hijackfacts.com Open in urlscan Pro
149.56.33.82  Public Scan

24 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response hijackfacts.com/how-to-work-plant-based-biotin-powder/	90 KB 91 KB	592ms 542ms	Document text/html	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 42d0221fda8d146d54bd9f6929c05b94c312c75443f862ba3731bcb5727beeb5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Server Apache X-Pingback https://hijackfacts.com/xmlrpc.php X-LiteSpeed-Tag c06_HTTP.200 Link <https://hijackfacts.com/wp-json/>; rel="https://api.w.org/", <https://hijackfacts.com/wp-json/wp/v2/posts/26938>; rel="alternate"; type="application/json", <https://hijackfacts.com/?p=26938>; rel=shortlink Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	gtranslate-style24.css hijackfacts.com/wp-content/plugins/gtranslate/	693 B 933 B	16ms 11ms	Stylesheet text/css	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.9 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Fri, 28 Jan 2022 02:52:17 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 693
GET H2	200	style.min.css c0.wp.com/c/5.9/wp-includes/css/dist/block-library/	77 KB 10 KB	53ms 16ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9/wp-includes/css/dist/block-library/style.min.css Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT yyz 2 date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br last-modified Tue, 11 Jan 2022 03:15:32 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 18 Feb 2023 03:08:02 GMT
GET H2	200	mediaelementplayer-legacy.min.css c0.wp.com/c/5.9/wp-includes/js/mediaelement/	11 KB 2 KB	53ms 16ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT yyz 2 date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br last-modified Tue, 29 Sep 2020 15:53:06 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 18 Feb 2023 03:08:02 GMT
GET H2	200	wp-mediaelement.min.css c0.wp.com/c/5.9/wp-includes/js/mediaelement/	4 KB 1 KB	53ms 16ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9/wp-includes/js/mediaelement/wp-mediaelement.min.css Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT yyz 2 date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br last-modified Fri, 07 Jun 2019 20:45:02 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 18 Feb 2023 03:08:02 GMT
GET H/1.1	200 OK	bootstrap.min.css hijackfacts.com/wp-content/themes/newscard/assets/library/bootstrap/css/	141 KB 142 KB	27ms 10ms	Stylesheet text/css	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/library/bootstrap/css/bootstrap.min.css?ver=4.0.0 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 2f8d728d935edbf2aeae36b6b3d96634885dbd474ddd1cc7d80711449109221b Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 144831
GET H/1.1	200 OK	font-awesome.css hijackfacts.com/wp-content/themes/newscard/assets/library/font-awesome/css/	37 KB 37 KB	29ms 10ms	Stylesheet text/css	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=5.9 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 37414
GET H2	200	css fonts.googleapis.com/	18 KB 1 KB	84ms 35ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=5.9 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3ce165de72c5e7e69c6e833de56aad56adb3cebbaf93cdffc2b2fe3ab978707c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 18 Feb 2022 03:03:32 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 18 Feb 2022 03:08:02 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 18 Feb 2022 03:08:02 GMT
GET H/1.1	200 OK	style.css hijackfacts.com/wp-content/themes/newscard/	116 KB 116 KB	29ms 10ms	Stylesheet text/css	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/style.css?ver=5.9 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 378cdc2df579843b42e2e922e7b8eec05c11c91b357af7576deaba55fd44afd9 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 118620
GET H/1.1	200 OK	sassy-social-share-public.css hijackfacts.com/wp-content/plugins/sassy-social-share/public/css/	9 KB 10 KB	29ms 10ms	Stylesheet text/css	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.38 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 87e1ed8c94d134e4e068a17891d3dad0d122ee052bf061da0ca0e87b3da75069 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 04 Jan 2022 15:03:05 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 9700
GET H2	200	jetpack.css c0.wp.com/p/jetpack/10.6/css/	86 KB 16 KB	52ms 17ms	Stylesheet text/css	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/10.6/css/jetpack.css Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 1021efafbf9b43acf446f436556222d910e0d86d09d796b6fb16101efedffa22 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT yyz 2 date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br last-modified Tue, 04 Jan 2022 22:15:08 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type text/css access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 18 Feb 2023 03:08:02 GMT
