feelgoodnewsgroup.com Open in urlscan Pro
2606:4700:3033::ac43:c8fa  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response feelgoodnewsgroup.com/	9 KB 3 KB	317ms 63ms	Document text/html	2606:4700:3033::ac43:c8fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://feelgoodnewsgroup.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:c8fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d63f75bf03eadad1e52151a0bd4d4dd331a25a59b01a58b3ca9dfee8e4caef38 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers age 7906 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f1fb5d57c810f3b-EWR content-encoding zstd content-type text/html date Sat, 14 Dec 2024 16:53:28 GMT last-modified Thu, 23 May 2024 16:44:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6U6TPCGvZcg9YM2EzCnZveL4T5WCOqDnisSdnHWbDYpOgWX1AYOIv%2FtTupjsqphbZuvB09wd5h3PauJP3o6A1aP3lbJUfJ630qROR1yHe9vv3gWzpVG%2Bu%2BhY1X0g9XZy6T2uip3aekjkJR52xPJ4yueLuo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=22673&min_rtt=21616&rtt_var=5427&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4197&recv_bytes=4435&delivery_rate=26970&cwnd=12000&unsent_bytes=0&cid=16f4631377c6e392&ts=239&x=1" cfExtPri cfHdrFlush;dur=0 via 1.1 c70c0d114d0fcf32b9941c29c00266de.cloudfront.net (CloudFront) x-amz-cf-id 1qnvHb_UkD56_odAw1X-WnEa7xCkCedc1XbAQqViTjo1SWDMX9b-Uw== x-amz-cf-pop JFK50-P6 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H3	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/	141 KB 22 KB	113ms 39ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css Requested by Host: feelgoodnewsgroup.com URL: https://feelgoodnewsgroup.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://feelgoodnewsgroup.com Referer https://feelgoodnewsgroup.com/ Response headers cdn-status 200 content-encoding br cf-cache-status HIT etag "450fc463b8b1a349df717056fbb3e078" age 1289878 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 14 Dec 2024 16:53:28 GMT last-modified Mon, 25 Jan 2021 22:04:04 GMT content-type text/css; charset=utf-8 vary Accept-Encoding cdn-cache HIT cdn-cachedat 11/15/2024 13:24:43 cdn-requestpullcode 200 priority u=0,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-requesttime 0 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid b2de5f4b8af1ea9f524c8db4a632112e cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.06 cf-ray 8f1fb5d66ba541c1-EWR access-control-allow-origin * cdn-edgestorageid 718 server cloudflare cdn-requestcountrycode US
GET H3	200	style.css feelgoodnewsgroup.com/styles/	8 KB 3 KB	76ms 73ms	Stylesheet text/css	2606:4700:3033::ac43:c8fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://feelgoodnewsgroup.com/styles/style.css Requested by Host: feelgoodnewsgroup.com URL: https://feelgoodnewsgroup.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:c8fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c34293ef4e301f1cfbc1a5cd11ad97ddc444b94871fc5867ba289a4a99beb99d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"33df93551e8f704d6d1f0b3553c24ff8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtX7SpoV%2BjcEJLIervOdHSYZDTkuYjtHvm%2Fi00%2B4iiDhGFbx7ZHXbwbM1dTpDp4l6dmOS%2FdcaytS57uoCy%2BLL9%2Fhz7ljzb2dFyRWUILtwWioBAyanNQ3b%2BrR%2FCuxAP4gJpT%2BNcjPRlTUWVAJjBTbgYRbEI0%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id 64Wu_QfhqNqSPuVCQ7pU79AJOkio2nBw9evNXD0sE7mQbjhJAwI0uQ== date Sat, 14 Dec 2024 16:53:28 GMT content-type text/css last-modified Thu, 24 Aug 2023 20:57:38 GMT vary Accept-Encoding priority u=0,i=?0 server-timing cfL4;desc="?proto=QUIC&rtt=28589&min_rtt=21616&rtt_var=11218&sent=17&recv=14&lost=0&retrans=0&sent_bytes=7710&recv_bytes=5205&delivery_rate=87172&cwnd=12000&unsent_bytes=0&cid=16f4631377c6e392&ts=325&x=1", cfExtPri, cfHdrFlush;dur=0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} via 1.1 2b873f743281511e290d4958008561c2.cloudfront.net (CloudFront) cf-ray 8f1fb5d5fccc0f3b-EWR x-amz-cf-pop EWR53-C3 server cloudflare x-amz-server-side-encryption AES256
