lGXYDN_A~k@fhAPF1)o9IDzdj8U>8)qE%vDfd=)!E0
zfTv}=hj4@(JX?a%KlowLk3i>%nn<aWGXJwqfB2X>)+1;ih++!cu~<imW5ou7P@nZG
zL%L6g8A%}`_mT`HMCd(CFLvro+g>)zFh7w0k_aT1Y<Z6>L(t(U1fRrbs^gF}*S9yG
z0abcfwKbU^(p738<nZ0PPL=5h8zsp$kSR3*B5UIwnt)Py3=Ud{4W5B5Wu~h_Le{pP
zp~639&o#O{N!Mb)&u)UvH@8i1o`XoNPA8ndWeQB6PPo#zoA)0Fik-)5<3l0^!x$Xi
zJCF<qr^|#OgY|<P@!{$uG-qaqMiA$RKCrcSAow#`i`ucU3Rf`y<(eL<)>ZZ87YW}D
zKZam8krwpH2n&`v`{*=2S$`-s1qFrR(K{~tuSPkpyspeaqc2*0eE)b1P5<r*zGMLz
zR&@9w=4LgN7r$7p*UH(Au*t${s*PLwD~v)$^RrP3ZqVllS8<iA5VoXz`4>gZ!yh^7
zAwt<gk%is77gIv9d*RTGS979cv?3y&e$$gBmLi~W-6jp^+(XrP#>0~FQoCcS`8>V3
z;5&}IJ*FaEbNR^5Oi|~Zdd6Ltz|@oJ;q0BE?rp#R_o=xd6RG?Ly8Y=q@Mm|%KmSRn
z(hc`f?W_u1Z<5Dz)8doImb>4ioJu!sU`E9Ue3lg-dT&o4{Q)8^+ZMvc^iB*WM)N8p
zh&0EX;4l78?mQ_12=AS+PZ<@En7huM(*}&iN3H4Ya!dVH$Ku|{%UI=eraxWEfbr|i
zd|fr}IzQcLFmKU@QbLn{+h9P_-lD#86ARu})4>sK&UFsNXv$=LfK=jsWsnN!kIQab
zo7mRNbM=CqRfA;0HX1^YescW;g?)QZo!2oO0y1>3uzgp$)c`iTT;N<;;TpQDJwPio
zCFD40JQV2PF?f>lggTF@9GS6NlvQ9d&UtWJHo0f!Wc>`0E#hhjSj?So$|`*)Q|~d~
z=)Nk;G@re;@3Cd<*;?omqsVVrQKH>75<Z&KkwaS>?D3_$@5goTnXJ>Dkm}2F65&G;
zy&?^tL2a6VZ^WZSy2rsooqO|};ft~U8D|^w;q${{<D~P`)yE!d7{;yB=3+<!iB*Wh
zXt330$3<n1+;dGdgZNvfEWiv}mi|iTweK0T0`81?YiRM4<D5>BTE?>|CSVdF0?6z-
z<kyPa`DVQcv5J_40y2ebi>0u}#Nfx{stPf^i@ka95>!(MDU$q1w9q0eL<X-Wct~t1
zoC_uF`lE9pr*ON>4GSH(icQVKPd#RcOiHX3(0?ppwx;-|K7qjUcA+oVxdu}@m4$Ia
z765cRg5h;#7*cVy)WWA|2k-edq!^~rp=qw(Y<D+*K7N}_$OcWS3LqP1xl)2CFe|ur
zZ4776Z_*0G5&J7_vd5pxMz-~ru-35OHgv#LQRvZ&>d$oL$b8(P5Ywi_*24|1C;KA&
zwv{29yHkE`NY|;*(?ZOMW9HnvN9772Oea42oZdVh@D=iq(%k>z%WDGEbHwtO(~=9}
z!<n{|EdKd6&4=+;j54Bgds;ctw7aJ*AI}lzr!B(8d{=qO2{wc_xjoyP6hiic_n~le
z7oqIDhNs1G;Z<)tAF#4M=Ip$9W8N7$yQm|?jg~oyKnL#I#-j;tEOJ%vtqJO}ISP%#
zHU=~F!lCW6Xul)|NETQp2k5QefEphJn>&0I%iw+iy!;BV7;zGaTkSjA9)B7llwEV}
zrG@fzqyeJAdHlTt%;OR+FwN~cU$xu8*jp=uwU$)edTG)FXk#+Kl;ftA!9xPz3kM4q
z&n!N(2|ozd207eD?yr26^?zql>xE^^wkh|qGW(n0=DxHcK#aiyqqLEctxFF!-W@A=
zJjo8kqDDR(jQT|RFVyFsM{4ePH;B6)yt%f;sgb#}B8ciB9IFkJqAIy@ToS*%JPtAJ
zHybYs5iWn$0g}Qg|2#p>V-)mp8b6!0S+%)Jx5$sXFOe;(_jFsxabU)~I%tC9TV$0Y
z8s<tB=23`Sae+B|vi>BM9e5G?%g_H%h}(wD2A!Ex4ZaUCYd*T(<#O$(ww!0$FKg@U
z*y?nlOnp^F*1xt=tslVFWc%J#3KM=5Qm3t0fqPNN#2e#k#JG#~xP}-n;nhItIfBDa
zuA5p@ncs6OPZsj$Srl{0Ef6hAKYuVD2PX(vS>}TJsCu7{<|&85O0N!#yrpcR!9*9U
zjdR9^RZZ~rzjg?lYDwWSs`_5g=XqkTdszkA1Nn#Jy~3bn*ge~2pSeu74{>2}m5WyQ
zHuPD+!l-o_>gc;<HsS|r^Ihh)Up;cUJZ={Oq!hr}3`UkU>nF0lzS%}vxjW|%uiS-+
zxXQrpiM5;gd>C9fNh=5y`ytgcV{TMp%@XhM+<{?wwO2cE;@dH^CsbNC-3{ZLrJW7<
z_WI@>dt{rhjO=_<hy!1UReo>2WvFFO9HYH`MMy4_cwos%mWu?iGZd<6KaYeTBKjPe
z^{<Tc^yxEy#+}jSc&f&ctgva}2V1lPq8HmFmwzq<-8`>KG_Bra*mFf9<d&g;UB6w*
zz%twHvB2GQxVdJsU-|fH@SUN@6Q$w!)Ii#j$hn?o=!%zG6w+OW|1$8jn9^ekeZDat
z%XsX*=f3MrKmGF8JSCf28o-BflCneK%N3$rNd&RQC15VbWDi0Voes)cu)$k_DhstY
zyUoHZcD*ZHk)6^G6}^t|Twrj+PuaWT%g=dcs>dzBB9lU97V|JBjhLWy1H?eVhI{kb
zL|EHTsb53xLM|3S5V{)ZldB}KybHCO7mnd`l@9T-YVEc-3p<RF6<TJqY$8UMWXeUS
zuT8iFm@Z;aT`sF>x<s3-oh`X5xm%xoJWQX<tDmd#PCt=z0#H#5Az*})$z8CQcN!<F
z<^SAiGKk(_q|O{Y1veK3O>8S*&W=N2KTH$#5h~`r)agjgtP`!T(rdNPW#Q{{=mp?%
zg!H}+Fv$O$0Ohz{7r&tC7rQW3X$p$BkRl_wdw*qRrAjfrQp;7QuOe~BqRglqX0h(=
z25I2eD{9cVyNUL6zxbkj(C5e_T{T|eLozoP-DGyKA{dg|+v!kO9*b%9m-{lIcNHib
zc~61)KJJWJnSL5BncUiRx%N`{SmkDzAv3c3-9vB5>?yxupxZ2Kbb9E0x`J%6rOV(<
zh^)*)KIDto(vEip5d^%SL@yoqJ>T-BJZKMoY>b{1A<wp%X^Y9-2W?GsCnhHD>B0Vh
z&jnx=fkpa^6zENHRi&#yy=KjvrKG=`0IiT+jnOw(xl(9sAPIlkom3t(L%&^1#MohH
zr(qgEsk;%OH}7_~qPjhc#zkz5<%bx>gZQ&01L@(BRU%Se-*qJXwrYA?E!qGBiWs8)
zUpP9f+@RwdqTvf;Y&+>(lQW-%<f%iP>#{y#^#SOOFNAT?JZf)uzc?pVTNX3uIA=p5
ziP{yDznHBZUo-@O0K2><^$y1+t5?~3<Z6|8oz9s*L&p^2kHjL2bCrsp9rG`Fo+%tr
zr3-F1dh6x|ddEK%W()WQ+`)uDnKUb~@m%*0$u{MTXi)7$hbOCM!M$}lf<<^jMmk9=
z_L>nB2ETC9WB4TXkkfgO#<q)Rvc9eR(w-%FDHVQEY1ZVm%Ndw;8=>-oh*ptk)iTH=
zv$1_TKh=R0&P48%ww2vHov4u^)Ys$=JRORe^ao^#A_og9Ey|0iKTcHWhK!<6!)GMQ
zkj=hqGc3$Wx!)G-a`JH0xp37~MH<yWEj_jUVpn<kr3EPP52=%?@jKPVKU*P3%ZhJg
zpIa2!^6D1U>@2iOE#D16?K}q)qOUXn%V@4YxmH13sGV!MF_givJKv=KaHhpbWuT)n
ztk`kVt)FHn>vY#j2wx;&ogwsi_~<Can^oThS#quSoSI}|+pj@#y+-CFc)n8PTtqts
zRHR8qv}1(dEs1ffd7|5X?=zk2r*J<QG+iZbKg1NQh~ZBUYgq8yH;~yJ%I3o&n}@9z
zeO!!phH8$Dj^b(jOs#>yiBG%59U=xl(8F73+N@)1|FSi8s-Dw(IR?eH6OHcpvEIl*
zXWcUWzKCgGynpJ<e`yk|_Efmp^&sZj92REhgUDbCAajYek>&ceFL*D#YW<v+M6C~}
zxni2@uHlQ;WCw1)-YisKebba#usB(2G|47fIMh*TcT)35tutMUsDuYdJyXQ}M{_mO
z9YLKPF8YCk8yagJH*IAl`Fele^Q`JKth%yX>t*@PjZQYPI}g^%4rUzsl9bazYnYdr
zXaa>hgFoR~U;tw+D~lIey&$dPJmj5M$ChM<#S)es2YREt&>0$rd}L(?^!8O4(y|KW
zbr&4N6+g)dSrjTwbIBtC3lkF#?$xuwCo1$TbD0Oyc$1!_KA6)!-Ep<n!7qo%9Hu}d
zi>i7g4SwFq1#-%O{2wViU#d_<Xec3Uce&W#;Miq0bk>U%KTV$!AwV@Lwl(FML;y16
zQ?v}=7Vq!ya3Tgj@>BJKAJCpxv}W>GZk~*z`|^$eRtWToRA+I<C63zw%@9UJ+sncR
zd~bWa5JhVXYUo^g2Vg^pUUYIzi)hk`q<BtMr+&sKI>E?V>>h<=O9mx{p8eG2wg9D+
z&mj!!HHtMdnSC7~Z$(SWR$+6k$<(1FM+o-H+|6U7O}e)ZkKte=L>~OJWsBFSg+-a&
zjZ?SNC_&h_L|w_u7(<5q3zpAs1dN`3;)Ppxe%-^ZdwCU(&rXFKHJ;MV_!Ju$q?ZWR
zAZ3!}E!NIWe45Um;jiQS#G}5`zK`;oay`zfS%ZK@@4-arc#@E#7Pn>l2Pb(RiL~$E
z)n+>!tFd8*ZUVD$GuMTU?}@7*lH*-xA-jcF>WrxAu9dk-9%&fmA@if9*lzk}WY~H?
zwM5{40=?+c=4|~Y`xvcrosy@hYaWgIh*Ti#$XUW``4hcN@B}F8n$F=`pDm%RNV2#@
zieeP086@od#M{-yekgFV(ORTF^U5H_!goA%%7~7{$YgkZu1ts_Y{GrH_F83}|Jqx}
zUr>FY|4huytG13jPNW^*vQ)fB9V7qC=<2TZfpiXb_HH`^#$-OT=6)>T9r~hr4lo~r
zh(++Vkp5<<dzKM6J0u6h(uWIbCZL^sr(DD7$)Pkp*9Ld-cULXaFY73h@G)NQ4-FT}
z7Pl#$*s2C6=%9wof((fBqvDmKA3KG+1m7cKako^&Wq!;SuXkF?bgy_VT#p|Rx)N)-
z&Ya+c&DNoc6%Fz?Z`CE71p~n*M56j*MVf5X{prcNg-@Qux=a@MZR_^A*2G-<&E#)C
zSoX?HdfYo)L-8-s^q-F+?KryVYWiSs>xWlK?Ozm2NFu!6RkY?AUwfqwiycP3j*=NC
ztD=+i+Lim^7pb{TB5>TETp;gCUFDwr@-o?ZaPj{C_n>11YoCPzu9CetktqWEhYH2F
z(89Xmi+q$6D;lR{-Bb(Ycz^ssT54*()|keko1gF%Ge}y@y~h@Cl~sr38@0!{B%Pwc
zY)M_Nl$pNe%fwF10Yjf$6^x6RNvi}pu5{?HcPq#XS@i|S;@{Ow&W`8=pE0%(;~J+E
zTp57CiDbVs;vB_&y}%C_9io9FS_sUFVY-Ti)js3dfs2*};{RwP+(A6TH5R)m^*ip2
zkpDt(y^C`&zWld5kK2rc9g^^Whx{Mq;Qwn{GQT6B)A##cpv98J(!us_?=EV-;2oO7
zJo0}W`p*XW1B&nI11w^jZ|NYBUWxh7wcyM;9bs$5z34Xs7cv3|7uAUe6H$rCqS9cn
zS$0Xp#tTH=P7?ep5;V!O%k%pCOe2NQip`Enkg7z~!~<ADpX*0Tio_F$>NU5W&O4@8
zb1}PKBqQhj<|?a_<Iymq8~O-I&!ypcdhRom`mfw3WAAR2P_ZUUEs6ip@RRScvRrAc
zv@hUo`^bGIK?k+W;zN>cuA#8jo4=7)(-zEQ>`IK{+bOs=tL@u1`c@LMA+Me^m$3-i
zjWz}|RDA6QWZ%%pi_v7NbzY6Vlk3`!zU~()gO1znu$>=9)2@bO1LUe~@oM;QH2sG8
z??$e!Xw3rqxnI{yv8#$ky~+*fFW*%x0K}5_r5LX1zWToLQp@>gK!JJZPRhY+hJ(on
zogn+L0u6J2K5O*PuYc%PCMdp-X|ZWF<o%Jr(V<vq-E@CLu~=Dh@LfVBx=Pv4@t8Q#
z!TvG3Yp_u2fk`6wl2ZRY*XrYK459ttazY{5D>Xi$Hw~PT#|s>ZL13kRs;7BXK?gbH
zw1xso9=UWZmmeOr^;g{)|1Q^?JqBq&d#jZcfaye}FP_kyLSu?2%_t0Of|_WxSI1bA
zhGI6?2otI2S=UzxBYW!)5_P!Kr&+$Ks>swstCeu0-00{ZP=Vu8j0~0f&t?A@t4UF0
zG^c0rY$j{WIc~_%3fzMv9t_sGhNX)J9D-gOW1L6KdJD%D=bvgosv#LXdK1(kDzEx!
zeVL|bu8G`AQ~<nDyWq8%1YQ6Nq#vT@FuSOC0~fK$Vhnev=dM=U3nO@mMyp;doU6y*
zrdY<n0dLJ8`MVC?{zmt<!u>@l4`Up0qrKo~brS21p&j)!xpL#kr<Eim{@<JN6$>Lu
z(N5)hQ@ehqk;WtoZ_Hz7oUQ9@*U2S3ZPM=rNN}`e2m<`-$+z|4a}E7D0CE$the~_A
z8wvQF*6mR9{MnBfmyAIRq4laXX$K9-rWglP`;b15o{w1YK|6;EE{Tmh#v^Mta!cfQ
z$D$rr9vdFF`nQ{c3~nY$pa^ryjL{R`^G{W%8k#}}CHUr4@Mp2a>NlZ!c;OJQH<rau
z1Z8B67kNhqcymN*vLvV9pJlz51I#{H4KJP$R@k6%kTD8*w|y$N#OO?Dbe!oq6lRE_
zKK=&FY<3ArrY$$M5?1hUjNhBxLB)FH-kRC+6OX!5D0qFnq0h6Dkmo@6<B~u6RYuoF
zs#;XV`2csvQgq7AJNbBtsyzj@b!N8F;}vypulX)vxOJ~tWltI7ms<=8_n!JnuxH<p
zZ+d`80BVUB_LOtdIX&@6jzmw7bNV(Il!Vr7o2ryza@xKqcg`_ze@#~*q`A4_{T;c&
znPB#fC3$+r>}*LcsE3=uQR(~V^!zVxK-J3ihW9df4TcD+geAXZ2AJS~1Ip#9%o+N9
z*AWtJR974Q<dV<*3^neY+bl=>0FrTR%2gScvbpDNoKeekPQx9xsVrm0LFIHYWj8bT
zi~IDR-eFiy0DWT^TMPv{LX=~JeBe5*PHF=&@5n_)x{lKv6)PR@CG@duUPNEkQ$#cZ
z6?d*Swia~o=x+1bya3)~j3(ZphHTf=u~M%Tiad)1Kg(5dzquBmCP9@lF*tRLv%hG%
zr|CT4ewjTWS)q)!Y8>pF`Kc^C4=;gC>}~(~f{%WI@}w(+)kAmxGpnIbv2XWDhy${y
z{li+bG)KgXKh!E)WN{5N%GyY&gtR$u-mO?~B+)`;HfK_wgJTm9Y*xvgO%?1u1CTsF
zI^~X%?;CaK7KdHT*_A*o#-0=Ah|C)dEEi7a1Vu|+HfM;oR@@M5dlH%>msL9&v%u!?
zepBj+i}o|j?y1pW!#FF+Ks4{=tbbIC=Z&tO#TcHets317`StT>3gX#sj9!N7iAk<o
z)L)dPNewnMM~A$5LR0M=y875_`GcP2g`jRuJCBRx>P2Jz6vHGlLbyJ_t&;UwhjW1Q
z{QDe}oZuo2g+zCB7~&*woIGgCF1G01`z6r5ZVvIC&hJgWW-BExbIHtaMz{=Zl=n6c
z-X6TEK`y~!KVS)gH{W9;>6&`LuRBQa#UHkMIULe7YyYCa{?NS5H8cn8QCb4`-<^KF
z7*;8A(su3$L0h)j4u%j|+luB9Ua3svA5f1(z$23#GA)Ft-9Ob;07_CHNrdSY@SY8E
zqczF*S7ljrhby#Q1Ts4C8ZtRt1y&7J`cEKih29)d3syo(d))8@tSVcJ3eyrg_R=44
z96Hq=q^pJ6=ibl?zLV_{SYQG_{%E4=e`J(+a4K3%FJX`O-2n@KS<Xc}jLtnRG3uHM
z*FrTjMVE1>8?B)hr-#!z&IW;*8jJGZ+7K0%u3tb^JZTV?Hd3n){%oYlz!V#+>QF=1
zsb-POTmxxq=&5Pe<5_c~=<fB?Y76Q~FeA_ruM3kFsE~1%&$U~*+R23Pz96+me5E0b
zOQ0JqUlc>?3R=l_aG!e4X^dKx)4Cz$KBXo?n^{!{cd0pu%bSJ?dj-~;a7`Mxq<eoq
ztbELl(j+y(MCpMtOJDZ7za_p{w3uVb^^7MLgt`}rLw&oqFDAG-$1X{uLg=iGfS`^|
znDFPDz}S=<<*fGQH`X>Djk6Uua`^9wxOTfZ+rH?m%5z;f8%Ss*iZRL(@obcK!uy8w
zv5GATH?&}=#(dmklDi}FhbPG)ebrdgL1UOvwnvm$i($1TAj8{P-aL0HHAre}&(+<>
z&R30)s=+^XMjG7YKeS-JUsS@=2<(WzmW*PG2jxz!3)0r&$M|=a@0z3D!KZlk7^erE
z<F6E=5%MtV5pFMkhN&b6%rtklq8+&JVOWXb+f<5s)OojW$nB;?7in^jZ`9-dQ5R4=
zPHgVNtdAdNdXP0Z^!)g70mPkkbtvWQ+$NiU-ixf8gMQ7bUo=LJt%`+(BL^TvZ~E_W
zj+o7B9L`S=c#!2%1o@PD78OwwxO0r<2fuxlD+V7cqTY7waS-6qFx=U4U_~v_vCe98
z!eo;dCALT*qI2QVH{_=t;jWRPU-$DSZ?}E1JKGao9W8xhL`Ix?-1c$G_(4W#W^;y{
zIf?NZ&zu(e^rTZKXtP+YFI&AJ%LFxLHF~zdIdBX}CY*0{c`Nemu&#U-TphlhVky$y
zzhC*$YAxYLFzVs%t{z|S#_4gV)%kA98D~pdfzewHA^6?}M1xS~GF@%kc_ADqsRX^8
z<dzr`51GDRi#MJxOZJgu7a`FOr`OVJ=aINFu1_w{%uP@y^PDyD2JfklM1faai54;|
z29nSDp_D@>On;yxm#eoh5#vDoqkmLGVd1-7eCHCI{+PuO@8X@k6yNl3nJ>iAlRu}0
zW=ohdOW#|#3p)jW*2pd&he3s<VYFNU6F6@A3EGG%h526DcL_lb9VUFVLgIFqPvrGI
z+l{v-ff^g`$<1sWJ1Lh5&=OG=!5IR5i=aPvG&fxEvDrm4K-P6t<wX?MFcDlEc12lW
zjavXU;Jf7^{iIbau_#Qk`Dw`OC!AE>n1PDOkolJDeF?HI(vp*P4udWaO<op~6srVl
z+;k&>B5jA3bw>U58@EdCWZYWh=j@U^j8dZoiR+qgT8Tt%tsLj~RE2p8>*0xAE;TL}
zgCKkK55z38zZh$ZoRq`6(}b6%y@f8YY%bf2(0-lC9s4aaQ(`mu8NV-rEOo<y&S@GD
zaPZ;=4J1Cn6VDE1N_KlFetb3G$LdCx%FAx<D}_R2H}!QD98qu8z)BPz=hx#GCY}aD
zmiVdXoOeTKyHR+A8pogyXWk!X?7fqngC7nOI13PVrn}y%LPlxspPs+&+KtYT^$#20
znzI{TOL)rJ;${UfKnu7OU67<4!|0;I%Jqov4D;1ZYe48%GVxDb@QrW`!D#Yidb4hV
zKoq0@S+;|Tz-VbyBY{u+?x8EQ;lS(Y92HR74lPxUtnY9=)P+8ZiNJa_LRs%O6QNL3
z$DQe>X!#l3NMx-yKHi2`bHQb<rK#Ote`U<>PsD{{#<56GHtf;tEv_y6cbRX+w-(1(
zu2d_(1j#bbh@)0P>4Y|n*RHE*7?E21_;&~woLL?RDf!9w>6Nqjg*0SiAuYX4RKMQU
z?ih1Kmp?f(P6)$DE6491xIhaF0+k+yte0MG5Rl6+OI|0B=pfx%xH8%;&-{d0cmkIY
zkK3~Af{`jh^QRRT*;P3W*9*)e%f9LD&Cp8V@&5^DOcj3lO<hMHp`|M=D{|*EI}?tW
z5_2Tp*##_Q=fO16T*U1+V1*iMB;9NJItQJ%6ZhAd$+MI;7C6Q6=mIBEQ^CL?>>yao
zr|M;k8vr3kpT5zc{F}wYYS2pgpI-<o9G_Axarya^FTq>?1Cpwyfs0x7zCbJ65RZ%f
zbxB$XcKXUS6n1o<UtQMlCtjz6MfUJ;Tj{Stdj13@y|4v{{^~Wqe|XCK@;IWA5$17M
z>p*O43l<9kvCmxXz5Uu$H*RB*N_lyH)!$Oi9LvoXl)qarECftIOdg@h%$$C;;r{F9
z{8(mI`2qLrO!cPX>>IW1HRr!ECz-7k<O#*g5VcJ+2l;U;gn2*u>k|Aa3D}t;5AX1Q
zFC8ylUugC1bJU3;_$!r@QspzP;~lUuU`kqwl|4~*Vg3FzZa!)r!-N=G!4`P(z%UkF
zF9hTgRjxSI9JLnbYV41MV|D?wr(*+#avV=?r}vN`w7hct{<#&Vt*i%Uyaj=u(Yhdg
zb(6*)$#6MlmA_rrr^UR5J43-{b?YPnTV0Zb4W&JOb88#FNgYPzJYJN#ff7!|W{s%t
zW{RwaqFLfel6Qd^j#xU;6fQ>K1gO*Q9p$g2YYEg6P`A^3Rvgtw_!|I(IYE%{1!IK&
zquT<88ZP?PoT_n*sh*vSP6pLyHnGxzC(nXhVRpaLZOga)m$b5_)mb@J)JpoMVqLKT
zmH6{|+hYAP{n0SzCO4Dy0RcnPUKW<YgPk|eiT+B~e~O$)ef|We(a+crWM4~dzWtt*
zko`OpSgivDFipXhIV3;~L-!mOTV0!_FMr%GU8*TvFf6W;mObY_UFpqT*!17*%?(dO
zqmlK)MpXe>M<8%@#U;!&UNrM{*=#dOmhc^;dqXb%)Qg_uo%P43*!1c@L-1`KXrvjY
z5iy}j!)IwDGJR~_xO-C|Hf@sAX#wO;1c!dj4K{3Yn{{a%J+^5aN~;8#_LhT<T^WF#
zE{!{KUh;GPJ1$}7yN#pG_rUcz+PR0wU=k%XI_OYf>iF!dtjaE`lZY{i(*A+k_(r7?
zy6_*`NB#>THi^{{Ls|`<2BI*Wv`1Sya4^LdQ18TMH$4x0NJf9~q0IxEnv&nK4c99&
z{q?j40XqxS?q*tl-IVgMJ8BKLjHN8jj<)Tw*_*nB!4tQ^;LD#;4esNnr1aAFEkLNG
znwp1zLwhE^JDAWKubc(be9-v;+;gneOdB4G%}B4PbeMoS{)*6oEiK^bS#cJ@-?3#F
z3z(L<7>UC?zwL=<7Z{Y)DB2}xe?@h{z1qChW>K-aqwTZB)G4;a&cq$CH^<?-In)e0
z>P;d`?|VXZ-NJn;u$9vL+hT6cIK1()2KaUT$Lr`lU&rb=b^M+%4f0vb2009GIIuI7
z&y6Yn+D8li%;!?pBl&gf&AA+UJuyiBnSaQXNO9tiU@s^p1Z`d4kN`&^7B>JV;TWPP
zh3}~sfL@jU0`aswuWv5##@>VO`WC;AmQCQ+TWWw=(PENP9+-S7Ciz=#rI+mucGGJW
zVzz0#CIwH{`wfq=`C%UJRt$2V&p1@4pDvzErW-~)n|?QWu=6%?3K=cpTIqgqep(?4
zzGzV2gHI}A3j?19SYXP>epYKX;C;#va!kV}Ri(sQRr_A*9w8etrjC(JuRS|WiaJCl
zi4SP*CoF~c+giOWqq}d}WS1y?F+&djIHj5O=qWKZ?|r#&R3kQHeXMNS8}5y6a+f|E
z!7m=?e);BBBdiev5|C|v(Q>9?Doi!i=45?(s4bU<O_2cP&b9muLCO9TjZg53v{8=k
zFN35F_(G)D_jX>LD*lX5<4=;PcWi-+W|~yC5A+~9#V#>F2+PlESzZ?S_L4$1|CWv$
zc~6H~UC`R1s?}$`At0VX&cPkLbd=wynJb&^cE;i|x3bWhUuP}?KirwEPvUbmEFVf_
zQ(f<K%t;OgK)E|Yj#KiKiOr7BZ1Xet)t*A;*nCoPaJY4U{TBe^Vu9(TSp_B?n{s8^
z)Y3Z#_S;Ts^v8U_X7_XZi+I7x4x1+<_GU)&+1=+Fe4eKE=Yfs4CzO7r&48N99oAd|
zs?)G(8793KXS0q)5>s83X}wXh50s;6YLQF~!a6y@0k5_s>$tSD>tN<`Z)7e?)&{bS
zh_g0BSAm`;lbIw7CC~AVsQ!r#C&))eF$K#%N$2Olrq4DCS~N;!s}CHju7M_LtA+2o
z3Y;zRosrzNGuURboxhBjgT{sZ)tGDfNsuIrgGMu%@vhKKmaCuiCGT;EAEl@Dz9B)4
zPIuX1<!HsRk?_gMXm74DlY0pmM>9v<vd(@0M(RP+*_zNsMq=6IGW#XWZRuC+8uM^D
zoc8eMhig_Ag`uZDhB!zBFrcN(rg3u9H<i_)pVeq|JKEfSbJ*3rfgez{Fjb1xQg0pl
zU2x{MWBf!M|7mL|kblpSX`773pn%!m1`Gu4iQ8`{z~d{0>;{)zhW~DkC9vP@s>1kW
zOD&tW>T>ku@MSr@DZQv0`@_O)d$c3^*k4IW>4}|P!Hv+O#3YWVrmi{sCJkNZjoUQ8
z1n$A)^pdfH4hB9>A<)i_7|z_=+r-vM?p5p8TOQ9iUl`TM;{w7a;=aOXE>}7+L>1dF
z8RANiL}c_0bg<h!-rQnK<|B*J*bGcmC#Krb|H-QR{Dn`h?LQTZ?whW2Ld374i?{q-
zN(z6oM=0G%W`rDvzyF~awcfmRnUGPxlt{!B-d(x4TopWZyR&(!#A9+7T5r^!%I9j|
z=(2yjsx6z!!4%G(NI`J`Z6_2A{{gSFhv$wVJ`>qpEC33W4;`lbiO3l1&b&3H&Y|b8
zDH$0(2sODnWtCx~PVA@#H(Nr#MX~s=S|2hjw}zUF2Y{Q9=xYf^VYNLV5VkgN&(a*o
z(q=zk*y^>C*9Ps>>nBLEu*X&eulJ|&7|xs2ZyHZZrg~qTM^5MYTMYbtO@5huNl_6O
z&rSv8!aRpe3)$#|?Mgn1uSjTmAKc~6|7)x|vVaDwB4$o+-gy_^KJal?sG`xJA$&O^
zyl$nudVO;!Ydx-w?n!N)a%GrIF;JpR@51TL&iuH8Q>qBY%cDN7f`=SN+%0>qV|9v6
zJv4md9%~9{5wbbXM2DbKgq?p}exTyiq`}NQMR`1%1({A`Q)TkT+2F!osmt_}y=_&W
zPChW$8LC9fVM`bV9d-iYK?C~x(wA#giZXM)f3ti3G*bG^K3PYePwiO#s*tb<IcmB<
ze@li)a|so9a93qCB%!Dt{;i}?jW<$hAfl1XSV&()4RnGz)kO_UEfiyo7=F5h$-_+d
zvPfe-y5)~YbLCUvOGJC=szhWBFUo=~Usj(P72y*}^S&e^t(jY}EN;@k7TWyi*O>fN
z*+hG!2BZ~q`ZU>dj-+ag-6%#0sQJ50C#`&~B2;~v{($>e&Q7y_>CRrEMVqK$&5QxX
z^SXdtl+W>OGX!(6Gyb&@TliH~l!xgMJmYXBb|@Dtdeq|wT@?DKoF-T6Vwt|U7YVj%
zv;YslkC9<$Zzrb-rjY5fpe*SHgaX{~mn}q=#@mQI{aavAtSaKG^An%I^UDh~M1v`G
zEEB{fEIi?;COMej8)pJO!OFYo&Gz!gFRLXn-kqVRq2cO2jqjYX$$hqUHtP>YaVoTe
zD)g@9%7&TxYz)%w7J|avoty?Axo30EQc$vr*+UrJfghFrwwJJ0T;$2k9VpQF{T+Vt
zOVXCVJBV)!BQU7=6UflLfvj&$CPf+<N^+6!FTOd4Q|ZT+I&GAPzcBG5Uj6W*Iv6}d
zfSqz2y@a3Q-?!_3G88$<eL)TnLY8NwwXiC<ay#<oolXhSA?M#_NMQfRrO$!brjzWi
zBKp5J2=fO#BzM<~S%I*>d)QDs<dWR?h~uf1yI0$<*w(kjIJh%`U%YAm;bi=~)wj$i
zk27WV%J!en@o)5H&cV7$t2cV>e`mEvMEr`xds4*x#tX)-SRmG^ishnD|NBJ$(+!|_
z&h0!lA?+cTD>I^n4F8;#mj%HI;?DHz?5w|7qF#zO6L3Qmff#A&fA;wME+^3IS`p^>
zz%X{_cULld<r8B^%@046{+k>9@09&DK7j?+T^>>2CjZ@vdFW%kMlqNe#P@d&ru+yt
zVdq+Q3hD32yR1Tu#b5rv@R({;J48#s{e%khddsHE4n2OWPWqiaszxxjg5pW5Ajf)+
z%5kCBA1~eo3rPOM{Qft}Mow^H)1)XXddHUG1!9hcEnVd(EPjWq#U&$ub^PY{dnb?j
zI_!3L=4s|woh4>_OK7WJ=bt<O-*4J-oxq>iCObg9NVm@TS?RONI=4k+v)keYKx3%z
z`_SvPCYS*`w%kb2b2N%_>D8i}N&S<06+mBNe(!pDY?e*Cr&|t3kCxNldGbGSlvv8I
z|G}v33$HXR%$umx(-UT<)58(9eRE6D%}dVvL-pE0Do>sDPgP266<oEzea{^8sW9w6
zQPknp(9O7y=e^rm=rEEs!(bD2YlCQVqf7p(l>cp3fBuZTXUbfnM^0o`=hyecaQ}E|
zKUwf7BmD<9iC3%&@AU9J(rS|6759JIvwu4$|B&ECCNA7lKJ%NT-}1{O0d0>~tYy7}
zmHNfAY-Gr^F^>1@YED>lfr3-7sDq6o`cA5)#hjVD?^=sGXAC3D|I^-e2Q`_!Ye2w)
z4I2vxxGQB*2`fsk?yd?V!3G$5M@r}cAwWRvNbe=0C?FC#1VRg-(nAvxLP+QYNJA+R
zLb)HmduP_Nv;6MNow;*o?tl4`FPT%`?>+B%p7T73)>gmr_SPABvO4<g%|lKJTgN7A
zHeU>EJZ*~!-e|ilMKvH!Jt&EvoXq>E(6eaPzQ|$T`{2Dij9_voH}dZJ(mab`8S)<D
z{v%9&`ri!gH_heZ`E*csaql2^FkCO>@TBiioLWWlPPl)fceZ}oDBVFdkX|*}hSYy}
zAmDaah9-4?+NDc>wm&IGd;p{onc_&)D6R3`WyvO9>j)vaGte~UlIl)d{F8l(7lvbE
z-n6vGNkzai8hOJQQ*?}vHxv6N6qWD630U6lp$1mDU6O%ZXwR2C_$q0vqS?d9pX6E$
zP7GL{N|1w!fy`G+f~tbD6>*-%hgCHF*6yFNsBcosZ6ugTZ*&hKILH-+koNPb8%!SJ
z8tGVm;hos@0;n5ern*R?=u4AJh{l;tvcFqV?%!nC?_zV*@Wl1p6ZosQaJn!xWT{WL
zC2d39j}fbZ@iyfIY8j-x`FU}+muMH1CMzl^ICedEeb|EKCu@?EP@#mPz1Dm7BLMLO
z00<nnxxS;g`ci(#`JS|QD4a;h=Y%7z$%OTuKv2_F`QsuYzr2#Ewc&GtrP;{Y*o@u4
z*sA)Qk@IdBK1)z;Bt!_ww>M>XWM9oY<PFD(FqObwrX01YPuMXTshgL&^B$4+LDheb
z`qPjHO^&qKZUxlE@jMX;HL3zog94aErkGMIYC;6`V9(^jyoT@O<0GJ3*TiRfFK!H#
z++?CGKJIDN(ssOeSzS{X*p(Uy*_OKKACo^-X<R_>onD+Rlb%Vt&SX*aqEeRZ6=y`>
z07r+1)e>d=!M(6MPMwgS-pKx=Z2DhArGw%<q`B@h_e|A$V~tNQ6NEf+zL8+p@=k+a
zX@x;Fj!{C?Yj_jHDh$x5KeQ|=@a;)3MPCQ>2HGM0xVE6QGp_stjMkq}M&0mHEI~_z
zl=ih};bMNSJA%Qy;M9UG=oZUN?GulpjvvKU6_}UQvYr2pMO{Te<*H|&vYIf}Jqz^H
z`L&f$6UVj;$c8$Ck`^~;^~%@zW4nQ}!@};KRo8q-p<t|_<Ee3dtz5+yY4RTKhu^Fd
zoc2L7n{%2J0d?*}<>tCc)}gs=Q!qD{=K}JcO2O_dOF+@bitKu>POYRE1+<w{kzzD8
zYTba2`-`lwTZF}?u%SWPI-liIt(E}a-=(~7-g_LOb1nA-$Rx+!oQXt{a&nyX@I8C~
z244R<k%rxpJlM}g*NmLYecE{)7c$`Va{GkiCAe!&q&RS5edmF;c14;4XGDDm`10{&
zZfOUzeYGyr`TSM_LZ?y^DyJ>KOI1Hy#_Zt*fKvlLX$_ujtC@rHVK2ZJju#1f3T}IE
z%oPBE&xw<dYx%mj-;CFPeGo>I2MDEA#Lj2mm61PQ-gpAks<%F0{QT1o{rE2Bc&_vH
zz4zZ$!<L9*Wt;!=!K1COzCIN;{y^Y%_hA+nDnI;IcGJ5bW<lqzV2`#q6>If6ttfuy
zR|WqGh`?aHN$Ncn2*PN)=>`axIG_&+i_o*i+h!3wP)5fu5#Eh%7t$xB00zZCZ{(QW
zb{q<D#2%nfAPCL>0}YLN%{};sQ(^1$ADa*fa<m}?P_Pk8m%6{02U--aELDz7#djN5
zv4Us&q<WnOE8vwu>$u8N_jP`@s^7S@b!E9#!1$jjbaIU$V4=Yn5a$HCcR#NKs-3ax
ztYFWvri)vyF8+!w+r-kBqq>V+^i=&=g^AqXoHad?hdC6`EW4MR_KIVgOD#8W>)29^
zDY{~xp#uPAM-axnZU%1|LRpKLk&*2H(C>D@KZ9I3yh>H-byD%8S9JzDMb)k>?`5kZ
z)Cm)iaoUj)+M1@n+Z;V<Xalg4=wK{~=;BDUD}amIWRge)%DS>neqU7-9GcZ%Jpsbh
zv}xX0!Vi5Of76@QXbuOQmttBT>OD9$@H*sOPG7N}&lZ0KKfGOqFfXVJWS$Wlp={1h
zxc%w@>DIurr&>+b`~!QVj}?6M8M;K`&tC)7tc!pK&ev7muEpTsx};IB^@xcT;v|43
zc#n85$Y19kJ(YMGL(3vz#Jdk!<$kdgA}?I_?{d#0qL9_gG3livlB_y){bRN4!US21
z_C0<G?Cef|<t>A@)jSjS{?v2uhvm-X8`HJQR?P+}lkTt7|9H5+Od(l9OyioP0Yd*X
zwOi(-RUnaflMqn;&)Pd6rPSzT@mUv)(z5D|V_=iymDdg!H+-<wofNCZR~KoE8T__2
z>F7_pn*f?EzsP$1aUM3Mi_}sA<yhfuBIgE%2ejAb<8S4eLlhj^CkuTT@3TD!ioH;~
zIr*H0u+=CQENnHRP^%hFl*5wB+vXhS5}tUsFkr9!3ept3*7A*!r@7!OpB+wrF$E|r
zVRrkSJUCVCUy7kTTfS6iX>50fs$B(v#i(H^>*Yo<9OfIi`v5B)1&2OYJVv<8(abF5
zhurgRxdYTwy*$MN2#(2Hq0V1F4joYn!_&Q&ZSM~oX_O_jB~n&r>hZIx&{xo<w81UO
z^6ihU6o7cTm1lYLdC;_~Dq`#&Y*us=t}h-OR8>(#%E6hnEn_!I(b^sqx119cH-=%z
z1j0By><{s>oEHNyQ`lQ#oWtp-_}QU?<<Ap_+WJ&?&4L9r93!P<g3Rvs6PY9dB-i?(
zm8oQ_f{9Z`r_4x?AL|nD@W3kxm?Xh`8LibXhh47*vbMM`y!628>yV`4;^I)S+C>&1
zr>=?|DrcSP&@wH2moQUUCNdZjWRnw(XHCwO*r82Jp2GomIx_5R0Nm{1{rkF){Gi!@
zqMNDp^q8D2qXzFu2K2HS>i%HyDs1KbhYzbsnuC?m6`O2rbreGa;Z}lXFU^g)$DcL<
z%~C4LW~yvWmGQxXKLT0btRc!7I%)3%$7B74=4XaDUn<~xFx{@#jKhmd<kTG8#?n2K
z#L3mITNVpj64)-?+-IWdL+v1_r-`O3!;qZxtL0Vi=~h`N3o2JeLAsKEXLlsZJ26<K
zN-L$HrAX(^SVb}D>Rw^{-ktiWYNJfK<a>Mqx5JF~)f?vrM%1qL36$Ek><8@5#7?Iu
z2lfkOh1I!hvdVJu09L0$)&=opRz}tYjk51PmbhNyLj}`B;FnPRk1j`x$%v_!$M-q5
z4{vd-m6q%_0u3*@Ql`OKoDT)RYJQfuB0xz-Lru*xE369RTOMgksd`Vxq*dZ~-9@tf
z-$HUW>4UN+AgfO*6>zqA8}wd=>G>EjWaU6}M=8LtWJ$n#6>TdL<Zd<(F-eGqp(N}o
z*=*<ZWlTPmoxZS2rW0!jYDU$!WK9mcn$-sdxWZ@VZD{KYDs9}~mkqMFM&D^#@xmq<
zPZjsOAbcPG73ewu3FpGK+?lN#|3L&~;nDVUrn|O-f@N9zbU5|34!+#`OQ(aY>rU^1
zS#;pb&d&qPbA3(r@9Q_=Rla#~f0X7dWWGpObUn6WJq8D0{bRxkGlI@!bU4bqVrWkT
z#fSygi<j;PUb*7g{j+x}wtz}Vje9tJWC*kRN7*khq#@G9SU(+KfYKUCQzEBjEt4We
z3syfBMR_^hHqJLTijq)wAD{vVWi>hoQ;ILy=*jaTczhY+<s;S5lr}{Y1<e5aFs51^
zJC04&Czf8n(B$<%#`NPPlUQRIw+it!ozwxVL5sk%q-lyVeh|Jy2PwKxK%z=PTUy_J
zcafY66UB$)EB&Ur`$7b8k3&|8f^mSk;%p!070hL%J{YfLRbRWDV?1hpdU*p|2ahhy
zs@kEl5gx;<`LkrqHJ;B0b?^4`e13DUJp070gRk-80r;$=SMm}bSsNXB7TRxo@Ykb{
zcir>WVRY=oYv~+x<KBJnwfI5OU|$T^Lmge)UnCi8(~k1#9s3%K*)DY>s*eE2>P~u>
z(>sX_32bURM`SNv(~1l!4YUgXWP1Ku{w8<m_Zq<lp$pc{T_2u<!?{qo8GHYl;CaNa
zqt0B$J8}%M@$$}kC8eI6-J&`c^UJ#f#&aCw0?Pj!w|ym9IgfI<@+5j$?!s{W%QI`V
z-Klsp`>@$~mr|Q^ep4M);`MH=);a4~A^|uG4i7fSp@m`Ple4n2PAzq<r$vdl`2d<h
zV>a)A=AR>)^UoQ9Mm|<(=E>-;a~*`JL~(La;!EWN%LhacAGX_3wXw%1Zhh=gBC(LX
zHc%bJ7$`7{06Ec)>~m9VG%29L)?rFq`H%`I$((V%W^!VxE4zAUB&QL%Y)mP!^PcOM
zEwgfoWvQ`l!z^4Ztl}&8AMfl7u)cWl!La{k__Y7HCZtZ`U1pfMsi|Z74BI<-=FSKV
zlFACnQ*FM5H*z-VW)nU*Q|nt)zkf`=t58mD4cyNDI&(#iA_!gR)&^3zfZwC1UnuXq
z;!rx3dGT|-s*B#arC`!~BHZc9X*V-Q8O0tu_mj|RCRYwxUstynr${STl9E$gy5|lU
ztHte;ueYZus;CDK9f6?7oy$yS@0uy!?WweHF3%gMpA%6DEqg?-u;_NGsjpx_G0vlr
zMrqPAGA0->Dg)p(4ZQ@PVrC|kv6zeEX-H52H#fm&YASP_0V<fyzPq!`_fqEOm&2u>
zmXzt<y=fQe3HU^K)7<g%u0+|EtJfeA3v!C{bxQ@%tT1!38D16>5U^bCpg%$>1#4dZ
zwn`3bJ)*MVRiAs<!~4U^W-(*7;j54W^0&>=c@3`gq~oVWOTlfALA#ez`d&Q8-5&_H
z%%ng|?QqvS#^N0m>YeQ1h9ox}XqheSH1`hTt4D0eYE;4*58TKFi>0dA)D8y|ZWA||
z+yN7Yh$N$YLMwMXKz4nUfTlM{)KG}f<Pw0=&8u6=%sAfG-K|V4BkxEL3>15cIg;{>
zP=iqEW$LLb2crQmu?xP!Ge5s`j~^U-OMIQICX7>nC6C7)+H^3W2$cmnE|p~=a=_0e
zUtJnzO58LwMK3bWq4Wj)XV;EyYFaQM`uXh*Z+-f83d-okl<uyLWbw(jfR-dy;=7oL
zmFuA;vfz8>qsNLYexs}f3k&sIfIsZ82;MAN^KO1)FoKrfn`cnz!r?7@i$1IT)s|vc
zStylzkclfS4<o#ElqVEOPZ%Yi#P`*$Bxa=+io6&orOvdV!QDuuq08ZwT@{pk1FzC!
zhMAz+7n~=D>x0e6%D$M<@JIXg9xXGV6`-;jb)V?H$9qOBotVVae0;gD5!ia^&>`H$
z+4S1>w@!ri*{0uX-WPxn=Gc(nvQ1R9Z%dR#U#`E$rrk2Lqm*h<<M)YR(cb2CRw!7$
z@?&H8BYJ+6u;%ZpsZ*I1Z+fwSjjC(mtbGwuf*Arv@_QmXDb0~VjZ3I?&bs~?ns<jt
zhTjzf$^fLk8n8B1-lR%j3(38@`YAeNY^}vuIv>KmZ-KVW9@e-Uqg|tDH+2qeVCtd{
zr<)6BSkz6crmi#uqrupPAu54*!q*MO@*mXxP3F7t-gRHsdg`T#hS*Bko`yiR-TYrE
zgGYTpqXAq>a(VT4`12jBT^_n#3BRM=SgzH!@xqnUe)V>pYN=1w<a1S5&S1UcvkqCL
z8mydr&bTn{^HXo(9xQfuRCButeEGM=%DpQCrAM<k%^{dlq*A@>Ft2ENL{wB#MR!3N
zr!vH2@mF=QF+L<!ebWnL*Lg=+%|2!~I7Ct&Tiwe%O8QO967WEh)huM$h5KMPaRT1-
zFJ7V<wNB%_BrAlyBeMdIMZfKAS{!*ZCOPcWOW5r@*Q152pL#psD%HjNTlaHynTTWZ
zb)&c)oIKWH0im{=9p~tlsOsaMEm8F+*l|``Qc@qJ;u89AC!Mh{c0i@ohC?=>E#OoQ
zShZO02P53n3XHaH=hCx;_Za!bB!z3m&PP19?W1Gs`T@X9cgmVr9uRS7WD#;e@71M9
zHwj#nnChBex?XxpinT%rsUxj@<Viq|_BPN<*c`9Mfd-{>9lKpejXDm-_s)St?!caw
z9VxMN^+VmvsPBRmzXDySfx0Su`d`c>WDcK<0Jz8t7^ug_#k6z>I}c9RZ$xx(&6&I2
zC6klK6I-TpNH+Y7EGM3DG5hIv(Sx*pKd8g(xJ<UI(8xx?tILrw6Vg7$JF3(8@}@+s
zHq$zb=n@X4mN2WK`@ADTY`!)>GI||~dFd}tBCL$n7WqJ<xqSrK=8IzYROKM$I^rp+
z`qJPuTdRfKb4<YbFR%Lijp7h5FE4Z*e?!IjvvA5=2K_R%9kr;6W>WIv0n@k(^t=6&
zVx2eGZm_3O43I&3NE^R(h5JlQx&eB@h9ibpCyfxF4VL&ni@kpGa#hXaE|%|@v#1VU
zRIRyt8kcvdyr?fs;M-*S0~+&82f3McXwQ>H97Z~SDdQ^b<9kQ+9PB#e!J6$gA5PUQ
zqBWMk1m@s}Jrbaey?V@D+Z{MmKy)pl<kr@jcRkm1DzhTnB_$>4`TA-;dHOWY%zeG^
zbxN?Q$r&@3q31^}uBe>-6!c<{T$Gj7bS4qr$8V~56K}BysWva>7la891M83^Bvl=1
zap6LkFP6!lYPW1Crs-W(Lz2pT<OAx`#~{nW2qUf4U#&!xo+YQG%&|lE(Q{da_^^vD
zPoq7qF>W{3))n`&d;Hbb8h1JhPby9OznrV|#X5O;l}t`g>ygmVHEvsWaMyS6xfYg(
zc-ebu?wIV)@J3I%Yx}u-2(9JNeazqg@(pWnk{R7#UnXCxYi<QaN}i+IrOtmA3}9S)
z`ToPDwj{c(s2i?RHnw2eoMx$hcL?2!9%|{xx}Yty(5G35=M&iFa-y($G=G`E<?8Ky
zqbC#@MYZ>24rg<)%b!_itGmzGpt4C77K{=l?Iu+r>N*e7H$-hSg3qeL!y0Ri9|9*!