GET H2	200	jquery.min.js Show response c0.wp.com/c/5.9/wp-includes/js/jquery/	87 KB 30 KB	52ms 17ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9/wp-includes/js/jquery/jquery.min.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT yyz 2 date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br last-modified Wed, 10 Mar 2021 15:07:24 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 18 Feb 2023 03:08:02 GMT
GET H2	200	jquery-migrate.min.js Show response c0.wp.com/c/5.9/wp-includes/js/jquery/	11 KB 4 KB	52ms 17ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9/wp-includes/js/jquery/jquery-migrate.min.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT yyz 2 date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br last-modified Wed, 18 Nov 2020 09:06:06 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 18 Feb 2023 03:08:02 GMT
GET H2	200	related-posts.min.js Show response c0.wp.com/p/jetpack/10.6/_inc/build/related-posts/	6 KB 2 KB	52ms 18ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/10.6/_inc/build/related-posts/related-posts.min.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash fe66ac5df69c78be7dfcf75943079129dbf24a254e89febc5a7e916d40de43bc Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT yyz 2 date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br last-modified Tue, 07 Dec 2021 16:56:47 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 18 Feb 2023 03:08:02 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	94 KB 37 KB	99ms 50ms	Script application/javascript	2607:f8b0:4006:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-200886985-1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2008 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bfdc436cb1c83f3f56a65afa01120a7b7512478fb79d66bba50947a232801fe6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37313 x-xss-protection 0 expires Fri, 18 Feb 2022 03:08:02 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	150 KB 53 KB	99ms 51ms	Script text/javascript	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3886227883045602 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1e6a96ee827798b4b5f8468d554038695e6731776bdeabf3f2ce08798c15c824 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://hijackfacts.com/ Origin https://hijackfacts.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:02 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53485 x-xss-protection 0 server cafe etag 14078191901068372426 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 18 Feb 2022 03:08:02 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response hijackfacts.com/wp-includes/js/	18 KB 18 KB	11ms 11ms	Script application/javascript	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 08 Jun 2021 22:15:12 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 18181
GET H2	200	photon.min.js Show response c0.wp.com/p/jetpack/10.6/_inc/build/photon/	685 B 371 B	28ms 18ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/p/jetpack/10.6/_inc/build/photon/photon.min.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash 5cfd3418ebf7c95f8f7a9024ebfa383ff5a267a8568c9a2708c26733824bdf07 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT yyz 2 date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br last-modified Tue, 07 Dec 2021 16:56:47 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 18 Feb 2023 03:08:02 GMT
GET H/1.1	200 OK	popper.min.js Show response hijackfacts.com/wp-content/themes/newscard/assets/library/bootstrap/js/	19 KB 19 KB	12ms 11ms	Script application/javascript	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/library/bootstrap/js/popper.min.js?ver=1.12.9 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash b4d00640b93ccce21719f7146a3aa2393456c28f5439d12454d839412e0c69f3 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 19148
GET H/1.1	200 OK	bootstrap.min.js Show response hijackfacts.com/wp-content/themes/newscard/assets/library/bootstrap/js/	48 KB 48 KB	12ms 11ms	Script application/javascript	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/library/bootstrap/js/bootstrap.min.js?ver=4.0.0 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 65f97dab23e8383e4f9e5b07722014f704b9cb5dc820086014ec715c55e75e33 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 48902
