www.thelayoff.com Open in urlscan Pro
2606:4700:10::6814:853b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thelayoff.com/
Submission: On March 28 via manual (March 28th 2023, 11:39:51 am UTC) from US — Scanned from DE

Summary HTTP 90 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 36 IPs in 2 countries across 33 domains to perform 90 HTTP transactions. The main IP is 2606:4700:10::6814:853b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thelayoff.com. The Cisco Umbrella rank of the primary domain is 72325.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2022. Valid for: a year.

This is the only time www.thelayoff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:10:... 2606:4700:10::6814:853b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::2013	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:1200:f:e7d4:f900:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	52.219.176.225 52.219.176.225	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
5	2600:1901:0:6... 2600:1901:0:6072::1	15169 (GOOGLE) (GOOGLE)
1	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:8e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	18.224.11.108 18.224.11.108	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:7ec2::1	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	() ()
1	2606:4700::68... 2606:4700::6812:372	() ()
1	216.52.2.86 216.52.2.86	() ()
1	185.89.211.132 185.89.211.132	() ()
2	52.59.26.48 52.59.26.48	() ()
1	104.18.24.185 104.18.24.185	() ()
6	52.28.203.152 52.28.203.152	() ()
1	185.64.189.112 185.64.189.112	() ()
1	147.75.85.234 147.75.85.234	() ()
1	3.67.237.149 3.67.237.149	() ()
4	157.90.0.13 157.90.0.13	() ()
90	36

3 2606:4700:10::6814:853b (United States)

ASN13335 (CLOUDFLARENET, US)

www.thelayoff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

assets.thelayoff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:1200:f:e7d4:f900:21 (United States)

ASN16509 (AMAZON-02, US)

d2yxxa3y12yhno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.176.225 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3.us-east-2.amazonaws.com

s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1901:0:6072::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

stupendoussnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:8e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.224.11.108 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-11-108.us-east-2.compute.amazonaws.com

pbjs-stream.bydata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7ec2::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

ambiguousafternoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (None, )

ASN- ()

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (None, )

ASN- ()

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.86 (None, )

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.211.132 (None, )

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.26.48 (None, )

ASN- ()

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.185 (None, )

ASN- ()

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.28.203.152 (None, )

ASN- ()

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (None, )

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.237.149 (None, )

ASN- ()

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.90.0.13 (None, )

ASN- ()

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	google.com cse.google.com — Cisco Umbrella Rank: 2661 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 454	171 KB
7	thelayoff.com www.thelayoff.com — Cisco Umbrella Rank: 72325 assets.thelayoff.com — Cisco Umbrella Rank: 297598	367 KB
6	yahoo.com c2shb.ssp.yahoo.com	2 KB
5	gstatic.com fonts.gstatic.com	115 KB
5	stupendoussnow.com stupendoussnow.com — Cisco Umbrella Rank: 231709	106 KB
4	richaudience.com shb.richaudience.com	949 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	154 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax.amazon-adsystem.com — Cisco Umbrella Rank: 790	59 KB
3	4dex.io script.4dex.io mp.4dex.io	25 KB
3	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 24 fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2368	20 KB
2	sharethrough.com btlr.sharethrough.com	319 B
2	bydata.com pbjs-stream.bydata.com — Cisco Umbrella Rank: 68162	151 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	136 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	130 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1287	104 B
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	165 KB
1	bidswitch.net grid.bidswitch.net	242 B
1	a-mo.net prebid.a-mo.net	329 B
1	pubmatic.com hbopenbid.pubmatic.com	118 B
1	casalemedia.com htlb.casalemedia.com	570 B
1	adnxs.com ib.adnxs.com	831 B
1	lijit.com ap.lijit.com	528 B
1	ambiguousafternoon.com ambiguousafternoon.com	74 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 575	483 B
1	amazonaws.com s3.us-east-2.amazonaws.com	18 KB
1	cloudfront.net d2yxxa3y12yhno.cloudfront.net	43 KB
0	yieldmo.com Failed ads.yieldmo.com Failed
0	yellowblue.io Failed hb.yellowblue.io Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
0	3lift.com Failed tlx.3lift.com Failed
0	smartadserver.com Failed prg.smartadserver.com Failed
90	33

	Domain	Requested by
6	c2shb.ssp.yahoo.com	www.thelayoff.com
5	www.google.com	d2yxxa3y12yhno.cloudfront.net www.google.com www.thelayoff.com
5	fonts.gstatic.com	www.thelayoff.com fonts.googleapis.com
5	stupendoussnow.com	d2yxxa3y12yhno.cloudfront.net
4	shb.richaudience.com	www.thelayoff.com
4	assets.thelayoff.com	www.thelayoff.com assets.thelayoff.com
3	securepubads.g.doubleclick.net	d2yxxa3y12yhno.cloudfront.net securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	d2yxxa3y12yhno.cloudfront.net c.amazon-adsystem.com
3	www.thelayoff.com	www.thelayoff.com
2	btlr.sharethrough.com	www.thelayoff.com
2	script.4dex.io	d2yxxa3y12yhno.cloudfront.net
2	www.googleapis.com
2	pbjs-stream.bydata.com	d2yxxa3y12yhno.cloudfront.net
2	www.facebook.com	www.thelayoff.com
2	cse.google.com	d2yxxa3y12yhno.cloudfront.net
2	connect.facebook.net	d2yxxa3y12yhno.cloudfront.net
2	www.google-analytics.com	d2yxxa3y12yhno.cloudfront.net www.google-analytics.com
2	www.googletagmanager.com	d2yxxa3y12yhno.cloudfront.net
2	i.clean.gg	d2yxxa3y12yhno.cloudfront.net
2	pagead2.googlesyndication.com	www.thelayoff.com d2yxxa3y12yhno.cloudfront.net
1	grid.bidswitch.net	www.thelayoff.com
1	prebid.a-mo.net	www.thelayoff.com
1	hbopenbid.pubmatic.com	www.thelayoff.com
1	htlb.casalemedia.com	www.thelayoff.com
1	ib.adnxs.com	www.thelayoff.com
1	ap.lijit.com	www.thelayoff.com
1	mp.4dex.io	www.thelayoff.com
1	fonts.googleapis.com	d2yxxa3y12yhno.cloudfront.net
1	ambiguousafternoon.com	d2yxxa3y12yhno.cloudfront.net
1	clients1.google.com	www.thelayoff.com
1	googleads.g.doubleclick.net	d2yxxa3y12yhno.cloudfront.net
1	region1.google-analytics.com	www.googletagmanager.com
1	static.adsafeprotected.com	www.thelayoff.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	s3.us-east-2.amazonaws.com	www.thelayoff.com
1	d2yxxa3y12yhno.cloudfront.net	www.thelayoff.com
0	ads.yieldmo.com Failed	www.thelayoff.com
0	hb.yellowblue.io Failed	www.thelayoff.com
0	fastlane.rubiconproject.com Failed	www.thelayoff.com
0	tlx.3lift.com Failed	www.thelayoff.com
0	prg.smartadserver.com Failed	www.thelayoff.com
90	41

This site contains links to these domains. Also see Links.

