www.thelayoff.com Open in urlscan Pro
2606:4700:10::6814:843b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thelayoff.com/
Effective URL:
https://www.thelayoff.com/
Submission Tags: tranco_l324
Submission: On November 16 via api (November 16th 2021, 4:15:29 am UTC) from DE — Scanned from DE

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 49 HTTP transactions. The main IP is 2606:4700:10::6814:843b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thelayoff.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 30th 2021. Valid for: a year.

This is the only time www.thelayoff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6814:843b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::2013	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:e000:f:e7d4:f900:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
4	13.32.21.201 13.32.21.201	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
6	35.190.62.199 35.190.62.199	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:5200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
49	20

1 2606:4700:10::ac43:7e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thelayoff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:843b (United States)

ASN13335 (CLOUDFLARENET, US)

www.thelayoff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

assets.thelayoff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e000:f:e7d4:f900:21 (United States)

ASN16509 (AMAZON-02, US)

d2yxxa3y12yhno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.21.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.62.199 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 199.62.190.35.bc.googleusercontent.com

stupendoussnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:5200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	google.com cse.google.com www.google.com clients1.google.com	169 KB
8	thelayoff.com 1 redirects thelayoff.com www.thelayoff.com assets.thelayoff.com	607 KB
6	gstatic.com fonts.gstatic.com	152 KB
6	stupendoussnow.com stupendoussnow.com	195 KB
4	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	147 KB
4	amazon-adsystem.com c.amazon-adsystem.com	40 KB
2	facebook.com www.facebook.com	508 B
2	facebook.net connect.facebook.net	113 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	clean.gg i.clean.gg	104 B
2	googlesyndication.com pagead2.googlesyndication.com	147 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	adsafeprotected.com static.adsafeprotected.com	482 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	cloudfront.net d2yxxa3y12yhno.cloudfront.net	37 KB
49	15

	Domain	Requested by
6	fonts.gstatic.com	www.thelayoff.com fonts.googleapis.com
6	stupendoussnow.com	d2yxxa3y12yhno.cloudfront.net
5	www.google.com	d2yxxa3y12yhno.cloudfront.net www.google.com www.thelayoff.com
4	c.amazon-adsystem.com	d2yxxa3y12yhno.cloudfront.net c.amazon-adsystem.com
4	assets.thelayoff.com	www.thelayoff.com assets.thelayoff.com
3	securepubads.g.doubleclick.net	d2yxxa3y12yhno.cloudfront.net securepubads.g.doubleclick.net
3	www.thelayoff.com	www.thelayoff.com
2	www.facebook.com	www.thelayoff.com
2	connect.facebook.net	d2yxxa3y12yhno.cloudfront.net
2	www.google-analytics.com	d2yxxa3y12yhno.cloudfront.net www.google-analytics.com
2	cse.google.com	d2yxxa3y12yhno.cloudfront.net
2	i.clean.gg	d2yxxa3y12yhno.cloudfront.net
2	pagead2.googlesyndication.com	www.thelayoff.com d2yxxa3y12yhno.cloudfront.net
1	fonts.googleapis.com	d2yxxa3y12yhno.cloudfront.net
1	static.adsafeprotected.com	www.thelayoff.com
1	clients1.google.com	www.thelayoff.com
1	googleads.g.doubleclick.net	d2yxxa3y12yhno.cloudfront.net
1	www.googletagmanager.com	d2yxxa3y12yhno.cloudfront.net
1	d2yxxa3y12yhno.cloudfront.net	www.thelayoff.com
1	thelayoff.com	1 redirects
49	20

This site contains links to these domains. Also see Links.

Domain
getadmiral.com

Subject Issuer	Validity	Valid
thelayoff.com Cloudflare Inc ECC CA-3	`2021-05-30` - `2022-05-29`	a year	crt.sh
assets.thelayoff.com R3	`2021-09-21` - `2021-12-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
stupendoussnow.com R3	`2021-10-25` - `2022-01-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.thelayoff.com/
Frame ID: EEB4B34FA750934DC2BB96FA926D1F78
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 6B23AC7A4DFC8EF00DE46AAA4C113158
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TheLayoff.com - Layoffs Discussion Boardsearchuser-signalchecklistsettings-toggle-horizontal