GET H/1.1	200 OK	jquery.matchHeight-min.js Show response hijackfacts.com/wp-content/themes/newscard/assets/library/match-height/	3 KB 4 KB	23ms 10ms	Script application/javascript	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-min.js?ver=0.7.2 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3380
GET H/1.1	200 OK	jquery.matchHeight-settings.js Show response hijackfacts.com/wp-content/themes/newscard/assets/library/match-height/	83 B 336 B	28ms 10ms	Script application/javascript	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/library/match-height/jquery.matchHeight-settings.js?ver=5.9 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash df409cda6bae37bf3f3a02f19396eb0437670f49210fe6134de95a908c0cafa4 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 83
GET H/1.1	200 OK	skip-link-focus-fix.js Show response hijackfacts.com/wp-content/themes/newscard/assets/js/	685 B 939 B	30ms 10ms	Script application/javascript	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/js/skip-link-focus-fix.js?ver=20151215 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 685
GET H2	200	comment-reply.min.js Show response c0.wp.com/c/5.9/wp-includes/js/	3 KB 1 KB	52ms 44ms	Script application/javascript	192.0.77.37 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://c0.wp.com/c/5.9/wp-includes/js/comment-reply.min.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT yyz 2 date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br last-modified Mon, 01 Nov 2021 21:47:13 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 strict-transport-security max-age=15552000 timing-allow-origin * expires Sat, 18 Feb 2023 03:08:02 GMT
GET H/1.1	200 OK	jquery.sticky.js Show response hijackfacts.com/wp-content/themes/newscard/assets/library/sticky/	10 KB 10 KB	30ms 10ms	Script application/javascript	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/library/sticky/jquery.sticky.js?ver=1.0.4 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 10085
GET H/1.1	200 OK	jquery.sticky-settings.js Show response hijackfacts.com/wp-content/themes/newscard/assets/library/sticky/	903 B 1 KB	32ms 10ms	Script application/javascript	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/library/sticky/jquery.sticky-settings.js?ver=5.9 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 541ca6ec26c08bae2158496639872bdc573969743cdd364c29e5302376af50d9 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 903
GET H/1.1	200 OK	scripts.js Show response hijackfacts.com/wp-content/themes/newscard/assets/js/	2 KB 3 KB	37ms 10ms	Script application/javascript	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/js/scripts.js?ver=5.9 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash f23f4cdc16216e281ece6073441ef19eba319f9a0c01eac33c31782d08812ffc Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2412
GET H/1.1	200 OK	sassy-social-share-public.js Show response hijackfacts.com/wp-content/plugins/sassy-social-share/public/js/	119 KB 119 KB	39ms 10ms	Script application/javascript	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.38 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash a28f7b51eecc453bfa4b7794290a3d75918d3983ec835f0089b5a92d90ba9961 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 04 Jan 2022 15:03:05 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 121779
GET H2	200	e-202207.js Show response stats.wp.com/	9 KB 3 KB	53ms 16ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL https://stats.wp.com/e-202207.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc HIT yyz date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br server nginx etag W/"61beb1e6-3508" vary Accept-Encoding access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 expires Mon, 06 Feb 2023 05:00:26 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	76 KB 30 KB	102ms 55ms	Script application/javascript	2607:f8b0:4006:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TN46N58 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2008 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1d3f1ebfbc476da8b5ff605fdc4f567e31b5949810e5c396e29de79fc9dea9bb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30563 x-xss-protection 0 expires Fri, 18 Feb 2022 03:08:02 GMT