Domain
getadmiral.com

Subject Issuer	Validity	Valid
thelayoff.com Cloudflare Inc ECC CA-3	`2022-04-29` - `2023-04-29`	a year	crt.sh
assets.thelayoff.com GTS CA 1D4	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.s3.us-east-2.amazonaws.com Amazon	`2022-09-21` - `2023-08-31`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2023-03-27` - `2023-06-25`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
stupendoussnow.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.bydata.com Amazon RSA 2048 M01	`2023-02-09` - `2023-05-31`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
ambiguousafternoon.com R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-31` - `2023-08-31`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.a-mo.net R3	`2023-02-02` - `2023-05-03`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.thelayoff.com/
Frame ID: 8F801385DD94F600290654BAA50101C0
Requests: 86 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230323/r20190131/zrt_lookup.html
Frame ID: AC00832C001FA1153B5CBAA1286387EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TheLayoff.com - Layoffs Discussion Boardsearchuser-signalchecklistsettings-toggle-horizontal

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

90
Requests

84 %
HTTPS

60 %
IPv6

33
Domains

41
Subdomains

36
IPs

2
Countries

1591 kB
Transfer

5061 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://getadmiral.com/pb/?utm_source=www.thelayoff.com&utm_medium=pb&session=5-0f59794c04365af2be50cbbb69feedca-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

90 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.thelayoff.com/ 54 KB
13 KB 445ms
406ms Document
text/html 2606:4700:10::6814:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f12236a20439c7cb8be96c2337a420abb7da918e859325ff4d8508618bae2b20

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, private
cf-cache-status: DYNAMIC
cf-ray: 7aef9829ee979b86-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 28 Mar 2023 11:39:45 GMT
etag: W/"29a27749257a58cdbd6386e45b9ade50c3c41540adce276d42fa0634831e3acb-a"
expires: Tue, 28 Mar 2023 11:39:45 GMT
server: cloudflare
vary: Accept-Encoding
x-cloud-trace-context: 85c258b7bc6d0cd9f43b52f5366a1c23

GET
H2 200 app-459488db65.css
assets.thelayoff.com/assets/css/TLO/app/ 42 KB
12 KB 306ms
176ms Stylesheet
text/css 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thelayoff.com/assets/css/TLO/app/app-459488db65.css
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 102d07d7fea616ff5f5f1da4bddddba4e33609c152f6a0bdaa5878cbc8c78774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
content-encoding: gzip
server: Google Frontend
etag: "wJUQFA"
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 49da2497ec6faed076e7c08fd1692c15
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 11:39:46 GMT

GET
H2 200 app-dcda06b84f.js Show response
assets.thelayoff.com/assets/js/prod/TLO/app/ 351 KB
113 KB 327ms
197ms Script
application/javascript 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thelayoff.com/assets/js/prod/TLO/app/app-dcda06b84f.js
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: af8d929017f5b3571814af7930bec36e85965e53277ea0eaefc03a94b57ab92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
content-encoding: gzip
server: Google Frontend
etag: "wJUQFA"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 8e13b11731971c225a32e58ed4a84bde
cache-control: public, max-age=31536000
expires: Wed, 27 Mar 2024 11:39:46 GMT

GET
H2 200 prebid.js Show response
www.thelayoff.com/ 447 KB
117 KB 162ms
162ms Script
application/javascript 2606:4700:10::6814:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelayoff.com/prebid.js
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26c08137c1291bb4e23487395be16429412579423e07f9d7842098bb3d5635b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"wJUQFA"
vary: Accept-Encoding
content-type: application/javascript
x-cloud-trace-context: 35f6c3c0f50d317ffbe4c55300119538;o=1
cache-control: public, max-age=432000
cf-ray: 7aef982c7abe9b86-FRA
expires: Tue, 28 Mar 2023 11:49:46 GMT

GET
H2 200 script.js Show response
d2yxxa3y12yhno.cloudfront.net/ 123 KB
43 KB 46ms
8ms Script
application/javascript 2600:9000:225e:1200:f:e7d4:f900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1200:f:e7d4:f900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76693112e0fd3dea410d59ab157e3fc449c7d6dadeeae46cb6dba4cf0f716706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: jbWfVT4UO3dkZLARK7_MQiaijdaNjqX7
content-encoding: gzip
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
date: Tue, 28 Mar 2023 11:37:42 GMT
last-modified: Tue, 28 Mar 2023 10:12:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 125
x-amz-server-side-encryption: AES256
etag: W/"c3d585b0dc87d386ed74e872d081e5b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600,public,must-revalidate
x-amz-cf-id: yiHSZszUdY_yZkCRiLow7d5WxWpjmVv1_AktZ4fr-xcn72TJr4LbZA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 231ms
151ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18184729565480a99a084e9f8cdefd4d12a1e6c5f451b5cc6f2d911ae0d492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48969
x-xss-protection: 0
server: cafe
etag: 15515183443104278158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 11:39:46 GMT

GET
H/1.1 200
OK bydataAnalytics.js Show response
s3.us-east-2.amazonaws.com/telemetry.bydata/Thelayoff/ 18 KB
18 KB 377ms
133ms Script
application/javascript 52.219.176.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.us-east-2.amazonaws.com/telemetry.bydata/Thelayoff/bydataAnalytics.js?cId=asc97020
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.176.225 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 90785254dc8088d3b09663775de904e700a20bf5ac50b35aab74ef9574cb6275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 11:39:47 GMT
Last-Modified: Wed, 23 Nov 2022 09:38:47 GMT
Server: AmazonS3
x-amz-request-id: XDW9X7ZZ3KEKAPHC
ETag: "a32823a1f84de4544e85f0f7a8b2ee82"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 18335
x-amz-id-2: Fon4TTBY+NQhfJOEEvfWyFeRKUgD8I5MDD/0GL/hiA3vW+w5aHv1zU0FLlPXC9wanFn/qjvYu0s=

