bellinghamherald.wp.moneyresearchcollective.com Open in urlscan Pro
104.196.140.105  Public Scan

64 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bellinghamherald.wp.moneyresearchcollective.com/	49 KB 9 KB	603ms 273ms	Document text/html	104.196.140.105 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bellinghamherald.wp.moneyresearchcollective.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.196.140.105 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 105.140.196.104.bc.googleusercontent.com Software nginx / WP Engine Resource Hash 61794723aae0c9583eaa6200ce7f9b0297ce8ac79478cd8fbd8e82d36e9de518 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers cache-control max-age=600, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Sun, 01 Sep 2024 04:03:06 GMT link <https://bellinghamherald.wp.moneyresearchcollective.com/wp-json/>; rel="https://api.w.org/" server nginx vary Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie x-cache HIT: 9 x-cache-group normal x-cacheable SHORT x-powered-by WP Engine
GET H2	200	style.css bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/	33 KB 7 KB	155ms 154ms	Stylesheet text/css	104.196.140.105 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/style.css?ver=0.1.71 Requested by Host: bellinghamherald.wp.moneyresearchcollective.com URL: https://bellinghamherald.wp.moneyresearchcollective.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.196.140.105 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 105.140.196.104.bc.googleusercontent.com Software nginx / Resource Hash de7ee30ad5ad6c16a1206cedd426013cda27e1502206d010322c321d16d3d8b0 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:07 GMT content-encoding br last-modified Fri, 19 Jul 2024 02:37:18 GMT server nginx etag W/"6699d15e-832f" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	bellinghamherald-logo.svg bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/	33 KB 12 KB	288ms 288ms	Image image/svg+xml	104.196.140.105 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/bellinghamherald-logo.svg Requested by Host: bellinghamherald.wp.moneyresearchcollective.com URL: https://bellinghamherald.wp.moneyresearchcollective.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.196.140.105 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 105.140.196.104.bc.googleusercontent.com Software nginx / Resource Hash 4b88d7fc58707e24cb68fd1d72a46b38dda2cd90ef0b2513cb97171ca0ce9794 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:07 GMT content-encoding br last-modified Thu, 31 Mar 2022 05:24:23 GMT server nginx etag W/"62453b07-8394" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	media-temp-AF_ShZMc6Epdjyvn6Pmuhg20240830-619-1pa98qd-1024x683.webp rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/20/2024/08/30110626/	59 KB 59 KB	706ms 531ms	Image image/webp	2606:4700:3037::ac43:d5ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/20/2024/08/30110626/media-temp-AF_ShZMc6Epdjyvn6Pmuhg20240830-619-1pa98qd-1024x683.webp Requested by Host: bellinghamherald.wp.moneyresearchcollective.com URL: https://bellinghamherald.wp.moneyresearchcollective.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d5ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d5451a1ccbb7fe19d46217e825fe945084a842f4b798709c301c3a8fdb7ebe6 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:07 GMT via 1.1 2de9b6504a97ad8423645370927ef0ce.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SFO20-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 60272 last-modified Fri, 30 Aug 2024 18:06:28 GMT server cloudflare etag "05fef5c1fc26f01a6174eefa25dd4d8f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O7jpVCiRJ%2Fxeduja%2Ff%2BuMapDPprxVaiuf2HzIDzphjL9sps%2B7M13AsOu3%2BtZqFm0hpKs7dmhqgwNnjlmhfSZsJrbBMU5OtI9gyQZaOS9JW8EWiw6D75WKShesEOmbmoeXf8kOj8UbmivIfizSswi%2B%2BvyOp7oSi30zKno1Gs%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=31536000 accept-ranges bytes cf-ray 8bc25e61f97e7e8e-LAX x-amz-cf-id c5VNiXYm5LFoKNpRAb88e5QsIn1Y2qq_QPexlIxWAAH70K4rgs4tkg==
