www.bellingcat.com Open in urlscan Pro
65.9.83.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3p4bL94
Effective URL:
https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
Submission: On January 21 via manual (January 21st 2021, 4:36:19 pm UTC) from PL

Summary HTTP 37 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 37 HTTP transactions. The main IP is 65.9.83.63, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.bellingcat.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 8th 2020. Valid for: 2 years.

This is the only time www.bellingcat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
34	65.9.83.63 65.9.83.63	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
37	3

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 65.9.83.63 (Seattle, United States)

ASN16509 (AMAZON-02, US)

www.bellingcat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	bellingcat.com www.bellingcat.com	4 MB
2	google-analytics.com www.google-analytics.com	19 KB
1	doubleclick.net stats.g.doubleclick.net	87 B
1	bit.ly 1 redirects bit.ly	310 B
37	4

	Domain	Requested by
34	www.bellingcat.com	www.bellingcat.com
2	www.google-analytics.com	www.bellingcat.com www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	bit.ly	1 redirects
37	4

This site contains links to these domains. Also see Links.

Domain
ru.bellingcat.com
www.mtv.com
yandex.com
images.bing.com
images.google.com
tineye.com
images.yandex.com
www.themoscowtimes.com
www.scmp.com
www.google.com
youtu.be
commons.wikimedia.org
www.shutterstock.com
ru.foursquare.com
017qndpynh-flywheel.netdna-ssl.com
www.dreamstime.com
merlin.allaboutbirds.org
flagid.org
www.youtube.com
twitter.com
www.politico.com
www.theringer.com
findclone.ru
www.facebook.com
www.linkedin.com
gijn.org
impress.press

Subject Issuer	Validity	Valid
bellingcat.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-08` - `2022-07-08`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
Frame ID: D3DBA269ECBE2790CA90B014131486B9
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3p4bL94 HTTP 301
https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investi... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

37
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

3788 kB
Transfer

4110 kB
Size

3
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://ru.bellingcat.com/
Title: русский

Search URL Search Domain Scan URL

URL: http://www.mtv.com/news/2387306/catfish-five-detective-tools/
Title: Catfish

Search URL Search Domain Scan URL

URL: http://yandex.com/images
Title: Yandex

Search URL Search Domain Scan URL

URL: http://images.bing.com/
Title: Bing

Search URL Search Domain Scan URL

URL: http://images.google.com/
Title: Google

Search URL Search Domain Scan URL

URL: http://tineye.com/
Title: TinEye

Search URL Search Domain Scan URL

URL: http://images.yandex.com/
Title: images.yandex.com

Search URL Search Domain Scan URL

URL: https://www.themoscowtimes.com/2019/11/27/yandex-safe-kremlin-compromise-fragile-a68323
Title: worries and suspicions

Search URL Search Domain Scan URL

URL: https://www.scmp.com/news/world/united-states-canada/article/2185910/bbc-cameraman-attacked-donald-trump-rally-triggering
Title: who tried to attack a BBC journalist

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/uv?hl=en&pb=!1s0x33a9993bc55e73e3%3A0x37dc7e29b58895c6!3m1!7e115!4shttps%3A%2F%2Flh5.googleusercontent.com%2Fp%2FAF1QipMLPfIL9XSqm5psFr3MfCzeZ0Vr0IEdPfuLucav%3Dw240-h240-k-no!5sThe%20Padgett%20Place%20-%20Google%20Search!15sCAQ&imagekey=!1e10!2sAF1QipOkbMBZhbBDcIVaSxMYKXTvGP7qi9wWhwQylA3f&sa=X&ved=2ahUKEwiT0bPRjMXmAhWXJ80KHSlYBwoQoiowP3oECD8QBg
Title: The Padgett Place

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/uv?hl=en&pb=!1s0x33a9993ccf8d81f1%3A0xc975b10a18d14aa8!3m1!7e115!4shttp%3A%2F%2Fwww.vfmii.com%2Fexc%2Faspquery%3Fcommand%3Dinvoke%26ipid%3D1130969%26ids%3D42159!5swaterfront%20hotel%20cebu%20-%20Google%20Search!15sCAQ&imagekey=!1e10!2sAF1QipOzuXsBD4RqsUh8RICf1bBPG3ZKGNRy1CUzoASY&sa=X&ved=2ahUKEwir3vSZjcXmAhUEAZ0JHShbAB4QoiowRXoECEAQBg
Title: Waterfront Hotel