GET
H2 200 logo.png
assets.thelayoff.com/assets/images/TLO/app/ 1 KB
1 KB 215ms
162ms Image
image/png 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.thelayoff.com/assets/images/TLO/app/logo.png
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 1b957f9dae3447f060741a85a4dac51025280e56a67fbe369da265f0a76cca96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
server: Google Frontend
etag: "wJUQFA"
content-type: image/png
access-control-allow-origin: *
x-cloud-trace-context: c607c5c428d01027a012e0ad40c0989a
cache-control: public, max-age=600
expires: Tue, 28 Mar 2023 11:49:46 GMT

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 101ms
100ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 144ms
102ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelayoff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 28 Mar 2023 11:39:46 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 224 KB
55 KB 31ms
8ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:29:05 GMT
content-encoding: gzip
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 19:29:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 642
etag: W/"9bc5c23889e7664ec16504ac1d3adeb5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: oEDfraxAm2JlTeh5tfPp5TKFco20IXYvCLi-gD5YqMA9C7SKsFJj7g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
48 KB 128ms
48ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3VN9S

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa894f97a67ad9377a6b00ebd0e074a77abca7b95e148a0de5d3955202932fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48653
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Mar 2023 11:39:46 GMT

GET
H2 200 v2vrcIWue9hVBNMr4GzmaiTqZswlA3Lyp9DxWaHbzfBGJYSpbUorJ2vnpwCVijiio Show response
stupendoussnow.com/ 584 KB
101 KB 91ms
44ms Script
text/javascript 2600:1901:0:6072::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2vrcIWue9hVBNMr4GzmaiTqZswlA3Lyp9DxWaHbzfBGJYSpbUorJ2vnpwCVijiio

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

1d9cfda1fced39a86493ccae693c451b5b237f83fd13e288b0237a781e0a81c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Tue, 28 Mar 2023 11:39:46 GMT
x-datacenter: gce-europe-west1
etag: "ab5fb82dcc3b1b582b160125f78657392507186af4f58d1b608273c70f292820"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-blst
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 814291840
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2rjePF00qYmg_cEpitnv6NiUnmxGBwrJthuH2l1yDm3bua_Y_P2WbVp0bWEfuPCfxzDyEbR1GoGCOZMYyA Show response
stupendoussnow.com/ 9 KB
4 KB 72ms
24ms Script
text/javascript 2600:1901:0:6072::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2rjePF00qYmg_cEpitnv6NiUnmxGBwrJthuH2l1yDm3bua_Y_P2WbVp0bWEfuPCfxzDyEbR1GoGCOZMYyA

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

9f5fdae68ab2de19cc3f3a3424646fd57429a7ce6f94085dbd20841fa8370630

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
via: 1.1 google
date: Tue, 28 Mar 2023 11:39:46 GMT
x-datacenter: gce-europe-west1
etag: "31afcc43b1402ce1de8e798e779d3f102f74dc123c7d411026de8e6e3482154b"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-blst
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 814291840
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 8ms
8ms XHR
text/plain 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.thelayoff.com&pubid=c98d9ca3-74f6-411e-a97e-3e9fb7150426
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 09:00:10 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 9575
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thelayoff.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: NB100vHoBuCt0XFntJ9rZSJ1E7fiQfVSLwA1Rxn-iVDjJyqytdAZMQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
8ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 02:15:55 GMT
x-amz-version-id: JWp1qp7MFzulJHtnMcdn8BBX506LKUt8
content-encoding: gzip
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 33832
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 28 Mar 2023 02:10:35 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: fP6M0eac6d5c-Yq1KNxv-YR9bVIXDtVvHTAUMgwkLMLmpm9A7cXHEA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
467 B 78ms
51ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.thelayoff.com%2F&pid=K2q1OTfbOAett&cb=0&ws=1600x1200&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-TLO_sticky%22%2C%22s%22%3A%5B%22300x600%22%2C%22240x240%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22356742356%2FTLO_sticky%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TLO_Left_Sticky%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22356742356%2FTLO_Left_Sticky%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TLO_top%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22356742356%2FTLO_top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TLO_above-fold%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22356742356%2FTLO_above-fold%22%7D%5D&pubid=c98d9ca3-74f6-411e-a97e-3e9fb7150426&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 8JBMF4ZD9RD86FSXF7NS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: plElt7KJRbJBXeJUr9PfbBWwPPOVPNRWbxuWv-f6vJ6DiMWeCXhnnA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 114ms
35ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Mar 2023 10:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5675
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Mar 2023 12:05:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 41ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Mar 2023 11:39:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: wIYj7X/hDJYrJ6uashVS/IpRW/ylZr6XWRxLuBD7yQQ4Z8pbveglQHFD3cQu3ROXj/StWUlVhuWN7qsI19a7/Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
82 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZBM3HKNL26&l=dataLayer&cx=c

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4161e5df54ef784e81549d97fefac48813df78d9101570cc083a39866898f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Mar 2023 11:39:46 GMT

GET
H2 200 1810234349221521 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1810234349221521?v=2.9.100&r=stable

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74e85a5daed1f9d2630c788cd3c2388a483e44689a394e38c019c3ac0488e87e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Mar 2023 11:39:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110199
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: PBaYFZQR9G7lnSlxvQ956I6l9FneyZUVD318161d0haoyeVnwg7i5XVEMHMOdA7BLhZad5JUp5TpSrLjIWN0FA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 9 KB
4 KB 155ms
63ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=partner-pub-2815355632543185:7817595802

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

ca69aa6aad1bd0295cdaba86a04bd09de7b89e306adf4a148a88d497b5dfc596

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
content-encoding: br
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-nWoWYf3-H4mjAMgDqIixtQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3002
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Tue, 28 Mar 2023 11:39:46 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 155ms
76ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/
Origin: https://www.thelayoff.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:56 GMT
x-content-type-options: nosniff
age: 10910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14380
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:56 GMT