GET H2	200	media-temp-SrzeDUKa-5UgZLbdyWfIsA20240829-619-mf395x-300x200.webp rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/20/2024/08/29110608/	14 KB 14 KB	149ms 149ms	Image image/webp	2606:4700:3037::ac43:d5ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/20/2024/08/29110608/media-temp-SrzeDUKa-5UgZLbdyWfIsA20240829-619-mf395x-300x200.webp Requested by Host: bellinghamherald.wp.moneyresearchcollective.com URL: https://bellinghamherald.wp.moneyresearchcollective.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d5ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54ace3d20b21daf9827340b9d86ec1daef68806c8a22f3f4bc6baa13b6349c7b Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:07 GMT via 1.1 2afb8e90da0f8e25a9f76cf7abce5a6e.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop LAX53-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 13952 last-modified Thu, 29 Aug 2024 18:06:10 GMT server cloudflare etag "a47b26c6ee6f80d6b6682cb15f839059" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yr%2BFCTqQ%2FLh0nHG%2BqAFcvvWMU7Wz7dKAZzoCHr6OHRC0cs9DCS%2B0w9OM918RiuA3IwSta8SSnGRJYheycgtb1Snhe8NlVSA%2BonPYxJqjXMOtngsE2IJgTBIHBU0vZWNl%2FO8zCHXMrczuA2JOIWuGIOVVeIIrej%2BNhttfsEg%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=31536000 accept-ranges bytes cf-ray 8bc25e62ba327e8e-LAX x-amz-cf-id d8IBOAIkXSe67b6vAkHgqtcHV92TDHwB6WkuJCDg_vHQjqTBPtLd2A==
GET H2	200	media-temp-4QpWXiqCdyWLR8-OiXfIOg20240629-619-1vtcxdo-300x200.jpg rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/20/2024/06/28182252/	12 KB 12 KB	492ms 491ms	Image image/jpeg	2606:4700:3037::ac43:d5ef CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://rs.moneyresearchcollective.com/wp-assets/apwp/wp-content/uploads/sites/20/2024/06/28182252/media-temp-4QpWXiqCdyWLR8-OiXfIOg20240629-619-1vtcxdo-300x200.jpg Requested by Host: bellinghamherald.wp.moneyresearchcollective.com URL: https://bellinghamherald.wp.moneyresearchcollective.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:d5ef , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2058d7d8e23dfa8dd39ed5a9d91c83ebec4cee292a6cae9a03c7388590bc7dd1 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:07 GMT via 1.1 c0309604e5168dca084e5bc1df88239c.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SFO20-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront alt-svc h3=":443"; ma=86400 content-length 12238 last-modified Sat, 29 Jun 2024 01:22:53 GMT server cloudflare etag "03430dfeca6bbf96d62689b0059adb17" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wBWGc0hgfiomrY7%2FLe%2BdtStPe%2BNzrCkJf1HDE5sC3ZdeZD9s2KS6WCJP2JvLEZ3ErDKc1wp0871sagSEvO7vT4EJryrlE2LHKfpEfbZbxV3rmMyAzoRpqwx07kRv3kA5EsHz180uKc%2FHxIDb%2BItcBmK0UNaypCDAY7BNTSM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes cf-ray 8bc25e63ab267e8e-LAX x-amz-cf-id X7eBSEWA6mzt1m_aN9Pfl2LAB3Yre0wOrkowyo7zMETo2inNruKoKQ==
GET H2	200	css2 fonts.googleapis.com/	10 KB 1 KB	442ms 157ms	Stylesheet text/css	2607:f8b0:4006:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Noto+Serif:wght@400;700&display=swap Requested by Host: bellinghamherald.wp.moneyresearchcollective.com URL: https://bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/style.css?ver=0.1.71 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 9ba2b276a9450c310c12ea62dc78e084fb6a0f8b9281c4031ff5d2ca3dd819cd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 01 Sep 2024 04:03:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 01 Sep 2024 04:03:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 01 Sep 2024 04:03:07 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	196 KB 70 KB	457ms 169ms	Script application/javascript	2607:f8b0:4006:80c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PHG66H8 Requested by Host: bellinghamherald.wp.moneyresearchcollective.com URL: https://bellinghamherald.wp.moneyresearchcollective.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fb2fdcf4e551cfb34f14a3ab3fe644827d32e81a280f2c848850ef8e34b067be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 71562 x-xss-protection 0 last-modified Sun, 01 Sep 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 01 Sep 2024 04:03:07 GMT