Search URL Search Domain Scan URL

URL: https://youtu.be/j_1T_xPpAwo?t=56
Title: video

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/@-23.6338602,-46.6391907,3a,60.1y,342.94h,87.95t/data=!3m6!1e1!3m4!1suLicOAZLZRoujDnsOOnauQ!2e0!7i13312!8i6656
Title: Google Street View

Search URL Search Domain Scan URL

URL: https://commons.wikimedia.org/wiki/File:NNovgorod_Olisov_Palace_3862.jpg
Title: 90 degrees counter-clockwise

Search URL Search Domain Scan URL

URL: https://www.shutterstock.com/ru/video/clip-9751865-cebu---20-april-timelapse-view-over?irgwc=1&utm_medium=Affiliate&utm_campaign=Yandex.Images&utm_source=1194036&utm_term=
Title: fourth result in the first row

Search URL Search Domain Scan URL

URL: https://ru.foursquare.com/v/cebu-city/4da945b6cda1652a2b6fcf9f?openPhotoId=5c3006ca947c050039554e1a
Title: fourth result in the second row

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/test-b.jpg
Title: Cebu cityscape

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/b-toweronly.jpg
Title: building

Search URL Search Domain Scan URL

URL: https://www.dreamstime.com/cebu-city-cityscape-skyscraper-local-architecture-province-philippines-located-central-visayas-cebu-city-image111308298
Title: image of Cebu’s skyline

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/b-tower2only.jpg
Title: Waterfront Hotel image

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/test-c.jpg
Title: Bloomberg campaign advertisement

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/c-studentonly.jpg
Title: just the face

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/test-d.jpg
Title: this image

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/d-tocadoacai.jpg
Title: Toca do Açaí

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/d-estacionameno.jpg
Title: parking sign [Estacionamento]

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/test-e.jpg
Title: this photograph

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/test-e-bird.jpg
Title: source image

Search URL Search Domain Scan URL

URL: https://017qndpynh-flywheel.netdna-ssl.com/app/uploads/2019/12/test-e-flag.jpg
Title: Dutch flag

Search URL Search Domain Scan URL

URL: https://merlin.allaboutbirds.org/photo-id/
Title: Cornell Lab’s Merlin Bird ID app

Search URL Search Domain Scan URL

URL: http://flagid.org/
Title: FlagID.org

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=oW0jvJC2rvM
Title: Hedgehog in the Fog

Search URL Search Domain Scan URL

URL: https://twitter.com/AricToler/status/1206679612543111169
Title: a brief Twitter thread

Search URL Search Domain Scan URL

URL: https://www.politico.com/news/2019/12/10/christianne-allen-giuliani-079762
Title: Rudy Giuliani’s spokeswoman

Search URL Search Domain Scan URL

URL: https://www.theringer.com/2017/5/25/16043842/google-photos-data-collection-e8578b3256e0
Title: Google Photos

Search URL Search Domain Scan URL

URL: https://findclone.ru/
Title: FindClone

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.bellingcat.com%2Fresources%2Fhow-tos%2F2019%2F12%2F26%2Fguide-to-using-reverse-image-search-for-investigations%2F&text=Guide%20To%20Using%20Reverse%20Image%20Search%20For%20Investigations
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.bellingcat.com%2Fresources%2Fhow-tos%2F2019%2F12%2F26%2Fguide-to-using-reverse-image-search-for-investigations%2F
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.bellingcat.com%2Fresources%2Fhow-tos%2F2019%2F12%2F26%2Fguide-to-using-reverse-image-search-for-investigations%2F
Title:

Search URL Search Domain Scan URL

URL: https://gijn.org/
Title:

Search URL Search Domain Scan URL

URL: https://impress.press/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3p4bL94 HTTP 301
https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
Redirect Chain

https://bit.ly/3p4bL94
https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

108 KB
23 KB

126ms
47ms

Document
text/html

65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache / PHP/7.2.34

Resource Hash

b4c133aa5f013f41d5f9a6f8b58640e5b98e6fb9f531ece89b305e16311364d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.bellingcat.com
:scheme: https
:path: /resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 21 Jan 2021 16:07:52 GMT
server: Apache
strict-transport-security: max-age=86400; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-powered-by: PHP/7.2.34
last-modified: Thu, 21 Jan 2021 16:07:52 GMT
expires: Thu, 21 Jan 2021 16:37:52 GMT
etag: "90303da02dcf3358da5624fc66097843"
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: -RfpcJkPwezfSTqG2-jJUFpbij8oeuh9twkWoD26jJaqPnu9dKTwVg==
age: 1685