GET H2	403	561555c21a.js kit.fontawesome.com/	0 0	156ms 74ms	Script text/plain	2606:4700:4400::ac40:93bc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/561555c21a.js Requested by Host: feelgoodnewsgroup.com URL: https://feelgoodnewsgroup.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://feelgoodnewsgroup.com Referer https://feelgoodnewsgroup.com/ Response headers access-control-max-age 3000 x-request-id GBEZWq0Mif4b2RVZjEFi cache-control max-age=0, private, must-revalidate cf-cache-status MISS access-control-allow-methods GET, OPTIONS cf-ray 8f1fb5d67f7832c6-PHL access-control-allow-origin * content-length 9 date Sat, 14 Dec 2024 16:53:28 GMT vary Accept-Encoding server cloudflare access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token
GET H3	200	FGNG_6202a7aebd.png feelgoodnewsgroup.com/media/	120 KB 121 KB	85ms 83ms	Image image/png	2606:4700:3033::ac43:c8fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://feelgoodnewsgroup.com/media/FGNG_6202a7aebd.png Requested by Host: feelgoodnewsgroup.com URL: https://feelgoodnewsgroup.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:c8fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10a4ced491d1fc8da2d87f601d37a1d3eb10b2911fd16006e1a7f57f91894059 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers cf-cache-status REVALIDATED etag "50a67283a5c3fa1de61a5e6957e59fe5" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zYGTayYexOOjmBiSHkpr%2B4wTroWqzgUhDNJKrIdT3%2FkRyuazgbaaINbTXzP4vkzbCW3SjbfCRGUfgEDeG8rPJRrIcCbZANxfT5ypzceSQZm3D%2BpMb3YLwlQdByVBuFQzZitJ7UhyECgWBzaKwgRr8WnNmBI%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id 9HNfFcg0pXzUI4xMn5t2nHPSLXqWpVtleK1OrCsIP8CFYkNTl63JTQ== date Sat, 14 Dec 2024 16:53:28 GMT content-type image/png last-modified Thu, 23 May 2024 16:44:19 GMT vary Accept-Encoding priority u=2,i server-timing cfL4;desc="?proto=QUIC&rtt=28589&min_rtt=21616&rtt_var=11218&sent=20&recv=14&lost=0&retrans=0&sent_bytes=10776&recv_bytes=5205&delivery_rate=87172&cwnd=12000&unsent_bytes=0&cid=16f4631377c6e392&ts=335&x=1", cfExtPri, cfHdrFlush;dur=0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} via 1.1 b863f5ba2fad5306016f04b0ec05bd82.cloudfront.net (CloudFront) cf-ray 8f1fb5d5fccd0f3b-EWR accept-ranges bytes content-length 123165 x-amz-cf-pop JFK50-P6 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	jquery-3.2.1.min.js Show response code.jquery.com/	85 KB 30 KB	118ms 22ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.min.js Requested by Host: feelgoodnewsgroup.com URL: https://feelgoodnewsgroup.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://feelgoodnewsgroup.com Referer https://feelgoodnewsgroup.com/ Response headers content-encoding gzip etag W/"28feccc0-15283" age 4149741 x-cache HIT, HIT date Sat, 14 Dec 2024 16:53:28 GMT content-type application/javascript; charset=utf-8 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-cache-hits 87576, 215316 x-served-by cache-lga21971-LGA, cache-ewr-kewr1740060-EWR vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1734195209.729094,VS0,VE0 cross-origin-resource-policy cross-origin via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 30125 server nginx