GET H2	200	Biotin-Powder.jpg i0.wp.com/hijackfacts.com/wp-content/uploads/2022/02/	87 KB 87 KB	589ms 551ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2022/02/Biotin-Powder.jpg?fit=1500%2C1500&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash 120142feac3d0a9a612dee507d71b2469e4e60975e3c178b2ab55b6e2608efef Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc MISS yyz 1 date Fri, 18 Feb 2022 03:08:03 GMT x-content-type-options nosniff last-modified Fri, 18 Feb 2022 03:08:03 GMT server nginx etag "b5872fbb0fffab8c" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2022/02/Biotin-Powder.jpg>; rel="canonical" content-length 88762 expires Sun, 18 Feb 2024 15:08:03 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	66ms 20ms	Font font/woff2	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=5.9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hijackfacts.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 16:23:56 GMT x-content-type-options nosniff age 211446 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 15 Feb 2023 16:23:56 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff2 hijackfacts.com/wp-content/themes/newscard/assets/library/font-awesome/fonts/	75 KB 76 KB	11ms 11ms	Font font/woff2	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/wp-content/themes/newscard/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=5.9 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://hijackfacts.com/wp-content/themes/newscard/assets/library/font-awesome/css/font-awesome.css?ver=5.9 Origin https://hijackfacts.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT Last-Modified Tue, 30 Nov 2021 07:22:54 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 77160
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	69ms 25ms	Font font/woff2	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=5.9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hijackfacts.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 01:28:42 GMT x-content-type-options nosniff age 5960 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 18 Feb 2023 01:28:42 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	85ms 41ms	Font font/woff2	2607:f8b0:4006:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i&ver=5.9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2003 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://hijackfacts.com Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Sun, 13 Feb 2022 00:09:49 GMT x-content-type-options nosniff age 442693 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 13 Feb 2023 00:09:49 GMT
GET H2	200	cristiano-ronaldo-1618341__480.jpg i0.wp.com/hijackfacts.com/wp-content/uploads/2021/08/	33 KB 33 KB	322ms 321ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2021/08/cristiano-ronaldo-1618341__480.jpg?fit=360%2C480&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash 0a19ad3a458b78c30afdbab21bb13e847451b70e75db9f3531c997685ad374eb Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc MISS yyz 3 date Fri, 18 Feb 2022 03:08:03 GMT x-content-type-options nosniff last-modified Fri, 18 Feb 2022 03:08:03 GMT server nginx etag "09ba2f65d58036a9" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2021/08/cristiano-ronaldo-1618341__480.jpg>; rel="canonical" content-length 33742 expires Sun, 18 Feb 2024 15:08:03 GMT
GET H2	200	download-1.jpeg i0.wp.com/hijackfacts.com/wp-content/uploads/2021/08/	8 KB 9 KB	222ms 221ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2021/08/download-1.jpeg?fit=235%2C214&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash 4b2fa015edbdde1c43d57fce7247098b62b958f15e573cd6932e3cd830e5ebde Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc MISS yyz 1 date Fri, 18 Feb 2022 03:08:02 GMT x-content-type-options nosniff last-modified Fri, 18 Feb 2022 03:08:02 GMT server nginx etag "7b3b27f8fbee21f5" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2021/08/download-1.jpeg>; rel="canonical" content-length 8686 expires Sun, 18 Feb 2024 15:08:02 GMT
GET H2	200	images-2.jpeg i0.wp.com/hijackfacts.com/wp-content/uploads/2021/07/	21 KB 21 KB	331ms 331ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2021/07/images-2.jpeg?fit=647%2C404&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash 8ea987e35b7462aadebfcd33cfce573ad73768bfbce7a06e7fa5790638c67ed9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc MISS yyz 3 date Fri, 18 Feb 2022 03:08:03 GMT x-content-type-options nosniff last-modified Fri, 18 Feb 2022 03:08:03 GMT server nginx etag "a0fc518ead8a41cb" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2021/07/images-2.jpeg>; rel="canonical" content-length 21646 expires Sun, 18 Feb 2024 15:08:03 GMT
GET H2	200	images-3.jpeg i0.wp.com/hijackfacts.com/wp-content/uploads/2021/06/	25 KB 26 KB	297ms 296ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i0.wp.com/hijackfacts.com/wp-content/uploads/2021/06/images-3.jpeg?fit=646%2C474&ssl=1 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash ebaf798e5d969699d43c3d316fcbdcdb757b19025e01ebb5e28c3357db8fda74 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-nc MISS yyz 2 date Fri, 18 Feb 2022 03:08:03 GMT x-content-type-options nosniff last-modified Fri, 18 Feb 2022 03:08:02 GMT server nginx etag "e889fc82dd0d6b3a" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hijackfacts.com/wp-content/uploads/2021/06/images-3.jpeg>; rel="canonical" content-length 26106 expires Sun, 18 Feb 2024 15:08:02 GMT