GET H2	200	ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2 fonts.gstatic.com/s/notoserif/v23/	42 KB 42 KB	643ms 349ms	Font font/woff2	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Noto+Serif:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bellinghamherald.wp.moneyresearchcollective.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Fri, 30 Aug 2024 01:54:34 GMT x-content-type-options nosniff age 180513 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43212 x-xss-protection 0 last-modified Tue, 24 Oct 2023 00:59:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 30 Aug 2025 01:54:34 GMT
GET H2	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 fonts.gstatic.com/s/inter/v18/	47 KB 48 KB	431ms 138ms	Font font/woff2	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Noto+Serif:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://bellinghamherald.wp.moneyresearchcollective.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Thu, 29 Aug 2024 05:05:04 GMT x-content-type-options nosniff age 255483 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 48444 x-xss-protection 0 last-modified Mon, 29 Jul 2024 22:51:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Aug 2025 05:05:04 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	278 KB 96 KB	177ms 176ms	Script application/javascript	2607:f8b0:4006:80c::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2N4R1NC0PX&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHG66H8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ef0c0db535704cac0ba338bee6856824070a598e0b614e02e004b6787ddd677a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:08 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 97764 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 01 Sep 2024 04:03:08 GMT
GET H2	200	bellinghamheraldcore.js Show response www.bellinghamherald.com/static/yozons-lib/	90 KB 29 KB	764ms 210ms	Script application/javascript	23.201.160.37 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.bellinghamherald.com/static/yozons-lib/bellinghamheraldcore.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHG66H8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.201.160.37 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-201-160-37.deploy.static.akamaitechnologies.com Software MI / Resource Hash f39812d74c3583da5e5a62211c011e04bf4102f1ba1b0edf11bb705cc1a09c59 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:09 GMT content-encoding gzip new-varnish2 true x-mi-in-market 0 surrogate-control varnish=ESI/2.1 mi-cache-age 153 x-cachebust server-timing cdn-cache; desc=REVALIDATE, edge; dur=32, origin; dur=35, ak_p; desc="1725163388698_398664881_3688112586_6711_6991_134_271_146";dur=1 content-length 29475 new-varnish true last-modified Wed, 28 Aug 2024 04:40:57 GMT server MI etag W/"1685f-620b6f6cc8840" vary Accept-Encoding mi-cache HIT x-varnish 838632176, 1023121005 1032783192 content-type application/javascript access-control-allow-methods GET,POST,OPTIONS cache-control max-age=300 access-control-allow-credentials false access-control-allow-origin * access-control-max-age 86400 access-control-allow-headers *
