urlscan.io logo urlscan.io
SecurityTrails logo

www.thelayoff.com Open in urlscan Pro
2606:4700:10::6814:843b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thelayoff.com/
Effective URL: https://www.thelayoff.com/
Submission: On November 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 7 countries across 30 domains to perform 109 HTTP transactions. The main IP is 2606:4700:10::6814:843b, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.thelayoff.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 10th 2019. Valid for: a year.
This is the only time www.thelayoff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 35.236.211.40 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
3 13.225.86.250 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 185.33.223.80 29990 (ASN-APPNEXUS)
1 216.52.2.48 29791 (VOXEL-DOT...)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 104.16.68.69 13335 (CLOUDFLAR...)
4 69.173.144.142 26667 (RUBICONPR...)
1 2.18.234.21 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 172.217.16.130 15169 (GOOGLE)
1 2 52.94.220.16 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 1 85.114.159.93 24961 (MYLOC-AS)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 85.114.159.67 24961 (MYLOC-AS)
1 85.114.159.66 24961 (MYLOC-AS)
1 185.80.38.195 27381 (CASALE-MEDIA)
5 37.157.4.24 198622 (ADFORM)
6 2a00:1450:400... 15169 (GOOGLE)
2 37.157.5.72 198622 (ADFORM)
2 2a01:4f8:120:... 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.21.230 15169 (GOOGLE)
3 2.18.233.180 16625 (AKAMAI-AS)
1 85.10.200.83 24940 (HETZNER-AS)
1 104.20.45.164 13335 (CLOUDFLAR...)
2 3 152.199.22.2 15133 (EDGECAST)
2 2 152.199.22.24 15133 (EDGECAST)
1 152.199.22.12 15133 (EDGECAST)
8 2600:1901:0:9... 15169 (GOOGLE)
2 151.101.113.108 54113 (FASTLY)
1 104.109.78.125 20940 (AKAMAI-ASN1)
109 45
7    2606:4700:10::6814:843b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
thelayoff.com
www.thelayoff.com
1    2600:9000:2156:da00:f:e7d4:f900:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d2yxxa3y12yhno.cloudfront.net
2    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    35.236.211.40 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 40.211.236.35.bc.googleusercontent.com
i.clean.gg
1    2600:9000:20eb:b800:6:266a:9940:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
dw7nrwnn2bkh1.cloudfront.net
3    13.225.86.250 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-86-250.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
6    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    185.33.223.80 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)
ap.lijit.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
hbopenbid.pubmatic.com
2    104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmx.districtm.io
cdn.districtm.io
4    69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
1    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cse.google.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googleapis.com
7    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
7    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
4    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
pagead2.googlesyndication.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
6    172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
2    52.94.220.16 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax-eu.amazon-adsystem.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
clients1.google.com
3    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
simage2.pubmatic.com
1    85.114.159.67 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: dspcluster.adfarm1.adition.com
dspcluster.adfarm1.adition.com
1    85.114.159.66 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: dsp.active-agent.com
dsp.active-agent.com
1    185.80.38.195 (Netherlands)

ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA)
a3226.casalemedia.com
5    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
6    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
2    37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2a01:4f8:120:53ef::2 (Heidelberg, Germany)

ASN24940 (HETZNER-AS, DE)
c.t4ft.de
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
1    172.217.21.230 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f6.1e100.net
ad.doubleclick.net
3    2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
aktrack.pubmatic.com
1    85.10.200.83 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.85-10-200-83.clients.your-server.de
t4ft.de
1    104.20.45.164 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.adform.com
3    152.199.22.2 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
adserverams.adtech.de
2    152.199.22.24 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
adserver-eu.adtech.advertising.com
1    152.199.22.12 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
aka-cdn.adtech.de
8    2600:1901:0:94b6:: (United States)