GET H3	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/	48 KB 14 KB	34ms 33ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js Requested by Host: feelgoodnewsgroup.com URL: https://feelgoodnewsgroup.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://feelgoodnewsgroup.com Referer https://feelgoodnewsgroup.com/ Response headers cdn-status 200 content-encoding br cf-cache-status HIT etag "14d449eb8876fa55e1ef3c2cc52b0c17" age 86855 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 14 Dec 2024 16:53:28 GMT last-modified Mon, 25 Jan 2021 22:04:04 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding cdn-cache HIT cdn-cachedat 11/06/2024 23:22:44 cdn-requestpullcode 200 priority u=2,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-requesttime 1 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid a37e48b1c0be8408e91a3dd2ac359ca5 cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.06 cf-ray 8f1fb5d6cc2241c1-EWR access-control-allow-origin * cdn-edgestorageid 1067 server cloudflare cdn-requestcountrycode US
GET H3	200	script.js Show response feelgoodnewsgroup.com/scripts/	6 KB 3 KB	58ms 56ms	Script application/javascript	2606:4700:3033::ac43:c8fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://feelgoodnewsgroup.com/scripts/script.js Requested by Host: feelgoodnewsgroup.com URL: https://feelgoodnewsgroup.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:c8fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce7ee39558c7f6483c5a328232e0dbf9a2ea428e21fa3764ee851f4938c484d7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers content-encoding zstd cf-cache-status REVALIDATED etag W/"59c2c06e1b89ee4ab6e813725d7c46c4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vPRVw3NOmewirt9eowB02nWOwySed2ZUQkGgUGygHmHXAkkFFp3NJizLEwYjloV9Lfa2sInm6MYWU7kS2wOVDq4T25sJrPnEL1gWAtII7NkEulR078Wq2d73JM%2FKAO%2F9O1RCWNCmBi0sKC3OcRlAqFFs9Dk%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id 7yRCwUjYcZnkXXWY-NgQ8SSFPzC6FmnaoWggcjU62Enm6L4cyStNYg== date Sat, 14 Dec 2024 16:53:28 GMT content-type application/javascript last-modified Thu, 23 May 2024 16:44:19 GMT vary Accept-Encoding priority u=2,i=?0 server-timing cfL4;desc="?proto=QUIC&rtt=23672&min_rtt=21521&rtt_var=824&sent=132&recv=64&lost=0&retrans=0&sent_bytes=137784&recv_bytes=8294&delivery_rate=2397427&cwnd=72300&unsent_bytes=0&cid=16f4631377c6e392&ts=466&x=1", cfExtPri, cfHdrFlush;dur=0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} via 1.1 6ea9421ec132e3640100792ef9535494.cloudfront.net (CloudFront) cf-ray 8f1fb5d6fd6a0f3b-EWR x-amz-cf-pop JFK50-P5 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	gtm.js Show response www.googletagmanager.com/	218 KB 79 KB	420ms 68ms	Script application/javascript	2607:f8b0:4006:81f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-W6NV5FB Requested by Host: feelgoodnewsgroup.com URL: https://feelgoodnewsgroup.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash acdc96f77fc6861dc8a9b2268fc3893e6f633fc50fbd453964256b7dd91e190c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Sat, 14 Dec 2024 16:53:29 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 14 Dec 2024 16:53:29 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Sat, 14 Dec 2024 15:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 80351 x-xss-protection 0 server Google Tag Manager