GET H2	200	app.min.js Show response cdn.webpushr.com/	39 KB 12 KB	85ms 19ms	Script application/javascript	159.203.117.170 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://cdn.webpushr.com/app.min.js Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.203.117.170 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 39e3b7a575958736f4307accdfc7243a4aac7f0342bd12bb0743e7a0932546df Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:02 GMT content-encoding gzip last-modified Sat, 01 Jan 2022 18:51:28 GMT server nginx/1.16.1 etag W/"61d0a2b0-9bef" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/javascript x-gg-cache-status HIT, HIT cache-control max-age=86400 expires Sat, 19 Feb 2022 03:08:02 GMT
GET H2	200	g.gif pixel.wp.com/	50 B 93 B	17ms 16ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.wp.com/g.gif?v=ext&j=1%3A10.6&blog=195057920&post=26938&tz=0&srv=hijackfacts.com&host=hijackfacts.com&ref=&fcp=0&rand=0.3052765933827297 Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers access-control-allow-origin * date Fri, 18 Feb 2022 03:08:02 GMT cache-control no-cache server nginx content-length 50 content-type image/gif
GET H/1.1	200 OK	/ Show response hijackfacts.com/how-to-work-plant-based-biotin-powder/	2 KB 3 KB	491ms 490ms	XHR application/json	149.56.33.82 OVH
General Check archive.org Show headers Download Go to Full URL https://hijackfacts.com/how-to-work-plant-based-biotin-powder/?relatedposts=1 Requested by Host: c0.wp.com URL: https://c0.wp.com/p/jetpack/10.6/_inc/build/related-posts/related-posts.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 149.56.33.82 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip82.ip-149-56-33.net Software Apache / Resource Hash 1a599e334be0f056a0305e3a1b16a84563bf48803874197f71a0b97fe582c9c7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ x-requested-with XMLHttpRequest Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Fri, 18 Feb 2022 03:08:02 GMT X-Content-Type-Options nosniff Server Apache X-Pingback https://hijackfacts.com/xmlrpc.php Content-Type application/json; charset=utf-8 Connection Keep-Alive Transfer-Encoding chunked X-LiteSpeed-Tag c06_HTTP.200 Keep-Alive timeout=5, max=96
GET DATA	200 OK	truncated /	234 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0d7cd639c89358f19d898c0f407c362e22f9f3efb8f419bb35ede15d184daa71 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET H3	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/	290 KB 104 KB	98ms 70ms	Script text/javascript	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3886227883045602 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 010b3f11ea07246c7713a98f862c639dfdf5484a874d9680d24e960bb68315b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:02 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 106766 x-xss-protection 0 server cafe etag 6467132413677595595 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 18 Feb 2022 03:08:02 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/ Frame 32B2	10 KB 5 KB	67ms 19ms	Document text/html	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220216/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3886227883045602 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding x-content-type-options nosniff content-encoding gzip server cafe content-length 4502 x-xss-protection 0 date Fri, 18 Feb 2022 02:51:09 GMT expires Fri, 04 Mar 2022 02:51:09 GMT cache-control public, max-age=1209600 age 1013 etag 4044455266028820542 content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	69ms 20ms	Script text/javascript	2607:f8b0:4006:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-200886985-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 2626 date Fri, 18 Feb 2022 02:24:16 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 18 Feb 2022 04:24:16 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	173 KB 63 KB	55ms 54ms	Script application/javascript	2607:f8b0:4006:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DN2P3VKFD6&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-200886985-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2008 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c3f3d3fb7e04480f7805758672afb77a01c62b1749b13270f1b655bf38392590 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:02 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 64895 x-xss-protection 0 expires Fri, 18 Feb 2022 03:08:02 GMT
