urlscan.io logo urlscan.io
SecurityTrails logo

www.bellingcat.com Open in urlscan Pro
52.222.179.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bellingcat.com/
Effective URL: https://www.bellingcat.com/
Submission: On April 10 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 4 countries across 3 domains to perform 47 HTTP transactions. The main IP is 52.222.179.52, located in United States and belongs to AMAZON-02, US. The main domain is www.bellingcat.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 8th 2020. Valid for: 2 years.
This is the only time www.bellingcat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 83.96.170.83 21155 (ASN-PROSE...)
1 45 52.222.179.52 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
47 3
Domain Requested by
45 www.bellingcat.com 1 redirects www.bellingcat.com
2 www.google-analytics.com www.bellingcat.com
www.google-analytics.com
2 bellingcat.com 2 redirects
1 stats.g.doubleclick.net www.google-analytics.com
47 4

This site contains links to these domains. Also see Links.

Domain
ru.bellingcat.com
www.patreon.com
gijn.org
impress.press
Subject Issuer Validity Valid
bellingcat.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-08 -
2022-07-08		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.bellingcat.com/
Frame ID: 360C9AD52632B056E59434F5D581FF1B
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bellingcat.com/ HTTP 301
    https://bellingcat.com/ HTTP 301
    http://www.bellingcat.com/ HTTP 301
    https://www.bellingcat.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

47
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

3
IPs

4
Countries

1075 kB
Transfer

1368 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bellingcat.com/ HTTP 301
    https://bellingcat.com/ HTTP 301
    http://www.bellingcat.com/ HTTP 301
    https://www.bellingcat.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bellingcat.com/
Redirect Chain
  • http://bellingcat.com/
  • https://bellingcat.com/
  • http://www.bellingcat.com/
  • https://www.bellingcat.com/
43 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache / PHP/7.4.15
Resource Hash
2f3a7904884060a05b7aa89d312829aaacbb90a19f7ba2c40b9e7fed2f2b7af3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.bellingcat.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 10 Apr 2021 19:11:40 GMT
server
Apache
strict-transport-security
max-age=86400; preload
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-powered-by
PHP/7.4.15
last-modified
Sat, 10 Apr 2021 19:11:40 GMT
expires
Sat, 10 Apr 2021 19:41:40 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
etag
"15f88bc4bcd585b9cb30253f300f2c30"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
6mAILZ9M2V1I0qKEljHl0G4h-KRvNq5DGNd6a-66jjSTZ3RTxh_aBQ==
age
1020

Redirect headers

Server
CloudFront
Date
Sat, 10 Apr 2021 19:28:40 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://www.bellingcat.com/
X-Cache
Redirect from cloudfront
Via
1.1 8546619508b421ce9fe06c7b912968a9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C1
X-Amz-Cf-Id
nuqJoV-CssV1E1Cp_5s0F_u3SH63rDqAlfCZzQLe3DlmRyGQiMBzxQ==
style.min.css
www.bellingcat.com/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 08:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40393
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
7907
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"d293-5bee4915a7a00-gzip"
strict-transport-security
max-age=86400; preload
content-type
text/css
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
Hp3rbT3svE_E368rklJ0Vn0mu-q26BXMrSaJWHTTVOS7nNyAh2WhFA==
expires
Sun, 11 Apr 2021 08:15:27 GMT
nouislider.css
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/nouislider.css?ver=9.1.0
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
8de5c221496f370ed55d86f084292e3b694ff38b733b59760f96c1b386fa5855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 17:18:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7820
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
1407
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"132b-5bee4911d7100-gzip"
strict-transport-security
max-age=86400; preload
content-type
text/css
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
l9JgR1v13_l_u68dapoiVxxb2dTjCpK4KEBkec55N5VvwwSKhnFxVg==
expires
Sun, 11 Apr 2021 17:18:20 GMT
ImageComparisonSlider.css
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/ImageComparisonSlider.css?ver=2.1.1
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
b1770d5a34dd0d47cf631e0088da9e7ec8c2dc28072cab5893e601fea8e06646
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 06:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47028
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
560
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"6d1-5bee4911d7100-gzip"
strict-transport-security
max-age=86400; preload
content-type
text/css
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
neJ4rkTaMqBMBW6bZLRVy1Cvg7NgK97fZZQT7v4a8myFw6Ow8Wb1NQ==
expires
Sun, 11 Apr 2021 06:24:52 GMT
hypotext.css
www.bellingcat.com/app/plugins/hypotext/css/ 		417 B
773 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/plugins/hypotext/css/hypotext.css?ver=5.5.3