GET H3	200	Header_22b27da1fe.jpeg feelgoodnewsgroup.com/media/	409 KB 410 KB	45ms 44ms	Image image/jpeg	2606:4700:3033::ac43:c8fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://feelgoodnewsgroup.com/media/Header_22b27da1fe.jpeg Requested by Host: feelgoodnewsgroup.com URL: https://feelgoodnewsgroup.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:c8fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f0d223abfaa29bacbfcd4c107aa311537b32030482280aa44dac4dedb48dfbd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers cf-cache-status REVALIDATED etag "ce54edaca4a5d4704334f284a27ab20d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LBf2TnbZ8D9kY2BWsLpufT2kJQ96nTpG%2Be9ZbCocGmFbHcTZfafERP1ffermdCQmwRp2vNSrpK7wHYgx%2FbrjVNjIm9EuMqHT5wodX8feijiwcTkV3KLCbxa58B3t8Ru0IqwGypS%2BSlt0Ec7gOugA5hk8fCE%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront x-amz-cf-id 4mN-BaGqD6vqEiE67EltHHAsDBReS2J8MH8R6c0yCIveT0qDB3hGzw== date Sat, 14 Dec 2024 16:53:28 GMT content-type image/jpeg last-modified Thu, 23 May 2024 16:44:19 GMT vary Accept-Encoding priority u=3,i server-timing cfL4;desc="?proto=QUIC&rtt=23672&min_rtt=21521&rtt_var=824&sent=135&recv=64&lost=0&retrans=0&sent_bytes=141006&recv_bytes=8294&delivery_rate=2397427&cwnd=72300&unsent_bytes=0&cid=16f4631377c6e392&ts=473&x=1", cfExtPri, cfHdrFlush;dur=0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} via 1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront) cf-ray 8f1fb5d71d7c0f3b-EWR accept-ranges bytes content-length 418359 x-amz-cf-pop JFK50-P5 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	Good_News_Footer_a7139611d4.jpeg feelgoodnewsgroup.com/media/	154 KB 155 KB	71ms 71ms	Image image/jpeg	2606:4700:3033::ac43:c8fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://feelgoodnewsgroup.com/media/Good_News_Footer_a7139611d4.jpeg Requested by Host: feelgoodnewsgroup.com URL: https://feelgoodnewsgroup.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:c8fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d7114a750d6979b3c5ab58ef10b410c2770d476809e0b94c0d52175aa7fe47c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers cf-cache-status REVALIDATED etag "4345df0251d54bbf7b6b8bded86fb454" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wlkzlSSIivvGcMPNYrailj9ydUaXOTMuwG26SMYNc7zkoTnOntZE7NzJ5aQW2xwqejsOeg8fsQyHYg1kiBoUlfqPG7%2FOKns%2BpZ9lvIPnT5a%2F6Yu0ifxHeuJHqyjiRe9dnqs858ahWjGLllWFr%2FqWUQGV8gs%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront x-amz-cf-id PDJwCwxPiiJhXrbgL3XDHgcXliPQaTCzEsvyyptSG_znzgunpt_Zqg== date Sat, 14 Dec 2024 16:53:28 GMT content-type image/jpeg last-modified Thu, 23 May 2024 16:44:19 GMT vary Accept-Encoding priority u=3,i server-timing cfL4;desc="?proto=QUIC&rtt=23672&min_rtt=21521&rtt_var=824&sent=193&recv=64&lost=0&retrans=0&sent_bytes=210084&recv_bytes=8294&delivery_rate=2397427&cwnd=72300&unsent_bytes=0&cid=16f4631377c6e392&ts=484&x=1", cfExtPri, cfHdrFlush;dur=11 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} via 1.1 0252b483f7b420504a413a83f987b080.cloudfront.net (CloudFront) cf-ray 8f1fb5d71d7e0f3b-EWR accept-ranges bytes content-length 157699 x-amz-cf-pop JFK50-P6 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	active Show response z8brmvo8hc.execute-api.us-east-1.amazonaws.com/	277 KB 278 KB	778ms 478ms	XHR application/json	54.159.179.93 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://z8brmvo8hc.execute-api.us-east-1.amazonaws.com/active?category=feel-good Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.2.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.159.179.93 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-159-179-93.compute-1.amazonaws.com Software / Resource Hash 8daa51dfc2b6bc8f29bf4111f7d57f4844b90857671ef7f6abaa156b10fa7619 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept */* Referer https://feelgoodnewsgroup.com/ Response headers x-amz-apigw-id CymxfEZeoAMEZYg= x-amzn-trace-id Root=1-675db809-6163705553f527f474fe8a89;Parent=164295430204b6b4;Sampled=0;Lineage=1:407a50b7:0 access-control-allow-credentials true x-amzn-requestid 90b09b4f-aa32-4d5f-bf97-f75e978bfe67 access-control-allow-origin * content-length 283654 date Sat, 14 Dec 2024 16:53:29 GMT content-type application/json