POST H2	204	collect www.google-analytics.com/g/	0 0	254ms 98ms	Fetch text/plain	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-2N4R1NC0PX&gtm=45je48s0v871240107z8861688576za200zb861688576&_p=1725163387590&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1761075156.1725163389&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725163388&sct=1&seg=0&dl=https%3A%2F%2Fbellinghamherald.wp.moneyresearchcollective.com%2F&dt=Bellingham%20Herald&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2334 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2N4R1NC0PX&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 01 Sep 2024 04:03:08 GMT server Golfe2 content-type text/plain access-control-allow-origin https://bellinghamherald.wp.moneyresearchcollective.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	graphql api.consumer.pt.mcclatchy.com/	0 0	467ms 164ms	Preflight	2600:141b:b000::173b:fa21 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.consumer.pt.mcclatchy.com/graphql Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::173b:fa21 Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://bellinghamherald.wp.moneyresearchcollective.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization, content-type, x-mcc-identity, x-mcc-device access-control-allow-methods GET, PATCH, POST, PUT alt-svc h3=":443"; ma=93600 cache-control max-age=0, no-cache, no-store date Sun, 01 Sep 2024 04:03:09 GMT expires Sun, 01 Sep 2024 04:03:09 GMT pragma no-cache server-timing ak_p; desc="1725163389499_389806621_180323595_1912_10472_133_139_219";dur=1 strict-transport-security max-age=63072000 vary Origin
POST		graphql api.consumer.pt.mcclatchy.com/	0 0
GET BLOB	200 OK	ca1f1152-3e7d-46dd-98b5-aa4059a9b6dd Show response https://bellinghamherald.wp.moneyresearchcollective.com/	270 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://bellinghamherald.wp.moneyresearchcollective.com/ca1f1152-3e7d-46dd-98b5-aa4059a9b6dd Requested by Host: www.bellinghamherald.com URL: https://www.bellinghamherald.com/static/yozons-lib/bellinghamheraldcore.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e92f91d3d2828c9e1dab3b2d14288366b27230ec447ef225dfb161e161720a30 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Length 270 Content-Type text/javascript
GET H2	200	danelei.7b5e980be187027497c2.js Show response www.bellinghamherald.com/static/yozons-lib/	82 KB 23 KB	158ms 157ms	Script application/javascript	23.201.160.37 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.bellinghamherald.com/static/yozons-lib/danelei.7b5e980be187027497c2.js Requested by Host: bellinghamherald.wp.moneyresearchcollective.com URL: blob:https://bellinghamherald.wp.moneyresearchcollective.com/ca1f1152-3e7d-46dd-98b5-aa4059a9b6dd Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.201.160.37 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-201-160-37.deploy.static.akamaitechnologies.com Software MI / Resource Hash 6183ad99d6b0066b4c712fd5e351b121daf19060112035c74e75e8dcb59aacd1 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:09 GMT content-encoding gzip x-mi-in-market 0 surrogate-control varnish=ESI/2.1 mi-cache-age 2459 x-cachebust server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725163389378_398664881_3688114031_106_6295_139_0_146";dur=1 content-length 22871 new-varnish3 true last-modified Wed, 28 Aug 2024 04:40:51 GMT server MI etag W/"14793-620b6f670fac0" vary Accept-Encoding mi-cache HIT x-varnish 124193018 119799909 content-type application/javascript access-control-allow-methods GET,POST,OPTIONS cache-control max-age=264421 access-control-allow-credentials false access-control-allow-origin * access-control-max-age 86400 access-control-allow-headers *
POST		graphql api.consumer.pt.mcclatchy.com/	0 0
OPTIONS H2	204	graphql api.consumer.pt.mcclatchy.com/	0 0	249ms 175ms	Preflight	2600:141b:b000::173b:fa21 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://api.consumer.pt.mcclatchy.com/graphql Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:b000::173b:fa21 Newark, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://bellinghamherald.wp.moneyresearchcollective.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization, content-type, x-mcc-identity, x-mcc-device access-control-allow-methods GET, PATCH, POST, PUT alt-svc h3=":443"; ma=93600 cache-control max-age=0, no-cache, no-store date Sun, 01 Sep 2024 04:03:09 GMT expires Sun, 01 Sep 2024 04:03:09 GMT pragma no-cache server-timing ak_p; desc="1725163389652_389806621_180323602_1544_13249_133_0_219";dur=1 strict-transport-security max-age=63072000 vary Origin