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v17/ 34 KB
35 KB 114ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/
Origin: https://www.thelayoff.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:43:54 GMT
x-content-type-options: nosniff
age: 10552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35284
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:43:54 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v18/ 13 KB
14 KB 165ms
86ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/
Origin: https://www.thelayoff.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:38:42 GMT
x-content-type-options: nosniff
age: 10864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13780
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:38:42 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
483 B 37ms
7ms Image
image/gif 2600:9000:223f:8e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adunitid=jgniz&adnum=9585889
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 23834808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 2YAeIGggUhwhxeM_5BKnHXcMPBDbFNhhlZY_EtUG89KceLKv6HrKAQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 49ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZBM3HKNL26&gtm=45je33r0&_p=1771441890&cid=1783166070.1680003586&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680003586&sct=1&seg=0&dl=https%3A%2F%2Fwww.thelayoff.com%2F&dt=TheLayoff.com%20-%20Layoffs%20Discussion%20Board&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZBM3HKNL26&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 11:39:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelayoff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 37ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1810234349221521&ev=PageView&dl=https%3A%2F%2Fwww.thelayoff.com%2F&rl=&if=false&ts=1680003586399&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680003586398.815551985&it=1680003586318&coo=false&rqm=GET

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 11:39:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/ 350 KB
117 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5319129750974885&plah=www.thelayoff.com&bust=31073403

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c58180a4df34118766484ecca8d8a2934a39475984124c2a51e166ebf92cda67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119845
x-xss-protection: 0
server: cafe
etag: 10412082862155841735
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 11:39:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230323/r20190131/ Frame AC00 10 KB
5 KB 115ms
35ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230323/r20190131/zrt_lookup.html

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 17:04:29 GMT
etag: 2378337311435320485
expires: Mon, 10 Apr 2023 17:04:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
210 B 42ms
42ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1771441890&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thelayoff.com%2F&ul=en-us&de=UTF-8&dt=TheLayoff.com%20-%20Layoffs%20Discussion%20Board&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1402559025&gjid=218583898&cid=1783166070.1680003586&tid=UA-10256470-8&_gid=2120948630.1680003586&_r=1&_slc=1&gtm=45He33r0n71M3VN9S&z=407085468

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 11:39:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelayoff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/c23214b953e32f29/ 304 KB
102 KB 127ms
47ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c23214b953e32f29/cse_element__en.js?usqp=CAI%3D

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2be8af2e340e1b5c9b3df08aadc66054c96591e99ec95f3859e2fac7270102b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 20:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103982
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 20:46:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 25 Mar 2024 20:14:58 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/c23214b953e32f29/ 41 KB
9 KB 125ms
45ms Stylesheet
text/css 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c23214b953e32f29/default+en.css

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 20:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9086
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 20:46:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Mon, 25 Mar 2024 20:14:58 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 125ms
46ms Stylesheet
text/css 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1684
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 28 Mar 2023 12:01:42 GMT

GET
H2 200 captcha Show response
assets.thelayoff.com/ 154 B
326 B 244ms
159ms XHR
text/html 2a00:1450:4001:806::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.thelayoff.com/captcha
Requested by: Host: assets.thelayoff.com
URL: https://assets.thelayoff.com/assets/js/prod/TLO/app/app-dcda06b84f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: bf66e742ac8303505c9d4bf89edf562b05ed2f1c10a216e3bbd55f89b0caf85c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c2b0634797381cf7455d7c6977d78eac
cache-control: no-cache
content-length: 136

GET
DATA 200
OK truncated
/ 253 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b0559df9959b25f352d936b30c802cd0c58abe8b71cd7374c50ba9df966206d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/
Origin: https://www.thelayoff.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:56 GMT
x-content-type-options: nosniff
age: 10910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15056
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:56 GMT

GET
H2 200 worker-bundle-c40517bd2d.js
www.thelayoff.com/assets/js/prod/TLO/app/ 382 KB
111 KB 32ms
31ms Other
application/javascript 2606:4700:10::6814:853b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelayoff.com/assets/js/prod/TLO/app/worker-bundle-c40517bd2d.js
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:853b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c156c5215682c621940dc2bbe6d201e8474b1096f15acd98f5a0d5fe0394b2cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2383611
etag: W/"3HkF2A"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 7aa37b07761e95fe5dfe32afd1aa790f
cache-control: public, max-age=31536000
cf-ray: 7aef983008d19b86-FRA
expires: Wed, 28 Feb 2024 21:32:55 GMT

POST
H2 200 events Show response
pbjs-stream.bydata.com/topics/ 2 B
151 B 117ms
116ms Fetch 18.224.11.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs-stream.bydata.com/topics/events
Requested by: Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.11.108 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-11-108.us-east-2.compute.amazonaws.com
Software: uvicorn /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/vnd.kafka.json.v2+json

Response headers

access-control-allow-origin: https://www.thelayoff.com
date: Tue, 28 Mar 2023 11:39:47 GMT
access-control-allow-credentials: true
server: uvicorn
content-length: 2
vary: Origin

OPTIONS
H2 200 events
pbjs-stream.bydata.com/topics/ Frame 0
0 377ms
116ms Preflight
text/plain 18.224.11.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs-stream.bydata.com/topics/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.224.11.108 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-11-108.us-east-2.compute.amazonaws.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelayoff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.thelayoff.com
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 28 Mar 2023 11:39:46 GMT
server: uvicorn
vary: Origin

OPTIONS
H2 200 signupNewUser
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 215ms
136ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyBNObR8JSiVATaUd_N_WQuq0xOf-7wNtds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://www.thelayoff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.thelayoff.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 28 Mar 2023 11:39:46 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 v2vitBQm5Es23v03tw21Y1oAmfgmrtCibNe8_N8zr2X-UqS2qQua6lqd5jGw-uLtZ4sX5eM73 Show response
stupendoussnow.com/ 206 B
233 B 70ms
37ms Fetch
application/json 2600:1901:0:6072::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2vitBQm5Es23v03tw21Y1oAmfgmrtCibNe8_N8zr2X-UqS2qQua6lqd5jGw-uLtZ4sX5eM73