z)DQk=2c2l@v(K?Y0`)HH7WGxgw#R<;1^DY<CH22U-QIv37Ni~{cg`MqM|)TqH(Ny2
zUCq&OzBVF68}P|>J0C{emwi-e0k%?nOz9>bBUEVT;-anxzVeywMeW>p1EXDPYv5L1
zZRwwisPU&sJ5NJip0VtfN?@6iO5Qm@NbFY<|5&-`*bCfu+im-3sZ-`?saAf2WA$9z
zduEpYewtRv$r{Nk;VCgv6V(!JKh{5gJ`RQNF1~g(bt)`8pWjSe<+yR<$V1bw!nx_>
z*3`5rSR?c9Si^$4o0q$<9}dOIt-YrJ^<%7~G?)HYkll~a;=hKj{#PEG$WWJt#1}N7
zDU(M5+w8+bbzbPSCZE_Jbb|2x>Hv5ksPGQ!hd!7H(Ae?ybM}i#!#eALl4a!Z$PUMC
z&oPS&91LChDPe4ziPbsb4KTfzn3Yb`KQ`pAE!Ebm(Go6rL*U+a&+TqJh~csSw||oR
zcJu||ZIEtm-d{`rihD8y{=d}k|8L|!gwcO1g8t`6a_xXNDw}zw^a=mgUuNlD1pit1
IyY;>Q06zmuEdT%j

diff --git a/docs/images/ui01.png b/docs/images/ui01.png
deleted file mode 100644
index 041b915e8b2975bb037cb9710874b69a1a7f3476..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 161597
zcmeEubx>UEwkHI4NCE^19w4|wa1z|zHNoB80!bjayCt|gjYATGI|P>w+IZvEG|cAS
z``&qPrs~bPXR79}(^cL3WAFZKeM^69HQ}ntGB}u|m<R|6IC8R*>cE8v0Rb5w9Tm94
z%D2UZfPneiMnXbWPC|l8)z!(;#@+$}K{h-&6-`rPfb>0N<t%ReF%1>n8NDpS`y_mQ
z1e6^rCTffqN%-ojwak&sHF+hUP4y<U2vCO9e}?MTutuQlW7VO*+<W&uG^67i?f#(<
zwBz*7ZEMu)4mM`8HN13cg3$l=dF`tw+Gtb?FA^nDuP4@@Jl<&rBM^uqppC!(u`1s)
z{P{D-`~HnvFCTFD9F1$A=kRP-*L`)~z`8;Ug18)d@lnAN%SVGa&S63YbA&H3G`@*a
zT*uGAQfW-DA4__hMorOQ4LvK4;?@sXq8Ci~RKtki{Wy$P4(Yvl?DkH}63<UO#z$}c
z2vlCa@h1GSVu%<P#_^bVxPNevVx9UUD}f&;f;rQVsHCndMOfzj)50KJ2Bm=~9?@7U
zCNBxCTvKjy4Nkl0m^DO6x}TH02!8SEae8Asye&7Lyv$r}FzZN;=%n|cPmc;OCf&R$
zDf!iaa7<8%tHV}Sjhr$eYF%=m`Tn-tmI6{9y<P%&X;d=PTTX^_+VlwKvCnF|DE^?y
zpd2be#{{=ewQlr!83cra7TxN*bSJVFcm8T|V9h0QivzvMu3yaN%(H{Y6W<3H1T?Ns
zrG^=EC%r8kg*$`3B`HNs8nc{g^ggzdetB@6{#w3+hhM%$JM{TzX(Pd)h$7^pq#_qO
z((CuQ@5Jfj5HWtg7pFp|`IdT2Jk%TU)*>=h_M^=slI-xMSEAXhYYQV^gcgKo7@YR+
zl%Iz;H5~h4OjIfD%xEM1_E7(-nw2s6Y3b2#T`q*5H;mbv{s_Ndh|R7U%&8m7+v8?<
z*e4dMNSa@eu-{|UAcMXUG(S@LjrB+z9UX0g3XuiDkP1Ohb}RB5R}JaY_cS#G_9%p=
z{Bu~iA+*0=StA#J_i-jML~Hsca)j>wLG<V`_J>Q;ry*3&B|~4v;hLkTzvhdh{rSHA
zE5b|ch>wrIn7_n%{Myx;q=ASjME)zLHJ&C8`3L1Ukgw&cXlDq!!Kh#P$E}{BB$_f+
z;AM7mzeOGXD6wkoEt-W2`R3y++K$K;R{p!&8Ofib6BqoUZ8h}>9rKH(Do+x@AW@Ha
zt?Futq$ZPmh<-4WWb)TC)y5J_O|o6wGBVzeHy?ZR7_9{thz`PWrTf0LY(GE4bmwe+
z6o9|{zVmbEhr`!+`CV`OpNT}_^dfcl{xqB9h~z*?;~EZB6xn*bMNx!zN)g#JSwp1D
zZ_mMpm>FXf!P<NHbLOo<4f&k$K00pL)c5({?ar&OaFs)uzd7`g_hxr5_nxncu4x^G
zddv7zi4w5?sQ#Y1inltp=Clqw&PVnLA^H9RU->sd3cfr#41MHd=10*VFV#L+zdoap
zelita9=`cge~oU<Y|Vg>kkE|KE4hW~O|ll#CX<X-RmoY2KaEX7g&d3eV>#soaY1og
zY7wdqy2ODka}!q@J?RzkDtZ$tF}fhl!jgs3IxU|vW-VqdGEJxQPIcOn^is}gqLR(h
z<kD=_wo<+VWmSG1t5UaLIwd+~xtdUQ%84)5udF}XncF<Idp_A*#`z_Dif0yke8XnT
z?r^&O%e=yCHN}@Kn5lIsb+NADlQKQ(tR?ogf{mYjKQ1Vf&rJSuor##%uh1&>kS@;*
z%}bw}Yf#k3ICxc=c;S<A$Fs$A*Kj^%TfCfe@!GEyRLy77rrM?q%ek;3Z&iM;96Cy$
zEuGEKYHeh<+|nB9?zLk)NuHsceJGGE)Zu({yn}acDq`0m+fnH2ckZ|yy-l`_wi9{Y
zv}ZC-$@PWginM^tp7WI*hqWx{8Q)V<M^0g@tB@)wt4Z#i&9lg}x3nVprnD^+6#1U{
zYGzpL&(?W+J$h9XKht9;Y9_MMSJHPEg%;H-rKZoMiSp2<aSkI}E)FjYi>4W*^`%#H
zJMmD~jDt)KHuQe!3WHu4+~{uUYU`~u{?O;F;HvP{U#<(SG^#+ENuJ?%FeTF=`#PeW
z8AFmra>y;oU1sS%pJ1O3Y60<rL_B%gINEqUqdluFGe#A&T5N!6oG#cd(l229lmga*
zA753tSbKV}TOag$RJgbANqS<s>+k&9I9r(SO^3D*U3X&jSb&BEQ?*m8s~oEy&+5;<
z=GSO4Zz6Xz!e*ikQ5$Yvi*dPhGua7TfG38PhYhbc_fh76a!7K*gwZVZhS$ax_{(R9
z<|5Y{`^pzH53~2-`Cd)2@pyg3gOK#<aP~2;E+?_6i1bn6VgF4lD8q62CG6XYDXUfE
zRsQXVTP*k@5)ab5M@)}$P)X5>P-c*E(OQsMacnVqk;71(Fc07D)wk^1UO0a?=s$^z
z{8}(xG9EE*^>*fMLe19v(SF=~rj=NZ8J`SKG3WD-_1*koV&OHP`@>)H5)1LabKG2l
z#N);f(Jbb@RKv>0mFkGSh-3>7d}>BQ8*3A-6{!?a83V_MQ0kD*l8bQ%`rMu)FC)Kw
zqd~*Q$>$QZ*5Cf##{hCp*Ybk!g~w=9T9^0TG)gNL7jc$e2`H}qNRo?QfbClKgjo4i
zaRhh559RrIu3-z8CKr<ve;)(y5B}_dj9p^W%#A!AR3pp|ZVO+&$*9sldtCRC@W<@V
z_no#WG4qdB&-+!)do5-xR_hb$l_PkhNb(}*QRgG;g?{p_J#z7ikr|!IdMj6A-t{zL
zG?j0lL^j`D!jbV_c_nc#+aMk0qPCy+B$AgXk_fE(uEQLjaM%8=JvSvU)io8w#;p(X
z)f;o&IuT+1LdeLhuai+RY%<@(WIg?T`sXxBd61r2SCRWjTce9z=IQyV&gNwx@tKiQ
zux)U`7rSgo>oPdMi#QP6xncvqI0s|;e435ej~tBXeCifi4gY;4ag7&&Q%bg=V5s2f
z@YC_B!~W7n{f=p=w2iS1bZb773^d;K)X}HOV|Aw7V$`CoiJ)nq$s;u^ncsnbxzh!f
ziut;yL%wUUmE2co26|PK*mQcq1~zJJJNF_!xVz0i>Vx@(T<~b7>m(oa9F8o*{7v>d
zLAlSww4k%gCJpy{h!eqwAL7y2wcE6GC?|z9)sbfV?NIR;$U8lL-pguKIvnH(>Kjd{
zIco-<_0(>dW%o(MHszRRmB8osA>`*tH$PBI-pX}5=YOefWBgjWZr(pIV>z~Uqv2VM
zo5d$+<RiVOIH0#Se_J2n<^z$||H&!=nHs$WvDpW>Q{Vkqj&x%OnP7IfZ@T{8#Bvx0
zx#_f5Wp(bloNw^<HummS&5}7bFO}T)Y^L6L&R&FOI`U^awt#I9)23Z6Kw}4|Ubj%g
z&Y?~}_)3-^c{XSEWm`gPEA;dbPq^Rz=;rNV_k>J2g&760s9KQvg(lQyx>~zy#-q(M
zcjp+|a?G+jpKt649Re401?&t3DF+(QIL(=e{C?%^%i(-96Y0Z#V;o@;gG+c@bqtHq
zNvRIJ>%NR7>pt!dsHUqXbcz7)wu>B%UK{Pn{_LN+)Pu^1Jq`SI?S1rQU1Jf_JO<B?
z?EKxC6x4XLaLanOXeO2NhI&i()p{iYCW*5x6M_>i72M?!!qb8<s?p5t>OPc=D~4wb
zN4eg4Xq3b{2)6My6};~n5uBfrY?ULZo}!pmutr><)FdXl-YOK7D#twOl$G@gzb;X2
zpGHHN#r~!f{)V$v<Lgx`p4<f@0;|B20C?Ins{3cBJP0Xy(>_f^w;J@mcU`}(#z>+p
zeq-MW++$QOQFxTO?C1k7Z-j-eoTZWy0u#_iM?gj-ML+>sh`?JEk?cR)(ugk+kp6N1
z5duP(4FdANzM~9WA6{|5`=QT2uSf}@2x!1xkAb)Mmq-8cZ5*O6NdM7B#s{7uyw;GA
zlLM|AX08?%j&9aY?t4w$jlc~IXIVWr1Oy_whc}{}`imoA{5cy<U3Xn2ML{zs2e!B7
zPVX$(yd9h$#z7GF76h6O7VdAUydCTv-2}ZwX#VjHL7@F`o1KR0A762|6QR*nQl*k`
za<!o1W#eJvpb^ESqM{OZHMbO0mz4fjci=A(8f$lVXF+y$FE1}PFK#v`S1Wc-0RaJa
z4lZ^sE>_?htZqJz?r*(W9o=aEImmyEBWdAg=4#{YZsX)g^)T++cTOJeA~ZA)6aDAw
zpX;>nw)tZwN4I}%3)mq0!xMH+HV*dx92@8={BT!L)yCVxURTn_0iYQ$hbT8UFNg3y
zI{Y7x{+RNgUA5dSTqT?wfS&H6e^C8jo&W2@|Gncs=G6ORPEHP<|2F4;dGxQY!t4)w
z|1Y%oC!zmw7ofB#rZD?|o|-6Tu7<z^OFXxcRM7;k0GmC$9-#vtFaLQ3+K3+;J_jfO
zv70!8oaAdwZ^Zp&pLWG_%D&?<Bg4ENHYOW7DZ23ewm5T>L|(tVB>Xp^xX*7uj~Nx@
zEEGKDF}sM=<t>=av1W||A>3w%!`VV^qv<VfEwk;Nv0>ohtWy#2smK^Ky#?;F(xoC9
zPb2mCQz)<qs`r2S<1HQj>zbDpGntW62#Cn|;(zhu8#R8sH4n>Q?*ETzsoIgzi9XHx
zx;6g4><Il8Fp3N9{{v0XsqjM|AxHjjo@g=u>m&iT1grz^?{)ma6o1p>zsuL(^!S?|
z|C7S~n?L^MkH7ij&$}gm%gf*L^0&PFEiZr7Y5!Y){H;I!)*pZCkN^MrgGAAE_6}JO
zBw`GLXHW%^D<oZg#P&o~BnA$n|Mw%ccpCnVsJMhCY5DBOYU&kVYN?U<LZnEXC(^k7
z3jFi2`ddF8vH66~@haB0WLf||+EM-TT|({ThgtgM>hN%}WKI84SjS(2VZ>VrwgtGg
zLAQ!NdG7U8ipangj__Xw$P~1%@b#K0+yp7qyo6U1a7+GAqV@-9@V~V_%1bRF0}B(s
zA+}Z>EHTs+Ti0Zx(M`I8GFpEAD=^qwwi>&jkcJ>`zG1><f8gk;%+TAH1*9VgqlWPl
z>2#B*Q^MtF{sO`#{t8RA@@1AzuAK}*a1?!9d>Ih|%b>Lv@#$ZI+JbAISo0jV@82_U
z?pI}ENdv^=$`k*-L~!yJI!y9z7devaCl{yOUtwKzt6(mqQ91uNudtjC9!T3u@Hyt`
zJP(UPXd1`&JnULU#m9eMDg1F>KlHx*iiG^QK56lMAZs^<|2ZZwT$8opv%fMNzHBUj
z%1y49aWDYGed|K_PIJ$<|N1X+5k9*3ds8(8UH6Bhm<&evp66bJu88=Tmeu?i0Q!tD
z%KLc%(!IjKXTdC<-qHtZWB&cof_a`&=_Z9XV@Cs=T=1|g9&roVzjCJHRL@ZWFm=7m
zZ3LYvE*@xGY)qRS{xyjfd<?8AhUi1-1DMGN>~>x}59_b!9jf>58-Zi9qxF3lX-5t?
z17Cfdt&qPWx9H}kh=2<8K28&Sg#NJ*pjC~bCmZR%PjsLMdI!*bJd=wC*i>A~1DC0%
z*8a5<<N#>(R625`kmmh2LTd4v?Fe0Iwnu+yRn51+O4#m6IglR22OrpNu(i=vXLxwH
z>+j#M=R5pjZ?C2t=i4rcuP?zt(LoFwzjicSPd4NR5`|(n#)3LFhEi3k#!_`oHb!WD
zPB-FV&^8^{jeeK(>i1K$@4s#0zY4r<UiVsOSZ`V{UT)jW4T>S{A}-$eIq)P8R@HH#
z-||%)u@5RO3LhB<$1JrJ%C7!UFBu<6H5<%&@^5a5s{|l1cB``@86xrzZQ$SqO?+{l
z1l+^%PUcSt>o)RZH^;wrzaDFT_vu8v*pszXzp&1HEJtM9<rO|4qFvu|gWz<`+7$_O
zl<Xe2p~ymJIK<OI`)Z|X9T`jhZr@GAj{TM{4#4v3maOo@S#t7)#^gYDVXK9(Y!ZXt
zOD%5dWr{umZd*}ctbt_aV*f^;4`BHIza^xyln<QIC&+>Ipns|WMs8D2Z8q`uZ)f3u
zgSc*-Nd>!r6P?uSRB5W|^EfeSG3j7l&tU^rDOKfn8@Z6hkG(|m<(qLdj>FEj5+282
z;u-u7G!qjO)GhtzWPF2(2Z9+fg^=ghgB(+$`@?gO?%|iYPur>sHl=RsAZSCP?*G<u
zo7*4Qr&`QP2GB&02m!V%nWNjT##_MivnbeKhACv^DwW4!2bOjLe8N65)`J0X*#UCk
za+8X5jIWk<P%Zs|va8F+qEpuh!CA|Fr=LauTZmLCeLD>*6`(m;Xo-XW4Z-~*EkmO4
zaQyn!KYvR4*zLNLaC_d;<xa=FMk@5Fr+-XH=rJ%hf<Yio<?)DgbY~_%HA}#a-UA86
z+dXrpawFYXWFy0_3gbxD%PU06G156ursiKp_Rn%;FtgHo(}`qIo*~{Nbi<v8Lmj}(
z74lL>ZRgP?V!yts8!7RweRr~z6rRBDv@*nprW}RvC>Ued$EpgOL{PZq!<#uFovJLZ
z&FI<9;Ky_!q{*ggs`ffduaP6Gn&~z}{xE_6w-!~@gO)yCbK3zF4>iy({9pltL4yhu
znkY^VyoA_b_Ksa}zH~9Kn2rAU^}4Z77=R893dSO4>mTYij=$XMfObvME!BIkK4LW9
z&v`#4Tl3Pij`;*3L`r9)&Q<NtD}4MSfDk|2S6l1>m$T-9bxtSYfPS%=0(CqW@!jVd
z`x$W424!P%gA6CxRkieX#CrjYc0|5|Uz$7|ll}aSR%^Nj$bNp~!zDz1RS1f0t&AM`
zXsz{~&=Z!{cd02@5`Wqz26F(G@M&n|C>`y4@lYaw-$+tbx)BMPbW*vkMv-~30^;sR
zg&b4gd~!_5#3D*+zdji()hOQVkEeCr9;d!`J-GSO7x+aIBc0bR!@Og+?8{c~Yhby2
zj{x;~V%`>0_jbMLi;8N2^V^p5nK$a=SIf<SvI|%FoZ1~0)BhIGh>Ot9!~j?zmhHY_
zi|b&Bj~jWHoF^KUuDQ<c;Gs;-_Movz74DzqIY8+>aJ_dWzfL5=BN7vU0WA!>MaM+g
z6-4z(kFd+MOIfmoJmMbH9rBCtiHaJ70_u%K@BKfq7`DIo9jA6~tF<vQkf=EJT^Sj_
zx#1C(sP0Sn4IcJYK@&JIQ+PSQ?N^1GQeIx3Vl22GVx?E>n#^L@AbD|r9A;wz%_e2j
z?^xqrBpgF0^1%v)ScOQfwj3Jr{&^d2m=176)v(8A8NT@MK|q<fr_Xqv6WbMNKpYXX
zJCqOfrN5NqKV|jR5%05snDxaBq}8rVNnivw2-L5n)ZwLKY~bI}ycZ|McrNTMJE&Fh
zcznAjk}#2CxlOh(g75_w7uOdvcEe_>ddn_aTA41=aTk$RuViD9wnf2E(|Fb*=FTVI
z^Oys}Tg3moJA_UP*vz*LbB0Vnd}At|`i#*x|FmVtYo=#_Y-oLQm1Sx+32@y)&tJK$
z6=+s#8N^VCSi<%b8I(AfqBWbA!6to9Ag9!vj+_3k5@B!;IZy{+0Z)z-@K~9%UI=~0
z12V;~!GIdG0oT@77&Wb2%#jN<BtmlcXbA`iK(WWu$JIz^8`ptwi_@*jPEXhp$Yq(d
z<?hB`^wP)ih3-ZvK_?W0=o56oZS&6ys`DmBL8_@*B`ohn&_&XiYG9p+@ttUT+M`bC
z<CiVeR)crB0mSTKcS`eOJqUb!hN--7QZC2r=egO8H-61a&bKqXE~<z+6)+ikz5QN1
z4U=U*QO|L3^OlYMj>%Y>r3Js}@dbOPX?#F=-1$E2O^{x*b?w2i<wzR+=1_9uGPo>1
z6gh*(&PK?P$8-2)>HS>3c6S{mV53#VgSgL{x*h$tb|@x042av7Sz*~?LB_4;+jMrF
zhIaEhLOeE0s?yk$w)3f`@pNjs?tqLF4Gl~E`S40S4ISA0L=rCN$+ybUGP<0z18`Kb
z5$uUDzrae@3ZJw*IKD0jVpCfeU@~~eh+0!ieaTC3Vk5R^8V^y$kS;2PMd{98C|Ga(
z7T|-jcYXWao4&CnJc>VTH?(Hn2d!|k)!9@>jy&uTQ1_h<_f$N;?0RBxghnFNE?M)k
z(aY$4U$sHg>jlqkb6CkGq=T7`^5xsMuH_gsJc<OO%7y+rvAY`K7l3uByNJ|soz~K0
zflUH&#T$0#4QN-Pe)NLt)-Z{|2fTf-N{;>1f;L!O(5AVhZ>qxrkS2R_kp0fPi83q8
zXw&#~<*R*K-KU~<BgucBKHrkr#cTTSNnw~obiPj|B4qVA1~}6~BU_d6jJ^%rW6!&l
zqRe0q(#*42j`Rk&zTR@;8q}Ilr*mcuks6_hNm%jV7TEIHYM0%lhN$yGh5~>9P@(-%
zwxCx%T=nj(RHMMPFv5nfn=)vD)niY@(ayh&X#QQ^lSei*9A;bgB%<$<Dr<9hf4#mD
zU0l=#n+n3cE-Eyu^%k{zxP`PL(TPy%F?Cir0bSD0yBYC+Gmn3m3o3uWI9{9hK}{!~
zIQ<+{38Jf3O@u6<GdgNY?5NV|I}SmVNdZF6+d($@^93;v1_=P(x@ml&`?Q(yd)~K^
z5Ye@t;fd;N-zPya)qroQ7;uVX5TG$-v$3sXv2aF`A~A=7u8X@iy$bERkMF{L9;Z>P
zOmeS0v@=yq$Hb)W3K?Yu+((YP&7>>=*P<bLISdR8*Znyc0oRSs&xPIlIq&VNJEZGO
zyt2*5;*A{HbjO=hURE=A@=!jgHNZ2Zzt4HKS|eg}Wm}lOSJg4PnxSBX1Kx{jF|HE0
zNf<W`)*in(9Ye~q*(<N^)W>|<&(6Q>onL+Uw(;ONRLKHTWt1{oG2PRtd)?AKTIa?j
z=wG{~uyduUGel6;C7Nq**wou#^74a}?--@1zb-DNAWdHkC1927<YS%-yzsl&cU{Lp
zd7+RpWZ=Qd$2Y^-^&t#*C>RNij*U(EWNU!-`qYH|`egG797m3w6|g{e*APkpQ_UtJ
z^WjS%B8UO=XFKHxw?u<?gsI^UosU0A;dbZCklR&iJyOXQrE78BO1SO4d^2kh6h=#{
zkuuzob@~3zLCF8=^FFxCB<3DgZ9bZ%ck(PK(W&hK6jyb**)Bc$5a|BN5*eEZ&hDzs
z1_XH`yIe-0ZE!*^bLKvcDqtmC>1H@H3V8nV%nopXoHc+@DHA2&XF_a>d@dxX$)i0K
z$+5HLOJ!&2jyoWKrG}M7fKM~*{!9oFaSAai+qY^=)P$Oh-yx;C^KL=A=LvcJg9j*E
zNvdAxO4kCvSgcSsYc-)XhKf1Y{Os$yKDhLT_xWo_2zni6`GfpF0kv8xop8r6@VbW#
z-~ko9`{b(r)!(Popx84*EDjF86zi`W6HRqk1P$>oHf4^EG-^O}%Pnz$@TE-Hu&BX&
zBxAafxn#C5mnAW|TpK3Br;t)^zQHV!C?Z=u?X&{8p2I#~Rbbd^s)*RD-sdML&H}#s
zCE#NZnczn#8=pGIGA=O8A@lVRz}&FwQ%p9iNidpJRakVH3f>+=a@9-aaSXy@{5%?j
zwX3TDIvo5eG*EeP6E-<a0&9QpJWt6mjYs95sWM=Pj`*3(__xfsvgspMz3VwquXZ$|
z)%B{hxc}uj9tS=lWVTq%qdS4)iRs>r?p{YcW!u;74#lA$#)&X0D@w`abBafy^nbb7
z1s{c8PPmEQkg4C-%8;LS+;_qf0-8i%^FBd<x)Hl?*P-v^oF8>BQ2T(Y{{0FEuOZ<4
zoG+a}DA?cXHhTO^fmYjQ%9~zrxa(w|-jwEjz?2&bjNh?u)QD^KTrLKh7_+{7=GABx
z=DCu24Y=rkmXpx00OxWev8R@E+%%q|;p}=i0V-&<nde3<$%HKkIYstb#%C;qeolJh
zL%Xp%OmG6v#i;X93Ax?YA{aRRy+2R0@qIDto?%`_`Nd!iI8jICWIvNvy1<^mYW35T
zd%8g#KltT{-EfnCyey+nIVXto930K00EVYf83bMgML}B5-~pd#Hdlpc3r!EvIc;_N
z?}DP-?h>dBke+q>DMH5t$C$ii23dV*=}a!r^GTC9WxDNQoyg(mr_DYEE+Wa$@W%ns
z(F#e8VreFcg684j_?533w}OsibUKQDpky6>Ahk$Hi=3}b7FypNid^sMA%l1E-}R}K
z`+FrlWqwA@zZsF_ZFVFUOFzip+wL)<G3Cg4n7df*HR^B~j2zb1b?n$rLM`RwezENJ
z;`IfEtIm}AqF?l&!9t*DTAZd$xp)kEsV0v+CK#W3qSw)Ab~-c?QhPTFS*S{GFC&cP
znqhr&7A1C<{BkcSDm6eR3xfATw_wk0OsO{@rB7FN{m3aA=H9J>;rhE7rf&$Do{f;A
zjXs~W`<%4flMP1e&<XXo_7`C18{6}6aO)`3i}s6dA%nDSm7xn*XF<@`+irH6M*X^{
zq3T_aSz14?0R}2@+N7dZ*zD5LXd}JYPxk^#D~!=eDOsnl(^6n*ftNYDjFMmX;`H##
z_s=^{V@Y1o;>xxL-!mN(Ag~J;<aZ$?do^lrw^v=074fwEjF5Du<mH`|vf1jR5u!r#
zA32cXZZDS?^VrUb=jAVluZs5_A66&Ri5j;mS`KHhlCsD<OqFQ{<m^~z(hLy(QvDE$
z-DtSJEVi%6r3*MvQKZ~6T=uJ&M7*|>OI+iHPr$7<0pqj316E1(ZDv;)p(Bi<Dn9ET
zv|qGXdoEP%(>UEg*p!@ut|e&lNpXOqVW#QFbys2(QiKSiAJNy#vDr^ki#ZDKiusNl
z*)SP<SG3*XL>O`AVT|+BeeWcx!Esr=&e$Wlnyqx9XnKywzgg9C%!i@mx<&cU8}2(<
zC*}4K(HmvHx$|8r*>A8OkU2SQJGDo7d#fbgT|AP>7tg2CkN^bQ?I-H`XptAtdkIor
z2S+=RGku}}4zQY5Klt3&aTZ~%I5&Wv+j2BM*AsfNL^uwc#7j<Ki1JfsCPIZZ(TsPw
z=ttXLeU9(FP0bulHjQV*6Z-SO+BYC(iYNZu*Jm0cg+ywe;7gZ{7%EA-ccgm1@tp=o
zT3ClY(a;Im%%4}pa&^X=1YRq2^?P>~q~73Oy6WGl*ZpQXEZgfq{<w@fVs(T|0Av@J
zx1=xt`6|Tog|pTu%6uqm&AAU%r0>eYB?kW!lwuA2#W{bK0A#we8nQ7j>0{xN<^T4h
zT8IN6FmcpMTmoBrPEom0s!DB)wRwn?V_O}e+Lvusruh@ir!iC`b}GHE-e}~k-}su?
z90^>Hm5Xcjl}${xzG*ObVUvpJzT-}D9vs9vxudTRFW%nq>t4(@i~5$pjo&bU&Ul`&
z$%`1<Ee+~_p%oRE%!fnWn6q)XSRF|3)1Kr82AMqB5XhgL8B%&zaBDPLD-!C`KCP-6
zn+`05KZtd#k>JF4@!5oFe09-kBLrd`x6{kJO=@RwtJNN*n{cu+D{rcz8AXIMd~HjN
z-I+>c7&qOPAmm$BT)pm|Y3ww+<A}AK0!G)2b|5$V2=X5@8siT#%Tl~uQpr<7lk2vG
zv`!wKfx=>Bc`^=Gc52qcpD+~u{7}ehRfN~>G~d9cMB#bqbz%|-*RuUpSLOPS5dVn6
zgxR#6|2}|3*gWmBN;9ZR_iH<Lpw0WIEZ!R8W+*q~=MSLXfskiPhhGrJws5ClDl@D`
zF^j{vs)O$+?69K`2ET-#ti4Y)ADXFd_bS}2UkPHr*kg{4#@EzLIt^Pod>@P)x%G^?
zl3F5ck#vEOWwMM12@R)K*z&A@HE-JZ&BU3%uW@~mrHO+vyI!3+=N{2nXCE0~a(0`i
z9>x9l+ZOe_pYRm;o9WkGV2eSm25ehvQ-_~NUjtRhtZQUHaESPxr;KDa-H=Zm;#R)r
zGrKWx{h+qP^i-)kuv#U9<w<nVS9^UMo7=gG*C?L1BNF!ooem#oq@$i6R4b@1@+Rdc
z*HbW^n~L`pThweHt#(g-ap5-5O5;Iq9Y-fzc3+PMZB=Wv<s2-smyDNoJ+Xf8dDFn?
zx>(tCv$y8uM-{ZrlT;k6B$S*Cc)xU3X#a+Z!>_^Azk2mTiBD+<pBB%$=Xv$a-H7gd
zqnL#jF%FA$4<&TQN53LJB>M8gRMam_J;$3?JCLjNWdX!mOH|)ibdAkX)u&%Tz>V{M
zs@*<GSffwn$4|SE&Nnn)v56X4AX&xP_p$yszSh6H+Zy?*8pHY;eW91P!Ztox!+K=i
z=n~9AHb*ZKqh$*3Mblr7(El7{q#fR{U9q$F=<-A5Qzv7|SQ3?%H?H8=%!uup-4t50
z_zh!3;=Q|R0~JfvY?IMi=O_E#egYdpW+Dt#6a{lNm-`!yOt44@1Gn7A_W4yecm2*Z
z^RoCIu_~hqMs#Ydm!5E{kD_nP+dL7CPHZ7tx=e@o-UzJ-=@uks(vx+`cpeH=BF_X!
zpQt8uoqlv}%ihD>ybd8}?naAD@o&()5x#8SJfHPzs9HyK9g3koRIR_rPgzapt27u;
zKr(6YundrGS7^!spd)$%_=f|YgUW#i_i!-`?PUDC349R8=OFa)EZ7ByYdHNJv@w)9
zdy&;4RHYC9Bs^W%cDWT7ID`MoK!YCTX-X{_i~hw9WD+*t34-il5|ImeDpIf*jh-~`
zPM7s(CNk(<)bD=zo(@w;0U6#~Dv=Hyy`2eWC_lYksQwO$NG^vhB->|(QiJRb8RFwF
z?!M6py&|Lx?ch?k9L+Ej{K4AvG(l@f?0k_S&U7M2L`-23H`^XX@-}DOE^J{W=Nh!6
zRZugV^G(!tI-`^QtiIy*@m$H_O4E|MtfitK^KXtqKjcfH?7eTVKUf?m#4eLb+*Sd8
z)?~Sr*J2m74IpUXX!;R@fzE&~J>#z{SXf&l$p97y+AsfJQ98AfGEp5<zfY!!hQrdy
zdCUuVqW0opi*T|_^URsayz@j*`7!|urZvg-pZ40s=dg59SlI~2lOMC3RNUryvVkA`
zuv21gg#sDGB&5D4n?XS@`k_G#f+5e64`bwsET3IZpy-)vvb#2_qC_?b4*w86<dVXW
z#<luHU_al<{`$m-n7R-e^%Uo<d8-V@j4jBZf89UburLwDHZat;eZGISO!BC$TD4%~
zvShHpLP5Vh&^S=Qz8&KWs~>f}^(L8)kf-28325DYYFsthk7l#A;t*~Ss2rCgO-HVS
zB~?>mzbaemoXS04FkO<zCi<vCD<SZ9%16YOr?-TwuzDe<iky{n<;1=(y2XjV?Chtc
zRDZ`OnvI3>rPG-}Gck;IS2ca)NcT#^VD3tU#!J<ZTmP48?n+KPk7TL>1g&t~rb*K4
zTvIMvchY==tT~{l>vwG;CIyl(^hh7H$TFhH1cH&}x9#5R7n8PfLeVfqW?P#^dYl)&
zqospGkd3pRM@9kByQZziUdzv@r7&L+EB9S_XTtm%ZB*JT;NN|~z0VXtwx%iO!7q)P
zvSCj)!QA1lO)g-tt){7K0RJzlx$!ItGJ61|s4#rr=drt_1SAc5Pf9S>O_EzZYz;23
zJkSD6O(<pg>>e1)v3(V_o-HPTK_w>vH@meT2!sqSaHPV-nHuK;wr^^EJqp#QGrp!7
zM{vrEX$}&wVK&gj;hqiDsci08<tTAl>f4uS)rYp<E$A*LNA4p>&Q$2LC6}XY?P3z`
z@OmCD7-?7C{5Wy-I=G^r*6QNXEt(dtSXdI^E_B}st7t`OG?5S@U8%KY&EQY|DuJr!
zfdwFQqB~AudPB+F#Q=7h3TE^CAO+8XGEdu0gDT=SE+y%OcvS1w>Qx@%XZns?sCrn8
zibo^)<dImyH3d$lbsE>Wt$0p81psR1aCORngYG{-ws?H1lQ-QvJp=b9X><#MBJ~?>
z?Dq7hJy%0~T>HqI4D^5Y_71*J4ekFS70C)K0(F18gG)+?duA>J-cqIYXq(#sE;DkZ
zy~YH=pU0Q65p|9>UCj&uv?DfWh~=7H+hl@Dxg|9VBMbm_<m$tg<sulF*Uh&`V+&$x
z5%i*Ne?r(T<12`{#a5`(0SOWARw2Ez=D29T^%(YEpWqSa{t_%S&KWq5lHN2y-g{MH
zVmV-e>}TjO9)fi;?{x@o?I?BW2#DJA<i%0trO4&_xV8X=m#r4fFE6bYW=n6D;Yy=0
zLyHg@a0G3HY&4n6_<jY%s3J!Sk2P7U5)F8|1oV=;{&Jm}U{ZfEP4$am%t{%vt;7Xz
zt$=`Q^eDov{Y08Dr&gMmLT3tJg)aX`veo;c#xbxRAQXm>lg;euw8LWf(q+lTdDY`z
zdG-xwW$U<Fa4QzQY=Xl<qpIV^$67A5&o<`UKS)6@2U(gnJXWlBO9+Q~q9F5UqUqDT
z^aG1Ram4}WZN=c%4*IVZnZvJbX${P|e%KyDcZ$KiL%;FZUhMf=-J!2{4re{(nDSt@
zLWVw0P+^|u{CWq#4ZrdNdzrP0vMSNmx~^?C#_^h90_Swg6<W_*-S^%y-x8FC?;x#4
zil(va<Mfx!`)uo%+uOr$?B?5j%BP)QLxcVam8QOrxp(YSwwY_z6YnbkxeXDGY;1mK
zpC|2At|>8E<l_RMHG}mQK_ApeQJDWHcj)|3;}CSuKw~A&R*M<7>}1t9=Tbee!C#!=
zIW0c8g=6P{!k~zDQeO|nf;)U7epI=%32{%gs9!dXS3dlJM_f4nyj;6<zhshdm4qGS
z0zyK=m4}B$JHR^^pN(p#(nS)<*7_aRPS4g)0mye@FRce_xw8*N;=-k;gwt1Cq6bt@
zcpj8r`M&%P=OH^~gD|>@PfX090)nO$1yLG8Tsv@mOS^<8$_n@LcgnN7TyEM#FFUS_
z*1e$s@Xh+e>d(XY98Z8~-K0+_>EtI_ZA=97UCg#Ful`wXxew}x!%j|hCL)i}m$=!o
zirV4*(<UY&eMh(hADMJ{I+dcV2`L=(qYJl~52<3z)_d-43<c#ew>&Ql95s1dQ3M^k
zMBl9J`EVMUot@*7`^2o0zniq>BHgc<YIv+R<T@JHheF%Vc{=oJ0zb@aiYgVg)lf--
zw#v=B`s+0OkYw&(6*)e?2bF93g(SDw-xr*oSJ|7-%z6amR6khBUE#)PdCAUpUS00u
zwziuYN|`5xUkQ}mcq>B-wQ3t|o|TN4gTZ8#xCP14!pzDKYMVGVK`08Ql&Sq|5}H)a
zH-%2L<E5Ahxg4FIb*!;oA7_!%>VBvaGb%2|uG>i~bc{`sJ6QT!LrrNMXR#QtlvRcC
z@oM^16z6!Hnw;$idc})-)KBhL4dg5UsCU?2p0+7R!E*h6I0#BU6u8sU-R1@fM^$9=
zVAj~8_VKz<9GY72*<Nss!}pl0bIINqNL-w;E>_7+$!Me`#6dOOExIgN$<!VJc5I7n
z0u%WlWi^(Q=y%AvT5eG15KYD#7hjF70Ad}-o3@=v0TO83BKxJv<OR_B4kcKDrPbm^
zHjo6zNs-vUam;*xz3NPS_e~je-AlJb&PVtqk)%B{@APbenApJ1+)Ggi&Li34KJX?y
z+~vOS!?a7PU6o)paZZr3Ajrv1utya&vLR0uQYB)3(0X13aX&D$M%I9~H8lfV2gpb9
z(6&xr`h{F%wn@dU;R6J?Ic{^#9|L3`M9BX<`ut7e8<X|w1g{d<@>hhEjuio;rKZu2
zHn;xaFch2brDn)6Pe6G%!~**D8$~($KT6$Zu7|(IsI_*r)ybCt!7G_%f()fIs;7HZ
zXBp0pXOM$xzM^{Z$I~lsT8NtEd%u{KKI?M|oY-dlFW*UKU9_tW!mQ-Vbf*9po%Um1
zpJ9yYgnGWdTIXKY+q7=!&-)W<hvU)JdsmYsAsc1tjWF?$hMWzd;kCWF223K43{qw=
zd`swO{^_$Bmc(BiZ^RaO1k`6rh6||+tj(r+Q<v>(eRbN;GE>{vV%NV!-fNtIWYd>c
z;8B%cHU0I~^RUz?zt+PZzXhS~g1&hSqU08Cb$a2QoJeh%1q;oAli3;EQ5qeieMh1<
zCtm)xpeHQy(K#b#vE)MZcqwdF^FsMz&3*vT%BWG5aA5mP|6p@~PenHVhnM`_EfB}V
z?8lT*2Hjp4-?lpC4rlQ)d|{%ZWW5nTY=JmxKz@n3S0=LpE`Yq_OI7hY%ONJ%B{UVt
zI5?1qAM=(L`?)9P^oj``j5HNJWEl_KJ<dvvD<giD>1jNm=GWC@khzOl6SR$3vHJv|
zu%f?CMXX6A1(lV@`Rz2DRE;cTJm?!$de?8Hshw@XfHnt(@#K$z*XKH=YUNcs0`A43
zLJ>qALv<!K<UEQXFDQFam`;VNv87_rP=ku^O8SCne3eHjn!+Fs|I;|Ts!r)UL1*#6
zt791jeiM4Uq?goKTU~p0sbdaU#H>V>OcqT$SNg0)&Z|OEP>Vnrj_u!HKb*jzum`{T
z(T%Zf4|k=%Wz$GdQ1BV$t2sw6nJ!lg$`tiNilj`el@~zHA&FMzE+wD~zEuPFzm9m{
ztADqnK2_%W6_dy&u1N=KwK+AGvY3&({JQ`bbeU>WSfqA5;Mlfub>INLkYlt#<~}tE
z>M-<LZaldZyZ@}+qTgcM*e+t0vi$Y=>Szmexb9X-;Q;(9=*i&reZU&DbuQ-5L#Z~j
z51@Rx*Gnm+r#YO|(J_**PH6{FC&b6O>&+}qDek`_i%@08H?@fRecWj6z4G$-xY17p
zAd3;QnDzx)HT~S}8yU^oGB@4^?JRJ5;|ucRc6lAV%e^c|PW25`tIzVxi`I=q^?VoM
z&%)cc8?5cxqi*}#yXJNEH>D+nY>U1YX6Zzl^D~h(mOsyKAW9X|ZTOBpvn|}{u$)OH
zVwr~aso^G3J9x4vhc`46E&e$<`<)8lKb(oq)}*Zj-RXCS<!xN|anT((a^1DxUU=m_
z9ehHKmE(doU~J_3n#lgbWPo9^IU0n`J?TT72_zo^RZd7R#SiU%9(N2l`g_?flO>x!
zv#;4MwVjykjBs21_2u&UsmC6eDv`FiNMm+TTYq&|oi{`(Rs05$dnsQjc+N7$vvWSX
z5wFk70xO)weaLuAgvHim<)9*>wqJ!j0QBag`*#U`lqJ(PmZLeeW_=x79YYX^Z|qF+
zv6&2P39|5PUt(4YlQ>10d{JS9bozw?(IsBAond7hCtzf`_LJkQlv1iayV-Y-#=AEi
zP(Zet)$|>H=Sf0`&C6%ELY{{StJP5nKz5t|0J6|>Td%TlvFPX#aCS{<UsG~H%Uh_{
zjp_;^_j<+jN=im%D9CC|@COm;AT!K4-5j#mdd_S!aWi1P=pT^A?-fJqyk?g>4YC1H
z)%g70G|varzRvc#xF|rqt^Nv*r(XqoQmH@qC3Qc{KwYR<m68&e1jw&Ub{dfZl3O+g
zj&E*$HE}c)DUGir5$m~_hX+pei!{(ln*t~7^6t%%8Zcvb2>O0}+6JMRvH>ax`qhpd
zfPASUti^KyL&Fv<c6TMgq*b{iIDDej{gKp=$$0qQpBF)J>8it^WfyDcxIqHmN0D4>
zCVhQC7GbLP=1oZZ(VF<gx72JttC>Z{K$BbY;^4v}Afg50_@h}mo3=ZUT@Mf3kAQIV
zF33c7*ZDYlB~_z%EKbfz@pxtPv_5d`9OgI^0w*h`E&&h%xrZtSlTQB_{3PR3wRQfh
zKFX|%ES3NGUjRV~G*Xxfo$Wp&$|ItG-t`fudZ>|nEEU1O@;&b<xxf85hjg`GZQZ67
z_-kHSPhP<X0^?>z9ZB`8pM4xLN)H~#_eQQrZR_J{wr2uy0Wy!x?|Qwj&HV;d`(*;S
z6#{AT2^9_Q%|gz6`h;s%MGhUVX`WLPRibZ}?XNHQot|#u68UJWWVFyLKhy|h8An`7
zWSA$&9J+~iKeKaZwbHz=T?B#}_g%w0&478~7aAO1AN}VRvsuTfmV1{m)IrV#QBLbs
zH|v<s(~V-Sdgx66oVL)TjEFUMiE<M?x#f-RT`xADE>E)yeW^nhZJOt;d)_bqo+Xwv
z7dW{@O@FQ;dXv*iotD1H#Ek3D%av?aJd$Z@E?d9$w;J;;cBz|Z#O#KqH{V(>5rUEN
z?wZWn3_Y|4f5+Mln^Lqo&NPH$lV0WJw|=&J9#pMAvDVTFw-?xc=E<~D@z1pV1~f@-
z@%%e{g4TpHAWo#T{#crl)X4_fy>sOv8e*9XJ<!y_<k2m78(9i?*O^Xi+oxG~e7o&K
zN#)jhBV_;vlBdNNViTRg(}ayLJPRS&xz+454Q=umzCMK%TGzr@VYbtxIKk$>i25%V
zJ)%iZ{6Jpp2A4Oh-C^W!6Fv6$n{oLArcI5Ts<M?}+oNpDzJmaq!veE$R+gYA<*S`K
zy9;#qA(?)=r8#t{FQQaFr`rhNO8ueHnH8-97h?B@lro<uwXO1}%BJl$O4%-$sw)jU
z6&*V^iE<^vfOzw}a;3Xfu~M#}6q8Pwb#ZzASe6%LFfKLB-~w;U%i%gAd9o2Um11TW
zmJJSc@MT9i<*x#qvqA|N2-K+pqL+Ipul^(R{y(<R{eTLaJ10colq=2Gme-=OC(=*D
zV|IBGQ~L&j*BOOup1o7Pd^X`6wVaajohDntAb(IL6LX^IZ8o>Gc3!Mniv>*7OVw8D
zemG&dg!GBx;)Pv^d$yyP?yn|edK*o_nwq``mJAhb$e7}yTxC&di_yxLy0@9~lPgD=
zcd#K~nS?dnJv)tyS{XA4ZF56lCz~y$ZfK>;+bEPil$S1qW$K7d?ww(m0j_mJ-fVj@
zw@{hiJTC^of}<rBT2-In&|--HnV-7PXSm0yFkjkb&ZRC#pGlb+&Esg#Qe~puQ~$bs
z4WAp5z4zUaAyH5T&y(GjPqyue3@QU~I?B4|hsyxMplGufxPpX3$tiC+oORG4&|_7P
zHrwd-1<&YmdqvCld_QMR*plp_RIXIDrL|I?UIG;-Nt-n@6Nka9Hzt)IoME|8te75V
zKC?I_Sq?{@eDEnKN>9@^4J*r{w*`;@AM61ePZw4L(mGmHQ%bw#S``%`#QMQz>#e+U
zeRBb3mlW5o=dLX~MVb4!WX@uh#u`=c2#3}~JA`#J`0d`!vv+u+^XQ(P{7x;fh_pmB
ziqWnEBF>h|Z@Gb~E7>Ab?*8x<%@WO#hS<Xj)y^#I_dON1(Os`maY<=_lrR{4Sa6Uz
zQ|+ReCb#hWoIcK0>H{h%p^JW|&d+1gm1CE?5WIpeHIl)yM(Y*LP~78X_Qvmdv&OkE
zo-inZGD6Jm$)1=b>hs#o?UrYsiHVhImeawa2URRtfnu4Hc?QbJPSl0{JFg!<G1jHJ
zZSOLc!R)ig!Kf96ea8`h-XTFx11j)Os@KU`eAl9NuXotJzV+V6GhVhY2ud?8ZQ`<S
zPhA92C?q|kKEVu6Hm}kp1uQj12CR@7^^-hA&9X8~)kggC&8;=8zIB&jj!Jk*%9H1-
z4*|ejfcD1;AM5dr@vdI7d{!T}`ltP?*hFx<;YA&-{G>;ttR@FaM+PGUuryyh$$|Hw
zhj9^y_Ylpz+dHqk=c21TLV?m7CAAK5GHIKxXpub5>t$u9cSYVLumKdPg2IK5`;emg
zj-!?LZq`KO4=Na9vUrG;nZ89rgj6<UK7i`AzKSba`_1&&i`Z1xLm@l+s#kOVxDTo7
z`nH}IMlzQqwRv_1yBD(QzeYPcqK~t$C)R}O9c76ITwT&TK1dCj46_JSd4|n3WX#+J
zo%tnF$*4qH7gE7jta<bO99;vuLU4$1tmEW%lif+TMebKnPvte_h@IN6hpyPzmon;F
zQ>}7UI~jDJ$}5SP*`T0Q7MM;y;LkoM8=&13wo50NWgCyf%AmXBLuFqNRwZT9C2xO=
z8)V~fjn4l-9^^0+Wux9{IB&ivEQSm~=J3m9X6Tq7e~Ie1Up7udC7fm=DhH<lANux&
z($uQ205@l@Ov&H@E7{8*(<$G(@EPxkc2e|F=#9=bo#`pzu;}mv06YB_DJ0YDlPzA6
z;`z~KzYAF)6dY-Nb-`-TstXh+*w2sEccW3VaWO4nA1x)V!I9|X`$MjwMROE`IQKB{
z<%#Zx-V_N`(uA7lM~}VGfkgFN{EijV4DBu3nY_kIiObvOp))@*2zkEm$oOiJnN9P?
zR3W9@;Zlnt?0WGUJYTQg*W6e6gXIGnPTUNu!4;Wwky0)-P{p|G)%BodX>?3Xs&BF<
zpfP&fSg=BRU7mx3bS~Fl&+0W84#+Ndt$iwtmkY)`S8k8GV^6H%p(#dSKdTgBbIo{6
z(7Df{kKW0I`c!viCsOcj^xlakgAYiBed@IK->Jbzmj+U)K@UhcO>}#AZ)&~luO7pA
z)Np;}C_<b~@21_Jd~<JZtHB>Ex@WlrcO~YJ@3xKj6M6jRND^u=iF`(1BXI%+Vkr#F
zQgr3=4L~)7u*eXJWcmahJ>yT8wJyn0(c$*iXvkG?yU83w{Zi5p2~#*X7uf;$j9fjO
zk4+<hmTgOAI7Es!EZ6H}v;Ro`XM&XUb%GQd;8#twKiB5HM!vAfO}q7y1b@AjcJ6QU
zLAB_FvAz~m@@VzBbPKqv@v>x0TNLoY8TjSf(^+g)W8DYEm^@~^hxm5sShmnrp9)(7
z7DlHfbu@g1|8C(4VSb^Xl2?3mU)1mU*ZGt2sG~gITegW&n8t21H<YqSQoEbBIp6cp
z9HWyM$(N`Lam48Q>!H07YTZ;)Wb-tMnk{`kU1(%1yFhuFpq86SVqn*qUkU{oP!Lzc
zly5@L08|G!`p}n$&9kC4M*)?4^GvL{)^>s))M!H$@<U@YFE|(VpvTfDK=DtSNBpV;
znnHb%((MJt#@9W<+#s5!W#4je?XYK-h@Uc(b}79~ECu)8R*5y&=|O2x01x)pujoNa
zNZ6VD6}&iau7tFks*ReA7d*TND<Z9*SwoskGB1EE(qsgke#?u-%F+DTA(b|-Ox&qr
zFZP{<mP8v$Xg0Z^M?9}d)%i-+e*JVnN`+e-<$gsZu87m&bH;Pi0je?AYrJ}33_sO!