POST H/1.1	200 OK	get_info Show response bot.webpushr.com/prompt/	28 KB 8 KB	275ms 114ms	Fetch text/html	64.225.44.23 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bot.webpushr.com/prompt/get_info Requested by Host: cdn.webpushr.com URL: https://cdn.webpushr.com/app.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.225.44.23 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash f31aefd32c951f608da78959aebda99c6fdce7fc1b1d5a143dc8fd63dd790df6 Request headers Referer https://hijackfacts.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 18 Feb 2022 03:08:03 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://hijackfacts.com Access-Control-Allow-Credentials true X-Fastcgi-Cache MISS Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With server_name lookup3
POST H/1.1	200 OK	session Show response analytics.webpushr.com/impression/	0 538 B	240ms 78ms	Fetch text/html	64.227.60.121 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://analytics.webpushr.com/impression/session Requested by Host: cdn.webpushr.com URL: https://cdn.webpushr.com/app.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.227.60.121 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hijackfacts.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 18 Feb 2022 03:08:03 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://hijackfacts.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET H3	200	js Show response www.google-analytics.com/gtm/	92 KB 36 KB	79ms 52ms	Script application/javascript	2607:f8b0:4006:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=OPT-5PZL3K4&t=gtag_UA_200886985_1&cid=759082006.1645153683&aip=true Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 36907855dee09451d52b66ab7c4a8a03115440fdb675212dac5624438b524fd0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:03 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36915 x-xss-protection 0 expires Fri, 18 Feb 2022 03:08:03 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	41ms 33ms	Ping text/plain	2607:f8b0:4006:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-DN2P3VKFD6&gtm=2oe2g0&_p=2112718805&sr=1600x1200&gdid=dZTNiMT&ul=en-us&cid=759082006.1645153683&_s=1&dl=https%3A%2F%2Fhijackfacts.com%2Fhow-to-work-plant-based-biotin-powder%2F&dt=How%20to%20Work%20Plant%20Based%20Biotin%20Powder%20-%20HIJACKFACTS&sid=1645153682&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DN2P3VKFD6&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 03:08:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://hijackfacts.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	219 B 646 B	82ms 34ms	Script text/javascript	142.251.40.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=hijackfacts.com&callback=_gfp_s_&client=ca-pub-3886227883045602 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f2.1e100.net Software cafe / Resource Hash 7f9fa3d2227acf99cd1a1b5cbfa0a4b3de98e87c363b01ca09754f3f86f401ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 202 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.ca/adsid/	107 B 792 B	99ms 42ms	Script application/javascript	2607:f8b0:4006:80c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ca/adsid/integrator.js?domain=hijackfacts.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80c::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 18 Feb 2022 03:08:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	107ms 56ms	Script application/javascript	2607:f8b0:4006:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=hijackfacts.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 18 Feb 2022 03:08:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 4B13	17 KB 5 KB	182ms 153ms	Document text/html	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3886227883045602&output=html&adk=1812271804&adf=3025194257&lmt=1645153683&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=127x630_l%7C127x900_r&format=0x0&url=https%3A%2F%2Fhijackfacts.com%2Fhow-to-work-plant-based-biotin-powder%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645153682822&bpp=3&bdt=272&idt=155&shv=r20220216&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3759058494283&frm=20&pv=2&ga_vid=759082006.1645153683&ga_sid=1645153683&ga_hid=2112718805&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750774%2C44756087%2C31063910&oid=2&pvsid=2175576835542375&pem=447&tmod=1588334821&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=231 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 132278a08d8eee61e620d3448ecb98b0af30614b8c79ee4bf470260306d4dcc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 18 Feb 2022 03:08:03 GMT server cafe content-length 4949 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 18 Feb 2022 03:08:03 GMT cache-control private