Page URL History Show full URLs

http://thelayoff.com/ HTTP 301
https://www.thelayoff.com/ Page URL

Page Statistics

49
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

1669 kB
Transfer

4382 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://getadmiral.com/pb/?utm_source=www.thelayoff.com&utm_medium=pb&session=4-36a7a0c4-996101a1e1f8f682d0bf7fef982be16e-6763652d6575726f70652d7765737431-6193305d-0
Title: Powered By

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thelayoff.com/ HTTP 301
https://www.thelayoff.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thelayoff.com/
Redirect Chain

http://thelayoff.com/
https://www.thelayoff.com/

54 KB
13 KB

633ms
574ms

Document
text/html

2606:4700:10::6814:843b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:843b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ef8644cf98dea1b7d8d68dc86b732aa933307b66f3e3e7e51ac915d4fbe6147

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
content-type: text/html; charset=utf-8
cache-control: must-revalidate, private
etag: W/"5525af8b0590502fed84d9758cb5181dd03e0a4326775dd66550f4df7c12d578-a"
x-cloud-trace-context: ba4ea4c8ccdda47d46abca10e5e5f760
vary: Accept-Encoding
expires: Tue, 16 Nov 2021 04:15:24 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6aede5ddca6a59bf-MXP
content-encoding: br

Redirect headers

Date: Tue, 16 Nov 2021 04:15:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 16 Nov 2021 05:15:23 GMT
Location: https://www.thelayoff.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6aede5dd48303758-MXP

GET
H2 200 app-a23f3739ef.css
assets.thelayoff.com/assets/css/TLO/app/ 40 KB
40 KB 95ms
17ms Stylesheet
text/css 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thelayoff.com/assets/css/TLO/app/app-a23f3739ef.css
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b1de1e0b493101a35deffba929851bcc47c77e80b087bcf366481967da273e1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 01:55:41 GMT
server: Google Frontend
age: 94783
etag: "TxEJvg"
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 71b57c888c44d7188afacdda79ce1e00
cache-control: public, max-age=31536000
content-length: 40974
expires: Tue, 15 Nov 2022 01:55:41 GMT

GET
H2 200 app-87d3fa328c.js Show response
assets.thelayoff.com/assets/js/prod/TLO/app/ 350 KB
350 KB 106ms
28ms Script
application/javascript 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thelayoff.com/assets/js/prod/TLO/app/app-87d3fa328c.js
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d7b429c343017b440ed733058bce3ebb38a3e9902952b4a5e5413177c402938e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 01:43:37 GMT
server: Google Frontend
age: 9107
etag: "TxEJvg"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 07754d6aa647cf3cf69284a374ba1340;o=1
cache-control: public, max-age=31536000
content-length: 357942
expires: Wed, 16 Nov 2022 01:43:37 GMT

GET
H2 200 prebid.js Show response
www.thelayoff.com/ 347 KB
91 KB 167ms
166ms Script
application/javascript 2606:4700:10::6814:843b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelayoff.com/prebid.js
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:843b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b038304b76acd3d3c26913bb28c31f133b3730fbe1f717dedc69eee10b259752

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
content-encoding: br
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"TxEJvg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: a0b673d0ebe983356c1622ffbc18fbc0
cache-control: public, max-age=432000
cf-ray: 6aede5e1bf2159bf-MXP
expires: Tue, 16 Nov 2021 04:25:24 GMT

GET
H2 200 script.js Show response
d2yxxa3y12yhno.cloudfront.net/ 109 KB
37 KB 77ms
13ms Script
application/javascript 2600:9000:2057:e000:f:e7d4:f900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e000:f:e7d4:f900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33ddacee4194be30a43c3e239fd5c0c24b52a1626217ab369c89c8427b36a97e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 11:04:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"c2a3c328440ef17fe382ea5e96b68063"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: 6-veUJrUg2ga6IhVB7kmehyib3mNB84-6SB3R-tZc9JVR9SqLiwsAA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 61ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16fabbe818c18cdbba7a8505c38bcee042bfa59f5dc5d0870c8ee39e4aaaa3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51309
x-xss-protection: 0
server: cafe
etag: 7507393183326358288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Nov 2021 04:15:24 GMT

