www.thelayoff.com Open in urlscan Pro
2606:4700:10::6814:853b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thelayoff.com/t/XtgJFAg
Submission: On February 08 via manual (February 8th 2019, 6:01:01 pm UTC) from US

Summary HTTP 82 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 20 domains to perform 82 HTTP transactions. The main IP is 2606:4700:10::6814:853b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.thelayoff.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 10th 2018. Valid for: a year.

This is the only time www.thelayoff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:10:... 2606:4700:10::6814:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.38.84.169 52.38.84.169	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
11	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
9	54.148.199.253 54.148.199.253	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	2600:1901:0:9... 2600:1901:0:94b6::	15169 (GOOGLE) (GOOGLE - Google LLC)
8	62.113.194.2 62.113.194.2	47447 (TTM) (TTM)
1	104.18.167.29 104.18.167.29	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY - Fastly)
1 2	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY - Fastly)
82	23

6 2606:4700:10::6814:853b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.thelayoff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.38.84.169 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-38-84-169.us-west-2.compute.amazonaws.com

load.sumome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:818::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81f::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.148.199.253 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-199-253.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1901:0:94b6:: (United States)

ASN15169 (GOOGLE - Google LLC, US)

rk-prod.firebaseio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-usc1c-nss-249.firebaseio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 62.113.194.2 (Germany)

ASN47447 (TTM, DE)

sumo.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.167.29 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.bufferapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.140 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY - Fastly, US)

reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google.com adservice.google.com cse.google.com www.google.com clients1.google.com clients6.google.com	164 KB
9	sumo.com sumo.com	4 KB
8	b-cdn.net sumo.b-cdn.net	161 KB
8	firebaseio.com rk-prod.firebaseio.com s-usc1c-nss-249.firebaseio.com	3 KB
7	doubleclick.net googleads.g.doubleclick.net
6	gstatic.com fonts.gstatic.com	59 KB
6	googleapis.com fonts.googleapis.com www.googleapis.com	4 KB
6	thelayoff.com www.thelayoff.com	335 KB
4	facebook.com www.facebook.com graph.facebook.com api.facebook.com	1 KB
4	googlesyndication.com pagead2.googlesyndication.com	173 KB
2	reddit.com 1 redirects reddit.com www.reddit.com	922 B
2	facebook.net connect.facebook.net	60 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	pinterest.com widgets.pinterest.com	535 B
1	linkedin.com www.linkedin.com	1 KB
1	bufferapp.com api.bufferapp.com	535 B
1	googletagservices.com www.googletagservices.com	28 KB
1	googletagmanager.com www.googletagmanager.com	26 KB
1	google.de adservice.google.de	171 B
1	sumome.com load.sumome.com	138 KB
82	20

	Domain	Requested by
9	sumo.com	load.sumome.com
8	sumo.b-cdn.net	load.sumome.com sumo.b-cdn.net
7	s-usc1c-nss-249.firebaseio.com	www.thelayoff.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	www.google.com	cse.google.com www.google.com www.thelayoff.com
6	fonts.gstatic.com	www.thelayoff.com pagead2.googlesyndication.com load.sumome.com
6	www.thelayoff.com	www.thelayoff.com
4	www.googleapis.com	www.thelayoff.com
4	pagead2.googlesyndication.com	www.thelayoff.com pagead2.googlesyndication.com
2	clients6.google.com	load.sumome.com
2	www.facebook.com	www.thelayoff.com
2	connect.facebook.net	www.thelayoff.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.thelayoff.com
2	cse.google.com	www.thelayoff.com www.google.com
2	fonts.googleapis.com	www.thelayoff.com
1	www.reddit.com
1	reddit.com	1 redirects
1	widgets.pinterest.com	load.sumome.com
1	www.linkedin.com	load.sumome.com
1	api.facebook.com	load.sumome.com
1	graph.facebook.com	load.sumome.com
1	api.bufferapp.com	load.sumome.com
1	rk-prod.firebaseio.com	www.thelayoff.com
1	clients1.google.com	www.thelayoff.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.thelayoff.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	load.sumome.com	www.thelayoff.com
82	29

This site contains links to these domains. Also see Links.

Domain
accounts.google.com

Subject Issuer	Validity	Valid
thelayoff.com CloudFlare Inc ECC CA-2	`2018-04-10` - `2019-04-10`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.sumome.com Go Daddy Secure Certificate Authority - G2	`2018-08-22` - `2019-10-21`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-01-21` - `2019-04-21`	3 months	crt.sh
*.sumo.com Go Daddy Secure Certificate Authority - G2	`2018-11-17` - `2020-01-16`	a year	crt.sh
firebaseio.com Google Internet Authority G3	`2018-08-01` - `2019-03-27`	8 months	crt.sh
*.b-cdn.net COMODO RSA Domain Validation Secure Server CA	`2018-04-23` - `2020-04-23`	2 years	crt.sh
api.bufferapp.com DigiCert SHA2 Secure Server CA	`2018-07-11` - `2020-07-15`	2 years	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2018-05-30` - `2020-09-01`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-01-11` - `2019-06-26`	5 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://www.thelayoff.com/t/XtgJFAg
Frame ID: 39BFBE5824B6DB30DB1974ECE3F202D7
Requests: 66 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js
Frame ID: 265F02DDE2AE5A101CB0BC1225A5F109
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190204/r20190131/zrt_lookup.html
Frame ID: 637C5E669AA08548E4285F081D3EB8C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&h=90&slotname=7723273439&adk=1525634443&adf=4084143117&w=728&fwrn=4&lmt=1549648842&rafmt=10&guci=1.2.0.0.2.2.0.0&format=728x90_0ads_al&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&fwr=0&wgl=1&adsid=NT&dt=1549648842595&bpp=22&bdt=216&fdt=27&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&correlator=6461446001520&frm=20&pv=2&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=8362&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=297&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2743084487&ifi=1&uci=1.ijhw4bv37za7&fsb=1&xpc=ZWpjKl4U3n&p=https%3A//www.thelayoff.com&dtd=89
Frame ID: 5821F760C94C8C276AA86D6DEF73F067
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&h=90&slotname=9339961452&adk=1854398350&adf=2254367027&w=728&fwrn=4&fwrnh=100&lmt=1549648842&rafmt=1&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1549648842769&bpp=24&bdt=390&fdt=24&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=164522&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=297&ady=730&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2025823778&ifi=2&uci=2.ylr50lpp7b2j&fsb=1&xpc=7NS1lx6vLK&p=https%3A//www.thelayoff.com&dtd=30
Frame ID: B4CA1E67B3161C1B0EE8B9003F600207
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&h=436&slotname=7362391456&adk=850570182&adf=3556453554&w=728&cr_col=4&cr_row=2&fwrn=2&lmt=1549648842&rafmt=9&guci=1.2.0.0.2.2.0.0&format=728x436&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1549648842908&bpp=14&bdt=530&fdt=14&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=658090&dssz=18&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=1277&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2252597320&ifi=3&uci=3.f46k4g9xw0i6&fsb=1&xpc=GkPXjkysWL&p=https%3A//www.thelayoff.com&dtd=20
Frame ID: 8D7B0BD04917688B828E053D2260FBC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&h=90&slotname=4630560252&adk=2114014531&adf=2022845606&w=728&fwrn=4&lmt=1549648842&rafmt=10&guci=1.2.0.0.2.2.0.0&format=728x90_0ads_al&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&fwr=0&wgl=1&adsid=NT&dt=1549648842932&bpp=14&bdt=554&fdt=14&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90%2C728x436&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=2632362&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=1723&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=822256743&ifi=4&uci=4.s6gzv8i61q4l&fsb=1&xpc=QHeTJ0fRNi&p=https%3A//www.thelayoff.com&dtd=21
Frame ID: 0840C4463FA5C582D7CE85481A696A2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&h=600&slotname=1060761852&adk=2401082267&adf=3023919312&w=300&lmt=1549648842&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&wgl=1&adsid=NT&dt=1549648842957&bpp=8&bdt=579&fdt=9&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90%2C728x436%2C728x90_0ads_al&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=10529450&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1028&ady=62&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&ppjl=u&pfx=1&fu=16&bc=15&osw_key=2524942206&ifi=5&uci=5.lsxbmli768hn&fsb=1&xpc=BNFg8tKjip&p=https%3A//www.thelayoff.com&dtd=14
Frame ID: FA887BBF8ADE30544F9BE297EEB8ADF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&adk=1812271804&adf=3025194257&lmt=1549648843&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1549648842957&bpp=36&bdt=579&fdt=37&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90%2C728x436%2C728x90_0ads_al%2C300x600&nras=1&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=42117803&dssz=23&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=923969788&ifi=5&uci=5.10npy12xlcqc&fsb=1&dtd=53
Frame ID: E6801B6DE3F9A4EF86A00BE918179E47
Requests: 1 HTTP requests in this frame