Redirect headers

server: nginx
date: Thu, 21 Jan 2021 16:35:57 GMT
content-type: text/html; charset=utf-8
content-length: 198
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
referrer-policy: unsafe-url
set-cookie: _bit=l0lgzV-ca579b9ee0fbf290bf-00V; Domain=bit.ly; Expires=Tue, 20 Jul 2021 16:35:57 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 style.min.css
www.bellingcat.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 42ms
39ms Stylesheet
text/css 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 08:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28831
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 7907
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:55 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "d293-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: tUEKzwomdiw7jjSxe7g-SjBwuev7ZO7dY__jS61Pb_3bv0ZUv6MTlA==
expires: Fri, 22 Jan 2021 08:35:26 GMT

GET
H2 200 nouislider.css
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 5 KB
2 KB 42ms
40ms Stylesheet
text/css 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/nouislider.css?ver=9.1.0

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

8de5c221496f370ed55d86f084292e3b694ff38b733b59760f96c1b386fa5855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 09:05:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26999
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1407
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "132b-5b93c52454140-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: lMf0UJqP8BggcSrd73i3mV8IY_dkj2kiNwPdUsUY1WL5TUj1gRzWqg==
expires: Fri, 22 Jan 2021 09:05:58 GMT

GET
H2 200 ImageComparisonSlider.css
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 2 KB
1 KB 43ms
40ms Stylesheet
text/css 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/ImageComparisonSlider.css?ver=2.1.1

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b1770d5a34dd0d47cf631e0088da9e7ec8c2dc28072cab5893e601fea8e06646

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 06:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35781
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 560
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "6d1-5b93c52454140-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: cooBEz9DfxEETpBr4MDPew8LxHz6hTefjDrZ4Q0ywU1LtCIjhQ0ZzA==
expires: Fri, 22 Jan 2021 06:39:36 GMT

GET
H2 200 hypotext.css
www.bellingcat.com/app/plugins/hypotext/css/ 417 B
763 B 43ms
40ms Stylesheet
text/css 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/hypotext/css/hypotext.css?ver=5.5.3

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

2df0f9bd86491445a6322971f5cfa1d969ae151cf04aadbab172c8c8763bb693

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 06:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35781
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 228
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1a1-5b93c52454140-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: bIPX-nCK9Gk_5J-4B3sx2bkmpiiDzCG0yCTHCTWAjoM5bfTw99rrMg==
expires: Fri, 22 Jan 2021 06:39:36 GMT

GET
H2 200 side-matter.css
www.bellingcat.com/app/plugins/side-matter/css/ 692 B
950 B 43ms
41ms Stylesheet
text/css 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/side-matter/css/side-matter.css?ver=1.4

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6a62b27292bceaa1e393720766944026fc6d8a2bb1a2678ecc1dc73e0ba8b1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:19:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18968
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 415
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2b4-5b93c52454140-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 7yifTd53b3T7s_fQHTubEc7y5YjjVHiC8sjb56rJcopXQYV8v79_LQ==
expires: Fri, 22 Jan 2021 11:19:49 GMT

GET
H2 200 style.min.css
www.bellingcat.com/app/themes/bellingcat/assets/css/ 44 KB
8 KB 43ms
41ms Stylesheet
text/css 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210119080714Z

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

57210a7521949509aae3e100db75db1d783ff8b4e6523f91f5bc272cdc6d380d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 08:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30220
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 7890
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:55 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "af09-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: text/css
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: m0J87T0HQukpEAmzDUyDQUR5K0wzeo0pBOc6SWF66WCDRRXMd4yhqA==
expires: Fri, 22 Jan 2021 08:12:17 GMT

GET
H2 200 jquery.js Show response
www.bellingcat.com/wp-includes/js/jquery/ 95 KB
34 KB 43ms
42ms Script
application/x-javascript 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 15:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5405
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 33776
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:55 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "17a69-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: dHjfMLtRBN84Jk5G2VNHESbwpY10KIqT1ClCVB73t1szh3xcx5PCeA==
expires: Fri, 22 Jan 2021 15:05:52 GMT

GET
H2 200 nouislider.js Show response
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 58 KB
17 KB 43ms
42ms Script
application/x-javascript 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/nouislider.js?ver=9.1.0