GET
H2 200 logo.png
assets.thelayoff.com/assets/images/TLO/app/ 1 KB
1 KB 16ms
15ms Image
image/png 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thelayoff.com/assets/images/TLO/app/logo.png
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1b957f9dae3447f060741a85a4dac51025280e56a67fbe369da265f0a76cca96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:12:32 GMT
server: Google Frontend
age: 172
etag: "TxEJvg"
content-type: image/png
access-control-allow-origin: *
x-cloud-trace-context: a1cde550cd54307ee6e32d7f2d6de3b3
cache-control: public, max-age=600
content-length: 1083
expires: Tue, 16 Nov 2021 04:22:32 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 118ms
96ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thelayoff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Tue, 16 Nov 2021 04:15:24 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 96ms
95ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelayoff.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 58ms
9ms Script
application/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:13:30 GMT
content-encoding: gzip
age: 113
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 1DH1VEZJ80JJ04J2H31Z
etag: fc2e1be4d234471752ea2ebee7e63d1e
vary: Accept-Encoding
x-amz-version-id: okBBdl4mniljyIhAB_yWlERThSsUPvbQ
via: 1.1 a7631312afe99e40229aa0da70662113.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: oS2RczgxRy5xpk-P2je5DKd0nEPsojGkHtpT-XhYoF6QIkxq0JYDAQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
39 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3VN9S

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a27315a756b2daca337fdff85feacb73606d8174a2c0780915454bdd798e9b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39252
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Nov 2021 04:15:24 GMT

GET
H2 200 v2vrcIWue9hVBNMr4GzmaiTqZswlA3Lyp9DxWaHbzfBGJYSpbUorJ2vnpwCVijiio Show response
stupendoussnow.com/ 643 KB
115 KB 269ms
234ms Script
text/javascript 35.190.62.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2vrcIWue9hVBNMr4GzmaiTqZswlA3Lyp9DxWaHbzfBGJYSpbUorJ2vnpwCVijiio

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.62.190.35.bc.googleusercontent.com

Software

Resource Hash

338b63cc4f9f9391d793e94c7385f89a03cfcb0fd7d14708721beb0307f87ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "17d7dea5b2f1441afb736e10b8c394ba815a3dfc4ffdd1a41f7d0f083efb991f"
vary: Accept-Encoding, Accept-Language
x-hostname: e00eae1c
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 16 Nov 2021 04:15:24 GMT
timing-allow-origin: *

GET
H2 200 v2rjePF00qYmg_cEpitnv6NiUnmxGBwrJthuH2l1yDm3bua_Y_P2WbVp0bWEfuPCfxzDyEbR1GoGCOZMYyA Show response
stupendoussnow.com/ 16 KB
6 KB 245ms
210ms Script
text/javascript 35.190.62.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2rjePF00qYmg_cEpitnv6NiUnmxGBwrJthuH2l1yDm3bua_Y_P2WbVp0bWEfuPCfxzDyEbR1GoGCOZMYyA

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.62.190.35.bc.googleusercontent.com

Software

Resource Hash

67f294fd6824c076d6c9a9262b5f42b8c197ec80c560beb7fc8595b25c66c51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "5f876e8a20f1b4cd3af9be0d92ef7ded433474f11e66f125c55a7a596b9e3931"
vary: Accept-Encoding, Accept-Language
x-hostname: e00eae1c
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 16 Nov 2021 04:15:24 GMT
timing-allow-origin: *

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
15 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/
Origin: https://www.thelayoff.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 06:33:28 GMT
x-content-type-options: nosniff
age: 337316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 06:33:28 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v17/ 34 KB
35 KB 19ms
17ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/
Origin: https://www.thelayoff.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:37 GMT
x-content-type-options: nosniff
age: 550307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35284
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:52:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 19:23:37 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v18/ 13 KB
14 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/
Origin: https://www.thelayoff.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 22:46:51 GMT
x-content-type-options: nosniff
age: 365313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13780
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 22:46:51 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 66ms
41ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-2815355632543185:7817595802

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

2ec796f3711b85127413647d1baed22a30eaf04813b44fb739eb70f064c78496

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Tue, 16 Nov 2021 04:15:24 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3479
x-xss-protection: 0
expires: Tue, 16 Nov 2021 04:15:24 GMT