Frame: https://rk-prod.firebaseio.com/.lp?start=t&ser=78249032&cb=1&v=5
Frame ID: 84F1FC41AA44144AE48B7B3B5A2AAB00
Requests: 7 HTTP requests in this frame

Frame: https://s-usc1c-nss-249.firebaseio.com/.lp?dframe=t&id=553950&pw=HVyLi74ngZ&ns=rk-prod
Frame ID: 86544273DCF5457FAABAA671DBDE99BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

SumoMe (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /load\.sumome\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

82
Requests

100 %
HTTPS

74 %
IPv6

20
Domains

29
Subdomains

23
IPs

3
Countries

1176 kB
Transfer

3990 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts.google.com/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttps://www.thelayoff.com/t/XtgJFAg
Title: Login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://reddit.com/button_info.json?url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&jsonp=jQuery110209506891471959376_1549648844173&_=1549648844174 HTTP 301
https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&jsonp=jQuery110209506891471959376_1549648844173&_=1549648844174

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request XtgJFAg Show response
www.thelayoff.com/t/ 9 KB
4 KB 246ms
220ms Document
text/html 2606:4700:10::6814:853b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelayoff.com/t/XtgJFAg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:853b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 628f56ae4c5042aa8ae47d9420939ad5ce0277ece733bdf70411879cdc229c64

Request headers

:method: GET
:authority: www.thelayoff.com
:scheme: https
:path: /t/XtgJFAg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 08 Feb 2019 18:00:42 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dcad5e75120a01b0d597be3a3be73b89b1549648842; expires=Sat, 08-Feb-20 18:00:42 GMT; path=/; domain=.thelayoff.com; HttpOnly; Secure _sid=46e76b81-2fa5-4d4b-9132-6bbb98f44ede;Path=/;Expires=Sat, 08 Feb 2020 18:00:42 GMT;HttpOnly
cache-control: no-cache
x-cloud-trace-context: 07556f5e866403e3c4f0c9c15bcab51a
vary: Accept-Encoding
expires: Fri, 08 Feb 2019 18:00:42 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4a5fff4f7ffec2e7-FRA
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 27ms
23ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic|Open+Sans:400,400italic,700,700italic|Anonymous+Pro:400,700

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

f608bec9f183fe5c0da091ae18afcf0832e9e97c9368592fbabf1ca2adacaa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 08 Feb 2019 18:00:42 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 08 Feb 2019 18:00:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:00:42 GMT

GET
H2 200 / Show response
load.sumome.com/ 432 KB
138 KB 749ms
354ms Script
application/javascript 52.38.84.169
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumome.com/
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.38.84.169 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-38-84-169.us-west-2.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: d71ac27801eb2218bfb388eeff3000dc54a5838e8ed73955ca368c42311a780f

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: gzip
last-modified: Fri, 08 Feb 2019 17:43:43 GMT
server: nginx/1.12.1
etag: W/"5c5dbfcf-6bff6"
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: max-age=600
content-type: application/javascript
expires: Fri, 08 Feb 2019 18:05:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 79 KB
30 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

dd393663ee4331edfa153519f0a4d33cc40f0d460e36ea0f800a5203e579bf7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 30124
x-xss-protection: 1; mode=block
server: cafe
etag: 3709790650028550618
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Feb 2019 18:00:42 GMT

GET
H2 200 app-495a2958e1.css
www.thelayoff.com/assets/TLO/css/ 125 KB
21 KB 165ms
164ms Stylesheet
text/css 2606:4700:10::6814:853b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelayoff.com/assets/TLO/css/app-495a2958e1.css
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:853b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 263e39ff79dd2114faed7fca29269ccfb28a611be573230b37ddf2838f35da47

Request headers

:path: /assets/TLO/css/app-495a2958e1.css
pragma: no-cache
cookie: __cfduid=dcad5e75120a01b0d597be3a3be73b89b1549648842; _sid=46e76b81-2fa5-4d4b-9132-6bbb98f44ede
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.thelayoff.com
referer: https://www.thelayoff.com/t/XtgJFAg
:scheme: https
:method: GET
Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
cf-bgj: minify
server: cloudflare
etag: W/"Np33dg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
x-cloud-trace-context: 48c13ec487f3d78b3979920a14b79571
cache-control: public, max-age=432000
cf-polished: origSize=127780
cf-ray: 4a5fff50fce0c2e7-FRA
expires: Wed, 13 Feb 2019 18:00:42 GMT

GET
H2 200 logo50.png
www.thelayoff.com/images/ 1 KB
1 KB 173ms
173ms Image
image/png 2606:4700:10::6814:853b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelayoff.com/images/logo50.png
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:853b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b957f9dae3447f060741a85a4dac51025280e56a67fbe369da265f0a76cca96

Request headers

:path: /images/logo50.png
pragma: no-cache
cookie: __cfduid=dcad5e75120a01b0d597be3a3be73b89b1549648842; _sid=46e76b81-2fa5-4d4b-9132-6bbb98f44ede
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.thelayoff.com
referer: https://www.thelayoff.com/t/XtgJFAg
:scheme: https
:method: GET
Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
cf-cache-status: REVALIDATED
server: cloudflare
etag: "Np33dg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
x-cloud-trace-context: baed5dbd0aba0487d32341211f11f90a
cache-control: public, max-age=432000
accept-ranges: bytes
cf-ray: 4a5fff512d82c2e7-FRA
content-length: 1083
expires: Wed, 13 Feb 2019 18:00:42 GMT

GET
H2 200 2s4GEoHEnZHiTMFAhBZdQgewjyt3m.png
www.thelayoff.com/captcha/ 3 KB
3 KB 230ms
228ms Image
image/png 2606:4700:10::6814:853b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelayoff.com/captcha/2s4GEoHEnZHiTMFAhBZdQgewjyt3m.png
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:853b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cf8bb6aacffbd7c835fead9959d3c4251bba9f40c1745dee77493bac59441ab

Request headers

:path: /captcha/2s4GEoHEnZHiTMFAhBZdQgewjyt3m.png
pragma: no-cache
cookie: __cfduid=dcad5e75120a01b0d597be3a3be73b89b1549648842; _sid=46e76b81-2fa5-4d4b-9132-6bbb98f44ede
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.thelayoff.com
referer: https://www.thelayoff.com/t/XtgJFAg
:scheme: https
:method: GET
Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
x-cloud-trace-context: 54ed5306d774b850d966ef9bc33db338
cache-control: no-cache
accept-ranges: bytes
cf-ray: 4a5fff522978c2e7-FRA
content-length: 2848

GET
H2 200 app-c1ccd7c601.js Show response
www.thelayoff.com/assets/TLO/js/ 965 KB
289 KB 181ms
180ms Script
application/javascript 2606:4700:10::6814:853b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:853b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e307f6570aa06128f591e245c186f6d7a5b0cfd879f203fbdc7b2f440d5cd4c

Request headers

:path: /assets/TLO/js/app-c1ccd7c601.js
pragma: no-cache
cookie: __cfduid=dcad5e75120a01b0d597be3a3be73b89b1549648842; _sid=46e76b81-2fa5-4d4b-9132-6bbb98f44ede
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.thelayoff.com
referer: https://www.thelayoff.com/t/XtgJFAg
:scheme: https
:method: GET
Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
cf-bgj: minify
server: cloudflare
etag: W/"Np33dg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-cloud-trace-context: 0493fdfffb1ea84874cee70944851dce
cache-control: public, max-age=432000
cf-polished: origSize=987965
cf-ray: 4a5fff52297bc2e7-FRA
expires: Wed, 13 Feb 2019 18:00:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 18ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thelayoff.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thelayoff.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/ 193 KB
71 KB 46ms
38ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

772936df0f7b91673c2c52dbd0f83f9382d8ad1218a620bbb453cb8a0e3ea251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 72978
x-xss-protection: 1; mode=block
server: cafe
etag: 11843833417236783916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Feb 2019 18:00:42 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/ Frame 265F 193 KB
71 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

772936df0f7b91673c2c52dbd0f83f9382d8ad1218a620bbb453cb8a0e3ea251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 72978
x-xss-protection: 1; mode=block
server: cafe
etag: 11843833417236783916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Feb 2019 18:00:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 77 KB
26 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3VN9S

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

5299887c048f85452d6768acb2a37464f4212f1f42dbb8af4a086cfa38782f46

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 26801
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:00:42 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic|Open+Sans:400,400italic,700,700italic|Anonymous+Pro:400,700
Origin: https://www.thelayoff.com