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d9dae239dab8fc3bacbff8cf8220d781551eb467eaccaa5d2ff8fad16477bedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17806
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 17065
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "e876-5b93c52454140-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 7bydp5HXPlWeu3k3wi6ilzwT9eB20aawD57xC0u2WTEozQq_e-GTgw==
expires: Fri, 22 Jan 2021 11:39:11 GMT

GET
H2 200 ImageComparisonSlider.js Show response
www.bellingcat.com/app/plugins/before-after-image-slider-lite/ 4 KB
2 KB 44ms
42ms Script
application/x-javascript 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/before-after-image-slider-lite/ImageComparisonSlider.js?ver=2.1.1

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1fbd60ab313189425b6cbd53ad39e75cb396efaff08264d51de38d02990b0636

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19994
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1230
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "ee3-5b93c52454140-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: Tb2E7ulIpVkUWt14vbx_KCFY-Ovm7OpVdvmc9FZ8YYxr4BpbUqHKvg==
expires: Fri, 22 Jan 2021 11:02:43 GMT

GET
H2 200 hypotext.js Show response
www.bellingcat.com/app/plugins/hypotext/js/ 1 KB
1 KB 62ms
60ms Script
application/x-javascript 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/hypotext/js/hypotext.js?ver=5.5.3

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

52c2bc4f3b828ed2e3685b6e0d16b6d2a0d8a3978dcd1a446b1d981a7b8e1911

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 08:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28831
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 646
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "5ec-5b93c52454140-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: -eFz9SBAUjI-0GR83QXVfrSEk4sobo28V8snRFlIS5FGxzb3ocktpg==
expires: Fri, 22 Jan 2021 08:35:26 GMT

GET
H2 200 main.min.js Show response
www.bellingcat.com/app/themes/bellingcat/assets/js/ 1009 B
939 B 62ms
61ms Script
application/x-javascript 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/js/main.min.js?ver=20210119080714Z

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

7c311581a44591b20d80dda3653dda9e6f891f312f82da0f731f10bf201d5b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 08:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30220
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 394
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:55 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "3f1-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: rJZx9ttetrENz-Q8Ce4f3eknk-RGV2XAAYo855X7Bkzdn0cw7nyEiA==
expires: Fri, 22 Jan 2021 08:12:17 GMT

GET
H2 200 logo_white.svg
www.bellingcat.com/app/themes/bellingcat/assets/logos/ 3 KB
2 KB 42ms
38ms Image
image/svg+xml 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/logos/logo_white.svg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

5fcd6acca9e495424b54cadc1ab00e2a0d35eafe9014305664321b88f351b1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19895
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1519
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "c05-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 5cHCGVLl3iPrAQfpUJIin4XBEgOWeeOQosb_pmeR42jva8_YxwEpoQ==
expires: Fri, 22 Jan 2021 11:04:22 GMT

GET
H2 200 share-twitter.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 718 B
926 B 42ms
39ms Image
image/svg+xml 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/share-twitter.svg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

91c5a3e9d78b65ddd02f50b1fec88da341e7c187b413d543f135e1cac78a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18950
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 421
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "2ce-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: odANxwnl6AGRpFXHkkJ3nvU9o2uv9Q4hDQ_wqcsUGidDsx2ET8CiFQ==
expires: Fri, 22 Jan 2021 11:20:07 GMT

GET
H2 200 share-facebook.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 390 B
791 B 42ms
38ms Image
image/svg+xml 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/share-facebook.svg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

712af120c0636554d31c66ced4ae013f441098c3482d2721217acee9d559ebe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18950
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 285
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "186-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 2Det2YZiWrF7SyHL1ZNfSxmSrVi5yY8sfvVwcDbaZu3HezLIQjIBLg==
expires: Fri, 22 Jan 2021 11:20:07 GMT

GET
H2 200 share-linkedin.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 575 B
856 B 42ms
39ms Image
image/svg+xml 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/share-linkedin.svg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

889ecddb8186b1478ffe273344bc2a2613675140e081d34af08527971c6a3ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18950
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 348
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "23f-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 7FCa5SPdRPmKNN1wEvZGdc-7KBoLKXbl6iWP1NX6GAwLxbZXYZnkHg==
expires: Fri, 22 Jan 2021 11:20:07 GMT