GET
H2 200 captcha Show response
assets.thelayoff.com/ 154 B
328 B 150ms
127ms XHR
text/html 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thelayoff.com/captcha
Requested by: Host: assets.thelayoff.com
URL: https://assets.thelayoff.com/assets/js/prod/TLO/app/app-87d3fa328c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1bf04d10b33ae3636472dcf71e5a5e505488bb099db2d1cde2e404a6e3b4163e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 622c92ae27137a9627d1f588046b2c31
cache-control: no-cache
content-length: 138

GET
DATA 200
OK truncated
/ 253 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b0559df9959b25f352d936b30c802cd0c58abe8b71cd7374c50ba9df966206d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/
Origin: https://www.thelayoff.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:28:44 GMT
x-content-type-options: nosniff
age: 398800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 13:28:44 GMT

GET
H2 200 worker-bundle-d82211d09a.js
www.thelayoff.com/assets/js/prod/TLO/app/ 382 KB
111 KB 35ms
35ms Other
application/javascript 2606:4700:10::6814:843b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelayoff.com/assets/js/prod/TLO/app/worker-bundle-d82211d09a.js
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:843b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 877b695dc8ab35561a229aec0aadd9986154b60bd2dadcdf770321bd98a44121

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4389958
etag: W/"DV82Ag"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 873ba46126f7f46de684c7abe4f8d66b;o=1
cache-control: public, max-age=31536000
cf-ray: 6aede5e3697e59bf-MXP
expires: Sun, 25 Sep 2022 19:16:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 890
date: Tue, 16 Nov 2021 04:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 16 Nov 2021 06:00:34 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 59ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: /y9DMchPHEfNU2zZwQaZ59ejNMQ7YBR6FPUDz61WsifJF7BwFOygL7AoG0wmPNXiuZJpO2DV1CpxCz0yMH2aTg==
x-fb-trip-id: 720026100
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Nov 2021 04:15:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/54e62135847a1703/ 300 KB
99 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/54e62135847a1703/cse_element__en.js?usqp=CAI%3D

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 20:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101668
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 20:41:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 15 Nov 2022 20:36:58 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/54e62135847a1703/ 41 KB
9 KB 31ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/54e62135847a1703/default+en.css

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 23:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9086
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 20:41:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 12 Nov 2022 23:11:44 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 30ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 16 Nov 2021 04:22:55 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
304 B 105ms
104ms XHR
text/plain 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.thelayoff.com%2F&pubid=c98d9ca3-74f6-411e-a97e-3e9fb7150426
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
via: 1.1 a7631312afe99e40229aa0da70662113.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.thelayoff.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: NRfbME_CEbeB3CfDMDoeBZ6mtk1rMIENGUJuk9nVIlcmcdABlGdkEQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 7396
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Tue, 16 Nov 2021 02:12:09 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8e83c42d247a31c5b365c08a0352d8f9.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: nCY-Nnt22gxCufUrifCHpaWoXkyYySlkHf-hBZcHe3pBgVqcQO3udQ==

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/ 268 KB
97 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5319129750974885&plah=www.thelayoff.com&bust=31063703

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6eb3e87b176ad0532b99deb5813f98dc1e4253380d0e0b97a10bd8d40e90e455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98711
x-xss-protection: 0
server: cafe
etag: 6659796341663772693
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Nov 2021 04:15:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 6B23 11 KB
5 KB 36ms
11ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 15 Nov 2021 06:55:30 GMT
expires: Mon, 29 Nov 2021 06:55:30 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 76794
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
208 B 15ms
14ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=290146110&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thelayoff.com%2F&ul=en-us&de=UTF-8&dt=TheLayoff.com%20-%20Layoffs%20Discussion%20Board&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=264399292&gjid=1970201303&cid=1298573454.1637036124&tid=UA-10256470-8&_gid=1120296192.1637036124&_r=1&gtm=2wgba1M3VN9S&z=1666751733