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	32ms 32ms	XHR text/plain	2607:f8b0:4006:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=2112718805&t=pageview&_s=1&dl=https%3A%2F%2Fhijackfacts.com%2Fhow-to-work-plant-based-biotin-powder%2F&ul=en-us&de=UTF-8&dt=How%20to%20Work%20Plant%20Based%20Biotin%20Powder%20-%20HIJACKFACTS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACUADRAAAAC~&jid=1725291525&gjid=178141401&cid=759082006.1645153683&tid=UA-200886985-1&_gid=1004155592.1645153683&_r=1&gtm=2ou2g0&did=dZTNiMT&gdid=dZTNiMT&z=881563930 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::200e Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://hijackfacts.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 18 Feb 2022 03:08:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://hijackfacts.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	prompt Show response analytics.webpushr.com/impression/	0 538 B	79ms 79ms	Fetch text/html	64.227.60.121 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://analytics.webpushr.com/impression/prompt Requested by Host: cdn.webpushr.com URL: https://cdn.webpushr.com/app.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.227.60.121 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hijackfacts.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 18 Feb 2022 03:08:03 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://hijackfacts.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
POST H/1.1	200 OK	prompt Show response analytics.webpushr.com/impression/	0 538 B	158ms 78ms	Fetch text/html	64.227.60.121 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://analytics.webpushr.com/impression/prompt Requested by Host: cdn.webpushr.com URL: https://cdn.webpushr.com/app.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.227.60.121 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hijackfacts.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 18 Feb 2022 03:08:03 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://hijackfacts.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET DATA	200 OK	truncated /	643 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash df28ecf929157156d9e444395da96bba8bec6319d1e88ea7241ee861bb1e76e0 Request headers Accept-Language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	oIZaG37gUC.jpg cdn.webpushr.com/wordpressimages/	24 KB 24 KB	301ms 301ms	Image image/jpeg	159.203.117.170 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.webpushr.com/wordpressimages/oIZaG37gUC.jpg Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.203.117.170 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 9db54694558f267a141121493a4134b52315bca2008cf1bb87b43e14962b8668 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:03 GMT last-modified Fri, 18 Feb 2022 03:01:48 GMT server nginx/1.16.1 etag "620f0c1c-60bc" content-type image/jpeg access-control-allow-origin * x-gg-cache-status MISS accept-ranges bytes content-length 24764
GET H2	200	webpushr_bell_icon.png cdn.webpushr.com/siteassets/	3 KB 3 KB	18ms 18ms	Image image/png	159.203.117.170 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.webpushr.com/siteassets/webpushr_bell_icon.png Requested by Host: hijackfacts.com URL: https://hijackfacts.com/how-to-work-plant-based-biotin-powder/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.203.117.170 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.16.1 / Resource Hash bfc253a49636919234fdcd5bb22c28ce789336bfcf098fd50a363be4d124d066 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:03 GMT last-modified Thu, 15 Oct 2020 19:51:19 GMT server nginx/1.16.1 etag "5f88a837-b5b" content-type image/png access-control-allow-origin * x-gg-cache-status HIT accept-ranges bytes content-length 2907
POST H/1.1	200 OK	impression Show response analytics.webpushr.com/notification_card/	0 538 B	79ms 79ms	Fetch text/html	64.227.60.121 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://analytics.webpushr.com/notification_card/impression Requested by Host: cdn.webpushr.com URL: https://cdn.webpushr.com/app.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.227.60.121 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://hijackfacts.com/ Accept-Language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 18 Feb 2022 03:08:03 GMT Content-Encoding gzip Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://hijackfacts.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	13 KB 10 KB	73ms 46ms	XHR application/json	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220216&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8468fa4056569a9e23a5791df28c8a05e8abc1cb6c160b4544afa4ef7a091a86 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers timing-allow-origin * date Fri, 18 Feb 2022 03:08:03 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9840 x-xss-protection 0