GET
H2 200 share-mail.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 435 B
808 B 43ms
40ms Image
image/svg+xml 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/share-mail.svg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

fc52968c82f073857b771ccb72964217582b9d634c3309c0b2ee9e0239e87219

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18950
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 302
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "1b3-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: lI-IdTNrsNrEtF9CxB8dY_G2VMkV1pSNMWB2onkvVNI1_4Ue3fCoNA==
expires: Fri, 22 Jan 2021 11:20:07 GMT

GET
H2 200 Newsy-Bellingcat-LLMs.png
www.bellingcat.com/app/uploads/2021/01/ 278 KB
279 KB 74ms
70ms Image
image/png 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2021/01/Newsy-Bellingcat-LLMs.png

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

c621b3d6c3a1b906429530d4cfac6ab2f6847a76dca8def14b49fb8aee83e6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:20:18 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 76539
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 285170
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Jan 2021 18:44:05 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "459f2-5b8e0a3e6ffb7"
strict-transport-security: max-age=86400; preload
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 16RMP5g0e2M5e_Pwt6Lct8Kq6sOVen_otfDZuZBn0Nc5FSZL3XaIJA==
expires: Thu, 21 Jan 2021 19:20:18 GMT

GET
H2 200 2021-01-07T231141Z_1318826914_RC2B3L9XUG9V_RTRMADP_3_USA-ELECTION-1200x800.jpg
www.bellingcat.com/app/uploads/2021/01/ 133 KB
134 KB 42ms
40ms Image
image/jpeg 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2021/01/2021-01-07T231141Z_1318826914_RC2B3L9XUG9V_RTRMADP_3_USA-ELECTION-1200x800.jpg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b55413d0c6afd9765600583750fa967ff56a91bcb1371ad0e539112727535425

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 06:14:54 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 37263
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 136186
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Jan 2021 03:36:04 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "213fa-5b85b41862fa7"
strict-transport-security: max-age=86400; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: cIWeK0FQTJk3-wfoXKLMk-l-jbhEVFeXcHhaUA-AKOY0GSow6aakBA==
expires: Fri, 22 Jan 2021 06:14:54 GMT

GET
H2 200 2017-03-02T000000Z_583588770_RC13A0D7C530_RTRMADP_3_USA-CYBER-1200x787.jpg
www.bellingcat.com/app/uploads/2021/01/ 119 KB
120 KB 60ms
58ms Image
image/jpeg 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2021/01/2017-03-02T000000Z_583588770_RC13A0D7C530_RTRMADP_3_USA-CYBER-1200x787.jpg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

181f0732fe3b96f42dc0949d8cd0c6356ca24425bd0b3940622ebd3cd6615a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 17:37:11 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 82726
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 121905
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 07 Jan 2021 15:34:35 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "1dc31-5b8512d48ddf3"
strict-transport-security: max-age=86400; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: -Orut45izN1PDgwCGdrMP7bbJvGyGgEa7cbqA2xNZAPrsrE0CjAsIg==
expires: Thu, 21 Jan 2021 17:37:11 GMT

GET
H2 200 GIJNlogo.svg
www.bellingcat.com/app/themes/bellingcat/assets/images/ 31 KB
6 KB 59ms
57ms Image
image/svg+xml 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/images/GIJNlogo.svg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

add26c326919b0a43a576c4ca72d3b8fe2e43e867c9cf858c46357cbc65309fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:06:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19784
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 6134
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "7a8f-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: vsySBCB2NkMrlAZR5-m9e7bIe25N7KWUAkJOpbhg1pWkSYJ4ZwAbaw==
expires: Fri, 22 Jan 2021 11:06:13 GMT

GET
H2 200 impress.svg
www.bellingcat.com/app/themes/bellingcat/assets/images/ 9 KB
3 KB 59ms
57ms Image
image/svg+xml 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/images/impress.svg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

53b0a63a6811bc2e6e9676a8a2603b875bf480ca6bc4a226ac6a623a0b2d9be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17851
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 3064
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "239e-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: qtsavMVY4-GQ-u-Vlkz-q38pq7y8ZiV3_qdzA4lY-Cuh9Xv4NySAhA==
expires: Fri, 22 Jan 2021 11:38:26 GMT

GET
H2 200 side-matter.js Show response
www.bellingcat.com/app/plugins/side-matter/js/ 2 KB
2 KB 32ms
32ms Script
application/x-javascript 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/plugins/side-matter/js/side-matter.js?ver=1.4