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelayoff.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:15:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelayoff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
493 B 50ms
49ms XHR
text/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.thelayoff.com%2F&pid=SdGyO4dxJh6FY&cb=0&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-TLO_sticky%22%2C%22s%22%3A%5B%22300x600%22%2C%22240x240%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22356742356%2FTLO_sticky%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TLO_Left_Sticky%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22356742356%2FTLO_Left_Sticky%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TLO_top%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22356742356%2FTLO_top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TLO_above-fold%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22356742356%2FTLO_above-fold%22%7D%5D&pubid=c98d9ca3-74f6-411e-a97e-3e9fb7150426&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
via: 1.1 a7631312afe99e40229aa0da70662113.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: BF78WCV3567NTFT36QW2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RGp272pdjLPtcAAghUlA53oXaWd8SLNMN_ybP5ZvU0hk_JIImj8EEQ==

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 143 KB
52 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2503fc8caec27c5cd8bfb53d9990e45f53093bd81c0b0206d7afb85bb38879b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "13070985892378468413"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Tue, 16 Nov 2021 04:15:24 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/54e62135847a1703/default+en.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/54e62135847a1703/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 12:46:34 GMT
x-content-type-options: nosniff
age: 401330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 11 Nov 2022 12:46:34 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 12ms
11ms Image
image/png 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 05:35:05 GMT
x-content-type-options: nosniff
age: 427219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 11 Nov 2022 05:35:05 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
178 B 36ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 1810234349221521 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 71ms
71ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1810234349221521?v=2.9.48&r=stable

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f3d931744ec0be8f1360b94973bb84df97defca56e7b9eb7cbe964b98d1fe42b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: aDzfs0a8JgoVvnrOztc+F1RExUWbHUCb7vbybkbvRNbe7GCa06+7QlhfFPyFX3oxpcSLvyLtE5nNheLEZcoUxg==
x-fb-trip-id: 720026100
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Nov 2021 04:15:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 87ms
7ms Image
image/gif 2600:9000:211e:5200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
age: 8769651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: 866L0qBtOAjG3UZ2wr52rHX4YuoNcmj96CBr_CFPgVsoAzTdHmIIhQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 57ms
18ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1810234349221521&ev=PageView&dl=https%3A%2F%2Fwww.thelayoff.com%2F&rl=&if=false&ts=1637036124895&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637036124894.1402347605&it=1637036124469&coo=false&rqm=GET

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 16 Nov 2021 04:15:25 GMT

POST
H2 200 v2hgoJVliPaWDTetgGCs1kIgVKGoqqkmmdsxl3UaFYCMdJqlK3jGODQlJf4KwEwbOqONl7dqFYZfJSvOWgA Show response
stupendoussnow.com/ 216 B
614 B 44ms
17ms Fetch
application/json 35.190.62.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2hgoJVliPaWDTetgGCs1kIgVKGoqqkmmdsxl3UaFYCMdJqlK3jGODQlJf4KwEwbOqONl7dqFYZfJSvOWgA

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.62.190.35.bc.googleusercontent.com

Software

Resource Hash

5d236e74c4d9042464474c13105240020d4c930e96202bd68b350f51822393e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thelayoff.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 16 Nov 2021 04:15:25 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: e00eae1c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 16 Nov 2021 04:15:24 GMT

POST
H2 200 v2zwgdjsnXIt57cuuwi704-mB6zbjqwX69I2_ftgBozBPaZ7PILprWAE9SpdNOMMrh5-EG9CS3vjqqLpMmg Show response
stupendoussnow.com/ 433 B
468 B 221ms
221ms Fetch
application/json 35.190.62.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2zwgdjsnXIt57cuuwi704-mB6zbjqwX69I2_ftgBozBPaZ7PILprWAE9SpdNOMMrh5-EG9CS3vjqqLpMmg

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.62.190.35.bc.googleusercontent.com

Software

Resource Hash

d1cc841eb84b09dfc7ab02f09b58fde520729cac5c184f4b137b6d410ceb2c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thelayoff.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 16 Nov 2021 04:15:25 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
x-hostname: e00eae1c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 433

GET
H2 200 ConsentManager Show response
stupendoussnow.com/v2yadRWhgVsro02UOxOA2cvSV3dSJUWXe_LUwQ3jr_sLAc7FSbQKspXLxJuVt15DIzXsZq9bc0IkZ5KuP/ 246 KB
73 KB 47ms
46ms Script
text/javascript 35.190.62.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2yadRWhgVsro02UOxOA2cvSV3dSJUWXe_LUwQ3jr_sLAc7FSbQKspXLxJuVt15DIzXsZq9bc0IkZ5KuP/ConsentManager