GET H3	204	a www.googletagmanager.com/	0 17 B	40ms 40ms	Image image/gif	2607:f8b0:4006:809::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/a?id=OPT-5PZL3K4&cv=1&t=ol&s=h1&h=492&g=138&p=gtag&o=4000&l=393&q=368&f=95&e=33&i=47&d=315&c=-25&hc=0&sr=0.050000&ps=0.0014468257247481908&cb=867268912 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:809::2008 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 03:08:03 GMT server Google Tag Manager vary * content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	127ms 80ms	Script text/javascript	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 18 Feb 2022 03:08:03 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F05	13 KB 5 KB	50ms 20ms	Document text/html	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 16 Feb 2022 23:51:40 GMT expires Thu, 16 Feb 2023 23:51:40 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 98183 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 8F69	783 B 1 KB	92ms 42ms	Document text/html	2607:f8b0:4006:822::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5b01a82d2a7f9e4c8e74a51711daaf62665d5e1892e4c5f079f53bb9464c0c54 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-l7GgJwcj4xpAFD8snfKHjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Fri, 18 Feb 2022 03:08:03 GMT date Fri, 18 Feb 2022 03:08:03 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-l7GgJwcj4xpAFD8snfKHjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js Show response pagead2.googlesyndication.com/bg/ Frame 4F05	35 KB 13 KB	22ms 21ms	Script text/javascript	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IfvWsR8c8QoIXMZVBAT6kqVdCzRxsMqQy0C-AEZrj6Q.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 21fbd6b11f1cf10a085cc6550404fa92a55d0b3471b0ca90cb40be00466b8fa4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 01:35:45 GMT content-encoding br x-content-type-options nosniff age 264738 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13530 x-xss-protection 0 last-modified Mon, 14 Feb 2022 11:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 15 Feb 2023 01:35:45 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 8F69	0 0	83ms 83ms	Image text/html	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220216&jk=2175576835542375&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 4F05	0 9 B	20ms 20ms	Image text/plain	2607:f8b0:4006:816::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?XajPrg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:816::2001 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Fri, 18 Feb 2022 03:08:04 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	85ms 84ms	Image image/gif	2607:f8b0:4006:823::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220216&jk=2175576835542375&bg=!q6ilqOzNAAbf-5Dq3_s7ACkAdvg8WlCkZjMXusJNrJsF1qVR84mAIksun5F-J3L79bfp3W2dWBn1RQIAAABwUgAAAAJoAQeZAtMX8ChhKBuvIuuP0fn9RyrV-AWcLDFIpN8NhU1N8NZSINcvs_h_ixH3fiaGZBssSOi1EiubK9dK0vg2ztr9CBihBKwkBPdR9Uj1yhR4PaHx-zQ3QPk_4a6eWOWoLwgiuHpLEPZ44OPRnW9qa9UnXAhNhmiarGbixKDJDx4Os08HAT3D2EkkuuiZf_7zSlvJ16stq2JRHzpBLMivs5VcxXJdT39rGMQxdG3cuA1UZN5UY6_retQ-S7nGC6arGscT3mMsre75fhPgHFbxfPzvb_XEjT36bPlbBIBvTitzHcxVbNDhEHIl_VETP19tDhH4z6SEjHmp5-cMk0BniNq2DXmqlabVpSRUbRB1hpmSxjzCmTK5U26S3HG6sE7BCJTJujrcfZk7VD7moOqNW60dDxgDvpsb85l6p05kLl-T0tz_-Q6htVtbAVzHIoiH4Z758IN4fmKaWVY_gJoR4xB4xihQF8Tj-M8E-ZM_SvD2DFrVtk8DoVkmY1P7PnNoqA7Hdobx_PtWQJG0GCkMLRyv4PDcmHnsGZi9JTMfx_1YfeSK77XmGASHUVhJWJ8rmBY4ZPmYmUkUKclajKIFAR95y7N-IA0IMQ3fwcj0_ilc0glfNoSmvysDHWqNO_0RaHOX0HyoTufTk8NnP8i9BPyHPG9Uzuxck9WwTUzKQSDslcJSkqF8y4twe8uL1xAKZUFMvyizK-iPmrq9oWDlVMxAOMINrSNcJQqXW1YhaCRX4DLT2GHgZoBOWbaIE7zpcxPXsLxsRq1Abcbc-HWWK1fBosH8xAXgCQsyH4vDnhVYK6aoniRKrk-upjUZbvLXCNCGbAv6YPXpx1MuUEF95anEV0q2oPWZb-wITHtwzMRkOwU8N4YCQSpVoAo42odl4H4hECvHbEo5Ep2zju5TZF_FhBqqjGh1GjmdBDGTBk0LV-4ugif6mCEqF0Dg6jtCbGTObNSzlDQ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language en-CA,en;q=0.9 Referer https://hijackfacts.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers pragma no-cache date Fri, 18 Feb 2022 03:08:04 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT