www.bellingcat.com Open in urlscan Pro
13.32.240.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-ina...
Submission: On December 22 via manual (December 22nd 2020, 6:08:37 pm UTC) from US

Summary HTTP 37 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 37 HTTP transactions. The main IP is 13.32.240.34, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.bellingcat.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 8th 2020. Valid for: 2 years.

This is the only time www.bellingcat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	13.32.240.34 13.32.240.34	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
37	4

33 13.32.240.34 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-240-34.ams50.r.cloudfront.net

www.bellingcat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	bellingcat.com 1 redirects www.bellingcat.com	2 MB
2	youtube.com www.youtube.com
2	google-analytics.com www.google-analytics.com	19 KB
1	doubleclick.net stats.g.doubleclick.net	89 B
37	4

	Domain	Requested by
33	www.bellingcat.com	1 redirects www.bellingcat.com
2	www.youtube.com	www.bellingcat.com
2	www.google-analytics.com	www.bellingcat.com www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
37	4

This site contains links to these domains. Also see Links.

Domain
ru.bellingcat.com
twitter.com
www.newsler.ru
www.rferl.org
www.interfax.ru
web.b.ebscohost.com
www.elibrary.ru
55.xn--b1aew.xn--p1ai
www.facebook.com
www.linkedin.com
gijn.org
impress.press

Subject Issuer	Validity	Valid
bellingcat.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-08` - `2022-07-08`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
Frame ID: 958990A4B8F64BDF6FA0D7767B4DCF96
Requests: 35 HTTP requests in this frame

Frame: https://www.youtube.com/embed/gwvA49ZXnf8?feature=oembed
Frame ID: 89CEB378B6662E86F001ED67147AD7AE
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/nRku_Kn5aUU?feature=oembed
Frame ID: B393B106CF6F5260D2AC21165A6DAD07
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-me... HTTP 301
https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-me... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

37
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

2142 kB
Transfer

2494 kB
Size

5
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://ru.bellingcat.com/
Title: русский

Search URL Search Domain Scan URL

URL: https://twitter.com/i/status/1339519201392939008
Title: did not deny Bellingcat’s findings

Search URL Search Domain Scan URL

URL: https://www.newsler.ru/incidents/2017/01/18/kak-davili-kirovles
Title: court hearings

Search URL Search Domain Scan URL

URL: https://www.rferl.org/a/navalny-demands-russian-police-return-clothing-worn-on-day-of-poisoning/30850320.html
Title: till not received them

Search URL Search Domain Scan URL

URL: https://www.interfax.ru/russia/604936
Title: developed by the Biysk Institite

Search URL Search Domain Scan URL

URL: https://web.b.ebscohost.com/abstract?direct=true&profile=ehost&scope=site&authtype=crawler&jrnl=1817969X&AN=136653631&h=bFDrv5b40FDuDOlaFC5b770gH2cOexyNEe2wsFuk8ZP5gmxC6s4mgMyqLgwb%2fRfweuB9ZJgWGRghd%2fR6kY%2b03w%3d%3d&crl=c&resultNs=AdminWebAuth&resultLocal=ErrCrlNotAuth&crlhashurl=login.aspx%3fdirect%3dtrue%26profile%3dehost%26scope%3dsite%26authtype%3dcrawler%26jrnl%3d1817969X%26AN%3d136653631
Title: as an expert

Search URL Search Domain Scan URL

URL: https://www.elibrary.ru/item.asp?id=44024933
Title: are attributed

Search URL Search Domain Scan URL

URL: https://55.xn--b1aew.xn--p1ai/gumvd/rukovodstvo1/rukovodstvo_umvd
Title: head of the Omsk Oblast Regional Ministry of Interior, Vyacheslav Kryuchkov

Search URL Search Domain Scan URL

URL: https://twitter.com/Kira_Yarmysh/status/1296714160806539271
Title: Source

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.bellingcat.com%2Fnews%2Fuk-and-europe%2F2020%2F12%2F21%2Fif-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny%2F&text=%E2%80%9CIf%20it%20Hadn%E2%80%99t%20Been%20for%20the%20Prompt%20Work%20of%20the%20Medics%E2%80%9D:%20FSB%20Officer%20Inadvertently%20Confesses%20Murder%20Plot%20to%20Navalny
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.bellingcat.com%2Fnews%2Fuk-and-europe%2F2020%2F12%2F21%2Fif-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny%2F
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.bellingcat.com%2Fnews%2Fuk-and-europe%2F2020%2F12%2F21%2Fif-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny%2F
Title:

Search URL Search Domain Scan URL

URL: https://gijn.org/
Title:

Search URL Search Domain Scan URL

URL: https://impress.press/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny HTTP 301
https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
Redirect Chain

https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny
https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/

160 KB
45 KB

43ms
43ms

Document
text/html

13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache / PHP/7.2.34

Resource Hash

c31cdcd6f18d7b3d0e0e5777c456b6a83b875306641aa2cdf035ce2ca312d305

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.bellingcat.com
:scheme: https
:path: /news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 22 Dec 2020 18:05:40 GMT
server: Apache
strict-transport-security: max-age=86400; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.2.34
last-modified: Tue, 22 Dec 2020 18:05:40 GMT
expires: Tue, 22 Dec 2020 18:35:40 GMT
etag: "65c2258663df705bfb81c4328ee15940"
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: xCGYhTrgcsBU8egsO-Wb8y59Alm_chLhteb-M64eXfHYR7rVRQBvGw==
age: 160

Redirect headers

content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
date: Tue, 22 Dec 2020 18:01:07 GMT
server: Apache
strict-transport-security: max-age=86400; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.2.34
x-redirect-by: WordPress
cache-control: max-age=1800
expires: Tue, 22 Dec 2020 18:31:07 GMT
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: Sp6DIdFpcg_pIwxfJiCTrfDY9DfQVASqUAsBjx8LiP8mhwP15RvxEg==
age: 433

GET
H2 200 style.min.css
www.bellingcat.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 49ms
47ms Stylesheet
text/css 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 07:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36534
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 7907
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:56 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "d293-5b5542a5a6200-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: NBky8bwJo6Gvzk2UaX-XpW1bsoTbpp0xfXiheZ5sgOTcZci21D94zg==
expires: Wed, 23 Dec 2020 07:59:26 GMT

GET
H2 200 nouislider.css
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 5 KB
2 KB 50ms
48ms Stylesheet
text/css 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/nouislider.css?ver=9.1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

8de5c221496f370ed55d86f084292e3b694ff38b733b59760f96c1b386fa5855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 10:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28786
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1407
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:51 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "132b-5b5542a0e16c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: jULfk07POyNKZ8u7bVQCuBvcDlOMZWux6DQTh-i-M0W57YOFR0nRAg==
expires: Wed, 23 Dec 2020 10:08:34 GMT

GET
H2 200 ImageComparisonSlider.css
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 2 KB
1 KB 50ms
47ms Stylesheet
text/css 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/ImageComparisonSlider.css?ver=2.1.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

b1770d5a34dd0d47cf631e0088da9e7ec8c2dc28072cab5893e601fea8e06646

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 02:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58022
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 560
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:51 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "6d1-5b5542a0e16c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: pTfhoxKj4gVTYgQgjNpGuWcaWsVDdR-xQ5b5DlQbHrFQQ5VnOVU8eQ==
expires: Wed, 23 Dec 2020 02:01:18 GMT

GET
H2 200 hypotext.css
www.bellingcat.com/app/plugins/hypotext/css/ 417 B
764 B 50ms
48ms Stylesheet
text/css 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/hypotext/css/hypotext.css?ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

2df0f9bd86491445a6322971f5cfa1d969ae151cf04aadbab172c8c8763bb693

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 07:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36534
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 228
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1a1-5b5542a1d5900-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: bs87vx5RJRNb7RekQnEdM98z5dCZ-T2JGOBPhBkdNodE4zPPM0_b-w==
expires: Wed, 23 Dec 2020 07:59:26 GMT

GET
H2 200 side-matter.css
www.bellingcat.com/app/plugins/side-matter/css/ 692 B
952 B 50ms
48ms Stylesheet
text/css 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/side-matter/css/side-matter.css?ver=1.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

6a62b27292bceaa1e393720766944026fc6d8a2bb1a2678ecc1dc73e0ba8b1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 10:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28422
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 415
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2b4-5b5542a2c9b40-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: tCQ4520wREMkV8AUyTD0cGBKDCQDC9vg4Pw7sgUSvAWbPu_xeGDZhQ==
expires: Wed, 23 Dec 2020 10:14:38 GMT

GET
H2 200 style.min.css
www.bellingcat.com/app/themes/bellingcat/assets/css/ 44 KB
8 KB 51ms
49ms Stylesheet
text/css 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20201130145313Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

3d0fc335d691c461b7719a6f875598e67c1035c59fd55a9d9c88ce183810dd8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 14:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11371
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 7894
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:55 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "aef7-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: mXWt_65_Qdy8F0veMtueUzC-Hoc8bEaNPP0VmEiyYtPp5rUXETPvKw==
expires: Wed, 23 Dec 2020 14:58:49 GMT

GET
H2 200 jquery.js Show response
www.bellingcat.com/wp-includes/js/jquery/ 95 KB
34 KB 50ms
48ms Script
application/x-javascript 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 10:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27487
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 33776
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:57 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "17a69-5b5542a69a440-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: gdU2kq20qvjg2E7G9RRGlyAAv499wmThOZMia3DF2PJCsqd7s4ls5w==
expires: Wed, 23 Dec 2020 10:30:13 GMT

GET
H2 200 nouislider.js Show response
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 58 KB
17 KB 62ms
60ms Script
application/x-javascript 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/nouislider.js?ver=9.1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

d9dae239dab8fc3bacbff8cf8220d781551eb467eaccaa5d2ff8fad16477bedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 02:47:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55235
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 17065
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:51 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "e876-5b5542a0e16c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: rCKy3GyxpOK3KZBs29vEH_L4VeqQzlXz3hpIlJemQnlMHjgR9S1pEg==
expires: Wed, 23 Dec 2020 02:47:45 GMT

GET
H2 200 ImageComparisonSlider.js Show response
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 4 KB
2 KB 50ms
48ms Script
application/x-javascript 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/ImageComparisonSlider.js?ver=2.1.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

1fbd60ab313189425b6cbd53ad39e75cb396efaff08264d51de38d02990b0636

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 02:16:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57084
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1230
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:51 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "ee3-5b5542a0e16c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: Xo1pLb0GNOyuLpK1ZtAgd37R5Rq04MDPAo1N4PTkJNv2bgPRk_AGpw==
expires: Wed, 23 Dec 2020 02:16:56 GMT

GET
H2 200 hypotext.js Show response
www.bellingcat.com/app/plugins/hypotext/js/ 1 KB
1 KB 50ms
49ms Script
application/x-javascript 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/hypotext/js/hypotext.js?ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

52c2bc4f3b828ed2e3685b6e0d16b6d2a0d8a3978dcd1a446b1d981a7b8e1911

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 07:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36541
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 646
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:52 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "5ec-5b5542a1d5900-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: 4U4ll8tzGQxT1ZrbA_RuTXQG5rfTz2td-OcFCcvne97zuy-7gmUQkg==
expires: Wed, 23 Dec 2020 07:59:19 GMT

GET
H2 200 main.min.js Show response
www.bellingcat.com/app/themes/bellingcat/assets/js/ 1009 B
940 B 66ms
65ms Script
application/x-javascript 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/js/main.min.js?ver=20201130145313Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

7c311581a44591b20d80dda3653dda9e6f891f312f82da0f731f10bf201d5b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 14:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11371
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 394
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:55 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "3f1-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: GIFcejhqwgU4lOuFT6E17f2-JflRuad3_ixChkkgi7SI6hZVCE_t9A==
expires: Wed, 23 Dec 2020 14:58:49 GMT

GET
H2 200 logo_white.svg
www.bellingcat.com/app/themes/bellingcat/assets/logos/ 3 KB
2 KB 51ms
48ms Image
image/svg+xml 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/logos/logo_white.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

5fcd6acca9e495424b54cadc1ab00e2a0d35eafe9014305664321b88f351b1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 10:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28249
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1519
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "c05-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: 1xl2VnPJIjEVv0V2OGZHsRzd6xIMibekHnt_HsN2BSrT6Skip5XRVQ==
expires: Wed, 23 Dec 2020 10:17:31 GMT

GET
H2 200 share-twitter.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 718 B
927 B 51ms
49ms Image
image/svg+xml 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/share-twitter.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

91c5a3e9d78b65ddd02f50b1fec88da341e7c187b413d543f135e1cac78a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 10:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26356
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 421
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "2ce-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: AwcUCLQ8lczwIkHgkkm0IqhqwaEeoMBkktZfvh0hyaHjcAhGbWTYFA==
expires: Wed, 23 Dec 2020 10:49:04 GMT

GET
H2 200 share-facebook.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 390 B
793 B 51ms
49ms Image
image/svg+xml 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/share-facebook.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

712af120c0636554d31c66ced4ae013f441098c3482d2721217acee9d559ebe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 04:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48182
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 285
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "186-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: gv9iOROLhI3knDzIuLbwNAnjO-hBNsiwIz9YdIXN_qlY3K0Rqw9q7g==
expires: Wed, 23 Dec 2020 04:45:18 GMT

GET
H2 200 share-linkedin.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 575 B
855 B 51ms
49ms Image
image/svg+xml 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/share-linkedin.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

889ecddb8186b1478ffe273344bc2a2613675140e081d34af08527971c6a3ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 04:04:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50631
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 348
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "23f-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: H75ZPlkE_i83d2PTarK5-UWJay69uoM_1TJ6IJBZIPSHW7t-WPOoBw==
expires: Wed, 23 Dec 2020 04:04:29 GMT

GET
H2 200 share-mail.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 435 B
809 B 51ms
49ms Image
image/svg+xml 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/share-mail.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

fc52968c82f073857b771ccb72964217582b9d634c3309c0b2ee9e0239e87219

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 11:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25411
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 302
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "1b3-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: FixGWSGxQDqW_ProYU0OM914gb3m29woI5dBQM9bIwIdJboaSdnMQQ==
expires: Wed, 23 Dec 2020 11:04:49 GMT

GET
H2 200 navalny-cover-1200x600.jpg
www.bellingcat.com/app/uploads/2020/12/ 103 KB
104 KB 51ms
49ms Image
image/jpeg 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2020/12/navalny-cover-1200x600.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

69cfc6a729b23d13da1bf3956d3675d24a3f02cb5eaafcd7d4490742ae99fec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 12:08:05 GMT
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 21615
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 105843
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 14 Dec 2020 00:37:09 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "19d73-5b661d7a4ff77"
strict-transport-security: max-age=86400; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: SZ7EMyAMHzv7zWAY7Xi2unnmtgDI2NHARhz7Hx3Ng8vTRSfu9yXmrw==
expires: Wed, 23 Dec 2020 12:08:05 GMT

GET
H2 200 feature3.jpg
www.bellingcat.com/app/uploads/2020/08/ 86 KB
87 KB 51ms
50ms Image
image/jpeg 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2020/08/feature3.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

266dfcf8eca2e81508893728b366997abf443496da979d5f73b1e22803416275

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 01:32:28 GMT
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 59752
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 88350
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 29 Aug 2020 11:29:19 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1591e-5ae027af38161"
strict-transport-security: max-age=86400; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: PooDybrYU2D4hMTKvD_9AvKZDTS4-GFCHfOGUTIYC7hVeTbCjydaaw==
expires: Wed, 23 Dec 2020 01:32:28 GMT

GET
H2 200 D3C2C5B0-0D91-4056-BB89-BB65E1217EC4.png
www.bellingcat.com/app/uploads/2020/07/ 1 MB
1 MB 67ms
66ms Image
image/png 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2020/07/D3C2C5B0-0D91-4056-BB89-BB65E1217EC4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

5cf1f879bfdd96cd687ff103c007773133107d623e92c34a7acac55693853911

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 08:52:00 GMT
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 33380
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1264749
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 18 Jul 2020 09:10:42 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "134c6d-5aab3a5ddc706"
strict-transport-security: max-age=86400; preload
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: sFxPXu7ehiG5JsYKVx4bb8ZRPHeLJYVGA-uOxjmN-OX2jzGuZG04UA==
expires: Wed, 23 Dec 2020 08:52:00 GMT

GET
H2 200 GIJNlogo.svg
www.bellingcat.com/app/themes/bellingcat/assets/images/ 31 KB
6 KB 87ms
86ms Image
image/svg+xml 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/images/GIJNlogo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

add26c326919b0a43a576c4ca72d3b8fe2e43e867c9cf858c46357cbc65309fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 01:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58474
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 6134
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "7a8f-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: iPjZIqJTCKxHokDwaEsz0EFZLjSCcScY1FDeNchR4zBa7vkYzKsCtQ==
expires: Wed, 23 Dec 2020 01:53:46 GMT

GET
H2 200 impress.svg
www.bellingcat.com/app/themes/bellingcat/assets/images/ 9 KB
3 KB 49ms
48ms Image
image/svg+xml 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/images/impress.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

53b0a63a6811bc2e6e9676a8a2603b875bf480ca6bc4a226ac6a623a0b2d9be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 00:47:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62431
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 3064
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "239e-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: iqzyKSmbY-28Igkc7L9gRY6MnjLJeaV1LPt37aRhUWZYuVgfj3npPA==
expires: Wed, 23 Dec 2020 00:47:49 GMT

GET
H2 200 side-matter.js Show response
www.bellingcat.com/app/plugins/side-matter/js/ 2 KB
2 KB 47ms
46ms Script
application/x-javascript 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/side-matter/js/side-matter.js?ver=1.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

bb6be243a6edb5af2e6a2faab1859292927d03807ec03b5d338b6be504c88f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 03:43:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51897
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1058
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "958-5b5542a2c9b40-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: zPzWCiOmpYmbxDCGlKC17s2yOZxcQAbEAgP4P6ombeywmHHRVPt2pw==
expires: Wed, 23 Dec 2020 03:43:23 GMT

GET
H2 200 comment-reply.min.js Show response
www.bellingcat.com/wp-includes/js/ 3 KB
2 KB 46ms
46ms Script
application/x-javascript 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/wp-includes/js/comment-reply.min.js?ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 02:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54774
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1362
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:57 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "bdb-5b5542a69a440-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: Rz6sRp08fG6yvYttcFzJVUkgTsAFl8C_qhf5FWyg3baYxscvzDqAKA==
expires: Wed, 23 Dec 2020 02:55:26 GMT

GET
H2 200 wp-embed.min.js Show response
www.bellingcat.com/wp-includes/js/ 1 KB
1 KB 51ms
48ms Script
application/x-javascript 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/wp-includes/js/wp-embed.min.js?ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 07:59:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36541
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 769
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 30 Nov 2020 14:52:57 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "59a-5b5542a69a440-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: pGsBEuxLbKkbO9e3tYEWcSpsmCa_J-WClmJcazv4qwOWqZFD7nRuog==
expires: Wed, 23 Dec 2020 07:59:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1066
date: Tue, 22 Dec 2020 17:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 22 Dec 2020 19:50:34 GMT

GET
H2 200 gwvA49ZXnf8
www.youtube.com/embed/ Frame 89CE 0
0 111ms
91ms Document
text/html 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/gwvA49ZXnf8?feature=oembed

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/gwvA49ZXnf8?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/

Response headers

content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security: max-age=31536000
cache-control: no-cache
content-length: 21086
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
content-type: text/html; charset=utf-8
date: Tue, 22 Dec 2020 18:08:20 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=0NA_HJsZtto; path=/; domain=.youtube.com; secure; expires=Sun, 20-Jun-2021 18:08:20 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=0NA_HJsZtto; path=/; domain=.youtube.com; secure; expires=Sun, 20-Jun-2021 18:08:20 GMT; httponly; samesite=None YSC=nmig2Df3Ioo; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 22-Dec-2020 18:38:20 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 nRku_Kn5aUU
www.youtube.com/embed/ Frame B393 0
0 112ms
94ms Document
text/html 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/nRku_Kn5aUU?feature=oembed

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/nRku_Kn5aUU?feature=oembed
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/

Response headers

content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
content-length: 21058
cache-control: no-cache
x-content-type-options: nosniff
date: Tue, 22 Dec 2020 18:08:20 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=4-QL6l2KP0w; path=/; domain=.youtube.com; secure; expires=Sun, 20-Jun-2021 18:08:20 GMT; httponly; samesite=None YSC=IX0Bzzg6VjM; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 22-Dec-2020 18:38:20 GMT VISITOR_INFO1_LIVE=4-QL6l2KP0w; path=/; domain=.youtube.com; secure; expires=Sun, 20-Jun-2021 18:08:20 GMT; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 icon-search.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 329 B
745 B 81ms
80ms Image
image/svg+xml 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/icon-search.svg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20201130145313Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

1526cb1e6028a794e974a70f7f5f8420c7a19f2c267562e198055e54880d26fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20201130145313Z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 10:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28411
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 237
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "149-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: vxEf3SRxsV6Ik60QBFRKXq3sn2uy75VQfFb8AkYR4f37MXKDrxZyAA==
expires: Wed, 23 Dec 2020 10:14:49 GMT

GET
H2 200 AtlasGrotesk-Regular-Web.woff2
www.bellingcat.com/app/themes/bellingcat/assets/fonts/ 38 KB
39 KB 72ms
71ms Font
application/font-woff2 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/fonts/AtlasGrotesk-Regular-Web.woff2?v=3.11

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20201130145313Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

c9903be27b8359136da407175ac3d75c0c8600ad74c545f022c54848e56b6c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bellingcat.com
Referer: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20201130145313Z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 10:43:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26682
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 39295
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "9979-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/font-woff2
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: nRoUKZzOl3IOrdwNGGlUxD_SWeTgYjN5dVFBIyWTFRzlE3tuFs5SJQ==
expires: Wed, 23 Dec 2020 10:43:38 GMT

GET
H2 200 AtlasGrotesk-Bold-Web.woff2
www.bellingcat.com/app/themes/bellingcat/assets/fonts/ 45 KB
46 KB 71ms
71ms Font
application/font-woff2 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/fonts/AtlasGrotesk-Bold-Web.woff2

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20201130145313Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

afdddeb891bfa14772729302956ef864a1811eab0f7c9e35d30962ace74f531a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bellingcat.com
Referer: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20201130145313Z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 03:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54193
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 46520
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "b59c-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/font-woff2
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: K9HVnSn75VaY6EunEzQo1rhjtlW_NOO9zLtNPPnBZ5xV4cPChmX3sQ==
expires: Wed, 23 Dec 2020 03:05:07 GMT

GET
H2 200 AtlasGrotesk-RegularItalic-Web.woff2
www.bellingcat.com/app/themes/bellingcat/assets/fonts/ 40 KB
40 KB 71ms
71ms Font
application/font-woff2 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/fonts/AtlasGrotesk-RegularItalic-Web.woff2?v=3.11

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20201130145313Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

4d19b2cb5f9bd33469ae6548240bb7b8cd44b122923a3e4be40d06c0eaae9614

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bellingcat.com
Referer: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20201130145313Z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 10:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26589
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 40717
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "9ef1-5b5542a4b1fc0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/font-woff2
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: Vd7cl92fNz3AKek8cdMTIXu9HB2NXo5mrECd1A76fDFOb8yISnioSA==
expires: Wed, 23 Dec 2020 10:45:11 GMT

GET
H2 200 defaultAuthPic-300x300.png
www.bellingcat.com/app/uploads/2017/06/ 11 KB
11 KB 39ms
38ms Image
image/png 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2017/06/defaultAuthPic-300x300.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

20940179596da6e7227a1325b01f33172f4a37cdb4003a366410662c566bd118

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 07:43:35 GMT
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 37485
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 10794
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jun 2017 17:34:50 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2a2a-550e974290280"
strict-transport-security: max-age=86400; preload
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: _Ryf_MI2097lIWWhJotJrKXmrLb3c6G3cDXSa3RjIaOsI8Z4Jlf5ww==
expires: Wed, 23 Dec 2020 07:43:35 GMT

GET
H2 200 navalny3-2048x1156.jpeg
www.bellingcat.com/app/uploads/2020/12/ 171 KB
171 KB 42ms
41ms Image
image/jpeg 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2020/12/navalny3-2048x1156.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

d95912b1f3419af9d0cf9e83f0fa9086b4ef2aa1f1088c72071a61236b8714be

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 12:02:57 GMT
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 21923
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 174751
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 Dec 2020 11:52:31 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2aa9f-5b6f817da4d6c"
strict-transport-security: max-age=86400; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: Ta2-DJEUMwRy5Q5zREHv3a2aORKh09NNsYc8FuRLRx5sU1yFRib9PA==
expires: Wed, 23 Dec 2020 12:02:57 GMT

GET
H2 200 image001.jpg
www.bellingcat.com/app/uploads/2020/12/ 245 KB
245 KB 72ms
70ms Image
image/jpeg 13.32.240.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2020/12/image001.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.34 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-34.ams50.r.cloudfront.net

Software

Apache /

Resource Hash

76616f33618ecca23fc913dcc1700017871fa34aae348a149086ab9ae8081b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 07:47:14 GMT
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 37266
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 250524
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 Dec 2020 01:39:41 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "3d29c-5b6ef882c127f"
strict-transport-security: max-age=86400; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: AMS50-C1
accept-ranges: bytes
x-amz-cf-id: e69e20Mh0DS63xzEYYjob1yItPeFVZVATT4BKxIp_RlbrO9suluLZw==
expires: Wed, 23 Dec 2020 07:47:14 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
392 B 55ms
29ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=960449596&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bellingcat.com%2Fnews%2Fuk-and-europe%2F2020%2F12%2F21%2Fif-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny%2F&ul=en-us&de=UTF-8&dt=%22If%20it%20Hadn%27t%20Been%20for%20the%20Prompt%20Work%20of%20the%20Medics%22%3A%20FSB%20Officer%20Inadvertently%20Confesses%20Murder%20Plot%20to%20Navalny%20-%20bellingcat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1325191335&gjid=1354812493&cid=218251093.1608660501&tid=UA-52456075-1&_gid=710085859.1608660501&_r=1&_slc=1&z=2015977779

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Dec 2020 18:08:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bellingcat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-52456075-1&cid=218251093.1608660501&jid=1325191335&gjid=1354812493&_gid=710085859.1608660501&_u=IEBAAEAAAAAAAC~&z=1731813105

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bellingcat.com/news/uk-and-europe/2020/12/21/if-it-hadnt-been-for-the-prompt-work-of-the-medics-fsb-officer-inadvertently-confesses-murder-plot-to-navalny/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Dec 2020 18:08:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.bellingcat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 19:10:12	Name: VISITOR_INFO1_LIVE Value: 4-QL6l2KP0w
.bellingcat.com/	1970-01-19 14:51:00	Name: _gat Value: 1
.bellingcat.com/	1970-01-19 14:52:26	Name: _gid Value: GA1.2.710085859.1608660501
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: IX0Bzzg6VjM
.bellingcat.com/	1970-01-20 08:22:12	Name: _ga Value: GA1.2.218251093.1608660501

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

stats.g.doubleclick.net
www.bellingcat.com
www.google-analytics.com
www.youtube.com
13.32.240.34
2a00:1450:4001:819::200e
2a00:1450:4001:820::200e
2a00:1450:400c:c0c::9c
1526cb1e6028a794e974a70f7f5f8420c7a19f2c267562e198055e54880d26fd
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd60ab313189425b6cbd53ad39e75cb396efaff08264d51de38d02990b0636
20940179596da6e7227a1325b01f33172f4a37cdb4003a366410662c566bd118
266dfcf8eca2e81508893728b366997abf443496da979d5f73b1e22803416275
2df0f9bd86491445a6322971f5cfa1d969ae151cf04aadbab172c8c8763bb693
3d0fc335d691c461b7719a6f875598e67c1035c59fd55a9d9c88ce183810dd8a
4d19b2cb5f9bd33469ae6548240bb7b8cd44b122923a3e4be40d06c0eaae9614
52c2bc4f3b828ed2e3685b6e0d16b6d2a0d8a3978dcd1a446b1d981a7b8e1911
53b0a63a6811bc2e6e9676a8a2603b875bf480ca6bc4a226ac6a623a0b2d9be4
5cf1f879bfdd96cd687ff103c007773133107d623e92c34a7acac55693853911
5fcd6acca9e495424b54cadc1ab00e2a0d35eafe9014305664321b88f351b1db
69cfc6a729b23d13da1bf3956d3675d24a3f02cb5eaafcd7d4490742ae99fec2
6a62b27292bceaa1e393720766944026fc6d8a2bb1a2678ecc1dc73e0ba8b1fc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
712af120c0636554d31c66ced4ae013f441098c3482d2721217acee9d559ebe4
76616f33618ecca23fc913dcc1700017871fa34aae348a149086ab9ae8081b64
7c311581a44591b20d80dda3653dda9e6f891f312f82da0f731f10bf201d5b74
889ecddb8186b1478ffe273344bc2a2613675140e081d34af08527971c6a3ee3
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8de5c221496f370ed55d86f084292e3b694ff38b733b59760f96c1b386fa5855
91c5a3e9d78b65ddd02f50b1fec88da341e7c187b413d543f135e1cac78a65e4
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
add26c326919b0a43a576c4ca72d3b8fe2e43e867c9cf858c46357cbc65309fc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afdddeb891bfa14772729302956ef864a1811eab0f7c9e35d30962ace74f531a
b1770d5a34dd0d47cf631e0088da9e7ec8c2dc28072cab5893e601fea8e06646
bb6be243a6edb5af2e6a2faab1859292927d03807ec03b5d338b6be504c88f7d
c31cdcd6f18d7b3d0e0e5777c456b6a83b875306641aa2cdf035ce2ca312d305
c9903be27b8359136da407175ac3d75c0c8600ad74c545f022c54848e56b6c27
d95912b1f3419af9d0cf9e83f0fa9086b4ef2aa1f1088c72071a61236b8714be
d9dae239dab8fc3bacbff8cf8220d781551eb467eaccaa5d2ff8fad16477bedb
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
fc52968c82f073857b771ccb72964217582b9d634c3309c0b2ee9e0239e87219

www.bellingcat.com Open in urlscan Pro 13.32.240.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

2142 kBTransfer

2494 kBSize

5 Cookies

14 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bellingcat.com Open in urlscan Pro
13.32.240.34 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

2142 kB
Transfer

2494 kB
Size

5
Cookies

37 HTTP transactions
0 data transactions