urlscan.io logo urlscan.io
SecurityTrails logo

s1.bessionews.com Open in urlscan Pro
2606:4700:3035::ac43:b8bc  Public Scan

Go To Rescan Add Verdict Report
URL: https://s1.bessionews.com/
Submission: On August 17 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3035::ac43:b8bc, located in United States and belongs to CLOUDFLARENET, US. The main domain is s1.bessionews.com.
TLS certificate: Issued by WE1 on July 11th 2024. Valid for: 3 months.
This is the only time s1.bessionews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:303... 13335 (CLOUDFLAR...)
2 2404:2280:1cc... 24429 (TAOBAO Zh...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::44 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 20.114.190.119 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
36 12
16    2606:4700:3035::ac43:b8bc (United States)

ASN13335 (CLOUDFLARENET, US)
s1.bessionews.com
2    2404:2280:1cc:0:715::3fc (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
at.alicdn.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
16 bessionews.com
s1.bessionews.com
446 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
x.clarity.ms — Cisco Umbrella Rank: 8333
c.clarity.ms — Cisco Umbrella Rank: 1838
29 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
128 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
180 KB
2 alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 12488
20 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
771 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 129
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
6 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
103 KB
36 11
Domain Requested by
16 s1.bessionews.com s1.bessionews.com
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
3 x.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 fonts.gstatic.com s1.bessionews.com
2 www.clarity.ms s1.bessionews.com
www.clarity.ms
2 securepubads.g.doubleclick.net s1.bessionews.com
securepubads.g.doubleclick.net
2 at.alicdn.com s1.bessionews.com
at.alicdn.com
1 c.bing.com 1 redirects
1 lh3.googleusercontent.com s1.bessionews.com
1 fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com s1.bessionews.com
36 13

This site contains no links.

Subject Issuer Validity Valid
bessionews.com
WE1		 2024-07-11 -
2024-10-09		 3 months crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2024-06-19 -
2025-07-21		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://s1.bessionews.com/
Frame ID: 22F771CD636DDC285A34191E9D232183
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

bessionews

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

97 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

12
IPs

4
Countries

1086 kB
Transfer

2486 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F5AAE4888BA24BA781558BBEEF252D24&RedC=c.clarity.ms&MXFR=39F0432DE1196C15264E57F3E51962E0 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5AAE4888BA24BA781558BBEEF252D24&MUID=31F65BE666C6696A01004F3867D368FC

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
s1.bessionews.com/ 		49 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b199a18666e8203c2edf46cc74fd1e46d675bf286a241d2fec2fad6b265c82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b469912ffe063cc-LHR
content-encoding
br
content-md5
qMEEt0124TpOA1Pj0b/tCA==
content-type
text/html
date
Sat, 17 Aug 2024 03:32:37 GMT
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcTikv0yvoHQFR1spS0oQLEvVxdiztMamZzZ5fixWnlt2POM8D9LHloL%2FTbKq%2FuioF0ENlklVmhaXp2RfQBhMzN7WEhBD%2FYehG0uhOeufbjoE2PxW5%2FgC%2BQmzkannhWAgudY1887OrivioOXCukbJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-oss-hash-crc64ecma
15963827590480791199
x-oss-object-type
Normal
x-oss-request-id
66C019D53BC7A83436CA65D4
x-oss-server-time
68
x-oss-storage-class
Standard
index.css
s1.bessionews.com/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.bessionews.com/css/index.css
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10895d170045955df8d52b4e8722722f696496250779a539663111af52499a96

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:37 GMT
content-encoding
gzip
x-oss-request-id
66BF101776EC4B3031972654
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
dT3TOH5TGtt2E1WSo7jOuw==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHqKkIPsdKvvu0kLfV%2BakegKkQB509NL1yDQF06UPuiDLigWyNQn%2BWK6VEGOd1jzpu84cElen9jNCTnakxQQXTOIqqavY8bZDlZ6ARX8gdU%2BuOIQPRDWs0STR0QNrUv3qCVmYRQ8QM7bH9Q3Cb79xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
x-oss-storage-class
Standard
cf-ray
8b469916191263cc-LHR
x-oss-hash-crc64ecma
16731613017112338528
x-oss-server-time
4
reset.css
s1.bessionews.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.bessionews.com/css/reset.css
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c22dda06aa66a30cc7c1d24636c8c96f788a020e3af7701a83ce72ddc17b6c7