z$<1LBZ{BCKTAn*I8rl_xn>X8+=X<PViepnHa&FfbZRCNmv*gt=B#g0Q+G7o|)5_W9
zqw^JdpO*IhRorit$T}6Z=2Vy)MO1g+)|U!iT-W0OCiWhVG8y#Sbm-JJjG#MAKCyQO
zksA8FS0(Lb;!4_Dhrm3fH=4A+Uni7qk!U-NHt3$!Vo<w5*uL+gdSkb|`eJ_U5c~?>
zR{QpV`0<nVyI8Yaq`H3t6URq?^T72D0N1x8F_ZF4d<(DUI}CrusPi*j`~;Us#MLAT
z+h$G3eFK08%+J~v9$^sq#GG#aW=S|-%eT|7ELpL(`n@?X!!4J{HHsg0F^egrZ^Q7*
zVQQQu?<=)KWRxujt=LIG!h^p-Cq@`~=1tx=ZJ6v~m@8tE%k_rtAlf;+Tn{CZ-k+4g
zEkLvJ82czoIP>Ln=nWp`&TS{p4|z^vm9~Rf<Q>7~z>J=H%n3x=x%}k9+eRGet3eNn
za?^<+N@I>nN#2%#sHFB0pP(MHCf9VtLrj^>uoemT#X!y~h{OHtdWUDucbYNhtV@CR
zY8Swpl6(CM=o^HpR!Dt#-P+p<>y=HPpN3ZyB?s>{4;{<bY(Fl+d(I=dl4)gB3P}~&
z`kJo5G5tj)-ul<5ke%inhn-&CGrBn*3NrIOG1ItVlcV6B3H^ZA<s4Ubo|LVDH5*7=
z_Z?ohIA(Tj+1D!pUTW9g$6-b5J-xm1hFSNT7C?R;2x67rX5em_K}^taWk1PJ`|rzj
z?m%+ytXcyBwY>;(OnNTh`hrsUvx+BE@ci+)@HtRyxw-OqhEV4A6RmKc`~gfQC4fmq
z?6hK&Lm`zVDNhPox1VY(G>1dPYd5JIibs}EHZ=Y%4YjXgVV5vh?&}+V*uLlQZ?73m
zO3TIqs-j6lZfs9|C&2B$c;JVr{v{Pz0%pH{@z{{fRuWXAZY=*3^%-gvRN+7rhPv%Q
z97TKwAVWG=3&{;5CLWDI-HB%xt*>kOpt9VPGvEB6MZj&b&=as7$U{-z&+%)I!M!zu
zR4rR<ma!}1WpUhT0Tq9sF;UO^UXT58W#er-IBf0oh5f(tTUQp~2X@zJm|8Wm<%ibi
z<T_J>LTwkt*hHHEZlaJomi6@R2$#qRsOr|nb&j11x<k=x;kM{`UMYWSJT@#xm;huu
zTG{t{-md7AFyscLx?*SVwTZmj7`+{Z3^Wd^XUC6@51!A{Zmf46`t0*m6@GA0>dY9m
zP;Yw{-g%{a6WN>9#rcEVGs6ns@+$!g=_Z5j2Fb>RiwHB(jup;fbCuWm{aPW|j}b|p
zwE4Qfq#<#S)Jlp{WE4oipDUzqX0VKk-fjIV^KUrw|4FW@-$`qX+L?Qj<%?U{pP%ew
zcyQf9Y(8??IomzmciJd5Z@r_{=fl=v(m<1_9e?6@PVqSb5hwdA&$1N|%wnpYn~1Q>
zC>K00-|A4~YAE%qfZi*{ffASZ#ERPpY?*&|(sy|B9y$6{N5=JxS*9pTHxEt=e~`*~
z&0cS+7H&YZITCXy9#;+2Hm>sE7mwIiG)ku(mPJZr3tD~Lk<L!#7Om6w?Xupi5+;VG
z(wX!PJzZ~eFC_((JQX=EVI&)3zGC(T=%IY;OcOxdI=F5vY!;g1cUmeuJFjPWfFCcl
z+wkKcS-<@4$`{~#ck#o^K$-gK_dLwap>VBF^h4o>`=*zOH|Hi*DUVQ27D+w-6@L{4
z00|ft4X}TAgUU-!_1c&Ji@mRmi*j50wlF|YHz^XvMjAxAQKY*&1nH7)5D`#mLAs=2
zfT5c~q`MgyU_iRNV|drNw|k%G>~qfJ@%iw6*&pOLjNI#9apnJtRWVg%YbYMwcY|Vr
zXfmUw_JoF&yZ{G5ccKd$bF{KfOzHlu{Ag^R58jl)Wgi0T-g9u599+&<5q|Hx(193c
zN=ZfO2d6JQKJ3hT>@a3VUFvEzT<j4D%DWy%&5U<1ZD$Yav?yp*#yYs#?_71RM(I-@
zT_UDC((8=u+sw+NZrUvQdN_Y1nh~_>zFIi8SAT=QEoHY8LV`i8%fg)%Pot!6F9u;e
zG<EPK<d5Q45f3k)fZsI#@v5Hlm*nXIUdaC(K;kZ!yFb5HjxafN+4}tY@=HVe&Nw{N
z9(^?Rb~2l%c=<UfbhX1CtZj(YjdjU}LLLW_0i#}B?~*a*%u8Q=yNR%{?slZ$8q-b`
z077Oy8b<#*rPnnFskxRs=%Hy*#~hs|OXhghXfV&|w(c8WyRN)+uWV<TDsOr9K~dVq
zUx(ZAIbYw|ADg+Jsrkr;I``qjTIHIi3f{-<on+fRwyszFkxZ`{d>Ail*?AD#ZC-z2
zz_j(yHZcEV7rf{YK(7KFgEHQfxeuG#p6K)P#s-y{CRK5Tto8S_axYIkyU2~OTjM1c
z(>@eyh8z_J<N0sjOgw{_C7FFS<tLX653-7nJR6gsP+v5CslTsossqst-Q#qj>6No+
z*+$WT5JG?zZWx|=zejgR(8s{4aewvAJki_z2-2P2yTN-STSZmDU9N?<visJfjJAPr
zU|*BNcCCo<4ZG~FJEp((Jaz9>?r}?|@@%C{2^5gOZy8I&tZ5M}AdEebb+cN>KGBgi
z&s#VxZw^YaKR}~EzUScSw^Ke8rbn87gpy}L1D4KB9V3t38mQWtEyjzrK?c0R2%{#q
zWFnIUNN}=nIRyNWdvJnVu{xw7)ooB>JCczo)~)R>SvA}Cu|Lziu&%f}ZP<A<UWi@>
z7l3Y~l!+nd8DYB43{|9v()C}LhhmShNgs=XT1iv0miYuvIRbiZJ%r=bn@#!S(3o`h
zrv<j~GZf|S9hL$T)2-BN@<qb-AY@hIJ^o(E)nkl8J)V|zb!EiXrn`oM&acPRK)s|x
zWqEsS8<dl#!5k<oV)uq#WXV^^_stJftDW>VZ>`wQP2A4qNx?U+9%XhvYHOC@-vq{y
zZRi&tgOR?*)>4e)CxY+iyQ0sUjpjO-_-GR`exXAY8bFHOl5=xS_{LLWcUVvuqXcgG
zvPZk*#x71&kh7D`W^(zg?89}5M$B1*rkygku2#!@(X+LM33B2e&)B*fLI7&4P9VOI
zRcExKg}bwrUIitJ;pLvQTUBbkNKiSUk}pbIWb8wr!c2B0{6Q1P+3ny<rZ)uz=@E8S
zwB}z)>9SS&GPV0B^_u<N_emsQUJBni7|jco#Oy9_GUY*m-T}>|Nxiy#_frs(sm;aq
zFyg}Ab8;TjF`7!R?XFuu>HWj@*$~jBDYd|6&ev~!tx#MMR26waFW<;(!WR%wD6;PU
zI_6Wv{K4WgP8aoG*X^hJwT}-l38b7J3%89e?!i5XKXW=Or>5O<v%&DIh8!95YlV3R
zz_^U!Yxl=$=5w2eO%m{<i)+!&L?zo{K(+w!o8CERnc-^$oWZ|{h%UadPMoV4;*Bs%
zR7Un;Y9cM9*;7n=v0LNqv|XTv>@>Cp_C{_b`xVQ4Th|E|qmc0Q{iwV%=V`L4-m9-G
z)*QRHLE+2dA&e#amNQ#?a8Me4m0^zcL?rEzkwZss(K^$#M{h~H8IkeqqwbP^Oiiuy
z43-TZz5#R<mij=mlLWuo!x|U<d3~8JsYJ$O)wS~Jy_q|QGdJG`2HGpq5%WJ!&JqQ}
zYqS=5AFkz?i&g_3W%?N`=3^bjqX4O*AlhszGU^uJJSJy}&se(-qD_!;W7bGnR%|EZ
zp86a#h|`h4IiBOMKjDK#IO8RMqdl70Nb-0Mu^9;J6lwbTJ`FqnZo$mT)@zf|b;hb)
z38A}EDM<=aUY;KEQiFU0bn(KDY3FMpdJTSRjZzN-my;N!_B7qPSjpqz@ru>h)xKh9
z+WxiGQC@0BSP#2Uq9MI{JA4!-RxoZWXzI<Lpr1BZ1F`{>!wQeI>^mReeM~_{oumi2
zuG+&x_;gN{o^Oqe=;>=}#^Et6RjEfT%N9L~8rPMhdhL>TxbffMF-}<MYBl<l?Dv<=
zt49l0H-pXv?e7scrlbmVg`e`XKfT}=AS*<r4k}kT10FSwB~a5AJ9XQh6k=^jk{T^E
z1F9Fi?;j`-d|9{y5sq)&mnK}C;_sL*${u7HEk-l$&Sb6kIK=mjOZU5v7PU^{?<$6M
zF0$zdwz1?*zOQ}G(o?t->vX%cg^2D|`tz`B7Wy-vM#HWsR{N<Q3%(Aork5|&qO+W)
zP1+XUmXz<z{PJR`_`O_XvRshqQ$#m-dA)|jb<b|ycV->p-rW=sya9A}aUR)f5p<cz
zT`BRaKVwVtXh5pOO(}??i9x31!^jLJZ$74>$$~5K@xb3D?&$3aRPKFjhJYTv*$#TI
ziacd$NwJk@EZXb$y2R-&oti2qCmIVDBxr{_+8CuB+XXtSJDD8iZzJ3={O!zjK0O+T
zbzZ$}zkBuaEGtZ7omeT4<($Ew#}Vz5%Fgn;8C||}?9EGVd8Z&P<`<KLN|S8@lkxQU
z+1qoS@ek6-=uAc!Qye+$m%>kqLCXN(joM5#T;p`!N{!>PSC@|GGpOb_sCI;raeH(W
zbkkg#T)dU7+so+cu|dL?xnFy_SEZP{`F643({)K>(S@=JPeR`H&FSX&bl=&m{tVI}
zN@=1l!oXlM-lbtH{N&9zH>%e{4}5QYd>DAg1t&IppUac`6BYLpCT=BJVm2pD;b4-4
zY|c^M15lH1<7mCS#D$JaS!!{QlCq8O7U9y-Xy-)HX&-oq&Y_&@(+h3k4E+UQAOFZE
z;L|8IPd~mmVlvOIUM6i3{RlOPSFg-QGqJ)>GZ|IlXxJU%*B;KcY$LWef=!T>OB#kw
z;QW04G~n!IDeA_fA}n<EO!W4eCOR1{(x!7)le_j5F&_umt0QQilj_coC#awEI)~8*
z`q_Lo(fP1Od|BO6k<pqJTkgb$<KUdv<(ChMpG3P_1xem&>NTaR51b5C=2v5HP*W4C
zziV)rC<_akex5j2)6NXmg6D;m+rWHKkF|9?@vd-&bAF7KMDe+7n{^xEyKpaT=CsVu
z$r=6nEN)vJE2<(J^=6o2<W`Tfn|54z!gzEq2~?9`9MB#3iu-Qs%NW*H%B{~=OLwzz
z>9NIyGBTx8ys}In(=YZA9BQnOY~^R~<tC+kw5uN7FpN$$|C)*SG2AY$toChKv`!P}
zik8yLrC?6RD*>32$XwMr(M360_4jv{7qW{}+|kC_D(q?K)=EmRjS(vRD-|}L`<c<}
zfFr7|=eeie7F-$6n|4hmJ8Y%767r_8*0n+q`yyh^*<Jb331zD<96!c;>@v4br;XLc
zr9<N*wM&@AKmhjFHnSzdfV;t$8-+dHo&<<YowC(TBzn??O;;m7QL@7A`*-^%Luh&S
zz7ourCwQCM=d_aQktpR?uQSyIMIvkOrUh(7CrHF1kJX>IS2YqvB0=!Lx#8tTT(Iw4
zC2X~{XS#SDtI3IV&HhTK=JaBv$!v~TVsq;Us5h2(MHA*8sNc`GIZsmN+D(?FRR){A
zWhLn*WjdJi9B_{PFsP@Veu6q{4T|TUg+R+%ku|lcBNT7$tKwzn%YfPlmN#kX+>UD>
ztZGNU=9g@LcF#Zfbd?~Gm`RhE)s1JE`haH*q?@)(QIMk}x0#=?uyvwJzCI9c4Tvu4
ztZd1--Jj}KQ3%YP3I#z0WwY$_?;|h6h}!zK`w9R_f*=l6e}?q6)@qP4UAfwod@ovr
z>WVXPz>}X-ts5HUCAx2gjycbhBK@?tx`AJPX0*=tIW>C?<#l$>?0yoJUI*kBtErwu
ze$r*vI*<%4i{}b`;{A}IL0i8rNU!<A9+I}y*!&j8oojkno`F=T{gq>e5ufqsk@2b`
zTSxwFo^so6-u>|I=o;?h6*t~AoRwL^M1KY?u1NKoI+x=$Pua1v&)(PxR=K#IXQQ-C
zqvlGz$G6GSF8LQ8-DVer<6OIWSK!sT^A|2%{f{3WX$j;Ta|x*>o)nsvrQtmiKcAq&
z7ex>Tx$s2FIn_blX?8-1JH46<m2qGr-j7hr5%F8vkRa~fUOy#LFzhnGBhkjxJ8|&}
z8mt;~)A?8;T9+WRd~FubJhi2@%hn+iC!|Ar5I*rx(tk57h7BI$U<kp4RV%Z01yi!;
z#<R@F#HYYeY*Uak_)Bh+D~S{YD?}zWTuP^&!xLxoGMil){Y&Gk8CL~+`>9_H6uJ5x
zl(+Hc3Sw^JxpolIA?7;HVCVX}gd~&#YxI>qFN|k1)$WhTgg(_z<Lk3uEGam+K$`9N
zRNM@%xNShNMC7j=Xfy>^vORvO9#5JqPAZcf`BY}S$}SU!2;f90Y>ZTS(Pb5-2x_8;
zJTY6DC%Ho&R|!5o$9O1p#Nz@jb?HqA;yh{@HtRkwv^<;k6caa|Z6&~IuVTKPZD#K#
z-O=9Y`c#aWNP~}OO{($2uM!91*aW<&gD@uDNhC%Fq9=%fmGD#%e_L`Q#mAvpyvnWm
zWU8n)OJR_-S~6JPp;^r~aB%wl*T`^_XCsaZ;`zqo_CrAujIc*xU9q@yZCocGTHj<7
zt2ur0nF{q=gY;`+lA$~rk@js%+)i^@&3dS{@nvqMp~4&s_6hTTj^mE!oe6@}&`3ka
zzBiW>Tuwq&b-l=#wWw8DaNk|{-$>&(@=<>xke`X)V=tEU<q{@_KaF{&uL8wgRYl*(
zx?p}3k;IANNHTA3pX+S-8Upfu2(p7o?!m#=#Wi0|#5=cEc%y{=ihtko!XEcpK)*D9
zk?y(lv>sYk)o@LZ+9?_#L1il#%BF+w*t0AsXLV;T)-$-XbS&MWSF(GbC|~0`-`+xW
zn?|8-+4+mptr-anh{g$R(mS?YhqW4t1i6~e@wf1RedzHtr$&1M6E{HgQyE;_<5O2T
zlAN7kXuV1-zVHYK=`uYSWj}N_o?Zako~3E$QVnl%?@N?<8}Bd%Q&UiN9^}ilsikLI
zI9|I=>d#oZAUSx+-|)WNkFbxxD*@W8R|!fkR5Dysi~?B$KJ=oYU#}A2pKn{T%OaO1
zJN{DCTVfWOQ%Ud2eS_yfcBN>-%V51My}lGc003;&@2<Jr*bc2$XC5r{%pK5`d(C06
zkY9fC9)cO8Y2Rp2;F8EcpfUd%>x|ea(bc17-W1cSYPLz$qhjiOUCfc18}C%6zTUv9
zBY_3Ys%p3cL)-KNnY!dMqz5<Kh&klFejcOhP8aujlW?r1oLx>M4C>DoBIgqUnx1?b
zw?EF^9GyU=x29;W?bG68)3a4<8fsFh4qWGn{N;zlN6*v+U=B;?T)cqK2#8`+Lec2e
zYax3M^)=mKFYl>>=0qw)-Qj!!=^ZOYXKp<_QYR%JJeLuN<9P8bgq}S@FQ3Ziy~Bh)
z)M<4WuF;Vj?(2_n(>LxQlE`|z<+W72!%}O(D%;2vX4GC8yPkh;8SSv+nFn{{JHa4m
znKY(<YLBR3un(a+6`98da-rvwprDd^>Pg{Om4=?@MtBykaMY<@OX6k1T$OidQi<WP
z*2^h9Lf|*6>f{^urFN(6n>N-PGS+NJc8r&pLAtZjUJEU{?gz=0J&R<Bk7a2tfv?_~
zrj#`9E1`D|)s>T2GL8M;g({#NuQ|-C1gt7OyO*}W#)Lyz@#tv!UB=zoEv!4pgJ}_?
zY#LVh^}Y$3#o9you#+W7a@AwI)jo<j&}PS_3N`6{Lw`HBlpY~mLwKh1wR+pZe{I`7
zxMF@yefQo5LobN$Ese)kDtfLGJ0e*t7lL>#m{jcsn7pTlMuqW{X`L8+aOPHra@*|J
zqKpzMAd*$eBVG7fT#i|&eD|Zzr<2n%RKvntYOSEz8Ep5+l4QEcJtSf1SQH91N_64j
za#&HFKY5eg^I2W#tJl+D!5e&!aE3i6o+_!&j2%xmH6FRMQzIN=Mr~#I<@P4~K|2(}
zu-Yiimu|Kld?KlvtUE0V`Nm5FSp@@q?d&Wc7iW*JBg~GrZFs~cCS0!%=Sr)9<RN{!
z&Dbe!b6&eM-h!6<wb`~7W+cUm`Ba@0KK9+*^EnUQJy*)N88*N8Gvfa`;#MT3Ux(o-
zmoFVb$*qh*a%Gh_ADP&Udv@5Zn%k|8Q6(`E+|9rJqK-@Y$7oj|i4zcSXRj^2SLwZc
zF{pIGGI5cjjNwYTi8X>$VYI0Mu|RjpzpXew(UXr;S-V807b$;r=FlkNE$3WRit#ud
zZK`a~9jj`!{8m!OVLoY8`?cMn+vWSP&6bqlLDxLk7b*4;4&}uf8@hsqse%JNf0Zk5
zmmn%t<_GvHjah<zgA6f?&Kg(*y!$6u1-56EUS81;wII4)7%mM#qgI3x3>DAlU<Z1e
z5Ff%I>3FWeY`L@k#)t!pQ%cj1$}af}QxXjR{oOoOLvM{dT$Vf88`dLq^19xcL96(r
zIW|+d44BDyUQR@*78`Zn_HVb*G-pqXc@h9pc2zA$3`}v_x9o>+8#Piy;xG=YxJdEs
z9z4JvYE{UmlG3Y~fGV;G9Cl6UFfJbFJqZtxPEF)oG?Mw$OwS$|FmaaWq?#>zM=j3G
zJm1)R7w(_HOGtfm1i3vLGJT~vuWARvNq4yX$&Xx#)Rf+?F7Sa!!+Y8t8pSm8d9b0v
zxetC!_h16iivQXAJ>WQeDj;5(ghnhre|Fl+%JAQF8vb;p8Fh?9qs|DyT!$TNo0qrF
z3B}%VX#?JNsYbV=)o<(#=~mR%d4d@E`uXCXg}i7A?`8kJk@Z(jlXZT}DLD!e4oMta
z8})ka^lbiWM)4(G74kTUr}@TTM93S}m(68gR+_*+6(7s4ikyvKZeZ@_QK`!8+MbQj
zViO*B(T^{*Av@XqATb@l+)a&`&4%m+-BQs}E7n%V?+fC9?5PzQzchf*vj;Q#Vq4^o
zR%7^!UvuF-ok{7{M;+dYv#pReFX_bDL@YxISJuMA&Pce;%Pi`+W;sTpbbEc>+27iB
zan-o&7w}%jp;??ajj6XN8zX9GRB<EBKy35cFDx>hy#F$xGN0(`u$w1Z0yWE>e=U?t
z0oD1j{WZn9N-#LI5eN47BU*enu~vRfkJaC>78GCFd?!Nw9)s{iNX$M~W3i*C>zzLX
ztk{?t+g%k^xoq{8KYn9A8NQCF)wzDyKbgEsoGshNG1?a-G~u=_bz<p*#I}}Xl&R7j
z_ZXFu!Zb@07C#m6Oj}nCpDUd1s%pSugoOinvoK;C>a+o?%1At(@@Ld*M0!SfXikLT
z`jQY<?Tl8y6bz_c*U8sKCIZ>$v!MPA9PCGy`5x#gWrYjKE~Th0B!@c;X&J4S?@VFE
za?dO+OI#ZrdwE(?(D$BpU{nXQkZ11zcQ*k-U2Qu+U$E2H=y)EIH6gDfaqVGVEt1Q6
zQ;4v5;HJ1`*}!p6)1BSGqHZ2u!{}MhvL;FH#}>tlb3zv_P41fP=P)^rli511s&ADu
zRGqXDxgZuXmdW`KhKJqDv@nOL;bL{kHe$<uKc*a>0>R^B7xw^|53|>Rg=sB?+J%Z0
zw2=={Wi?B&As=-C@%LegEu*jD9j^W<HhUnoLOP!LLw8X=cU2fnq~MWArJ;{@&D7B?
z6{)jFPVTFCwA>3J^?DuS`vf^d5wC?n_|AN#aFh&VK2}<r^Q2EzKafvonN{&?ydyIA
zNEbzb9iO0`;HTRw#XdpYjKk+~6t(QS_1RrN-7kNw+}4i7p+Rm}DOP*0Lm{~FWV}j-
z-!hQWogGPs1m_`CC0+OK%6b*$T%2uCvVE+=y;bGndg;^YSru)1M8_~;LSUX&6^kmP
zRbBG5UmOuUn6BD;u%MX)|Kk2|O&w?CazmmF7eyY-@LBH~5?p%K!6dS+!%RK!*mQst
z<5<HimsKx|A~G&ZI;$?(5ruNG1FEEJSHBrXGP*hpl~xnHLY?ZcDKxLL?l2%5kC;tq
z9wWU%?(%FkIXVGaGZe#g(pTH1h$O}U-0&$+=Eu0f5bq{kj9dc~@R?{dfYIBr+;0^*
zK0Pv@z?cPJhSt!y>}yw~R!U{<^vm!!YJ2bbi;%hJEX?|m+Q_cdPVnsxX#i7F$kG3x
z{hgrRe7r;E{*gQue7VXx;LiS&x+M#0Rl8$S$HuQBWLhs_CS}Pg&3xpfTy|8d(4JP;
zwHkgLj)jn?O4;4B_f&TVRdht4AC;*&BKgT&6<0WQ_m{Y?khvL;xp%u`59$2wC$Kod
zG$|RX7p6Ft<F>_@)<V2--d?;h3<a~yRcvEm$XZp(UekdqjW=WRZV}MA0HLRsc#1>E
zlD0J25mhCOpQ8{ImNuMjt?AGzRM3SmV|5iZnXf7?()=VM_z5Bp{932^PM6r)sW!;;
zjDiege=NYKnZ*6YO3D1I+y2YE2`r1-3pI!(z+qYkUy5Xe%PhxD2}{~+>ynk9!>RvQ
z_w$>L%?!kR=eem6w3ufAVrULS{GKnKA=PZ?(+AX=#T}0&BIRp(?Jdg}=ZM_KLO$e4
zRN<#-`5U^WzU-TlARwQRVh_kfmKZlJOYnNE9TMuzqpI+8k$?;8q2)Bvq+B_ZamOdm
zOUjShzG5unajTgQ)87Dw4_xp0r(#!S7haF!RmXykts2a&IQypjVZCiBtRd>=)@$VM
zcxJgpPg=FGd1q6HEk|=D@+P9*Th*L8m=}&HQ)t<oOzP|Jk2_GSmW6LfAPnaE{2A$n
zrL!o@5Qcteixx|{_Un<Eej2_?W|=fKG}i7bZ_4^xiiiXI8Vi>6jZXG6G8IjG`#Oos
zE2U;N`}5=;2cKw+%S?Mo7YTIS3d)c3MvV~HGIcYU<0Sd9hSaR;iTIy?xo)&X#`a=#
zOjmBnv-ToR&@s7FzNH^F$+%m+eJ=#QeuqP&%;|TJDNlo=UXI}F$iNF5j<4O6&BZ4C
zT|M=lH&oX9GwO~%fNX_$9w3H(Kx`%LUb^J3-mTpY5C!A+z|~P0h;i;jg6mOl@Scda
z=CbTOS^01$Gh+&y9f{{1%>OBYnVAqDQIZCn8pJL|N&i4I*~Kf3`oa8iJ6olAbd@J<
zkg0G5tSkQV!?ZrIm?Njdk1G13tBy2_Th*8R$=nt~iHg@z81p+T3c<}2NT&yv*J`Zl
zTuj(AE9PP#y74yg<{d$FCX&skn^8ph$9d5>>mOBg{Iwh>ii~9`>|<Vs%J8CI+JTI*
zNg_b};$dRk@6t#cF?sterQn+O&P89ivQFin(q|>|=aib()Zez5($Q<Mf3VD}Qnk@=
zuUX{GBW)bZR7Yj|#D`GlJ*guD$$bfX9naaugOP3zW!sS*XeTy7nlB7>6g#X3vGDhe
zl^=JWUnSTNswhg;^0lly9O7`;*jy~UOuo2_>N(wiw!gN`s+tjwOQ>U`7UwZHf&ob<
zZSCuNvCDhOe@Q`3_(#s+l|TgsFrw)5_<>kskpY6r*+Z(*1vJ_!K>5Z-?0h|m!O0`>
zFv%$pPK>F4=o!yup{}_DmzY|y?Pjb9ys~x&*MDziMECS}v%hEZ(C)tbRW5g;O6p)p
z9*hlTvz0}mg#hfcKj!L5^0Mci(EMqcN^?`3ZI@gzG64UfOajTMd6|M3`4<`Z90f>S
zJ3FCNR!@_uTZcXulnKK7P~kBX$XqDNj|4{h^a?Z9m8x_VhWap2eZ=H2oaLGNNHr^X
z&TXP|SOjw~?Uhbe@Qdosp+-lxHvRm}@C|hvQ_J$@tc=7g92<OQ&+Xkv{k;(*Xc+=P
zV&vTGg|5I0CQR4u03gRrll|l-J~TX2I_xrfuu}96gOMKZO$X>r&LzXmV^KQGhS4l%
z``AZ|v1%qc`75-WKaqqMs(v!Rezcqm&cW`9)OH{$X06pMceHG>hL%;`xQwDMS-7a`
zhtA@h7s1V&bf)JOrGU?ogaHml{breLe;JaECWy=M<tG~E_)#D?^r2p^4SN0zT>TaD
zm<jHC6&$n0{nLR!ou;|i$3Jns5s(tZk)wNByxjgEm`^!h`l#n<f!osGhfq6Hx8}AC
z5=eb(AiTR&$0n^cKtjY3V!2?ql$(VE9)k<~Df-Lgu6CWz#dOY2*F9Byp6$JhYzm^!
z^2iPcQ6OTo0xfm<q{+s}CW4c5XB!e{#AeVEL(@Dxvh~yH(}k+u^gv=61gFv2>E63R
zWvw(h_@E+cqkhx6NzF*)NSkiAV63pcDVIGsAc&Nkpyt=$x@4=`Q-%mNm`ZO&8m3W#
zhq`%1qanp$uGZoqp>_^Z&a5q*y2Rhe1y*;o+^ECIW0k%Y^BPZ7qog|~^b1oX*&-jW
zO~YX51%Wg^*zsD`LhbUa4;QRN$UKZ!n2n(>v0XH(;lzvvexG8Vka!H=E12MOg_E!y
z*nduNZJw6l8JRqc!L3?F@S~hM<e1v&iU#mL?yzD6Ig&nlgtkvGmNQsg4jYZ`To=4X
zfInmV;RnPUaM>TDO|fh0>_EV^h=Mxf2Q5u(+d$VVt)t}Hu6#5ycbyJAYT|QUSL*Yt
z?Z>%_wz0<8mV!jNgIMN5`97ZvOy3Zh?~2FL-kT4Teg}cx2F@y1w8NKj>zTJvRc7#H
z`?HC%iKfMjM0|Kad7kk&0v{otPqliX&$VRGOa@vvPnl?^w^DxUfSmw!pQ@PGd0QXE
zk-e~XzXU4Qy$zr)?!DPz%VrN|=}$A$I|$Fk!wmf)H6!}N7#pSPnZB<~D*;8s<64-<
zsjqsu%%Ey48)2`R85J=!$eb2Fy{_V7WqGS%NqoEZY<vqlK2IT`SywLR^V?-%<txKW
zlIdRFcqobUo$}f;)K^(tI(P>sQm|Q6G7e5`yMuO^KlSMEL{&{s3I<atrgc>?`^FQ;
zS{7ROZn8bhiGgJ#xGxoalZzS97;idnp{!24F{$%Nc`~?;tI|#$<|Mugiy>ty-W>P-
z3bQ`!aE=~ao^1=QL6reS=b}U<<^Fn^LLA4;!6Llt;90)0@U7<m1-kxSYZdzfU1XNI
z90m?qiV!ekrB)I2WF|~Tf45}F!iIahYn0xj=3uIz1?r(xgDVSSW>fqVXBjR=@5RC%
zHkv7MBddWblCnIT^6v`Xh12rEinrTwxOW+|5_i6C73(+VojL{qm1CA}#&>iuU2e7$
zwRB_Eb8n;}x{Hw3SORTHpsKLn8YMXA4HrYYp_QiV96OU2^?kIN*Ha(cFAbnQR>%dz
zGIrDXXawmzfL|>T#Y^kC>D9h{agM7KjJ_vX*4*z0OHEtnshtXy2Bnn)N1Su^oci{4
z5xeFEjV?`40&NZg%?-lA3`!Z)eLg7Web^bQ+-c#fh^bCr<~%4Hcij!5Pty*EgYNEu
ztHAQ#1oA$TWpF0pg7Bz$jRD;b{~2>Xs|jI2uj2%6J!9?Trody}^zB{z)N}1`&GG_p
zNVx_aE2T%C_>mCkuffWs)joOeY|p+r-4DcvtWnmU%rd5!!5Id*-J}i{QiuTP8c_W;
z{e#0s*5dS=d(Djurw)0Xaf@a{pk^v))FyWI{o1+k%OB>r=DJ2xT=x$RiB(o#Z!?xt
zb#bo0MhIafTGfuT6`VSZ4&5m{{_015zh;lIb}ReC`sO0*&Vt~+5HKZ)S5)#dpAb|2
z=NQI!^Mxt}P{Qp3dm+Hf*MYI}SioEw*QD96W}i3d=;COn3FWd`H<!MudBI^i1$)(@
z@+ceELQm2B{Q~3egit=+crt+WQ5{~~9V8ssPAmoX@<FJGKJ>})AalR3f1h7>q`FOO
zlx-JhcKx|T_q}eX<<+v-Q{r}jm@LLQqI|3^2W!)LEMZ?O7Y3L2r7DW);Hk2DE?TMf
zxv3(x@s0twC_Bww(ooZ2PADK6KfFRUvv_P%nT*u=MOV8}ArJg*$8|Ct&r>P4jjvY*
zy?Q<{<S8wpTt!s;8cgw74|e<+VQ*n~tcFrOh|P-|aIxrm9*}uVBBR{*M($MKUk3Kz
z!m0JN-YG1WW!PvHmpaOM7r#CQwA3u|U*?fH-$`GFgo#Z!^13p}lTyVV)ekHs+DcvH
z#ku2Rqx8rE!lfUx38F#&7tS+O@z|*IV|v*G>%<v+!J5P@!%ts2rdK4)>ew8gGM)b*
z$aH`;Fqg-8-OIW)tsYBzXy~<&iDS$z+i*FTozlyxP7csb@%|vU&Nv8fVQ92!<YzK{
zdX2!9x%ZZm%so@?YZL+=xqKK-tuVFmAUFuPMCF=V1S>|s-Fl1bM>1ht#&gC07g0pT
zd^vx-Y)?9cG@0$dtpfOGUgE(Wpj!zp?jy_O;4Eb}m~w%YyG_aGGtpRh!Nl(xHi9M4
z`^FeQPWF+?Lg*K_SaW5LF@=Sr^aKsG%eB?cz);Bz0+$LtS|UGWAP7WUfROELop8{%
z6O;hLJb!_n;*mu2+YFhQl(d-c;&B{)CEmvt1z(7dK{Q}Gq(10vb0QD{B17S_a>Osy
z6TqAS)Z}60AHcub_sDpiSKk{OYdv`Y?Ax{Nb*mcESWDz%@)t7XN3}r95P2NpTLUK(
zU$Y8;O?@v)zdIsbW=&yN$nteaY<kW!6R6BsV<yDgcR5>cQbd+49mEjRh<kUr=2MLy
zfAc1f$F|!`FE_5)`dqfDmtt?8oc6`b{;*iVZCS+`p=P+4Y*7kuT6?!XYQgC?NFFtp
zuj1Dj2tzR1kglto#WBuBV=G;1Mhzskc%JnSRTW<@#{K%8Pyb_NAxZMWXu>YIm_AF&
zbEiu3L*+dHlC)#d@#y%K&*qP4z*4Te7;o1lzX*SNfilrXUDJK_?e!L7c!RtI!)?lh
zmu@-bPoYg(s*pX$33tL%N79=>s+i{X&GAcBQDWb55qIP8aLbu+3<GsH$DiFf`R(Ez
zlGPo(12Kafk<L|(+ue9K!gvpQ>Y0ou%<CDb7423BRT{S1={0J$r8KS+1eROAxX!uB
zhymAa3Imotv&ZRjqY+)+!nB;@*liIKXUUP~C~ZN(pfi2*l39X4WLBnOzVi)&!HyIP
zn1~r7?{xROwA30{08P7LB*!bBx^Ae$8DSlbC5*)qG<ea}Mw_eJM?rs^?g(|ft`8jA
zk2^)wfyZ91BA{Y{7c=O%#<QB-RcRH);_>Cp>)jaF$EPRUs{>*B;CQIBvTRTRv?c;H
zxBlZ+e<$D`1`J;$AFHJ+s@Z|lG3+7OaO9;@?Ft2wqS>4ZB8Mt~66QR^bc%btQ%rE$
z<0z%GC^*neV*hL<|FjfDFEe7MfSbYNY(rw-F)7N;#j+pT6yXpwVgW}D>brW5l{?&_
z6OTY+G@dyKlNZ1?>`V((QduRXB=OWl1Kfiaq#iT97B<bvVqtv2NJy@Bp$g`3V1=1t
z>n?596fG1+KpF35D)#jqT~kf-tMRE<r+eQJCP+o;FLdHp(eUp|O*e}E7q&$JC}!V;
zPpZ~*lgq1gdPv4`Faf+bNqBuhNxb=v)c||Y9XIoxC{L7pwhG*&70ArVFd4o;Z1$1r
z)Z=+^+Ps@^Emx)9#CIkcb%HneACtMBy!$Y(X4<&3z25QwCotY|?9&2=X&JSuqDH;#
zk0DFy5|g`|{d(R0wN|-nyAtSq54>6KmN=p};=|201)`>iyw^hS4*AaxWyWllGdVy!
zK%Gvv*zC;1y2tCdk!QOjY_Sama3||!i?Zh4W*keKs#6Cf6As_TD^c#F0UiY4T~0S(
zlAs;V%>&#<N6u_($f^BTAA<LFo;(kSG#pnEjTR2g$t<m2N>%T}iS6#Vt@MUoV0Ly-
zU9Z_eaBQ#Gq8$?RP?H=0pji*x@@xD>;)E+~ZxmRlUa9%5on=S@xYBCG$3{ywYTXaj
zj$_ZOJ~-x5+duE?j+QH%xCIX)x{bz0vLabk8ONbAoQsUi<2uCENki`<a0t@!$UIM4
zi5|UNSFd3^u}gg7+8F9bj(F*F#vSHBTz#D23c=PP<}Nipm8VH{?Li%{;-cYJ@m(%^
z;2Xc>_#sLbNW#ZhQ6G4JP>CkucNd%yxl~eF;~4&?Lrm_*hrl@r06-hmMI?G|MLCRb
zr)Kfto#x8r98wbz-x0&u-1Jz2!y~AtR5sZ@eOVw4=S;{`ED;h9(bRZ-LpQgRR?31V
z_2o`g&3TU1g@R><)1~l1zJuR@YahoG(XX*0WR=i811T32u<?ZwS>e=97TpQ{4c`0X
zTKQc8lnPEW(ME~>Rl>pVVl83zP5rxM86^|0P_F{Bv-oAL{olaS>H?&h8RmrhvQ=+^
ze!W-&h?_Gr)U0g9EbV&muE#O!hXt}{?`ulnr@zw9x>uG#=J_juYLbWqc3RGAdQyw~
zK0gr%$Qcz~WQesYHL+Js?IuU{tdPDpeCD*7R!{(dS|G1%<JL6h6WoR43)9JVCM*O1
zjoD%_)=rnk>PH(yFsNn>x0>{)D|sfSuR~ndt7=tuqq{OVp+K$|%n?J-ZjKRGqJ13*
zT@$k-?QF+DWHZo|3nQ^~*sXuqxE|K)I{T5hq)K`<2<_pix>RVF_#3(;9J#E{5*pH2
zN!9`HhG<^tly-LWgjr_jS{Xsr+^Qoo>v44&7v9)#;-Cp(1?)}^IcVDLKvzD=_}+eS
z@(_qMvzIre|6@kWpIT<p^p1|-_g(;JmvAb#j-B?#O?c4OWYPr;<wN^s4l99nL-E1{
zhbnA>L0`#xDb~|`Z+E`VmLXlZk?!j?2V3n>aK5zxo}gxt39f0|xPNxY=du&UU+I|0
zSlJEdor||ZMnRV*3MCjxYY#i+dqL|agjB?;Gs0p4jqjbE%-8BoHF!3aO}O6yrdTeS
zZJFhEgO%rYtg5w-b|@dmnp~y8(IXUyh~Oo<9hsaIwe1#Vdlq$anYn?xXa>z{Cm9Le
z;;U#f5oi<}L2}&}i%g<pz9XB)(~I7x5AtAz#x*?3qMxdP4l8p}i2?Jc<V!qpc01i=
zSE~Btu6@cIwMM?}m{_}n?5+9sFM&y?V>DNTu5>tga3Zouxh9<_h9Tq&8Mzw=YzfKE
zBtN;)-_7R_k~~tEP^SiVi+!_aYjCBx?XElibXyS9?FbwXHkMc`*x|z__l@U+YsQI6
z>md<q^Z@0tmP|Mi+Epc7=zUPxJ;CduczT?ugL<r-S!vb%xSbB070%F(&T-669GuQx
z12J6qMwkp_=%jyX9+=lgyDr@-B}1)D&U@O<vmF;*SARjK{#ZU!rs#QYLZz8PBE0h#
zRyB2(k?~Ve^jrJ4t?QB<P+wTxFG%4JThD7{*Q+$<k+bd03>z-zzE`qM_#uGccQiZc
z)&*#AB7uGriii=$PtTWdqHto2n<BiBC612!W7#bcZMIvI>NN^+H$AN3YAnQ3!JpZ<
zry5=_#QfqyF8!mgDZzTV_H0xpM9}ITO*BB6TKR*j`cL9UE0I~;n{+gZB?(uHZ+ksA
zio=i8<f>k9bNJ>^n!N0Fq4_~Z`ECe&8+{h|&@{CbWY=cYCzqkM@A%B}a23)eskwrg
z90T8{MQ9cp^Wy)QL-s#pw$~PjHh!GY48CMTyD=Ti--M2!G?RHIFOVoN4ANRwK7aO;
zGtPZ*S9O4E&4nU_+lvu)a9^5tHK2UARE{F>^viblJM3diS$VCG|EDR_s86D8ZNR^Q
z0PHl{9E{XyY)*9h1=MNpmxFLVMKJfOvfXrxS&E<^4uww2{U3{b{11dfR{MNi@|MeT
zpg<!QU1@_=EN@e<W6=8vx{?<~qrLwPg?>NJ9vgIajuFJ*LIs{NXk+$!Hq5-u+GVNl
zfAc>n>VHh=pZ*IG2Ha~`bqiYx+1CQLuZ3uLmhe?{IC;=Pz+YVCeSTtw#!_I(Lj!Pj
zFHAgR(|ltP^a}`uYvF2D+U0##yZy^g?BXK;0`vyl54u)t>y-|=RjSs=#4(v0cW_&k
zIpi4~{ig-~YYMr`4>s{ojrIYBEP+?kC4c#l1x8AocR)AkL=-H(`H5AxNCR+@TY~<U
zG46%N*FwM@{{^k(b{31&bBd=hnVLy#i{ClNUi$A>Z)^qTx@ytb87XkfYjc{ifl$Ze
z_JsSfMF%Tfb90?qAsHYzOx<I)B9RPQ`dyqD@7~|!`Uz67xd(EZ{0$z9{+RvymyI0(
z$x#N&S*$<#cm=@R+ZrF={`J4#A+$*HG6y();qCzOPd=^*;+3;{(bs<rR{qON1WLgn
zjkuTw{sifO=?gFbXv?NR^0L@}&%)?~xT^tp&YZX8$AV3Nnd4nTF#8JChu%Nt&i`eO
zA-O<`lqRVESkUpWk7I$^Ytn^1`N15oe;%Mk8StKlOzw|)#{VP%L0rHG%$^~l_3n?E
zBmYAIq6y&zEnuA7jG@19#E;3PnWtd(gzYave(cZxqW%l<0pkoQnEmAAf3yAHZ2vdg
z|FcN>3zPqa?fz!_zqS3}+Ws$w&|hqezi?K_-`f6fZT}N=^S6=zw~_z1k^gf}#{YLC
zzeOv50fgjQF>-#=$t#xe!XVUqM2JiHe?SQYw1JzwRVd%|lWukrDdvo2bFxFZaJuAQ
z^x9wi%70};-n9j;Zig7F=+8Z#v;|NO8qdH0bYAsOID7(gz|oHmGyU1eX93)+gd)Cu
z@2B2=&Z`4V|1ss@-Jg8C4ZzshC#;X3{><9Jjzxp%8%SqA`N_w>)zciBy?FBzJC8oE
z$6)$xaf;qQ`8bUZ$P3<rw_N>MoC4(GhjV6K{>jG`VE`tXg@)exS(HW-;2gH{*gyGr
zrW@d#Hk}6#e%4v70MnmKCH~3BWe)-8e5@4~{z=aLoALi<{J$ChXSCkmjQ_XB|6Ak#
zD`WD1<)#;ZYy7`8{!e-ef1CP>f1CP0X{)#V|2Fjn)?N#dOCGS;Uiw*gqeWad)W;)K
zNr4^_q$}sYWr}X7@ZURbNj0GUtfUN|{kQH7vJ|pKMcUfPtEwzuu;SuZ$9fW2W{H0e
z4O+|`)TC9s&ZGSIa6%@1NLelaEC3=9!wI-(#o#55+cJ8`OMIJ|?7}5P0vL5vLxK7J
zA4BvET{=Pb4Ji+}{d@Q*mli$hHG-10WubNSLVKDnZS4ss1#ZUTpj&lJ!c@Kd^+f++
z3kGg&xJr=XT=|Eu{y9q4iPthZk$A~Jrec!ew-uFOpa<O><^{hBNL(#vEPa#B_75Iu
zi~Q$xdNos1|3CNSpZEQ)m8U1Tx;Td7+xl)}&a4Is_$t6bcHpHY{Fgd8kwX6nPvHML
zxgUY4eq9jM9Q>Oxi_d#ipPq{4XJS_`NP40Fh(_eDl@<8eB?{`IAs5#CE$j_C|D2M*
zD0=CmY7)%<eo)2N0!S3<S5?JpP-6XWhs5?Eq>TN7#bxBPt2Z-M&+j+B*CM|74=EFq
zXW*2k(*Er<Z{7__`)$nd*(I}Yvq97dAdy##k1;NS-So!-yU9_2^ABfioc?M;Bj(zI
z&A%sIFRlyD$H!s1a`Cgazr8w!5<Sn(*jxxW7g^2E?gizc#Q$)}#d%;*b-2zqD*2bQ
z^(uY%J2920BpsrOLICpZm>_zKap$}o?oGmm86rl0{qx*s)WNY=X!Cjhd%9PQ`+Y;L
z8Sh<0)3z567W(KDas%VfdAR{nn$wRD_%nY;z?A?TlB>46?Y|%M1><k?G&m#f`Ig>S
ztnXD_bIZ6{!eHsr)o?MecF7)ewaRzONou{|VP*0-9_!Dk|1-^BTDtWc(J!ez6Z*Do
zNm&=1T_5xeI9CRNandl$86#-Y$o_$>b149g4t;<#{=;|wu;JhhNfu!L)@5D`S!~-I
zE2ICfNBrBM;*ymV0!gITz|p5PvMK#}&YbvQ_0oi0`Tu^V_%y$*UTFcVH6KkicN5WL
zhR7JCJQTPq1IXT4onHSpHv9HUJ`5m6_~7F?|9(t*ir-Iufc8n%w}%+Mal9782Ql2c
zvdVz$3vHGIzV9bE#fMjc#Jgt9@DIEE$9Dhz!C3Y;o;Q6-9gk)uP-;Pl7I;nFJ^0`q
z#&JO6O;-<q`hf4_CY^wDqDE)D{^fYSvxkM+?}N5Og>BJn=vDZQo<_XvL|+M1;l9){
zca*UFf?mUK<JwSyQyQa>KL1VT{>!7HQU7hs?1jj%I&?Y`D7pdi?yeQAN#d0N>e3kD
zc7Y+fo}vSE9YXgDqILM}Or+m9b(`q>cmhw(*OuYUSpP}L-`Di#;zECC*$0HG_TNri
zRunC-Fgw$z=lPD!_0T!y{fzNud5I#R;4+=u_30~tV_f6){YG(}%^UnA<X6aSRI4|e
zVh07sP1`&5hkF!~^_zq6nRj>s3iR@?|B(QhB!(vUUt<0L*o41+Aint<xf833Hh$Zz
zB<c&!&JQ*~&-(^5XboAS)QOQB-{JPb^Q9Yu=aa~`9fM~hb@<R3rou9wzxNY^S6D9R
zmIn08aHmN}Uj#}lQb2pnf7MJ0#XX99=4PYGJXLu{pvYUbw?wN~qNI|gFcfnI?3~%r
z!XLfck`B?6g?%FU>m2|12K7zLm5k{2w%oCNU)0UJUQ62_V6-0qW1fqLTVi$IwL>>J
zK?DjYAg{WCvd4l`>C+`5QrDf(g24!l0cyzl<k&W2z;YhB+WbHop$=ZHhDQaL0qYeL
zkx%GC*fnBXN6F~NY3WYs&{*^8=OlKYQ3ar!q|+|%(`!N<;yc_c1GQa?%+ln<8Wsi4
z;kH5cmnQ-3DHFCV!Bi)nd7z3Cn;FlH>JAz&)V`gK(0Is(d?~m-y6jCOTe?^2u7C38
zn!V|DgsU!zeZzD6HudehH}uV=$ld=SN*0|Y>e@1vS{3^5g!{+p|NKy_gjRW3otOR5
zMJODrJIu_^@w}%E4|-EXf+Z1sSJC8HY~ht&eG6R?s~^@`8gp&V>$s^Qnb);TQM+og
z+mjPC`*8s6dCE};NV4Pl$K~)eZ*&!mAP%=p`qop7@1_4wmC_Tr=c}=@1tt2ivJ-fI
zZ<UpzX`3@%Hh<}=qOU;2extl$@usl*ba`E~@`S5+)&z2Sz;PWmn;yD(JTW-##bB0!