Response headers

date: Mon, 04 Feb 2019 18:55:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 342337
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8892
x-xss-protection: 1; mode=block
expires: Tue, 04 Feb 2020 18:55:05 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.thelayoff.com/assets/TLO/fonts/bootstrap/ 18 KB
18 KB 18ms
17ms Font
application/octet-stream 2606:4700:10::6814:853b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelayoff.com/assets/TLO/fonts/bootstrap/glyphicons-halflings-regular.woff2
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6814:853b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

:path: /assets/TLO/fonts/bootstrap/glyphicons-halflings-regular.woff2
pragma: no-cache
cookie: __cfduid=dcad5e75120a01b0d597be3a3be73b89b1549648842; _sid=46e76b81-2fa5-4d4b-9132-6bbb98f44ede
origin: https://www.thelayoff.com
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.thelayoff.com
referer: https://www.thelayoff.com/assets/TLO/css/app-495a2958e1.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.thelayoff.com/assets/TLO/css/app-495a2958e1.css
Origin: https://www.thelayoff.com

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
cf-cache-status: HIT
server: cloudflare
etag: "Np33dg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
status: 200
x-cloud-trace-context: 1392fc5ee7488f0c3db80264d702b579
cache-control: public, max-age=432000
cf-ray: 4a5fff522983c2e7-FRA
expires: Wed, 13 Feb 2019 18:00:42 GMT

GET
H2 200 ca-pub-5319129750974885.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
243 B 6ms
6ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-5319129750974885.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 13:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Feb 2019 19:57:40 GMT
server: sffe
age: 16577
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sat, 09 Feb 2019 01:24:25 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190204/r20190131/ Frame 637C 0
0 12ms
10ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190204/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190204/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.thelayoff.com/t/XtgJFAg
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.thelayoff.com/t/XtgJFAg

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 04 Feb 2019 14:40:33 GMT
expires: Mon, 18 Feb 2019 14:40:33 GMT
content-type: text/html; charset=UTF-8
etag: 14090563764879558401
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6959
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 357609
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5821 0
0 187ms
186ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&h=90&slotname=7723273439&adk=1525634443&adf=4084143117&w=728&fwrn=4&lmt=1549648842&rafmt=10&guci=1.2.0.0.2.2.0.0&format=728x90_0ads_al&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&fwr=0&wgl=1&adsid=NT&dt=1549648842595&bpp=22&bdt=216&fdt=27&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&correlator=6461446001520&frm=20&pv=2&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=8362&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=297&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2743084487&ifi=1&uci=1.ijhw4bv37za7&fsb=1&xpc=ZWpjKl4U3n&p=https%3A//www.thelayoff.com&dtd=89

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5319129750974885&output=html&h=90&slotname=7723273439&adk=1525634443&adf=4084143117&w=728&fwrn=4&lmt=1549648842&rafmt=10&guci=1.2.0.0.2.2.0.0&format=728x90_0ads_al&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&fwr=0&wgl=1&adsid=NT&dt=1549648842595&bpp=22&bdt=216&fdt=27&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&correlator=6461446001520&frm=20&pv=2&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=8362&dssz=11&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=297&ady=82&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2743084487&ifi=1&uci=1.ijhw4bv37za7&fsb=1&xpc=ZWpjKl4U3n&p=https%3A//www.thelayoff.com&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.thelayoff.com/t/XtgJFAg
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.thelayoff.com/t/XtgJFAg

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 08 Feb 2019 18:00:42 GMT
server: cafe
content-length: 4890
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Fri, 08-Feb-2019 18:15:42 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
expires: Fri, 08 Feb 2019 18:00:42 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a9161d73cd6490abd72bc80bb1812c24ff04501c0cc458fa72a1df2cb96efa5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1549455546502977"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28297
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:00:42 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 73ms
40ms Script
text/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-2815355632543185:7817595802

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

43eb7e5b4e2529e53444a059164e28fc8dfb4a3b2aabb2c9c9a5038711567882

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:42 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 3255
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:00:42 GMT

GET
H2 200 0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v12/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v12/0QIvMX1D_JOuMwr7I_FMl_E.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3f275b5815ecd7259e3edc7f777fd0f51bd64f644ac361cc0cc74adc7f5807e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic|Open+Sans:400,400italic,700,700italic|Anonymous+Pro:400,700
Origin: https://www.thelayoff.com

Response headers

date: Mon, 21 Jan 2019 15:44:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2017 15:24:37 GMT
server: sffe
age: 1563385
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15292
x-xss-protection: 1; mode=block
expires: Tue, 21 Jan 2020 15:44:17 GMT

GET
H2 200 rP2cp2a15UIB7Un-bOeISG3pFuAT4C7c7YGx0Ks.woff2
fonts.gstatic.com/s/anonymouspro/v12/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anonymouspro/v12/rP2cp2a15UIB7Un-bOeISG3pFuAT4C7c7YGx0Ks.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef5fb2e865dc6e4eea24fed8058460aaab92c5dbdba45fb59ce19af5491f0c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic|Open+Sans:400,400italic,700,700italic|Anonymous+Pro:400,700
Origin: https://www.thelayoff.com

Response headers

date: Tue, 05 Feb 2019 02:51:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Jan 2019 19:40:43 GMT
server: sffe
age: 313782
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8960
x-xss-protection: 1; mode=block
expires: Wed, 05 Feb 2020 02:51:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B4CA 0
0 232ms
231ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&h=90&slotname=9339961452&adk=1854398350&adf=2254367027&w=728&fwrn=4&fwrnh=100&lmt=1549648842&rafmt=1&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1549648842769&bpp=24&bdt=390&fdt=24&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=164522&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=297&ady=730&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2025823778&ifi=2&uci=2.ylr50lpp7b2j&fsb=1&xpc=7NS1lx6vLK&p=https%3A//www.thelayoff.com&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5319129750974885&output=html&h=90&slotname=9339961452&adk=1854398350&adf=2254367027&w=728&fwrn=4&fwrnh=100&lmt=1549648842&rafmt=1&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1549648842769&bpp=24&bdt=390&fdt=24&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=164522&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=297&ady=730&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2025823778&ifi=2&uci=2.ylr50lpp7b2j&fsb=1&xpc=7NS1lx6vLK&p=https%3A//www.thelayoff.com&dtd=30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.thelayoff.com/t/XtgJFAg
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.thelayoff.com/t/XtgJFAg

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 08 Feb 2019 18:00:43 GMT
server: cafe
content-length: 16774
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Fri, 08-Feb-2019 18:15:42 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
expires: Fri, 08 Feb 2019 18:00:43 GMT
cache-control: private

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic|Open+Sans:400,400italic,700,700italic|Anonymous+Pro:400,700
Origin: https://www.thelayoff.com

Response headers

date: Tue, 05 Feb 2019 06:45:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
age: 299717
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8800
x-xss-protection: 1; mode=block
expires: Wed, 05 Feb 2020 06:45:25 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

41a1032e508250c01a613cfba4db03f302600c43ca5986780c4d8df9f591881c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic|Open+Sans:400,400italic,700,700italic|Anonymous+Pro:400,700
Origin: https://www.thelayoff.com

Response headers

date: Thu, 24 Jan 2019 08:14:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
age: 1331182
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9148
x-xss-protection: 1; mode=block
expires: Fri, 24 Jan 2020 08:14:20 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8D7B 0
0 243ms
242ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&h=436&slotname=7362391456&adk=850570182&adf=3556453554&w=728&cr_col=4&cr_row=2&fwrn=2&lmt=1549648842&rafmt=9&guci=1.2.0.0.2.2.0.0&format=728x436&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1549648842908&bpp=14&bdt=530&fdt=14&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=658090&dssz=18&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=1277&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2252597320&ifi=3&uci=3.f46k4g9xw0i6&fsb=1&xpc=GkPXjkysWL&p=https%3A//www.thelayoff.com&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5319129750974885&output=html&h=436&slotname=7362391456&adk=850570182&adf=3556453554&w=728&cr_col=4&cr_row=2&fwrn=2&lmt=1549648842&rafmt=9&guci=1.2.0.0.2.2.0.0&format=728x436&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&crui=image_stacked&fwr=0&wgl=1&adsid=NT&dt=1549648842908&bpp=14&bdt=530&fdt=14&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=658090&dssz=18&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=1277&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=2252597320&ifi=3&uci=3.f46k4g9xw0i6&fsb=1&xpc=GkPXjkysWL&p=https%3A//www.thelayoff.com&dtd=20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.thelayoff.com/t/XtgJFAg
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.thelayoff.com/t/XtgJFAg