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:37 GMT
content-encoding
gzip
x-oss-request-id
66BF1017CB42C43935F71E5C
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
sxOm6oDRBpP5fwl1gTcggA==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dkI7zfsWENq1N%2B0ntEjghPfpvM2lme91nISc8Y2bW9i6sYj9QBixZlkHQN3C1%2Fuun3m1%2BOP8IOeq8kYmGx2i5Ccr45avRMR9tgYg7CanPBmSeMIY%2FPnuyo6iMyImAvRX3AH%2By4iQtVnfu2NWNY2jzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
x-oss-storage-class
Standard
cf-ray
8b469916191363cc-LHR
x-oss-hash-crc64ecma
2867695929225354760
x-oss-server-time
3
font_4006584_8q20jssbzjb.css
at.alicdn.com/t/c/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/c/font_4006584_8q20jssbzjb.css
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:715::3fc , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5d0917f302614b8d9208341887d190e8ee5e1fddf3cdafaad96c04837841800c

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 30 May 2024 17:11:37 GMT
via
cache5.l2de2[0,0,200-0,H], cache21.l2de2[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache15.de5[1,0]
content-encoding
gzip
x-oss-request-id
6658B349FC091B343736AD66
content-md5
Kh51vncstkJOBqDaQSSaVQ==
age
6776461
x-swift-cachetime
57250887
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime
Tue, 06 Aug 2024 02:10:10 GMT
x-oss-object-type
Normal
last-modified
Fri, 01 Dec 2023 08:51:34 GMT
server
Tengine
etag
W/"2A1E75BE772CB6424E06A0DA41249A55"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Origin
ali-swift-global-savetime
1717089097
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
2741328822808585993
eagleid
a3b55ca317238655581148488e
x-oss-server-time
41
index.js
s1.bessionews.com/js/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.bessionews.com/js/index.js
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3099ad6bec3c841e81acd5e4e5d5ecdf61212aa51784a507fe168983f3ed4007

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:37 GMT
content-encoding
gzip
x-oss-request-id
66BF10179191FB3431085623
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
G44hRT5Yi1PvCgIWmSQcQw==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kV2RJJAykMY01KeOhzqTnusV4Lq8AroZU7XiDGpW5NpovURI2e3K1ODoA0BhFdPsCRwFq2EEZweLOJLucjxJ2Smi%2F7%2BsZmy%2FiNrhT5LnZKtWCl1Dg5n2VlJ65iJcBfb1Ivv5XWeUDvkQ1fpPFm0OHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-oss-storage-class
Standard
cf-ray
8b469916191563cc-LHR
x-oss-hash-crc64ecma
7724569175170153017
x-oss-server-time
22
jquery-3.4.1.min.js
s1.bessionews.com/js/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.bessionews.com/js/jquery-3.4.1.min.js
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:37 GMT
content-encoding
gzip
x-oss-request-id
66BF10171F52473839DC915A
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
Igr9dD2elkOFLjGhNanzrg==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:25 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zTIOmPkSivYF6qKzUCH0bp%2FB1DE18MwckIvNbKLu92jLlx8w2w5t8WXEZlod3UElnoKckj0xJJUkV8Ftt9M9N19MEl6kqHNNK88N%2BRIPbI22NOgddmHRmUi8ZDARms0e3jys5j6011CtLxwBtxtYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-oss-storage-class
Standard
cf-ray
8b469916191663cc-LHR
x-oss-hash-crc64ecma
7140207208985271372
x-oss-server-time
1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d52e1ff3743b7a7370430a2b198aa19da13380795186c29ac0ec4ddcefbdb9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32488
x-xss-protection
0
server
cafe
etag
917 / 19952 / m202408120101 / config-hash: 16231218297231399992
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 17 Aug 2024 03:32:38 GMT
js
www.googletagmanager.com/gtag/ 		310 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JKXQ5Q6GJZ
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6c6295f76e848ca9ccc6dbbbbd061597a3aefa5e12d13b1ad58d34e2f7e782e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105187
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Aug 2024 03:32:38 GMT
Finance-icon-1.png
s1.bessionews.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.bessionews.com/images/Finance-icon-1.png
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24aa5ad1ac889742f8f7c81822d4f2d468236e0752dc652089a26d36ff5b91b2