GET H2	200	favicon-196.png bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/bellinghamherald/	1 KB 1 KB	245ms 244ms	Other image/png	104.196.140.105 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/bellinghamherald/favicon-196.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.196.140.105 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 105.140.196.104.bc.googleusercontent.com Software nginx / Resource Hash f62c14a3efaa1dbfee651e1e70410bcf91c69d5e7c5fbbd96ef0136084ee855d Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:09 GMT last-modified Thu, 14 Apr 2022 07:47:04 GMT server nginx etag "6257d178-41c" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 1052
GET H2	200	favicon-96.png bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/bellinghamherald/	586 B 787 B	186ms 185ms	Other image/png	104.196.140.105 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/bellinghamherald/favicon-96.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.196.140.105 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 105.140.196.104.bc.googleusercontent.com Software nginx / Resource Hash 624795a5ec9d793ed2ed4b6cee9556cf13d58a27154a1cca8184c116865d5c45 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:09 GMT last-modified Thu, 14 Apr 2022 07:47:04 GMT server nginx etag "6257d178-24a" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 586
GET BLOB	200 OK	bc506990-8b62-44a4-9a3c-4d4aad819559 Show response https://bellinghamherald.wp.moneyresearchcollective.com/	270 B 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://bellinghamherald.wp.moneyresearchcollective.com/bc506990-8b62-44a4-9a3c-4d4aad819559 Requested by Host: www.bellinghamherald.com URL: https://www.bellinghamherald.com/static/yozons-lib/bellinghamheraldcore.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 858fb3914edc8d20560a7ccce1a238623411cb943d3d7e55bd2ef8a42e612fcd Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers Content-Length 270 Content-Type text/javascript
GET H2	200	naeliya.7b5e980be187027497c2.js Show response www.bellinghamherald.com/static/yozons-lib/	9 KB 4 KB	180ms 180ms	Script application/javascript	23.201.160.37 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.bellinghamherald.com/static/yozons-lib/naeliya.7b5e980be187027497c2.js Requested by Host: bellinghamherald.wp.moneyresearchcollective.com URL: blob:https://bellinghamherald.wp.moneyresearchcollective.com/bc506990-8b62-44a4-9a3c-4d4aad819559 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.201.160.37 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-201-160-37.deploy.static.akamaitechnologies.com Software MI / Resource Hash 8620c9a4fac285416970cd1a81ac3bd2581934e98d6deff1848f125e885f9df0 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:09 GMT content-encoding gzip new-varnish2 true x-mi-in-market 0 surrogate-control varnish=ESI/2.1 mi-cache-age 2392 x-cachebust server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725163389856_398664881_3688115672_2356_6097_136_0_146";dur=1 content-length 3332 new-varnish true last-modified Wed, 28 Aug 2024 04:40:51 GMT server MI etag W/"251f-620b6f670fac0" vary Accept-Encoding mi-cache HIT x-varnish 1020757190, 836700044 831783376 content-type application/javascript access-control-allow-methods GET,POST,OPTIONS cache-control max-age=264451 access-control-allow-credentials false access-control-allow-origin * access-control-max-age 86400 access-control-allow-headers *
GET H2	200	favicon-32.png bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/bellinghamherald/	284 B 485 B	162ms 162ms	Other image/png	104.196.140.105 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/bellinghamherald/favicon-32.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.196.140.105 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 105.140.196.104.bc.googleusercontent.com Software nginx / Resource Hash 875e31e2d5b547db51ae5939cf39c1d03a1afa94a62d9f38f079ca01e0f58085 Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:10 GMT last-modified Thu, 14 Apr 2022 07:47:04 GMT server nginx etag "6257d178-11c" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 284
GET H2	200	favicon-16.png bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/bellinghamherald/	1 KB 2 KB	171ms 170ms	Other image/png	104.196.140.105 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://bellinghamherald.wp.moneyresearchcollective.com/wp-content/themes/mh-money-2022/static/images/favicons/bellinghamherald/favicon-16.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.196.140.105 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 105.140.196.104.bc.googleusercontent.com Software nginx / Resource Hash 09befd6b74f4f2ea3addb2e8a6b1fe1278d239c99e55a7157d155bbf1b0b824b Request headers Referer https://bellinghamherald.wp.moneyresearchcollective.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sun, 01 Sep 2024 04:03:10 GMT last-modified Thu, 14 Apr 2022 07:47:04 GMT server nginx etag "6257d178-5dd" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 1501

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.consumer.pt.mcclatchy.com

URL

https://api.consumer.pt.mcclatchy.com/graphql

Domain

api.consumer.pt.mcclatchy.com

URL

https://api.consumer.pt.mcclatchy.com/graphql

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| yozonsWebpackJsonp object| mi

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://bellinghamherald.wp.moneyresearchcollective.com/ Message: Access to fetch at 'https://api.consumer.pt.mcclatchy.com/graphql' from origin 'https://bellinghamherald.wp.moneyresearchcollective.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.consumer.pt.mcclatchy.com/graphql Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bellinghamherald.wp.moneyresearchcollective.com/ Message: Access to fetch at 'https://api.consumer.pt.mcclatchy.com/graphql' from origin 'https://bellinghamherald.wp.moneyresearchcollective.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.consumer.pt.mcclatchy.com/graphql Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.consumer.pt.mcclatchy.com
bellinghamherald.wp.moneyresearchcollective.com
fonts.googleapis.com
fonts.gstatic.com
rs.moneyresearchcollective.com
www.bellinghamherald.com
www.google-analytics.com
www.googletagmanager.com
api.consumer.pt.mcclatchy.com
104.196.140.105
2001:4860:4802:34::178
23.201.160.37
2600:141b:b000::173b:fa21
2606:4700:3037::ac43:d5ef
2607:f8b0:4006:80c::2008
2607:f8b0:4006:820::200a
2607:f8b0:4006:822::2003
09befd6b74f4f2ea3addb2e8a6b1fe1278d239c99e55a7157d155bbf1b0b824b
2058d7d8e23dfa8dd39ed5a9d91c83ebec4cee292a6cae9a03c7388590bc7dd1
4b88d7fc58707e24cb68fd1d72a46b38dda2cd90ef0b2513cb97171ca0ce9794
54ace3d20b21daf9827340b9d86ec1daef68806c8a22f3f4bc6baa13b6349c7b
61794723aae0c9583eaa6200ce7f9b0297ce8ac79478cd8fbd8e82d36e9de518
6183ad99d6b0066b4c712fd5e351b121daf19060112035c74e75e8dcb59aacd1
624795a5ec9d793ed2ed4b6cee9556cf13d58a27154a1cca8184c116865d5c45
6d5451a1ccbb7fe19d46217e825fe945084a842f4b798709c301c3a8fdb7ebe6
858fb3914edc8d20560a7ccce1a238623411cb943d3d7e55bd2ef8a42e612fcd
8620c9a4fac285416970cd1a81ac3bd2581934e98d6deff1848f125e885f9df0
875e31e2d5b547db51ae5939cf39c1d03a1afa94a62d9f38f079ca01e0f58085
9ba2b276a9450c310c12ea62dc78e084fb6a0f8b9281c4031ff5d2ca3dd819cd
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
de7ee30ad5ad6c16a1206cedd426013cda27e1502206d010322c321d16d3d8b0
e92f91d3d2828c9e1dab3b2d14288366b27230ec447ef225dfb161e161720a30
ef0c0db535704cac0ba338bee6856824070a598e0b614e02e004b6787ddd677a
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f39812d74c3583da5e5a62211c011e04bf4102f1ba1b0edf11bb705cc1a09c59
f62c14a3efaa1dbfee651e1e70410bcf91c69d5e7c5fbbd96ef0136084ee855d
fb2fdcf4e551cfb34f14a3ab3fe644827d32e81a280f2c848850ef8e34b067be