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 08 Feb 2019 18:00:43 GMT
server: cafe
content-length: 16252
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUkJDuP1Jlyky6BaLAEt5BMNPCvQGL5L8sQhMSzK7CmMBjQybzp0kUARRyWH; expires=Wed, 04-Mar-2020 18:00:42 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
expires: Fri, 08 Feb 2019 18:00:43 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0840 0
0 91ms
91ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&h=90&slotname=4630560252&adk=2114014531&adf=2022845606&w=728&fwrn=4&lmt=1549648842&rafmt=10&guci=1.2.0.0.2.2.0.0&format=728x90_0ads_al&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&fwr=0&wgl=1&adsid=NT&dt=1549648842932&bpp=14&bdt=554&fdt=14&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90%2C728x436&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=2632362&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=1723&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=822256743&ifi=4&uci=4.s6gzv8i61q4l&fsb=1&xpc=QHeTJ0fRNi&p=https%3A//www.thelayoff.com&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5319129750974885&output=html&h=90&slotname=4630560252&adk=2114014531&adf=2022845606&w=728&fwrn=4&lmt=1549648842&rafmt=10&guci=1.2.0.0.2.2.0.0&format=728x90_0ads_al&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&fwr=0&wgl=1&adsid=NT&dt=1549648842932&bpp=14&bdt=554&fdt=14&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90%2C728x436&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=2632362&dssz=20&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=290&ady=1723&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=15&osw_key=822256743&ifi=4&uci=4.s6gzv8i61q4l&fsb=1&xpc=QHeTJ0fRNi&p=https%3A//www.thelayoff.com&dtd=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.thelayoff.com/t/XtgJFAg
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.thelayoff.com/t/XtgJFAg

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 08 Feb 2019 18:00:43 GMT
server: cafe
content-length: 327
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUnt_9BGDy1MpzKcBHtwx_gIiCffTDKSc8ohEdcQF71HZ47r7yjFklzGKcdI; expires=Wed, 04-Mar-2020 18:00:42 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
expires: Fri, 08 Feb 2019 18:00:43 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame FA88 0
0 361ms
360ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&h=600&slotname=1060761852&adk=2401082267&adf=3023919312&w=300&lmt=1549648842&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&wgl=1&adsid=NT&dt=1549648842957&bpp=8&bdt=579&fdt=9&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90%2C728x436%2C728x90_0ads_al&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=10529450&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1028&ady=62&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&ppjl=u&pfx=1&fu=16&bc=15&osw_key=2524942206&ifi=5&uci=5.lsxbmli768hn&fsb=1&xpc=BNFg8tKjip&p=https%3A//www.thelayoff.com&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5319129750974885&output=html&h=600&slotname=1060761852&adk=2401082267&adf=3023919312&w=300&lmt=1549648842&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&flash=0&wgl=1&adsid=NT&dt=1549648842957&bpp=8&bdt=579&fdt=9&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90%2C728x436%2C728x90_0ads_al&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=10529450&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1028&ady=62&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&ppjl=u&pfx=1&fu=16&bc=15&osw_key=2524942206&ifi=5&uci=5.lsxbmli768hn&fsb=1&xpc=BNFg8tKjip&p=https%3A//www.thelayoff.com&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.thelayoff.com/t/XtgJFAg
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.thelayoff.com/t/XtgJFAg

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 08 Feb 2019 18:00:43 GMT
server: cafe
content-length: 16483
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUnSmC8fqjtwMe_HgRm7iFbezTblRY3QZJyylh_NT5v0-6d_r0dHkWNMkZMR; expires=Wed, 04-Mar-2020 18:00:42 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
expires: Fri, 08 Feb 2019 18:00:43 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E680 0
0 63ms
63ms Document
text/html 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5319129750974885&output=html&adk=1812271804&adf=3025194257&lmt=1549648843&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1549648842957&bpp=36&bdt=579&fdt=37&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90%2C728x436%2C728x90_0ads_al%2C300x600&nras=1&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=42117803&dssz=23&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=923969788&ifi=5&uci=5.10npy12xlcqc&fsb=1&dtd=53

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190204/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5319129750974885&output=html&adk=1812271804&adf=3025194257&lmt=1549648843&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A34635776&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1549648842957&bpp=36&bdt=579&fdt=37&idt=-M&shv=r20190204&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=728x90_0ads_al%2C728x90%2C728x436%2C728x90_0ads_al%2C300x600&nras=1&correlator=6461446001520&frm=20&pv=1&ga_vid=678033718.1549648843&ga_sid=1549648843&ga_hid=266509351&ga_fc=0&iag=0&icsg=42117803&dssz=23&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=15&osw_key=923969788&ifi=5&uci=5.10npy12xlcqc&fsb=1&dtd=53
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.thelayoff.com/t/XtgJFAg
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.thelayoff.com/t/XtgJFAg

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 08 Feb 2019 18:00:43 GMT
server: cafe
content-length: 840
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUnVzt8sJwaizR3qDjLgo4qKIeSnql-F0HUmFpa6WK6rxVm-XcshQsbhXdxi; expires=Wed, 04-Mar-2020 18:00:43 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
expires: Fri, 08 Feb 2019 18:00:43 GMT
cache-control: private

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/f4c84ae71301c012/ 239 KB
77 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f4c84ae71301c012/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2815355632543185:7817595802

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ab319d57e603f0b32564cb0c2e79cfdd2502ce7f54f618db7965a4ecfd7dc768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 29 Jan 2019 15:22:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jan 2019 17:09:43 GMT
server: sffe
age: 873490
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 78793
x-xss-protection: 1; mode=block
expires: Wed, 29 Jan 2020 15:22:33 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/f4c84ae71301c012/ 45 KB
10 KB 13ms
8ms Stylesheet
text/css 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/f4c84ae71301c012/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2815355632543185:7817595802

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2ce34ecc9d96df66eb841ee652f97a87458a6cad55ab96439b53b2f188d61966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 26 Jan 2019 05:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jan 2019 17:09:43 GMT
server: sffe
age: 1168319
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 10066
x-xss-protection: 1; mode=block
expires: Sun, 26 Jan 2020 05:28:44 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v2/ 14 KB
3 KB 42ms
42ms Stylesheet
text/css 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v2/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=partner-pub-2815355632543185:7817595802

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8cda73e6a0e5533a80c6bf94cf5a7b2a0e399ea1c482399b11a21096a8081faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Oct 2018 12:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=0
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 3112
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:00:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3VN9S

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 696
date: Fri, 08 Feb 2019 17:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17543
expires: Fri, 08 Feb 2019 19:49:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 52 KB
16 KB 11ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

222d6a37b66b79384926caa02c4dd11d56ab1d64ffb239fd5db9ebf1abfaf6b5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15892
x-xss-protection: 0
pragma: public
x-fb-debug: oQzM28Ta7OXCqQS+9i279zk7vyRrmQaYutXiVSHmJ68Zppg6v/zEr0M7MCA2kno9aCojY4IFDV9KRWxw32K03g==
date: Fri, 08 Feb 2019 18:00:43 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 195 KB
66 KB 57ms
40ms Script
text/javascript 2a00:1450:4001:81f::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f4c84ae71301c012/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4aae17f1902f8b8743ef7aeb57054794e40779b1d84a127dc9e1b8f2c4b7355f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "17191875501027287466"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:00:43 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 46ms
45ms Image
image/png 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f4c84ae71301c012/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/cse/static/style/look/v2/default.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 30 Nov 2017 13:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 1018
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:00:43 GMT

GET
H2 200 googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ 551 B
654 B 49ms
48ms Image
image/png 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/f4c84ae71301c012/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Jan 2017 21:30:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 551
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:00:43 GMT

GET
H2 200 googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ 919 B
1014 B 44ms
43ms Image
image/png 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/googlelogo_grey_46x15dp.png

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Dec 2016 15:00:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 919
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:00:43 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
83 B 63ms
5ms Image
text/plain 2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Fri, 08 Feb 2019 18:00:43 GMT
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 21ms
20ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=266509351&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&ul=en-us&de=UTF-8&dt=Closing%20Distribution%20Centers%20-%20post%20regarding%20Sally%20Beauty%20Holdings%20Inc.%20layoffs&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAAAB~&jid=885729755&gjid=1543131804&cid=678033718.1549648843&tid=UA-10256470-8&_gid=729694714.1549648844&_r=1&gtm=2wg1r0M3VN9S&z=818605544

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Feb 2019 18:00:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1810234349221521 Show response
connect.facebook.net/signals/config/ 185 KB
44 KB 33ms
0ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1810234349221521?v=2.8.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