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.62.190.35.bc.googleusercontent.com

Software

Resource Hash

117ce1da4bceb30fdaa42540da5bbc8d46d81713d5ce0178fff03faf716c3f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thelayoff.com/
Origin: https://www.thelayoff.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "1e6c5d51871175ed4842ef7f000ae7b384090ada3c5f956267aa48d77dcb3ea5"
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
x-hostname: e00eae1c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date: Tue, 16 Nov 2021 04:15:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 20ms
18ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1810234349221521&ev=Microdata&dl=https%3A%2F%2Fwww.thelayoff.com%2F&rl=&if=false&ts=1637036125402&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TheLayoff.com%20-%20Layoffs%20Discussion%20Board%22%2C%22meta%3Adescription%22%3A%22Layoffs%20Discussion%2C%20News%20and%20Rumors.%20Ask%2C%20answer%2C%20speculate%20on%20layoffs%20in%20your%20company...%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22TheLayoff.com%22%2C%22og%3Atitle%22%3A%22TheLayoff.com%20-%20Layoffs%20Discussion%20Board%22%2C%22og%3Adescription%22%3A%22Layoffs%20Discussion%2C%20News%20and%20Rumors.%20Ask%2C%20answer%2C%20speculate%20on%20layoffs%20in%20your%20company...%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.thelayoff.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637036124894.1402347605&it=1637036124469&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 16 Nov 2021 04:15:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 41ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b35bf395eacb6c9729106a9e6a6e12856c8bab8f9109a4fae0f7704b60a22b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:14:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Nov 2021 04:15:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Nov 2021 04:15:25 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 37 KB
37 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thelayoff.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:57:25 GMT
x-content-type-options: nosniff
age: 1081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:59:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 03:57:25 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 37 KB
37 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thelayoff.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:57:25 GMT
x-content-type-options: nosniff
age: 1081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:59:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 16 Nov 2022 03:57:25 GMT

POST
H2 200 v2hgoJVliPaWDTetgGCs1kIgVKGoqqkmmdsxl3UaFYCMdJqlK3jGODQlJf4KwEwbOqONl7dqFYZfJSvOWgA Show response
stupendoussnow.com/ 272 B
354 B 24ms
23ms Fetch
application/json 35.190.62.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2hgoJVliPaWDTetgGCs1kIgVKGoqqkmmdsxl3UaFYCMdJqlK3jGODQlJf4KwEwbOqONl7dqFYZfJSvOWgA

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.62.199 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

199.62.190.35.bc.googleusercontent.com

Software

Resource Hash

6c5d661ed5036e384fb59962544cbe664a18606927fc9deb0b76a316a00fdbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thelayoff.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 16 Nov 2021 04:15:26 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: e00eae1c
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 272
expires: Tue, 16 Nov 2021 04:15:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 44ms
21ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

1a62f2e390e9ff1a54408eed8eda14b0a285975a3c6cc9cf9b786dc622f37dcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1045 / 332 of 1000 / last-modified: 1637017679"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26691
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 16 Nov 2021 04:15:26 GMT

GET
H2 200 pubads_impl_2021111101.js Show response
securepubads.g.doubleclick.net/gpt/ 343 KB
115 KB 17ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js?31063761