z&V~nd2(3GY+zu;58SyUi9c-iK{q3d+#Y049NBbYYGfL7b7R&5@L@89y_fPKqbM3!x
zixmEEbStiEQkVQoh$344c$uPCY)oZWw9{7`s9{+RL*7t>zl<cNbJ_SLqSpgEhHDOG
zLPf}(omOh#2|`e@ubC{7G0o^YMg28mC3n>z&Y_)UTF`roB4pORU?BSRWS&1*0_E}~
zr&4@fp3$Ui7u^-gx~=CqC|O8(P=P(Bzt6GoIsLTS`1;gu4QC%7aRi+`sk{JHd=kp7
z_@3p-dr=j<G-@FMm#`rDXR=)HcW~~%WqIPlC?1NG3(-z}Z+CuC=rcR6sHnsKo<n5K
zw9S6!c8lS|uoqim3}wr6jta>ys5xzBGA%xmj+QRC=PQ}|G!KfvJ!FOdxRUTK?1Gn@
z<vSQL$?gBxXa92wCdcYA<!d3nIBW3ZZttb@;EqE9!mBfZ0;-?xlsv&-kgH3`f2i{s
zUF!YeOCvITd!Dh};-T}_i!Jf4xDR)qxQ!G!CXNasn=ol3=p*J6WsLB~wY%eZX`zHP
zh7hZv;(}t!!vbx>-e%)bCX7or-^yR8gE1c2zT7tKzKP%W0#j$QDKK`c0k@#WSFL{H
z{W|^0HG<n3fh&B($Fun8>3mz&-6O0^TNM;Xke6?+-hK5SuD$a@uPDR#4&Bjq_q5Gq
zFh5U1Gwk$ATb;L`dHd2}F8$&5Y{}qlA3Y&|(Krt4fcwzj#(P73v*pftE3oJkYkgSQ
z7avTQu?)t#<U=e1@%AB$@gb|x^p9=>NeO#*4{_%T@o80BDRcQgn!)p;?M;PG6IM2y
zxi#WT9vQ8<ne-3A+`zRA9~iC3YSf;Qr<5>uJa{EA@XOU9ce%iH<|G}f(@9V>%3tAj
zScvX59zl03<gkvM-b@k{6nue-Q~U7f`Gw&2EH}3cUZBm6j@1bBAIB(Q2TsRU!jApx
z!GFGu@&e&Y#J)@~o9fIe9-Hy-vjOk^A(MliCtK33Ww}aoC+SkL2D3}7hH9NWX}rUk
z!g?DlTD8`KzBtECrBuo}s(qSfiBxj;51luE8G-3%RE$+hVkDz)-9=wI&1}@wdWMQr
zd@3lIs&}~Weq^@nxQ_e?E|qSpKEx`KqYP?EYz|&NcIMOKY7M#P9Zs(xuFbd+vwF{_
z=t0M~1LP?bxNCLk3)Xn1oR5e4Bbfon@{B}&rcCX5a08t2XtvcyCqdY$VN`Ax6`gjW
zVhr0^1Jx1~I@d+tpDtNEsD?$OnEFL%$Yf$|^%r(a%^I5I;NHrK(<?YFIcm1EExjo=
zE8YCNlXX~#_0Q%b+7SV_b^3&j+wP4N85HH|b@}abtCKc^$-dYdbGDiMOnziN+mfL5
zo{*O2BTYo)aDjg8sH}%X1Vg_k95PvNcDOC3O|QEvys5Wkjwm*)$~O!j>`=3P(Vb9Z
zvop+8VKbYZ>bl11-jG=~;i4c8JB>hj+|Sv~61kgw?b0&rpo2NfV0;Om?1t3{BW<c&
zm?2qYmTW4fh%YO~ve6oRqO=WXl@|plbtkERvljJXru9Rs1Y=F+nM%Qz;}7>(SaK|*
zc0J=c?%B@MhfEZ&#&bCLRr}4lP-N^m-}RsA2o=<J+r%iUVX{5k!asBva7=!x(zIi`
zrYS!KE{`84q&(#i+FRwm8_A&a0hH#qunYQ$e)#nrxVfZ#wk&rvKxqel1ER<#lC@o`
zwL7AZdM#8q3!j(){aS6-k)B&CMJ5#8kcu?7!~I|7zPu@2T^ldcaacv<!rezwGBn<n
zNX+AWcvN?4uibK!rlJG|y7}=f1=5{mh8}sS!Q_v}N>qc$`9E<c^hElm-Utl|*^y5l
zsFKgu^?JmQn>7)Ardj#Ik_p_H*q5YDTH&&r-4Vm9LU6iML^8x@mPM^Gl=Fc?!Z1q#
zlD=k|*Kqw0c6gO?>B8aIROZFhqW>%xLTM(8*AuT2@Rsv{vU_EdPsuLW#1&ei%kZ3#
zfh>ipL8x|(@)Db|F+}Btx0Py@xTn)<(H?2>6<?##2#7^z0<+A3vG{YT*|vyKZ5>Z)
z(CL4F_*vkWfpRr0dRe=HX`2*z-nSfj2R9SR%vpxMeiL1v*}VjiSKkm;%DF0^k60J>
zct8_i8t-<EAnVp!0y@nXT2ksBW18rDULeevj%#C~WIFp1+>Yx+N*^8zVIG$I%=_&P
zde2sDRU5hroUE3KFVva^U_aYo%0A5um4Gb_t0_a(%vRVs;6wEM5$RII70$l9+%CiH
z6K%m^87^bmpI$@TGp+pEYtK-$<Ynd$mfXEF!~#nn8x0jd@;uA-+vhhstDw^=9qV5*
zj7M}$dY$f=eaU%o*^7$qX3lYPnQkbTo6LiZtfL$?oe1Y5qfE6?yqv^}WjNFyvsE&d
zufNn?#s?EYj<qn7Qq|lmYc&C*=XKrvcnz1*S$$9$o@a5#<Ur0{BmU?jMx#V{@t_h^
zS?LDM4f!c7R~w%#Pb2rrb1ui#JinkE?1urz+L$nH0Vt+f)$a08C;`2OAE$bFr3&a6
zFRATHUt6*GM9{b5^!#PpPwkR}ZRDcC(8|S<ue-gK*++CkCt=E^6JkTNP1Q&BSWC>4
z?TkiD*&T2<49wQUZNiR1)2f4vL-`bCUivpBgE?hgFRe;V9|eEcBpfn#L%Qj^xW!!p
zzJK*E)yz$`3)07^ce=gawDlVKqP$cmrZD(8ne;NeEHc~^8aG<9YY*kyI*qa}b=g(v
z8`P0d3Cr+{7`)hZ@iKNn?lj=}m-h})RaO=c9%MQ!oiA%sGILUI)Q@-BuvnUT_kqIp
zArSoEu0^{lc{hap0_=^YqE)5c(%lkMWpJ4?XciTmP-D<Byji+CaPg?fNIFcBS^=?i
zkvdcEfJQM}Pou;rm@#eZ3VvthTfQdrWxU7u{Q10BE!TJgqWjX2q32JJhRHVecevGk
z@(1cSkm)j`#o_wRsPIK*Lua$}U@lh2q3dE{bGJ3Pch9+gG-dsQeMLiMX}rjfPyItl
zkn^SFWP$uO|F0PS0|gK{LEh79RN)Mzdn$1~r7FLzQFnY84Z`)Mez>guF;ZKpJkzlo
zYQ8={c$J&g41R;Tc*?|;#;HHojB=Z7j{01xa4Z(>)orS}<oyX++A4?jTf2VPUt&E@
zp2y9=g)J2no?Y=D$dsgcGt<rDGH|slDLq5C*9<zlP0dqka!M=~dcT5SD~bLOaUg(q
z6RjQb7TC0Yvm5>}iT>%=x5?kn5eqah5oKK*s_`4uxuJ4nV0V3VbXA^Ct}uMmyRJV&
z@&mY!W6^?_w|J%W79+m9%WlYf{I*#7Jnb493W<*&`!l+u>|q_5q5cCpRyWKp{i;*?
z<jyy%r3$Uz+_1+pdFi9rM+q=@DO6bumRJ^hvLH1n>S8{U%L94TR(OmLfkqk>8MHN<
z5o~;E!9osyxsr`9F<W5-iqnG@^vy@tu%cOAgDUuSjC^s(sM3(`9ABDKP(gbJweehT
zc~u&tY-YXk9@^Cn>a+bPTWS0fM?2le0};Ykc^JHO#|ho95s>oPJVVl`Ay#FzJcqn@
znfC|bH7{1muUQ@|r2I-D_Cb}+e0Zi*QmG?~P0gm}L%(LaF#V~+jHBTQ{Pyx`gF=4G
zr~?^=>WoEIUVA{V$5f*~;itOfarK@o%|r3LsvBiF9)t{9)w1##;s&Mm*aXp7Zc$lU
z5MR5s1D_l8Ca?csshc0s;`*15M>0D9*?LKic-0T{ysx@5d323YwHT<PRMV1}Qiv2U
z&^_?L(klfraXi#Q??2|3NF?w?XI|OYYYxhVySf^y@s8z?ZJ_oixWSc(vs>+3_@x$E
zuMr7H62k?0jeU{WBs_|~*yPX6G7#7AJQlT?cM*b4RL`oIj1~KgW=aG&=<27S4b0!{
z6CNMS0b?#WbRq;;d?QDA#KiZv=Q_flUBg}4g<bLwI@^uJbDg#rb>P9r#A|_`B3me+
zrcZ|5oVUflyt&51Y72oV9tw`^9Xk~9v9LUgpx1s8F(~<rY<hPYPH{}@Y<{eOf!{!%
z6Sxz3kkwFVKgzZU_Y7GXuIL|<K1C{dUDU^1b}Yu69?DY_JR9eB?W%qxa!zg?Tb;!$
zIasv##o}YN@&zOP{y7L&8Mr$8QTy_cRfxL%Qmlc#@a|ds2P=u>XYYU(ukWk0;Fi15
zrIE3<9vSB0?xF^X61m%kHcb{J@)y>|t3EJEIIw%?X>o~nE)DL0{<9s<m`SQ43v#E6
z{f@5!$e4$QGL#dGL*@`QPo*-X<0GC5P2|(7VAxN9s~scA1Q5Uv=!h*7Kx-tk$Oo<t
z7CRMLE?Q1?_gP)!5_l>op1;17%vY2t`=Qb(>z2oWDF2Yjm-6+r$z_Z$<9V3aH5qCp
z@<HEw0h|{2<S-ibdj3D!-a0JGwtE+TL@bn2LO^L1=|&m_h7_c`q`Ra`Km?^hx`aV`
z=x#*mkd{X2R$v$zYF`5e?|$B&-`@K;zJEC87-sId?sctet#h3#ZtSjD?#|gZ+ZHm&
zlZLCiX02%%jFa_t`xgB$se3TlS3C0*6ck23Xln&>@HM>%mr44L<e)wH4C*3QQ?=Qb
z9<<8Fn$WZA43Swr@nF9zyQsvVFojQBdvB$(!g`v**B^^ZnMFrfc+%@q{MERJzpX_;
z@kszxd`Y<V?|MpF^Gi=7fS#t4V$eUy${P2zvp0G?0C8zE(spJu>WOwtaboT?TYz4K
zrym-p#5?HmmrkU)C>%C%m85bGr0NsKv07G_Nv5O}@GBk_@BTAg=Y~kPDdL)h(5W8`
zpt*eayH*bO9IsZQRe|Z{(xvg+@bB)+mGfYnU><J}8bKNrmNKN5<&goGHlyz^?$%_Q
zMRoMgcILa@1Lr^cB^4y3-<Ja^DR2NK<t$J=^6)UYZB6x6v({N|YmUieJZ*K8zl@nO
z^m|7X-PU?mU%3E)lv-1souoTjC5}mh*@$ph60wp<@RYH1vZq)sbMu568@1@`ISAV!
zA{$w^!o!d#sKIL7VW1p}+;Cf-tY}bEW}`i*acOS0d7kM(jQvGJrPk()Pp!h(q3h=|
zkKA4g=G9%GgT?4R4mvw`RMSHw>ZTnI_bkRLQ%g-J<pt+-4}l7@WT$LmnyZW+eQR7F
zuP{8oj+{&0b$K7lYTQFD8i+R>c%#&Cvflls8OvDSfnibl02+Nu`feuVK0gSN<=!>q
ztCp)KdkG}Hz^9i-Y)c3Rm3bHyS&`R%3aMDH4%x9^`ljcypTs)cy}G^P$p_$@MqQ?y
zwv)wpntzf7X4xZW4?f2=S(jOulcq`}V-l}8jCjZru2t=EANBb5p==+x_R4+LbWa`W
z<Ofs34Zp(0atGZ_nQ@Mp;pZ5?LfC)2Y3|{)Ek@Hg;XJ$iJFxw&a%UVAdB^3`upFB)
z>6?#ej#`T6d4u#$-%iW%(ukH|Qi1dX+s<Jt=#8#K0a5MtxaL}Me*UhkBP2Y?RIr-=
zx#Mih<NI=3S`{--TA9XHy_(!Xlp?=-_<EsyD9BaZwreT8oCo@(P~5h{a(%i)7z`%W
zXFo-(Gq~tzE>t+mOGe)sJ+BY95w~nI==h4Rc<;zT8xVAw2FyFF0}34t$H{V~b&N>U
zqS7DfQLrAKe!n7e){wr>DyjvvLHqIx{(8DYGQm7WkKCN6WBCq4l=aZ@B@1ODGo>R#
zl4{g*)18abSY6+Epf?E~J;?I+2BLnSdLAK0x;1!j$nj@PH!{R`F(gwanZ`xCdwn<>
z13m3E3VPIE3>@?7lgsFhHRN^2XOyFe)IIK+Z;KkS9K4Nx4W?C6J=YJx;(**Nb7*<@
zq{36UB0Qk_Sw9-f7^mhvIIrFextq}94NH+^5ahoE<D2BJHqZ6Oj5sJ5ao2v5QEf^C
zKph%dYG$?6)b%ENAYC{!KYz&1=GZDhjM-OIzx8ogL4A4XREB^~ccQ@PEso)(Fr<6b
zG5o#N;$sg_*7w@UKBCDXDu-6xQHvZEmN1=?NAj66mTM6zzg6MfrOSZM_;}7=lo0pK
z#{XLxNF#sQmq#q5pLQK5*QV;kI-&{;%p<sZb6MwG$#!^Tv7@suk&oo7Te$`F3<!57
zL+Dr?2g@f3S<QEEL9-e-53=e@&Br0phsEH@OQu#D8Ar4(^|dY*4iLSM9ZD^Ed)1!n
zk`hU@QEEmPQHn`!g9=-mL1><wg=;<7#x*Q4x$33;Ko;U9s7!K2Kg}Wh;79X=_7uSs
z5S?cUtr)DQZdPp*RPtZ8Ed9R2<IzFgp2Qn7p4Q9zEW&iacx(j*6}Wkoa{Fe1P6MOc
z?#6%^{KsPd9aNmBS>-Ous8dB>ve?B|o!)@FPEX9Wz<ZeLvHCiB>IS>@u!y=x|NAlN
z6a*e0GmtC9U7jvGEF#miwI|7nN)_`q-xJ9?jeZ6D6`X+UXie2jNMiae_NRUK7~<Po
z$Gn=3;>;&XPeL4MNwsW4#$=$q`8lX&!Q7xP<onl;_U5bib#Dywk60Q?iK?D^`|T(|
z=xr0FEW&jtsStuaR&5BSejNW{ttfLA>)D4iQhvA2*rM5P%iK6u2XiU^-tp0uAfHU;
z5tYfB4u2)O)yI4n0*7JR6f4Bfk|bjo3PL-KVLEkoaeN7!u(H=KzZJlnhVjG}c#1#6
z{;MsRVfjhXVKWi{8ZIY0^U{pxv1KH+OrmP}VZ9cu($Oc!z3jfA!7K>s$q*)OZ;#}w
z2Wy6n77m=oglECC2{<~<GM@Tv^=GPJe`kN{153sB^V>F-T9A%&H<7r3T9Ws-lT)v~
zw6MEAE}t#QA*V;Mn*JWfRJW6M@W3UfY|Ol{&BS@J=k{pzy3=UJ(f*;6T7zEX$lE?J
z@Q^%^u$xPHL}#dttN@?>>D6jy;xaLgkRbhuYKMetq&%9#`5M-%nH4@vK(JJ3F2pQ_
z?>Nl@FfeLlrhG*8f=%YCF|Fr+B9B@QJtDMFC301SD7anPCGb#H$BNnYsj?D95IXuC
zvN`=|!*$6uFs(Rr$$9b+3P_7+qsJstfXnE<o4kPw9t$5e*B%*X=^pnTkG}W__eEhj
zu6SV^e9CmvQFT#wuRrCE2Xe7HBUwP@0x`Wj)nYd8PM$(2Q;noj_xQlv{eW~IW7_8#
zcV(N>&bv8P2Q%i5DZ`W%$`6nU@f?6Ey?cS}7t`=u|Ac&q^@T!zz4aUE{s%`H&iIRb
z5OK#Oz&u{iAYwKNSbt9pU$=4D4*vSpbaX;(;EqOlUimIC9{OUT5tO1BqhmyV_s80<
zgQwMVyhfUX=*<8aWmea&2g{?mp_XwCexq!e5+Q4&2U@|qCkr6`xs8zZmK6Vyx?t70
z)K1qZR~+{k0?l}6@DiKeSL)Di&&g7mWKX22eO#u^;|j*4bclmnn=%Ziuk}ZBI@vq(
zih{2CJ)T*lO>O3MA1)F77@+?YvlKs$Y`9t=J}#z699BE<F+#6<XOW{w0zi@$LOS=1
zKI`7!+ts*^D`;QixE>vCIko~#-}?$f6TZ689Swrim2RE3AI0NldchaxhCj)F0pr=;
z3VFso@XUJ`wQoV*ly+;hq;oB9_eripXYzY_+QghkIW2fyx^m4e-E%SXbU}|-3sy=Z
zkX>`8#A$v{lyHW4ILtl^3GA1aX^R%N(Khq_3IlQ2PNEDpg9nno58Qt{WZpvPiMxk4
zn$j*AkB;buXI=sWfb%Glcs(eha)-mF%dI#HNZ^HATZV#Cd8$QSJRGyjsq-?o1!8#0
z%*V!vF35Vx)hGwA^uM#e6vywB>^@dr*Qe;kAYU1V#~}Y%c@g$ayNb2^(#N_o!xJ9<
zxf9B+{<se4pd@bd@+004ZrC3(aRX~D^(T>-^0_h|6?cC|oN@5!U{b0&<PKY>nbGoB
zKfnMEDraKgx&)b}r(x$PJB?@NJi%@-?n#u3xcfLK7$-smiG9<+98u{j+8Rn0^VB-J
z6fWU+PasF97c3-9&`Y2_A};(=9Z}KRcZ^fiPm|Zj2fPNOX+IwoE}Sj%eH;mwWwdCZ
zXLMAqO6T%`acx=*BRu395xbDJ0tzhb1`>3IOB1oVPQF}y-*$~4+vB*%I_5*j?eQ`a
zyYF8`+anv^Y8<|F$n9c|Qojjy&Ob!UprdrT+@l=i00em6z_uQyDkbz9OdVV(7ab0}
z+eAr%3339b9*`V@@`-mKjW%I_KTYSZ{6t4GB?V2CL$x3VE!H3zYKk2c4hdZ7jhb-L
zVawSWS?G=z&y`jGyrS5oP?+`809KUeq(RoJi}jlCju%Iham5gHCv?P@t)|P=g<5oW
zH0a16;md}(ClMey4mX;2E$%mtXV8$DNad6cAHTp_(jbQql<?<>PkK}q>yeq_jNS3<
z#Y0sDug&#h1j{}JI>a+?xZVHZdafkLwVMa&y94p7@IRv3y1BnYLQW+X%vqh<kRwOS
z<8<(7u#LRs8Gvf-(QFlRgF0kRg-b~IYQ$j_U%5cGfb~@2u(H^>bN8;Ic59s!>fQsg
zD%Mf-3?unkCAKK$7Zt7-1m>l155?Rb3otOlO9C9uC{iB}YhxOAe9lKQO7M+kgEdzU
zd<3`Izir$)st^EHp7Of=-SHKjHk_Q}@aJt<1hAhF8OD@TcoJxHAOvFztr3o|NVxJx
z1!6%2hYTb3YvYNc(|}yuMer4yFBi|l8*|GJpL=?U95!9xz@;zl_(P_BxaKV+Q1Rg!
zQONcGcI<w?M~-tY)8kmAaH&ac_ns=d;{^KNin*K3;s7VZI~}imn#;g)>^|^$o~awY
z($cl8Fc+1`Z80*rg-<sRg*>)&$YHkoU~~VwkuA5|Mj{?~C|bEDe^{;A9;-wwvp3)u
zk9ce!F=|$t3=5_nMtuhqCTHi*+(SHyn>n~LsagF@O)|=(*Yep_^8#2?nir#1gvz$S
zwev*l3%zmonHmy5(u`^MChcoz)2V&{2e5&DPvX&|{#AGklTNs%%hveVO{yQGv}Aac
zTQ{}N%b3LgMs5H?*I~5UkuzkTu6^F^?TYQCK*dY^{F)6mM;7gg?H+iP4gyNfjXZTb
zUjs?K7B$A1LmOxDKys*0qtN8o`#iF@A~W1)kS4{fR8}8jxOW1kQ8Aa|b;QD%+i+JR
zVsL%2Phm!k<H%uvhaYF>C*6odwg}Q*<8as#arye{UJ&h}lE+246w$naB{?b-*hbc+
zI=_k-7M1^Lb74JYpQ_BA;&x{7G|D){iItD1X}`Y=x+yTo$+Mco>$LME-292;WbdFy
zH;)Ssc8QTR5Pq>n!typCTn7%dV3l)=7q%X~yjH#r`^B6qTv*+F;3I0qr}&#Y?bAl_
zs(qw>=TA7z{}Jn6R&6w$7R04@waGcWLXZTKVi@=y&8wnck#CF3Y*m{m;e~UJM;`M-
z6ICMoZz^0m3;Od!r79Y#^UKRTR*hU%vNLzOU5Wd|`IordmvqOQ1IEi5;<Z!d@y%64
z*6rc14a*(NFXEk;nuF^gzxiA+m1HOmNVffw5}5$?=Ga5?LU9H<)$~dY9Er)}{oRfG
z1%!p6<(X(%u<_DJ;0($vciZo!43hbT5;7%gHvn>}KTE=1gJkxLqsF}NBN0;l*^F*O
za5Bm#a~iE9A=qTM1i=`>LD=*sOT4=y(<7+3*?)h#){JZ!OtU@-$jUv4p;yLe%N~Vj
zx=eb;knw!8nQOMLzkTQM(&y&(936#B={LZ2#wRF1WwW<E=i1~-WV-2fkR|D|$F;B!
zG&DI06jE{^BW80=cQH}P*X-N0G*f&F$f`K_a2%nI`@@CqWD1b1;K~KO-{P`B7KBJ1
zim7%__MvpyLE}^s((PN}#&R$*XBa_u{K~_3HBOryNKBGR2yNL^0{?~Ql&l~!e+Vyf
zgb_#ZDA97~2iqamvo;Mo22IVvEzN%BcVRsac&cTEfOekWc1)1~V9e68`6|I=y@v*%
z7nU3gl)QxWx}2!)_;Jdo#AA_hr(H_vNomj>uQ$ugzoAd5Y9RjS;n^Q<otTeXw?puL
zn~Hx&MmR!^I={>Z5ilR=%HP>}eBe*7tbTbq)B?hwVTa~~0@c*oo#mlsiwx3qi%*5G
z)Hsa>h1);ACI~lZPmWHiaSU`_>UWSImmAlAg!+lgAt#0bkhaNKBm$2vVv(*C4dgea
zk=;F{(W>#7FM_!)9nI6L?f6$>lk!mmf4Td)2abr(^sfb!0p$vXldJ+z1l86U5S>M6
zk(4d%EDsb*lB9keD>Jv!3d8`m^nJ(pX0+{UO0nWYJ%^CNDmB2bR0>?%L?$<`|C235
zj&T_n{F`m5T}d2T#fF_`8XSOEH~WxQTYzu3KdPjcj7_UNIPIJA>3uv^Sz&jI`cexI
z{(VjH7EeLR0{PTb$*5e^BY9zuyIjiZZu2@;t&4GF?dsw06>AXIt<PR2h)cR={0mbI
z=lt@=JkYm30(Yi8rQ$iN1UnKlr@4paq6S@?#e&|PJAa8Jp|CCoH*#a54mvGmd6g9J
z7Zp8r1AuzTL5g2^w@>5bz-zpK3jen~`~99X-mlFY-Q`kccR*g-OA}sXE{IAY=!ycl
z+O5h7fI0a2)|S1EWl2;U9N!(OG{HK51^zG$CvARd80l8vje9bcmZm2^Ka+skJ+v#6
zS(o~h+8jCy8mb(+H~=f>S)dM6j>U%6ST??+1T?IXOadi%vOr(V0b<%K0z~fRVN$46
z*^eTq*08&3P@BGDYC^=j4uOd{GJ81+)%0p!w++6%QcE{MSI>rJCMnMdkiqmUXvMfJ
zl7XTmj&{`QDo8W@L|^0GpR+9k%oTiPK(?NQzhzdSR;lMFO=DsAlWj5@jUjRf0#7fF
z0BCBZn~F_!uGcu`B7CJ|aech{w!CWU6R6&=3>PX6`f{N(XuY~V8aQAQj`C1gyl!}~
zFWPUsOLc;GsdOKR{{mCL<$TuSdO!b#cQZ$)b^8E|e@FJnhm<Me(<dCYa_8_?!<>GF
z!liNRmy#nJI;K$C#4GmvWx5@qf&s+dO%ByA+ZoUHi~Uh~KZo$vV&ZeDHM=9-3h$(s
zZMmaPFq`)kKt+;=eF|QgY>&*GOX{DW@X5{xAZ>SRp02;pRw48ubs1ltMDP}~V;9Z%
z=2h8;$yg~Bksz4%FC%)jq_0_M6Yk!>GQf-|ASksQkZcJevA!xI8U+x*bUImPfUEOV
zj70F$!2(&?_GE?xrfyT;Mtyvg?;P=c^02j_+9~{*dcf2;UeHOFQfk`syy5!~5>t+b
zj0%XvCSRl!mL)sK$TCQ{OAaiMjc>^1TL#&gm;?mf=I?h53MZnMhtfnj&tmQsi^)Qz
zNOh!QT*Z)xbq3qn76*-dA0Z`yJc@D8=?#!A`9VT2zk0CUE7*@5a2%s?Fjr)m$Ob0x
zom3_ksEk3=(C`uE#5(0@fpmm|PI6O0&%coWo%2Dvj;h>XVO1ThG__Z&wy0W1552`A
zEm^zw62@5j$oJ)A13=qYb*on(MdCS3=aj7#oiPX=C-KQ?yM7lXVzGPE+Tf~vbZFPF
zIBxXv(-VC*Qk@vaebKuz@$}{+FhnJv*zVex?{rzZMO;5=jKV8a(E82f1nc4r${`Lx
zdcbcyF2z%uvRlx~)I8HObIygM0w#kG(ggRm3F#w%hq`Z;GL-@JCR?W>B+EZP#rf+M
zje#qI(*4bO!yTem!P7U5R9A!d+8(qxta7z+Q9(Ld9w!7(t`yL|fIbpkLAW<jezc^R
z`t-!@W~Fc|Bdg)qvvDL_#^Y!}&6EzgU`Un$4mh6E%EUYqBboGx;4|G&4PK=p<6dnd
zF1@s_M2_*<E%5XAGY_$>2MfJFgpy6`lhEP@n4vfzR~|+VJDGU)Uh(S1<Vb*9I^E_w
zI<|Y=u<_I?Zh!<fC{$TF2ffYfq|RmCle_;U{JmfLd~3HToI7uMt;(KN?>%)Kr~b><
z=iwM`3%w~SfP;E;{ho})c-O1Qd+)@Hu9x$a^%hNsqL6>J*IrrBv0fT%jQ9zhKvf<w
zS>U$Y*9;xT%=$+O3c;N7eT_fi>90DD@`lj`s`nK#yHUYq$pypJkz6XB(qn0BQf)HW
zxT5zv?lBr0z>!{MD^1tTQQ3d8U-x99I){4`S@VeDhyFC<tJ}Qgqb;%7ay9uDp9|YT
zLCnwkh4B@d-<a#Nh$YH_imX$mIsHA73ROU%u8(cHa?Ffj$4C3J0(sgX+k*WQ<@#48
z6#9s^2+yqORYqpYEMp4@9_|dF>R%$5Qx6MF{HwlSx(eL*Tg%z>M1D6JuYY7NL?pXy
zs1;!E`c*uRrb1ce7fds6xX@P4?O2X`#xxuYFcFsFk`BJ%Q)88gUNiN;OWavb!QR#d
zc`KUSkvxu=d$P&WoG=|KkgQ`}C0*<SSahx}9J;mHa4b1yJkW6*an~bp@`}kc2!kSL
zy$<gf_a;UrR9L;{A){CxxN#RlJTi*3;`xn@z$Rpz!se`Ok^pSlchCf~V$8)({b4gj
zt1L<1>*)Ss&mjXLqvjjqGPgJ+75b6q-ODXi2m*T6a<BOge7SY2+<mJtc2pfkD8((P
zhibvf5iEpXCh@_;y$QR8H8pOBl~NEsNMMiTc;1(S69ry516FdM-w>!!-S7NON&Iq;
z|FIuJg9NCPjvk0snXH&)@-;LPMZQc7Gb(;_AQE&e)u=0@tkn%KW7t0VS`V-bB<H*w
zhJ3e1b=vhcU}OGDbDdUN77i!4R+zkcnlN}aD8B$CCev1n>^1-V7>n5RUIvy$P5bme
z@BRCgkipNqgQq4wv^6NQJE5WtoLbRCC41R{N|tGfFOM$pGqA1#2!VGJNcG7ynu0ir
z|6HzeK{%+V8C51>aSy0HRKB8d8x_|#;sk6UL}wpBSLvG4mRyav8UOgF+<#Iu@`yoU
z+<&LcPFKg5b4q{DwGtI*G^FNfmvDA*bVM;wo!>`Xv9Bt6t{YC#L<h_l&LMDZkj81Y
zPf%lPA~wfb%QBb-r(}P+#J{A25>DKF<)6G>9-6yV(V1G1KL_c|t8ZDS1q0z^#uMO)
zCvwdf`>W?$flWxXsSq!u(WE3seK-XFWQ$S-5A*8QCd$S&*8x~`#~6yIWA^<AjYS5v
zMbP~#cU18vdzoAPf8Y9B^dA%N9sVi`avbSX#MBmAvPn!Y39{Y>T|Xk+6&sRKY||pc
zAs}ikK3Db)*GCaZcHj`3{bVs__|9e4;o2lK^MeA>%quoJ&&G&K5D1XO?*{>(h9TgA
z)71uAeq|F+1^++|D2$AN+s^GXTK#A9e!dED{Uwx<PkqqVxvzr9;vkuHN2%jY1hvFd
z!QqViD2yT`jRVBu9cv@=0D_L=T#GhANLC=|CUyp-cz?U_W8!)}F2kQ~`ERe>Pl_7R
z1KkBHN>2kya!u6TT}C`NK}nA<?H|NPF?0imvr7%IIR~ua0~X%1Sm<B3_4LiDs^LKy
zWw8iQ|0Ykn0Cb8xjsLR%xQj-QaPu<@K8K!G4Kz3nNtEXG@00X<W1l}SImKL*##%Z%
zr<Z+w^#N#f!COps1A2>zUdaUUjclVhqiZ<bC}DKVGW-A0kpH3^BE>&f+)jA8<^*jA
zOrgoRQQ_3}UK9i0lzRvoDHI=E-8pymW^1o}tNNIL)%oAV`{%s_pvWl8bim(Sdb&@I
zfzJm(QivOm0EP7*;?C6H#Dj4DDeVAn;?guOMqmD5IPf=t2wlTFz4X%=(GH4}<1dnk
zy0l0lx(2F*dE=^$&Ya}gz4Fdt1Q*Woe7Qu1Ql~${{m)l3^gj=X+6ZBtC~B_)zMjbA
zBlj{X+GUaR=QaZSW~l8hpSgyJJxVvWZ*+b69l@OW@9*CVr#~g|MYk@z-#C#{TE)ql
zH%prOD4q)`;s9~r_n>*4UG_O^U|7CqG_#&n#{c-h$v?b+mH`r)(yNzw{S+8}qns(_
zLes|b69sD#dIB`$qF;FM@5P|rM9276bqCFMl>Ki4!8w0=>9m{9;dX5&_l0{8b!pst
zP0`?|y!XLLth)YZ*MZLGTm=`-NufagRrMZ7ozgXS!*EgSlSQXhp2)*irW$;)PY7rp
z`-4}veupSv)A}@lN$ER4w|D+;68`m`5H&a*sFL(>cke=8lz_aK7*K2O+qbZJ1`Z59
z>cIGw2$7v#c4GoKi?z#z*UoDC*$<qY++T!2+ccZB+v%p%0*@E`JVsa#7YGsu4`|3k
zJp-y=i$UoZjyKrFS3;Vc!T+gk|EY!_giyLSSE(C*?$-GN1}vh#F62M#$iJ6)4vk{D
z|H0cBO7y^6w((2Uf7|2#T*g@)Ia%&=1@y}VqMzcPen`9QWBC73BYXC?|9#zuxa6vM
zco0M|4!s>$>Pe#b@AvUP{+E2^G7kM~o<*PJ)Aiz*qCx%{zHg0AiTUz2I88zL;56yW
z@?Q%1BXW>y`!Vq~RzXzkufdZT3c+Nm9-Br|87%)492Uy^oVyg(FN%(1Q~3`<)IUY2
z`gi3gI84`YX6&V|J!rp0`8P@9ygGGua@5+l)-X`}3z`y8mV8H$>J|m?Jyt+_Lieu~
zdY!7)>Aqf;1zP{*O3|&qDnujMPt%oBBBgQq_4l|apJ{{T{}F6UBNZ@;?go!I|6^Nl
z=~4FfqR}Zl{2z8t=-Q2+_V)9IjxUs`3y9>MoYlOG8Yt5)Qpse8e^zmX6bXSm6a|HM
z{+gP$`B|bjm$w=?b$VS}lrIkWnuyA2r+EWcY+`er8~uzp(yCBCbMMN+w|{B<8Ex?v
z|A~t!_t5lCLzq4d6w*vXjLs|pxzk>@(FwvZ_7*t1?B`s-lsgZA^zr{7iPHno@Ds8$
z7{{I_O)op6Bz=y_|2-vYPicTn^nKq3IlDk|G?YX3uCyTj+b#xp|5T7`wc^|csJr$K
z0J10X4v5t4L~Wu6P!P>4XIF<agu3uhFV5j#*|Nktr|yS)6`59X@_jkY6L~ziH!1v&
zw+R3zEX0W-SZ5r)w+YH;nt1wf^PQ3Z*_%2MIC;cR7a?9R^!YYQazZ;m_$1y-9-I$&
zfCt3@;()$ady9Q$**_Qyk3O5KIeudrb=ytTtUD~&q!Va~mi-t=rzX$Oa7Wu+MqBnc
zXqx|vec-e~-hb%qnaiAR-i+v}E7`JRReSM!i`=MYHoy0g0&#y+dA^_4@bo7NIa&0~
z_bb;_OSF`434H&-gY$x)(CdqusTNJ9j>cE}Kpjo?KaEiT_O^iI6+8VwjKvqlH&6G|
z>m+zc(TAcciE#pe;tCC_Ui!1w-fe^dSgDl4Fz1U5nu?zhHn=Go*SNL+YKhQ&C{8!+
z!faj%=II`gqP)#N_prc~15AK2;4*aWp1FwgGjDjSj8t!w2APMjoXOP`!cK;QOs|$q
z((hFt@7*Q-D@3{cgXZ-2_MD%ZzC0Bq6AJ#!bh7lJtTkX<fqhDAtv<5_A|XNu9nUBR
zucY9_B+-8DE&doup1Qc!%)0;oezDO%GNxl_{20>HLutw+`!SR*GPizyU<#P`8#jXg
zrJ-l+!Z~#JpV-lzuZaEh#55A3Y|gj&SQ8LnUFLg@!vB5xT4!{gQta*857F=vsQ6Up
z!Pq<ZF{%^|_orznhyOoo=JU{>W+L=nw9)AYf1IGQ`dc?FQ72mr0N@`qu6cncl0Nw(
zGzZ)o&pToNbg3KMGiw+A=+A$7MXnBfM-{h^XdlvUZsz2!DNk%1<+%SL@PS=7fDhd6
z;THSTj{pKWA5rwcM5m#C{WJIXFNu+_fRZ89rR5OnX~rju#{zN#F7Wz*A#j1QC>NN-
zT>WS1I8+xd6X4Rn4kr}2^jDZ8683x`Ie|(Q?;#;t!YRa#LkmShW|oR(i}xxlw^~!1
zw-9@Qpl7Hq_DZ`P70wm3BK_8Ay!Mpn80|LlJ?-v0fTa<AudP4DND2pc_~F6RGxtKN
z^IR9VDXpzx<ulda_6NrUn5~IhO_bOpU&}O{=9l&~iudOnJeI>7tXB$B?_XakP#d@#
z5jOXIzWs-+vuXk@>PNg|>A%rfqi1x--&^Ihde!cJix-p{y`3?4d1vQm7g~nhXS*0`
zrxO%H>P<QT9-4T^_G{)`c4jihvm1G5;IL3E8hYSm0zVhq!v9dte{Dpg^|?%bF0sNk
zyVoik4b%xCn&I7JUiH#@k8VhLt~Wf5i$L}#a-M7uixBxIE;K4gXpF}ttd@T$uyDP>
zU=Z%v!2a}y>sgZ${&2=m`)SQs1F)KRozXG&UMT~s_dvr8sJNXQZW(zkqgCAwT7Fi#
z{jqOTZ@zIKA5l8ABJA?qud`SFV+5Toz{-6<Z{%_#rJCmwA@^=COBF)rLlERPud;>2
zal_75%T?=+8X_tF{<7K9BjQV|rJlU7hL>zVyCnbXiJ56QRSNJ3K74B8nvI~ux~+m^
zV@(YzrLUFp6}o0}52@~+%AWz%WC@{tJvwqtj0}!`vx=s2kveSusf`=Xo(8W6G6;`e
zeq!SLFayaQ(|&5B(UdsQ!6NbHsdaqr9O%w7>a8VXWu^0FztQD+DO<|o4+tfXK=;9=
z?|8H2C4YbXDy!F~+^8+mof<x|Z?!P8%V2Y(tCvBT>sq*yn6m4pYFG>bCc|9@4EI}~
zl#_;aX33L=tux^xHVc0mPXE2LXg4k|AY{GajSXc_pA{~R!D?77K4#m9(MaMkmFK%2
zmLnSIvwTFm12e<#%?f^*R(s2F;!jI)zafGf`}A84XTHhxE&SldK~D=5$~D5gL+w$$
zWcMHx{@|dFNnp6=qUmC%ry50YJo`We0cbSnBw*UAoY!j>Yb#qFfg7TFqVVoV)RfhL
zvdOuwq~1KQeb{wYP_kTdtBXiy|8|#0F~je(<ef!<6QnB_ttcy%;&gTC(zCS`x?<f;
z7B$-+FD9z(5k<ER3_x#90Q>YY53=Z%^&ubT0clm6=^=;i|B)~N5o2%9!l{}Lxwo>t
ztz$R0nNVJmBv0ZY{&<ldN(kR4S1j0nhQvKoI-Jc;%E5jdE>s=mmTVLLUKf>Vefsu!