89515cf1591bd23cb43b990f72906a99a02ae0b4400857bda14dca73e89648ae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 44988
x-xss-protection: 0
pragma: public
x-fb-debug: 4tGhDq1ezoXKuiQ0FzeQ64ThMa2OMEqe6sUtviJHL9ChXvvb9kdSvxWfooYw8WpwtXe9h4ER/8tZ03oempFVjg==
date: Fri, 08 Feb 2019 18:00:43 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
296 B 2043ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1810234349221521&ev=PageView&dl=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&rl=&if=false&ts=1549648844037&sw=1600&sh=1200&v=2.8.40&r=stable&ec=0&o=30&fbp=fb.1.1549648844023.1437544832&it=1549648843618&coo=false&rqm=GET
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 08 Feb 2019 18:00:46 GMT

OPTIONS
H2 200 signupNewUser Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 0
336 B 140ms
102ms XHR
text/html 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyB-1j4dXwD5X7JSTSms0LdDveCibca9UKo

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: POST
Origin: https://www.thelayoff.com
Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type,x-client-version

Response headers

date: Fri, 08 Feb 2019 18:00:44 GMT
vary: origin, referer, x-origin
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
server: ESF
access-control-allow-origin: https://www.thelayoff.com
x-frame-options: SAMEORIGIN
access-control-allow-methods: DELETE,GET,HEAD,PATCH,POST,PUT
content-type: text/html
status: 200
access-control-max-age: 3600
x-content-type-options: nosniff
access-control-allow-headers: content-type,x-client-version
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 200 signupNewUser Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 1 KB
1 KB 293ms
293ms XHR
application/json 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyB-1j4dXwD5X7JSTSms0LdDveCibca9UKo

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ad6093a01cab65e3930c43ede2e3bb7ba58ac1ed279a0dee4a9541ee9fa43fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
X-Client-Version: Chrome/JsCore/5.5.0/FirebaseCore-web
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Feb 2019 18:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 912
x-xss-protection: 1; mode=block
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.thelayoff.com
access-control-expose-headers: date,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 getAccountInfo Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 0
61 B 102ms
101ms XHR
text/html 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyB-1j4dXwD5X7JSTSms0LdDveCibca9UKo

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: POST
Origin: https://www.thelayoff.com
Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type,x-client-version

Response headers

date: Fri, 08 Feb 2019 18:00:45 GMT
vary: origin, referer, x-origin
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
server: ESF
access-control-allow-origin: https://www.thelayoff.com
x-frame-options: SAMEORIGIN
access-control-allow-methods: DELETE,GET,HEAD,PATCH,POST,PUT
content-type: text/html
status: 200
access-control-max-age: 3600
x-content-type-options: nosniff
access-control-allow-headers: content-type,x-client-version
content-length: 0
x-xss-protection: 1; mode=block

POST
H2 200 getAccountInfo Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ 207 B
254 B 167ms
167ms XHR
application/json 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyB-1j4dXwD5X7JSTSms0LdDveCibca9UKo

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ab9ce1508d627ed12d75882c3886a4eac9bdc8d7ef2318f19d3dad9f051c78bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
X-Client-Version: Chrome/JsCore/5.5.0/FirebaseCore-web
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Feb 2019 18:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 178
x-xss-protection: 1; mode=block
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.thelayoff.com
access-control-expose-headers: date,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
201 B 467ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=1810234349221521&ev=Microdata&dl=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&rl=&if=false&ts=1549648845615&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22Closing%20Distribution%20Centers%20-%20post%20regarding%20Sally%20Beauty%20Holdings%20Inc.%20layoffs%22%2C%22meta%3Adescription%22%3A%22The%20Layoff%20discussion%20-%20User%20says%3A%20%60%60Closing%20Distribution%20Centers%27%27%20regarding%20Sally%20Beauty%20Holdings%20Inc.%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.40&r=stable&ec=1&o=30&fbp=fb.1.1549648844023.1437544832&it=1549648843618&coo=false&es=automatic&rqm=GET
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/t/XtgJFAg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 08 Feb 2019 18:00:46 GMT

POST
H2 200 / Show response
sumo.com/api/load/ 883 B
1 KB 563ms
184ms XHR
application/json 54.148.199.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-148-199-253.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

5cae17464eb3546049c5f957b37e0b751fcc15b7adbb616ca90b98b29070e08f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 08 Feb 2019 18:00:46 GMT
vary: Origin, Accept-Encoding
server: nginx/1.12.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 883

GET
H/1.1 200
OK .lp Show response
rk-prod.firebaseio.com/ Frame 84F1 421 B
663 B 361ms
114ms Script
application/javascript 2600:1901:0:94b6::
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://rk-prod.firebaseio.com/.lp?start=t&ser=78249032&cb=1&v=5

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

2d25a036ea3b16eae693d54d8300f135116c78ed745eec10f9bffc508735d613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 18:00:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 421
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp
s-usc1c-nss-249.firebaseio.com/ Frame 8654 0
0 356ms
116ms Document
text/html 2600:1901:0:94b6::
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-249.firebaseio.com/.lp?dframe=t&id=553950&pw=HVyLi74ngZ&ns=rk-prod

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Host: s-usc1c-nss-249.firebaseio.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.thelayoff.com/t/XtgJFAg
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.thelayoff.com/t/XtgJFAg

Response headers

Server: nginx
Date: Fri, 08 Feb 2019 18:00:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 419
Connection: keep-alive
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-249.firebaseio.com/ Frame 84F1 15 B
256 B 350ms
116ms Script
application/javascript 2600:1901:0:94b6::
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-249.firebaseio.com/.lp?id=553950&pw=HVyLi74ngZ&ser=71933212&ns=rk-prod

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

416ebdae1319a43b48e3caf0a24100ab786aa6432e276fb735da780aa435b300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 18:00:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 15
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-249.firebaseio.com/ Frame 84F1 58 B
299 B 347ms
113ms Script
application/javascript 2600:1901:0:94b6::
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-249.firebaseio.com/.lp?id=553950&pw=HVyLi74ngZ&ser=71933213&ns=rk-prod&seg0=0&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MSwiYSI6InMiLCJiIjp7ImMiOnsic2RrLmpzLjUtNS0wIjoxfX19fQ..

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

30bd0120e57f70174a17629a1703bb0d29bd1660f244aa45d0542637d5b960d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 18:00:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 58
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

OPTIONS
H2 204 services Show response
sumo.com/ 0
259 B 180ms
179ms XHR
text/plain 54.148.199.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-148-199-253.us-west-2.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.thelayoff.com
Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: x-sumo-auth

Response headers

date: Fri, 08 Feb 2019 18:00:46 GMT
server: nginx/1.12.1
access-control-allow-origin: https://www.thelayoff.com
access-control-max-age: 2592000
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
status: 204
access-control-allow-credentials: true
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-249.firebaseio.com/ Frame 84F1 506 B
748 B 113ms
112ms Script
application/javascript 2600:1901:0:94b6::
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-249.firebaseio.com/.lp?id=553950&pw=HVyLi74ngZ&ser=71933214&ns=rk-prod&seg0=1&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MiwiYSI6ImF1dGgiLCJiIjp7ImNyZWQiOiJleUpoYkdjaU9pSlNVekkxTmlJc0ltdHBaQ0k2SW1JeVpUUTJNR1ptTTJFelpEUTJaR1psWXpjeU5HUTRORGcwWmpjek5EYzJZekV6WlRJd1kyWWlMQ0owZVhBaU9pSktWMVFpZlEuZXlKcGMzTWlPaUpvZEhSd2N6b3ZMM05sWTNWeVpYUnZhMlZ1TG1kdmIyZHNaUzVqYjIwdmNtc3RlV1Z3SWl3aWNISnZkbWxrWlhKZmFXUWlPaUpoYm05dWVXMXZkWE1pTENKaGRXUWlPaUp5YXkxNVpYQWlMQ0poZFhSb1gzUnBiV1VpT2pFMU5EazJORGc0TkRRc0luVnpaWEpmYVdRaU9pSk9jV2RtYjNaSmVUSTFVRmMzZWxFMVZucDFaa0pHZWs5M01ERXlJaXdpYzNWaUlqb2lUbkZuWm05MlNYa3lOVkJYTjNwUk5WWjZkV1pDUm5wUGR6QXhNaUlzSW1saGRDSTZNVFUwT1RZME9EZzBOQ3dpWlhod0lqb3hOVFE1TmpVeU5EUTBMQ0ptYVhKbFltRnpaU0k2ZXlKcFpHVnVkR2wwYVdWeklqcDdmU3dpYzJsbmJsOXBibDl3Y205MmFXUmxjaUk2SW1GdWIyNTViVzkxY3lKOWZRLnQ1QWJobEVfbnpfYzFCMzQyYlV0ZjFaOUIwOFQxS2VjaFg2eUNEN3pEUU5fakZDcHZObGhReDE1cmw1dG16RmMxempMQ1YwbmhzUE5UVGxDMTd6R0VKRzduRlBHbG5iamZkVWo4NzBCYVczREpvNGV5ZEVwQmZJd1B1dDRzY3hvcnZPWHk1TFB5bXlDcFpGYzhaWm5IQy1adE1kM29jRU0yYkoybm1nZ1FqZVE0eEZQYmp0NnBFbV9HdjlJUjFVcnQtWG1xcmNWMHZpQ2NhOC1WWkRGSVZTd1ZSa0V3a19wUm9vWlNSOXp2d1dnM1dFUWJTRzk1MnNjVUFaYjdKMXlRd0xYWjJWZUdPanN6UDM0dVBRV1FUWTNVZTZoNjFwNzNmSG1pTUZmLXhuRWx6WmhkQlBaR3VjOWZBblJNZXp2RmpIMENOVm9sUGl4UXJMN1k4T3AwZyJ9fX0.&seg1=2&ts1=1&d1=eyJ0IjoiZCIsImQiOnsiciI6MywiYSI6InEiLCJiIjp7InAiOiIvVExPL3Bvc3Qtdm90ZXMvc2FsbHktYmVhdXR5LWhvbGRpbmdzLytYdGdKRkFnL0BPUCIsImgiOiIifX19&seg2=3&ts2=1&d2=eyJ0IjoiZCIsImQiOnsiciI6NCwiYSI6InEiLCJiIjp7InAiOiIvc2Vzc2lvbnMvTnFnZm92SXkyNVBXN3pRNVZ6dWZCRnpPdzAxMi92b3Rlcy9UTE8vc2FsbHktYmVhdXR5LWhvbGRpbmdzLytYdGdKRkFnL0BPUCIsImgiOiIifX19