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	141ms 27ms	Script text/javascript	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6NV5FB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers content-encoding gzip age 1188 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Sat, 14 Dec 2024 18:33:41 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 14 Dec 2024 16:33:41 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 438 B	39ms 38ms	XHR text/plain	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1520542877&t=pageview&_s=1&dl=https%3A%2F%2Ffeelgoodnewsgroup.com%2F&ul=en-us&de=UTF-8&dt=Feel%20Good%20News%20Group&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1575963584&gjid=1457541027&cid=2011946103.1734195209&tid=UA-181631395-9&_gid=1677602903.1734195209&_r=1&_slc=1&gtm=45He4cc1n81W6NV5FBza200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=441157407 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash f184635456d4dc42b7d4da1bf12c785b34f6e28685ee144678a5ce713899234f Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://feelgoodnewsgroup.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 14 Dec 2024 16:53:29 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://feelgoodnewsgroup.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 15 server Golfe2
GET H3	403	favicon.ico feelgoodnewsgroup.com/	275 B 1 KB	133ms 132ms	Other application/xml	2606:4700:3033::ac43:c8fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://feelgoodnewsgroup.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:c8fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a63da01ec77f1401d8fa7f406485fbc519e464449aff4472844a40de28456ecf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers content-encoding zstd cf-cache-status BYPASS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=akejdaMwobbtoPyGYntnIpMDNNkUWzFaNx8O8L91TGWYj3DqcqAR%2FfcxEkb2kDnLz8SxUKY6cifCuHTLAohgLv1YSJ9e7q7Qf%2FhCCs1BdbCRMHa84UXS5K2R5xCogkNYcY%2FUmiYwlQW5PHUEIvWHxIwm0Es%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 x-cache Error from cloudfront x-amz-cf-id u_NxYlfDfMZB0H_rlZBm4fpdHExn3gviYQ8Z-77NQTjqknRjd1efxA== date Sat, 14 Dec 2024 16:53:29 GMT content-type application/xml vary Accept-Encoding priority u=1,i server-timing cfL4;desc="?proto=QUIC&rtt=26069&min_rtt=21323&rtt_var=2406&sent=701&recv=129&lost=52&retrans=52&sent_bytes=791720&recv_bytes=11878&delivery_rate=6028971&cwnd=224490&unsent_bytes=0&cid=16f4631377c6e392&ts=1224&x=1", cfExtPri, cfHdrFlush;dur=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} via 1.1 578ec28f8e6f7c6503e2a4d2ab7532a2.cloudfront.net (CloudFront) cf-ray 8f1fb5db39ba0f3b-EWR x-amz-cf-pop JFK50-P6 server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	271 KB 96 KB	68ms 66ms	Script application/javascript	2607:f8b0:4006:81f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-75ZM4LJRX5&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d9ecf379773bcbc2c89c7b1bc872b99887ffe28a24097b554b9221c2855c9b28 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Sat, 14 Dec 2024 16:53:29 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 14 Dec 2024 16:53:29 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 98396 x-xss-protection 0 server Google Tag Manager