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

bb6be243a6edb5af2e6a2faab1859292927d03807ec03b5d338b6be504c88f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 04:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44101
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1058
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:53 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "958-5b93c52454140-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: SQj_b39dNhaDrHlNvYPqufbxZjAkxpfcFrte0QXaDxtC-1O5z8Qjrg==
expires: Fri, 22 Jan 2021 04:20:56 GMT

GET
H2 200 comment-reply.min.js Show response
www.bellingcat.com/wp-includes/js/ 3 KB
2 KB 33ms
32ms Script
application/x-javascript 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/wp-includes/js/comment-reply.min.js?ver=5.5.3

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 08:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28831
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 1362
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:55 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "bdb-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: W1HojLFF2UufQO0fVpl2kaW8jahaDKp6sisOb-oDWwgYti5PbfMIZQ==
expires: Fri, 22 Jan 2021 08:35:26 GMT

GET
H2 200 wp-embed.min.js Show response
www.bellingcat.com/wp-includes/js/ 1 KB
1 KB 42ms
38ms Script
application/x-javascript 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/wp-includes/js/wp-embed.min.js?ver=5.5.3

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 08:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28831
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 769
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jan 2021 08:06:55 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "59a-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/x-javascript
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: ZGBUfyxzwSDlcyhpDgwWCHKm2C79CHwVhbHp125QToayXRpMyf6qog==
expires: Fri, 22 Jan 2021 08:35:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4585
date: Thu, 21 Jan 2021 15:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 21 Jan 2021 17:19:32 GMT

GET
H2 200 icon-search.svg
www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/ 329 B
743 B 53ms
53ms Image
image/svg+xml 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/icons/svg/icon-search.svg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210119080714Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1526cb1e6028a794e974a70f7f5f8420c7a19f2c267562e198055e54880d26fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210119080714Z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 10:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20950
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 237
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "149-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: image/svg+xml
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 5KoDtqlM0E9RzxmiIQavQHZSnMHpQCRCASeaJpX2YgmHX6ahzbi3dg==
expires: Fri, 22 Jan 2021 10:46:47 GMT

GET
H2 200 AtlasGrotesk-Regular-Web.woff2
www.bellingcat.com/app/themes/bellingcat/assets/fonts/ 38 KB
39 KB 56ms
55ms Font
application/font-woff2 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/fonts/AtlasGrotesk-Regular-Web.woff2?v=3.11

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210119080714Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

c9903be27b8359136da407175ac3d75c0c8600ad74c545f022c54848e56b6c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bellingcat.com
Referer: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210119080714Z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17674
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 39295
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "9979-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/font-woff2
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: JTViWkR9brHJCgPjI7upM0OmLa9SdIFK2OriFdiTL2RxSTo7IKqZoQ==
expires: Fri, 22 Jan 2021 11:41:23 GMT

GET
H2 200 AtlasGrotesk-Bold-Web.woff2
www.bellingcat.com/app/themes/bellingcat/assets/fonts/ 45 KB
46 KB 56ms
55ms Font
application/font-woff2 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/fonts/AtlasGrotesk-Bold-Web.woff2

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210119080714Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

afdddeb891bfa14772729302956ef864a1811eab0f7c9e35d30962ace74f531a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bellingcat.com
Referer: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210119080714Z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 11:17:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19095
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 46520
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "b59c-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/font-woff2
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: y2uHJ3jRoslaLsVweZxnZZG-uGh9pemHta6uTgUyFjmNiE7amoXzvw==
expires: Fri, 22 Jan 2021 11:17:42 GMT

GET
H2 200 AtlasGrotesk-RegularItalic-Web.woff2
www.bellingcat.com/app/themes/bellingcat/assets/fonts/ 40 KB
40 KB 56ms
56ms Font
application/font-woff2 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bellingcat.com/app/themes/bellingcat/assets/fonts/AtlasGrotesk-RegularItalic-Web.woff2?v=3.11

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210119080714Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

4d19b2cb5f9bd33469ae6548240bb7b8cd44b122923a3e4be40d06c0eaae9614

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.bellingcat.com
Referer: https://www.bellingcat.com/app/themes/bellingcat/assets/css/style.min.css?ver=20210119080714Z
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 08:19:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29801
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 40717
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache
x-frame-options: SAMEORIGIN
etag: "9ef1-5b93c5263c5c0-gzip"
strict-transport-security: max-age=86400; preload
content-type: application/font-woff2
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 9Qv4AI5sWf67Jk-yyU1KzYbovCWlJlDg1CpRUcMJqIoVbgBkBnbxLw==
expires: Fri, 22 Jan 2021 08:19:16 GMT

GET
H2 200 fLaFTA7S.jpg
www.bellingcat.com/app/uploads/2015/08/ 12 KB
13 KB 55ms
53ms Image
image/jpeg 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2015/08/fLaFTA7S.jpg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d5a96b5a8a6467789de09cc2048d664b0db80c8b4009a924996bb8e3974d2b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 18:33:24 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 79353
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 12302
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Aug 2015 22:51:32 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "300e-51e167570e500"
strict-transport-security: max-age=86400; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: U1MkyTQj2_STY8_hHUIsI74oxUFtFaLdM-ZQxWNGzqpeyarB4Jgn_A==
expires: Thu, 21 Jan 2021 18:33:24 GMT

GET
H2 200 yandex-instructions1.jpg
www.bellingcat.com/app/uploads/2019/12/ 34 KB
35 KB 36ms
34ms Image
image/jpeg 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2019/12/yandex-instructions1.jpg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

d6adb0b585169c86f092cb64d816667cb6b8ce9863301fc7003d681090b1284f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 22:19:15 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 65802
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 34995
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Dec 2019 21:54:08 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "88b3-59a66111ce000"
strict-transport-security: max-age=86400; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 4Ifwt1M867TySF2_FDEHj79FF4EBztlptxea-2AmALYsVC1cGYSavw==
expires: Thu, 21 Jan 2021 22:19:15 GMT

GET
H2 200 yandex-instructions2-2048x94.jpg
www.bellingcat.com/app/uploads/2019/12/ 9 KB
10 KB 35ms
34ms Image
image/jpeg 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2019/12/yandex-instructions2-2048x94.jpg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

fcdead6def83792188e6a42d80727f66ca930af75fd3ec79dfb769375adb04e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 21:42:04 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68033
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 9499
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Dec 2019 21:54:48 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "251b-59a66137f3a00"
strict-transport-security: max-age=86400; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: JTge0zmo-a_3xOmo_52LSgGFb5Mar7J8LURJGnz2cutzoUsAivyYYA==
expires: Thu, 21 Jan 2021 21:42:04 GMT

GET
H2 200 dubinsky-results.png
www.bellingcat.com/app/uploads/2019/12/ 3 MB
3 MB 38ms
37ms Image
image/png 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2019/12/dubinsky-results.png

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

41befe0ce93091a1c711ae589de9dce4d0cf01fc1c614d09221c4da3d7a8aaac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 19:54:22 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 74495
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 2920132
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Dec 2019 21:49:12 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "2c8ec4-59a65ff784600"
strict-transport-security: max-age=86400; preload
content-type: image/png
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: b5xo-NhDNWsfjHO1yQOIGc9LhwDXYun7Qfou4MAGXpJY_wik0EOjpw==
expires: Thu, 21 Jan 2021 19:54:22 GMT

GET
H2 200 bing-visualsearch.jpg
www.bellingcat.com/app/uploads/2019/12/ 80 KB
80 KB 36ms
35ms Image
image/jpeg 65.9.83.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bellingcat.com/app/uploads/2019/12/bing-visualsearch.jpg

Requested by

Host: www.bellingcat.com
URL: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.83.63 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

398fc7450ce54de4d3ebf14452823d375620f905c131aea869f3440f7126e201

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 13:07:41 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 12496
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 81627
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 23 Dec 2019 22:02:24 GMT
server: Apache
x-frame-options: SAMEORIGIN
etag: "13edb-59a662ead3c00"
strict-transport-security: max-age=86400; preload
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: H1DFnDyGwPTOCmb7GCmgIuOuAmKBoAPXQyrPUP6DQth6f1b-RPLeNQ==
expires: Fri, 22 Jan 2021 13:07:41 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
70 B 15ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1107624893&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bellingcat.com%2Fresources%2Fhow-tos%2F2019%2F12%2F26%2Fguide-to-using-reverse-image-search-for-investigations%2F&ul=en-us&de=UTF-8&dt=Guide%20To%20Using%20Reverse%20Image%20Search%20For%20Investigations%20-%20bellingcat&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=784884738&gjid=654433175&cid=2136217171.1611246958&tid=UA-52456075-1&_gid=1671151684.1611246958&_r=1&_slc=1&z=532993272