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

6cb1342d9c3250d2ee676182b788c4bbb3bb412b98c5295dab90fd4ce45971a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 18:00:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 506
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

POST
H2 200 services Show response
sumo.com/ 2 KB
1 KB 186ms
185ms XHR
application/json 54.148.199.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-148-199-253.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

966cd7ebddb3c4950892392182ee24efe0f13892b23172c5a4e2402a7792bcdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Sumo-Auth: 2nqk2MbQWUWfNps28YOnAvpu

Response headers

date: Fri, 08 Feb 2019 18:00:46 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.12.1
status: 200
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-249.firebaseio.com/ Frame 84F1 218 B
460 B 116ms
115ms Script
application/javascript 2600:1901:0:94b6::
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-249.firebaseio.com/.lp?id=553950&pw=HVyLi74ngZ&ser=71933215&ns=rk-prod

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

025d4f2f1b559a98604c4156550a022c8d85bc811dedac1e8b8dacfdca0d76d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 18:00:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 218
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H2 200 index.js Show response
sumo.b-cdn.net/virtual/5717d4fcfe48308248a86a037e0f77eca7af491d/client/js/services/ 316 KB
94 KB 50ms
8ms Script
application/javascript 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.b-cdn.net/virtual/5717d4fcfe48308248a86a037e0f77eca7af491d/client/js/services/index.js
Requested by: Host: load.sumome.com
URL: https://load.sumome.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-367 /
Resource Hash: c3f98836683d924a81130f4632c179424ebcc9c9921e7a4680f81c705f3bdd5d

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
content-encoding: br
cdn-edgeid: 367
last-modified: Wed, 30 Jan 2019 23:05:50 GMT
server: BunnyCDN-DE1-367
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=2592000
cdn-pullzone: 31826
cdn-cachedat: 2019-01-31 00:08:38
cdn-requestid: e63e8c2e2421c2b9e52e3077c19039e5
content-type: application/javascript
cdn-cache: HIT
expires: Fri, 01 Mar 2019 23:08:35 GMT

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-249.firebaseio.com/ Frame 84F1 47 B
288 B 192ms
191ms Script
application/javascript 2600:1901:0:94b6::
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-249.firebaseio.com/.lp?id=553950&pw=HVyLi74ngZ&ser=71933216&ns=rk-prod

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

431270143e9fb062562e977b4e3a627d721bfd1a97e45e87794e2515425f3f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 18:00:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 47
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H2 200 sumome-share-client.css
sumo.b-cdn.net/virtual/f9601844b2965d750bb765a2a3f2d61938a7033e/client/css/ 582 KB
37 KB 11ms
11ms Stylesheet
text/css 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.b-cdn.net/virtual/f9601844b2965d750bb765a2a3f2d61938a7033e/client/css/sumome-share-client.css
Requested by: Host: sumo.b-cdn.net
URL: https://sumo.b-cdn.net/virtual/5717d4fcfe48308248a86a037e0f77eca7af491d/client/js/services/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-367 /
Resource Hash: 6ccd29d8a00f2d01af1ada1d0c1c995cd405d9161e42d3dc46c61a60506410f5

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
content-encoding: br
cdn-edgeid: 367
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cdn-cachedat: 2019-01-31 02:32:57
cdn-pullzone: 31826
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Range, X-Requested-With
last-modified: Tue, 15 Jan 2019 20:08:25 GMT
server: BunnyCDN-DE1-367
content-type: text/css
access-control-allow-origin: *
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=2592000
cdn-requestid: e6b15342870c4ca6202c7ef5243772e0
cdn-cache: HIT
expires: Sat, 02 Mar 2019 01:32:56 GMT

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-249.firebaseio.com/ Frame 84F1 38 B
279 B 116ms
115ms Script
application/javascript 2600:1901:0:94b6::
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-249.firebaseio.com/.lp?id=553950&pw=HVyLi74ngZ&ser=71933217&ns=rk-prod&seg0=4&ts0=1&d0=eyJ0IjoiYyIsImQiOnsidCI6Im4iLCJkIjp7fX19

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

8e9bd0e2d3d483ebc55071a08a6b569aac5da3a6b7d473c4dd7f0288030f8dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 18:00:47 GMT
Server: nginx
Connection: keep-alive
Content-Length: 38
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

734371ae3281d7a36957ab5d66796041b7cfa199ecc0a58c51cad5322587cc3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 08 Feb 2019 18:00:47 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 08 Feb 2019 18:00:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 18:00:47 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Origin: https://www.thelayoff.com

Response headers

date: Thu, 20 Dec 2018 21:50:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:38 GMT
server: sffe
age: 4306216
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8732
x-xss-protection: 1; mode=block
expires: Fri, 20 Dec 2019 21:50:31 GMT

GET
H2 200 shares.json Show response
api.bufferapp.com/1/links/ 128 B
535 B 1318ms
1241ms Script
text/javascript 104.18.167.29
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bufferapp.com/1/links/shares.json?url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&callback=jQuery110209506891471959376_1549648844164&_=1549648844165

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.18.167.29 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f23f82eb4ac28b579bf3aca907c71578f8eaaa6a8f9b6b688d05d306c7c82a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=14400
cf-ray: 4a5fff710840c79f-AMS
etag: W/"80-TzzxpDZO97oBAKMTjakW5g"
expires: Fri, 08 Feb 2019 22:00:48 GMT

GET
H2 200 / Show response
graph.facebook.com/ 168 B
428 B 72ms
56ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&callback=jQuery110209506891471959376_1549648844166&_=1549648844167

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

bf1bccd90ec923167084d5db62ddfe01cee193455760655a8abe734946368121

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Fri, 08 Feb 2019 18:00:47 GMT
x-fb-rev: 4750059
content-length: 168
pragma: no-cache
x-fb-debug: pgGKLBjX6lHBxw9XF28NGFE7m3df7v2pGsrKZY8APaY+xs22nq/hSMlL+4ECmGTdj8u8NkqlAYXH8GfdQ+9vPA==
x-fb-trace-id: DrZc80kjpga
etag: "bf5347b40bedaf59b73e308d0691db1bed84f9fa"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A3njvIfosykSO61sTURLmZ5
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.8
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 links.getStats Show response
api.facebook.com/method/ 400 B
588 B 50ms
32ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&format=json&callback=jQuery110209506891471959376_1549648844168&_=1549648844169

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

56d71c34cb84ae72e24f26facb8be35b5590c26a16a9879228f4a4a43a882fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
status: 200
x-fb-rev: 4750059
content-length: 229
pragma: no-cache
x-fb-debug: n35vxIUIolfkHvw/4l2pLO0ie/bcKP5iVA7qCapSXBfFisq3JJSCRWBdaXhQD4kTc+CxIiwLfpIvCZ9cDB5dVQ==
x-fb-trace-id: FTvI6LUxSep
date: Fri, 08 Feb 2019 18:00:47 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: AUfrgbdLKu7JEYvo5lV9A9I
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.8
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 rpc Show response
clients6.google.com/ 0
397 B 63ms
20ms XHR
text/plain 2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: POST
Origin: https://www.thelayoff.com
Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
x-content-type-options: nosniff
status: 200
access-control-max-age: 3600
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
server: GSE
x-frame-options: SAMEORIGIN
access-control-allow-methods: DELETE,GET,HEAD,PATCH,POST,PUT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thelayoff.com
vary: Origin, X-Origin
cache-control: private, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: content-type
expires: Fri, 08 Feb 2019 18:00:47 GMT