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

b2e2b2c8780a2650914596035bf57fccd94323725a2c2f0095063053d29b2d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Tue, 28 Mar 2023 11:39:46 GMT
via: 1.1 google
x-buildnumber: 814291840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
x-hostname: fen-hoothoot-europe-west1-blst
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Tue, 28 Mar 2023 11:39:45 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 140 KB
52 KB 1178ms
1178ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8421e2052dea02654e8ddc0148ac7ffad47e88037cac9d1a836a974cb8c0e0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "10776271886188660750"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Tue, 28 Mar 2023 11:39:47 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 36ms
35ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c23214b953e32f29/default+en.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/c23214b953e32f29/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
age: 495275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Thu, 21 Mar 2024 18:05:11 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 35ms
35ms Image
image/png 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 12:06:39 GMT
x-content-type-options: nosniff
age: 84787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1372
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 26 Mar 2024 12:06:39 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 146ms
34ms Image
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 v2gptr43KtaYFZ3dK6eDrWwEYa15ngdfmvZINaExp5O6RVtUsKT_d2f74HUkx60p5CBiLiKUP Show response
stupendoussnow.com/ 439 B
464 B 24ms
24ms Fetch
application/json 2600:1901:0:6072::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2gptr43KtaYFZ3dK6eDrWwEYa15ngdfmvZINaExp5O6RVtUsKT_d2f74HUkx60p5CBiLiKUP

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

7a947d9eabd980b3c00fc07e7fcb5a72972e80fadf6487792f015aeaf175b262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Tue, 28 Mar 2023 11:39:46 GMT
via: 1.1 google
x-buildnumber: 814291840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 439
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
x-hostname: fen-hoothoot-europe-west1-blst
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 ConsentManager Show response
ambiguousafternoon.com/v2mep3xBBN8ZcUm5DcXmwr6MtTUj79nO2QMegsI4lG8s1UP-Sca5ESJzViDqSF52gTIg67dI/ 246 KB
74 KB 175ms
29ms Script
text/javascript 2600:1901:0:7ec2::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ambiguousafternoon.com/v2mep3xBBN8ZcUm5DcXmwr6MtTUj79nO2QMegsI4lG8s1UP-Sca5ESJzViDqSF52gTIg67dI/ConsentManager

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7ec2::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

7efa499d1fe951efe07e644f2db1f727f85c63a0dd080721d6f79799f7fb97cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thelayoff.com/
Origin: https://www.thelayoff.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Tue, 28 Mar 2023 11:39:46 GMT
x-buildnumber: 814291840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-datacenter: gce-europe-west1
etag: "ba933e830aafb349b917ed508ba86e8e433dd40439c13019bc87b9bb7b3f2baf"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
x-hostname: fen-hoothoot-europe-west1-blst
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1810234349221521&ev=Microdata&dl=https%3A%2F%2Fwww.thelayoff.com%2F&rl=&if=false&ts=1680003586901&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TheLayoff.com%20-%20Layoffs%20Discussion%20Board%22%2C%22meta%3Adescription%22%3A%22Layoffs%20Discussion%2C%20News%20and%20Rumors.%20Ask%2C%20answer%2C%20speculate%20on%20layoffs%20in%20your%20company...%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22TheLayoff.com%22%2C%22og%3Atitle%22%3A%22TheLayoff.com%20-%20Layoffs%20Discussion%20Board%22%2C%22og%3Adescription%22%3A%22Layoffs%20Discussion%2C%20News%20and%20Rumors.%20Ask%2C%20answer%2C%20speculate%20on%20layoffs%20in%20your%20company...%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.thelayoff.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680003586398.815551985&it=1680003586318&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Mar 2023 11:39:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 124ms
45ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Mar 2023 11:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 11:35:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Mar 2023 11:39:47 GMT

POST
H3 200 v2vitBQm5Es23v03tw21Y1oAmfgmrtCibNe8_N8zr2X-UqS2qQua6lqd5jGw-uLtZ4sX5eM73 Show response
stupendoussnow.com/ 193 B
220 B 59ms
59ms Fetch
application/json 2600:1901:0:6072::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stupendoussnow.com/v2vitBQm5Es23v03tw21Y1oAmfgmrtCibNe8_N8zr2X-UqS2qQua6lqd5jGw-uLtZ4sX5eM73

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:6072::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

4377f224cebb14fe75639d89cc94f3f3fdda44faf1a0ffe6772a1c1d72162d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Tue, 28 Mar 2023 11:39:47 GMT
via: 1.1 google
x-buildnumber: 814291840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
x-hostname: fen-hoothoot-europe-west1-blst
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Tue, 28 Mar 2023 11:39:46 GMT

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thelayoff.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 08:37:43 GMT
x-content-type-options: nosniff
age: 10924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 08:37:43 GMT

OPTIONS
H3 200 getAccountInfo
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 136ms
135ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyBNObR8JSiVATaUd_N_WQuq0xOf-7wNtds

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://www.thelayoff.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.thelayoff.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 28 Mar 2023 11:39:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
26 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9adeda74f7bd29cd0c8712133d282a464a7d4ef3706c687930ab6af44d4318a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26167
x-xss-protection: 0
server: cafe
etag: 532 / 19444 / 31073327 / config-hash: 9982139876318747483
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 11:39:48 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303210101/ 396 KB
123 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303210101/pubads_impl.js?cb=31073327

Requested by

Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

794b2d4a93dae1de1b71a642fc1e18fed5293efaa1d9d4ec9515af20b25c2f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 06:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17409
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125670
x-xss-protection: 0
server: cafe
etag: 14691200833066450557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 27 Mar 2024 06:49:39 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 111 B
107 B 153ms
72ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thelayoff.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e358686b51ebe996e38cad0a4b580fc1af5ac5eebfa4c786865188e3e8c5b81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 11:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82
x-xss-protection: 0
expires: Tue, 28 Mar 2023 11:39:48 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1018 B 53ms
17ms Script
application/javascript 2606:4700:20::681a:8a9

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 11:39:51 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 758161
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2B4bZh7WPs8BDrGyrOVU6clQLO48uJTRq5GBlAwxLwkd10ITL25Eb6E3YAHRgGu7XDKu3xW4SD5qkq8i%2BsBSyKMyczEDtE%2FivpDQCO0c7EdouvUhDF8ZZfmM1JsENNmsVbm0Dg4HeduAXX1q"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7aef984d2a2592c3-FRA

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
594 B 57ms
29ms XHR
application/json 2606:4700::6812:372

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cbf2b9a48659b1d701af14c4c3f718fe4fc87d8c911aa26ddffad5962fdab25

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Tue, 28 Mar 2023 11:39:51 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: div-gpt-ad-TLO_sticky, Process Seats Booster. unable to get the seat booster engine for organization: 1281
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7aef984d29e29c10-FRA
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
528 B 73ms
24ms XHR
application/json 216.52.2.86