zgEjh17|lg(>RZKB=r_w~oHN^}_n&^-J@`@1Zu9MlTq*^J$CGTI9VC*jq6bx|VYlef
zoi|;p2cwov?xNQ)j;7bT3kA;=l?RVLODQ+K&t%Z1t97f?MF)AiG^vQ<k0@yF;H>F}
z+uEpDAJa);-HP$s4{aaK<qBF6cMD$Al^ahPYYPv=ZV(G7JwN1#hkTZ`<5AI|Q}ayS
zE7;dwy#Z)QbKIHQ-QO4fW!5hPFxJ}*X!LLl{OqtW;-a?L!7LG_t&BIU+z}EmmP=iR
zA6f525m=`WC17fK$}4X)r1$2^y}CQtNpsavGb~%9=amCHRhfkdobWOsQDrR(O|ytM
zPIIC0Be5b%7JFLBDX{R*8DCD9jML;PwOkJBfqd6Sy6FUc^`BKhm<{IBk#Jh{k9!W)
z<+`hu6_2};a9KsHl&!45d-)>OK|$)5;k(6j?#oUFh*!Y7{PJ1A{fk@(44Rq-&B&wf
z2YFr7Zi<eHA+^WY*GIv4)=0Ycy5kKZ|J&IGMfxA3P04z`nWxCC7TDUztX2#l%^z&P
z{&l7QVi>$p4zB7ZA-%j_8sqj+X|N(*1fTaaugxPG;e=4l@ToCzNJ~0|P9BPrEfH*G
zaJwvPlDAi){?iB7%h}r#g21TzL&;d|!YSHL7~T@}0}rZCIUa;nPD~H56Z!TGDED;w
z)9?ORW;34OnDnPmw{N2AqLvO5N`AZ_MD2z&t#Vk6zV*Oa)oQ~1$NnZR=Q<+i``4Bs
z$fmenzSGhB3so-L(P~%*cR{yv1ZOwfLQV^(Qj&T`MrTYx8z_P6=Ij!Y^#+~5osHU)
zX^TywTXK6q<Z~MrJe*eQ6F_0AeT}{G;~0z4;&?-Sqn%jW{t^|kI@Np&BBIa7N3}(K
z#X27AK;(h{o5(K(=84(<$9cRlacr$O85$o7)bSk|U8N(1d?#B@_m;WW|AV+wDey^I
z@8VxG)8-52uKpD3U~G`ei4h(ze>a3~df2(oB&UHh+4)J2DHUmUb}47IT%Aug+y!5i
zxcuvz@p7df0VkOZ@`cMk_8~Koy*w8%Gxa8kBRHh)+Pgtpk7+=IDo1B1>vluBM7rFe
zdW15GQZr9?@^NIIX33N~zUj7got$Dvt-||>>6|hWgW+0HBkr&`6+45-YL1-P+?;jG
z@gk}EwI6Y6PHVjl291T`MsaaVbj+2#F@1;`%I|H!9IDqi9uzdpy(U;tP<VMQHA3hr
zS2DLfgwtYz-nch8N-<krVs}k#-tQVwUheX?*O7}R*1>oGTimYFkA(X>>A3ABU*ok;
zjuGJ-gI4L|{UaS2*(9Dal;KdF+jV_-l{Hzw15zNHZ^>3RjIGb({4MMaz0xpE$COrs
zRIT&(oh{)0=K)2IbZ<E4YcRCJfpkaZ<KbpX-44YD?G`VILT~RY<ZIPrFkQvOjCyfp
z^SJN4lI?Q8A-C<<7xnap9dC?2%MWdSu2R@t7kqn3hRv{phP&8!VB8NLTH#rfzn!u>
zvJkbo!S6OdxU3MtV6JSrKWgb=ujSAB8~A|yP(T;RaM;3k8;a)|ZPhA|V-xFKo3pT1
z=$a@u6J;=KAHb%8h9GiZzWWQBoe6A&@^LM8?)pyNg@C@z0Ac;InJ^Z9qT?$XS>i*v
zx_xr6r1;{D$JD@P4K4<IWms|FtC7_n38VmL6jCUzbn^=(+)Ub`Y$lxLYq(r1>O6u#
z5g$0V=L$Zew*}4b-{<EGBa8ACHG7kKjiNV!aD0>3v2*AW_F_U5BU}ELyxk->@d;;J
zGH%s3g0hUSa)S%gGp-UIhx6}aRj%!M_Ki4_s${S(q40_D%BDwO^~e@}?$S9TB`*Cj
z1GNTE-)lG7Ka7c_6sW%|ezw{#2ht2wwB$QVp~=NdnIEmzX_aZ1_}!kx+)H+TZ#kNo
zQWi66zpxBP`Gv>C9M8=46?c}ogdicrFv8QUtJh6|#GggG_4Ffj+;C5l)gkjwZP#uP
zIV5XW99DxWCW$;I+9M+gFzv?H!*lG-t1YvQi3M8ymXH|G2(UVz5lkZa?lpe;<8jC0
zb;P<6i9Y0l7sQiSTHf>=wQOXCC&_xjbY*I2F}u?g8rzxyy+VN~24RFiT|MV{nPI~-
zxi65hZN;T$71=Otf_Jy}b{y1+8MZF(>v`#qLhHeFG{&XD#=rsOdg+mCgPH2ztZw~f
zz7Bi)dJDnNmQTS0;6FQC{3LNy&UsB=egK|v3TAdJPu4-#pD>wFStas0KnR#L?t2|M
zc$Hq$@D-<d!Sz%wX+?=zrN^J@nRFtnLb=7^q<OEa!>VpbrS1HR((>oJiX)q2Xo#u-
zW|n4^>*H}NrqIK0Wl613+1IL{!`;z6W?4*pkERGQ<25R*+B-+>iA4FA*q+YOl&tY6
z<U$;>RVt$2Fsd}^FMTx8sUGBIHTd)o)TCbhJl|}K`#ry_`0O!NJ&O72!l;(F0#f$3
z1z>)}7-;!(!;WLNjnFQC88S#C$Zfy4J;qfg4~jSFHEPAXI|O4G+jCv6E^V)*fXOIr
z-~k1u(SlZ^>I95PHKyE8gS~+<&XY%|hJ}H<vJvTHG|%!CR1Z1FZu7XSg7Fd}gKdzL
zl7>CouRoa2OHU1-R&AfSxW?HVm%%}R3z+&iZ*?iWqIUQy5&_xYB<l2Pzi}r_^~<fV
zMPB)BK6R}IAHUqNTkUBUoWbug(__4=ig!1-zA@XIFcUs*dI<L%D*Rhjn>+61ohojf
z^4qwUfVX`?JARVo3MfK5s>ii?1SYPx5WbV}9b4e$ciXUD?sF<s^VDQ(!Xh}7b^BDW
z;a|S+<)GZsUpkgANjLod^=+fe1Q!+)_uX{ZcdPXm8Sm>96@yCS6qmbYwa41r?GfCO
zYXguYJ4|B!6viZh>QIbn#iO@rsMfy_^DnJO=P!<ym)PxHmq1L|8zq@PH|}gHi=bCy
zwXbqm=t<&@Sf0OSG}Qm`>K$Q|EHy@z`Uq5a5)(G*XW5Q7jPH7Lb;F657dIw(iybE~
z#&LOhYZo9VYSr}Z4~+*hqDHhk3t~o0sn~~d6m(KlQr~_ITu4|Sl&(kfn>*OMT3!v>
zINCMtNQx(`*tf%1xeVI-4abg#6D$V<#1uRe$w6GnxjHDVdZ^sFyEaN^I9-rs)GcwL
z6r*-Go?1Ls2=p{lvl(}D#`wK_*_IeLfQsZ;S7XmKd5)nqVGy|Rc2vrKh#pj5T8jH{
zrR+F)5KSCB#rq$Lq1MoC8-u>wisPs|mqI$<AGXe|4UtT7t~wAkQ5Nuh{XajE=*Wpg
zrty#fPV_*^M^Tn1T<Hf@)Okd|PVc(aE)qc}#%akOfS2}2pk^2BNLeL4=IU@*o*HZ1
z?r)FV(xotV9<jGQ7XiFq2dWuzd{@iv#}bQv(OwQIk8I+P`|St)SLI=L7fQ6(t;g2(
zu`6`y-9-nRw}$Tvi@Sm@QXGjm%BqQ47bz@K9?DBtq|qc?*6N_7cR9sNCRzH8c!~-%
z@)pn2O)*fwIbT(3+650e+>6ny@zi4S$ESZyaxa9sKPX4pT~@m%u}{-!_aMb!JVeV*
zWk0Z0r9g{qH8@WG&h(oIYXY{{tnP!Vb<;W6$q;&Zfev1&jF_G6LZ@RgP&&bF@4*qN
z>Xs!?zB{AnB&93Czcg(=!(2BBHy@eTVMw1b=Pm1(VtOGtQE3Z@GacDW$Rr6+eJ`~e
zj$xBhXLyzh36o!JgV!$6{n(QoWA6>X(9D+5qPv7mHngbpnSO5X8M5m0!8j*?f92X_
z!-8gmxtiQ1Qt^Y?rG3iR+jZ{Av>yp#nL@Rbu*~u61i(0x2)UZ0L6%&X`P}?FvLm?;
z!oB<n5LQ!)AmcJ~v0%P;!~5%q+h2AEsxdia3)_^a3yT{NqWVmNGRd?_)z8>oql&7D
z1Plr-OOrsmTgT#Uo;b@vX<(S7Z|>Knmrd|0!?da3#O(5c@NC%v(lp2qmJCpWB-uR%
z-$}z@f@##f2e8Bpb2RIpfz1X>R$(44tBE%j-1Z5pzlwc9<?2ODqPxQW9#Fzum0a4%
z8b?loQSFA?dr3R%f=>!^e^z+f@5PlE&%+;m>?)3T$^AgW`qoS5aPgz++l>ptr5>0>
zJQG>{=Ot;g45YunYe0uWvF(6ST@}v)3slUk>79RTHbGWjM0}ZvsfE1j?hkovr#Sr6
zn)wriFJcNPsLY-18xb2{j(soBz2IgL`U-f0#Sf;3j_O{R#((2PQEi1O30K`iL(7dy
zu?W@$T(o$4>yDq>ArSpi!=<lwigT>B`CxdxiHa?Gyi`}6G{fG!n(e6I&}Q$HZSi`9
z3YSK#CZp8#v6eb=@>Z18hGKfcrC0E!8G`STzOh$1;^?H?)r!!glUdnU*oO~>it$?J
zo$y&WN*6%zFk@Yq<v!~4&LkD>I-N3oq!2%Q{ql&V`h)p)8(&dOGnGgS^?yEA*N=sb
zwNNmyvp$=<X<y@qF&By55yR1$Yy=4+W!lHOHAtBK{4tyse<v&`v%Che5wqFyxcGuL
z(tT9!Yino$SA)}La;e$zw^SFU?A-#Sp0qt7WAuFP@XAL}O$9eoj!GOYA<nI=%h9(S
z?Kz}4+Jz-Z5i>k_n*nOCC0BcER<=P8Si|N7!@OkO`a;%9>k+f4j_lzLZDzySg=vGW
zAZ~#Qh4EX1H8oY!fC!2)q*Iof$C#gcb&vGO(AXi!i&T)}ynkr1OD_B{uG)PH62X5c
z=z(9>?I{cqpGB6z&AY3Uq|^&7zXkN!9laMdFB2%}5eu<kO7JM>e3F`D4GFftiji%j
z3PqOf2!)r`u@t<21Z|NX6jp>Jxhjpkt!|k$S*?-DIo2pYVvNk_vD3l>t+U&N3$N)5
zulxYcM)@eu<B~nzEe?#{F{REs+O^ItPY>a!*7A;AgcyQ_z(TV^UEZuoYBk+6<0>Al
zS;)pfo~gd+<d%L(dz&2eoh-)i`GQ}w02<D@?j0gJB#-Osx()N$hM5&Wxt_rq0@`&K
zRAMql(RyXYDE(u+Kio}Pa5&~b5(~Xt^)j(5*pw|efinisWvfbc^+%EdSv$;gRqh`p
z_p;;^N~(xcmvc9?ED>n>sl<lMpi&i8W#$@XzSOGGppvI~2a}kSh4aq#V%M7(ot~%B
zFt+uEC7J=_iDM!<_4Gngp<+g3RC?l+TmzIVI-Tkp_J@3y)M+9S$R=?SGZD(!hPhYQ
z+nSFPzKnkTEU048G^Jns_1l%IcZYgmVo5iP+G^e^oM$?TrB@Gg^iFDJ{)d422PMuD
z3fA#bj)|=5hNI;^_<AIc=}`916C#Go1}}VG8%okLOo^Lc4Bqm)8|}EscMn1%4$Jis
zp~V~AUu;m6QxvD6c5!DjNgvCF4{mjf<;OluOYM~H=s1ko!HF1aL1U<7SH8-eZEAF*
z7yHZd)xDGSN8@)C@c4F5^$iyS1nOoVnS%!d1R>&L9Co*hvK-4gBKD)!^zsXU(eMkh
zk^3^TE%gr3>1=ttj<_KbJP3unF&!?<Z@shxBYBV=oIl{!c-ZHv=plk0xH5u#f?ceN
zFi*m!Q)Mqy;j$mZ<w%p6ZbFFNu*C!ek|GC}xbwfz>yrsGXfX;h)d`MCI5)is)+q0o
zTP|tFCg3;8+|>ggw9oe;(1VL6kvN2)C29JKR#+eBYU%Il`WLO6k1a_h)vrMPi-W3Z
z$Fk%K7JK#a`0I1FS<Kc%MoTt5!!$UMIrcTo=gnFmiciv3M-Jh*uN0Gr{W^Jyqx*W`
z4!#5n@o9cl?s4yVz3MG|IVn-7w&bgI^dOpDEBx!?x?m)z+P)cRQ83@35;0kWSaMLJ
z^CIW3Uoq0K!UMg8KZ~150@Ec*LJa|eajgQAvg82>wvStt{@EYr>d+aQAQiZP-OPXE
zu1tj0q}x*GdyL_%FohO+?9Gp-U3X+5`9_mEpig9e%olf<peKbPj*b6TR1eQeI0g$$
zZ7<N0{obnMpnI>jhv80ak!u+-OyWX(P`gHhR5UGcj->qw(OwOSpnbnnwR_!RA#XGd
zP0tJi6EoZ}kT6^AgrGguXV9BYrTXU1&_Ms<B$_ALI{&);mxWnl!=ou^@$8OE!w8}r
zt%=f_hw}eC{uFxK+r3x39$<1~-B;8y<90Z7(Ru}X1%KqdNQ#VL8gE8FgoZdZ_=y2}
zFzuoQ1&TT=8EX@MT#6eonC>G|BcmB<+HeGmQA)7r6)+9)Ngq}jkE@<foNBo_FAggx
zhh}(^z39MTFi3}pVn`$lAyu%3R!>!!+!X`x7>%I6lb9pJet+2NT*P>VwG_Y>lPgjA
z9IA>ra|!ZW-B0gU6W?C?)+Y$>vtWI}XHD|u>H5oVR*zkGkHM6cC_0nQr{j?4au0Fv
zndJt)ZMJk22_8o{!r~<W0Er!M@H~8(_`m_!G-%Mlrk6ywE628IMe>;M)(E^h;4(qB
zToT4yC-j2V8sm!I5$~7|Z~ft>B`T7F$ub%D&;+jxv9A&^YTuReRC^br<tqxIntyu~
z2&#R-2#Xy1{_@!vq<ewY?Vb62y+jaHtpbWlJJ&zV-7-_T_+sErFyD_wFh&tIkFmmB
zZ@AX4*lZnQu8^__Yoc70%sI}lH`@c4r=4p$cp#x3Cth2?s$VEY<(MW{LA_8~ix=RX
z7RSejsTamx^50~j^Qc}-cL;<mxOOOLMS{xr@Cj~v5KrA@jmhqdUpOvRWb*pH+zR@E
zB<<tIGB7&)(q%J44Gid?c&BsfIAbN>v<y=55q<dqS_e2vMYny>>+iy`*?j3bfAFL9
zv8tEPjAT+M3rt2{WoC=C%P$1*>qA2E@DErrz_hM7C{g#%F+?YrXe@}7;}ICkXI5@H
zP@dEk$E(9sflT)UlL0<x8g(6fZ++;oLk@LEjoScY43AeoT)D4)zyPJ$N30bdPN<6U
zBTFAknf7O;jt&oWRel$2i{W=&3Dgu*$H<*FV=qQEi*jX#+;b~06nnw@_O{0HIp3XK
z+O<;saRPfSqdz&FwDLyKJEJuuK*q>zqe-wKc-OdKDgcMvM|4UpiP+ipgeTrq!IV0a
z(EXEnIepbg=q;3-ux(g_J9KyKQeaS@FCbmgLm3T%Zlwz;F}D#@%3BU9Ztox39q#hW
zL2qS;2MlJ3niX47$<=<|5<cAbV$o#S<U_<xwNyV=(wltAA{j9i=5?~jw09^*9kiF%
z9U95q*D8Ktn(>Gjz<_>Xe%jCdX|^76=O|VUFbO<Hvy-SL4&KzO>Nv%gZ+zdU+RA2z
z0O#5LylcKwWhdM?$g=9C)$Z*d!jPcyP@ipyfzUZGi5siAng@%;*A92x_{Gy`<GFG&
zLrn}UtT*0&EOsAKue*ucM5!<6kfRa~ur`rs+ylc5i&12aT6xc4u9_0IJdwlgYIsC0
zHslIu%SU=FS`qCx<MDq`C>CLHLBP0zl;9)E>ooxw)<lsUZ|%TfN`}vKE+4RU#;PuY
z31Fg=u2?u65fK>7+036JUy;7F&Vw=$9e#%of%cyK+YVOPx4FS!<blu?@fJe1*o2ao
zj$3m**;*ym@tq3{>a^qKn}eOQ=6WUhI__qS3a#JNG7EO>0B8cihD*00+X8(U$12zI
z{0CY7JC6l(EMGF0TTb6GdqKmYCYC5qk-Mu!8qy-aJ6S>PHoOmo<mfMPIlnl_y%6+1
zA#ahYwwxYYqj7paZLGf<PLi&ighWD6F?Jrn^|M$Y)}p^N?eU;^tbTGFUii*jf8==(
zN7ggRs}Biik>8A+M|NSTfuAFfm*(kI^4sVN7Pw+8RVyUr-?`s3L3Jc14x>FYv%_Q}
zqU%oPl@+iY*Ji4Z7EF;w>LnJn?IO3o-a$1()-hTqs~Cc2o!CyT^Gar=X{DwEv7P+g
zS&hA1(;@wYLtumyj}!8}1%Yyd)7r$Hc{*jz@jbRk&8yK?Q#Qxio4u~3Cn?<%U3KO|
z1I;izyS?~og^1X^2kwuoOuhc0rUaFFQx5-+`c7a%bs?KMoLG&9S`>|+=8b%UU}i9l
zB99oW2Q`HsZ>ly#jtVPV!taHms(A1dRBC{Nk|Vn?yeI^NC>u9;@Y(vXmd6|whc!Ld
zZa5QrQ9Z*@hRgR-dA<^l!HZ>BH%?heRJ!eXK~vgG2XpaZdc=8{r1{VoCad`r<qbwq
zzMuApN0!g_*eOn37n4A(nZ|4|HWeG<&%*hsR!__R0|kDq$!LB_kvN#r7#Ganh1ZrM
z1|r^G&0^1i0#=6w&AMAkKB78KhZEOkv!3@5YHfzDr1C6-NfOvQ6-TwXQ(m(v=lE;J
z*4%c<Xft~gIS2wd-d<nR?VGW#9}r7nb=;L+QQUG#Ab`l_QIM47dBU(!pq7yF2<q1Y
zMtFl}DSdW2sCV_0tNDnQ<~rz!aZGB6NZ_(2`pB#UTNpOqsO!HoADrgb1y@uB(F?CZ
z^McMi$iExatp=@fKgiZvG#|Env(AfHN~Igwt$zbs?2g$j{Z2o#=^<x1KOR0UF@1C%
zj*03eySTeKYddT9jGSXEBwo8aNh9NN+)~lx%ix4`2&@{(I`X!^SSMNvdbb;Hs8&)>
z4`%j$tHe~QGTkP~R)&_>PdM-{_UhnpY=yIAKMBSdsg#+lMudUkkIO@5Zzwp%!ZNde
z&U5vUgTBO^E0NVm=+->1<h3?#_)@qV!pO!TV0tIeQ$26QalK#8Ot~PV*KHMXaN+7Z
z!_{&|jV;*C<agE@srY{=af2%&Ao-fSdrZtpCP=r9AdR}6*()}zcLfmQgZ~$Rgd7D(
zCIie+fJE%5{yqwZ>}St};eI13|C&xpEk7SNcO~6x{>gyzO0>P}+qSGHU&uMK`vQX`
z{6cc(JbsL{lgRRA`9~=}U(O>?2bx-j4b2-~MLf)UVfN+jX})`jZf29@9GIV^C1B0a
zp6ogHg5;pvghATQtCSB~EIck-8qOwvQ<O~=FG3)x)NJ@u9>OqVIt<tDpdiv!0esJl
zJr2=XPqjS2e@`NkngHMNH9lSRQHn!~9E0l4V5F>MC?i4)TkdcoKN!LeAqj4a1qgVN
zNi%GtZsQVZ5a+r&2b-^2PClaXi=8~lg^#g$=c05k2IhI+($`rTA}*G*9K0;K!eI}w
zEN!`n5XK$eZ8-qU(mTsmrr<OIq+D_4v2pZ}i74P!z!VusuwxX2M6M;aMLL##+-aTV
z^;R_jeP;?+g{NgpD4{I2VAkq;9<@;6;J5F5Kx3Vv8<+vbSK<y=XV9$ZtG-eZUX*ur
z$oBT(Hj~;`r{v!3r$dC_@Vs8PMz4mdWfr#1i4A>v+D5$(m2+60cxX11wP7nZ*>IrV
za%>|gy(8!A+J98yPo<}(auYs@=&!N%s_Wp$LS>AJINe{=ORtNqGvzJUY_>`kOnJaR
z8cN1QG@aj%d#qwUVmNsbv00X%N>vihsZed<GFsu)pv?gi=q@0UKKyaPeaMW%5Oj?$
z&wmlV)XsZnnlnc2yiy#SVFZ|$lhFA-{yvxrd5halQHRf}%SpcS$wQARjRt?LeF&gt
zGAa~W$J4)yA#0hAsU>5@QA5X=9-E@7l1`JOI2X_<X;q*7XD)}TKlF`mxRYJxMeW3s
z8iakNX8B)H<-cnXaK4F>hb=C+k6MY8z1nS}yr5$HL3=<pn0@ddxU^s7DjJbOk+j4+
zKV@TSS|L>67nC;0;C!s7hB~5UZj0P3Xks~5OIwk}cE@-0i-NMgr(GLZ8Eg}4VK0#&
z(2qXJa(kQ5{#4uHa1T7K{T}|gmhJ@3j|;&oU?ef$wGLt`0(`oI>NiaL`7ldoKM4in
z_J!&4<!;nq+i&8)tMa{ksENQI@)14F1a5z8I+D}B*RfHDAVaEnIAIbbal6UXZ*YBZ
zRE24<_n%jS7#ds%w3@7DNO5qziO#w^T{2D>L8JEwN|WTaGjyIi6g8=bI~zACPXXoQ
zGh(!va{*k=xZte3Y&cSwFxqC=0zMLmQ6H^BTc^{qdYOL2dLqob8PYy#@3pES6-Hj~
z-oHa7VSa_XY7N3<1)vGYZ43-hR`7s<1=Q!10Bxbj+a69=pjqSiczSy0ek8Tih9)UO
zE8qRjXx+YNnB~%pxBSXv1nD@3>249dTD7#!aCY;ee5T{$k|d4~JBAgE^6SmC3#?#d
z<`Iu)pZ3adwjrn77ixTY`ABo;c9Zn{@ilH8j@QLT^Gp$(mc%6%U}|VJYh7Y9O-IMP
z6!oNiZ=9j|+m4uU?_ulDG+<mR+lWq$Syj5kc98b&@TTYCrS^bu=#JwBjJcRsv#s&t
zx@YQNT(6+>s{X6ULl2jJOJ?)`f~np@G1b9YoGg^8gDx8^Y%}^n>;^&1>AFfbS<)c}
z8AZglZNz-?RG8WAH}}N5b7#VcfzcsYt0aefqj{%%3@e}D*$T&Cckp7W>r4FK)G7a5
zFfO#Uv;I7`aPjLB5Q|0djW){#2kG{0_wv(O3RqdZ&c$^qU;k_w&EK7;b?mjff!>pW
z44(ZVynDyseoZPp1qCIg1g%`LwVy%33;OotJ8q)I)Ub4~`x@b8ZN%YgdTR#V0?|i{
z+_Q<?h@PZ4H)A&Ag>ARG2jiQG+q|3h3y#+I4asG83l=82oH@GT$_Fl)I<lcp`l9Gm
z=4ZZ8fiA<vJArcFGjzS(cTFiV2uv%}%{R~4Z7)2o*_3)rA{lo{YOGVRONT~EC67I(
z?)*bK<^1T)1^UAMa*JVc$rxHaCi7Sk;X707-6On`$rGtMYY41Llj#??=(jkuZ*NyR
zT^dC+kKT*HrC$1Gr;77vpC@5zn`QRiXf6`5VWilBk*hj)yShKb8nHwP2E&#iijuoC
z%@iXu&H1bfMr;r4x89gAuYUa~C7-|MYu9?)DRw+bztmAY;cl=Ajm)NAd7jg#2W*{(
z-*v6>8rco?#~;-TzVJ*k(Rc|+#4y6vbuCA-we<_-nrLz$g*3Dj$K{uh)y|+VJzE|2
z(&HN}flG3%)O5|zd;xT9%cm(4nahEpr8o8b62aJ&PLLJvt}ik2q%iD!vA%fis_6wv
zSl4W>B~rg+(E9U-sX32CPD|dl;`!9n>VO=2%ZW+}Vs<Q8{hKN0^@(EBIuE|ZAZ7Oc
z4#=20+&)BYe{Jk2vo{5IGNW7Vu&t(F-eC6VptHcBvC-)f_S1tp`*DI2;-oqsqTd$L
zTZ9USq$!PZluhdJx}U+u?qTu#=WKL6;X<0N@tNVq!10##^6!wN!NR|lavgvyo16X7
zEjGq|YB0;09oqlNo$3elaWg;hmaX#5;$iMo4fk3FM!$(S&$1&r7nulIxYSnjX2MDu
zl<)Tc6Umv27GbZ&Kvns_XnX6ZDz~m}{8*q;79ia!t)w(cw{(YeBi$uRcQ*>s-5rW_
zgRp5(V$++D+{Cvw_#8R!c^|)T{KokGw+C_Wb+0wo%xhlr+mXTo8Px5fl1onK$vbls
zbcGua*M)H&@G1!}hJYl26nBczoL+b63#9s!459bfz@tw}d~qMmzK&5lvED+CQTj$e
znTm9pQ{R}+SS^pzH2h6Yy&9}qMJ8S5hVvK>&2~W^<4KotiP27qohGbbRQ#;~F8knS
zm^~h&smICtW1Tjs_M(B0m_m7O#RN2i{qlWouQk6__NK`igi@rs^*U$69gs6bCpG0X
zjBs$(`qy!PID&dh5?YlbazKUo1c_{hyAhEPpPm<dZ_{C;rk?p#*?6b#XIBc_6*;?^
z7tL+$*+T|vdYQF_T47ULBi&PMC1Obi$q(webC(@|y4+<(qm!r692qUlXj3Xn4OdX`
z2QAA&a;{^9#k?O115mI}Xb3nO%?XPP!$=w2H%wEI?U7uWTuL41*i&AVkO>8MriI8?
zhHOEJ@B;gl*`2G+>jg^|`uZVBthMzd>l5|b7Nz=SPJ>;AWih*WZj}mtJI{|$W2j`g
zJE_DN8<QzqkI<in+*MBhc;?EX>a@3^vzNQ|b#8mW=k*nK7;lsvF1v0hlkuyWHP{KH
zOo}^-q<OkrkzV;{+Jh%|jxY%MnK#N!AR<FpwCk>q-I-qG@M!dC*!8+>EubFi?C4v|
zpSm2*5BCxzCB*&iSrneVT6~vA)Heone{R?Q`2Q$+B?M62;}Wurxk>{6I9bir#D3VR
zjqu1i2mOK<gJ@soc5H%6zV(Kz#Sc5{V(W4>nS8@X*3%GnDEI%6xxw2swkAC5p3H4o
z)1}(OxTW!8&S|$LqPstytrxSic?o#UY`j*OF0NqXW1*D!bSK|ecfC-P3C5+BWmqJj
zDhJ%>&KIANF*;%~Ugl04KKuk<B_NmYETVGn)sn7MoDgfMtImJjQEh$JsW{UeT@Qb|
zFqUZ|Jlu)7ZpMCJxF|~?;%NKTvdrEoF7BWxvtpt5=xSMw1k^5nT~E_9V)Q1KqmO4^
z4)>m)MbE)dUu|Cy9;<HrU5254sev#1@gGU+GZlt9IeV%2N1WU<razNTLE8kx^tQG&
zd!Pkoxr>DIB`-n4H!B>K0fTEhsUe(7Ua3g<nyM2<8MDzVMXE@Y+=p|hSj&uI)X*t?
zo_vknjnP|H+Y0G%k*&5t_=A1uA!>EH?=p~3BfjioMcU=7#=@60C+s({Tu<{yas+f7
zi*zkbr1g(s&dQ~9G{o8#oAD${^EdAGwD4+T3kBkmMLhEHzOQLIEnapMQn;9xk@gxJ
zt^U9`z)gdOfW2Pdd>c~^m)+%^3#VC4HCL`Qfys2@SUBK8hQE3o^mLJWoqhZ}+0?9S
z;_U3TZHJ)DHCNJ{l24Fyh(UQ2b+o8tT6nDe>V*3T7v?z=>vH?i4xFr#y&<jPcNnc5
zX;IY5x!oQ!OU1B`c}k**)p!;oaxdh)%9u3V%7zBH?7esRj5%J)X5-&PWXe0!Mp6w^
zI%IjGrPG?P=E6{Mi6wAZ%ixF><X^sM=q3Ps6EIuIc-FD$*pyCU5nE0;<R{EkSk{`=
zMKj9&t#ALXaQy9y`Zn->m`MmYjng*hBL|pq0;=GPCQ#mQS3N<kfK@4yMFO{!G>kFp
z?yzCvXHw12pTuJ5x)!KoD6BKY?OF)A7P;q8w&xy+7h@2~14u&#hn`jn>-s5s+V`Yf
z5|Z#|d`=wKwQb)Z1th!gQD!SptOaZ;r1)llSt!X4Ytq?fa#fZrXhrWH&aDivmT8CD
z9~d_EOCt))P&$2LF)w8W4!0jfIP5E~CIg9fuH{MdeR#P1Bbd0}Y*s&Gr`l?rLd^U7
zyGu0P@1yxD_oTQ1X)~Ge%}{wQ%qKKp)Bt)93ECVjW|qDw+@9|<u~&qHp*Ihsykwl^
zFb2_kwZf2=ema)Nv!9q<?=hdOqPr19Mctd?S&qljp;+3$m{L5z2Y2RdLj?b@&+5ty
zcrVh6X1$Yhfg_R8XdCRC0bl^(w@h7uY79!KD5AcG7;vz{eU{jF-wrk)rti+vHaU`S
zg1tQ2kl*Kq>k#+csH8d{v}iLJ^74eZ1;o%q*b%Th=9!FsNH*lPSRFAV^d!xV*tcAy
zKakc~9qgIJSEfk4!9y3RsOjF!9?0fe(t1Dqv6Q(Zm~8>yEm>qN*Xv7e>{(BdI8&nH
zx`$O_gOo$1=){kX|NIF+1u(%C@(zjsC9WnI*+JJ8UAXyN>b*}_m(ScxjCiX_#qcrC
z{<!UGy3tNdo_cpSQZ6CQuE%vEPU2j}!rf7<2Xeevbg`>jJ4*wef0O(D<$0Zwx9Ex8
zTLCnKZ!rmHQ+2fa&mBwV8FD+$uCiB7w3?_Vo||r!UhzL9P>GMOdb(NA9U1s1aoxgd
z2__S|fO9lGxcM{4qwzB-m&2)xBY!h)M>xe!w(H7IoRF1g;KVjQkl>+B@Q*Or%;nul
zb4>$|T}ow5<0F-%cEwt|lN!TxoLsi%$IC;R5pG<yqVY`G`8|ZP`C9YG_gnxoWgrg2
zL(j~O?+ue1sKuxo6S5oKv7b4iAYJ-N@r;BJ3VA=81>82R63G(%6T!IGa)u@GJSRZ*
z%O%V?G3+NTeQa-rEc-|03gpTPR06Aeda_?9v_K8DEXNH~peRxCg9nHv#Ka38)EP(J
zH<|2p{$b%ONo`!uVOMA9A)H`O+=1(}Zv&p7zd#M!ZHT^wbtrSoMV+`X;7IKOox&h@
zN63y_=$H4f(wHR1;T%ZWHRhpAiLI=Wxitt#4I(I}s*S&HlE}c`*Yx)2x93@$y<pf`
zRVG|bLQ(0+QW{7tu^P7E4q-Gs5RPMCzi+LoD<9pP%<;I~m<J|(McBSGhP9AJ^&Tz*
z07s^BzN$%dq&ZpL-_7m$E35nqPS(nFen8|C4K<Ytx0dlW>+uh#DEjHCk-;mL;{!96
z7QhWuX_!>7F%2uH3Q>qA@j@0YP<sYfoF?Nyp7@<&{~_q1CB1e%VEVW?VU44d-rQW~
zfe>1!%qu}|E-HVG<b){}4U?bdcnEP}WBi?~{GVxd&@v1t(d(<1QYiNJ$dw*AN8|q@
z=eYGVh?n>?=>n~0McFs^Q{@nUdPvZlj^p=Y<bV$s;c&s}#82l@4o%>a&dLVKjwLm6
zPZV2GeV$(vRl(G6E8t>SFU3iHjcGuwa-gx?|0qwTrGlVVcd)E4Nu3-qz9!p@n({&9
z44Lpfm)TI|s7yVOiawJ!8R^P{z03_<5=BF|buV|VYVuDufNnJQH2IeAtO33)tF+D#
z7MMSOjYcKMgzNjapQP)d<Oz3g7Zrdz6{K+@aE+!JdAGPWH!9wd741p=P+?~M5lH$m
zxO6*!h1S@yP+{SGrq4BM67*tG7_we<rB=*{R4#5)X|&p9Kh)n-Ga10wkweI2K0EX7
z5PiDdPOBZSC`QJMq?xl((v-fNYnoIQ$W|t;97^BZ+l3tuTQUT1l2!^qnt^`?Cvv61
z-LtIt(c<3@!XO7V>-KV!?dH0a`K_F&b>c)@sXSL^-;oSGMoKG95_p611d~Gv9OjxD
z75j6{z9PIOK%~^0UKm6ciMc(F<wvHitR=3{jW-jdDldwjkj6EQAaB<^G?f!~u4|Ru
zyJcr~HiZ6Rj5;VzEQVgJLq>019&e-oAkRuhyLxfZmX$nXZ|pS0kiJLZU`^OLLJcO^
zZ*bW^!TA1?$4sR%+|EohdXGReVusb63GPgk8FjbjZ~+pvSRqa3BQ^zHdB@>Xu6=f@
zg~R5QcU<-+tXxzh3tkuKVxLug4AGqUBsq1oSjYHA*VYaxhx^PXo>QjyEdtqg^pij<
zq;CZeXt?pZNl{!@Q?2~%SR{rGvx$nXht2J^_reK_Oyd|*zo#GVu6V=acAt}={Kn<p
zQn(Orx5;u|?&+ty6_d~yB4aWsY_~@rtbyGfX{k1wG{-Ak=>8KzFqQsJ`~G68d-Ui8
zqsWbby`(zQAw`19-NEz*K6b?}%H^Q!;S8J!uOPSajlL*J+^C(rhRxk0cio9FvBkaP
zu|eTgQG2jykd|Cl;CiN6b;PRVrx$azFA1G@)CuDv%=k?vC0$DWdg=h(zG!*LWOlRD
z;t@E<@P`0z76x5m3vZ?}hF7NLoYmH%Ig#1(vmcwkzZ4BiB8!q1Nvo1xSX|7X^+iI~
zE;X{n=W1J^{&<$;zBVAl`BH4CF_9vH<qRhwGjLN0*Ld)+82hKK&d8c4bzTDX$nU)G
z4rYoOcqahX&L=)0g!j>Azm@@Y$rPG?1r_boFjO=p&C4g`9m)g86jpUWL&PdYx1&7V
zsp45yTcXQy)#S$fqC2Y|w4ia}<pWIFpQBENyDrt%(>f}KO%lxto-A(#JpB(hh?Z7U
zVQF7y#>oU<Z5;UB*C&1km=n3ZB#NKmp5P3pKuiQj=>oPARWa*GIre~2NLPE`X%`c;
z3UQFLt+iPWH+-|4Bkj7efzL*sxy7jUo@zZw`+3?~{d1RtB1b^TTq;tK$ky}52o<Ai
z<M;VjDqo!cPZqbLBUj~O3&*<Yft(j19l4mA0V8Zcxvi2;v6xo|L9F!u1o0iX|7K!;
zF<h=l*kZYshalV*-aBDm>GDc2<V_e-z@i14nR#E>vvhG&x56n!1C7LrF4Q~AF8RnC
zC0+u!RJgD4omcbw!_3|DgdaKXZmF@0U7R~9;@o}Bi=OzsX<gQ1&qXy_LgYU54IfEL
z;i4diJW+ap;)8DQ>kH`U*dGmIUJuZQwjv$XJmfHtNEAA>U7#`=JHp)g@%HWQ_8;$2
z?m^#M$^U-&EjnQS_udLP?UcRj8ElLZ-W=1~A?oxEz>DWpw(3Z!_Tbc5+VY^rbPQ=T
zn=5aH{Xe*(pzp?PCPB>VGb!3%yYTNGYdn}L`Megz3J-9V9;YZ*19uLWyJS2I>4jYj
zNxs9klLXh1N6UwDgacaPgr#SR*HS0)6^Ko6aek^TJ<GSfa6Ilc@_w+mo_G7HpXQ_Q
z>fe_>o>07(b`+Z60i%>S$XY4tUK}B6okUM8i>QFYXRteHdj8yMkV6-^b0SjhXVl4?
z--Q_TC*h0eXn5ZuUh^Tr8yUGS`82-#A36e47GAcO3p-U=$a;UH)DxV;bwf++qjh^W
zaG6Ew-(Gl=)RoGUQ_7AT0YABo?_`}|JI~9sOTa5Kq+ETNoSq~ozt3uE<5)NA&EX@W
z;Uev_PiEW~iJ_`?Ikmc5S~CE_lN^^1v`I6Ew`bXWYWsBF2}DkdNL!%dut`cDTT>a4
zP<Z4@L@}h>xYv7eg=;G0hehQ=#=34fdTU7^PbLA9ZqXFh+OK^b_YRe>x~hxM<3FpZ
zyGZ&_ck7@MFbLx^XAz~%75|=D_}A6wrVkW&x+fp+k7%dHM)yVV9VxiC7n*?na7}TW
zbLP!|+3^2F9-FdFW{vKm;h#zCV;ZQimyhsqWLNkl6EWZroO0tZ7K3t9G_-WqtNgug
z<36GSIlKsI4lh6)qP{DukV3w4ip}S$ZI2sNk@VErvhN!-*_`(@$LefVo7y(*eY6EO
z?xT$w);jL+9PU<@pKh!ixkXV$MtIYIvplgSe}{7Or|mP6KsJ)#?_h{pgp6Ki7vN3o
z`QDSjsOpbN8-B;9GxoO!qxNJ|b@Lfcg-aTW5aCv+GmnBGVTZfaR|0%h(B9mnbxr{E
zcPRBg-<i1esyX~bHXIFWIcen0z=56+7;Ul>HtmqR9l95i7lqOJBq?{{lZ>>kuqom#
z?^Pq-au1m(viSa^$5xnh7+3ah)eU6lgQ6wG^_r9i89G?}6^)l~AIb;|`=a9P6&N-N
zt2S27gg>B^A@?nQcJpr$^ZZKkRDVHVd2jzazvZ*x+Y8YJQDTR#w1B}T!9V!-J^tT5
zx!tT<-<J|$SJIu5Lc@|!wN*Q{l%p)EIArWGmt!+lUp61mx{HQ5P+}t#erV8N@&Vy{
zjLpN3Ij`hkwrp_u^{#5K1$(6ZZcHQg@MyfM<Hr0&z<G**?lzO$Cl;`f{aYXZNC4#F
z!GqX9z@^isu3j;hm^b0h-FaJZgbtUSN|QKEjyk?WrRChV68oX>gQm={*(sgD>dxU+
zgfSsa>)21ueY(Z;37$}XrngHCbdN}{(p_%jR=jnL<su%v#zsDI%0`A=pkduI%J@l=
za^IkjbQsn{7Bb)Xc=p*&HH8*~-Tyq?f1bK8KSHWWl^%TVIbLn27;`#Et=|2bFDl3u
z*vUUGIxk7zVx7(iJw&;<2ARC#(>GsLw^Md-UfrVSO;4?Q7Sge*JsIemc8(_hyZtU1
zK{@nO>(5$*SpQ<1Qe&qq_Aba0n)rw_E=0+;(IR}x9TpXl+1uWez{(Ze2S|LrCi8C3
zcTlK~&{%1Hd@IvnYD5{zW3fh%NH%u$nX7sk#-)*rh$O=uAp~g-nG*W%9`nDO4*y>3
zO>$|3HuKYxzUTU?+7uy*o>h0>fJxw0(z97W(0F72Dhzmy)qPnmc)vUV<Ro9}=mXCw
zSpK=IzxVu2uE&HMpcZe>m%^Ppe?{TYtL9)DI`Lhc2Ul;BQ(e)(zCXM^ul@V(-Vu%j
zix!Ejj0*UpMlw&hc=S>Q7ggdpfduih+f{%EM!ODK4PX$+X%NpIIniRed{^#hAb4OT
zlz!)6{+A6QzT^69M}ESXoi9%Ij%1S=n3Jmh7d2vkl(1%PpGCi5!~ahv2l14z2qrS^
zq{wUkl!eP*5B^L<<wE2lKM^U?okLfND{f2zg0qUklsUu}PhYL0a|$T>O*jC4c1r>*
z`__8!Q^LPB#eWp@@6G0In)-F`?0GB#FCOiA3$Z0v=X9RmBo4iK!$DpA9cz@>rHv&H
z14LvLVN<W@E)i|~``J}Jzhrgdxap14xr}_Jn5|&F>L-?x`{FOpcTbvDwO`gz2mV9k
z6TwMZ{@*D5?#TYyY;o9g_yrH)>>VI}SK9jH5W(dSeh)~?^VbU>E^p+W0EA=<h@-#%
zJDG+!g5N@Y@rn3C4-u+dY@4<;;t;jB2HAk{5zoqcKm<}~@-9=NdtN68d@a{)7$4sL
z_tSoVL+H)xlY0nyEWg>0a~I5A_kukprf-ttvk8JcoS!^c^H(Q>>Pt+E*YAY@`MB3t
zKQDSo+Akg7#U=85M?71B;9wWMDTStU{%c{T^E+cWTYcyH9pNG%ACE>=o0~2_Wi}c-
z+u?#({qoQMaWS>eZ8*?&3HB*E7fy%cmCE|N!rQE<e*rEOYj9)c5@YXQ-bG$i1T_vH
zuifvI`@fb9#AOql7-Fug<0LoM#rONhA@<|zn(-JO_`R<R*pRHCCC|%;RH+E0x)PF7
z`bYLjKZ#!#W;B_%;9N*&D-ajG$*kqaJdkSg>p-gSRmKHeI>)AAgyik6>uml@Bz_;F
z2k%?p!oyP3uxXs?g=VhX58>ST)1hDb&&zM|`x~O0oXL<>OK&-e7Cm_}Lx^;Vtm1$F
zhu{DDuTQfqpvA+|rY%e9flv|tpB<Ke9P+<TpI8BKkG0&^Iq<qebKBwz?w>TspPvM-
zIT;8azE7ecWE?D+x9-*&kHa@kMUcOqTTe_x%u^F?N66=VZS&~mmGA;7`eOa(9lVo(
z&@r+lXMtD=f8k%4T+dH52rVOWsA0Jd>=_Suc54Wu!SC)dpp2IgTzN-!Yv%;Y|Me^G
zX#6tur-UUJ1$$3J6ohgtqmLv&#05M+JN~@yZ+`hG-b?_xGpmUu0NA+v<Nxs`p-+GU
zKi3A^&*oFlU)wweA^nqdk9&dX6%hi$|H-<r`ZA<slBx-cRXNSp`bVZ0a`9iv@rz6F
z!*l$VhZw?IG^KZ=f_tS#-n5z;V2;IiDGNvJhae^Nn|7c>T)hA7vY!9Um+aS*@wskZ
z$QQBEx&0ih6H^0}8DBGj)!)kQslNOOVs?bu4aS9ERuTV}ZGQ3#73RMrS#r^x;b{n*
z(;!|Zx-fO{JivhNppNPr(0h4P-{2wk8n2&?;*Wdn`=7l&cs)OOzP2Bl2(A7@)0dId
zgIDH0u*}(0mIc_CUVa}zw&}Vbc=wNr=9cm=MH8CxsP&w>X_g(K9^Vi=y#{<2$gRzq
zr5e>%k4r(Muoc)35v$5Xlnejuzucc6a=&CRGvpfbxgr%dK3D1AHZUMSK(^?C^*m0n
z2DGfd&+Dc*(2kyt1Ajb4USg|X$2h+qk$<tB*TL?yUcI7@p9EG4Hh#0_AsUn2r7JVb
zavR}5W5Iv}EtMFCLIN?L6F%m#^_HVdR|=-t{#x%iA9lQd&^VW$>|%Z^Hjv=bvVJe{
z?@y$_TSO>-0V~F_3+^!94~W;hv$Q)v1didR9FTwBmZeK%e@*N6AMUK`D_87quH*62
zBvz|@oE$8-%JvBU3XS%tTKb3gb6HBxuil;a7rx&Uf4olpi#@w~?y>R~1T}!a=CuLx
z75Gmvy>oWek3>#4Tb|nRT>#-OkJ?u#mRRtgnti}?OwU6qkYbrDutvT3B6EaC^%v_o
zd6)^pV5-E<T@tH1)}AwOLpq8U@O0chT(@~Q9TF8Lv^_Hi@dc45_Wh(k@8t1=i=8}l
z)LH&T9tL75Kpxh|Jb*BLzJB0RJ{!={yd)?;gtYp@(MnGH{SMfaIg`>|lJN&CkNDh@
zg8rW~8Gc$}DXh`IG~WRkLVQlu?z@7udd4Ee=RVioWd-AQJ-+)uneLrhKuSc*kTL@Z
zy%=#Jo2#ZE=n3$X{MT{)LtVN7C38+`TUTszp7G)Ztc&25Z9?Oh5MKFLgu55JR7`(K
z3v7|Sf)Cx;vQBm2?wX8A-dYX(|L>c4i<Yu(sS{iD9$bOa{P|V<fGa-(Xt*M?h=k}6
z0>Mk%aPG=CxIPCFGC3CzkBDh5sQ+(`G5MIc$X6>2o~$DHM-eAiyHe?D5v(Qs#Wnij
z#ndvCbG`o_%yR;I{}IspUFHv)e;<o*_&FUGMF(<9z@L?o@WrYh2w`0HIsbp*co033
z74aN=$b-8^terX+BKQcv<lZ<Yl4|4YcdE>;c0@dmF;#|z!*AaZIV?#}=RK`^hASqn
ziLGN}W%rM-YXsf~fV-`}_;?Nk|F?1YWjZ`GfwiB;|4iCwPW|gvY)TP7`a4|&oAFyh
zIQL&8c+)|Hz;_heRM(2wIyyo4C%-psX+j|)t${e?eBP*jn=4i1f8Phs30lMs53IW(
zvGH6Ip?{rZXe@By>j6ER-}3UD%K5c4ujRFwxhbA_l)W}u4y_1Dxq?`0!*zeGYAN=*
z<J3Y4>4JcbRqaS*$yoy9;R5Qj#N#&n1%n};=u`oJe&?^QaE!=8eHXJ0p6_0k+j2dR
z(_Hhi>;ii%g>306ek%!beBj#^<I%8hHLI~54)s|X!MLAwO1E_cN$SfbNT@y)F5!~r
zv*J|b5QM$~fPetoi7K2zTj-aJ;zN8@A+D|Zt)0q#0Umccyh7Eae9Qk@gZm-&>!^bs
z&o$;kDU??N2Sy{*&tLW)cv+Cl$bM4HgQ-Sz)erF2M+Kzr)GXP7j{ab=bgJRCuF)#D
zAl*)z%zFIx?l3Z;g@Lx5iCWHAC7-%aS(tQn3j@>RM)B=w(EOTz`vc&-Os@y{>-N#?
ziaiLgp4jh-*2(-~G#{3tzaiGgKmC1VWb}Bl1U5BbWxOTR*o&u{R5IeA_SVTJVC4Jc
zujG5H$yBv(<}=6O{InmYBK({Z{=IiiiZ17X{yuPoR^;#;JwB103}RSozaH>~hBT?x
z(ke!6f=#nvU7durk0|Ovb(d&oYB{-{ClxoJAY|`^6tbTmYSKz%M(LF!dV5Z)^8-~_
zvQN;tlx$#uDt6Q9tQUjb7hQWzrZl0yJjuy61v4vTh~1|>3RwFgEgtB}yd3lzCF0|@
zOS-{yPqI8{G^(1Q!eG$#6Kr~QhRXWMoOIo;XlAuW6l^--Y=(vPU8xa=myaYJW;B9(
zaNOGn5}@-+zoqgPA2BG4v{>ne-IY>gqJMI*<``GWr4+r+MWYDVOU$rwW<bqQ*jnpY
zsB*z+$JU(a%>pT?QM~;n8>z{HP_~NToG5>E@izl~DP66r3I-;V|E-Ged4PqeUfjew
z+<K>`!65uH@Rc+_?fRT6h5Ud)PY(pcBC<;i8TWgd4tMS2K8KJ`u62!f#i{13IjGN-
z*(B|qB|MNetcJTWI$aNs=e5bfx^Yw!`%t{CVc*lxP*~OLh`xREBkWymo;CC|ieZ6j
zbQO}XL8)9itw+ycfOS%*^hoMZsl=d<ZmQNc?Bxv<cGkA>I-a@U@(4@fzfafmI>ns{
z&^-48SepoeTJ+B2q|a7AzUZ0Q)=A89D3#?mn^+n3&1~7Z_TEpgtqh&yc~<29t_hSb
z3Ls{4`gJ2o0ZzC{&{6i4ioL?l^u~RafGzf*-YQV#LHU+HSJB${-->*`^cNa9EJey&
zx!BN0y4Y~WijgUjR57mKUqBEuRX3Z_o5Np$s>WQ7bvsK*?iDqbJQ^eh^ZZQxgb+l6
ze1gFd_s<eVIsa0-1?+*bCrI0iq_ApYEa6^rRYzT#y;Wwt6Qk0xGHlW_P|s-S!DKY~
zbW#|Sr%c_WVX9Zq2u-fl8>a92vg-%KJPqV%X#0Bj+kyBYL|pJzU}VYSbU!7J!{Ozk
z`3${kaLddYvL8%qz&pNNz<j!ljzc4}Bm8kp2?`X+MiK~2&GX8jge?_&x)mdvWS!M4
zykw@+E4*{%i*{v8ffHck)TY?YO^*M&;M}_q9DyxeHDxx1@R>L<nd|al^ElS=^=GwC
z)9Cl(Jjv4Hr8`N>=Yvh(FARook-tasy)9P^SIX=^DOf*iLB&sZc6wJHe=(JS^d926
z;ng4E&9M3<(I<YAN|8iNFgGFOaC-@WJ+JB8TE)kijL7W^oaYN@l;>B5b4yJ6G^$+|
zL{0J8XLSG@+hEpoSkE-<+wzdrLZ`el8#^OFo<yjz!HVsJf^^1_#hMtWqtA}5WdL|h
ztcfhR_9K`2oMpDgx^%VUTt>HY(JO@l4Q%_z*7$5-c9fNU@Y-HHqd{+Hde_!jq2t6g
zU#&&-xd3AwZ;U{#T-dN@1Kkm~zw^k-s`+<qiuEgJn^UYZsr;7CWASn9W;LjIghz27
zB-ah})|MvVhfOn<s&fXvONpUX*MG1p&40Vi?X0nAh7qmjjL|i`S`0s<O@s~{I$&T8
zXDx8Ob5M6%f*xK;vheD<K;`r}<a0o0nEIikoH=)&FkGWQO(K<ay1|5~RNk{*t;*l}
z?{)y>y%3JdgO+B?EjYT>NxNWa43f{FoD-kSJRO-LYhPq2Eo0D%fKZRwa!P_>0nh&T
z=EV|)XM-#J*<Iz&VwgYZ%42rWGW>@NfPN4&j@|ndWpPpP^gNjeQdFR9=>XCwO0|0x
z`SD^~+5&5H5+^^Y4|fXJ_pHSA84PM<$Lo(%=NWR0pHCpb7TcQc)&>5Rhqxh%Q3fea
zU$|!gG-sif4P|X%sT%-yZy5mqZ+$MIR0!Ts#>X%OUJ#UtB90w*+J{5$jMdUBRjf}^
zd`3oZ`MLRQdS(KUC{UCbc5FW+f|wx-M?5M=B^niC(#lvL-(4L%$!~heG*G{Id!bV}
z0?BrL%6+CxfIDF;s6H`Ne;V)E^AF#zAJr^z9(?BWnLloX_Q>BrK@!0wn{+rnuvD(s
zPfC1l`O<2>orFRRD+Zyh>=~gL0H{@K2a9%vdr@TZx;YlfQFcVrnpC-s_|LU&NhYD5
z#0<e2;N~6iyL2Y9Rm(<X?G9_Bme#HcbFub#b4BCHT<&5$27&JB#|je-yBH!-R8iG7
zKbM}dSuX~%@fdeMSKjI>Ty&Z9MnjASsoc9msgRd-f{%nu6dHg{A3yQ-?OSrQaVEP)
zgo<tU!AR&DD>bNWj;?X*N^$Q*pJNuhmI>rJ8d)^DXn%+K{#aE#{LH{5OxX2oyh1&g
zkb{cCADcB;b5O^08h$C`99nea2cwd%h}zBSM*(&Ok%t^!3t!)NjjSjo-J|hO95VC7
zUNxR%F$ZRv?JVQU4Vyf^8rsbt6<amKW4NsU4YoMTa`WrFvvuX`D!`z0+t#2+xYqd9
z6NzfYug>-MMeXc)1rWO}AM_C_Ytf>1FE0dWjd<YZ^&`P1+Rv$#&Ng9d+zp{Ap<V(i
zj#-GtfYRNz=*Iak`Sj2U>U#aUX65=LG(Ss$jFNPsP^_TU36d*?vYm%0*t%b<FcxN1
zzu$tbZxy?6cnK^IrAG{=f4PbQ4=VcdvH9cY^@A!qC|lVIB-E{b%{hJeYt0@ZF>b2w
zs$fxj<(ny|pl**q^OKo8ob3sVT)pn9{bpP9$*hm4YiAXPzEam-!ccJ@p}46%EYPgS
zUg<0%@tP0j*tl7l?;N7R0Ee?J9&Jq32>aNXHSZQH1U_UId?b-<OxG}3lU_HR>r*bG
zfA&<Urg5xGjqXH?(t2{Fb;N9Z>@}%LQsHt2n#n>h2V;Cfj(i~{0u%@}=sAAb8BM7J
zV_1)n(rYiW?^y_5pAbE9q8F}Yb?(gIVVQ8v!$CV0KQgSFe|lB8K}C12;>ZM(HoxR&
zbE2c&XvcWQ5CZ-MX3>scc?@M){2iU#t7uxkiKR@+8q}w@ik=*L;k|u)?QWtfo(bTR
z*fy%OEj73o2Bf!<@-yjKqV_no$n&-bekZ>l^V>v$Po59K5xV|(m`J5y2L|rkNVE6w
z)slXoWr~Oz!mALa)5$wDgH&`dbf<~A-eeXkbHE>{2HJ|~kkQ{ObZsu(!9baQ{Sf9a
zK%2n4eKXJH*^a7m<5q~UP{y!vo-r}*fur-QCG0)2Da!C5TjSx#6?tl*K{A^m+cbvW
zq5-1z4%y7KH9TyBI@-BXZE4E1aq(5G*HJ3JAon=fG0Tu=s!ZARdPFWwYqe`J^4rbF
zo8KQaqCe0A8UF8|3pDDf_G4(wEc!q6eHDpV*Mr4jC$L5UI?qTITa8T|r{W`s(;}s#
z`{YBDfn@e;oB;C|CPb}RQt8;oWICzlHuF$r*k&>|Oa?xtVi)7-<=t+e`Hs7}w?7Q&
zn`jgz(emg|;ukM&=x%-KUokQ0ONuC2pjt65H5)6_7|fKipzSnKujxF#!4ubo8-HZ<
zJykfw9ajHdcO;OWB0~CoZ><26dG5@N^S)?XZ()D}i+|pY8<?Sm4F^nL{*u*&mz<Y;
z&ofiAd$+y<`ZS>wN(rj!$9(M796IbBM#t4{TaQg@nC__%vHVy?{fAXzCEZwpVgV>F
zUp4KfwtCP+>n}4Ta$N&pEoYi%(-g~+F^Jk;|85TbXUKO40<fYf&kNe_4{zPV5+LCR
zcb}N$JQ#8~zuah_Q&Zo=qR`DWN(y(r@;ugSZ{J^Am|&hG@b)t*dQ!S20QYpAE~AI;
zOQ_D5;>?V8dG>x{qRI>eXz~KLG<XVVVnZk7Cbie=rE#=^{(L?^zKgezYoYI)7f^V^
zqU#erjm!>WdaJyD0gh+kfiVaX#4HZ2bHC+7`gNMQ_9tokcoc;Iihz{EZtXTU69QzZ
zJSEi3iU5wtU_?fG2_9GiT2aC_<p!Iu`JRY24Jg5^a-)9wq%A~!&kh=hbR}St2$y?k
zmxn%){)X4vH9Fgsk(kEQaecZ*R=Y?})m0p84WPG{0XxJhfOs0mG1@0rYqU*P%Q`!s
zO;%fpyuS^UcW&Tq3Hl0`u|&wL{x3JI*WK7<8?^P<7BGdofd$Fl`g(u+)!3jFV7FBM
zxuZSj(l`b;YDtUJbbSQE^Ge9FIRD%Tz`&WsjQ2r?lxvN6bG6^!4u52Zt6cAt?*dmJ
zT~&Pb>dN8igmO3uA5tw3<E8LJmAC?&vbtU;M|jti;L=iZpivOda?oGll6=>MYq)Lw
zi#k)WUlw$vsw3;2_G+<Nez(%~39<oAK*Ek+|7i~fZU<M<X3bS>sZ{p<*~J#}<ZYC~
z58>N!q<SmBt^7s7doA`ciK>2QP(*D{R09=OI%*E75tV%u@Gd(SD7@y!8!)#u+i#S*
zA3-0*4+ZepJk12K#L&nW@)TyfZi@`=7geqE4j_I&m&5JKPI<z6D-D;QWgs*}!2wLD
z)-;;PseVAO@D(ZPXjyR^syVT)XY$Bv>pk3uh>DiYN;f7HI2UD(xocBIre+nHN9j9(
zIE=yr@Y^Co-t?oZyDp{rK5o?~Gwyu}S5TePp2-&Rx>Z-cx&j7a=Bia&$?qN4OWCcD
zQO6XjS=uo|cc5LMaTtII%Gm+2GH075Gzo`7s-WmE$xTl_tF1wb(nkA-tpExA;c?RI
zZ&lOQR_+5|_Sg*iPNZ4P#;8~W-M0?Dv;^!qnJmV|52x$zw&e-LJw3c{J-K&V=Mg~P
z$&7AR6}}2(b3gvdqfeyi7Q($<gaFk#0~#w%j3`P9T3kqF<(c#8+n)sZC$~k|Ga?0v
z1rv~Bf&Di}()FLwl(WKljhauBuG9a<%YLV#?5%)GzG&|LJj=#sPcNT&DV?(bY`&BF
zkk_=>4V52^K7FUGhq9xiNjUo0gj0w;a&i~Loilk=Sy5iQeAoh+iSKGirk{d+983><
zB}~_0_zsKdP6<dZnNH*4&KF@k=!tVi!3qWJd2!CG<w$ste2J7?c%Vt?_;)b7EOE;^
zlP6@MlhY8X1)YGKN;S|jk=uG?1<O2#M=@P2>Zt_t&te^j`M}9B8rGC$8-dL9!QpTU
zO8tzx*^JTYKv6*Ha$hxLT?Wsp^FGlVyD%3=E3q0IqjlS(orP8Cw~aR@i}iQC>J<fQ
z@B#kNwg}{FXhGhl3@cr`#YgW89OfuD5x3h@Ian*DSsT)O9jMYi?n5OjHVqDi<L%rs
z^C3yr1Tz5QPQ`S~0|VTd2Y;lGET($LD4djZk3TS9K^-&nSPq$ijFTh*dKh6p8ND^v
z=+onf`M#7sjSBtNdL9k#hi4zFM*-Cq4pY;<fmg^QiLkJ=w)m6(^pl{Iv`Hm~3Q_Us
z)31sHQneUB3m0D~HG*^!=RWfs0w)qLQi!`kfkvfFn`6mpG9WXOr*2>eF-c~z4Zo{)
zyH;}Q!*Doz{df!eCsaI!QB?ae>Pv)+!u=pq7#zQ!$va(ihI}^(Ptb$>X}RGI;Xv70
z{K{VQ9cJc9EC)m<iqQY{{w{$w079Q7%N%k{nj_eXqewJ+8nQ<t3L@!Z;;i@(ZV)Ob
zkP=0`ni>0o6z$d_dxm#F0p5vhl(A_tsqT)rh;&g74%PO4;?MJ3@S7BbKX4TdYdHU;
zOfFw-AnkUrn~}@9w}fCjscYotR2F*XsC$B;e9bt$8Eps7Ft<akK_+M01^)%Et3-Q9
zZQTG%g!|c-YcU=XD(DAkJZ&ZnrrXOyBF+#$8zdWL(B7N~XSX#j?E|2ig&>XBn(>e*
z+~)(9O6xv{D0%?eznFS{9m~xJltiOw%-8Rk=Rn5O4G!qH_E*N0t#CcBngLe8(1Lp8
z*qx&oZ&5@{gY%?BkzK!6vx+z()AhBteco^n9wY+HaEKiSv)m1k-1792f}QO{UFqr6
z8))j`7`Eo<hSQFDfbKE8rOPc0pxo}Fr7B4jo-}=KMr55r;In4gpHpAHIQ(Sz9iFG&
zlf7|vQkSB8SonHaDi7Uw-^qt1d?ZWb$COQDdShNVTkA=w%CZbaI>5P)r1oXoSLMpQ
zw~_(fi-Zu}^{mh7i0(&k(>&XOICcW&hmg`4j>XqM56vw&uPMOI){#1Nucsxx=AO!c
z)EIW$RxUF18y-%MrqK{rVYYZ+evC__QhI71LL6V{uRNS17tY?tY2>4ncWsr8d7f$I
zB!oXjz-&6I)h1~Nx@%6RbfB;gu_+(>`4ASIq=oc3&-Sjw9JSK7G)1D?+rbLom8-S0
z364ry?M{y!9gEhQM^f3;OINTv%&*fYNw{Z#R$gPp{pD}P^)~DG>`o#cNk!dFYmKet
zJX15n;bQm^n!?yEw=mGT-O(1YF8iOJSGAG9dKZIM*HSENBcAQZ<g(adlE6YEN;ToZ
zNej>xu^#zmp9V6t6`%K<F?6bQg=MRT_K@2WpeyUn#^E43E~j&j0>N0NMdR2E$4?L_
z#n5V!n2md%lHID=nS?b)!D00Jgl+Ib4U2l(nPV7-we2ufNc<IY7&pzO#ICsK=xr=L
z(TL70{z%D<26;bW>U+xWB^hF5$!Dyjbpo4XI}8@iMKlx6N(H!QPld(tFcDt0p2ycJ
za)ehcc#7|25u`BNeQ<`0my8NWcB>1)A?mskgh<T%_2<Nl18Ba1f8Bb{l#(g>6JT-g
zt52K-;A{^Rg?M|&VCGX$20YXh?NNA+?~mkL0D}vZ$qWE9+s%zjF8W%IV$h$T=_2b!