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 16:35:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bellingcat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
87 B 13ms
12ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-52456075-1&cid=2136217171.1611246958&jid=784884738&gjid=654433175&_gid=1671151684.1611246958&_u=IEBAAEAAAAAAAC~&z=1721040350

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-for-investigations/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Jan 2021 16:35:57 GMT
content-type: text/plain
access-control-allow-origin: https://www.bellingcat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bellingcat.com/	1970-01-19 15:34:07	Name: _gat Value: 1
.bellingcat.com/	1970-01-19 15:35:33	Name: _gid Value: GA1.2.1671151684.1611246958
.bellingcat.com/	1970-01-20 09:05:18	Name: _ga Value: GA1.2.2136217171.1611246958

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
stats.g.doubleclick.net
www.bellingcat.com
www.google-analytics.com
2a00:1450:4001:802::200e
2a00:1450:400c:c0b::9c
65.9.83.63
67.199.248.11
1526cb1e6028a794e974a70f7f5f8420c7a19f2c267562e198055e54880d26fd
181f0732fe3b96f42dc0949d8cd0c6356ca24425bd0b3940622ebd3cd6615a8c
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd60ab313189425b6cbd53ad39e75cb396efaff08264d51de38d02990b0636
2df0f9bd86491445a6322971f5cfa1d969ae151cf04aadbab172c8c8763bb693
398fc7450ce54de4d3ebf14452823d375620f905c131aea869f3440f7126e201
41befe0ce93091a1c711ae589de9dce4d0cf01fc1c614d09221c4da3d7a8aaac
4d19b2cb5f9bd33469ae6548240bb7b8cd44b122923a3e4be40d06c0eaae9614
52c2bc4f3b828ed2e3685b6e0d16b6d2a0d8a3978dcd1a446b1d981a7b8e1911
53b0a63a6811bc2e6e9676a8a2603b875bf480ca6bc4a226ac6a623a0b2d9be4
57210a7521949509aae3e100db75db1d783ff8b4e6523f91f5bc272cdc6d380d
5fcd6acca9e495424b54cadc1ab00e2a0d35eafe9014305664321b88f351b1db
6a62b27292bceaa1e393720766944026fc6d8a2bb1a2678ecc1dc73e0ba8b1fc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
712af120c0636554d31c66ced4ae013f441098c3482d2721217acee9d559ebe4
7c311581a44591b20d80dda3653dda9e6f891f312f82da0f731f10bf201d5b74
889ecddb8186b1478ffe273344bc2a2613675140e081d34af08527971c6a3ee3
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8de5c221496f370ed55d86f084292e3b694ff38b733b59760f96c1b386fa5855
91c5a3e9d78b65ddd02f50b1fec88da341e7c187b413d543f135e1cac78a65e4
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
add26c326919b0a43a576c4ca72d3b8fe2e43e867c9cf858c46357cbc65309fc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afdddeb891bfa14772729302956ef864a1811eab0f7c9e35d30962ace74f531a
b1770d5a34dd0d47cf631e0088da9e7ec8c2dc28072cab5893e601fea8e06646
b4c133aa5f013f41d5f9a6f8b58640e5b98e6fb9f531ece89b305e16311364d9
b55413d0c6afd9765600583750fa967ff56a91bcb1371ad0e539112727535425
bb6be243a6edb5af2e6a2faab1859292927d03807ec03b5d338b6be504c88f7d
c621b3d6c3a1b906429530d4cfac6ab2f6847a76dca8def14b49fb8aee83e6fe
c9903be27b8359136da407175ac3d75c0c8600ad74c545f022c54848e56b6c27
d5a96b5a8a6467789de09cc2048d664b0db80c8b4009a924996bb8e3974d2b36
d6adb0b585169c86f092cb64d816667cb6b8ce9863301fc7003d681090b1284f
d9dae239dab8fc3bacbff8cf8220d781551eb467eaccaa5d2ff8fad16477bedb
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
fc52968c82f073857b771ccb72964217582b9d634c3309c0b2ee9e0239e87219
fcdead6def83792188e6a42d80727f66ca930af75fd3ec79dfb769375adb04e7

www.bellingcat.com Open in urlscan Pro 65.9.83.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

3788 kBTransfer

4110 kBSize

3 Cookies

40 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bellingcat.com Open in urlscan Pro
65.9.83.63 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

3788 kB
Transfer

4110 kB
Size

3
Cookies

37 HTTP transactions
0 data transactions