GET
H2 200 share Show response
www.linkedin.com/countserv/count/ 118 B
1 KB 153ms
111ms Script
text/javascript 2a05:f500:10:101::b93f:9101
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL

https://www.linkedin.com/countserv/count/share?format=jsonp&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&callback=linkedinjsonpcallbackbeztrv&_=1549648844170

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

8047554d11ee219d22ba32128d162836c302e7ef7f0d10015b5649c650a57832

Security Headers

Name	Value
Content-Security-Policy	default-src ; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://.linkedin.com dms.licdn.com; img-src data: blob: ; font-src data: ; style-src 'unsafe-inline' 'self' static-src.linkedin.com .licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com .ads.linkedin.com .licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: ; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-li-pop: prod-efr5
x-li-uuid: sEFFmWp1gRUAToiImCsAAA==
pragma: no-cache
server: Apache-Coyote/1.1
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000
content-type: text/javascript;charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
x-li-fabric: prod-lva1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK count.json Show response
widgets.pinterest.com/v1/urls/ 98 B
535 B 192ms
124ms Script
application/javascript 151.101.0.84
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?callback=jQuery110209506891471959376_1549648844171&source=6&url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&_=1549648844172

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

650f5ba6107c1e880aa93a060c5c65fdf8097c39e95368accd4c4f68a461d5ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-pinterest-host: widgets.pinterest.com
Date: Fri, 08 Feb 2019 18:00:47 GMT
x-content-type-options: nosniff
x-compress-hint: on
Accept-Ranges: bytes
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 98
x-pinterest-rid: 806983145803
expires: Fri, 08 Feb 2019 18:15:47 GMT

GET
H2

200

button_info.json Show response
www.reddit.com/
Redirect Chain

https://reddit.com/button_info.json?url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&jsonp=jQuery110209506891471959376_1549648844173&_=1549648844174
https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&jsonp=jQuery110209506891471959376_1549648844173&_=1549648844174

149 B
643 B

675ms
642ms

Script
application/javascript

151.101.1.140
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&jsonp=jQuery110209506891471959376_1549648844173&_=1549648844174

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.140 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

snooserv /

Resource Hash

0e44430f16839436bbd2ea18083a8d26575aba4f54f50e59993acc1f8ac92803

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:48 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 149
x-xss-protection: 1; mode=block
x-served-by: cache-hhn1544-HHN
x-moose: majestic
server: snooserv
x-timer: S1549648848.588336,VS0,VE627
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
expires: -1

Redirect headers

date: Fri, 08 Feb 2019 18:00:47 GMT
via: 1.1 varnish
server: snooserv
x-timer: S1549648848.521454,VS0,VE0
location: https://www.reddit.com/button_info.json?url=https%3A%2F%2Fwww.thelayoff.com%2Ft%2FXtgJFAg&jsonp=jQuery110209506891471959376_1549648844173&_=1549648844174
x-cache: HIT
status: 301
cache-control: private, max-age=3600
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn1544-HHN

GET
H2 200 reddit-white-60.png
sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 2 KB
2 KB 7ms
7ms Image
image/png 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/reddit-white-60.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-367 /
Resource Hash: eb44a5e28b65adaa17b5db1f931e4681ae8103a5f194b8c0704ecc5611a83bb3

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
cdn-edgeid: 367
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cdn-cachedat: 2019-02-08 18:45:25
cdn-pullzone: 31826
content-length: 1683
last-modified: Thu, 14 Dec 2017 17:59:24 GMT
server: BunnyCDN-DE1-367
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=2592000
cdn-requestid: 2ff69cf3fdf808b1e15781b5279365fa
accept-ranges: bytes
expires: Sun, 10 Mar 2019 17:45:20 GMT

GET
H2 200 email-white-60.png
sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 1 KB
2 KB 8ms
7ms Image
image/png 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/email-white-60.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-367 /
Resource Hash: c6d248d1bca62a13f7a5a6363736e10b4858dd4cc539aaf0018b40b036ac5757

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
cdn-edgeid: 367
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cdn-cachedat: 2019-02-08 18:45:20
cdn-pullzone: 31826
content-length: 1406
last-modified: Thu, 14 Dec 2017 17:59:24 GMT
server: BunnyCDN-DE1-367
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=2592000
cdn-requestid: 970a77e50c2c4743b099d2c199cab059
accept-ranges: bytes
expires: Sun, 10 Mar 2019 17:45:19 GMT

GET
H2 200 facebooksend-white-60.png
sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 2 KB
2 KB 9ms
7ms Image
image/png 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/facebooksend-white-60.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-367 /
Resource Hash: fc8e6d9395b6bbed65bbdc73a0bc7a6f6f12b188c1c316b9ef0273fd3addf18f

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
cdn-edgeid: 367
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cdn-cachedat: 2019-02-08 18:45:33
cdn-pullzone: 31826
content-length: 1792
last-modified: Thu, 14 Dec 2017 17:59:24 GMT
server: BunnyCDN-DE1-367
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=2592000
cdn-requestid: 539d47fb3994ee545376f652b2bbf369
accept-ranges: bytes
expires: Sun, 10 Mar 2019 17:45:20 GMT

GET
H2 200 facebook-white-60.png
sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 1 KB
2 KB 9ms
7ms Image
image/png 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/facebook-white-60.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-367 /
Resource Hash: 9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
cdn-edgeid: 367
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cdn-cachedat: 2019-02-08 18:45:20
cdn-pullzone: 31826
content-length: 1167
last-modified: Thu, 14 Dec 2017 17:59:24 GMT
server: BunnyCDN-DE1-367
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=2592000
cdn-requestid: 4cab85fe0ea5006d613aec9cd3fb6332
accept-ranges: bytes
expires: Sun, 10 Mar 2019 17:45:19 GMT

GET
H2 200 twitter-white-60.png
sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 1 KB
2 KB 9ms
8ms Image
image/png 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/twitter-white-60.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-367 /
Resource Hash: c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
cdn-edgeid: 367
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cdn-cachedat: 2019-02-08 18:45:20
cdn-pullzone: 31826
content-length: 1398
last-modified: Thu, 14 Dec 2017 17:59:24 GMT
server: BunnyCDN-DE1-367
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=2592000
cdn-requestid: 37d70f712cdae2e15493f434bb858b89
accept-ranges: bytes
expires: Sun, 10 Mar 2019 17:45:19 GMT

GET
H2 200 googleplus-white-60.png
sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 20 KB
20 KB 9ms
8ms Image
image/png 62.113.194.2
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sumo.b-cdn.net/static/21f704ba8612c11d49dbe24a9df0c4ad21e61e65/client/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/googleplus-white-60.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-367 /
Resource Hash: 568c290163b0a0957dc9a588116a279f2b47ce42ecc08a9033162c594a7413c6

Request headers

Referer: https://www.thelayoff.com/t/XtgJFAg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
cdn-edgeid: 367
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cdn-cachedat: 2019-02-08 18:45:20
cdn-pullzone: 31826
content-length: 20477
last-modified: Thu, 14 Dec 2017 17:59:24 GMT
server: BunnyCDN-DE1-367
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=2592000
cdn-requestid: 06ca5a761e9677eb6fd7a0b69b86c926
accept-ranges: bytes
expires: Sun, 10 Mar 2019 17:45:19 GMT

POST
H2 200 rpc Show response
clients6.google.com/ 226 B
519 B 32ms
29ms XHR
application/json 2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

30110a9f47676c1a8b60f79470826fc586d8f357f0b178c66c36dd7f924a0e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 177
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
etag: "nzYAwTRQO-x1blH_YdSYbeAsfgY/wVZ2DvPbxEUTTedEbgsU6Iy9Uqo"
vary: Origin, X-Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.thelayoff.com
access-control-expose-headers: Cache-Control,Content-Encoding,Content-Length,Content-Type,Date,ETag,Expires,Pragma,Server,Vary,X-Google-GFE-Backend-Request-Cost
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
239 B 206ms
205ms XHR
application/json 54.148.199.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-148-199-253.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
vary: Origin, Accept-Encoding
server: nginx/1.12.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
239 B 183ms
182ms XHR
application/json 54.148.199.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-148-199-253.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
vary: Origin, Accept-Encoding
server: nginx/1.12.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
239 B 180ms
179ms XHR
application/json 54.148.199.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-148-199-253.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
vary: Origin, Accept-Encoding
server: nginx/1.12.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
239 B 239ms
239ms XHR
application/json 54.148.199.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-148-199-253.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 08 Feb 2019 18:00:47 GMT
vary: Origin, Accept-Encoding
server: nginx/1.12.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
239 B 180ms
179ms XHR
application/json 54.148.199.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-148-199-253.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 08 Feb 2019 18:00:48 GMT
vary: Origin, Accept-Encoding
server: nginx/1.12.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