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.34.0
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbae9c59926a5f183364c7f108a5fc67766489d0f7f212f65d50c11df171939d

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 28 Mar 2023 11:39:51 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.thelayoff.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
831 B 52ms
15ms XHR
application/json 185.89.211.132

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 28 Mar 2023 11:39:51 GMT
AN-X-Request-Uuid: c64f3126-6c39-4bb8-a96d-5cf226739ab8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thelayoff.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.171; 185.213.155.171; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
160 B 54ms
18ms XHR
text/plain 52.59.26.48

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.26.48 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thelayoff.com
date: Tue, 28 Mar 2023 11:39:51 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST v1
btlr.sharethrough.com/universal/ 0
0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
159 B 105ms
70ms XHR
text/plain 52.59.26.48

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.26.48 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thelayoff.com
date: Tue, 28 Mar 2023 11:39:51 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST v1
btlr.sharethrough.com/universal/ 0
0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
570 B 52ms
30ms XHR
application/json 104.18.24.185

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=383784
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eacdc3dd9420b91eaea21a4597c13a83c7061a8113678ca94c1896d461c851f

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Mar 2023 11:39:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1znf7lMBrn%2BkqV8galjukYztSL1E63TqJB%2B%2F%2BoYZXZdWrZWLiPSv9l04fL1kVbGOCFsVWAAJdPxccBDR%2Fb4f%2Fu6y8EUWquAVT226LRgY2cAbhyIhenLKQCFVtnrpq0Gx2tTFAViM"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.thelayoff.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7aef984d3aac2bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST v1
prg.smartadserver.com/prebid/ 0
0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
281 B 68ms
42ms XHR
application/json 52.28.203.152

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab67e081a00a0&pos=tlo_sticky_300x600&cmd=bid&secure=1
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: 616c32954e12dab28ce0d98eda9ea77bb837942bcf849f2e6e57520adeef9b1c

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Mar 2023 11:39:51 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
282 B 64ms
39ms XHR
application/json 52.28.203.152

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab67e081a00a0&pos=tlo_sticky_160x600&cmd=bid&secure=1
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: 8260d9a569f2833d83edc903d192b730e0d59c8333d552232870bb875f2893ea

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Mar 2023 11:39:51 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
282 B 60ms
35ms XHR
application/json 52.28.203.152

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab67e081a00a0&pos=tlo_left_sticky_160x600&cmd=bid&secure=1
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: ea67308de589fb8c3e166dbc80322632848fa878f3508c7527fcf02ed90adc76

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Mar 2023 11:39:51 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
content-length: 77

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
509 B 43ms
17ms XHR
application/json 52.28.203.152

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab67e081a00a0&pos=tlo_left_sticky_120x600&cmd=bid&secure=1
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: 985d8e906833f0713e03d4b058115001de92b95b7acda04a459040cbf8ef71f7

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Mar 2023 11:39:51 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
281 B 61ms
36ms XHR
application/json 52.28.203.152

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab67e081a00a0&pos=tlo_top_728x90&cmd=bid&secure=1
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: 45028bd4402e14b7e2f440a34258479e649561cf7dc0fb929800b1433cf8285a

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Mar 2023 11:39:51 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
281 B 64ms
39ms XHR
application/json 52.28.203.152

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab67e081a00a0&pos=tlo_above_fold_728x90&cmd=bid&secure=1
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 -, , ASN (),
Reverse DNS
Software: ATS/9.1.10.25 /
Resource Hash: 1eda6c97ba48fd92690279c2be84a46b38f79689fab31fe87ef961143de52e45

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Mar 2023 11:39:51 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true
content-length: 80

POST auction
tlx.3lift.com/header/ 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 74ms
37ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thelayoff.com
date: Tue, 28 Mar 2023 11:39:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
329 B 67ms
24ms XHR
text/plain 147.75.85.234

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thelayoff.com
date: Tue, 28 Mar 2023 11:39:50 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
server: envoy
vary: origin, Accept-Encoding

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST hb-multi
hb.yellowblue.io/ 0
0

GET prebid
ads.yieldmo.com/exchange/ 0
0

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
242 B 53ms
15ms XHR
application/json 3.67.237.149

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.237.149 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31bb60f7af0673543675c4ba50f24b1b7da381977121865becf7196f761bf017

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thelayoff.com
date: Tue, 28 Mar 2023 11:39:51 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 49
content-type: application/json

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
238 B 60ms
21ms XHR
text/html 157.90.0.13

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.13 -, , ASN (),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Mar 2023 11:39:51 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
237 B 62ms
23ms XHR
text/html 157.90.0.13

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.13 -, , ASN (),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Mar 2023 11:39:51 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
237 B 61ms
22ms XHR
text/html 157.90.0.13

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.13 -, , ASN (),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Mar 2023 11:39:51 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
237 B 77ms
39ms XHR
text/html 157.90.0.13

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.90.0.13 -, , ASN (),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://www.thelayoff.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Mar 2023 11:39:51 GMT
content-encoding: gzip
server: nginx/1.14.2
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.thelayoff.com
access-control-allow-credentials: true

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
24 KB 35ms
20ms Fetch
application/javascript 2606:4700:20::681a:8a9

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thelayoff.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Tue, 28 Mar 2023 11:39:51 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VQM5B8B472J4YJHK
Age: 176887
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 3Bh88e9hCR9kExJdbcr6LNORSlhs3kGZ8Sw5ZRhSZ+DFy3TF5M2iGhjQHO8kFc98BdDyNEyU6tU=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXDfH%2BkabGl1WaosHZC6AcaEN7FFw0lYTD4X%2BSMuinTzJQXgW0wCQhs8eJ7uJHLY3TGWjARWyqT%2BJ3bUNP7jD4CNqcR0viEPFpR%2BjlSTrO%2B7Shh4QgUcKfiwhFZa7%2FRXCIURDB1U3ocij%2F2Y"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 7aef984d6cef91e7-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=7.34.0&referrer=https%3A%2F%2Fwww.thelayoff.com%2F&tmax=2000&gdpr=false