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117937
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 09:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 16 Nov 2021 04:15:26 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 163 B
144 B 33ms
18ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thelayoff.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bbb9cb84fb43f9f41fed38869695e66953743ba407545a8a7536b4d7588bbabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 04:15:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
expires: Tue, 16 Nov 2021 04:15:26 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thelayoff.com/	1970-01-20 07:29:32	Name: _sid Value: f9a94a34-2160-46d2-ae19-d124ff7ea51b
.thelayoff.com/	1970-01-20 16:15:08	Name: _ga Value: GA1.2.1298573454.1637036124
.thelayoff.com/	1970-01-19 22:45:22	Name: _gid Value: GA1.2.1120296192.1637036124
.thelayoff.com/	1970-01-19 22:43:56	Name: _gat_UA-10256470-8 Value: 1
www.thelayoff.com/	1970-01-20 07:29:32	Name: usprivacy Value: 1---
.thelayoff.com/	1970-01-20 00:53:32	Name: _fbp Value: fb.1.1637036124894.1402347605
.facebook.com/	1970-01-20 00:53:32	Name: fr Value: 0lDk4c8AlErpLPx4j..BhkzBd...1.0.BhkzBd.
.thelayoff.com/	1970-01-21 01:00:44	Name: _awl Value: 2.1637036126.0.4-36a7a0c4-996101a1e1f8f682d0bf7fef982be16e-6763652d6575726f70652d7765737431-6193305d-0
.thelayoff.com/	1970-01-21 01:00:44	Name: _admrla Value: 2.0-996101a1-e1f8-f682-d0bf-7fef982be16e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.thelayoff.com
c.amazon-adsystem.com
clients1.google.com
connect.facebook.net
cse.google.com
d2yxxa3y12yhno.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.clean.gg
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stupendoussnow.com
thelayoff.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.thelayoff.com
13.32.21.201
142.250.185.130
2600:9000:2057:e000:f:e7d4:f900:21
2600:9000:211e:5200:8:48e:53c0:93a1
2606:4700:10::6814:843b
2606:4700:10::ac43:7e
2a00:1450:4001:808::2013
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
34.95.69.49
35.190.62.199
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
117ce1da4bceb30fdaa42540da5bbc8d46d81713d5ce0178fff03faf716c3f80
16fabbe818c18cdbba7a8505c38bcee042bfa59f5dc5d0870c8ee39e4aaaa3c4
1a62f2e390e9ff1a54408eed8eda14b0a285975a3c6cc9cf9b786dc622f37dcb
1b957f9dae3447f060741a85a4dac51025280e56a67fbe369da265f0a76cca96
1bf04d10b33ae3636472dcf71e5a5e505488bb099db2d1cde2e404a6e3b4163e
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2ec796f3711b85127413647d1baed22a30eaf04813b44fb739eb70f064c78496
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
338b63cc4f9f9391d793e94c7385f89a03cfcb0fd7d14708721beb0307f87ba8
33ddacee4194be30a43c3e239fd5c0c24b52a1626217ab369c89c8427b36a97e
3ef8644cf98dea1b7d8d68dc86b732aa933307b66f3e3e7e51ac915d4fbe6147
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4b0559df9959b25f352d936b30c802cd0c58abe8b71cd7374c50ba9df966206d
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d236e74c4d9042464474c13105240020d4c930e96202bd68b350f51822393e6
604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8
67f294fd6824c076d6c9a9262b5f42b8c197ec80c560beb7fc8595b25c66c51d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5d661ed5036e384fb59962544cbe664a18606927fc9deb0b76a316a00fdbd3
6eb3e87b176ad0532b99deb5813f98dc1e4253380d0e0b97a10bd8d40e90e455
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
877b695dc8ab35561a229aec0aadd9986154b60bd2dadcdf770321bd98a44121
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a27315a756b2daca337fdff85feacb73606d8174a2c0780915454bdd798e9b2d
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
b038304b76acd3d3c26913bb28c31f133b3730fbe1f717dedc69eee10b259752
b1de1e0b493101a35deffba929851bcc47c77e80b087bcf366481967da273e1e
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b35bf395eacb6c9729106a9e6a6e12856c8bab8f9109a4fae0f7704b60a22b42
bbb9cb84fb43f9f41fed38869695e66953743ba407545a8a7536b4d7588bbabb
d1cc841eb84b09dfc7ab02f09b58fde520729cac5c184f4b137b6d410ceb2c35
d7b429c343017b440ed733058bce3ebb38a3e9902952b4a5e5413177c402938e
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0216265ffcc78522466531b2c333ad5725a51f151b18c5e2fb24d4e3e89ef23
f2503fc8caec27c5cd8bfb53d9990e45f53093bd81c0b0206d7afb85bb38879b
f3d931744ec0be8f1360b94973bb84df97defca56e7b9eb7cbe964b98d1fe42b

www.thelayoff.com Open in urlscan Pro 2606:4700:10::6814:843b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

49 Requests

100 %HTTPS

80 %IPv6

15 Domains

20 Subdomains

20 IPs

3 Countries

1669 kBTransfer

4382 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thelayoff.com Open in urlscan Pro
2606:4700:10::6814:843b Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

1669 kB
Transfer

4382 kB
Size

9
Cookies

49 HTTP transactions
1 data transactions