POST
H2 200 jsonpcallback Show response
sumo.com/api/ 16 B
239 B 179ms
179ms XHR
application/json 54.148.199.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/jsonpcallback

Requested by

Host: load.sumome.com
URL: https://load.sumome.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-148-199-253.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.thelayoff.com/t/XtgJFAg
Origin: https://www.thelayoff.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 08 Feb 2019 18:00:48 GMT
vary: Origin, Accept-Encoding
server: nginx/1.12.1
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 16

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-18 22:27:32	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 07:49:04	Name: IDE Value: AHWqTUnSmC8fqjtwMe_HgRm7iFbezTblRY3QZJyylh_NT5v0-6d_r0dHkWNMkZMR
.thelayoff.com/	1970-01-19 00:37:04	Name: _fbp Value: fb.1.1549648844023.1437544832
.thelayoff.com/	1970-01-18 22:27:28	Name: _gat_UA-10256470-8 Value: 1
.thelayoff.com/	1970-01-18 22:28:55	Name: _gid Value: GA1.2.729694714.1549648844
.thelayoff.com/	1970-01-19 15:58:40	Name: _ga Value: GA1.2.678033718.1549648843
www.thelayoff.com/	1970-01-19 07:13:04	Name: _sid Value: 46e76b81-2fa5-4d4b-9132-6bbb98f44ede
.thelayoff.com/	1970-01-19 07:13:04	Name: __cfduid Value: dcad5e75120a01b0d597be3a3be73b89b1549648842
www.thelayoff.com/t	1970-01-18 23:10:40	Name: __smVID Value: f27daa84f41257eab6b26f617644d8696d1b875b27431278c679c318500cd962

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js(Line 1) Message: %cDownload the React DevTools for a better development experience: https://fb.me/react-devtools
console-api	warning	URL: https://www.thelayoff.com/assets/TLO/js/app-c1ccd7c601.js(Line 1) Message: Warning: The "extend" API will be removed in the upcoming v4.0 release. Use styled(StyledComponent) instead. You can find more information here: https://github.com/styled-components/styled-components/issues/1546

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.bufferapp.com
api.facebook.com
clients1.google.com
clients6.google.com
connect.facebook.net
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
load.sumome.com
pagead2.googlesyndication.com
reddit.com
rk-prod.firebaseio.com
s-usc1c-nss-249.firebaseio.com
sumo.b-cdn.net
sumo.com
widgets.pinterest.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.reddit.com
www.thelayoff.com
104.18.167.29
151.101.0.84
151.101.1.140
2600:1901:0:94b6::
2606:4700:10::6814:853b
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:818::2002
2a00:1450:4001:818::2003
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::200e
2a00:1450:4001:820::2002
2a00:1450:4001:821::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
52.38.84.169
54.148.199.253
62.113.194.2
025d4f2f1b559a98604c4156550a022c8d85bc811dedac1e8b8dacfdca0d76d7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0cf8bb6aacffbd7c835fead9959d3c4251bba9f40c1745dee77493bac59441ab
0e44430f16839436bbd2ea18083a8d26575aba4f54f50e59993acc1f8ac92803
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b957f9dae3447f060741a85a4dac51025280e56a67fbe369da265f0a76cca96
1e307f6570aa06128f591e245c186f6d7a5b0cfd879f203fbdc7b2f440d5cd4c
222d6a37b66b79384926caa02c4dd11d56ab1d64ffb239fd5db9ebf1abfaf6b5
263e39ff79dd2114faed7fca29269ccfb28a611be573230b37ddf2838f35da47
2ce34ecc9d96df66eb841ee652f97a87458a6cad55ab96439b53b2f188d61966
2d25a036ea3b16eae693d54d8300f135116c78ed745eec10f9bffc508735d613
30110a9f47676c1a8b60f79470826fc586d8f357f0b178c66c36dd7f924a0e99
30bd0120e57f70174a17629a1703bb0d29bd1660f244aa45d0542637d5b960d7
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3f275b5815ecd7259e3edc7f777fd0f51bd64f644ac361cc0cc74adc7f5807e1
416ebdae1319a43b48e3caf0a24100ab786aa6432e276fb735da780aa435b300
41a1032e508250c01a613cfba4db03f302600c43ca5986780c4d8df9f591881c
431270143e9fb062562e977b4e3a627d721bfd1a97e45e87794e2515425f3f60
43eb7e5b4e2529e53444a059164e28fc8dfb4a3b2aabb2c9c9a5038711567882
4aae17f1902f8b8743ef7aeb57054794e40779b1d84a127dc9e1b8f2c4b7355f
4ef5fb2e865dc6e4eea24fed8058460aaab92c5dbdba45fb59ce19af5491f0c9
5299887c048f85452d6768acb2a37464f4212f1f42dbb8af4a086cfa38782f46
568c290163b0a0957dc9a588116a279f2b47ce42ecc08a9033162c594a7413c6
56d71c34cb84ae72e24f26facb8be35b5590c26a16a9879228f4a4a43a882fc2
5cae17464eb3546049c5f957b37e0b751fcc15b7adbb616ca90b98b29070e08f
628f56ae4c5042aa8ae47d9420939ad5ce0277ece733bdf70411879cdc229c64
650f5ba6107c1e880aa93a060c5c65fdf8097c39e95368accd4c4f68a461d5ae
6cb1342d9c3250d2ee676182b788c4bbb3bb412b98c5295dab90fd4ce45971a4
6ccd29d8a00f2d01af1ada1d0c1c995cd405d9161e42d3dc46c61a60506410f5
734371ae3281d7a36957ab5d66796041b7cfa199ecc0a58c51cad5322587cc3e
772936df0f7b91673c2c52dbd0f83f9382d8ad1218a620bbb453cb8a0e3ea251
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8047554d11ee219d22ba32128d162836c302e7ef7f0d10015b5649c650a57832
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
89515cf1591bd23cb43b990f72906a99a02ae0b4400857bda14dca73e89648ae
8cda73e6a0e5533a80c6bf94cf5a7b2a0e399ea1c482399b11a21096a8081faa
8e9bd0e2d3d483ebc55071a08a6b569aac5da3a6b7d473c4dd7f0288030f8dae
966cd7ebddb3c4950892392182ee24efe0f13892b23172c5a4e2402a7792bcdd
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
a9161d73cd6490abd72bc80bb1812c24ff04501c0cc458fa72a1df2cb96efa5c
ab319d57e603f0b32564cb0c2e79cfdd2502ce7f54f618db7965a4ecfd7dc768
ab9ce1508d627ed12d75882c3886a4eac9bdc8d7ef2318f19d3dad9f051c78bd
ad6093a01cab65e3930c43ede2e3bb7ba58ac1ed279a0dee4a9541ee9fa43fa6
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
bf1bccd90ec923167084d5db62ddfe01cee193455760655a8abe734946368121
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1
c3f98836683d924a81130f4632c179424ebcc9c9921e7a4680f81c705f3bdd5d
c6d248d1bca62a13f7a5a6363736e10b4858dd4cc539aaf0018b40b036ac5757
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d71ac27801eb2218bfb388eeff3000dc54a5838e8ed73955ca368c42311a780f
dd393663ee4331edfa153519f0a4d33cc40f0d460e36ea0f800a5203e579bf7b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb44a5e28b65adaa17b5db1f931e4681ae8103a5f194b8c0704ecc5611a83bb3
f23f82eb4ac28b579bf3aca907c71578f8eaaa6a8f9b6b688d05d306c7c82a98
f608bec9f183fe5c0da091ae18afcf0832e9e97c9368592fbabf1ca2adacaa43
fc8e6d9395b6bbed65bbdc73a0bc7a6f6f12b188c1c316b9ef0273fd3addf18f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

www.thelayoff.com Open in urlscan Pro 2606:4700:10::6814:853b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

82 Requests

100 %HTTPS

74 %IPv6

20 Domains

29 Subdomains

23 IPs

3 Countries

1176 kBTransfer

3990 kBSize

9 Cookies

1 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thelayoff.com Open in urlscan Pro
2606:4700:10::6814:853b Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

100 %
HTTPS

74 %
IPv6

20
Domains

29
Subdomains

23
IPs

3
Countries

1176 kB
Transfer

3990 kB
Size

9
Cookies

82 HTTP transactions
0 data transactions