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
x-oss-request-id
66BEC058B6DE1D30321F7D08
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
DPE1SCGVLlo/U2IaiD4PLw==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
4262
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
etag
"0CF1354821952E5A3F53621A883E0F2F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dTyOX0ADw4vhFmfnR%2FgTiByoukQusWSGRnypPJwhKYseEpovIniag%2BHt38rKcXxVmNW%2FVuZF9Far3QnxoWwvYq4TNTcpf4kK9gy8hmOLxhB%2BRDe0WFdrzUfA2N3PQAieqv9vE4iMloLLIO9nSAipGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8b469916191763cc-LHR
x-oss-hash-crc64ecma
381133129298607326
x-oss-server-time
66
search.json
s1.bessionews.com/ 		17 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s1.bessionews.com/search.json
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/js/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd404b3b7274e7ce5229b67573630daddf841d2ac5b0a243f2d1f542a0fa1f4

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
content-encoding
gzip
x-oss-request-id
66C019D6CB42C431307285F8
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
NA1NRMCJFscL+c81PwE2ig==
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spNrpR%2Bg6%2Bd2kcCOlsyhniGOo0T9mh94Fm5RvUa7ZmRYdkDfVKGZ2xb%2BiOrNjgF15C3jRNZhOyZZ1klk%2FszeYVGYWeJU3hlEwa10JDu8L6sprNcu5SekXZe0zwCCvoQgkf3GG7JywodSrY9YD3g8iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-oss-storage-class
Standard
cf-ray
8b46991a8aa363cc-LHR
x-oss-hash-crc64ecma
10398314845645000139
x-oss-server-time
2
nigegxjn4m
www.clarity.ms/tag/ 		637 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/nigegxjn4m
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0051a17d25dfdb2af430a70684173b3862acc534ab883b7a50ac54edf89abef7

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
date
Sat, 17 Aug 2024 03:32:38 GMT
x-azure-ref
20240817T033238Z-17cc7bff758x58tm4mgtrb7fac00000001hg000000001k62
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
expires
-1
Gloock-Regular.ttf
s1.bessionews.com/css/ 		93 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s1.bessionews.com/css/Gloock-Regular.ttf
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/css/index.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39e2af503dfb3d1e093f0178863e2b163c59cdc4f4c5d152d50f51da19baf8fa

Request headers

Referer
https://s1.bessionews.com/css/index.css
Origin
https://s1.bessionews.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
content-encoding
br
x-oss-request-id
66BF101C76EC4B3838DF4154
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
hgBGPMsQLfjmDbrNA4T5TA==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
etag
W/"8600463CCB102DF8E60DBACD0384F94C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBJ0343ECcvJ%2BT8QXtLENP0DofOSP4bjTGEE78Fc%2BbQhXdk9c2n2wB10PvwZWlxc%2FoJypzkaCwRrDaRcLubBTkt8QxxGm3SWdIYOedXxmZ9PJ6EywgF%2BdZJF0%2Bos02PGlQ8XEuDGvUVqgCCgQ4%2FGrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
cache-control
max-age=14400
x-oss-storage-class
Standard
cf-ray
8b46991afacc63cc-LHR
x-oss-hash-crc64ecma
9147166297953957201
x-oss-server-time
73
font_4006584_8q20jssbzjb.woff2
at.alicdn.com/t/c/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/c/font_4006584_8q20jssbzjb.woff2?t=1701420694418
Requested by
Host: at.alicdn.com
URL: https://at.alicdn.com/t/c/font_4006584_8q20jssbzjb.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:715::3fc , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4dcd872c013a0b131edecec87360114bb59d2f09b7cd4124544383e2008b9695

Request headers

Referer
https://at.alicdn.com/t/c/font_4006584_8q20jssbzjb.css
Origin
https://s1.bessionews.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 08:25:16 GMT
via
cache19.l2de2[0,0,200-0,H], cache14.l2de2[1,0], ens-cache1.de5[2,1,200-0,M], ens-cache10.de5[9,0]
x-oss-request-id
66BF0CEC9A18D63331BEF54A
content-md5
m7L+M90mc9gAElJVlWTdFQ==
age
68842
x-swift-cachetime
31035158
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-savetime
Sat, 17 Aug 2024 03:32:38 GMT
content-length
18364
x-oss-object-type
Normal
last-modified
Fri, 01 Dec 2023 08:51:34 GMT
server
Tengine
etag
"9BB2FE33DD2673D8001252559564DD15"
vary
Origin
ali-swift-global-savetime
1723796716
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
3076621503899775922
eagleid
a3b55c9e17238655583918483e
x-oss-server-time
14
1699323733607.jpg
s1.bessionews.com/images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.bessionews.com/images/1699323733607.jpg
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00601e2c87e74bab0d49d9f8fe08d02a193c3b2d71e571e09e46735bb27e885b

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
x-oss-request-id
66BF3C0E76EC4B373572966B
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
K1Bbw7tKhWea+gMzdBWh6w==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
36027
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
etag
"2B505BC3BB4A85679AFA03337415A1EB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFSPJWTA3lDhsTXx%2FrvQIxGS3%2Fmq8XGTVN35hewcqB0gNu4zRIdgXE2%2FEWXmGef3IBIQpzXwJSPCrslvcsmxCMtaEbWLdFvLvj0VKchCGWvKg4OYyIIg9jcELcjxttsWyesStrFGAySNaOI1%2BBo6Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8b46991afacd63cc-LHR
x-oss-hash-crc64ecma
3272705608498816617
x-oss-server-time
54
1663224933458.jpg
s1.bessionews.com/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.bessionews.com/images/1663224933458.jpg
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf520bb3ee2764002509b73b2415af4e710e64d43b05eef4267abeb40c4a94d

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
x-oss-request-id
66BF65EEC3F24530368C83C5
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
lX50i3AKmZ/4gRZ3aQbVEw==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
73544
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
etag
"957E748B700A999FF88116776906D513"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEH78LtS8%2BkvRztJnD3hIsEvyXfmCzh5MAR7%2BmTk4M9tgL68GbgFAejzontZwZ3FdBj5p6jI02GLJIX3QymDGptCL8LSRbTWnOzxFCJZ8L435bjc7Te11I39dB%2F0HK65Ixa4e0vCko3a8JE%2FFL4%2BJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8b46991afad063cc-LHR
x-oss-hash-crc64ecma
5372284951588723168
x-oss-server-time
72
1661239949701.jpg
s1.bessionews.com/images/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.bessionews.com/images/1661239949701.jpg
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fb138c194d4b5dea8b27fe07b23bb3885152d5a7e53c3ac852eba85d35fbae2

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
x-oss-request-id
66BF1D4F9191FB31394F3771
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
vUKMxO2ACzDLDkquw0o5Bw==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
38297
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
etag
"BD428CC4ED800B30CB0E4AAEC34A3907"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOIIjjQTiYg3lPZj4tggHIV%2ByZh91fPD6gzArDrrpNoyv6MTQsEKA%2FgBeQnnZlIicxSmIyJ%2FHEBhI1GW7Ti7DzzI3lCD1bu0vG9qlWYIl1KpqNO3yWQnAi3mqeXXeV9BbUe%2BVlcSuWDX1NVE70wZ6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8b46991afad163cc-LHR
x-oss-hash-crc64ecma
9914227461091494464
x-oss-server-time
50
1716445666002.jpg
s1.bessionews.com/images/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.bessionews.com/images/1716445666002.jpg
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f466caeabaf79350644a72e52ff44162bc2e52b00afa80204ee9ad153337a864

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
x-oss-request-id
66BF3443E2741F3436E6C7E5
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
JakZRXajeRnhr4xe+UaMpQ==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
55424
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
etag
"25A9194576A37919E1AF8C5EF9468CA5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gE0zLgA1xL78ffzqUX6yYG20iZhXE5pr2gBX7qOE9%2FCAFoGn1qQ9o5XWnFV9Sf265UH%2BnaQnejj2eaMFnKzvP33OkRo%2BDxrdHxfdHQkig%2FgUrqwoWZuUwweWFfCdcNULjYOKqRuRwjTUEd2utwqnbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8b46991afad363cc-LHR
x-oss-hash-crc64ecma
948975940265064832
x-oss-server-time
43
1653988511713.jpeg
s1.bessionews.com/images/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.bessionews.com/images/1653988511713.jpeg
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ab86f2760e792f0431bdc1fba14c58fe907b7337aec5da6d3ea2e24a9bf292

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
x-oss-request-id
66BF411AD5610436364CA34A
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
Ah+T600hhAnnveQlk8uQ7g==
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
content-length
49319
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
etag
"021F93EB4D218409E7BDE42593CB90EE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6A34exryGYWzMw7qnuHSNu7EEMomITsW%2F2D4aNAV8F9xpy3KCrlEVa9ClCBwOepwmZoAxr5%2FhGnURq0aPhV50RgCf46gO%2Bfr7t4Wx23trL%2BnE6aQeE1JEncVtrDKAZgmhqIeOrzn1R713kNAvaCU8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8b46991afad463cc-LHR
x-oss-hash-crc64ecma
4065277965856705788
x-oss-server-time
52
1670573859588.jpg
s1.bessionews.com/images/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.bessionews.com/images/1670573859588.jpg
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9f925302463d1726d0fe832de9b98192491a32f1f97dc8e24a0b640fbfbf8d4

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
x-oss-request-id
66BF166F3BC7A8323140F05A
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
I7F7g8OGjk5AL8kVxkmulw==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
45223
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
etag
"23B17B83C3868E4E402FC915C649AE97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9K48kacU5osXa40FgC74oTx8a3ZBnXec0PTNwC%2FpdqqTK7DltWRkBd48L7f1MARJTIVG%2BzchGXP6PJ1VxWyWuaxhd9%2BbBNx9JBpOklN3wWfPE1HHAkg31Di6xRq6SRsD%2BHL3e9C5tNhZ%2FdTVCpWnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8b46991afad563cc-LHR
x-oss-hash-crc64ecma
8202698233311238248
x-oss-server-time
109
1659941503475.jpg
s1.bessionews.com/images/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.bessionews.com/images/1659941503475.jpg
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d871108acde45f36ce6fe754fd3bb98a3a01ac49fead69f4221d961dea7cb98

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
x-oss-request-id
66BF10538BAF673634AB001A
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
Pp3xWmCEcWY9FcBdniN99A==
cf-cache-status
REVALIDATED
alt-svc
h3=":443"; ma=86400
content-length
38859
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
etag
"3E9DF15A608471663D15C05D9E237DF4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIg8nvlg7VVntNwv%2B8u93CIfSnrT0dLbyMbsdG5Ymoud0f9UuZcv5sUAPdPCv9Vnrn2rKLYRk%2FdYhtcjn6SxaPL9sW5%2BMoLtOZQpi%2BMff08a235WoV3OdPL%2BrXH2ObREGReNvvMyNfAGxeF6hROvqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8b46991afad663cc-LHR
x-oss-hash-crc64ecma
8964403318023052069
x-oss-server-time
75
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/ 		477 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a3dad21122c92d2255a4de3f4c4d60d065a40dedfa32db1ced34a546090a8ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 11:56:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
56149
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152032
x-xss-protection
0
server
cafe
etag
8138746910856260998
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 16 Aug 2025 11:56:49 GMT
22872161438
fundingchoicesmessages.google.com/i/ 		203 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22872161438?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b983946834457aaeae5064d27b78049d25811d06f34f2c8764e6e3cd81281d7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b6VHXNACJA9FGb1Kw1huKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-b6VHXNACJA9FGb1Kw1huKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw1JBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYH4_rpLrM-BeO_HS6xHgViIh-Pa5oZtbAIdiz9uZlbSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbAwNNUzMIgvMAAA_C4-Sw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JKXQ5Q6GJZ&gtm=45je48e0v9192504573za200&_p=1723865558169&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=2070825220.1723865559&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723865558&sct=1&seg=0&dl=https%3A%2F%2Fs1.bessionews.com%2F&dt=bessionews&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1934
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JKXQ5Q6GJZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 03:32:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://s1.bessionews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.43/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.43/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/nigegxjn4m
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2024 20:00:47 GMT
etag
W/"0x8DCBBD29FD28C29"
vary
Accept-Encoding
x-azure-ref
20240817T033238Z-17cc7bff758x58tm4mgtrb7fac00000001hg000000001k66
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a301698e-801e-0048-3581-ef33ec000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
x.clarity.ms/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://s1.bessionews.com
Date
Sat, 17 Aug 2024 03:32:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
AGSKWxU7C5rbEFpEGBrUaAJAY_-DnF1AkqDPe0hMJYlcUkKNRG81XV_WZMYipCnzDTVhg7HhW73I6XYPAaecI-7hXk7TjLlQ3R1Q-MSYJyl0hJmCBfhbUF0sfDko82WrWq_xTN60Cs2N4A==
fundingchoicesmessages.google.com/f/ 		399 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU7C5rbEFpEGBrUaAJAY_-DnF1AkqDPe0hMJYlcUkKNRG81XV_WZMYipCnzDTVhg7HhW73I6XYPAaecI-7hXk7TjLlQ3R1Q-MSYJyl0hJmCBfhbUF0sfDko82WrWq_xTN60Cs2N4A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzODY1NTU5LDE1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zMS5iZXNzaW9uZXdzLmNvbS8iLG51bGwsW1s4LCI1QUVQbVRodWxJNCJdLFs5LCJlbi1HQiJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQyNjgsMzEwODYxMzJdLG51bGwsMTddIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwE3rLhFXH6Xc0aT1qH6u0UW9KPbA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c19a0ed4f0c7fc855033484ec98b48618d83f833aa7b94f61de89059f1a9bd32
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XlFKDTuCVcQ9Klu-yRb89A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:39 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-XlFKDTuCVcQ9Klu-yRb89A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStDikmII1pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYH4_rpLrM-BeO_HS6xHgViIm-P65oZtbAIfZt_NU9JIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxsDA01TMwiC8wAADYTT5h"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
x.clarity.ms/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://s1.bessionews.com
Date
Sat, 17 Aug 2024 03:32:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.5AEPmThulI4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx3xV4H3NK2LoaZTaqUSZxP7qkuRA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21274801bf1d0bf4ac0aa5babe4fa83a733d332a55b2665b168d073486170ae8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Aug 2024 03:32:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Aug 2024 03:32:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Aug 2024 03:32:39 GMT
3oBcLOeb-M9LYIB5WsdpaNydOg5CKZvkHUEiYK7Co3KdWEa4065cOaUalUFDTmVvs2BNmwwSN6Jc3mCXBulXLm1g_NvZ1h4RXSLql959ncnG9QH66gJi9A=h60
lh3.googleusercontent.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/3oBcLOeb-M9LYIB5WsdpaNydOg5CKZvkHUEiYK7Co3KdWEa4065cOaUalUFDTmVvs2BNmwwSN6Jc3mCXBulXLm1g_NvZ1h4RXSLql959ncnG9QH66gJi9A=h60
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a3f87815f555bddb1576b0a5cf67d3eb3b445f1fd4b65bf92837ebe95344e1e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 01:16:19 GMT
x-content-type-options
nosniff
age
8181
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1167
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 18 Aug 2024 01:16:19 GMT
AGSKWxUVZowCK6y91ZP45QU-Gck1BxZyBKh2cbL59K8RFmLdt8IMwAnNyAj33d5SiNEYqmEZYVRFYmXyE8S_HDXRD344Wa_kuCkjKuIQuY23zWqAMpAhADB8d9nweptePv7wyxxlQ0oIrg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUVZowCK6y91ZP45QU-Gck1BxZyBKh2cbL59K8RFmLdt8IMwAnNyAj33d5SiNEYqmEZYVRFYmXyE8S_HDXRD344Wa_kuCkjKuIQuY23zWqAMpAhADB8d9nweptePv7wyxxlQ0oIrg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwE3rLhFXH6Xc0aT1qH6u0UW9KPbA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EAi_Md0odm4Fkr58WurJNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Aug 2024 03:32:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-EAi_Md0odm4Fkr58WurJNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiub27YxiawYNGUD0xKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwtBUz8A8vsAAAFPILgc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://s1.bessionews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUVZowCK6y91ZP45QU-Gck1BxZyBKh2cbL59K8RFmLdt8IMwAnNyAj33d5SiNEYqmEZYVRFYmXyE8S_HDXRD344Wa_kuCkjKuIQuY23zWqAMpAhADB8d9nweptePv7wyxxlQ0oIrg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUVZowCK6y91ZP45QU-Gck1BxZyBKh2cbL59K8RFmLdt8IMwAnNyAj33d5SiNEYqmEZYVRFYmXyE8S_HDXRD344Wa_kuCkjKuIQuY23zWqAMpAhADB8d9nweptePv7wyxxlQ0oIrg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.5AEPmThulI4.es5.O/am=rGA/d=1/rs=AJlcJMwE3rLhFXH6Xc0aT1qH6u0UW9KPbA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PvhIKluMB8US38V2UrIeag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 17 Aug 2024 03:32:39 GMT
content-security-policy
script-src 'report-sample' 'nonce-PvhIKluMB8US38V2UrIeag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiub27YxibwYP7ZBmYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgYWiqZ2AeX2AAAFiSLhI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://s1.bessionews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
Origin
https://s1.bessionews.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:03:23 GMT
x-content-type-options
nosniff
age
307756
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:03:23 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: s1.bessionews.com
URL: https://s1.bessionews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s1.bessionews.com/
Origin
https://s1.bessionews.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:07:28 GMT
x-content-type-options
nosniff
age
307511
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:07:28 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=F5AAE4888BA24BA781558BBEEF252D24&RedC=c.clarity.ms&MXFR=39F0432DE1196C15264E57F3E51962E0
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5AAE4888BA24BA781558BBEEF252D24&MUID=31F65BE666C6696A01004F3867D368FC
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5AAE4888BA24BA781558BBEEF252D24&MUID=31F65BE666C6696A01004F3867D368FC
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Aug 2024 03:32:40 GMT
last-modified
Wed, 14 Aug 2024 17:35:32 GMT
server
Microsoft-IIS/10.0
etag
"bb391b5d70eeda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 17 Aug 2024 03:32:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 72514080242E47C0A867CB4E1D950F39 Ref B: LTSEDGE2113 Ref C: 2024-08-17T03:32:41Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=F5AAE4888BA24BA781558BBEEF252D24&MUID=31F65BE666C6696A01004F3867D368FC
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
Finance-icon-1.png
s1.bessionews.com/images/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://s1.bessionews.com/images/Finance-icon-1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b8bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24aa5ad1ac889742f8f7c81822d4f2d468236e0752dc652089a26d36ff5b91b2

Request headers

Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 17 Aug 2024 03:32:38 GMT
x-oss-request-id
66BEC058B6DE1D30321F7D08
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
DPE1SCGVLlo/U2IaiD4PLw==
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
4262
x-oss-object-type
Normal
last-modified
Mon, 05 Aug 2024 08:51:24 GMT
server
cloudflare
etag
"0CF1354821952E5A3F53621A883E0F2F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dTyOX0ADw4vhFmfnR%2FgTiByoukQusWSGRnypPJwhKYseEpovIniag%2BHt38rKcXxVmNW%2FVuZF9Far3QnxoWwvYq4TNTcpf4kK9gy8hmOLxhB%2BRDe0WFdrzUfA2N3PQAieqv9vE4iMloLLIO9nSAipGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
x-oss-storage-class
Standard
accept-ranges
bytes
cf-ray
8b469916191763cc-LHR
x-oss-hash-crc64ecma
381133129298607326
x-oss-server-time
66
collect
x.clarity.ms/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.43/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://s1.bessionews.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://s1.bessionews.com
Date
Sat, 17 Aug 2024 03:32:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| init function| render_search_result_item function| useMobileMenu function| back_to_top function| page_turning function| useSearch function| useSearch_1 function| game_full_screen function| change_body_overflow function| image_loading_failed function| lazyLoad function| use_lazyLoad function| save_search_data function| play_game function| show_favorited_bullet_box function| get_prefix function| get_url_id function| get_item function| set_item function| page_cursors function| call_fun function| snow function| isMobileDevice function| set_nav_active function| switch_header function| $ function| jQuery function| clarity function| gtag object| dataLayer object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MzkyN2MwNDliNDZhYTRkOWxvYWRlcl9qcw== string| MzkyN2MwNDliNDZhYTRkOWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

12 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 101798874efb469088aa6d5b276d2199.20240817.20250817
.bessionews.com/ Name: _ga_JKXQ5Q6GJZ
Value: GS1.1.1723865558.1.0.1723865558.0.0.0
.bessionews.com/ Name: _ga
Value: GA1.1.2070825220.1723865559
.bessionews.com/ Name: _clck
Value: ql60f9%7C2%7Cfoe%7C0%7C1690
.bessionews.com/ Name: _clsk
Value: 1kw1nyw%7C1723865560015%7C1%7C1%7Cx.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 31F65BE666C6696A01004F3867D368FC
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 31F65BE666C6696A01004F3867D368FC
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 31F65BE666C6696A01004F3867D368FC
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
c.bing.com
c.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
region1.google-analytics.com
s1.bessionews.com
securepubads.g.doubleclick.net
www.clarity.ms
www.googletagmanager.com
x.clarity.ms
13.74.129.1
20.114.190.119
2001:4860:4802:34::36
2404:2280:1cc:0:715::3fc
2606:4700:3035::ac43:b8bc
2620:1ec:bdf::44
2620:1ec:c11::237
2a00:1450:4001:803::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:828::2001
2a00:1450:4001:830::2008
0051a17d25dfdb2af430a70684173b3862acc534ab883b7a50ac54edf89abef7
00601e2c87e74bab0d49d9f8fe08d02a193c3b2d71e571e09e46735bb27e885b
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10895d170045955df8d52b4e8722722f696496250779a539663111af52499a96
1a2546c249d862b309b908069c73f6099c81362b9a5e5b4ba5f3c750471b0a76
1cf520bb3ee2764002509b73b2415af4e710e64d43b05eef4267abeb40c4a94d
21274801bf1d0bf4ac0aa5babe4fa83a733d332a55b2665b168d073486170ae8
24aa5ad1ac889742f8f7c81822d4f2d468236e0752dc652089a26d36ff5b91b2
2a3dad21122c92d2255a4de3f4c4d60d065a40dedfa32db1ced34a546090a8ad
3099ad6bec3c841e81acd5e4e5d5ecdf61212aa51784a507fe168983f3ed4007
39e2af503dfb3d1e093f0178863e2b163c59cdc4f4c5d152d50f51da19baf8fa
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d871108acde45f36ce6fe754fd3bb98a3a01ac49fead69f4221d961dea7cb98
4dcd872c013a0b131edecec87360114bb59d2f09b7cd4124544383e2008b9695
5d0917f302614b8d9208341887d190e8ee5e1fddf3cdafaad96c04837841800c
6b983946834457aaeae5064d27b78049d25811d06f34f2c8764e6e3cd81281d7
6c6295f76e848ca9ccc6dbbbbd061597a3aefa5e12d13b1ad58d34e2f7e782e9
6d52e1ff3743b7a7370430a2b198aa19da13380795186c29ac0ec4ddcefbdb9d
7fb138c194d4b5dea8b27fe07b23bb3885152d5a7e53c3ac852eba85d35fbae2
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
99ab86f2760e792f0431bdc1fba14c58fe907b7337aec5da6d3ea2e24a9bf292
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bd404b3b7274e7ce5229b67573630daddf841d2ac5b0a243f2d1f542a0fa1f4
9c22dda06aa66a30cc7c1d24636c8c96f788a020e3af7701a83ce72ddc17b6c7
a3f87815f555bddb1576b0a5cf67d3eb3b445f1fd4b65bf92837ebe95344e1e2
a9f925302463d1726d0fe832de9b98192491a32f1f97dc8e24a0b640fbfbf8d4
c19a0ed4f0c7fc855033484ec98b48618d83f833aa7b94f61de89059f1a9bd32
d0b199a18666e8203c2edf46cc74fd1e46d675bf286a241d2fec2fad6b265c82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f466caeabaf79350644a72e52ff44162bc2e52b00afa80204ee9ad153337a864