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20964&site_id=263354&zone_id=1302244&size_id=9&alt_size_ids=8%2C10&gdpr=0&rp_schain=1.0,1!ascendeum.com,asc97020,1,,,&rf=https%3A%2F%2Fwww.thelayoff.com%2F&tg_i.page=https%3A%2F%2Fwww.thelayoff.com%2F&tg_i.domain=thelayoff.com&tg_i.name=thelayoff.com&tg_i.cat=IAB4&tg_i.pbadslot=%2F356742356%2FTLO_sticky&tg_i.gpid=%2F356742356%2FTLO_sticky&tk_flint=pbjs_lite_v7.34.0&x_source.tid=a935a882-bf65-474c-a935-a2e00f5604a6&l_pb_bid_id=6115e4d2a56dde&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2917428712284049

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20964&site_id=263354&zone_id=1731456&size_id=9&alt_size_ids=8&gdpr=0&rp_schain=1.0,1!ascendeum.com,asc97020,1,,,&rf=https%3A%2F%2Fwww.thelayoff.com%2F&tg_i.page=https%3A%2F%2Fwww.thelayoff.com%2F&tg_i.domain=thelayoff.com&tg_i.name=thelayoff.com&tg_i.cat=IAB4&tg_i.pbadslot=%2F356742356%2FTLO_Left_Sticky&tg_i.gpid=%2F356742356%2FTLO_Left_Sticky&tk_flint=pbjs_lite_v7.34.0&x_source.tid=33be0f8b-2ee0-45cc-bf94-eefb6087365f&l_pb_bid_id=623438f0ca17699&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8538596380818306

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20964&site_id=263354&zone_id=1302250&size_id=2&gdpr=0&rp_schain=1.0,1!ascendeum.com,asc97020,1,,,&rf=https%3A%2F%2Fwww.thelayoff.com%2F&tg_i.page=https%3A%2F%2Fwww.thelayoff.com%2F&tg_i.domain=thelayoff.com&tg_i.name=thelayoff.com&tg_i.cat=IAB4&tg_i.pbadslot=%2F356742356%2FTLO_top&tg_i.gpid=%2F356742356%2FTLO_top&tk_flint=pbjs_lite_v7.34.0&x_source.tid=657da2e6-2198-4f45-9364-95c798249fce&l_pb_bid_id=6303efd44467cd9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20998604873750426

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20964&site_id=263354&zone_id=1302256&size_id=2&gdpr=0&rp_schain=1.0,1!ascendeum.com,asc97020,1,,,&rf=https%3A%2F%2Fwww.thelayoff.com%2F&tg_i.page=https%3A%2F%2Fwww.thelayoff.com%2F&tg_i.domain=thelayoff.com&tg_i.name=thelayoff.com&tg_i.cat=IAB4&tg_i.pbadslot=%2F356742356%2FTLO_above-fold&tg_i.gpid=%2F356742356%2FTLO_above-fold&tk_flint=pbjs_lite_v7.34.0&x_source.tid=5d74dc23-d22e-4820-ac8f-8f5b325e5958&l_pb_bid_id=6462b14eaacce39&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8015588682131864

Domain: hb.yellowblue.io
URL: https://hb.yellowblue.io/hb-multi

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/exchange/prebid?pbav=7.34.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-TLO_sticky%22%2C%22callback_id%22%3A%2271782ef89d967d2%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B240%2C240%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222972763301844296462%22%2C%22gpid%22%3A%22%2F356742356%2FTLO_sticky%22%2C%22tid%22%3A%22a935a882-bf65-474c-a935-a2e00f5604a6%22%2C%22auctionId%22%3A%225b6f405d-7b28-4ebb-a5cb-b552c7988246%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-TLO_Left_Sticky%22%2C%22callback_id%22%3A%22722abf9d0180fb3%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222972763301844296462%22%2C%22gpid%22%3A%22%2F356742356%2FTLO_Left_Sticky%22%2C%22tid%22%3A%2233be0f8b-2ee0-45cc-bf94-eefb6087365f%22%2C%22auctionId%22%3A%225b6f405d-7b28-4ebb-a5cb-b552c7988246%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-TLO_top%22%2C%22callback_id%22%3A%2273ab628bf3e78e5%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222972763301844296462%22%2C%22gpid%22%3A%22%2F356742356%2FTLO_top%22%2C%22tid%22%3A%22657da2e6-2198-4f45-9364-95c798249fce%22%2C%22auctionId%22%3A%225b6f405d-7b28-4ebb-a5cb-b552c7988246%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-TLO_above-fold%22%2C%22callback_id%22%3A%2274be79b07f49cc9%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222972763301844296462%22%2C%22gpid%22%3A%22%2F356742356%2FTLO_above-fold%22%2C%22tid%22%3A%225d74dc23-d22e-4820-ac8f-8f5b325e5958%22%2C%22auctionId%22%3A%225b6f405d-7b28-4ebb-a5cb-b552c7988246%22%7D%5D&page_url=https%3A%2F%2Fwww.thelayoff.com%2F&bust=1680003591223&dnt=false&description=Layoffs%20Discussion%2C%20News%20and%20Rumors.%20Ask%2C%20answer%2C%20speculate%20on%20layoffs%20in%20your%20company...&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pr=&scrd=1&title=TheLayoff.com%20-%20Layoffs%20Discussion%20Board&w=1600&h=1200&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc97020%22%2C%22hp%22%3A1%7D%5D%7D

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thelayoff.com/	1970-01-20 19:25:39	Name: _sid Value: 8cae893a-87b5-44fd-ab51-93fa2361f3ba
.thelayoff.com/	1970-01-20 20:08:51	Name: usprivacy Value: 1---
.thelayoff.com/	1970-01-20 20:16:03	Name: _ga_ZBM3HKNL26 Value: GS1.1.1680003586.1.0.1680003586.0.0.0
.thelayoff.com/	1970-01-20 12:49:39	Name: _fbp Value: fb.1.1680003586398.815551985
.thelayoff.com/	1970-01-20 20:16:03	Name: _ga Value: GA1.2.1783166070.1680003586
.thelayoff.com/	1970-01-20 10:41:29	Name: _gid Value: GA1.2.2120948630.1680003586
.thelayoff.com/	1970-01-20 10:40:03	Name: _gat_UA-10256470-8 Value: 1
www.thelayoff.com/	1970-01-20 10:40:05	Name: bydataSessionId Value: _fth1li2r8
.thelayoff.com/	1970-01-20 20:08:51	Name: _awl Value: 2.1680003587.5-0f59794c04365af2be50cbbb69feedca-6763652d6575726f70652d7765737431-0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ads.yieldmo.com
ambiguousafternoon.com
ap.lijit.com
assets.thelayoff.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
clients1.google.com
connect.facebook.net
cse.google.com
d2yxxa3y12yhno.cloudfront.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
grid.bidswitch.net
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
mp.4dex.io
pagead2.googlesyndication.com
pbjs-stream.bydata.com
prebid.a-mo.net
prg.smartadserver.com
region1.google-analytics.com
s3.us-east-2.amazonaws.com
script.4dex.io
securepubads.g.doubleclick.net
shb.richaudience.com
static.adsafeprotected.com
stupendoussnow.com
tlx.3lift.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagmanager.com
www.thelayoff.com
ads.yieldmo.com
btlr.sharethrough.com
fastlane.rubiconproject.com
hb.yellowblue.io
prg.smartadserver.com
tlx.3lift.com
104.18.24.185
108.138.4.150
13.224.192.181
147.75.85.234
157.90.0.13
18.224.11.108
185.64.189.112
185.89.211.132
2001:4860:4802:34::36
216.52.2.86
2600:1901:0:6072::1
2600:1901:0:7ec2::1
2600:9000:223f:8e00:8:48e:53c0:93a1
2600:9000:225e:1200:f:e7d4:f900:21
2606:4700:10::6814:853b
2606:4700:20::681a:8a9
2606:4700::6812:372
2a00:1450:4001:806::200e
2a00:1450:4001:806::2013
2a00:1450:4001:808::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.67.237.149
34.95.69.49
52.219.176.225
52.28.203.152
52.59.26.48
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
102d07d7fea616ff5f5f1da4bddddba4e33609c152f6a0bdaa5878cbc8c78774
1b957f9dae3447f060741a85a4dac51025280e56a67fbe369da265f0a76cca96
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d9cfda1fced39a86493ccae693c451b5b237f83fd13e288b0237a781e0a81c3
1eda6c97ba48fd92690279c2be84a46b38f79689fab31fe87ef961143de52e45
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c08137c1291bb4e23487395be16429412579423e07f9d7842098bb3d5635b6
2b0789c3ab7df1f2580e95bb47eb5bb6dc19b4fc5a91b1f1ae1d9484dab534a9
2be8af2e340e1b5c9b3df08aadc66054c96591e99ec95f3859e2fac7270102b5
31bb60f7af0673543675c4ba50f24b1b7da381977121865becf7196f761bf017
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
3eacdc3dd9420b91eaea21a4597c13a83c7061a8113678ca94c1896d461c851f
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4377f224cebb14fe75639d89cc94f3f3fdda44faf1a0ffe6772a1c1d72162d0c
45028bd4402e14b7e2f440a34258479e649561cf7dc0fb929800b1433cf8285a
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4a18184729565480a99a084e9f8cdefd4d12a1e6c5f451b5cc6f2d911ae0d492
4b0559df9959b25f352d936b30c802cd0c58abe8b71cd7374c50ba9df966206d
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
616c32954e12dab28ce0d98eda9ea77bb837942bcf849f2e6e57520adeef9b1c
6cbf2b9a48659b1d701af14c4c3f718fe4fc87d8c911aa26ddffad5962fdab25
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e85a5daed1f9d2630c788cd3c2388a483e44689a394e38c019c3ac0488e87e
76693112e0fd3dea410d59ab157e3fc449c7d6dadeeae46cb6dba4cf0f716706
794b2d4a93dae1de1b71a642fc1e18fed5293efaa1d9d4ec9515af20b25c2f09
7a947d9eabd980b3c00fc07e7fcb5a72972e80fadf6487792f015aeaf175b262
7efa499d1fe951efe07e644f2db1f727f85c63a0dd080721d6f79799f7fb97cf
8260d9a569f2833d83edc903d192b730e0d59c8333d552232870bb875f2893ea
8421e2052dea02654e8ddc0148ac7ffad47e88037cac9d1a836a974cb8c0e0c6
90785254dc8088d3b09663775de904e700a20bf5ac50b35aab74ef9574cb6275
985d8e906833f0713e03d4b058115001de92b95b7acda04a459040cbf8ef71f7
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9f5fdae68ab2de19cc3f3a3424646fd57429a7ce6f94085dbd20841fa8370630
9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458
a9800bdcfee680a224931e132e95552d4e5d70f9f147ced4af8a9c8bc52c80c9
af8d929017f5b3571814af7930bec36e85965e53277ea0eaefc03a94b57ab92e
b2e2b2c8780a2650914596035bf57fccd94323725a2c2f0095063053d29b2d21
b9adeda74f7bd29cd0c8712133d282a464a7d4ef3706c687930ab6af44d4318a
bf66e742ac8303505c9d4bf89edf562b05ed2f1c10a216e3bbd55f89b0caf85c
c156c5215682c621940dc2bbe6d201e8474b1096f15acd98f5a0d5fe0394b2cd
c58180a4df34118766484ecca8d8a2934a39475984124c2a51e166ebf92cda67
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca69aa6aad1bd0295cdaba86a04bd09de7b89e306adf4a148a88d497b5dfc596
d4161e5df54ef784e81549d97fefac48813df78d9101570cc083a39866898f5c
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
da407a15b1ea0c1b4bb774bd77bb608d6b1c90397b5a75b8895bbccfda5feb63
dbae9c59926a5f183364c7f108a5fc67766489d0f7f212f65d50c11df171939d
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e358686b51ebe996e38cad0a4b580fc1af5ac5eebfa4c786865188e3e8c5b81a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea67308de589fb8c3e166dbc80322632848fa878f3508c7527fcf02ed90adc76
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
f12236a20439c7cb8be96c2337a420abb7da918e859325ff4d8508618bae2b20
fa894f97a67ad9377a6b00ebd0e074a77abca7b95e148a0de5d3955202932fed

www.thelayoff.com Open in urlscan Pro 2606:4700:10::6814:853b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

84 %HTTPS

60 %IPv6

33 Domains

41 Subdomains

36 IPs

2 Countries

1591 kBTransfer

5061 kBSize

9 Cookies

1 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thelayoff.com Open in urlscan Pro
2606:4700:10::6814:853b Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

84 %
HTTPS

60 %
IPv6

33
Domains

41
Subdomains

36
IPs

2
Countries

1591 kB
Transfer

5061 kB
Size

9
Cookies

90 HTTP transactions
1 data transactions