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
2df0f9bd86491445a6322971f5cfa1d969ae151cf04aadbab172c8c8763bb693
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 01:58:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62993
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
228
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1a1-5bee4911d7100-gzip"
strict-transport-security
max-age=86400; preload
content-type
text/css
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
kmsRzqOAAmihOM_QIB0JXEnH8XenwHTBzAHjGDkcdanyAFE3WyZCVw==
expires
Sun, 11 Apr 2021 01:58:47 GMT
side-matter.css
www.bellingcat.com/app/plugins/side-matter/css/ 		692 B
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/plugins/side-matter/css/side-matter.css?ver=1.4
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
6a62b27292bceaa1e393720766944026fc6d8a2bb1a2678ecc1dc73e0ba8b1fc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 08:39:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38921
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
415
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"2b4-5bee4911d7100-gzip"
strict-transport-security
max-age=86400; preload
content-type
text/css
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
Pz0l60tJ_btNL8IJ6fNg-zrZbDdRQrfl7UeQMGeCCD4ZGtKJKsBMjw==
expires
Sun, 11 Apr 2021 08:39:59 GMT
style.min.css
www.bellingcat.com/app/themes/bellingcat/assets/css/ 		44 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210401075645Z
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
e884b63d5971134e198303a224038af51310f43a405626e6190adfe1def1a94a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 07:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41354
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
7969
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:21 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"b1bd-5bee4912cb340-gzip"
strict-transport-security
max-age=86400; preload
content-type
text/css
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
hH9nmxqJueH1jwCxbRn4A2X4MkKVl3JwC6Q1gFz3nBDx7U99SieJ2Q==
expires
Sun, 11 Apr 2021 07:59:26 GMT
jquery.js
www.bellingcat.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:49:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31157
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
33776
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:25 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"17a69-5bee49169bc40-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/x-javascript
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
ZLNDfn7hqssT6kLPD3KVjR1KO3yQ0wNlkjv7hpFeB1PqFGeDajgfsg==
expires
Sun, 11 Apr 2021 10:49:23 GMT
nouislider.js
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/nouislider.js?ver=9.1.0
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
d9dae239dab8fc3bacbff8cf8220d781551eb467eaccaa5d2ff8fad16477bedb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 05:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49926
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
17065
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"e876-5bee4911d7100-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/x-javascript
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
sA-2IX4fE2IQ6HWKbIVSJsTfex4YxuGPyQZrC9aejRCDwqBN_-k7Vw==
expires
Sun, 11 Apr 2021 05:36:34 GMT
ImageComparisonSlider.js
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/ImageComparisonSlider.js?ver=2.1.1
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
1fbd60ab313189425b6cbd53ad39e75cb396efaff08264d51de38d02990b0636
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 04:11:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55049
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
1230
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"ee3-5bee4911d7100-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/x-javascript
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
PRNuf_yGmy1egKwdU4HDrdN-5rPffz955XXk3H3qsJb84l3zTdysEg==
expires
Sun, 11 Apr 2021 04:11:11 GMT
hypotext.js
www.bellingcat.com/app/plugins/hypotext/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/plugins/hypotext/js/hypotext.js?ver=5.5.3
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
52c2bc4f3b828ed2e3685b6e0d16b6d2a0d8a3978dcd1a446b1d981a7b8e1911
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 08:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41132
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
646
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"5ec-5bee4911d7100-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/x-javascript
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
XiyKxA6Sv41UN_K81mXKTvxi1zZm5OVVXMUdVMpdb38Lr9_SWvpmcg==
expires
Sun, 11 Apr 2021 08:03:08 GMT
main.min.js
www.bellingcat.com/app/themes/bellingcat/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/themes/bellingcat/assets/js/main.min.js?ver=20210401075645Z
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
776dd34259157995e953d103036879f77cd45ebc47f1584551d8ce8b46d827fa
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 07:59:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41354
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
527
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:21 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"537-5bee4912cb340-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/x-javascript
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
q5gjXazR4jLyp04GdU1tEzgnVsr2DxL6I9zKyoCOpdZPghUCz8xYbw==
expires
Sun, 11 Apr 2021 07:59:26 GMT
logo_white.svg
www.bellingcat.com/app/themes/bellingcat/assets/logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/themes/bellingcat/assets/logos/logo_white.svg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
5fcd6acca9e495424b54cadc1ab00e2a0d35eafe9014305664321b88f351b1db
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 05:27:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50443
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
1519
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
etag
"c05-5bee4912cb340-gzip"
strict-transport-security
max-age=86400; preload
content-type
image/svg+xml
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
kzLr2-w68YoujS39HncWeo31mFUuiu6p3RcsQqIljtcgoW3-bbOqCw==
expires
Sun, 11 Apr 2021 05:27:57 GMT
Mahbere-Dego_HeaderImage.jpg
www.bellingcat.com/app/uploads/2021/04/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/04/Mahbere-Dego_HeaderImage.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
16845dab72a019fb0ae5739ca841c8a38a8def5fa9263b188b973db3b79a5d1c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:13:23 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
80117
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
77281
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 20:45:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"12de1-5beef4f0b0c82"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
m8yTX5sO-CaYGzm_sNbcQXezfqAPqpaf2ZyczPlAtd-FQjxeausnmg==
expires
Sat, 10 Apr 2021 21:13:23 GMT
Screenshot-2021-03-19-at-09.30.37-300x213.png
www.bellingcat.com/app/uploads/2021/03/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/03/Screenshot-2021-03-19-at-09.30.37-300x213.png
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
ee4663e3ceef1386167b1234b4685c43fae31aa2e3cb16d3e71f4be1c794a049
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 13:08:24 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
22816
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
116897
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Mar 2021 09:34:52 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1c8a1-5bde06d93482e"
strict-transport-security
max-age=86400; preload
content-type
image/png
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
-54Zkl20mxTL1POtAucsdLPqL68Fa9V0zg0OrEXIuDw-zJjCdFkcsQ==
expires
Sun, 11 Apr 2021 13:08:24 GMT
Screen-Shot-2021-02-06-at-5.58.28-PM-300x191.png
www.bellingcat.com/app/uploads/2021/03/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/03/Screen-Shot-2021-02-06-at-5.58.28-PM-300x191.png
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
04b8131aa926a4432b63a1f3eb64a1c8f3242f1db40b138be96e4a32b419b9be
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 17:58:56 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
5384
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
90103
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Mar 2021 10:39:14 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"15ff7-5bd40650cc574"
strict-transport-security
max-age=86400; preload
content-type
image/png
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
eMAbkjzT-FOkUsOaIfOuCaA2MTZ-sP2I2bbmucOLmchVTbuzyrk4tA==
expires
Sun, 11 Apr 2021 17:58:56 GMT
Screenshot-2021-02-24-at-11.27.00-300x225.png
www.bellingcat.com/app/uploads/2021/02/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/02/Screenshot-2021-02-24-at-11.27.00-300x225.png
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
b2d179e83f0f718a07e8e3b8538d3a49d75831b399ce1d6f1ae1c17f9234b491
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 05:26:05 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
50555
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
57398
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 24 Feb 2021 11:27:19 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"e036-5bc1351617a0a"
strict-transport-security
max-age=86400; preload
content-type
image/png
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
LmJXxVHf6uNFwLkem4ox-7YNgzh-nu-8JcQEbiDTsMrpesXK3QEBUA==
expires
Sun, 11 Apr 2021 05:26:05 GMT
cover-image-1-1200x695.jpg
www.bellingcat.com/app/uploads/2020/10/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2020/10/cover-image-1-1200x695.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
667d94dc11f0b2f61f4371535b1e831887f2e76186a8011dcce7635ec977aec4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 08:54:56 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
38024
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
79825
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 23 Oct 2020 14:33:15 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"137d1-5b257760c2b73"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
AuaiiHy0fRDkaq5X0zncfkgtRBM269RsHEd7UJjByVQ2vL5-PiIjSQ==
expires
Sun, 11 Apr 2021 08:54:56 GMT
Picture-1-150x150.jpg
www.bellingcat.com/app/uploads/2020/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2020/06/Picture-1-150x150.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
ddaabbd38275a3c9c18c07da703e0c9e48382d739245fc4cb3796c887d0652ea
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 05:31:56 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
50204
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
4021
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 22 Jun 2020 09:57:07 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"fb5-5a8a943fac2c0"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
vJ2O2HmmClWN6VSjY-uljyOckEodO2_ypEvwfWg9Ku0x_9jTULvfRw==
expires
Sun, 11 Apr 2021 05:31:56 GMT
cover-1-150x150.jpg
www.bellingcat.com/app/uploads/2020/05/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2020/05/cover-1-150x150.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
baf91bf29ec7d33373f75361f82fc9752403e2f4d5f5efdbdc99982b6178dc1b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 11:34:12 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
28468
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
5039
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 May 2020 23:48:40 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"13af-5a61d09122600"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
nS1ZzDqSfPx8j75F6IMxMn8NFBaRvU1ogJNcwpaTmdGkjesEpldG0A==
expires
Sun, 11 Apr 2021 11:34:12 GMT
2018-08-02T000000Z_1441930190_RC1AC1F70200_RTRMADP_3_USA-TRUMP-1200x832.jpg
www.bellingcat.com/app/uploads/2021/01/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/01/2018-08-02T000000Z_1441930190_RC1AC1F70200_RTRMADP_3_USA-TRUMP-1200x832.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
fe3a08c4fd215543b33577da14a5526518bd386aa310e226b9a700537414a51f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 05:31:56 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
50204
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
145753
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 25 Jan 2021 14:34:29 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"23959-5b9ba6f84f3aa"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
phqbExbNoKBo-lNZguvdRSCVElmW1tDQzESiUmpA8h-00mfub8FvJw==
expires
Sun, 11 Apr 2021 05:31:56 GMT
2017-03-02T000000Z_583588770_RC13A0D7C530_RTRMADP_3_USA-CYBER-150x150.jpg
www.bellingcat.com/app/uploads/2021/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/01/2017-03-02T000000Z_583588770_RC13A0D7C530_RTRMADP_3_USA-CYBER-150x150.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
aea97e653b2c92ab030739bb3a999374e2e9bcdef6ab9c70ddfa131ab4301588
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 16:15:16 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
11604
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
9479
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Jan 2021 15:34:35 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"2507-5b8512d497e1b"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
OQF9T7t56N3HyTFZBg8TxVWEwwSGjDO6w2_czy0_Lv_XuIaw3-SqaA==
expires
Sun, 11 Apr 2021 16:15:16 GMT
Q-150x150.jpg
www.bellingcat.com/app/uploads/2021/01/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/01/Q-150x150.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
8fb4944c7deffe39cdb1b0911740a6eba31d8169b3e9b718d7a41a44ba225923
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 13:25:19 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
21801
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
31873
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Jan 2021 04:06:41 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"7c81-5b8479134f1dd"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
sHTsyS8SbFVnsZi8vxQ18lQbBzJySR9ht0ogsf74fDrVAuuGSDYg_g==
expires
Sun, 11 Apr 2021 13:25:19 GMT
2015-08-15T120000Z_1275815362_LR2EB8F14ALL9_RTRMADP_3_BRITAIN-PROTEST-300x168.jpg
www.bellingcat.com/app/uploads/2021/02/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/02/2015-08-15T120000Z_1275815362_LR2EB8F14ALL9_RTRMADP_3_BRITAIN-PROTEST-300x168.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
faf9d6b15a041f2e91806d8fc4da6a0470ddf1215632472e2a0af03174814454
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 16:48:24 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
9616
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
18848
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 17 Feb 2021 15:40:02 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"49a0-5bb8a0844d0d2"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
nzDkiKRGMExLSKuBdM3m0dd6kELI7ck9-hFx6DJ_62a8I-jmUJ7rUQ==
expires
Sun, 11 Apr 2021 16:48:24 GMT
2017-03-13T120000Z_1175385083_RC17B6D11C50_RTRMADP_3_USA-RUSSIA-OPPOSITION-300x200.jpg
www.bellingcat.com/app/uploads/2021/02/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/02/2017-03-13T120000Z_1175385083_RC17B6D11C50_RTRMADP_3_USA-RUSSIA-OPPOSITION-300x200.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
c777846218ca1c983562f3498d9150a4e2ebbf9d1ac36c011f17f227b6141a9e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 14:21:36 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
18424
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
14504
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 Feb 2021 23:51:17 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"38a8-5bb0414448cad"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
CEyGOYJEOx5RWqO9BcRekmOJ35wwCC2nviyKII_8W5zxx2h43M62VQ==
expires
Sun, 11 Apr 2021 14:21:36 GMT
2021-01-15T032517Z_853843598_RC238L9T7JSO_RTRMADP_3_USA-TRUMP-AMERICA-300x200.jpg
www.bellingcat.com/app/uploads/2021/02/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/02/2021-01-15T032517Z_853843598_RC238L9T7JSO_RTRMADP_3_USA-TRUMP-AMERICA-300x200.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
0922006e43c7ab90fde1087eb48cdb93c3573dd620cfd4c4437e645ab855aaab
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 15:08:37 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
15603
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
20269
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Feb 2021 15:02:48 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"4f2d-5bad4768cdcce"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
eHGFOgPdnLkCB8vWNufS1iTPKEpqkZpzFRKP-8AAFULvuAyROn0E_Q==
expires
Sun, 11 Apr 2021 15:08:37 GMT
Map-of-area-during-attack-300x224.jpg
www.bellingcat.com/app/uploads/2021/02/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/02/Map-of-area-during-attack-300x224.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
467e1eee5b04a4e452b952adf6555ee3d9bb69cb38ffdd940734ca20aa54ea44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 05:26:05 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
50555
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
14828
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Feb 2021 16:50:29 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"39ec-5baea15873627"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
2GAtezVBrhezhP_9BTC24XXCkAoeepc9HP4nXLGjW6YI_8H1JO299A==
expires
Sun, 11 Apr 2021 05:26:05 GMT
image12-300x201.png
www.bellingcat.com/app/uploads/2021/02/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/02/image12-300x201.png
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
eb5c50b905bf6cdb39e44d6c36f1eb459addf6310eb76a7caee756c4f8958cf7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 15:08:37 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
15603
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
87054
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Feb 2021 20:35:51 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1540e-5ba88a64bd577"
strict-transport-security
max-age=86400; preload
content-type
image/png
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
ARONgtTFYv7whF69N-tNYGuJ0wYP43Yd7qKZuet-c3goj9daAFn0eQ==
expires
Sun, 11 Apr 2021 15:08:37 GMT
2021-01-22T111608Z_72954020_RC2ZCL93K8X8_RTRMADP_3_CRYPTO-CURRENCY-CHINA-MINING-300x191.jpg
www.bellingcat.com/app/uploads/2021/02/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/02/2021-01-22T111608Z_72954020_RC2ZCL93K8X8_RTRMADP_3_CRYPTO-CURRENCY-CHINA-MINING-300x191.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
fa1131f0afde4d446bfc3dc8cd52522f71a9ab6d1739fd944b811bbccfc1b954
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 06:04:32 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
48248
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
33353
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 03 Feb 2021 09:40:28 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"8249-5ba6b6094922a"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
Qr1SJcYj3skdAJiIlg2Cuu0ildEkNhUN317dRuJoR06p4h-ADpFtUQ==
expires
Sun, 11 Apr 2021 06:04:32 GMT
2018-08-02T000000Z_1441930190_RC1AC1F70200_RTRMADP_3_USA-TRUMP-300x208.jpg
www.bellingcat.com/app/uploads/2021/01/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/01/2018-08-02T000000Z_1441930190_RC1AC1F70200_RTRMADP_3_USA-TRUMP-300x208.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
c94b6d96eea430a6846a8433fc9275e2d10e66a2e505332c4442c646ce676560
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 13:23:34 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
21906
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
21944
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 25 Jan 2021 14:34:28 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"55b8-5b9ba6f7be35c"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
2_mCoFOq5Pkh0ts2uujGGtft5Okv9CokDwx1iBTmS4IqXcidearkxg==
expires
Sun, 11 Apr 2021 13:23:34 GMT
img-300x150.jpg
www.bellingcat.com/app/uploads/2021/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/01/img-300x150.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
7a446b1197ffe2aa6e2c219d4dbf4fb2d1b7bafcc5185798cabe7d621d3077ef
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 08:59:13 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
37767
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
2850
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 Jan 2021 18:52:00 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"b22-5b9e644246504"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
y-FTrH33ORpaFGBPRXt1G9nipy8ekWAYFwpRDRPpnpBAcjzloMqQ5g==
expires
Sun, 11 Apr 2021 08:59:13 GMT
2021-01-07T231141Z_1318826914_RC2B3L9XUG9V_RTRMADP_3_USA-ELECTION-300x200.jpg
www.bellingcat.com/app/uploads/2021/01/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/01/2021-01-07T231141Z_1318826914_RC2B3L9XUG9V_RTRMADP_3_USA-ELECTION-300x200.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
ba340ce1ecd93e82754422d5038c9ca63488d67c1f4f53f2f982535144827715
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 05:53:00 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
48940
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
18597
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Jan 2021 03:36:03 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"48a5-5b85b417e6390"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
c_QS8qcNebWcW6H3XCrIQbuuFMb15rkLg2c9eaz3ivb75zlZE9-F9Q==
expires
Sun, 11 Apr 2021 05:53:00 GMT
2017-03-02T000000Z_583588770_RC13A0D7C530_RTRMADP_3_USA-CYBER-300x197.jpg
www.bellingcat.com/app/uploads/2021/01/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/uploads/2021/01/2017-03-02T000000Z_583588770_RC13A0D7C530_RTRMADP_3_USA-CYBER-300x197.jpg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
86445e1d1162d4d8218da666b6ba8d32d5aa20af4d898f1fa6493d8603629d68
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 05:50:53 GMT
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
49067
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
16951
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Jan 2021 15:34:34 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"4237-5b8512d43f03c"
strict-transport-security
max-age=86400; preload
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
CrU0vfme64WgBBcp6fGktxtwL0zJIf1Ot24vgSLS0Pj8zEyLtyFJ4w==
expires
Sun, 11 Apr 2021 05:50:53 GMT
GIJNlogo.svg
www.bellingcat.com/app/themes/bellingcat/assets/images/ 		31 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/themes/bellingcat/assets/images/GIJNlogo.svg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
add26c326919b0a43a576c4ca72d3b8fe2e43e867c9cf858c46357cbc65309fc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 03:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56185
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
6134
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
etag
"7a8f-5bee4912cb340-gzip"
strict-transport-security
max-age=86400; preload
content-type
image/svg+xml
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
tSSEcM1fcBkGqF3Fn-I2seIhIAsvGw-YPZmxc1BxW57CohtFUbFk4w==
expires
Sun, 11 Apr 2021 03:52:15 GMT
impress.svg
www.bellingcat.com/app/themes/bellingcat/assets/images/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/themes/bellingcat/assets/images/impress.svg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
53b0a63a6811bc2e6e9676a8a2603b875bf480ca6bc4a226ac6a623a0b2d9be4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 02:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60220
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
3064
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
etag
"239e-5bee4912cb340-gzip"
strict-transport-security
max-age=86400; preload
content-type
image/svg+xml
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
repFHM-R7cRuAHVRt0Ja-P36o-U-Oj7psQiAe9oTN2C1PrWaNRFW4g==
expires
Sun, 11 Apr 2021 02:45:00 GMT
side-matter.js
www.bellingcat.com/app/plugins/side-matter/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/plugins/side-matter/js/side-matter.js?ver=1.4
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
bb6be243a6edb5af2e6a2faab1859292927d03807ec03b5d338b6be504c88f7d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 02:27:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61251
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
1058
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"958-5bee4911d7100-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/x-javascript
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
fQms-vbDfSZs7P54u1BVafQ7xHMfgNBxBkldDgwPecf_H5Qj9FzLBQ==
expires
Sun, 11 Apr 2021 02:27:49 GMT
comment-reply.min.js
www.bellingcat.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/wp-includes/js/comment-reply.min.js?ver=5.5.3
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 01:58:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62993
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
1362
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:24 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"bdb-5bee4915a7a00-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/x-javascript
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
Wrh3guYR6D-Dy9kN7JkTksYs2Re5dQwbEn8zxQLJfeV5N_sSgZMYoA==
expires
Sun, 11 Apr 2021 01:58:47 GMT
wp-embed.min.js
www.bellingcat.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 08:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40393
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
769
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:25 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"59a-5bee49169bc40-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/x-javascript
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
ExMDBcM4N3lU-YqA3-Q6nTAyh20wSzO94MIgdgczzrG06kv7Ca08jw==
expires
Sun, 11 Apr 2021 08:15:27 GMT
front.css
www.bellingcat.com/app/plugins/facetwp/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/plugins/facetwp/assets/css/front.css?ver=3.7.3
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
48aa29be655fd528256f2d3b5e43cebc66825bfa4e3aa8c7c573a1f88ae0bac7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 15:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13208
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
1403
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"1586-5bee4911d7100-gzip"
strict-transport-security
max-age=86400; preload
content-type
text/css
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
VLuVU6UfchZ_mKKFvCGuGDbf-Ssns4S4u4_oorR_RJUn6QYKSlzhRg==
expires
Sun, 11 Apr 2021 15:48:32 GMT
front.min.js
www.bellingcat.com/app/plugins/facetwp/assets/js/dist/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/plugins/facetwp/assets/js/dist/front.min.js?ver=3.7.3
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
1ed1fd8c8c8c306cd2c2ff0e095cd461a1e6bee31e573bf2dba76fdb2f9af8e1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 15:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13208
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
7449
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Apr 2021 07:56:20 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"6fe2-5bee4911d7100-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/x-javascript
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
xs-x45QLfJ50di0Cd7S4pxQmCMXIY1rNJSuOG97j0qTGHn5_oN8GwA==
expires
Sun, 11 Apr 2021 15:48:32 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
5981
date
Sat, 10 Apr 2021 17:48:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 10 Apr 2021 19:48:59 GMT
icon-search.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 		329 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/icon-search.svg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210401075645Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
1526cb1e6028a794e974a70f7f5f8420c7a19f2c267562e198055e54880d26fd
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210401075645Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 02:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61701
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
237
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
etag
"149-5bee4912cb340-gzip"
strict-transport-security
max-age=86400; preload
content-type
image/svg+xml
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
tqMHIfrjT1y5MJ_WznvpwGz81baWjEjc3KvEqvrKaNTb5ellJTvZ-Q==
expires
Sun, 11 Apr 2021 02:20:19 GMT
icon-arrow-right-thick.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 		300 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/icon-arrow-right-thick.svg
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210401075645Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
9f75dc29112628f1681d7ef74ee21f2518230ccd8890f7b7a60792fb4161681b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210401075645Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 06:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46693
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
218
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
etag
"12c-5bee4912cb340-gzip"
strict-transport-security
max-age=86400; preload
content-type
image/svg+xml
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
bVLAHfIYynQQWYvf2WFfuaIlTd4Pq7HF_GKl21Bm1uL8Th6LyqCngQ==
expires
Sun, 11 Apr 2021 06:30:27 GMT
AtlasGrotesk-Regular-Web.woff2
www.bellingcat.com/app/themes/bellingcat/assets/fonts/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/themes/bellingcat/assets/fonts/AtlasGrotesk-Regular-Web.woff2?v=3.11
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210401075645Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
c9903be27b8359136da407175ac3d75c0c8600ad74c545f022c54848e56b6c27
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.bellingcat.com
Referer
https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210401075645Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 06:08:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47992
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
39295
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
etag
"9979-5bee4912cb340-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/font-woff2
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
9Mz83bPiP2Foqu9IHBow2Qyua1GesUVNFQU07-yEbFkbY1hc2keNrQ==
expires
Sun, 11 Apr 2021 06:08:47 GMT
AtlasGrotesk-Bold-Web.woff2
www.bellingcat.com/app/themes/bellingcat/assets/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bellingcat.com/app/themes/bellingcat/assets/fonts/AtlasGrotesk-Bold-Web.woff2
Requested by
Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210401075645Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-52.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
afdddeb891bfa14772729302956ef864a1811eab0f7c9e35d30962ace74f531a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.bellingcat.com
Referer
https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210401075645Z
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 05:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51228
x-cache
Hit from cloudfront
vary
Accept-Encoding
content-length
46520
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
etag
"b59c-5bee4912cb340-gzip"
strict-transport-security
max-age=86400; preload
content-type
application/font-woff2
via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
tugq2hI82OF6jexIes3sDG4AYe4oYmPzD-Se9tXXGipdEyfkogeEZQ==
expires
Sun, 11 Apr 2021 05:14:52 GMT
collect
www.google-analytics.com/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1520753184&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bellingcat.com%2F&ul=en-us&de=UTF-8&dt=bellingcat%20-%20the%20home%20of%20online%20investigations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=625286188&gjid=43277819&cid=791045789.1618082921&tid=UA-52456075-1&_gid=1707990324.1618082921&_r=1&_slc=1&z=965580030
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 10 Apr 2021 19:28:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bellingcat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-52456075-1&cid=791045789.1618082921&jid=625286188&gjid=43277819&_gid=1707990324.1618082921&_u=IEBAAEAAAAAAAC~&z=742026263
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bellingcat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 10 Apr 2021 19:28:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.bellingcat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery object| noUiSlider object| Scrobbleme string| GoogleAnalyticsObject function| ga object| side_matter object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| jQuery11240051202168160318084 object| addComment object| wp object| FWP object| FWP_JSON object| FWP_HTTP number| n number| refCount

3 Cookies

Domain/Path Name / Value
.bellingcat.com/ Name: _gat
Value: 1
.bellingcat.com/ Name: _gid
Value: GA1.2.1707990324.1618082921
.bellingcat.com/ Name: _ga
Value: GA1.2.791045789.1618082921

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bellingcat.com
stats.g.doubleclick.net
www.bellingcat.com
www.google-analytics.com
2a00:1450:4001:80f::200e
2a00:1450:400c:c1b::9c
52.222.179.52
83.96.170.83
04b8131aa926a4432b63a1f3eb64a1c8f3242f1db40b138be96e4a32b419b9be
0922006e43c7ab90fde1087eb48cdb93c3573dd620cfd4c4437e645ab855aaab
1526cb1e6028a794e974a70f7f5f8420c7a19f2c267562e198055e54880d26fd
16845dab72a019fb0ae5739ca841c8a38a8def5fa9263b188b973db3b79a5d1c
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ed1fd8c8c8c306cd2c2ff0e095cd461a1e6bee31e573bf2dba76fdb2f9af8e1
1fbd60ab313189425b6cbd53ad39e75cb396efaff08264d51de38d02990b0636
2df0f9bd86491445a6322971f5cfa1d969ae151cf04aadbab172c8c8763bb693
2f3a7904884060a05b7aa89d312829aaacbb90a19f7ba2c40b9e7fed2f2b7af3
467e1eee5b04a4e452b952adf6555ee3d9bb69cb38ffdd940734ca20aa54ea44
48aa29be655fd528256f2d3b5e43cebc66825bfa4e3aa8c7c573a1f88ae0bac7
52c2bc4f3b828ed2e3685b6e0d16b6d2a0d8a3978dcd1a446b1d981a7b8e1911
53b0a63a6811bc2e6e9676a8a2603b875bf480ca6bc4a226ac6a623a0b2d9be4
5fcd6acca9e495424b54cadc1ab00e2a0d35eafe9014305664321b88f351b1db
667d94dc11f0b2f61f4371535b1e831887f2e76186a8011dcce7635ec977aec4
6a62b27292bceaa1e393720766944026fc6d8a2bb1a2678ecc1dc73e0ba8b1fc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
776dd34259157995e953d103036879f77cd45ebc47f1584551d8ce8b46d827fa
7a446b1197ffe2aa6e2c219d4dbf4fb2d1b7bafcc5185798cabe7d621d3077ef
86445e1d1162d4d8218da666b6ba8d32d5aa20af4d898f1fa6493d8603629d68
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8de5c221496f370ed55d86f084292e3b694ff38b733b59760f96c1b386fa5855
8fb4944c7deffe39cdb1b0911740a6eba31d8169b3e9b718d7a41a44ba225923
9f75dc29112628f1681d7ef74ee21f2518230ccd8890f7b7a60792fb4161681b
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
add26c326919b0a43a576c4ca72d3b8fe2e43e867c9cf858c46357cbc65309fc
aea97e653b2c92ab030739bb3a999374e2e9bcdef6ab9c70ddfa131ab4301588
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afdddeb891bfa14772729302956ef864a1811eab0f7c9e35d30962ace74f531a
b1770d5a34dd0d47cf631e0088da9e7ec8c2dc28072cab5893e601fea8e06646
b2d179e83f0f718a07e8e3b8538d3a49d75831b399ce1d6f1ae1c17f9234b491
ba340ce1ecd93e82754422d5038c9ca63488d67c1f4f53f2f982535144827715
baf91bf29ec7d33373f75361f82fc9752403e2f4d5f5efdbdc99982b6178dc1b
bb6be243a6edb5af2e6a2faab1859292927d03807ec03b5d338b6be504c88f7d
c777846218ca1c983562f3498d9150a4e2ebbf9d1ac36c011f17f227b6141a9e
c94b6d96eea430a6846a8433fc9275e2d10e66a2e505332c4442c646ce676560
c9903be27b8359136da407175ac3d75c0c8600ad74c545f022c54848e56b6c27
d9dae239dab8fc3bacbff8cf8220d781551eb467eaccaa5d2ff8fad16477bedb
ddaabbd38275a3c9c18c07da703e0c9e48382d739245fc4cb3796c887d0652ea
e884b63d5971134e198303a224038af51310f43a405626e6190adfe1def1a94a
eb5c50b905bf6cdb39e44d6c36f1eb459addf6310eb76a7caee756c4f8958cf7
ee4663e3ceef1386167b1234b4685c43fae31aa2e3cb16d3e71f4be1c794a049
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fa1131f0afde4d446bfc3dc8cd52522f71a9ab6d1739fd944b811bbccfc1b954
faf9d6b15a041f2e91806d8fc4da6a0470ddf1215632472e2a0af03174814454
fe3a08c4fd215543b33577da14a5526518bd386aa310e226b9a700537414a51f