GET H2	200	img.png assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy81NTMxMjk1OC9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTc4NzQzNjM3OX0.-Aga2xN0_tYa7OyU1CKYTf94NwgL1o2MLfn...	34 KB 34 KB	132ms 30ms	Image image/webp	151.101.65.68 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy81NTMxMjk1OC9vcmlnaW4ucG5nIiwiZXhwaXJlc19hdCI6MTc4NzQzNjM3OX0.-Aga2xN0_tYa7OyU1CKYTf94NwgL1o2MLfnv_MYGAIg/img.png?width=980 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.68 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash eca46c4a173ffb97fc657ff7143e126b2faf7a5252287de5e0a4bbe8d8627d8b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers content-encoding gzip etag W/"111617-DrpNvMEXfUzWzNzVusxuke4+75g" age 81679 x-cache HIT, HIT date Sat, 14 Dec 2024 16:53:29 GMT fastly-service 6n5SeXI9vaBDWRYEBuCDvI content-type image/webp x-served-by cache-iad-kiad7000118-IAD, cache-ewr-kewr1740020-EWR x-cache-hits 91, 0 vary Accept-Encoding cache-control max-age=31536000, public, immutable x-timer S1734195210.803313,VS0,VE2 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 34482
GET H2	200	img.jpg assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNzk0NjM3NS9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTczNTg2MDk4NH0.z8dOuJ5tZKfb3TGUv-V1etp7OX-8Iz8spRV...	43 KB 44 KB	134ms 33ms	Image image/webp	151.101.65.68 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8yNzk0NjM3NS9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTczNTg2MDk4NH0.z8dOuJ5tZKfb3TGUv-V1etp7OX-8Iz8spRVAmPAvWMI/img.jpg?width=980 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.68 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4869972e8ff0f32d331363d8216f815ed00a2e3de0a81fbf05f3699f6ef09a95 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers content-encoding gzip etag W/"15acb-1UEjT4bdq5k6r+Cz/raro6cCzBs" age 349710 x-cache HIT, HIT date Sat, 14 Dec 2024 16:53:29 GMT fastly-service 6n5SeXI9vaBDWRYEBuCDvI content-type image/webp x-served-by cache-iad-kcgs7200023-IAD, cache-ewr-kewr1740020-EWR x-cache-hits 54, 0 vary Accept-Encoding cache-control max-age=31536000, public, immutable x-timer S1734195210.803436,VS0,VE1 via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 44402
GET H2	200	fortnite-refund-zz-241213-5ff30c.jpg media-cldnry.s-nbcnews.com/image/upload/t_fit_1500w/rockcms/2024-12/	174 KB 174 KB	140ms 36ms	Image image/jpeg	2600:141b:1c00:228a::a1d AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://media-cldnry.s-nbcnews.com/image/upload/t_fit_1500w/rockcms/2024-12/fortnite-refund-zz-241213-5ff30c.jpg Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2600:141b:1c00:228a::a1d Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS Software cloudinary / Resource Hash e06c2dab41874101b6f806e04b6f10836b60ca24e381632a9aaac7c5eabfdd92 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers etag "723c19ffc97642c12f6aa885a13f43cf" surrogate-reporting width=1500,height=948,bytes=177838,format="jpg",owidth=2500,oheight=1580,obytes=2172000,oformat="jpg",crt=1734120663,ocrt=1734119786,ef=(1,11,13,17,97) cache-tag 320306002889547503251328642178649146272,421170834198430962346353210036862164828,7831a46e631c715519da9d0ce0a38b6b expires Sun, 14 Dec 2025 02:27:44 GMT date Sat, 14 Dec 2024 16:53:29 GMT content-type image/jpeg x-served-by cache-lga21937-LGA x-cache-hits 0 last-modified Fri, 13 Dec 2024 20:11:04 GMT access-control-allow-headers X-Requested-With strict-transport-security max-age=2628000 ; preload cache-control public, max-age=31484055 timing-allow-origin * x-timer S1734121624.887378,VS0,VE1 x-orig-request-id bcb43706550570c0d4a3a0fa13abca67 accept-ranges bytes access-control-allow-origin * content-length 177838 akamai-grn 0.36593a17.1734195209.af6c748 server cloudinary
POST H3	204	collect www.google-analytics.com/g/	0 0	37ms 36ms	Fetch text/plain	2607:f8b0:4006:823::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-75ZM4LJRX5&gtm=45je4cc1v9107370040za200&_p=1734195208763&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101509157~101925629~102067555~102067808~102081485~102198178&ul=en-us&sr=1600x1200&cid=2011946103.1734195209&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Ffeelgoodnewsgroup.com%2F&dt=Feel%20Good%20News%20Group&sid=1734195209&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1443 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-75ZM4LJRX5&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://feelgoodnewsgroup.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://feelgoodnewsgroup.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 14 Dec 2024 16:53:29 GMT content-type text/plain server Golfe2

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| $ function| jQuery object| bootstrap function| populate_posts function| setHeights function| return_post_markup function| scrollToSection function| loadPosts function| adTimer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.feelgoodnewsgroup.com/	1970-01-21 11:19:15	Name: _ga Value: GA1.2.2011946103.1734195209
			.feelgoodnewsgroup.com/	1970-01-21 01:44:41	Name: _gid Value: GA1.2.1677602903.1734195209
			.feelgoodnewsgroup.com/	1970-01-21 01:43:15	Name: _gat_UA-181631395-9 Value: 1
			.feelgoodnewsgroup.com/	1970-01-21 11:19:15	Name: _ga_75ZM4LJRX5 Value: GS1.2.1734195209.1.0.1734195209.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.fontawesome.com/561555c21a.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://feelgoodnewsgroup.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.rebelmouse.io
code.jquery.com
feelgoodnewsgroup.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
media-cldnry.s-nbcnews.com
www.google-analytics.com
www.googletagmanager.com
z8brmvo8hc.execute-api.us-east-1.amazonaws.com
151.101.65.68
2600:141b:1c00:228a::a1d
2606:4700:3033::ac43:c8fa
2606:4700:4400::ac40:93bc
2606:4700::6812:bcf
2607:f8b0:4006:81f::2008
2607:f8b0:4006:823::200e
2a04:4e42::649
54.159.179.93
10a4ced491d1fc8da2d87f601d37a1d3eb10b2911fd16006e1a7f57f91894059
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
4869972e8ff0f32d331363d8216f815ed00a2e3de0a81fbf05f3699f6ef09a95
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8daa51dfc2b6bc8f29bf4111f7d57f4844b90857671ef7f6abaa156b10fa7619
8f0d223abfaa29bacbfcd4c107aa311537b32030482280aa44dac4dedb48dfbd
9d7114a750d6979b3c5ab58ef10b410c2770d476809e0b94c0d52175aa7fe47c
a63da01ec77f1401d8fa7f406485fbc519e464449aff4472844a40de28456ecf
acdc96f77fc6861dc8a9b2268fc3893e6f633fc50fbd453964256b7dd91e190c
c34293ef4e301f1cfbc1a5cd11ad97ddc444b94871fc5867ba289a4a99beb99d
ce7ee39558c7f6483c5a328232e0dbf9a2ea428e21fa3764ee851f4938c484d7
d63f75bf03eadad1e52151a0bd4d4dd331a25a59b01a58b3ca9dfee8e4caef38
d9ecf379773bcbc2c89c7b1bc872b99887ffe28a24097b554b9221c2855c9b28
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e06c2dab41874101b6f806e04b6f10836b60ca24e381632a9aaac7c5eabfdd92
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eca46c4a173ffb97fc657ff7143e126b2faf7a5252287de5e0a4bbe8d8627d8b
f184635456d4dc42b7d4da1bf12c785b34f6e28685ee144678a5ce713899234f