zdLQIt5bYWH{;98{eB%|4i(j&jx7BJ7{OY_GEUT^7$VE~9P73qqXs|n8n(Nbr_fF~0
zX2?z`a5wV8CSktP^@~%_=GNsc@6tFOwmjPA^@FclJM<ZPd{HbiT-)@t)8g|YB%49W
zf0PPu94a(;=SjJGaMW^gg->YWGrEZ@{}7P<1!gi|9p-$epVL0F`7Iuqy}W_kC@QvX
z9K8Aja<I5*j$8mr@5PDAVq&^4jrVMWkIjYrr>6A?w=%3#+gncN;g!7haVZ}92qJfM
zG!a9JPuK}8zInAS&-H57CQmBIGEI%r+#}lItMvpH@8<S^!C$r{n^>|5q*3}b90;0$
z`6ZfFRYW?BjlV&AAg<orWg+{0h4u*c%0c}%eeB7F*$TY4&t1xtDa9-8%^~AtsP-dS
zy2I{EPplyug|<&~xs}@n-uzH3eR+*!q{cU63zH^Cp+4j8I~3-%sa&5jqp3k?=*qWz
zdiRs^p2?A_*Vk~iC6%Jcpy<7!k}1<%>9)BsYdxT?@eycmG^N{zL4-6+r@N;YxrU(Y
zrwrC3tcxpjg|^X(96s-zx#2&=aGo3bR@0_x1$igl#zt|b)p!bXrj&Vp486zIel5KV
zNB+x8>b#y54po0FN^L^bGb;tI!8=2RT`>-F)+HR%@qoMIlX%jeU-hTqc&2{c^7dBs
zow)H51F5CH*Hh5d_N=?j`BPsc8c)nC42i{6fj6mK_r|mLq7Hu^_Nfsg8pE~OO4@xh
zsgYdDK`3eUJCw}4I?Yo;04l{9a}6HBw#?UUX>K7B2pWNWH9ZiyHz2$Of=<X>89af@
z^WX9a#Dq7lo^V@oqW3_v@7WeD9eoe7a$M%Ec07&k3y=!S4g8cp-G`2<j!0|U_3n=;
z0!H&M!s96y1yx@DU;U9biqYMJg^G|jFT#MwClbe?SGCK|ZBVrI%gtJQZDRWY=<3*E
z`P*3S(7Sd@)lNw+jLrqhyP3+(*nwspEjSMcHU)*-nRk@#XSk4pOq56;D?4a9*dJ|!
zcr*idhP+l<kKB4ue9tKf(d#`IupQHF3+}{VjwEImkM4C7PW7K%$B-cR_2=^{zI9yf
zrMMj@0w`j&BeZLlz@Ciev8PdQLwm^7HO&kxWUZM+;~3sYQto;PRq^Lu?>X5rs4cX9
zB(;$k&ZWvCqPJ#m@sW7oLoDX8^iUW~;^)oP=li<`(>T7CdyOuK{+~o5#<^q4*K65!
z^jbQZfu$>IUrBpSneU(*G^A4KiG$W_D5l5h&UduGokgAou|Dd?>4+V;X@fVBWY&7t
z5W~Fc#!9_XW<K!Mp<-jx;WV)if*ipe?d22va5!SSD|cOU@1f6h-;hCX{KpKy8$FTP
zZvZDqWB-O|T(|Y?eojD!f~DMsT5Z>pXSiVYz-2Qu@K7s!xX0kRMB$5s(wxY0FGeM~
zA`kC=&O%Kub%P)(ffucP7Byu?`BU@1V#Dr*GNZxR{Z_~0K7&&!&=f;!VPk9pOM{F#
zH@%YPa944;9)ReX)9ZTgN;05`NlK85%g)C><HjgU$mB-nTK?FWTSsv%4){ujn{CE`
zf2$%F=fq+Jl@erMK$<R_(U8%0n?HL`NxoJJky6>`>1K|ZaX67*o}|nh3>h}s-{8{U
zB{p${?D4pAU-LmHiq07}R+`d<R?rd_w)Ex*Au1Z^>t8mq>mzjZk1|ubW=Wd6nWv+o
zNpUL`zEH^)ymft0pBzp>T5z+ntEyr^r#0?`d96%u$jMpr64%{DI!68J>CBf)VOQc`
zpxrldIO@v1xo|`d4)4%<sh+u?II_BN;wn98T(XUr{9^|HvZ43}@ci1P+F{b!OEp{2
zcxk^U$~mZlEvW_+>C)v-QvC%Wd$_Ll#x1E+f+_I86+ywXxAN<Mg-eMjT!37)&O`Va
zt$~Q)T+#e^snJ&4hJGy{Zzm?Xj~`LcZn7mXDlt`ANL4fHAX%4I!yI%p$qqiOZ{Uxm
zD?)nh%9GuLjG0|$a9*1aHP-R5a@eg$`^h%vOc|y?I2uUf7~d;Yv03kF9?qtP^z?_D
z?-ay?<jngLn-<Y2a&V6rFiek!OO(kd)pOpJKhf+yRv583ZU&?QKt@MVWt3NsQ1R)o
z&E;<y9lRvSmiw4kE^@km!ii`xShQ+I#rZTxO+WV0Ln5Ja9Mf@)z`W<@(x9{zv~#&$
zrOZFj+stll{Jyy=F?FKn!zn51SyX%$K{|~ZUAYobiW6u1h@Z<}sMen6G92E<Qocfr
zmRUELQ;oAx+-eQze900qRmwjB-U@G9K9dNXpAVm!mMvL-l1M>=mS%fC1b41nh9V%~
zNY!k$f`CEqC<eGeyA3=BsHImbsbGdnW?6SltrS-MX=WEJwTMt8+rUtxnLfBk^hrr4
zDpvimj4Y+XJU84|GOasqBNCAzsay_ZtXn+U$)899Gy+s=y(uL1ZuOPDDKOxyj*@(A
zBXs3wGBsdEI|1$aT&fBtQCmC5M!bER;KC@JRH$f}9+t4RI&V~~B0?F$LTmlL8RzuH
zp}z54yW{dPRMl~6^BxCe-NYB^X@WOF8l!Dpy~2F@iP2C-G3a-N_NBxicX68*s?;05
z2V<h9Gz#R><MA1(N{x2V>6MfI&T{5$zHvO<-dP@b6tXOZf-RD%SR1?A$t9<t@3vcA
zKgIDXec0dX(80CX{;59G=FWGakDg62DoinMt}`X9LQEU9?&eW7yI<TI)(MVdJB+W3
zLGsaE^Y_y@E(+V{X2`sh*99ryZC`SX<Aj&q*mSei@BuRKj}mZo)FA&%SAglt*8WC?
z<lpgS$@l&n%2k{A&eFc0&YK*iG3EiJ0Q1C23KG?Z=m#M2p!W*%z8Ifihm4Qg@)#=q
z`k8?FsWbmzq_e<FyY7gDOglUh(iu-Ou4!ga72D3+kNf;dX#h%mQ6`i`lnGCf0>*Ja
z2ZOH8QH}o)*~BobeIOw)(7R_))Q%JV+}LIL#7kso&DA!;dO`v8QK1pqE|2w1ZvZ0n
zjWwN&AI%sdbAY-;)lIebMZ@VHvNhYs>jB>AOJ+XiOg3919{qruz8wm(qiwkg6>Wv`
zE-a?wq`45YJNc7y76DI`K3(~+i^rNEpPJZ~qgGremyfSd+)^z8tu&ollqTqK46y|*
zoRZISWtQtIoHu$&>TBz9YqXB@qXM0FiL~jQkps%czxfv5Uu(ei9o$ltKm+_G{c5Ju
zRmsY(9pe>mwyY3QMY*AO{4~MO3UxDKYVP{OJuT;29^k6>8V=LtqPf}UDciQG(8>RB
zGdj_}Zz8=%^puJU=R2F(GfUu-{e&H&4BBtj?y=RoCJAD8Muj~>TN!r^NjVVm4tAQ+
z7{RG$bwbSr92>o>5MDpVgUpi@m%1E7k9K1s$v8R=`!h4z&Izs>hwFZ8Xsv;JL#Li)
z2RE@?nT-4c@wrCu6_UpLI!6ayzZQZjm9vK`ObjSgh~vaD@1Q{So!xfh%Lk8J6c$VD
zUm0zMrw<nJ8Ca`s{n+nH96KxB-$_=kHLqtfI}PufOJtyWVYEP&Ym_C}%sg#2`+;P8
z4Ey7EwtR+9!`?3CAeL$W)FIm=u|8fAMmSYFK2>*3zSiEfy!oTu<H9(=6~KpeT-C3}
z@!@P@FjZOBn!CiZFNsyN#%33_#gTyJOG_3F*<={n@7!Ib0C9nr0Bg`0q-bOIR$Q%X
zqbZvm)pS9amh}8LbCfzIML;OQsIl66$SQHq6T4F3)N-}z#QEnryyiD><M*epIe=T@
zaqw`2(43YZi;~UBreO5}A94hLGe2dJhxB+Gyt8LVXrZ&SSa3HLbFtz<b*JzV^l@j@
zuI&8EQ9u2L5k;CD1{1?Ieo$Ftx+==pb7JH3ZDBn21-Z4sMZJ)>N$i*81HL8W>(nKq
z2F|eNY(YcvQH_x}Zi@zUx!!jD!qT?_H@2ZstnB6G5I7^_%88%VX8+yNTtG39KfU9!
zo=NUL%^AMj8<_e!Q@100%=6xA-7Q+BND@~k9BsL};_*em{9}~TSBBN&FNu59Z?a{M
z`(;q{iI}@GCAeu@(`&`Y;yo)ed7G}`q<XijC#s}+@5I`DTandil`7dcGQKWN$a0nP
zZn^7cWZlVklzaN%I&$Fa+u{PwA6Jd_9l^p=eLYH0ZjZNZOpuSvJF!`rRBWbI!4yi^
zx6Xuofc!A+osBMl%tj+sl^x!v!R2uIKoDQ$xRb$VZVgp+PiIOlm*#^{<R*H4h<(l;
zk~Zu+-gunq8qDRqpAc2OhS@64FDQZ6K#aj7H@;D0+~X9tJB1Hg&2hiwn|Xi8ivp|)
zJ4gBJVG{LTJ}Ob&5XQXknUzTBj5(_B`R%ISO#C2I`qrRhaOk)tvom=D-wgw$3lvs#
z^=F2guMU6i^gkV-Hd7HRB%E^HOW<74akQT|v`zprzUEBSesJr4kC_u8mnOeiXIo19
zroB*nLQ4K_U>(S5PwisQ*?y2u=!dAlHp8bnVzcFI3)V)fht!xYzreS3gB~X)tRJ>Y
zsJ0)WH70c3=YIHDYS?9PdJ$C)lU9a*u`kKYBEWFbFTSt6!4=-q^Q&gU042lQN1o$}
zw1kDQ!k2gL4A1=8V11g)gBcMnhucR(QQW@;{}wL-0P#Pv(si1YU~*;06qZAALF)ws
zWXA#&6nQdZ_eAgYJ`>RX$6)BcL9C$Ih;&}5K+5!wQjY*VOW~d0Ec2gV6RMe3ENZVl
z{jpCle-supLUI#p?B2yNh64n20l{}+phv`IQRv1uza2$Q$hS0EP(G>nq+P=RP)dc1
zOpQxTte(UjZm+_0r(g-)1*g{o2%qKLV|Mu%+_xFDe|S#?2$dY;VFdkr;rd6-qsmr|
z?3ZlWXUC;>RV^y8M2#AkvAl5WA1M*N!*_dQsv5J(9J8~1#y%OPbOG9fZddJlz5^eG
zLmFPod*;1B#XE@pB$hCu5(x$k#D9KbaSf*Bzwy*cm`4QklU5fpg5cJ7@RNucQK><r
zJ^wYf-bM9iZOYP*0TCOaYTs+-{LOD^FpiN_uAnDMnD^V--wFV?EX+@qr@XI_5!ZY$
zG=e2_Ah)$|u|7DZ2L?SM2jdd;_DW9&SLEowIku`i02KUydj^O5$&U{K^<Fyq=MIjO
zp#Z*#?SCkY1gvqBj0I|Rfa^i{L|u|jqs}mRCm~J~#5b=$(^xO$H~uFqRy&%lFW&AR
zVon0`gr1}kA;3e=5(D2`rlr+1er;jx9gBpqMlX@TgebQ?@7v!~t^Xw7Ra6w`9l`YJ
zQx8X-E`gBdW6@|T6WUG?=nB)Nk;d8&^(%(KiHa2IHEV>o7dv$5Ij+f{${`(@?cy43
z$(T5wA-I5g6Zd1g!h)Q?Em<;H4(gU_w)kUoVW+rh6M0=?Li>sUD5cJpLiMKiv;dyD
zNUh#&t^zRr`6o{Q)6ozi-TX1q$zx7X=^jE@|BoUm0y}zv9rskiM5J+wowg0}1GU0J
z`~_AFZv=ygc`jQU8&MIzg@UMv&j7Ycc>wD+Ec!eKNDio!VYhRQ0eR#0LI>@XhKYqe
zm+euR>G*a`{hEpXf`!RKH<-hf0bEFxEohP(7uQt=-1g@V2foK3-wmKLr4ML8mRo`!
zsMQZ?@^8vWgN8MX$6s}FDh;Yc5-rk4rc*1#cS*m0t-@kL4zln?`zP9ql_hR-M0+L7
zJBzCX6jB@g^m{^b%R+GDCO$qDr*2baSPAu+Qro~XV&>*SZ2t;j9OIPHezpF)>)*cA
z+8XYJKcICftRFX$%@?I`oIJQMJ+Te3LvUm`Tl0U$t@V0#Upgg=X7}OU8v#xY10q&a
zx1Sg`-iqJ}Q+M85$(yQc7MhyDePWzS3j}x1QsL^hZAe`+D>l6b1NGKY1MnI0!6q@M
z{vre#`aYKLC;c(!ZQ9EyOd3ESw2Dz}C*h`y>1dmm)N10jLpW(|kG?!yUfR}|MW{%-
z>&Rty{EqHu3Sf0?ei8F=CI5?<Pf5NI5cdlzkz~5GbXu)^GqQ##Gd6~n=zZC<_I_V>
zHB4b~YnbJvSb2rjRNG>kTQZ@7KzD2#b8+u)Vm@>IJrRpKJM*!!Y3^ieL26thJu<U~
zBeu3YR|ErxTm66@Y%$MmUfqbY#M1qAL6JdAODWU>M4S4|?6A4g-$3G7H&4Luh1rp;
zyb|+-+`1ALL)#`vaq|JF?9Cum-q6U)wY)%*9w&flW_^?y_2KWV#luDsApJ{<@b4}L
zU(a(#;B&UN9w3qjF!+TRKQ0{CkH3;A-*Ozu95+3SLc59FPbpGdxQF!nVoAJEo!}B7
z{_F}x!W?YZD9#c&DPSNE4#OK32MlNV3g5D(t@mE<ZD2(2b0-?pL!1ku<+9~IYuI@k
z)KM>qpIJqljvr@EL23sj0L$J?k20}}Ut293A0BSeLzbg!FgorSSZ|p63g^xz!v&ID
zqo^=*K|{d_!!#!ef7M|Vrlyap<^DmXY<v<m8qF_>+>fG417>!5o%1*xk+W?Q3(HW^
zn3n7e4jw%MtC35`Ov<bHWm!$6OLTk5L2OsbN84KzY_|;t<eWOE1g0?cOlum{dD+6G
z5~<u_C>3zdqxNQf0ZNnig*r+TsqyRtNjkJ3ATv7K4%pl9l%p9;Q9r?{i1+S3YGC}L
z!j$PXy+IPU(QR00jTDgh@rCARD(B3b`rppz$Y!CrN!-?gNa%QTCbI8VfxMLg1m|G!
z&g$Y}02U?b4zzcV4a=Y(RHPGF3rbTMq3A-v_)$Vcx#opOJ0WP{bn5?aWPMJW2(*D-
zRC=6dUpTiba%`J#-eCV(LlQ0UHlD$U9e!9IE;aWzr50?W%PrS@<U<lkL)x`vQA^nC
z$YjtRt=&5UEYXoyZ)_)YNe4NvkJ}EG35Yq*bP!2|u7oHeNRKpK*!WII>&Dcgcr>{k
z%dLf=`j_z~RS0bGy&n_+MRZ(H^)Ez0;8{q~_YQ-TYkp}OB45~o*Phe-7YO%k2tqRV
zps|)?j}h@$G7ps^L?X-tuF&pIf-T-GP5|lLZN^*pfkDu{FpmQZ1O8~(w{+Zu)xtbn
zGFHhAmde8%B^#j%IJrc6K{%=XXyY5g7*-#h^JIRN)Gz0>Ohyt|Z)cD0XF2<MPpM)I
zck$6U4LzF25<jPY7Bu`WDP;H=r(|F=0Esp4WH(^39vKxAP2Mno3eZrA-r{x;ZgqLu
z0UScsDNPu0woC?7%r3n_QPxE6I)&!+<X!~=w^i5>N9!Ea-(D&O3C)S39-pvz6sjd1
z@Mw1dR8ZGWn3<ULkIAc@n7?Y+YknkN2EIjo9VpVoHNGjX&tqh71t>=rh!JzTeVb%x
zL?u<qC#JQsa49eyvwIzz9w*8Q36&AbQEo=@9!6`}yQ&GYlpV-KuBM7B*&5{~-&o#?
zj5LfRNd6WwTe@smW*1SvF7@JS$LqiA0|=Sd3Ic<#!Z2+H*Vzeo`xjj?m_5?_d`ku7
zinAPwNe3(Bt!s0+c~r`Uo4Hg(vV5cm+Hs66lNIf^(K$g7@R4jL0we>++e`;Wt77!N
zY@~B1;0ANJe}B8gm?0mrQ8kBN>u$>Se<*wJK&s#Of4pQ%L<kuTl$}|&L_<RM-rKSF
z3?a$N3K`jsz4y+@KE&Z1oJ97qN9OrG54}q7*Z6(D|2;Y9+|TR2?rYuGb={A<UAgEs
zP{>ZbE?{y1AU^GFC=aJ*N|oO*5tBIpwsZOFJTW-Z<dx2dVv9<kJ3p>|95#B4t|)xx
zXgF5pv%E;?;(~x91)Zf=H1B`!drP@|Y)`=oRMx!9W7Fb;mUJPn<qZr6X9jG(1@|Td
zDWlehKMXtYET?{?&;ddEgEJ(upgl4TzE33r!@|R|WcVvhc(rBcdgIuDt3oS@90zd?
z8U_o}Xha4HCp+*iiO`2ZUAiWjQkkXQwA?(EHGq27jDzA~$;d8n1z1D;dU^FcjguWV
zIPaJ$FMh50o@<#MgGIFIfbG`kuHi;h7}604SI}_Sa6pYTbRK~f-5-Qf4v*&XffjG&
zsDGEYfOzD`32hrt@(QpP?f0deA56EEs3khvuL0c94w2tvB<oDzmf{aS_e9qNg3os~
ztLeT~;>4_l`OgN7un!s?ppfK$JLN<ib`tT@2F`9O0vo-VI(0${Ekx~uLFH8w%s{8l
z<uscNMi6zoM-?r`m8gQGSi>9%l)nq%EiLZ-W0Pk?ie3^0dDmDzbInFYVdXxxGkAJ>
zqKBUACj{%@%K+tDPotTY46}AeXD^cP;WKIhS4gw#RI>tj-W#|^%iIn0qE;<e4pag7
zRdkCe_Kxe&3J_*aR#TDOpyW>9#qFEt1CsK4Cdu#2m0B8b3*k2{enJp(S4|5g1!zBb
zYr8#v5Lyir^x)B*zYXLIKiE@n4`g^L57|U0cURj^*IeNNd)-_83?odK$<@%iyxR13
zrEm^f^c1XkN4Uo^!OKVIf>z(x$bwxoDqJeex@(K0cOYVC^HMT!HQ>`Eq3VmA%-;;T
zk}jAGE!hTmIwWYL9?^L-sv|qhDc_2H3O}yTlXM3kG@2+f4${9XTnl&l^7R!rYsS(S
z>#u7NV@XD>OJ(<I3;@hogLz0s8s+@Dvk(C2nKXXC_ho{*2HOmb_r8Tt?*8VS2ln>9
z`xcF*lLEZi(|t6$XKT#UeV`T%v9vHS%djLjTMBhv!-eR65M={){r`hpsONZsTu7%*
zldAz`A1wCNNIv3OLr1Un8l{;bMguRsXphJ_)EJQh4jZb_B5~o(F<6ab!lRVVMF2E-
zkH9Mm3f!az;I#yqHir>>ABG}|E*U&e&Rc&4r1Lc<7l&KD>ht!VfyPSbtnClbCtse1
zz4B*G^Z|E8(?(ptxzy$3htu0Y#v;PHxA{GGx+AQ+<U5N{pTgAC#>Ui-U12ZfqrYGa
zi{>PWz|CMBX<>Q*@w5|Yf*0;1J%uf#UYSFrk)8$Zdj1o%t58kjm|MhsA~dGwM~|x0
z)cDKi0Mf8J#oTF%LsB@T&)$+|IPaX{VPh5?lFEGo<mC9@?a@FkVwJQ5T6IG}_8o8}
zqQ>R4c>2mR$t)m*hbMjNW0YhI#-oNE1DaER6oL0M2v6enZV=i4j)v?|^w)RT0!W9S
z-Bifk%YjW6OSwR30O*DVRgJCk45R@KFWj#&p~KxuC$KtEh7qE?QykBI(xS8gEzL#O
zW?;(z;)_&Y)6+k&4hyDY*o7thumD)#GL}ls1`kOf<Mz$gOKXk)OUCsm=Z?_b>@o$^
zp8Cf8O|ll6A$NZ&87>Td_3unIy_ByZ(+vFJ+pak7c?Rw{f%+t@g9eL7LkHQr+^Lx>
z$zIzbK%`|-#eM;?$R1bEY-N^3l=Un&u~wp$Y;SWmf;~~YSb}Tnl78O65-s1NCnVW_
zo-fP55<B=s)^i5+`>c-Ui2i+1DWwm~V<oUwC+uJcBQ%a|^yd#`1<QSv#$SE_K>m^2
z)F@7<0{{V<oiO}i_edt~oodo}b)HO#GwQtSYHN|$$NJ`uXPVf-JaWoas!tB`MEefJ
z@hKYmflR()uJ+KSFVB+s+S1g+N_9%f*^GK&j<aB(ef2TWZ7aYZj9sw5Lw5@RApTxF
zS)CI77U<+-W>Gns-MrTt5Ehj)ByzV>QrT!>x!V3k?#?DH*-M8k57*7E5(a|aBM$Al
z+eA_9CV*pXEYtyEi{+E`i7D+`X{A40|29~%%`#$~JcPZi!^uLH;h-2c6nY%$KHV-e
zxbeM0N_RE2e_DejS4dqg;3Dnq>bGFkpCxp3Fzt*-%=#u#7gBMl@N<R+>am!I==p^e
zwp+Wh9-=8jH9v9Y-a>2a<z>@0fn!}0BgabBTf5p8ceS%1lxT28pBl&UksopY1}C!4
zfX+!zTWDTRWO{-fjLtT9OG}^_oOL*J-U617KlK!`g*f}9sRoaHLA5KEjcq&Gdjyy1
zl@j|Pm~E4SJ%Uw=Gwo?c5pnm7Y(scs#p+hoE0d%=c65SOaJ6UtvfLoYhy_`kS#mEY
z&~=l@Gw?Ofssz-*9>;^UH=*EOhWx}@oUT#_8IKh<KIt|lL>}jk<i)BX{FNyo(NxzK
zkImifpE)rZNcE?Ed{<MRT%ppRbdbi%ADY!$dn2L%itKX&VjDBX)%%}~Ut#2l1!yk;
z2SO5jK2G`Vk4_9f?e*X#lqxqHd-i5rrBftySk{l23U?4+%#EWC?ne|AZcMo3rWjqk
zZ%RA^pfPSVKN^}D{0{W1o5~~tr534QNQ*X4iNJFQM`3Imdv8&$A6n_UBP8~pfHgj1
z*3SY(5|?Wd5|aBDXKDaUL@75A;;5+UQk~1PDeFA<z`VbJu}eE;fEywkNT7Vo%iP^;
zV<c=5W~tF?edvY?r4iM03>$Gk_cpkErsUf^zCYSvUkN0?T}iScL<lA(spiL7tL-Ll
zf;4#fy_NF`-DHnPOO#>?H9^=o`P<ZdRx$l1Zj)JPkVcxD^x5YhWJS_S_&rf4?7~-a
z#lhg^87)N+b3aU*8!*^H?gezzQ;C|z>r7QtT_ne%CL5wHT#ss_udP5W*yfL5duE<y
zJOavdZ%M}#>1Nb7zlVf}lD$?t=?JJQvM;?~SV&;dQO|+!L`hT)$R>>Br)$AuGdw$>
zGrJ+wy~mRsW=5~9y!IS3szF~mr(Wz<3rzLt<&QRss!D~@vWT*28s@*FSQO#7iJ&oO
zM<v(0hZW~$UpObERlzp+?wsdioiYMG#b=hRgJ0g9XOMaJ@X8%I)LmvG(5>q!B$qE^
z68L^h!Fv#OHR$fG!;c#SrsrJCA7_t*KhCd%4O#_fu%&a<f+n^<5I9R$F7JG(b?>V$
zovXzghu7L0du{eEaJFtiH(LmDTL8G>JWns@7Ww+MT2io==PF0*VOTE#NBx#v)huku
zeL6Q5Isg7Ld&4}79t3L++9)tDEIXd7e8j>k^LAeZ?+%dfx^Mp=zOHPo&Yq|y>ymj7
z2QD$a*voV0F)-ED#q=Qqx5z=qM-o%zf~!_ts>wEE(AH1=o_s3s;x>&{P5Wu>5BHL_
zh!}=yUAO@Qo@k@yg>XZDSRx7ZE_}B+#T)f=tY3qkJc!-Ja778(-jz2jEPodyc}Er*
zBxwP({3xTYFC(hBz9gxBv6Z^Y>n@M9cY45phbE}$yiXm0PhF7YcFbV<%dG`QjS8#W
zBL$Sml6$;iB;)6|G=iBikHbYMO|!KXvYtI9k(2V@rWPQ2@`5Tmgvac=L{<;}#OkfZ
zi+qqwYYnp-Qm}UK-Q}F4`5xIG(c5MVDvi}B;pEJr%B1N~Va6vZ@t14dYg!w1JQ$XR
zdPs#9p;@vb@s1lk;fx)1(JqD0NfflD-v%rW^B2!AE+L-3xN84JzC23{IbO};VC5#9
z{zP1|VbCjy6ZDkL)mRofS@hA~puoK>KcDSdoY1g|tcr>?$uopY*b|b7Oqs+N?hgic
zkb>{BMjVW30~;K9r=bQNZ}B2Sldsm0ByR`F#$S!v<z;Za@ocfqX<}d9P93o{gqTKt
z7S{20WCCr`9PHfEvwB!Bw$UJ3&0q5Ag`qyAw#5wA0YIGlqbw&ir5}F~a@}xe<Rg@{
zS#U{j<k&^RV{b{)MCK#{UDN(Uvx$@N!!ELZ+AYP(iCX7C9@`w2C%4>DpMvyWyz5bx
z1uxf|hSLqAv>lwBMquwb^*r8j^5^hVT8Asuen1NgdR<e3Fi3&}7>jSywD4ArlUIoB
z$G&)EKkh5*ADY`RCYOK~8AJPTA}qEICA1F;oY!fSEXIA?J(tSu3#7MD+LCj}yoay;
z8tp^||B{<FyqTlTPi>O#@@Kmk$d9bMgUbz5BT7X`L$9KC5Xwo6lp$9=9c1#{J2H#B
zdlf#qAGF)dET|YND84xvukL2J^YsB!{mX031e&g6P;)$fGZ`~3$$iYEtsI8phJ9()
zH|3(=th9Wl0O70IxGq$0>H1?sg(Js*6ms{b(Eglgg<X~Y%~Q?5C4T)Fts4yF8LbU_
zK7lPUqQWFjjWvw7P^BNk1@#_oP}tY4ehTG09wM+4&B?YF1EwA(T2a-eL05fYRl=1H
zYVln&_TF0G-b;Vk6W;wXTi`#prRi6bnb=thj$t{P`jF$kXg%nKU<+E%BiT!7A|85I
z6NNHvA9?j}z$M~cq8eaK{dfi<-YUpa@5^YF^U1?-rNB_}n5)T-R4b_|)31hG)v%|_
zT0YUSwj87Ka#^CuziK@D{ua4W<_jBQj7PV;Z9ofQUg5a`b({JHT`bB!`jRJTVkXyt
z<`|B9s5+a?choG5DYd_dmBjN{Z+O(wSAXyZ+;C?*lt!3qywX%WvjVBXb@$H0|DDfo
zI}k2UU$L3>l!-jUKwXx8QGGqQ$fQlUzEu;|uuDL9Y9FxC%FZC#aMRMuz#<@?jPj|E
z{LM!J)>_9-skZ8?3f;+s-N*ama(wb`S|q_wnF<a4NSWReK|KyOG(GzTIcC9i`u-dZ
z4z@0bK};6)4Q8JSr&=~Cl%I(Kp~+8D-jGyH6*u~mQS(tKc`7U>3Oedn?c{|So5LFz
zNFyKon&{sjD6#Yfz2B*B^+g5&{HtpvLyLvad8`d~%oP;UPj9c31v_tu2+#2Hd;Z-o
zoNiw_)ghIWFxn*49GErsjs$&dQ^#B)Is1>6`_%=XPpEz1@9yT-0^Cd9TA)>HUhnmz
z8R1XVCs6$Wqvq*ftdvV{;$G4w;ukG0>12Fbc(BMl_iAq_tp7`ar!*s@|6i)|cX~0o
z@IN^n-zt8rFW;`AaTl$uoi_k|C<080%|W7Q|BG@i;D4qyO=O5Fo}Tw2Y%14W=h`%*
zRkGJ6>)l)5C0OH``O5F_AMZ9$!{Bh1TPeA}-XclBs<q?cav0s0ns6uMST>1=LDO}A
zxd${>X_)yU{2#UX<j3@WVwQ8V(bBAolf`$I)hc+FH8vGN_uz<|#q+Oixm&Zxf?KlH
zOiZrYNuEp%@BmWe7)k05P5n%Ob5co($Rf+AH#5|>)WV855&9D|bafI#I{Ep#VC@jW
z>f6>Y<ONc9*jf)7Mg&i7)L+c}OOXL#5F5iNP83yQFV6Oo*m6KVeixi{QTRzJWPXSp
z&s|0Inp=%iKm=3LWmssEBFAjv$&6-5OdYP<K!tY$hB+EO<g)n#VkH;Tlox3d&_>~z
z^Kq6ck%HR1NAee&FmW%ce~oi24D8UJBv!6pHy#};w;tGzmTw+~+-$u=8cJy5scZgT
z^ytU946Jg7(f<5Tqxug7H=R2nn6KFM<=w5DC-WL80+2m1k~F_?))L?m-<C^(Fp&*Q
zQ1#TQ7PbnW9qG-LBI`RZR3^?4_LoAO3Xsnt-ifeeyX|JvlA_t;gW;!zo2OMNBDA~f
z{VG=5l^3{H(|CSmg`HDf3HZiWIiHG(3Qn(aTfNyQG<qvJba>pEvVvuDq1M=daGO4r
zKg)WaTe^rr;)LM;5ZC?7uaSpO^yNh_ELfb*?zNaDfsfSwJQeWg%w<lFS;&i+-;(8H
zj5}J%BcYY>?~|HhA%^coeoCEk=UAjf^Mgm6zQSLO^fk|umtt+0J;7wuHWLiLgo60v
zOHb)nevF1^DgT2{Vgv-IZ1T5e{D_u5F%OJlHq39N<af_w6yv?8FrdD>PV&>#;1Xvi
z0RwKgYli(YKYyFQ<f)Qoch-uZtd87$pHXs*Xli;IMzIu!^PBn$GgP;JQ7A^A1&sKd
zv+dsp#KgXG!bix<)`h@Rl}kqR(W71=9$?-cR!{I=ucr8K0TZjn*kSwbW)bq6wP!^K
zpqO*~)b#O;uRcCHv3f7C^fhp!-lPFmh53%IcHT_U63?$6`D9}*Yot=KH~(hDFOK|t
zP}c^$0aK79o3}LHiLn6cxuEOBk@>24#IF^a>aNaJ1)-@uU0ShdU_dYrZ2y;0{LPS`
z^SJ$Uz%~S_I{F<x_;{Zxh_eR<=9$l9$dGVy@Zo8fo)Hv7@*?Zc&ob!$dd07I{dy3?
z_8IL<1}yzm#ZyZpri@-0wS$anz>lcNfFYUZ1kOlG7YU$a(&~a|-tvd+obxfqJry3R
z-3)CsZ^WLUh3Bb0<l=b@GICB1WtTO_Q$vIPq1Y{8T_P?<asK;SN1P6L`yI9Pd-Q9G
z1JNsePf-#O?;ecVw)c-@mw%H3zOIXS5n?+ceTL{i<xxxxZDO9VGB5QFTtc%(@c~+2
z7_cRo@Q6*pFI|gs4yl-aGoRiMkVfoVr~LWFxj!DbP8H_%<^c2KleN0UK@5NJbxrt%
zFYrA-QcjLbef`6~iNw9a0Z>_2O#UZjXU9|`IW-i~E6+XA%InjDmc}cWQUQvYIRI%q
zWIK08yt@fTE6WavPvz_%M<tF%`y>bhxt7;(x%>pN?{AavYp#0<hIh`L!@T$8p}69&
zfBySJc1)A3RsG#Jmw*UU|2^iD-}IcF$(d>YDJrL8NgVw0Q>w327iloQuM*qo|Ni}z
zKUM3`88(IEK4zsNX_sJ$P<6--vi|ea|0^x(kHqxlm)`n6KKZ$r8HNSa8eGn6081Z)
zeIW)2Q&(%M8|_NF$#+JyUYtK5-~BItCWkhCJgH2sgbXihPDhSLucV@D-d5r{A3MN4
zf4^tp|C>mkcC2L$s!Dr?e`iJ0$5ROwaJc9xal&*ea=@|-*gVn##Lwp~pcHTA-u#Xm
z=m&VtAH-xrEZ+Zq&Hs$f$@<g!v06(c-T?UTV~n;frZJIDc*NPEfKmt;<Y)a}N`0~-
z>mbLOPcr|y=B6^Irlow=^A<CjW3Ls_YL?#9!YD?61F-oI{TLK~bCL`gFlWALiSK_1
z`z;D7^rr)oIo!-X@sQv<fRd%er=>$NaiahO&8ncG@tZ<io*RHSejRV|AJVW-da7jJ
zHy7MbNEraI;Rt-NYvxISKW6}oI{WR#8K(I#qP_8Xt;jR4`BSES^jJ^5v7QI_A{BZr
zQD{?;;&GjggkFvpnD(%gruT1S_lZdtL4tT6bmk@h!+?RV)5SLbUi-un{a)fkG>!8w
zv7P~dc)(K62Rv)~O%F3L;EU?(P`%%*{r%yo{QZ<3<}D|=`{<V`%Agl!xcw18*KM7q
zI@N}1^4}B^cLF26>z6kB*8$J@_@ISnU-aC$b12j;zl#%p;fX9yV0}<BI__AfBjipW
zydIL0qMyH43ALgi)zDPYYGZ%erYQ+k7aUQ)Knh)H*S<phFo5`0x&<z3&VB2?$ga(5
zPe`2JO3$2Y{Rek}$+>a&{?5%roe&*A<G(Vpw@H0IE10~3FMRnZ6K5F~LJuH&?Xfq_
z={M+zhyLz=NU6c|P~{oYPQKUM-WP8Y9IP_iw!ojK(cxBZX<X}UVGVb*OkBUa=`P)F
zm<J5;yBY0oPjbFu4MztGguaptnli?xso3z3VhzH$hAwWbp}=nqS%LTeIZl%RY1Mjt
zAu|8T5OnOgTfd{$0c0|_Tx2Gd@NGBdZI$W?()F(f4YB`uO1a|Waj*-Z7G!A38K0g@
z3lBPZrJWTk8U)<%Ch$r=^Sm?o*J5o1ivDsD3h)eRVs_ZwBb&>OmG|yz{|lVM&rXr9
z2lR;JBLFj8P1CXB6x6qA6=QFQzR4e50_@Uw+26K7ZhUZtD>LkCdXQ(e`$!Hugd78`
zrA^S<3eC-t%j@pa>d#nDkt6?&rQw-qZjv^q@^G*Q|72z;dS>bN&sov4nYjVXjNL8o
z4Ai+;8?NSYy9u8gEbq;j8Wz%MX@?CoV5N~+&hKUYBsj?bADdo&@pSM?XQej)4j(n^
zZ*=#xL1yrBXC;o0Ltl^)@KYa6%paOPl3|W#Se1R%=O&$dFF8eF-upzQ0d1<0T!S#0
z;z#Q4)4MTc?^V$VxxZfUw<mg;pUY>atxEp0luF~{;ZFQ`?t>~Cw6;?c;H&1A>KSlT
zpEs9BQO&W;#*fJAVktu5O!>ka|7U(GloOGY_3w?v$R?O~XUP^1OOuZkvIK)<)~!)T
ze04WIWG?BXJ=e-rtDIadq$;4k1ZB1~+=hd6x8cr3HN6@cuDL~5(Mlku1TYK72kb(4
zj|r1FTNA^BUAbVX8G=@`pE3~s3@BN@4bM;r<ooRM{`4@`uMdBJ?es}Z3S)1?x<DN(
z_>D<#nZHg*MMfkO?9D=>f6z#tY7zvC9W)icy%=~s%?&A_DjrKalD;~kY;r`Nk>Bot
zX0Z?RjqoMErkT{7orO6a*eg25u@BXomc8-3N)H2ufX_WHXRDQF^6GdCFHM%0g6bu8
zmcA5AJP%A-n$v$SXkv7BogPcS)V<uCT4r^H{0wyZ|L7k2&&SgAi2YurJzdB~awhCB
z3{fhH@UW8hzM4ED$-3lEwX<jtvTtc6Q!zfWSZ<~>l3?O~!ky^H^szWTOj07&bRI%A
zB#DH9Xn^JSpvGS1k=5`EC7GSy?e8unmfZM@nP@H<-a;cC%1iNIB=~&<^$f#*@igjo
zxb@L2*rCXDIMttTVZXUzxg&@{yX;N8+Ni<JB_W&eVe`@KRHx5gClbl5N)N~J5nOQ{
zX!q2)-%!Z>{_Vu|mtwTITjNEwiB5yXYBXjQ$-!#Kx6x-Mn4SedHN*@qsj*f40|fr;
zcTQMFpCi_=osc`&oGRNd0$J=$jNW>XpBuz7Vr`~@a6r_+gbz+&DQ}zjSkhu<D=PL;
z`1js?DHexos8M}8p}&pmzAoP>0QFD#F(V*m1@v^Mx5f92!TASPWZ=(eG*&ayu)57#
zcc=wZD&&D$TV8NzO0upEePiIO1w9hnslZ{@cV51LR#aUYT*G~O&T3O|NENcc(I$PF
z1g(Ucx?dMA<SBGqqRfB4FsCm?ZK8KpT5gk`FrsTlO8@46lLL5zQ${$iRQFC29$S!N
z2CGw$zbY)Z7|C1HC^v0>kWg)yb9C*na_CML9F^$c=1+G)@C4`_ur$x;Fte2v??V0S
z0R<exHB>0SJ=EV;a{ooeAKZz<jgl-fZ6%jM7ENj){fi@!332w^W1iJ)2Q9V->E)pR
zyD<a<ix%A-3lAhhSkQ^?yd>jL)8Dp$UTTrV8cEj{wot4r;02uJVwB#1>2_fwtRy<u
zaseD&!Q-M;lscNpp>7G(1&eF^{VRGSIyAy)oQnB``JZk&>7UqF9}m*bEpgo++x%mB
zW6^1)G7W0>b-46$>lkbrJeAV@qAY1NCi~UzA?<2^xWTT6DXhMd_3C`3OFNT%LP@E6
z!OLyMk~<^m3l;jqi(L2HE%^Y*DQe!4Ga$(SpuL?+C)&H93z@f<EuJ*d($A&3GFs(4
zS+u@dXC)eXd~b@1VkCzY`|TB;7oFM4y;RDjQiQn~C|_ItLknUm=1Uk4SX6LO`D&oH
zsipX@O0BuA^pH1Sc_#&|%R@j_Ln|ZpSrd6XB^i9Pv$>YJ)GMJJ?e|X1C)s86%)d%X
zSjwy&y&%u$%<hAhJ&80`;Py^3%8m5kmn1N}JCNe#X#uS$&xhv4<*OFAG$h~q9D^l3
z=?GcGMoh8!hWlCAd+)WyaOg})mAd6$_CQsFh6L0rSt}?(c_c)i*i8D94BA*!l)v3%
zZ<K($hiQQ-wVcX$n@cA*IqLOSy|>KvkUelaB>g!A*eKYvtIl;3v`}IMaWSGC*jx{R
zUhJN?;X2anF`Z`p-E<0=8KWC=Bh5FQ<$!PrmWz-rm!A%{9QpPJMH8qSQA<+yZw2gA
z<xoujOAF>??+?~|$uY~{5$&OJSTrVd-!4vWI7se|=Ye>|35?A?OS*DVw#Zc>E9$fG
zU|uWsNQtzw#bi!!KJ=pk=Xfv7>Ptt=^J^y3z9{4RA5k)@CF7TBP&r&<bkrvcpY4GW
zCxZLIu{niHFz7tfH3RBh7$<B}m`KDNb>L*llhiFX#2AA75*b=vk*~pEIU7fDY+>EF
ztJhNYhHA_JnrPWr?-b^=+jl@W);Xv1roEJM)G~6?spW3qqg-=$m{ozyN8m_LjcOrb
ztwzTsBuLV>SZ2Stvw<2_PbL!=vove3EoyatF`9pQn18a*wRW$<XMcNXjJK7Y7pv!s
za)G+hoYp(F*NkxcN#opJWM|{GYx&1}v4~NLFk#9Nl}w+6!rB{Yt)I8-@1}*6a-MYt
zQ9)v^Si$4X`FO`R&@2U$F#-c7I6pT_fgLxnGFUFZfr9@j{K$Un<FUlAlHn)0I_Z_h
zyEorEzYonrG~o+4m$uOBeo66sl#6JH9JUzhd*k=?0X`+0MpctC)-Z)~zN!_AxA*Xm
zu5So1-IpAVesk!M_jZ0C5H45`R6V)M2&Pt)Qon0Z!<Ni979+#<21C-q7g<|jQ#)bV
zF@#+se;R0l--~4uVeFBx)-3y$=1XpFLu=Hd@2jSFNoWaxh-o%e5FQr5jjKWJk%XUG
z)hGyQlk6ok+4imUkHYS;;^%(atu<ZOuU*N6gQi*}*VV}Q8rc0L{jsn{oQEbM)z6c-
zhBIZ7FNdhiyaam@(s{@`<SWW7e+UkYXI6=EzNxA>*<$&769AZorzE#mbt4*A|1>4$
z-pX-Aq^!*LFZf>nYv_XhAUr@U^C)O&)UcZU1;A9mbac+Xtr}k(0Y{S*OUa3+G!Ou{
zW*P7<jg(V~zsxrNp);|jG;Q99eLjtM${R2q*3)ej-{vUw-ka`~-8kU=(Y=!c>q@aV
z-?R@<&0;%_GQXU8;`3*!Pxwa6`hqOhf}@djs_T%;I_ZdK+Qj|)b|t8*YyoeR+58r5
zK#&Tn!0~)5DFzFX=y6%d@wZ$OBH3YcDxPdQ_OzycqgWk{ZyOoCLb?cHP-UXiZO~l}
zG9gh-&sH`*lNF8(b`4sBPi!nD`jAXdz6#O<y32_p?^oN$CWwScLR7ZIP&bK6+4$hM
z#*rGUUb_7uZW#|Q`RK~~bC!~xb&Zd&%S8a<i2J9ZFtW0XYan4|R(Q_$-(exJ2|%-T
z+_IWY8DML!N`4uNwgxy$FrGbrj(cqFZJV@Z7?V!9dij!J303!r-I<B_$)Uxuw1h;b
z4O@uPdtUcY!p7rSQx7dbnmDVmg8|?j%T{(_QGvw%#=~}6x8={KLPI_R;x2ppQ+{cS
z{OaD5hgf`$`?3|<LzyEDS_!XYytwuW+_yfPkYp--c|2YsfD>$}UHLq*=qaR&1Y_FB
z6NF11U49#W8pWSF8=q&GBa%g(G>G_=r^~-}bgt&J(Z<uF>}OZUaL=mr-{Kds0F1aD
zraqfZqXw7gOXN?M#z;~6i7GMuI)Xi0=2wObOmN0g4w<>dLMJ|j77qws!exrGi;9}|
ztp?%h6{c4Bd)Y1BhgbxlCcKW(_IkdzWh<_0@&|}YgEU+Ifuf>;<1!;1i?I@aG71WK
ztWH?*lgQxl<@s{s-uRJhd5NX5`dpgf)o|0Ao!w8|9IvJUaAW)nS0O#RDbiV?z-`G)
zK<lcfMuUgH%;D6d1FvtlG%7r*8&&U(+xqP&tI82yDg^wN*N?mF_o#5DzV3ifxL>cx
z#2HJ+uoK3H1?p)QJ@!fRZJK{AK~xsvw)1*tuZI9t&e2F|0IYRIn{>>>p@}9D_Z4IJ
zm5Ng8a`;M(sL+b(15UYt6rXKep&Do8wM!@=3#Y1QT#Yo92az;R1748D^`}A_Rt-7Z
zqTh;4fs@(6paHTmmB)j3hw(7(n&Wf!zTdOI8b0QdmNZh~m|Ij56*>h?X;rRkW78^n
z48YygXKC3GW<CQBFcXaEl+5s>e(;UEgjs1lxapte(Cc^&U#3k$fY<yBrxrq_dHv}7
z*Q1HWk8`c4J*4ZMv7?ObisjlIM^nTI6|d#h@dE-&JBZ?eTaPn@&yI3_BqMT|kXaSH
zpc(ADsXXL4EPRh2n%V!}jKFs{aWYH;)S!0tN&=r}fG6p-4vx*)+O`q5;REn$X1&Bv
zhIH&$)hg5b5ovx^MV9PO)sAb&!v_zb2k_$QR+Qp)m$h5+!4z*jlu0J(8;3r1nY9TP
z7GbKHn>T}dvJ}Cgh|Q*>$|t7idr3eL8$@lucvkqLg2mJ@gB^5b7NO-Mgamm?X&4ry
zhfvso^^xzsa#~axM|@+a_B9PdYngZ}7GDIy9)uZeM`q}GR^9*RYJ4m)H}Vmh(M06+
zyx*8LR)dMSYhv<=?suuvcqn!`#=NCAAPv-svhxB{D!`nJj|z`Xz+=x&4rOO!pq;lN
z6{~;?sveX@Qz4V>o0ihal<Z0QiWOg)kUY_2Tz*6l*Y5U*DSps&AOO@DBe)vOxLSl9
z!Se|-4dA!w5GKNIejPLwrA_TrnMNdf>!Q0$@Iya*vGJp(n|RGJO9fRu0Jty(d#Q0R
z6}1Z_+|-ruwoU4^4YFFka5Q1HjxMylm6Ki7K_7L~a!7=_RtZ>)>LkypujQFK4t<m(
zjJRL3^R???ebp|e_wwlQqd&L}7VD+lj-MxFRj(Uesac)ktea+}v;Xw5LXG&GJ?Muc
zzrPP1e*rY1pkAnkTsoGmG&oT6dw-wlC}IStgd?{rC(FG8uj%5aR%O~Jb2-+aHzKc=
zh$|I~vMuHa^Gw24tcKT=mP8M}b?@xBTZn3WUdbDJUV%-x$ds3MIe&MymTq*jdD}jJ
zHPdtXN7_L(B)xFm2D$^cGzz4xvIeT}WMrB(C`4G`b!vXL1QmpQa}@!O4yBdU?yioX
zds8`)=w44eX7g>)o-9`Zs0zZRL)&eeu+nr3W-_gf4t)w85An%8h4wdJ(W{rdQL8;f
z>^L=vc=P#39%gzn&uoQxA9p)&fZJF?%;HgAATmq>j{B>t@z?l3)3D2x{^FecY{M+g
zsft{u>wGFR^xjxq%&Lm-#1hqc^OcAN%qOzN*L3uV#RiwG&)<?MR5=Jk=ul7;mZ>x*
zo2Ru?jODeBp{6*2T$|SA+0*pUukG*u*wLt1v=ixGx;Hps1qh<dkFPWd&TwAk{v|~X
zs^_i%cD+hrv9XD^<wV6qaoGg-NnAi5hQ;Mc+<8ki9ef)<H{BfkWBP%BI-_>+d{x^1
z*lfb~lXACvTEqUpg}K_cOk;0QHM`fT0sQK#Rrfuc@Z=vej+MmkD9F{%!l<o7jAI`a
z&8HiLmC3kSUqRj!NjWE30-RB>2$1w4#1bxO+}kl7X2H>U&&Bzj{6*XQk17+ySc2nQ
ziiKK&&Si}_;@6;x+w-&VRogVm#(e;pf&g4YN)%olvKYSrt0pHRXTxQdzrzy=)^Z*~
z@*QPSLYB9o7UThn<~Zl`-od&H>y1#J$X=VvN)H5fvKynyswTX4FYtM_5H+$P_*IWP
z-^D`9>v?fIWG+6i8{<P1r|U+5DRb22!I^6@%y+68(}1m*MZR1_0-ZOi-A_`(8p3~Z
zrTTkhJs4xK$ifPj#oz3hGArplaX<o{VhNSquxN`?|G|No-Y`=ojXx=!r+zv$+j_LF
ze2`GjnM=FqIk0fak9GvDvMzZm%Jg*;d=~%jyoMsa&$9#4!X>|gjpo#E8PdzqH+PE(
zpUz*SZp8h5nRWmEyhqJuD~IZYZ_AIBtEX1v0osbBQ?sfUswq%=K<-;$NxlgV&VQaL
zU?D@1L&pj;>7TIdpKuCISE4Z;oVlat7|ou@_ZU~O4h6~DnE`yBl6UBe^JC7!%srpW
z{`_zJ8n5L!!6$Y#AW>#cQ%ytppo9^~4w=n+5rfQfRc~PnSlJUEtqZXiYhhQq<XFN0
zUJ8I}w`0VM7$K5Mua)!FL2WF-$dc|t!rfIb%P*yYiEjGd{N`!euEGHN4<3zRS*3lS
z5N|w_J>_tY0-O)w5c$d`2#i_3hJdCT9r^4aVXDEiz4=x}+LZ-~GU9hB4kH$}`4JJs
zBkNEZlTo5iKe{<ID#jO~g%rr{Uh2KW+wOBmVXY9CqE5E7q9|tC>S>1|viI^fQu$Uk
zC_*|r`KyL@n~oxlJqacuRJ{0ewF_>Z%Q+^<X<1Psmc<XFsLrpG;Ak7v-Y%5QdD225
z>*$K2?4qg3@pk&F>4EJ-qe%}1-HyVqY3>JIDFR={b!PW!W!y)dS?{RM@Tu0>8L2{;
ztrU42<0o9Y6Rqw_lRqE2pS`D)F^=z5lr7EVKS0v2(_FA89-Z3Pd{CJpexWkHH(t0S
z0Kf~sH<{vfv<CYDN9|6_0vWx=(WW7shfDK99JFrHpV<?oif+>|#GKjY(>G!QhU81S
z*F*}5yifUlJxK&JNi}MOBilM?I}*yr{HGh6vIi-$b}5B#pULU|&5NDKEV<lSCTh!f
zaJ$<P>{0Ys^=6ppr<wxx=kR<XUr7b?k@6$DXRC!xS)M7ZCmRL11x&zvJmy#3nwxMc
z@!TC37SQqMxUwvl{pcgUKl>HpjRZQ@8vOzPkt+FC8>gz3{N@_*HSv6<ZgMBceUpb%
zZ~eu~<Hc39Df))OT;`3(cS)B+-H)@K(v14{;de&LK3kJn&Gzb;Rvs=*a+amLu7mFY
zL3rDw$DC&`bF8j>)zsIH^+$A8p8QCp6mqH~xdNi&K^AgwfoVtd#>E%aX0exQ+kt~2
zB%wQkGw0x53Hjr!?u%m-$a*4Cybfw!OH*&b?^U<2ZhVItq`nb?;5QO!+Uy|mwBY5a
zjbd=;ZA<QzgP?UKE~?!Nch%*|Yyz}A)7aE%c(M(ZpaGg51!Uxh@_HSGT~Vy6GZ<p{
zSs(0L?&?)_&<v!uN&DK2@J^W`WDYP#j>cIPRE_6{`QNYH<ei{CuFnyB3kYb1S#pTX
zaY4wQ)rSedS6lITgy<x@`iu=ASXOUuIVllaZsa;fUs-!PYV+<gqPR>KQp(X_X<dIH
zew9^Vp(-s88ZeQ@wl4*oyQ<KOO`_`^dP%1p+}OyAAR=$ewb@&}p4eEBk2)5a`}R@(
zvFRL5CAU9PQ(<0q_hIntQtgxGgT3arE26%VmuW7XN$Dw4`jp_3Z<~+x6u{l#Z)HX>
zQDM_VIi<^gCE2ta)5(B+Kzggte}_dIBxreZrFm2X&nItAg%;B2v$cC96$C{;Dl&D;
zqOIsB<InWGcq&Zc$v<rv6)~nD-%7dOtBqe72{LxMZMsITAUf8KRuXRGW6R2MSDmr~
z?7piu4-{=5H>Z_yT)WmQ%cOdR?Sr8%Toh#X=$e}@&s?jlNGVF_Nb{aHEm`n*C>I{N
z7Vp-#+YV_1Z445HP6@>qb|;3MCd>j&HI+O>4mPL{=7;*9MY|7za(pH6&jI_%rJ|=%
zjrlYc6EG*(b;rOw>voS=IhxOn?XbSyN(7B^h8^5;0-T}cu@YzXMe*}|>h;#vbr&GO
z&Mcs|)hNrukQeZR8rrNdw6;JDLhte9HO$P`Z|uW&26L^eAe>(ukl$k^hXWMX7Y@4%
zUe9Kcvc9m9QmWOg{RX?NH%!CdV73~v{K+89A&t-Vshs>B-2R;J-&9`|nNFp)@y)*x
zW!7o)^h^U)z{W!lyPF~FM?w}ATH9gXQqxoe<q$s2O+U%wJ(jBPIH<D2Wao*`SLp4K
zJGFF0>!e;bX-;EUCQO(?sg%txV}>^3czh+}OpDK+P2Ia*#O^B@>}TFt=p{NV6~a-X
z791N*aHTobPR}UqjL7^?FoOOw1J@9iTou(DeXwkPnU!jH$D-nEA9bGBz=A-c@(AGB
zQZATIEA*EVI>Xo!CrU4#Zte)sn>(u_)6TXz%;q=75j_BxNnc65Nwp=^bURiXDUsYX
zjVB;?TpVr2P7<MyPwHzDJ$4P0N!(GWGOcO8p|pD66jh&R5D276ZEq@!=17H5$)|im
zR+eA|Q<0Oy)>6KOSm>ZuHELH8VYQH=)W`>P0<kU%xE9U6{yVd^t8l?p?`z44oDKa+
zwQ2x>NWN1dY=pV$xfkv;0`UHqkjhEQe0xRWhkFXdkDm;CvBvB3PdGXAzyXbG)wB9Y
zT}VrXRO!B0XZl!GjhU8p|Hn{&EAvw;;rjh0=J8bUJ@fU0=W{9c>j`w@gAQ1gSH8ZG
zW>V$(7Oy8Sna^u6@~VTT;P4<!pt*i0EH~g`<e``xd+4!~V#s_U6Ad-e;9L4<J);6(
zZy4S+pY0Vmnq09=&9>j%k%kP4=zla#^`pD_An^Kaeh3ly-rVYJ>=qRfEtpxY#9ehN
zOFBS{MzQi~V@cMIbW!##&$AIFpnYVNtbe!-<$QJ(AoTp+)!qKzZsP@drSG*FGh5n~
z<C3!hU8mZjJM>GV>GJADMl`JPK&~I@f*4XB*b2KeWk!Qba1zPRB%(7I3)sPjT_O*v
zP1kIIJ+-TEKM-M=PSiSuW>)J)Fvnf1Lrp@q9I$Ek`X3)`ZF00q4&jl5C=?kMojcDz
zY2{x(QmW9E7gDr`9udJS4LX>v?VRiZXv%c1SUq{achEU#)ZM~-ztp(@37>nuSv~)v
z855neqVHJZ?h(9!de^hclHKPjmL&Vttw&1qm7BSNTKZUoR8{iSLWldDSIPKa<0zE1
zY`5ZQOb9r(I359U&gJ1k9S+#6zh5B_mfazF;rnToFL&5f(?J$=1vxE4SbhZ#X%Gvr
zt`d7F16FXmrzm8lYOdK7MI~4D<T?{CV!r2V{aCNNHGpi{y)#lv_o};^4*cA)^ZY@T
zynS;j_VyB-H&%yAM%F~P$9Z~r1&8*D>ee_n%ADH4G?tSs!CVq{t~nJ`O6p7rDw_o3
zI}NKk>7i|~Y*t?hMf>v#YvaCrPHtaGGO6CsGvE9Nw=aZ_H{Ej!BAWq4eYecrL2Iey
zr4>hRr-l=pIg$rD5dLAQeqekZZR~vx$$^wU{e-T39rIfZLVUg-pf$<4(fy^P%leMZ
zsf4h~QhU@f)D%+Pc&M-AwF%-$viy2PBwFmcN%5-mDFJ!TxBh59j%T=?x5MwEGfy^C
zH-M^8j^jd^cv%7fqo6b(Pj*cy-4^+C2V$GHGoG!o-0M6^)FDmKdd+)l>LmMF^H;*p
zbe!;m_Xr}-vzBkl6#P^)KIdiN19g}&kZcWRMpYr_9ou`7k@3{lgiO4k!F%e)Msk!=
z<m*nb&mC(0v=gbH8+zGMmGwxf!&tEACQ{XXBaR|<EXS7@g3&AnHhNn6h3^GcF#9!^
znsT7*0P6)gPgo;lKU@j1pr;iPSbe9*NLoG!Ads{dVn!`fwYBm~`^r@^uV({hTDdvZ
zg*R1J<Y182Q{T|VW2GZP+#d|8!&hQgP2W4-qbSrgTlJE&bIe<BHu3W&RIfBQqe!%u
zYH?SDM`x@+<3#%hO<^Ir@-W3yA9=d@6Pv`10`O*S*Pps?ALQ_vdqniA*X6Yc<B}`g
zyMJ0n`-fFNl>uB#E~IQ-0R${lG+)lbQ64khsLeE4>b_MmfumLWe5d#MiLNs%(+>e1
z0e+H9*X*l66`$#@#}yv$=1-tjJJKR8z7&1b@*3O2BXa~YTLgPP?*J4QSTuCvO1=h6
z%nVpV7J<Wo3u(R2;x!HV5ni%9Uh_T&Fchd!hG!+v<Qtg-t;-DF!Nw9wvb&vSVupm3
zYVS}w^QqAKY#`s2qN@D>jc>uXXsm}z{Ar5%lVzd<H8sdy8TAo9;5O&S9JVk=Y1d1g
zza*nVM%}pgkx@oPb$$|uZkytX`)Fgk`W@QzLE9v|LkMK&a7~6Cpa%Rxk_jsE!=+64
z?uIMBd2c*l@pX!1YJc^^qEPZTIKhmEYiSd1bDofWs@FJ6$F3d1JFQ`o5H3Nh-K?V2
zsDyA!YAbEC!iF^Oyn4Q6D{tY2QPb^b%;XF8xw}Oc_;G|a8v^`P4ccB~K)G<8ZkQLa
z5_DA0$n&0#%Dub1S4e?*_^w=MwzpJI1@YcexyuYQ_{AXSNh$Vc2DOgt_L8nV<WO?w
z+vp8<i$MpCV&-+{sW%UAs47OlmQODYMwf2?p}Z&7ga?@4(frB+?Od56)1KTk%k`s5
zRX>E_59KRA-lSYu@2bC4jtmp7{#6Pe`S{cHD&Cp<dbIoeUg@0QqVOtaw6vn|BOe^B
zdxx_)!3DSv2tw)yeCbN$e@HeHRyOz&P!QF3T>;Cnu&G`l%D5tvXv{xpXHr$r!atYj
z7(bk^z;q2tB&zDL66ak`C{PwW%cfd1K<l|dnQ-Nm)DGO82yPY#N^_+G@(o{5ovoJL
z4GB_9EIba=`OdI6WNnbL6)izHVE?a%H14+x@-0R~(`*Unufi+L$et_kW>`ELH@2TW
zCJBY&Eh~P`0v!9)k9Qg386Q42Ds`dr5hH0Du{Jec=*%m6!;t-=-%1dvdw|n?tFj<w
zZ#CB%ND?$=G`~%tdkyKrzdJ$ks=wWXpFQtQx?BW-fLTN6BU<xyi|lhTE0-HHz^Y}o
zg@ovY^26Z8WBK75{_cuT=6zFABk0W6cXOk^`7kMQ)hzBOAY)xO(?Gy}qbeo=Wy|Jh
z&3vsAsM-t(XM&%Un-9N<;b7?~!6zr<G1bL~>>+_HCNct%OHM<k$g*+4T)mHoJaGVp
z3(xCshb&GvB<nhlZ_4p_>2rEVPEt!w6QSnJ4wi!v7~AU>f=-8+K%q2**Xj$W`mukk
zb~zN`#X-dZ0uGUzJ?J?D@<@-u?7E>^rWc&)q`F$L(=z&br?;m%8Uv_ZWK><ehIuw6
z`oE!@9P-pe_y8utbSf_ynW(TohOM1tPS+^j!LFPu{*jG#_fa&aw^v0gH#tW!a@B2|
zs{BX3gk1$(Px#bF5TE*p2n;IlW5r6ViL&d5y7DEugM%5}mSY=6BR~!Km0Ww6q{4D0
zd?j>8LA@y3EV7+%d2loBJ8#Nb-<xmxfRW+6elN|{t7tyuXs1N$*xFs@d9D!&E6j6_
zruA!Rqn^L^8^7rq-GS(-8J8cX^Gc{9z{mW^edWWxSDk4S0sfw+UEfvXu=w6aMr3bU
z+I?%c=&=xI+IG3OztZAJexz=JD?Y}Zf$uoUJi-$|ekr<Q5?%KR2rbhT@_6^8C>y8_
z@bP579=cUUbeOrh-YOEGwTXh(6UBj#sz!jKLI6>9XNXjxI%+nBE5i5j=N1WdIkMEl
zqNvQz)}y@q@0q!bhCI+~zi^NJ-hs7V3e$wahMy!7UXFLcs>CVZ<@-}03e0sw?IjZk
zpa`(FF0(VjS+KQ;mAHoL-N(K|)dP1x$g;>V`vm;edT|v^6a4m!Azbo|v`<`TV(*z)
zbWWRjnv#?i{8q)^;6HnLzzyg$A+-E)IUYIQ{+Iz#Nnc~ZQ%>uWwu%wGrZMH*6wVI~
zZVMy{n;Z6gn{kgwW2E^8i&T<rHog_-v_4ia|59>9=f*y^`0S(vl<oU-(?+7yK?s8b
zS&KZfFSc*(z2i)l3ZXqA@pP<%50yIPM>Eqi2SRir9(Bi%vkr2_e%RgRJp4H2qJTxE
zv}4-~v}=)*kA5ZSF9r(7)nj;tVBHxUWnjC;Yd*?}E0h?^Gj6xz@7H>yd3U}g+pfFB
zs2d6Fv`BXfBOD~O@IPt_ej9o9R4|aHtPlxYf@lHa77>?n#`d9B+WTCw=W`WQXe=jr
zhj!T(9*PrahevLfP~%k-T9cF$|3H#RWIx?=ZyVMx)5?CoKfWD63lOYC9K8%lUX!T$
z97+R&k7Xs3_#3`MKAQ8~7Ckm|<1mB+%X*P~I9CO#cps3mncaOLtBtPjrnT<)Nyd+s
zKB_F@iqn~5R{ybko>FupIf8FLxUl8U+y__i=U!e^O){M#i3Oq{KfwsN2%tE@8g*0d
zYVTt%;2L^7{KzwAzSACPy5VkN8O@PM5NdpPP2|5c_obK-F|grYuMwFwCu4O(ZUpCj
ze|0ya+E-kQqgsG!7stzO#wvjZ^X*gfdZ}@fwo>m3x`LW}-}OstcS<G#wUg~cxKG{<
zjzRl}ILzQ%<=f<*$RfWTf)+e)MfMlNG4h3VdcD57?I;lH(d+L82XqzI9ig)4Cg=KV
z$M`frRv~`)US4A2(a#hmXBz@(x&65hGsXOLCT41F5pZ<Otpk)NK8Sq9T!K{_v^Xh&
zX7hJN%BI6sDA-WHb}{&u5}jvtS`FSXVqbuTJz&6DZFJ_@J84_Mfhz>7+!}P~-PPDF
zNJOpy6}8!=LJFGLK1ZO<q@`&99XhkIv&1o2;7cWX96~Deb_*a*<96V@G_i2za|`O9
z;Km7C6=?@FALNwU+0y7c-^Pi;*-$n8G3*+%j3(QQIQohqi%B?i#nWN;Z{R;SOM@Zi
zbUY1EUduVJJkt$akJg%%fs&|=aN_2D3L=@&fCrK_IIs$<@|cJ|(2PBYq)+TCGQZ0c
z7Xs<*#I7c-x5}X|GLz>BL|N1%b<pm`mamZYs=R*;wVv%S9sj0QA6jLsdPRGq)p&ik
zd32q$Wl{S0xyQ{3f;nxjo@5XRURD7#b&xiwOkC88ENq}Oux>=jU%loq1QbUs4tA%5
zpgH~R^~*2m>9fy$TulevexGhG$F4|5gvrd~GWB&T^FT)ie$`>B>6L}!QsQm~8E}=w
zOaV#Z84IFFbJE%c?wja|`(JnPN4;T5n||o{)6)LyT&1G<rP!qM45FiM{KZ3M-jAD2
z-FfS?-VRMW98&8a)cBmf1|6rrn%Z_67tV7?4^mjI`RwJoy8UX8O0B`Xe0bFx465lD
zx9By%INA6QUqQQ!A>9ZCh1+7oGP6BL42S(Pvb#zjZ}=Nh@v&a?!vtScRL%#YeDQM`
z1u}_zp84S~o*c-T8cm0|!Qv5q0@c`{ZwD`kB@R@9jpRKGAloI4%O<?mN%|yr;ZtR)
zc4?;gOK@cVo?}P|>KI3(&hUvxMEW$?<BNUkN~TTEVUxQi@v}IRtI<lqIKk|+Zc0@P
zExx`*u;Fh&{eAy!T&A3yD_`OqHVw>wD(*YW8xU+OnXBdzuzNAv_5+J_tK_|Yz_~sR
zqQZ<2D6^(eeym<)6Co2PAdFlhMvT;4wN_O%1*un-k@@t0X?oP0@=T+)0`y?+v!p_+
zjk<?teTN0kZk>gNuji*iPb57jfVWCqSAf3~;t=Yu8xhz}e@69{9-ee=GTX7(Q=M7I
zzpb5E#!rJV4;X}ae$X3Fm-gb32Km+jEwaExKI^y*Dvt^8#`H~dvMcc;!@25U;=#8m
z7gm$4JUipdm%<$cpPhE)xuMOxAvG)5&5q1lYVL!r`PC{&5?Q7k7OhHe#<wuWUExf8
z^6w2s6)(k7f!*mtqV_XZEF1si5^p8{gZK9T7{dM))-ng5c&BY!m0aD3qGaLOb4!{A
zGV_zjL5sX1lht&n?l#b6W-JC!tWIYaRW9%&`<1Jx=w^2BwLR08vQ!-l*m)w+WX_Pw
zCvgavEquYRsVO*M#_>Hva^WnY3gKNPOZfz0lL9T*37I_)0U)tn$e}ZN%_Bc0^~*^o
zm<#tmc7mPsq{fXuw#59mF#Kc=^gzF`m;Eri>J}_~Gyi*f@l=~R+O;k$OGi%DeD-~y
zUSzeYJYw)eG|gPn>ie*C?C7WuQ@plT!mz6Ze0qa={PwA04vV2TU{g?pA&|Pr$L5M&
zy0SEqV*mu&>JD<NUTekmK;Z`BB65kCwW}jH#=B#@MAE)?>#&qdVC|VG1vl*8AKkM+
zmnpiJRFRRN<g{t*UzY(F3th@CCm{FS{`Od7XH834Zmtp^YYACZTaFZMGUvVh+G^^4
zp^){EpV7N=LhOrW#)2y`mNC8VtAq)5(APGTB}%z@$B+w_rAL>Z)UcAC>?grMiwhBk
z>|2jXU?1i%{OM~Rv!ZT7er1uH<I<~x52D^5J%wj$@h3zDb7?W))}_(gf-^7QKIa1(
zKi~58wVai4IYx{}B0KSH?AmIKa4;*inQCFEu+t}6Gnz|{mFaDt9-RI1AJ*&S12g;?
zc%!INtuExl=Sa(~F(x&*ls|+)i7XYHruNlz_ZvpF^$*EuuIoMl_4}Wg7~XQw9yHn<
zW&t)J_wug#=JQ4nzuxuJ+zU7lJ*&vzOxSDqyFj&ERuU$l)5n#Cb8YK9uvmd_Lq-32
z0<n$jaUn^3xz8$;)c8sq4`TRCE7^twuKho>tU5K{(CWwvn?%$MAM*A}$4}^!j(jO<
zrFFet8?AP-VWhXlDsd%FF_)jzwz_o9$DAQtru@cvqs?m7eBJwMXEu|}K23p=+{nes
z#%#<-FPs8x*839RPBa=><>LPj1jRI`QWR1dN+Z07;wgBFwyD3!ZVqNvj^+U||76K`
z<)YSt3Iu~ndL@bUN&XM0GFZ}K0;w@^>fNJH%+pOlK)dfS$$Yh*vmi3vpj05oQk0?;
zM#*xv?kzTg!QX%?uitLn%7Yd@V_6w2PfRRr%`~GU0Ty4T&G-Lj@o`TUzgriwOveNp
zicK;oWs)fq;I)9ciC1Nt)w_+Pd)2R%dm+`$G|fxD=PJVw$yh9#H^`=z#_8qC%zLRU
zAQ=fX0*6u-kZKKexZY__416=Z+wWX-Fu2dNDUMz)8nYx{apt1ko~8r*E7@6l!7TN)
zeb?6pl74uJ!ib9b9cyEyV$V^V_8D9GH^uZ>yb*4VI#y)!ldPePWz*Cp6?N-x@I*2s
ztR2Jgc1?Pzc=Mcy?}4?rUGn9J%&}U{bNvPez&d`YkwYr%*CU7f7A<Zx{D>|-7>EOI
z3Kh;z8FRziyn5O@N{dk~g8Pg;-aOgsI78-#-n-s7!Tu3UgfRMqQOXT0bL{?xUZ_q#
z(1T<NRK%eIj?3XgEB1hmG@Hx&qg$4e0DZ)0^8LNuh6Le$@<P?P_5CG%|A6hqQ7N|g
zF{=p}TBb}qa1STn-KAvto3Hw#^Dv73WX>R<dcmtnrbrXNJEWMv?-}1qq)pMEXwfDe
z`wEq>TEpWpyx~ZIpRX-0{sTM}uvBO*123y=XVbt!l`}q@N#jCOsHlKGYm%KA8#E*Z
zoEg6I)xH>`c<hghJq;O}R@u~wi%HJ-*uP7X82-<5EO*#%MV_X_JEiCmw3sFLAD#4I
zb6x&wf0vXk=4@B0kK=V<?4<{Zp8we|tfWGJdh%$vp5i|DiT82@ctC`)^zyaVjhAA)
zqyX9RS~kzmo{<r{@^v>xsLu2n*MHG17lgHeL?i>*!EXsc5+~cXPEj;VIz{zDfsXSH
z8Q}DdN3H%fjx(bS%f3WtfDycNZ~rUz@3ZmqFp*-C^94Bi>RaM$C-iwKIV3wV6To~j
z^jS3j$Wn<j=7zXa4j7vY)4=xZKmRWGBtOZHcDWxHbRr#M#^|xb$Ht0z08+!N&m{-P
zB@|<yAsbgQ?;N00dHn8YI~32V;OPdZ=I601u-79yualJ~V@7kE>`iMQAouF{Yt^c3
z9D+<Czok-48*j~BT3d_#68Yc8JEOnZTL6u#vcQJ?h^_7XX|HA^`b5`EBwGh?Tl(G|
zfFoYo{Gn98NAX#_1<1(og8Bc~-kZlm*|%@NNs+y~vV~CDMG@ImZY`GVTlN^T3nTj!
zp;Abe#=c}543TAQ6DlznvP@$el6CBiVaD=a?&tZvzwZ0FmwJBhAMYRYUwtrhUEk|G
zkMlT=?|FVNZ}@*k-FH{8#jp=wzle+O1%@jBmOzGQev9pENf8F>2OfgYzMKB45b9X{
z{inoM0W0#O(D;kE#zc1czxy?3fl?WExpw-47w~zPtAODr2eH<G?>}2t@8I^RzTW3~
z+W)<o|NK|Mso$2wpIux5A9|&K;?`I3--2pY-)0O7VTcKQf3A9Za>cuQ|7*+`fTbVE
zc4hhgbJ}kM5z~G<e&PFC@V^W5?|=21zXK){^O@aN4~E+4Sy>1&@6WYd=CeLD90qXG
zAjBPRp@T=_tAVhYJlC=DePHvMP=$E3{bPef5EXI%(FU<beE-M)!(P9Og8zu-@9zc(
zFnzjjmLIY;a$B4J9tZ#7r?L3}v0hzozW3$(r}Ceq=O2Fh?KEIKuqzLIk6XXL;2*d}
zJ{_RXX>vAvqU`^)Hoz>Pjo$AE9{=M(|HJJ7QIt*(@Zw&ER@=XCwfd*!jRL~v_j8Fq
zy(|YFDzWmJ#^<v~xBP~W{}35}xzK#<fJR5mypi}G?f&8V|1%K$MS&-+Bgq~49kBfu
z%PRqdomY>Y<=+DMKP}a&A@HQrt>l=w{^>XWF0p`dRUquLTWkL@DE{s~zZC*cTB*U4
zTlW97ya+&Lwf}x}_UE7XCj;O~`v;86x&EJ)*XtJ`?4nNL|CV<A)1pxT=Fd~?#{fpH
z(UAN<X94_UT*Xqr=0EWYh|kLuu=#W3qJYhx=M;s_{5h)se+n@0VwOPQ)B)N1ix%c@
z@4jF?al#ZoP=X3z2URr~6&Z)O7Bb1Y4}Wp)hZ#8xb%E8yjEl>F$)4K_gOw$EIoA;G
z5(|Xs&J=cuA{UcVtA@82yDR^ycA_Z{(r>bfn;s28;saHzhtR5fu4~ii>Ql-Ara;?v
zT>7<p_uh0urCWh{V0U~;b-Ik(;6;mDXa&30=*nmw#R#;*O%wRkam|2JTCFMujUZHF
zIOZnivt_<k^&5#KNtTzZa=bed*)HaQ9S_D2oQtt6)Bc%4`|#D}QJSca&$-xr7hOKT
zega+`miN8=%;EI;fc3k9Q&2}O9{+x4U{k=v5^N-xQqT>8Y>v~`kr(S)g46GP<QxEA
z3`Rc!xv3bqP>Gp;erfawJ7Ox?MdS9xWFi4$JyeR^J^4IeI`dXZLm)Bwsu8=Tk6z7S
zdf=i{-F&&GLQ26h=tKx<z5?yKF^{#4yf@-F_v=WNoB5Cz>fGAtqq)&=UdZ+v?Q|t<
z$krr#?{v%}a-nLd>*U3|y0F>ia0WNvC0WLXhV};exAy1X!qYw~g6HDbg6sWO?vPhn
zd0Q4-hDvT%mP=UHni3aBdgtO*f=TPkq=JbzT@}D;R$(1d%z!<84P{C2vkWQF)7gf?
zH3P>n;B?Cf{G6PI3!*l$Y9}Lv)CPPytM5F{Z{m5&nDtG()~oYPiQ>RyJswk?t{j;7
z_U@B4uLi*)lhP^=<c{pNtNUoZe;4tF;B+qe-AGXYy2`2dqff?M?ObDL<t*8u<JE<6
z<s99jtE>T%;F)gzZ5^UDEH5)+G|ZXAh_wl0Y999qnMu}4mAhbJIIfcxlMJs8l5z{c
zdDM(YK;emHL4r%lmJH`I+zq}MW+nQe2+B!#(#ph>805~z(8elCGLmXUQ?lV=va;Pr
z#@+^Ku}F8((Oc>f0WWzXQ}T#t%ljj&(Q}GlA5b%URy3P5(56Fnx0V$@bawCfwTt9G
z%Bddq()1~zWjVzi(KzBYxiY81`*mnwEkcVBoKI|QtP|7JBq*6C2UoT3;eaN&QGdYB
zUrkNLSKRT3+Pj#24$x617;Y+MFNO8$s5ZP-herN6^8a~$>s~wP&m~^F+AgNe^N3Yc
zfzW4wdYm(VDTld?{&<16N1g9NdkC$(yB^h}A@{m-wqkPy!A*zR&uSHEohej^Gmfz9
z5H$UE^$PS9k{9MRRPYRFo$?Hrf77Zl|F$%`eaHjZuuy?k5h+rzpPP^@efM0USuFL1
zoAA{o*29A*vY%Yy*}KpROrN{G)eADd2yZ{Ww@XCk9I(DPL3~(JHQ3IqvN=|);1<KH
zI=YD5+uamwxyLhfuazfBYCBVR=(vuOt#!y2=re)!mcq*W;|3A;PL$OW2FzPDEZbzu
z@bJ39jJ@q?`-)~KL~Y)%=Xtg14HCZex~=LtG6uOT!}#f}xlX_EDaiJ{m-#NUG>1l3
z7iE%MvfYG_fN{aZ@cvsD;oZ+i*RXH3(D;56>&i>GAn8dsv*LW&dB#^>5A_{_);cfA
zdVTwJUMt>N@9-drxRi0xb8~AtW9X%h3MU-q%%&E}tW6Hi;cJcL4dH;}Q$!2aOCdXA
z{o}7w;Y5?FE5oj%f%G!M!?Es~8^P)LKnV;%Q_<H*3_+SJYC*Rjza_^%UZJ^!E^Q>i
z-fLfU{nAa^STJ|T2?;C?r)(|OEe!(UcjDH{l1%ku1|7t`5lwpU4Ln9N)u&A$=~o<k
zK-amYqYZ&@-`1D&M&sv#O&03cx@^0Ju~Mw^=la)doHnqh?BGqOcT_TQ3?~LOgx=zL
z^8>rq@^hu<(^*ldvuSppd^nXa&4n0lF3#k{Q~{Z7UrU$xUFXnW>d*i82Y`ELqZeTV
zm4Gu7d-JqWg$90k<PLk_O(wyzB$qAnLUo2)17RR9dN2WzJ9pzYXEfAC@2ionK%C-Y
z%^60jT6tJdrt?`b6Zl)Gw4>l5um;1M8aI2=oWi%osv-BP)>DD@wYB>Q?_N8bcRuxX
z0>&D$QzjLmaD?2ic1v;Lt!F?GZOGB9YbT`oAh56BuIePi*Lcs{JfP`yhuz5>OLT#W
zpRo>J{DiB_iB@Qr#o8agbh1HZXT3KM26CSJ0-qC`Q-brwH=8=o9SB}+6N+rvWl2MZ
zK9O+kf9up+7VvBXU*}rUDeK#Pg?6hbq6JY4ue{<B3L8|~91F{%7Yfm271x)Ej64-^
zx1>x{7O)6PpM*-%zuP=#cD^Yi!&$C(jf95m9uM#EQ5EjUyqpeG5z+lRXcf4?8o@B^
zS6k}QKuBx=^0epc;B}yCw#@00lyoD#Feg445!gn0L!yuwpBMb#^tx&hj87I_aE3<j
z*Ub`~dRH8|#M`GDh@*i^*aE$r&ng{$Wx^Pu1stF6Jw|T>(@%nv%^cGb$}|+3PFIIE
ztJBX4zkef<46~V)zQMn##-e-?7Cjj~S&N4=h~Z{W>H8V<Ki#(5`Swyr3w?rQCAa$N
z%<(CNTl}QU{s*Y?ti5SHm13ZNsk+3%%0QVV(II0&#hZx@wDxQ!x?j1qX2r+avaFz9
z>$7sSR+0fh$G^~P43uP<C^eiq>uYxEXLLOu0#M-JBtWv2<+M?YwRj1GR`0`f@S3kr
zy_RZjvy}k|mH45`d*m804Yd<2R(9de`^TPfurJ%QI*?VzQki*$RO7s->adUZT9__9
z%Hrnnd?~2ij8sB4(Qy6RS_(33_|=wX2NY20Ry{JnthD^@F0`D(Qw2*CwTPHLl_GcV
zj-N0PTQ3)Y<?XQzUirXo`+-+mcWh>R4IMLuppx%MS5{<Pd|yOc*ozR&Eof;>hJ}kT
z#=3JU`FV28>s?<$?ksrNKJF>O)1E)UEWcF0He9@HWcvcLyOuFtb})Q8J<#1S{Hl@r
ziIZNfxwpQpJk^@JSb89CkUx_97|rpP7h{nJm2cz1Uq&!-RT&eY7M3H8UrXsXHi_{E
zMJ39Pv9QfH8aUoNENfwKeQFYw6q(Z&s?NYBex!wm-mtJeG1MXiwUJyfLClF!aV9-8
z=$$T)*4f+Q=YUwl-sWW9iefwG3IO5rXTU2GSjCJVHF3FFQ(ZnhxgDt2l&!c_FI}G}
zb@HSkefw)|pinOY%W#*qftL`n+EQF@^bU2n*Jpu->16!!$Tu8j&{Q<#?sX)KeZ?qw
z3F#r(xOu1Ma6>iWlw?#QKCtw)oo?9@0M0DzSb&shv*ua+tJW^c={L-+P4Vt+UYAqE
z-p^oQ6JYR}tuRDO(@#2?mb`uHG=3F76IpcQ_4#~J=@R@@sQQXVCW#S4*3Zy{mA@7R
z!;O9w5U4J-FJ;|PssYZzXzNn#b^KsIR8ZV&IMNm_ONeCg{bC#09#Fu|{^#o8PxZX6
z0AL~|tbxRVImTv=UF%Bp<cV_S#&V?ytr%psVw{5)@J7$w?o~0Dg5xz;&xPC=j}hqn
z_>9wzMRnWr;_MP+uddQ<NcJQe%$H=-Q*2f-|B=gsktNHvB_gkDOo10Ea(M!VC|Lb9
z=9F?ac5V#LJmhTdR%v94IGwyjeitudFuyV6!P0ty84DD|3849zsK_d&lzH?@y~yj8
zk^4YYu=?rgwp7xd@_V;WJ)>dS5z%N5`V!&w*8?ykF)lezn~UZdRP;dwKy>mKp4P7q
z-d<_VgWYvrfk`21KN2TD?sR=h&eOQ5;CR@#?`zX(RoCpY4uJ1@WCU-RZDu6uu!#o%
zV5p5R{7@u6>7{MxuaPAzGqR_^Hex>4mm#Vo9kl5QaDBa+=&QH(h>$&YW=C%;`YrkV
zO#=O;liQv~XD`B?rB<A;x+6A=V25W-E#JA+EmT!dGt2Qcn##cgHH}<`gNKk1$PhpY
zb3i-Z-p70Cb_(WR!A>I*+xt2(F2GqYUj9p4tx2w5jJA7}f~{oShvh89e}gz7#evO>
zd%GHJ*Y*c4t8&p6hmW0rN13>Kp$sE17L7^m6PpHyqqc)*gNxB;4^Q;1V_|E{Ef05B
zCzUOF&|!z7+R0A^-S-mB-RacwV9S00RTu2CXZ#tE%G5dx1C`xKkW<-SZYi_d+}>Ji
z>B`qmk(Dvh*8{x*D6pWqu?+3u>+9?*{qkmM#zy^F!0AMJ?F@qvF0ezdyGCK$nUg1e
z^-N%XTi;BbD`Rxfe>OL%8OBO~yB<&owg*}cbA06)MFNDulM}pa<Ol(;8#*fSq$nWC
z+D012a0}@AreUxe52C+)jbnJF;P@6TZ_rWS(;2dEw@ri9dA1dOW^4lI-(2^z94-%d
ze*bJj=|M(V1iyE<YOT-gG2;diaq)GN=MhFuzmm82asSF8H#M>kM!#QGzjAM939>Pj
z;*ost(Bi3?-h3Uu;<-og=pN@4{7dJ+wmkCqBYPvRulO3~cA!1_1Dp9505^^se*yaI
zg3I=H$wEx{g5>ByiMshaDISgfLA_api;glzxq32TK7#<~;-NYHcD_w0qkce{0~Y~<
z*8}tpXx>d=sxDr{#;A~l>)qF;IvI8djdOj41{_a&id+Ib>gI%DY_IcNiiyR^i{}pC
z(QtuvFYlA}s9bvU&Hn3EqXGEtHaC+c6YzUu0|7xJ`=^&iV(51YK44-b@iC~ci0O0&
zA<LkZ4|<jS5KdK&d!KI#nE}eC1si~~44BQ$%2L3Iy?P;DCal&_-M4KMXKi-YsGtoQ
z!<x9NO7sFVu?V-ZgnRld&90g9O9rQJJ%j=Se*D?_=>hGAGT$Dbi7o?x@zF#wJaIm_
zcyc7jzrDZG0{-NxvVw82!%`!8ah%|}lw-)xamkuYRCB_nCaGYof(iZ0h9?dgCKUM@
ze7SBbQ)w41|1p5L$YXtWcC#86!W9vI(O}w(G@CEffE#WPxhy_fsAN`F@K(bSmI(%^
zYF%e!X`$9m_%=~TVO#(*V%UOcB<j1F^zJO{D1CbMFZQY6ehF=Kzn6$yeBlSonY{)Z
zR^CASJFh&5OGm9+N{4K3E|ay<j-=G?olK$?a6m*eA#SIeY=FKKK-1@)*r>BUU*POc
zS|p^TbFz*a8@$s)Cz7;$_y_HAnxsVoR!JFuycIE{t(g<K*X@|rhzD!Y8_X)5SjT^P
zV^_muMAz{;_qh1y4IirjNkqGP+tos-k|SPTYe`y0IdCrMrHoNluXMIblHr!lxm~3K
zmx9C&mDKT_Zt03=g!Ct>C=tV=X^&vuf@7I3D>g5xvd$MotKlX{qdng7i#fL|oe}-b
zZnOTk(FO36>49C(md@N3c}}&bSoPNNL!6f36D{J)(87R_4IHmR{z5fQrI_Qj<DuZh
z=#w(-Cms*T<2kjEb~9ulqjy?pJ5opwF|tT7j~HF-3n;U0dF<@mZXzOiZ~KL-S>E4n
zJpNISeG}AO2vwgubbp6{iA*Ew_Xyz6mPSX?o76DhTLJfH8KkjT=6^&<)QQjgoV30*
zG3(<n-~}k=!sp!b`eC*QuBKhznY!<HKaFQ+Yu8ih=y<5`u9UlJ+L4j%RVA7Q9UdOu
zpyj6X#giMn5TnRpw<@e)^8Ed?{Yqdy<NR*FBFj2oj>O0J;r-<><{V~NTk?Pbh>iWw
zT9V#%(1N6y!Cg?V_9Z4Y$>b&L40}}4#d9yavInE<tmr*vRP<<j>=(Y+#V{#eCa(?G
z(hG=KobaGuwgB9UaeJfOn?lbfB5(DzZN2Ti73JYuat~S2ppXxfuHp6R0UHpw!4BH}
zhE(bax_y04L*aRG=SriI^y~=(edE4g-#;0@0}IU}29(SC%ygHvc-CKyP%y<?^qpwd
z<v26i*R-=sUSbg<Pan0GP?3-hFX__<&k(51*{%F+`<zBu)C#5Fz(&rx>^fdnx{-}G
zkZEv?LkK^bjr@Ef+3TE%Np;$0kxCBhBA`@vvZF@=bZUT+BAXY{dc-1#Ylx>XmTa2V
zLVy<8JRH5W>!>b)`87k56r!u!B*V_FL1@StOYSluj_lL)5n3Qgt>v}&uj1bGpra%k
zIl>Qg$xo-o^B<_L4<r=L2%pa$yWylgo%!GeLvZaRFz|CVjXrR0w{CkC)e_iqZW>uD
zYEWxZxdeDI7fP1Ct^)MpLm*o9668ziqt|1Z4EoMc3!FCszQpTTZrf05*spP}-%%eJ
zVBM=5WT_Hlc(v7<O;$sDwTVuN_~d*33d>vC3)vy5XDGtDas%}{8#1=%eA=oeXf;Qs
zV;A?bnut-j^+sI*Wp@3QX(!X^d;5k2f6ivT;RG;Z`L=QISvFcsHR$E6chz2qZh`Ys
z1JMe9GzqX{Of2rH%URl<kT2RohdHL+ySC1l-l1YKPUNLOfp}M@YS}`P7_p7y$#z+Q
z(AGG*1&_|u4H|um@=#;l?NTAn&v1T(Sbt3FuR+GxuNi2sm8v;4WyfjxKxVD<FB@DD
zF){1Hm0tA-i0DC_b)m1EHIv*G&z{y(jzUa_Z`PLU%bXsmSeY`>*4n5u3-bSmQPV%{
z1eUWG_%>w&g%jNflpkHK1VPzRzlpNm^4+IZ3PyDgo`zn51x+N2M%QRuq4&6}3~n~y
zyUZ%u*Z0r_FzMbZgEvite%;Ak3<dgpZ$FuGlHXBZ{+x`<vPQwq*a5a=^Q~!;=FHq?
zf$YAw2VilFZTQ{33q}w+OCD3Bw(DuQ{_U>exyL2m+P*>bY$A-=#_6q@3q=Rxi<WzH
zuCu%>QDBFuA$IT7DsE^>Al{$6<X&uaOd-zMLSk-N*Z^A8QXqP)ppd?ePAK&#a~&^S
z^zp}jeqTU)Rs;~{!iRRgMoBh*@LA}0vch!A@VsQWS>uuwcq2`)|Cin!LP&K`6_0vl
zh+vv}WjzC}lc_c_U#Xwp45DWZ5wX^usIA^%PIVsvCKcLNo(QEMAr_Ji`D1*Ni;S~C
z6KP*}@OgoTX*EWO%S$p1EF*!KaO=J&{b@wI7-hCaE8=5VTw&pHS6KUz@q@@c&n9MY
zA~@~+&X)UTUWz+?5ioP7d!WrDq~I$cb-g*pys|`s;lqHVHQoRRM>29A8;#i|VVUte
zId*zNwwB&t?)%!rVsDW`weqV*^d|~(Yp)N>PLu-Ec51?)@sl`f*h*ZedfUJ~9+He?
z67gQSTau4<+_|MxVE8hw<fZd%r|Dc`?BXvYlC|sv?5wDTQ_3#!O8rw^Sa9vE#M{h!
zOyrC!?oc0VAQyqT)Tc0kqSWkJk~qgnpH$42h+jcw*&^OY3k95tXSJkk)YCH^o6M_A
zCv-@4xFLSQ(F~5So47$xa38J_ej6)(sEF{HiEZnlhDoRP6^C$p%ez;v!QSOB=ZiXv
zyw09dMTH*^<=t(NR6Xok2|wr@;Oj%h8;qP;Gt?&E!*K%BolfwBspM?}GRa4$HZwaA
z2^=V+5cA8KYmd;0gE66A63azs1!6JGf5p*ETeE*S&~O?&SD2r7TRe4<_TdE1AFJe8
z7bpg8@SQOUHSqhOoa1m@e052hr><El!0NMf>S)U1Ru9!Cj!MGx+tjQdd1HagiaNZE
zRmB@!0y|cyq3RrP3KO*FKmX}W4CC}H$BEdEJkV<KtN9Qga^G}LU8Ib5f3*+q3{hb3
z{u!PkmFq@K+N`I+d-&90`8x8j+oh1wc8!EO<5DXgcs`+jy*LDr6W6bZS2tD_1)842
zIwqS(oBWh*K71HvRQ3rhYLqVrK5a-~MebWK8y(W<M=zu0zCJ$hnf(j$>*G*KAe&2(
zw>i4D#==;dqrb3QcwV{6H#=bN!6Y{Ey7!^HZBEl;+zTTfO;$#In@=9FuB@(1XP9Xg
zk~ETeCG75t+1~t=t9lBK;pe*mc6v9RMnkc2RfWbVMqj9Fpu{{9GBTnn7p{InOIHyf
z@j1~+A=mZ6Uh87&PG)IE3WYGz!{i9d$7&B@*H8JMO@-S$#ed<vbtGhy_&^~OFZsDH
zkGUDHwhG8J_K5mnr3HgT5{eApO4A#8>tiiFD-Mh`c*aIdu%=&JP~F>#3ErAaI?1TW
z2xPj8`-oxI3s+G#k>N=g)#j2wHQKP0{tUu1X%Q684iL}BqtviNnVxAbwP+8-WTNLq
zY+z@aU9Hj6VPArR-}2b`SD8pysfKZ3GH>=16IuOfQ}B&}=|{<nLx9r`g`KbIst<@E
zF5y(?eNvoxp|?!H=ZqG0qwa4K6rD4CKHsFHItEb<fXoHM66e>@)&sm7iXLJ!dERU0
zW;LWCF{dv`$X8Y%*`^iNU92RQChUhKW|PmFkAiD-e65Ad8(%xk0@U>qtDkPHzBWI7
zxB_b|IIWd%%24J6`-ZqvhI@K*7AaMWmD>}QyEaD~wT=jC<+=Y#v}dNKOPM%aDLZab
zD!;eA*0Qt(2F@BNC8k^J37_gXp#fh)SYWL2&F=*_(Oe;58OR%-Q1x0JR=&>-#hzu+
z=GvI;@kn0gNWey)6AxKaZP~dTy_cGcc2~YW>yMH-j9G`4qP;pz!fO@4b7z^@5a9LO
zgT%Psvd+D>D$6;V)J06;jX-@<lzeIPV&gtQpCgwPnTnEQyX1$aT@Sah(irp-iyMLS
zq|=R9NxoN(cM>ybdrM5eE!vf++Pr)4C=+?mfL@d|F21Muj)hI+6J)^5QQ%NF>#bVA
zt9m>8x=CGCYsur11%DJTR7ot4OZ=&-*yfcRJa@LCU8T*FCNDpilX7TD6SU4NWBJ8|
z5W@l;?WSyC8zcfSAB`^b2AZwCWn}s(EgEzPNT`B~SCO!X3aO|3#vYD~&gm{F9GEL@
zZl%5{;D!N5bmSS-;M!!3)PFH@@t?_xY*t%VG$OUG17#&yAsP08nkARV+MhR!0bj6I
zst^S;aCholx^a?auLg_@TvFzeaW<5Ll_lX1Z4Y~+!y#K%WIdrld$NJR0r0@On3wQ@
z?C1*T!d>TD1zwa%+I0W0^6_Z<%`^LS@-03yRa_}=YtE<i);s5wTRFcKqOI{Ke!0oZ
zeEQqE%TwX(R!62uX<C2*fh{8?I&AhAZFdSQWg_9FE-;w-ZY6m7)lDInYPV{4r?lJP
zVF|g5cf0w-#KnD5j#z_nqBU}kU8#>|-CtWHLu_C5sJdU0OflJOD7rOBZ-;o0R+X<|
zJNK<P@BB5Tw;WwZLJG<s6ur+ArGadrtcQ!^OKWi_);|Ycna+92PanToQf#r~mUj{^
z-jw|rezSa{bjIcdyjmeHhFe~W{@7M)ZuAaJFvr<rRu(z;Yq_Y`VDu=jM8^pn{OThB
zX1v$aqk(`|E_nB35ZKze?=n>7)-1SgR=jkNry{gK;=#)<Vma?;UEwyPmp8v$i8wR4
zGP>515Yo@R*X<RIo~&(zh_?YJLG6HhA<hy7$E@LRfv>MP2wSw$4?l7EWv|n2MY#2a
zn@zOrUMi%SoSfJSr1ruR;0!Sd?K_sX=ks3kMY8#%7d9qYJP<wwoFb!6#iooA{&r%o
zOV>sXCj%U5$tboqTc@0s=u~zi;}?>a!CFRz#-Irdi2v&+`1FRH^3${;;9F?x{e4DL
zd35JmDRhr9wcUzUkN|}xiV7F03TBceu@$MnF+3T1!z(lW!Hw@rQ>KhIfFn3+a_t80
zhl+~Kc`IS%XG3~}EQdCE={zAyd`7I|B@>~Ly2aX}!fd;GgmWy(0yC}n)4>idyOB2D
zx1|dKS@F;jaA7Pe9KPxMyPgYWEzAu4m8qcz_t2wh?*@IDcByfCMur`BOsu(nPfu#}
z44A6X+POT|Eip5&d%>6Gbo7n}orbQR-Cd3NzN0eXm{?=G0udP&C$X#}`s28z-TRh!
zcr_70Z1lz%APHtSaq{@o1|k+;vC(HAyd+v7GyF~P5-06hhX+1fr|#A{m5kl03$iSw
z%|bKXl?daOE_=(w9Pb9|1}AE^S(~7DlgbBn7iNO}mI85#5m(Ap>DYOEy01)Rj;M!K
z;~&2E4hxz-Xfi1|@A%-3qPgCMn@7be1U_86k`>>FBQ_GBFHO_DoI<_4rQie_$lkkF
zc2{EEkY&`B`d5&rH+k#J7t}5`oij>>j77s4%eyY`5+aVyQ4yiPfJz%SPTtR96z{zE
z!rL|{_w7CR1H|lw1gNolFy5R+CvdRWfxU#*%rVwY+1u3N&ZlRLxvzP)Br&On4z?ed
z3QF|8Sn*!m;8<BZA|Y-~bR5pe0oPP6>NDiX5l`V1{+u2UY@B+ef-{3I5t1Jcc?3;x
zwO;wSwF^ZDP3fXzjRvrcnDUZJtI{J)*@X2rLq%VQGT~NRhdq%B@VAq%9)6_@7x?7a
zqt0G3e@9XJLp%F%kMfcA`x<n_w^98~^&544cuxC48@<r$ps_%%vs)h|LoQT_3<=x5
zkXnXR0PT?1rUokuz74)KYuEREk08SDH@FCBNz0h)h1|z_yJHCzEKwT4OlftHL>s*-
z1BbULvQoZ)VZ39l{;@=@FZR_VzGA#30opd%AvE>N%?y!`{PmCV>BK7KHf9JgHjLue
zENVc*GoZa<uyry$TR(pT!Ul}py=Hysq&Vr*brq>D!B@DpHy32WumKqr70)|P#A7`M
z%{r^xM-<Llq<-$QH&SJR3z@DrECqXj24KTzZ|e+E=xl`rE#B^plDA{pp*vm>H%%TJ
zNpvg-Di%<77r;W!Ff0gya-loYsZ5*T;;igq!K2ajX0Yq1aTO1K8}eni3b(U(Kc=a7
zqed7X_$RNiy8Pfz-gES@^OqS3(|D>bI#eovw-e$L-p{~g!l>=#NL6k}8d0hT<yJJc
zAm0av?&Q&=z*&byhM)l@YRcZ!96Bmn-^LwP$=JTRm%vQkg&58js!3GkhR5|KH5&VT
zCeEW4Nv5MK(f7Icw|K_~F^#@E{c`WlQ!^RNJ$y~LY7nL^{Z57&KBQ8Naltu`d4wRD
z>+LrZTrBao7qabwm8o-tOk7olM>(UWny+AkINuLTNE7|BxeIh`{n9L;sZs=0?&PI*
zU^H?%1F~y+PMW8G$9Gy0=PwJa$pymg!5ZbJY?FpLqlrvR2lERv&M6H})0Cy-G$Iw$
z{ruGylE>b*b?E2XFE3nICG{jw4VqWEa#A0iBtLI-u-Q<=ZFQ~4Ay*Shm1vmpII$t}
zKy{-`s_&qaos6^+=<<qTp<|u1W8B>&bjLBehoFro@d2J807$|YHrV?2hJe`KXfxyj
zV!I&SNj$9n`1`^omsyNODXQ2!Cg|Il$Q>dM;#^(5CEk?z=yZ9*Bk937v#G|dP7gRq
zuHv1*323>nX}nwF^7Uq2I?jaiHyx7Oo=HQU&SXs2i%-uv9FF>oq*E6cz0L#f^CS=9
zLM-en&<!MFFYjzpVfnm#^*qUdYzRq&M(kS@{FstQ7I_-Lu}h@Jpu|RPxk_%@$+buF
z$n{)Frv1RF_Foi6eXDHrO?any^(@FYApnaYDgv{CM6g2)O57{ONcN<-sPw~0;_=Kj
zL{fPJ8VfAYePf4HflUln=etPp3kk70S6App2S9UXk~lOL!;dS39!6E+UB-d)Tba|7
z!0j${yxQly)mhjo_m&I>4MWuf0mH$w<3ekEjENOWrjnUW;8jASxd&7c+3r0)OvH~g
zPX5h{s($w)n>UwDfb)+|teWf$@!g`?19jiqMHMrO7=+=Eg=~>9NEPOw&dd+B_I&d#
zyt~W%(jWUk06;gml0%fU(xs?%21;ljR1b*~_Jg4XuxHI-Ew{<l(i{9cUV!n(#Ob*e
zsk&_o!nLQoQkm0>xlQNX!F2W<Y8vbeC6(qoLM!XNEbNcEI6#G|)hk9VK8fM_E8P3S
z^wvhMweJN0QNU_5XOUdtM<}vxIHn;#{^<C}E90E6EgTfFpTtE79^$}R>(tKdOulH3
zgvr6C_e=ihz=(|PZ$cA`;wL{@(3CnhJ@0sW!F_WT;x+s&`Dn#_YehPt7>mt5R&`_M
z^klah3y-61U66E<)tpTquze^MA#8Ha(_erpcH37zk_BjK7zcV(UfuTDF7|UP#m`3w
zHGTnJ^kSj&wI1lBxV8NiqB3|RW81N0uijjzOt?a0GQhamb<Zr2P$xyLp^{dslCZ4P
z91rERcMhbZojm!f3KRCpWbboTCD3U>5F=vLG2H>3hZgr){YuWGQ(ncd-%7LPE<i=Z
zj728DXm&5WKd!^ATBH^ZI=a0dzpc;)kX~EEeY7%>n;kpvU3y5ed`00w|0244dbk{4
zP3|3-ZssO<fy)YlN849kV0+xbMdsRFg4nJ+<Ej+G>UL7xd2=AB1MucJg)Z^x9!`U)
z=5rG)78~f>#9XgN2b>ky?48VHD1!t?hTYokN(^KhHjN0X(!$;V9*Dfiv^5=r#9FGQ
zwYkRQO4$x?o6v1AG++QlBm~G4+u!I%zMpn5YbVi-2p)K)Z!LzZunElIWv}1PP)Dtw
z5QmWkFS;mu3zh9<vo{pvapRI4bB2@J<tsX`s{H9I`Th)ma}U=7Ckg`zd`e1JS^%=8
z1nJ+)yVNk-ZZjE_PKD;=LmG3OrZzmzw)yc=<Av>wYGfzOt}U~Mu}We;e$CwHz(D*0
zok78=!6ISY$J<|>Jfc#$u!{XHc(dj;t)x>fhgx&Wr8i-6`>56MO;5R?Z-j?L!-k}}
zT6@zs-j;94SWDM60nt5v58<dZ!8!46vM^ze^YvU)fdNW_G>`m6JfJ)5)WvVes_m&u
zNKUCTh1^rFBN8T<-WWQXTyc7lKD_<q`_SCe((~Mq?G-U=<T#TDhvQAe%5x8;u6Gry
z9~5x$O$Fc@o3tWkV1s0iBM7w`bx>6x{)J0BpqZ=7x4g6wJ<r`Q+OtI<;<~?bI;LI-
zX_(<iF;|t=YydFP3OX)O0iLhKSb0aWBw2X1$)SE_`}9m7YUT_pc0?X4ZyUpLi;1v=
zEQdwXDvePYq?m8Hnqd-{N+voTXrn?%y&25FF`VrjaR1?nQ<v-oOA5<-RG@<&Z#QLE
zbSb!e66dDl<py@hiWXHDHZ*kkGpaH9hnkOZ-;`f|N8MV6HHB_Y1NC}od4hM(Z(ER<
zX6cIs-6`zn?axA~OWXImBxI^_sie@eff|l+v>zaJh$lgvRQ9&eF)78=mq3V4fGCjb
z(}^kmi<2Qx@~!slH94GQVAr|2kPTbCt<@x?QmX$HbmFvt>7ax)aJphB&w@g3dZ6Fp
zqzGN%D9|*;3-B0xNyl4*3~E9HoLQ-#s=9mxfkAj`nuU~*_2sRBv!c><ymfAx;g!xI
zD@HM1jRL6&Py$<mf>KaY-7x4A_&f+ZJ^vXg@V*jgaU6dMfJ@Cnq1~NDf6p!zOo;_j
zKYcYmpRu}bWZ@%mK^1%#*=Q_5&y?UMemgJUMsJ6^MmXMLc*+X3hU@eQSz9@EsX7(?
z-8=FAHs)>QAHqY`dC6Z|KVl=UCQ|Kk&R8dP+%Tj$3TG9EVT$$+29VkNH9Z|;ls7oi
z$-~nFMI~GN&>Zl9V3;yMdQlGXrY^q!QKe&HLJ|;b7m8z-mOLXB8Fd0azx=2^O%pdT
z1U1iNeCAFI!{Bc<ptX$Y1ag(W@v{Joyc#87@#0}A=Vpq2bgnOg(03o8oRCV@ikJ?b
zH99oN2CSj{C7{GN9x0VEIdJko8cucg^~(rAvk@m8SOEIM&!4HU0^moCZ3Uwsx`W98
zvZa!hxL-IYL^)?HB6->mEHa+e*>ii{N1e;N_NtW;=y<}(7Gc83C@lt1)>m^HjU@CC
z<`CbpM>pgFsTMgjx>2=ox`Obid~`Ljy11k29#97v_Y30u>SWZRT&V-(ITIu)78{=z
z`egFt3veDyfBuq`uA*&9JmI7yUSao(!X9?sMo*cc-{Ol~Ao;c1XCRo5-9-hsq&W%{
z#Da$K23={4c{+%pkwsZ<|8FlQ$c2!0Mu{!=xmT}lPXiy`9}5NRd+j!Eevmxnb*m$R
zbn+GF-D6c^xs6Nxwn&AGv6HInSuD?6i3=VO@_0c`v}jT3q1dU#KrsfZjXdT7P{#3J
zvCqmmr>!<}7NZoDWGZ7&>E0-~YNZar5sa+jUnsYrOLx^ND|n>jy*;TC=hm0&ZXH~T
zdiK=c_Xd<9SWw)!*_Td2NLP{FT?A>isOkL>2-|_C>|%3=4HvayP@VtII15B>l*P*p
zR}RwL>7OSPXre-P@YXSC2gF8xA3tyr75G4>bSJx5m+OJdN!L1*@ts&q#VdiMq(?$Z
zS+35LmCUauTS&JN!WRu?%kDxIOygb1eah9Yj>@G3aQV(&jPH*8OYx+&aiC*^JnwA-
zEfGhv`ZwOyq;sjN_>zDhc60Ym886fccCH(&ode-Eu#Or0S%%?%0_T5tP36Bhx9_uk
zY7!H&p3?&CIxA{4E{98UyZg0p!S&Bo?0suduzzu7)_SYm<ReJ>%Ud4PRA`h`w~|2E
z2|QM8pFlGrfd}-Fs+jXFmf4=iBzembNDBtZdQZRJl+las{E$vS<ArR<B43m>16)s9
z;w4okv@<LI*vVI1HVtQp{9%_=S6{?DtBX7TF>TQ&zubHRpPOW*5W%BgNL!0$I$L6r
zZl1^7W`8ZAqgX%bQCPVSXEF5362W>wlIq2}ElvG^v;l|<bkq}TrOZ(oR5glu&dAm&
zi#jlg=<dx19lLQeQ;0fN`h0`Rwc~LbW7B|<bn1S?DOcr?vayVS2cB$!Uyo<V4Fk85
zYLQc=IfI`BGT5`S$kGjjCCPO#QbV0GB{;=Xuhas)oT{xMC=yr%c<}{d+Aq2fS3*z;
zyXU>=a1<Q<<PpQ1O)nB?NVpdZrcup*ONIQJvgD-%l6_pY4FEF-dZOb|V%$#WyLCc*
zamwWz%^o5;A*(Mj%CXzh8CxC8m8HRM7NzN|uG?ef5Q&<x&~eM90E}sx7n)t5IEhHh
z?fK3VXcU@UNCuf<WFVQhZ7Ral5xn-xe(n3<KMusAAHk)iOe>>!up5+68LAGte1AaG
zPmp?fS|d2U5|d8~NSPoDNcy*VK6kOOOVREprdmk1&x;I+%dK4Dk=5c8lMd{sdRMLi
zzmB*x8Fb4jW>(>WK5dkjgrLt0U6YM-t)?1*qpTGO@@UQH$-Vgkn;wVMKtizloLuqH
z3*v9-g<I4y*O9vr{4&nQe39&CCTMCHDlOl*A3<=14X;wo<#WW*c#>5TwAG4Oi+P?g
zo%%`H29UK}_${GU%V><0ow)<5-P^d{D=1IP(i#=)lmk%bDJeT$4Y=|wxwfxWT{%U!
zp`(xdwc_r_?9@GfLE&i!Me@XkiX(<>&@AlFtn)<-<nEhQTS8z=jG9Nu$P6ieeSGHQ
z^iI7_+r4Fgs@xMMeho6V7Gn>OD0gko21G%hREtIWP?89jzp;hAezPKBkK9MDY-q|R
z0&Cl{pC0!N=-32o43p#_W7NDHOVBOqgDinxTINbyUHqd_@jy{fX#p(X#<@V&zkcuP
z?^E!L(!;$i8@;P4E}fU-&R?PN9|%K9hw0LkP1bevE%%p(fH#4DWaMdc7I+cuBB%^P
zlj?BZhUTT<#dyB<{np}pBLT7ADg}E1fes1?Ov9p##k2y(j5XPGt7l4^C-2kP0%Lr-
zC@9md5ygjo<l}xX%KRC%J#sB=iIJ}NwN|*O>={7Dd7xF!7QASB#`y_)9%Tnq!3%zI
z52xsOKu3d`MMMbJ?=!e=C`kBisd}TnRUcay=6`mGe*^IGE{G@Ed`d!YPhQY^(RtP<
zepychEG!ZhwPxv%(3UxIXh7;qg9O2*kF-XpFO5M|?$QTWna~J(0FcYfW#8@C6$N}q
z@TX^boQKREsM?qM!b%LRi{haX?OyV`fB@Ya2b9sS-1)6)pigm=i*7nWionJBKGm+W
z<8C}v0kNi4`J<-^Nnv_Po!#=H`)P89ccug=A~MML6My70X`9L9*rUAx?fZPK%OVcs
zy*OPu<+!uo^Qd<438L!tH@{D=YT!2cS8F-(*Hu<u*gck*_6~K0?(kE8K*_vLOUo_3
zL^zqm7$F%P4;ArJLMNmECR)+KdthBYy#2L23$j$yRT^r@au}}#Coo}=S03b0E{aLA
z;IdORf%|v5Fjv=4o-+w<c!q~DmFN|g?w|t(DypzCz64V0D}@;E1)U?OcW2iWo>jYM
zyd~??G@-+7Rs#|DErG<a^o}LnUVtr`Km`PB-#udVN<S-}V5WPFTUa_l2`GF#i}#V_
z$~q-;bfpw^ABqH(IgcskX5V^l;eE^j1+Ed7W;IS>V4IArScE#JBg$Fib&jtWpji1$
z-_9eFHsZVQL?a)Gc#l{WiSHA=-RzyB7B@tr(6ipe)#4Yj$SIjpC#02WY0O^TC;@J#
z%Rj9hU8e&f^@>pqy1s5;>BrP^SJMKXU>U|L@VRX^cZ}+06U#>&JWMt!l-sOkxEgSr
z+SfD>PRbJv$|dO*fK3PZ1X!`+?v$C3fHY{z|GsiAFp}HF9Waw6R%CAu?U5$VDy=2P
z1)4e}!eZ)3x9eU^&zE=Bhb($$aCIr*ixXm|9A32_^hO6n&94O|oOefj{I++-iwEuP
zIQR<f9h9(y4}6#1t&1I3NA;np{S!YCB>7Q=M;)=F*_h`_ViHnq6`Rqo-V{_tJB7B=
ziA)FVt!3;51x4IAdT~-7?ccSzCjk!hwi57*FYkeJ;}`sN{>+y8eGdPNSGq84qiLfC
z+`mG0vjb_aJDhi*xp6C@<62xC)h=LJWe6x4Hd7bsBrv`Q+IXo=f)gHo*=PJP^f6M~
zf!fOUfG~B=?ai+Hjo#eciq)Nr$Iu>C6&Kx%%kBme$AQ6_Q(>Hh5Dc}#n!m%?r)R8m
zimw5E&x8C;>;Zy9VB%ivm3VIfYUMS|($Lt=9n5C_K&Q>5l%k<B2iO^_p5bO+cDKsl
zx8xIsT-e>G$Z`cf&KXi;Rofr7e9H)Zs{}`RiDMF?(&7C$?FOAP0jm1KxGQh4=wt7o
zw*|v$y^H&#=|PA9T|cuWV4w4pRA!)ZE>o0!8aEfn=KdTf$2L$NAzlwW9S*lM3V_>G
z5}R;<iz6o`t)|R%4d8W^jn}k-aUqEl(o~JL_ES-ZQszFVhZ)$GFuFqk&SYI$wHypD
zUC`1;)k<tP&7lIy$PS01VA>vQzS5-EqcZ@348T^7Vw#>7;tfb=nx0E>X<$eD-Xxz_
zi;nWLlt94=$$XX$P0lepg@i?bE$PrivLB9`Yg)rj^*xg?d1Rxv;TDK)C{A(la-hCx
zhIUn-2u<3l_|1+2sZLq_=1~$iAL+!X?ryrVnG2f6^SPw^YuLOV@e8dK_%=9-KPDKo
zN5-i};0FmB%9t7p>-OSA!kZeXG}|Qc*rQtoK6+3F@y-&1P<3w{CPSzoo%8eHJF*lS
z3nDKx2t53DUFqvDlX#<2AckGAn1=~QT=m6qj_bowD6L#VrI+5_0$0Z#DY~AsM=__u
z2p;hZ#na$3=%-OyzJ_JOZUv5~Q(St7Wr`1Ru4#FFeIf);2D!SMs|fw6efpnq`f%a+
z4DfbV&Z|<I8X7dpfYvRX$Q%x^v39uJ_U;3tb7zMTv3^=Pvg3q7k_TY7tI;qzcv@Mm
zV(`*;FH)b&*PuxT?Ec-80UEm+TR@+^V&x1B-3Z`mOvT2x7GPGy*7ghE0;w-wMTSOh
z&R1aDGhcDU$#uxkbbOzrbKGd>Yj;#xgBFFTCZxS#fu7@&23Y`Ij==vRGOE-lO<aPc
zbdEYrUcM4wFmXvSXqrp)_5j_NN+GEabREbAC}96hE@<^-h6OaOASmfdIdnlVY$~6o
z!!ZKd;To$_l6L%84Pn6{?N~ujAnj9!5pFRk_6$hxi-QHgsWi%jr9ax^@-@sHM1$gY
zZu!AGju;N0ZP152y|#1hX<l|bE9;4~(R0wdORjMhqOO%zGwgb<E+CzL_N>qD)^zD@
z@m39onpX_;liQz`AZsZ&3%ZN0KHXpk*R~7NtZ^Edvq0+tx8sG|m3Bq~)S2F?LZA8*
z4_)#~^|)B@!sRotTQ%VBUZuh+-rl^@;oIIp1)@fTaEEM;PY}w2jIEA$4}ZF_|I?~O
z@HukD451E)$mM-nXJHSx#is9NL1)}LR#W<gu*Mo8ssrBAY&(0o1H`3(p#;u%Qs!90
zO)09{M_?~&>}Z_l^fa)Uf8mjt^>x&S7f;B(M?&M!?nrRq5pTCy>*&)@S_hMq!g{1_
z8ktTC&Zl%Q4F{Kw4gmcIt!pY7lP8m*2-yl(G$IKH`OU#fd?^dRUzJ^s`;F#VZ`jRM
zsz9trpOd1cl?G7fj*GYZda<-?xzgFkA8YA&mS87Qp_XTFTnjk&`QlQIQ@a@t?nXZ$
z)o6PvQVkCm;qA^z4<-aoXWQs0D&E=Z0Sqy+eDqM9W7aUs5P5^i-81aoM$M!0OZsd;
zhqa_|Mc1TN!g8mD*_3>pt2F=D&)2=t{${>_J#da(oZ`3xOf})v4mu(R1pFZTK6`yt
z@Hm4tM+RrPMKFtSg~;S9XvzgKOqGS|bYhzdWF^Ylg0OA2cP+%b0rXpjNewyg;vDAo
zg3BdyRX2cnmGM`0(O3s!yNpb$mBSlnO}IB5UBVuVD9-U?*|zHKDn+CA3s5`xE3!YX
zwNl^hxt85Ei`yn_F`n<d+{5TvL>mULTmWXMd>CWx&wJDKXdl+it9sE?!|4gV(hE5D
zsJ_#hki?C%K`Q_k0)MjJ1_mNVl18VlT`FrJ$3Co`eYq)Eoba$%vG%p9RQCmP>Xlr)
zGP9J6+Ab`_s?<9T&uCIN*zdazUyNU99S1nW2*({%F#{(@9aLb4Yw1fa#CtKf6zGV)
z(RLwjLTTD?z}f>jS&tqY<US^)iTa<j09@oR4FoO@kP~&^1EnK{zf?Yn2((-#aEi`N
zPK`R^q+{j7@_H8^6}G!NdE@7wq3z<Z_P__+#M$EpyFW$`CV?#P_k|GZM~1I^X`N+E
zBDZOK1oVbeVV>Wf-0ma@V!~3B=p???zVwFWui_MliOSQ7mJnFXarYaq_yoC_Ah+B+
z7AuDFUL~mDyE(+#dGke8x;wko=@oOnAH>Nor`wfUT{nX3c1xbu<3^|Fi<7!<IS6UR
zmOje9v^s>6NKw7)30URN(QI@h^N-^kA0A3RMzUU#?uh;plZNOVHt=fD30&LLiHh#u
z?s>Sq5*FX_D*~7uO+yrgME#(c9-;H$5}$+T%e?ycA9x;S|1|Ffy&%|xN@|z~F|^Q{
zEa!b`SU4(2p09}9_eCw%fM#rt#SmhhN2~FaNn6KjIys?Fo9p?i!70nG2enHBNAMrV
z{2cCfXgzQ5Viz8VAG#d_Or@nEsY71;;AN%J9bp3xj3;aUo6Xc@)7#5tVH!6oC!Ss2
z*Dw*}QDUP>pJk<W%Gp>>)Nh6)uy=-zC^4^&mNo`mduLMrl{Mv*IJv`7MLKA~#hQy4
zv~P?v%Z)wYFBJhAo|-&AaymY1wVDH5?1@MqL@#+HqzT8G@#rYbzFuLsUJhk{CT+0z
zK7(j*=yzKqf61_B^e>kcpxiNc|E;Fpu^No+Z+|R5(FwX!GiOw)aMsi_SIlzuDI#aX
z+2GI|-%Z(9yZfC6kwe2%vMJ>|0cZC6CL(|rCAhT!13ayy3Aa(z<%cZ4?fJQ>5Syae
zZ`9y{c|@+o08AY-9lPicUK(H7#Nk6xzV&aczjGCBu8w6#Nu0a|>^$1;%h?SeJ?<sK
zQby(-j%&JiUEc%5OoU|6I77?64YEH2b{jim1oukdN2ZuPt8&GbuOcq}=mlIJ+pB$G
z)3Zl7HK6jH+N}EJ#;2J$O$kol5irJ<2*|6cK;EO@UF2V`_WtiYJay<$RKN_#?d%Wo
zi9axm?juLoWcXk|d=J0Bn1G{4#pkk;Dt|Pp|L`@J&+wV{Jt#Q#qc{8eYoECS1Y4xl
zz_srd^T)#UU*Go}7%-*I*7*G${pbf|(o!{Lp9(PJ`cb?34_|ZfV5mCNW6|H=(T}bJ
z<)Kp^`X5s1pUVm*)BliyKZvoEOsBy6Ps20?-hZ@~{eEdFHJw7_ej27JMD9mf>+hGA
z!rm$D{bymCBH4aluzqy?D3XmL*(j3jN3(_MAf={LYWmMPniQQ*(dj>3n<+Z|$07Oq
z@<q|<6rKKiG5G`Kic-^mV3EGhvVZ3$MW<7A`p?2NMW_EX7x-;Ih@#UeI{i-|`0s(6
zvbFltT;R7grbsr5Wcz8DrbxD*<pTfe4WURjie&p~n5Ia!zpwm%Wl>Tj8%47HEKE}*
z+fQ==ie#g-K>rm4|2=S1B->AO0g7a!3_JW_&-5Q+iz3;6mJ3iM8)dACGS>8yX!HM<
zn*MIj1;<Qx;J|^S5d@Ft`OQKvfFrkm`e_Oukz->u9{4Xu>)z4HvGF{<@dqIO!3E9a
z8#6UDHM{=P*ZeP-6B;x1;XD2Fcf9}C4?`c=>DhvK{>!nt)CYDw4<G-uf&VWKNq;a}
zJv;&YUrthb0)I_=`oElIq&)2ZB2p<2`|mZ*(*Q!ofdgmX-2C;5;h(4^N|yf@5Jk!I
zpQf@DNdGVD5v6|rd_kbp@1M?1s)H1=_R}nvLe_phH;+)r+TW8k3PJlHaY})43XK0?
zu29(cPlpPHjZ@h8kLq4Z&Hh0g`rqPBF;#vvxc;Zy14~SSaSDw8Sf){=7e#vgV6IRc
zw4V<ZiuC%y;QIc!MT&z)anQbxhriSp6zTPsOY_&Hkpkls82>R)rbw^9&Z57>CyMm?
yvEceH2`Mm6f$<;BG>U`vW4ivkB+TSH?^+wKuQ&Ku1Zbf=a8v!(ukfojq5lsfwl;GB

diff --git a/docs/index.md b/docs/index.md
deleted file mode 120000
index 32d46ee88..000000000
--- a/docs/index.md
+++ /dev/null
@@ -1 +0,0 @@
-../README.md
\ No newline at end of file
diff --git a/docs/installation.md b/docs/installation.md
deleted file mode 100644
index 5776abdc6..000000000
--- a/docs/installation.md
+++ /dev/null
@@ -1,33 +0,0 @@
-# Installation
-
-
-=== "Linux"
-    ```bash
-    wget  https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker   \
-      -O /usr/bin/canary-checker && \
-      chmod +x /usr/bin/canary-checker
-    ```
-
-=== "MacOSX"
-    ```bash
-    wget  https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker_osx  \
-      -O /usr/local/bin/canary-checker && \
-      chmod +x /usr/local/bin/canary-checker
-  ```
-
-=== "Windows"
-    ```bash
-    wget -nv -nc -O https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker.exe
-    ```
-
-## Windows Service
-
-Canary Checker can be installed as a service in Windows environment using the `install-service.ps1` which is available at the root of the repo.
-The script accepts the following parameters to define the service.
-
-- configfile: Path to the config file with canaries. Defaults to "$pwd\canary-checker.yaml"
-- httpPort: port to start the server on.
-- metricsPort: port to expose the metrics on
-- name: name of the server
-- uninstall: A switch flag. Used to uninstall the service. For example: `.\install-service.ps1 -uninstall`
-- pushServers: A comma separated list of servers to push the check data
diff --git a/docs/introduction.md b/docs/introduction.md
deleted file mode 100644
index 6df5a281e..000000000
--- a/docs/introduction.md
+++ /dev/null
@@ -1,31 +0,0 @@
-# Introduction
-
-Canary Checker is a Kubernetes native [Synthetic Monitoring](https://en.wikipedia.org/wiki/Synthetic_monitoring) system. It works with standard Kubernetes monitoring tools like [Prometheus](https://prometheus.io) to proactively monitor your applications across multi-tenant environments to ensure application availability.
-
-Today many applications are written as microservices with service dependencies. This is especially true for applications that run on Kubernetes. For example, you may have a microservice running as a deployment that requires access to a database like [MongoDB](https://www.mongodb.com/kubernetes) or [Postgres](https://www.postgresql.org/). As an [SRE](https://en.wikipedia.org/wiki/Site_Reliability_Engineering) you can create a few canary checks that alert you if the system were about to experience any major issues: 
-
-* You could create a check that ensures the PostgreSQL service responds within `3000` milliseconds 
-* You could create a check that ensures you can run a query on Postgres and ensure the query result is as expected.
-
-If any one of these checks fails, (e.g: the service doesn't respond after 3000 milliseconds) you would know that something is not performing as expected in your environment.  You could then take actions to remediate the issues before your end users are even aware there was an issue. 
-
-## Features
-
-![dashboard](images/ui01.png)
-
-* Built-in UI/Dashboard with multi-cluster aggregation
-* CRD based configuration and status reporting
-* Prometheus Integration
-* Runnable as a CLI for once-off checks or as a standalone server outside kubernetes
-* Many built-in check types
-
-
-## Comparisons
-
-
-| App                                                     | Comparison                                                   |
-| ------------------------------------------------------- | ------------------------------------------------------------ |
-| Prometheus                                              | canary-checker is not a replacement for prometheus, rather a companion. While prometheus provides persistent time series storage, canary-checker only has a small in-memory cache of recent checks.  Canary-checker also exposes metrics via `/metrics` that are scraped by prometheus. |
-| Grafana                                                 | The built-in UI provides a mechanism to display check results across 1 or more instances without a dependency on grafana/prometheus running. The UI  will also display long-term graphs of check results by quering prometheus. |
-| [Kuberhealthy](https://github.com/Comcast/kuberhealthy) | Very similar goals, but Kuberhealthy relies on external containers to implement checks and does not provide a UI or multi-cluster/instance aggregation. |
-| [Cloudprober](https://cloudprober.org/)                 | Very similar goals, but Cloudprober is designed for very high scale, not multi-tenancy. Only has ICMP,DNS,HTTP,UDP built-in checks. |
\ No newline at end of file
diff --git a/docs/operator.md b/docs/operator.md
deleted file mode 100644
index b36e7788c..000000000
--- a/docs/operator.md
+++ /dev/null
@@ -1,133 +0,0 @@
----
-hide:
-- toc
----
-
-# Installation
-
-## Helm
-
-Canary Checker can be deployed to a Kubernetes cluster via Helm.
-
-```bash
-helm repo add flanksource https://flanksource.github.io/charts
-helm repo update flanksource
-```
-
-Create a values file based on
-[values.yaml](https://github.com/flanksource/canary-checker/blob/master/chart/values.yaml).
-You only need to define things that are different from the defaults listed in
-that file. After configuring the values.yaml file, install Canary Checker with
-
-```bash
-helm install --namespace <NAMESPACE> canary-checker -f <VALUES_FILE> flanksource/canary-checker
-```
-
-## Manually
-
-=== "kubectl"
-    ```bash
-    kubectl apply -f https://github.com/flanksource/canary-checker/releases/latest/download/release.yaml
-    ```
-
-=== "kustomize"
-    `kustomization.yaml`
-    ```yaml
-    resources:
-    - https://raw.githubusercontent.com/flanksource/canary-checker/v0.38.30/config/deploy/base.yaml
-    - https://raw.githubusercontent.com/flanksource/canary-checker/v0.38.30/config/deploy/crd.yaml
-    images:
-    - name: docker.io/flanksource/canary-checker:latest
-      newTag: v0.38.30
-    patchesStrategicMerge:
-    - |-
-        apiVersion: networking.k8s.io/v1
-        kind: Ingress
-        metadata:
-            name: canary-checker
-            namespace: canary-checker
-        spec:
-            tls:
-            - hosts:
-                - <INSERT_YOUR_DOMAIN_HERE>
-        rules:
-            - host:  <INSERT_YOUR_DOMAIN_HERE>
-    ```
-
-    ```bash
-    kubectl apply -f kustomization.yaml
-    ```
-
-## Karina
-
-When deploying Canary Checker via
-[Karina](https://karina.docs.flanksource.com/), the versions of
-Canary Checker and Flanksource UI are specified in `karina.yml`. The configured
-persistence will define how Canary Checker stores its database.
-
-```yaml
-canaryChecker:
-  version: v0.38.194
-  uiVersion: v1.0.201
-  persistence:
-    capacity: 20Gi
-    storageClass: standard
-```
-
-## Installing without a database
-
-Canary Checker ships with a database by default, which keeps a history of
-checks. If Canary Checker doesn't require persistence, it can be disabled by
-setting `db.embedded.persist` to `false` in the values configuration file.
-
-In Karina-based deployments, the database can be disabled by setting
-`canaryChecker.persistence.disabled` to `true` in `karina.yml` (for Karina
-versions >= v0.70.0). For versions older than this, the following patch will
-achieve the same result:
-
-```yaml
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
-  name: canary-checker
-  namespace: platform-system
-spec:
-  template:
-    spec:
-      volumes:
-        - name: canarychecker-database
-          emptyDir: {}
-  volumeClaimTemplates: null
-```
-
-# Running Manually
-
-The operator can also be started manually outside of cluster (it will still need a kubeconfig) using:
-
-```bash
-canary-checker operator [flags]
-```
-
-### Options
-
-```
-      --dev                       Run in development mode
-      --devGuiPort int            Port used by a local npm server in development mode (default 3004)
-      --enable-leader-election    Enabling this will ensure there is only one active controller manager
-  -h, --help                      help for operator
-      --httpPort int              Port to expose a health dashboard  (default 8080)
-      --include-check string      Run matching canaries - useful for debugging
-      --log-fail                  Log every failing check (default true)
-      --log-pass                  Log every passing check
-      --maxStatusCheckCount int   Maximum number of past checks in the status page (default 5)
-      --metricsPort int           Port to expose a health dashboard  (default 8081)
-      --name string               Server name shown in aggregate dashboard (default "local")
-  -n, --namespace string          Watch only specified namespaces, otherwise watch all
-      --prometheus string         URL of the prometheus server that is scraping this instance
-      --pull-servers strings      push check results to multiple canary servers
-      --push-servers strings      push check results to multiple canary servers
-      --webhookPort int           Port for webhooks  (default 8082)
-      --expose-env                Expose environment variables for use in all templates. Note this has serious security implications with untrusted canaries
-      --json-logs                 Print logs in json format to stderr
-  -v, --loglevel count            Increase logging level
-```
diff --git a/docs/prereqs.md b/docs/prereqs.md
deleted file mode 100644
index 28ebe7613..000000000
--- a/docs/prereqs.md
+++ /dev/null
@@ -1,103 +0,0 @@
-# Optional Prerequisites
-
-Canary Checker can integrate with Prometheous and ships with a few defined promethues service monitors. While not strictly required this guide explains how to install the optional dependencies. 
-
-## A Kubernetes Cluster
-
-This is pretty obvious, but first [install](https://github.com/flanksource/karina) a kubernetes cluster and ensure you are able to run basic `kubectl` commands to create pods, services, and that cluster DNS is functioning properly. 
-
-## Metrics Server
-
-For many environments, Prometheus requires the [Kubernetes Metrics Server](https://github.com/kubernetes-sigs/metrics-server) to get metrics from the worker nodes. How this is deployed is slightly different for different Kubernetes environments. [Here is an example of how to install the Metrics Server on AWS EKS](https://docs.aws.amazon.com/eks/latest/userguide/metrics-server.html).  If you are using GKE, you can skip this step as Prometheus is already installed using Stack Driver metrics. 
-
-To ensure you are getting metrics run: 
-
-```
-kubectl get --raw /metrics
-```
-The command will give display metrics something like this:
-```shell
-workqueue_work_duration_seconds_bucket{name="open_api_aggregation_controller",le="0.01"} 966
-workqueue_work_duration_seconds_bucket{name="open_api_aggregation_controller",le="0.1"} 966
-workqueue_work_duration_seconds_bucket{name="open_api_aggregation_controller",le="1"} 967
-workqueue_work_duration_seconds_bucket{name="open_api_aggregation_controller",le="10"} 967
-workqueue_work_duration_seconds_bucket{name="open_api_aggregation_controller",le="+Inf"} 967
-workqueue_work_duration_seconds_sum{name="open_api_aggregation_controller"} 0.8046582159999999
-workqueue_work_duration_seconds_count{name="open_api_aggregation_controller"} 967
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="1e-08"} 0
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="1e-07"} 0
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="1e-06"} 0
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="9.999999999999999e-06"} 0
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="9.999999999999999e-05"} 0
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="0.001"} 1
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="0.01"} 1
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="0.1"} 1
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="1"} 1
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="10"} 1
-workqueue_work_duration_seconds_bucket{name="priority_and_fairness_config_queue",le="+Inf"} 1
-workqueue_work_duration_seconds_sum{name="priority_and_fairness_config_queue"} 0.000160916
-workqueue_work_duration_seconds_count{name="priority_and_fairness_config_queue"} 1
-```
-
-
-## Prometheus Operator
- 
-You can install the operator by cloning the [Prometheus Operator](https://github.com/prometheus-operator/kube-prometheus) repository with: 
-
-```
-git clone https://github.com/prometheus-operator/kube-prometheus
-```
-
-Find the appropriate release for your version of Kubernetes in the table.  For example, if you were using Kubernetes 1.17 (run `kubectl version` to see what you are running) you would see the [README](https://github.com/prometheus-operator/kube-prometheus/blob/master/README.md) shows I should be running `release-0.4`.  So to install we run: 
-
-```
-cd kube-prometheus
-git branch -a
-```
-Here we see all the branch names.  To switch to the release branch run: 
-
-```
-git checkout remotes/origin/release-0.4
-```
-
-Now we can install the operator with: 
-
-```
-kubectl create -f manifests/setup
-```
-
-You should then be able to see custom resources, `servicemonitors` by running: 
-
-```
-kubectl get crd
-```
-And see there is a `servicemonitors.monitoring.coreos.com` custom resource definition. 
-
-Once that is defined you can install the rest of the monitoring components: 
-
-```
-kubectl create -f manifests/
-```
-
-You'll be able to see all the resources defined in the `monitoring` namespace with: 
-
-```
-kubectl get pods -n monitoring
-```
-
-Output looks as follows: 
-
-```
-NAME                                   READY   STATUS    RESTARTS   AGE
-alertmanager-main-0                    2/2     Running   0          3m15s
-alertmanager-main-1                    2/2     Running   0          3m15s
-alertmanager-main-2                    2/2     Running   0          3m15s
-grafana-58dc7468d7-vvcnc               1/1     Running   0          3m12s
-kube-state-metrics-765c7c7f95-kxddc    3/3     Running   0          3m12s
-node-exporter-cnhm6                    2/2     Running   0          2m15s
-node-exporter-vnh9r                    2/2     Running   0          3m13s
-prometheus-adapter-5cd5798d96-j8xnn    1/1     Running   0          3m13s
-prometheus-k8s-0                       3/3     Running   1          3m13s
-prometheus-k8s-1                       3/3     Running   1          3m13s
-prometheus-operator-5f75d76f9f-n9krn   1/1     Running   0          7m2s
-```
diff --git a/docs/reference.md b/docs/reference.md
deleted file mode 100644
index 454c008e2..000000000
--- a/docs/reference.md
+++ /dev/null
@@ -1,20 +0,0 @@
-generate documentation
-
-Usage:
-  canary-checker docs [command]
-
-Available Commands:
-  cli         generate CLI documentation
-
-Flags:
-  -h, --help   help for docs
-
-Global Flags:
-      --expose-env       Expose environment variables for use in all templates. Note this has serious security implications with untrusted canaries
-      --json-logs        Print logs in json format to stderr
-  -v, --loglevel count   Increase logging level
-
-Use "canary-checker docs [command] --help" for more information about a command.
-
-version: dev
- 
\ No newline at end of file
diff --git a/docs/run.md b/docs/run.md
deleted file mode 100644
index e12fa274e..000000000
--- a/docs/run.md
+++ /dev/null
@@ -1,57 +0,0 @@
----
-hide:
-- toc
----
-
-
-# Installation
-
-=== "Linux (amd64)"
-    ```bash
-    wget  https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker_linux_amd64   \
-      -O /usr/bin/canary-checker && \
-      chmod +x /usr/bin/canary-checker
-    ```
-
-=== "MacOSX (amd64)"
-    ```bash
-    wget  https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker_darwin_amd64  \
-      -O /usr/local/bin/canary-checker && \
-      chmod +x /usr/local/bin/canary-checker
-    ```
-
-=== "Makefile"
-    ```Makefile
-    OS = $(shell uname -s | tr '[:upper:]' '[:lower:]')
-    ARCH = $(shell uname -m | sed 's/x86_64/amd64/')
-    wget -nv -nc https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker_$(OS)_$(ARCH)  \
-      -O /usr/local/bin/canary-checker && \
-      chmod +x /usr/local/bin/canary-checker
-
-    ```
-=== "Windows"
-    ```bash
-    wget -nv -nc -O https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker.exe
-    ```
-
-
-
-
-
-# Running
-Execute checks and return
-
-```bash
-canary-checker run <canary.yaml> [flags]
-```
-
-### Options
-
-```
-  -h, --help               help for run
-  -j, --junit string       Export JUnit XML formatted results to this file e.g: junit.xml
-  -n, --namespace string   Specify namespace
-      --expose-env       Expose environment variables for use in all templates. Note this has serious security implications with untrusted canaries
-      --json-logs        Print logs in json format to stderr
-  -v, --loglevel count   Increase logging level
-```
diff --git a/docs/server.md b/docs/server.md
deleted file mode 100644
index 2f488eacc..000000000
--- a/docs/server.md
+++ /dev/null
@@ -1,58 +0,0 @@
----
-hide:
-- toc
----
-
-
-# Installation
-
-=== "Linux"
-    ```bash
-    wget  https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker   \
-      -O /usr/bin/canary-checker && \
-      chmod +x /usr/bin/canary-checker
-    ```
-
-=== "MacOSX"
-    ```bash
-    wget  https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker_osx  \
-      -O /usr/local/bin/canary-checker && \
-      chmod +x /usr/local/bin/canary-checker
-    ```
-
-=== "Windows"
-    ```bash
-    wget -nv -nc -O https://github.com/flanksource/canary-checker/releases/latest/download/canary-checker.exe
-    ```
-
-
-# Running
-Start a server to execute checks
-
-```
-canary-checker serve [flags]
-```
-
-### Options
-
-```
-  -c, --configfile string         Specify configfile
-      --dev                       Run in development mode
-      --devGuiPort int            Port used by a local npm server in development mode (default 3004)
-  -h, --help                      help for serve
-      --httpPort int              Port to expose a health dashboard  (default 8080)
-      --include-check string      Run matching canaries - useful for debugging
-      --log-fail                  Log every failing check (default true)
-      --log-pass                  Log every passing check
-      --maxStatusCheckCount int   Maximum number of past checks in the status page (default 5)
-      --metricsPort int           Port to expose a health dashboard  (default 8081)
-      --name string               Server name shown in aggregate dashboard (default "local")
-  -n, --namespace string          Watch only specified namespaces, otherwise watch all
-      --prometheus string         URL of the prometheus server that is scraping this instance
-      --pull-servers strings      push check results to multiple canary servers
-      --push-servers strings      push check results to multiple canary servers
-  -s, --schedule string           schedule to run checks on. Supports all cron expression and golang duration support in format: '@every duration'
-      --expose-env       Expose environment variables for use in all templates. Note this has serious security implications with untrusted canaries
-      --json-logs        Print logs in json format to stderr
-  -v, --loglevel count   Increase logging level
-```
diff --git a/docs/swagger.yaml b/docs/swagger.yaml
deleted file mode 100644
index 4ff9cca0d..000000000
--- a/docs/swagger.yaml
+++ /dev/null
@@ -1,296 +0,0 @@
-basePath: /
-definitions:
-  Check:
-    properties:
-      canary_id:
-        type: string
-      canary_name:
-        type: string
-      checkStatuses:
-        items:
-          $ref: '#/definitions/CheckStatus'
-        type: array
-      createdAt:
-        type: string
-      deletedAt:
-        type: string
-      description:
-        type: string
-      displayType:
-        type: string
-      icon:
-        type: string
-      id:
-        type: string
-      labels:
-        type: object
-      lastRuntime:
-        type: string
-      latency:
-        $ref: '#/definitions/Latency'
-      name:
-        type: string
-      namespace:
-        type: string
-      nextRuntime:
-        type: string
-      owner:
-        type: string
-      severity:
-        type: string
-      status:
-        type: string
-      type:
-        type: string
-      updatedAt:
-        type: string
-      uptime:
-        $ref: '#/definitions/Uptime'
-    type: object
-  CheckStatus:
-    properties:
-      duration:
-        type: integer
-      error:
-        type: string
-      invalid:
-        type: boolean
-      message:
-        type: string
-      status:
-        type: boolean
-      time:
-        type: string
-    type: object
-  Component:
-    properties:
-      checks:
-        items:
-          $ref: '#/definitions/Check'
-        type: array
-      components:
-        $ref: '#/definitions/Components'
-      configs:
-        items:
-          $ref: '#/definitions/Config'
-        type: array
-      created_at:
-        type: string
-      external_id:
-        description: nolint
-        type: string
-      icon:
-        type: string
-      id:
-        description: nolint
-        type: string
-      labels:
-        type: object
-      lifecycle:
-        description: The lifecycle state of the component e.g. production, staging,
-          dev, etc.
-        type: string
-      name:
-        type: string
-      namespace:
-        type: string
-      order:
-        type: integer
-      owner:
-        type: string
-      parent_id:
-        description: nolint
-        type: string
-      path:
-        type: string
-      properties:
-        items:
-          $ref: '#/definitions/Property'
-        type: array
-      schedule:
-        type: string
-      status:
-        type: string
-      statusReason:
-        type: string
-      summary:
-        $ref: '#/definitions/Summary'
-      topology_id:
-        description: nolint
-        type: string
-      text:
-        type: string
-      tooltip:
-        type: string
-      topology_type:
-        type: string
-      type:
-        description: The type of component, e.g. service, API, website, library, database,
-          etc.
-        type: string
-      updated_at:
-        type: string
-    type: object
-  Components:
-    items:
-      $ref: '#/definitions/Component'
-    type: array
-  Config:
-    properties:
-      config_class:
-        type: string
-      external_id:
-        items:
-          type: string
-        type: array
-      type:
-        type: string
-      id:
-        type: string
-      name:
-        type: string
-      namespace:
-        type: string
-      spec:
-        type: object
-    type: object
-  Latency:
-    properties:
-      p95:
-        type: number
-      p97:
-        type: number
-      p99:
-        type: number
-      rolling1h:
-        type: number
-    type: object
-  Property:
-    properties:
-      color:
-        type: string
-      headline:
-        type: boolean
-      icon:
-        type: string
-      label:
-        type: string
-      lastTransition:
-        type: string
-      links:
-        items:
-          $ref: '#/definitions/Link'
-        type: array
-      max:
-        type: integer
-      min:
-        type: integer
-      name:
-        type: string
-      order:
-        type: integer
-      status:
-        type: string
-      text:
-        description: Either text or value is required, but not both.
-        type: string
-      tooltip:
-        type: string
-      type:
-        type: string
-      unit:
-        description: e.g. milliseconds, bytes, millicores, epoch etc.
-        type: string
-      value:
-        type: integer
-    type: object
-  Uptime:
-    properties:
-      failed:
-        type: integer
-      p100:
-        type: number
-      passed:
-        type: integer
-    type: object
-  Link:
-    properties:
-      icon:
-        type: string
-      label:
-        type: string
-      text:
-        type: string
-      tooltip:
-        type: string
-      type:
-        description: e.g. documentation, support, playbook
-        type: string
-      url:
-        type: string
-    type: object
-  Summary:
-    properties:
-      healthy:
-        type: integer
-      info:
-        type: integer
-      unhealthy:
-        type: integer
-      warning:
-        type: integer
-    type: object
-info:
-  contact: {}
-  license:
-    name: Apache 2.0
-    url: http://www.apache.org/licenses/LICENSE-2.0.html
-  title: Canary Checker API
-  version: 1..1
-paths:
-  /api/topology:
-    get:
-      description: Query the topology graph
-      operationId: TopologyQuery
-      parameters:
-      - description: Topology ID
-        in: query
-        name: id
-        type: string
-      - description: Topology ID
-        in: query
-        name: topologyId
-        type: string
-      - description: Component ID
-        in: query
-        name: componentId
-        type: string
-      - description: Owner
-        in: query
-        name: owner
-        type: string
-      - description: Comma seperated list of status
-        in: query
-        name: status
-        type: string
-      - description: Comma seperated list of types
-        in: query
-        name: types
-        type: string
-      - description: Flatten the topology
-        in: query
-        name: flatten
-        type: string
-      produces:
-      - application/json
-      responses:
-        "200":
-          description: OK
-          schema:
-            items:
-              $ref: '#/definitions/Component'
-            type: array
-      summary: Topology query
-      tags:
-      - topology
-swagger: "2.0"

From 555dd1a48d7fad4624caee6c239fae72dbff25d2 Mon Sep 17 00:00:00 2001
From: Moshe Immerman <moshe@flanksource.com>
Date: Thu, 6 Jul 2023 17:27:01 +0300
Subject: [PATCH 08/10] major: bump major version

---
 .releaserc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.releaserc b/.releaserc
index 207ec09bb..9953dc382 100644
--- a/.releaserc
+++ b/.releaserc
@@ -8,6 +8,7 @@ plugins:
         - { type: feat, release: patch }
         - { type: ci, release: false }
         - { type: style, release: false }
+        - { type: major, release: major }
       parserOpts:
         noteKeywords:
           - MAJOR RELEASE

From b076d0ccf79481b58a68959fc981f89694857cbf Mon Sep 17 00:00:00 2001
From: Moshe Immerman <moshe@flanksource.com>
Date: Thu, 6 Jul 2023 21:27:40 +0300
Subject: [PATCH 09/10] chore: bump flanksource-ui

---
 chart/Chart.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index e0a6d188b..7e689104d 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -10,6 +10,6 @@ maintainers:
 icon: https://avatars.githubusercontent.com/u/58787470
 dependencies:
   - name: flanksource-ui
-    version: "1.0.143"
+    version: "1.0.395"
     repository: https://flanksource.github.io/charts
     condition: flanksource-ui.enabled

From 9526e1bb6786eccbb43ae4c2e2b7b50cc3458b19 Mon Sep 17 00:00:00 2001
From: Moshe Immerman <moshe@flanksource.com>
Date: Thu, 6 Jul 2023 21:29:52 +0300
Subject: [PATCH 10/10] chore: bump flanksource-ui

---
 chart/Chart.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 7e689104d..e97ac6069 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,13 +1,13 @@
 apiVersion: v2
 name: canary-checker
-description: a Kubernetes native, multi-tenant synthetic monitoring system
+description: Kubernetes native, multi-tenant synthetic monitoring system
 type: application
 version: 0.0.0
 appVersion: "master"
 maintainers:
   - name: Flanksource
     url: https://www.flanksource.com
-icon: https://avatars.githubusercontent.com/u/58787470
+icon: https://github.com/flanksource/docs/blob/main/docs/canary-checker/images/canary-checker-icon.svg
 dependencies:
   - name: flanksource-ui
     version: "1.0.395"