ASN15169 (GOOGLE - Google LLC, US)
rk-gea-prod.firebaseio.com
s-usc1c-nss-212.firebaseio.com
2    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
acdn.adnxs.com
1    104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
Apex Domain
Subdomains		 Transfer
11 google.com
cse.google.com
www.google.com
adservice.google.com
clients1.google.com
160 KB
8 firebaseio.com
rk-gea-prod.firebaseio.com
s-usc1c-nss-212.firebaseio.com
3 KB
8 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
98 KB
7 adform.net
track.adform.net
s1.adform.net
44 KB
7 googletagservices.com
www.googletagservices.com
142 KB
7 thelayoff.com
thelayoff.com
www.thelayoff.com
498 KB
6 ampproject.org
cdn.ampproject.org
155 KB
6 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
3 KB
6 gstatic.com
fonts.gstatic.com
65 KB
5 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
9 KB
5 pubmatic.com
hbopenbid.pubmatic.com
simage2.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
4 KB
5 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
30 KB
4 adtech.de
adserverams.adtech.de
aka-cdn.adtech.de
16 KB
4 adnxs.com
ib.adnxs.com
acdn.adnxs.com
3 KB
4 googleapis.com
fonts.googleapis.com
www.googleapis.com
3 KB
3 t4ft.de
c.t4ft.de
t4ft.de
17 KB
2 advertising.com
adserver-eu.adtech.advertising.com
1 KB
2 adition.com
dsp.adfarm1.adition.com
dspcluster.adfarm1.adition.com
3 KB
2 facebook.com
www.facebook.com
405 B
2 facebook.net
connect.facebook.net
101 KB
2 google-analytics.com
www.google-analytics.com
18 KB
2 casalemedia.com
as-sec.casalemedia.com
a3226.casalemedia.com
2 KB
2 districtm.io
dmx.districtm.io
cdn.districtm.io
432 B
2 cloudfront.net
d2yxxa3y12yhno.cloudfront.net
dw7nrwnn2bkh1.cloudfront.net
32 KB
1 adform.com
www.adform.com
2 KB
1 active-agent.com
dsp.active-agent.com
256 B
1 google.de
adservice.google.de
171 B
1 lijit.com
ap.lijit.com
617 B
1 googletagmanager.com
www.googletagmanager.com
20 KB
1 clean.gg
i.clean.gg
366 B
109 30
Domain Requested by
7 s-usc1c-nss-212.firebaseio.com d2yxxa3y12yhno.cloudfront.net
www.thelayoff.com
7 www.google.com 1 redirects d2yxxa3y12yhno.cloudfront.net
www.google.com
www.thelayoff.com
7 www.googletagservices.com d2yxxa3y12yhno.cloudfront.net
www.thelayoff.com
6 cdn.ampproject.org d2yxxa3y12yhno.cloudfront.net
www.thelayoff.com
6 securepubads.g.doubleclick.net d2yxxa3y12yhno.cloudfront.net
securepubads.g.doubleclick.net
www.thelayoff.com
6 fonts.gstatic.com www.thelayoff.com
6 www.thelayoff.com www.thelayoff.com
5 track.adform.net www.thelayoff.com
s1.adform.net
4 fastlane.rubiconproject.com www.thelayoff.com
3 adserverams.adtech.de 2 redirects www.thelayoff.com
3 pagead2.googlesyndication.com www.thelayoff.com
3 tpc.googlesyndication.com d2yxxa3y12yhno.cloudfront.net
www.thelayoff.com
3 c.amazon-adsystem.com d2yxxa3y12yhno.cloudfront.net
c.amazon-adsystem.com
2 acdn.adnxs.com d2yxxa3y12yhno.cloudfront.net
2 adserver-eu.adtech.advertising.com 2 redirects
2 ads.pubmatic.com www.thelayoff.com
d2yxxa3y12yhno.cloudfront.net
2 c.t4ft.de www.thelayoff.com
2 s1.adform.net www.thelayoff.com
2 www.facebook.com www.thelayoff.com
2 aax-eu.amazon-adsystem.com 1 redirects d2yxxa3y12yhno.cloudfront.net
2 www.googleapis.com www.thelayoff.com
2 connect.facebook.net d2yxxa3y12yhno.cloudfront.net
2 www.google-analytics.com d2yxxa3y12yhno.cloudfront.net
www.google-analytics.com
2 cse.google.com d2yxxa3y12yhno.cloudfront.net
2 ib.adnxs.com www.thelayoff.com
2 fonts.googleapis.com www.thelayoff.com
1 eus.rubiconproject.com d2yxxa3y12yhno.cloudfront.net
1 cdn.districtm.io d2yxxa3y12yhno.cloudfront.net
1 rk-gea-prod.firebaseio.com www.thelayoff.com
1 aka-cdn.adtech.de www.thelayoff.com
1 www.adform.com www.thelayoff.com
1 t4ft.de www.thelayoff.com
1 aktrack.pubmatic.com www.thelayoff.com
1 ad.doubleclick.net www.thelayoff.com
1 googleads.g.doubleclick.net www.thelayoff.com
1 a3226.casalemedia.com www.thelayoff.com
1 dsp.active-agent.com www.thelayoff.com
1 dspcluster.adfarm1.adition.com www.thelayoff.com
1 simage2.pubmatic.com www.thelayoff.com
1 dsp.adfarm1.adition.com 1 redirects
1 clients1.google.com www.thelayoff.com
1 adservice.google.com d2yxxa3y12yhno.cloudfront.net
1 adservice.google.de d2yxxa3y12yhno.cloudfront.net
1 as-sec.casalemedia.com www.thelayoff.com
1 dmx.districtm.io www.thelayoff.com
1 hbopenbid.pubmatic.com www.thelayoff.com
1 ap.lijit.com www.thelayoff.com
1 www.googletagmanager.com d2yxxa3y12yhno.cloudfront.net
1 dw7nrwnn2bkh1.cloudfront.net www.thelayoff.com
1 i.clean.gg 1 redirects
1 d2yxxa3y12yhno.cloudfront.net www.thelayoff.com
1 thelayoff.com 1 redirects
109 52

This site contains links to these domains. Also see Links.

Domain
accounts.google.com
Subject Issuer Validity Valid
thelayoff.com
CloudFlare Inc ECC CA-2		 2019-03-10 -
2020-03-10		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2019-10-07 -
2020-09-29		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2019-03-11 -
2020-05-10		 a year crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
districtm.io
CloudFlare Inc ECC CA-2		 2019-03-26 -
2020-03-26		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
www.google.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2019-09-18 -
2020-08-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G2		 2019-06-03 -
2021-06-03		 2 years crt.sh
*.active-agent.com
AlphaSSL CA - SHA256 - G2		 2018-10-09 -
2020-12-14		 2 years crt.sh
*.casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2016-12-13 -
2019-12-13		 3 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
misc-sni.google.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
c.t4ft.de
Let's Encrypt Authority X3		 2019-10-28 -
2020-01-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
t4ft.de
Let's Encrypt Authority X3		 2019-10-28 -
2020-01-26		 3 months crt.sh
adform.com
DigiCert SHA2 Extended Validation Server CA		 2019-05-07 -
2020-06-24		 a year crt.sh
*.adtech.de
GeoTrust RSA CA 2018		 2019-08-07 -
2021-08-07		 2 years crt.sh
aka-cdn.adtech.de
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-04-27		 3 years crt.sh
firebaseio.com
GTS CA 1O1		 2019-03-13 -
2020-03-11		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-16 -
2020-05-16		 a year crt.sh

This page contains 17 frames:

Primary Page: https://www.thelayoff.com/
Frame ID: 2528FF9448100860A72D1480563F32C2
Requests: 59 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_oath_r1u_dm_pm_dmx&dcc=t
Frame ID: E9D0F84FC82E8D9B2B41351DA964C655
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIGJfr51Xl54vQCzwXfQbI3BUfhb6P6KMOdywBYO90MtT81slQm0JUFqzOeiSRLTCvPmOPnw-6OvImwP69uITnyRQXp9ffsxEhaDRebVNcj_l3sRFWGDBMkHaL6K8rEZX5-9wCy2GXJfBOc-aUF8u7xHmP-4jDCGV-vcs74aJJGmzN6TyLpNtP2p5Uawe9Es9tkyG2aJW1sVMOhx505OwnSp5EvQ02l4IsWtQAKNqdm5A2Cf6YfDvQPMgl5jkOoKGffPaPwYNxWA&sai=AMfl-YRKutgYQ-6LM1oZsDgb54wKc8owweMnYDe3vyCFmCDBnWdBlHA0lrJTFbWNkDqyXKtwxXR2yWx8sMFLCfgE2vIPf5CZ4TLBF3Ys4Zn-Qg&sig=Cg0ArKJSzF0wRPT9Zyj2EAE&urlfix=1&adurl=
Frame ID: 4A68EBD091EE5343026308F39C51AA3D
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ_R1zxbIU5xJL-uDW_oEulfz-UnIAq_8RCDz1yI3IdwuqFVCzxMb_n3qAZa-uR-oEl0HbMoPI7bO1wIpO-vhE7mxoR4gOGdfASV5XlYQMriDnh6tX_-TpmIl4Cmgo3dvtwiv1J6n0yrbcnnIRBmmEoHNlaDW6_2KCeKA4UYRMQNbSDevbU5xIVE9B-gUxQul9zeAxEzmDYkldYHWXIZR8eSbN3LP5PPBi2cxMZO6h-dDpjFVv1qTgfu7zi2_F-4p_ICMzIA&sai=AMfl-YTGyaifVucQIDXN_-zGLde1LF_QU8ekKDSHLMIxS3IbT5SFCmC1w_Edm9aXYNvjCY-2HCdnEWMeg6AMq9chc4LQz34DcHuvGWcQok5CYg&sig=Cg0ArKJSzCRi24h6dMj4EAE&urlfix=1&adurl=
Frame ID: BB7A92A021CBAF0C38482A25715E4CAE
Requests: 14 HTTP requests in this frame

Frame: https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=1556F35&r=1C83D01F&t=5DC5F726&u=X3QtMko4cFBRZWdGWkJfejAxTVFXYnFt&m=34c1229780357dd9c81d73d15774ba1e&wp=2F&aid=8016F9864D0DB78F&tid=1584C&s=5DB29&cp=0.47&n=www.thelayoff.com&pr=xx&epr=3501788b61273ff
Frame ID: 6985E6F5653F99D12D7919A49CB90376
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js
Frame ID: 521CA8855EA1498A82EA373B9B70DFA0
Requests: 14 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N5249.3201872APEX/B23442722.259241582;dc_ver=55.153;dc_eid=40004000;sz=160x600;osdl=1;u_sd=1;dc_adk=636708789;ord=gaos3z;click=https%3A%2F%2Fdspcluster.adfarm1.adition.com%2Fredi%3Flid%3D6757078562815476846%26gdpr%3D0%26gdpr_consent%3D%26gdpr_pd%3D0%26userid%3D0%26sid%3D4394367%26kid%3D3382379%26bid%3D10588066%26c%3D23300%26keyword%3D%26bidid%3D6757078558521488781%26clickurl%3D;dc_rfl=1,https%3A%2F%2Fwww.thelayoff.com%2F$0;xdt=0;crlt=OUaOrwJrlF;osda=2;sttr=25;prcl=s
Frame ID: AC399B8F87D362BD4D4CE803FB6BF96B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 24F5AF838F600B3C6DE0981D8E8F6E99
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=158314&siteId=582108&adId=2167967&adType=10&adServerId=243&kefact=0.032298&kaxefact=0.032298&kadNetFrequecy=0&kadwidth=160&kadheight=600&kadsizeid=10&kltstamp=1573254950&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.032298&dcId=3&tldId=58537646&passback=0&svr=BID22432U&ekefact=JvfFXemDCACiFiBFLVe4ewtx18mLDU7pjhKwxYMkxAnLEXFJ&ekaxefact=JvfFXfuDCABH38zJ5AyDIDJ-OUpBftpsIOoShXy_8IBRw_HC&ekpbmtpfact=JvfFXQmECAB67qh6yiArZvY3cRlVM3bkv3Cfr5PiPZtegOwJ&enpp=JvfFXRiECABm3c_8J-OFr_z3-KQAjgr80mqYasfUpMeaMavK&crID=10588066&lpu=lenovo.com&ucrid=17685149595899459527&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3314&wDspId=1101&wbId=8&wrId=0&wAdvID=727566&isRTB=1&rtbId=86AEA6B8-922C-4AF2-AA82-85EBDC8DBE6E&imprId=4B919146-DC7D-4F3C-ABCE-CFCB6D6B6908&oid=4B919146-DC7D-4F3C-ABCE-CFCB6D6B6908&cntryId=58&domain=thelayoff.com&pageURL=https%3A%2F%2Fwww.thelayoff.com%2F&sec=1
Frame ID: DB20FB357B25470ACC12822C79DCB17A
Requests: 1 HTTP requests in this frame

Frame: https://c.t4ft.de/s/xbf.html
Frame ID: 46500453E264BBC5412EBC2CB411AF99
Requests: 1 HTTP requests in this frame

Frame: https://rk-gea-prod.firebaseio.com/.lp?start=t&ser=37608607&cb=1&v=5
Frame ID: 47BAC37D56CFBC079E5BA0FC57A31DAD
Requests: 7 HTTP requests in this frame

Frame: https://s-usc1c-nss-212.firebaseio.com/.lp?dframe=t&id=483686&pw=xjO1KVfjFD&ns=rk-gea-prod
Frame ID: DED5D9A86F043D4E698D879E8DB770E3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 981A1C1BEAF18DB952FF16FD5CDBA55B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: A9B1A2E36B33C5AD42D4444EF343F580
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3726759F139559F645D8CBDE3FD8E09B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 15E11BD25AC9DEF852EB4D030309BCCF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: B7160DF3AFB24AD949C15E99A8625C79
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://thelayoff.com/ HTTP 301
    https://www.thelayoff.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

109
Requests

100 %
HTTPS

45 %
IPv6

30
Domains

52
Subdomains

45
IPs

7
Countries

1427 kB
Transfer

4126 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thelayoff.com/ HTTP 301
    https://www.thelayoff.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://i.clean.gg/1a HTTP 302
  • https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Request Chain 44
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_oath_r1u_dm_pm_dmx HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_oath_r1u_dm_pm_dmx&dcc=t
Request Chain 55
  • https://dsp.adfarm1.adition.com/cookie/?userid=&ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6757078562819405968
Request Chain 82
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 95
  • https://adserverams.adtech.de/addyn/3.0/1727/6676618/0/225/ADTECH;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff.com;sub2=1538;sub3=https%253a%252f%252fwww.thelayoff.com%252f;sub4=;kvdvar1=thelayoff.coma;kvdvar2=1538a;kvdvar3=https%253a%252f%252fwww.thelayoff.com%252fa;kvdvar4=a;kvdref=a;kvdhref=https%3A%2F%2Fwww.thelayoff.com%2Fa;;kvnfi=eyJyZXN1bHQiOmZhbHNlfQ==;kvins=eyJyZXN1bHQiOmZhbHNlfQ==;kvlgt=a;key=546768211129381623;rdclick= HTTP 302
  • https://adserverams.adtech.de/addyn/3.0/1727/6676618/0/225/ADTECH;cfp=1;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff.com;sub2=1538;sub3=https%253a%252f%252fwww.thelayoff.com%252f;sub4=;kvdvar1=thelayoff.coma;kvdvar2=1538a;kvdvar3=https%253a%252f%252fwww.thelayoff.com%252fa;kvdvar4=a;kvdref=a;kvdhref=https%3A%2F%2Fwww.thelayoff.com%2Fa;kvnfi=eyJyZXN1bHQiOmZhbHNlfQ==;kvins=eyJyZXN1bHQiOmZhbHNlfQ==;kvlgt=a;key=546768211129381623;rdclick= HTTP 302
  • https://adserver-eu.adtech.advertising.com/addyn/3.0/1727/6676618/0/225/ADTECH;rdhost=adserverams.adtech.de;cfp=1;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff.com;sub2=1538;sub3=https%253a%252f%252fwww.thelayoff.com%252f;sub4=;kvdvar1=thelayoff.coma;kvdvar2=1538a;kvdvar3=https%253a%252f%252fwww.thelayoff.com%252fa;kvdvar4=a;kvdref=a;kvdhref=https%3A%2F%2Fwww.thelayoff.com%2Fa;kvnfi=eyJyZXN1bHQiOmZhbHNlfQ==;kvins=eyJyZXN1bHQiOmZhbHNlfQ==;kvlgt=a;key=546768211129381623;rdclick= HTTP 302
  • https://adserver-eu.adtech.advertising.com/addyn/3.0/1727/6676618/0/225/ADTECH;rdhost=adserverams.adtech.de;cfp=2;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff.com;sub2=1538;sub3=https%253a%252f%252fwww.thelayoff.com%252f;sub4=;kvdvar1=thelayoff.coma;kvdvar2=1538a;kvdvar3=https%253a%252f%252fwww.thelayoff.com%252fa;kvdvar4=a;kvdref=a;kvdhref=https%3A%2F%2Fwww.thelayoff.com%2Fa;kvnfi=eyJyZXN1bHQiOmZhbHNlfQ==;kvins=eyJyZXN1bHQiOmZhbHNlfQ==;kvlgt=a;key=546768211129381623;rdclick= HTTP 302
  • https://adserverams.adtech.de/addyn/3.0/1727/6676618/0/225/ADTECH;apid=1Ab5200bae-027d-11ea-9707-026865e42056;cfp=1;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff.com;sub2=1538;sub3=https%253a%252f%252fwww.thelayoff.com%252f;sub4=;kvdvar1=thelayoff.coma;kvdvar2=1538a;kvdvar3=https%253a%252f%252fwww.thelayoff.com%252fa;kvdvar4=a;kvdref=a;kvdhref=https%3A%2F%2Fwww.thelayoff.com%2Fa;kvnfi=eyJyZXN1bHQiOmZhbHNlfQ==;kvins=eyJyZXN1bHQiOmZhbHNlfQ==;kvlgt=a;key=546768211129381623;rdclick=

109 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thelayoff.com/
Redirect Chain
  • http://thelayoff.com/
  • https://www.thelayoff.com/
38 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:843b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f2486edc79d23ab2aea40e04af0ca4d39533b736fc195300d9d65f43ecf51e2

Request headers

:method
GET
:authority
www.thelayoff.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status
200
date
Fri, 08 Nov 2019 23:15:50 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d65185eeb49b4de41a345014b6e8f16531573254949; expires=Sat, 07-Nov-20 23:15:49 GMT; path=/; domain=.thelayoff.com; HttpOnly; Secure _sid=735a4533-ceb7-40c2-86c5-f9879604ceff;Path=/;Expires=Sat, 07 Nov 2020 23:15:50 GMT;HttpOnly
cache-control
no-cache
x-cloud-trace-context
878e10e98ca6d5c53d99a95cf2b6f646
vary
Accept-Encoding
expires
Fri, 08 Nov 2019 23:15:50 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
532b404d6ba6cbb4-VIE
content-encoding
gzip

Redirect headers

Date
Fri, 08 Nov 2019 23:15:49 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 09 Nov 2019 00:15:49 GMT
Location
https://www.thelayoff.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
532b404cd933cb9c-VIE
script.js
d2yxxa3y12yhno.cloudfront.net/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2yxxa3y12yhno.cloudfront.net/script.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:da00:f:e7d4:f900:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d65decba94fc640ec41d79a16daa61281bbdfa8311ff95c0395435b8507f16ac

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 07:41:06 GMT
content-encoding
gzip
last-modified
Wed, 09 Oct 2019 11:37:29 GMT
server
AmazonS3
age
56085
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
dRSiJm9UbBzG8Pg8Q8BJYeK3wjl5R6nvDOsDJ1cgeMGRFdZd-m07lw==
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic%7COpen+Sans:400,400italic,700,700italic%7CAnonymous+Pro:400,700
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
20de509ebd7adb9f968f897b985800c3989e7d46741ccbc4771957d35d6f94e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 08 Nov 2019 23:15:50 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 08 Nov 2019 23:15:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:50 GMT
prebid.js
www.thelayoff.com/ 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thelayoff.com/prebid.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:843b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7bfa7b3cbb54b639cd038a8779a47e7dedf4937d36f8b35797ccc6194a766fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
290
etag
"wI9szA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
x-cloud-trace-context
edd1962224fe449e648054ad6117f7dd;o=1
cache-control
public, max-age=432000
cf-ray
532b40501ae3cbb4-VIE
expires
Fri, 08 Nov 2019 23:21:00 GMT
app-9fdede37ab.css
www.thelayoff.com/assets/TLO/app/css/ 		126 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thelayoff.com/assets/TLO/app/css/app-9fdede37ab.css
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:843b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b309669c41ca2fdd08e2a933c092dfc5c05de08aa443b8297ab5d44b72e8e594

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
cf-cache-status
HIT
age
290
cf-polished
origSize=129092
status
200
cf-bgj
minify
server
cloudflare
etag
W/"wI9szA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-cloud-trace-context
edd1962224fe449e648054ad6117f7dd;o=1
cache-control
public, max-age=432000
cf-ray
532b40501ae1cbb4-VIE
expires
Fri, 08 Nov 2019 23:21:00 GMT
logo50.png
www.thelayoff.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thelayoff.com/images/logo50.png
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:843b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b957f9dae3447f060741a85a4dac51025280e56a67fbe369da265f0a76cca96

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
cf-cache-status
HIT
server
cloudflare
age
290
etag
"wI9szA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
x-cloud-trace-context
edd1962224fe449e648054ad6117f7dd;o=1
cache-control
public, max-age=432000
cf-ray
532b40501ae8cbb4-VIE
expires
Fri, 08 Nov 2019 23:21:00 GMT
app-ef86c89ae4.js
www.thelayoff.com/assets/TLO/app/js/ 		1 MB
379 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thelayoff.com/assets/TLO/app/js/app-ef86c89ae4.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:843b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eccc6b2085060a99d4aa885a2621db68750a2e2bc045e90e5409cb5f168b44e0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
cf-cache-status
HIT
age
289
status
200
content-length
387459
server
cloudflare
etag
"wI9szA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-cloud-trace-context
652a368aced58f09841132e5985bc594
cache-control
public, max-age=432000
accept-ranges
bytes
cf-ray
532b40503b3ecbb4-VIE
expires
Fri, 08 Nov 2019 23:19:08 GMT
958153f1b8b96ec4c4eb2147429105d9.json
dw7nrwnn2bkh1.cloudfront.net/
Redirect Chain
  • https://i.clean.gg/1a
  • https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:b800:6:266a:9940:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a540f6076c4f976eb9c9192ed544e8985b2d6069439823bcbc65ff51bb9f213

Request headers

Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 07:02:10 GMT
via
1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
58422
x-cache
Hit from cloudfront
status
200
content-length
1484
last-modified
Fri, 08 Nov 2019 07:01:58 GMT
server
AmazonS3
etag
"2c091833cc8030391eda0426f6aba543"
access-control-max-age
600
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
Kv2A-2l7uakbdQ8Ag1VrAfEs8WCmf73zLOIANp56xJxT_7zql1Qecw==

Redirect headers

date
Fri, 08 Nov 2019 23:15:50 GMT
server
nginx/1.15.10
status
302
location
https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-headers
Content-Type, Origin, Accept, Referer, Cache-Control, Content-Length, Accept-Language, User-Agent, Pragma, Accept-Encoding, x-api-key
content-length
0
apstag.js
c.amazon-adsystem.com/aax2/ 		88 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1d578dc3367ffc480f6c230a912f72e3906d4438b5daaf1c319fd3b7a006cd3d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 07 Nov 2019 19:42:21 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
FRA2-C2
etag
4802c581ddff8a15b3e0b68c83bbce7b
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
sKLjRprvjADiel8mGmTyQ3CZUjep5eJ8H4buynaJoQ1HbUsBareRLg==
via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
gtm.js
www.googletagmanager.com/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3VN9S
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd1cfb37ac3249212f6195de1f30b804f2a32f611adebab6be0fb27dfa2a7c2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
br
last-modified
Fri, 08 Nov 2019 21:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20738
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:50 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic%7COpen+Sans:400,400italic,700,700italic%7CAnonymous+Pro:400,700
Origin
https://www.thelayoff.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 10:18:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
737867
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9132
x-xss-protection
0
expires
Fri, 30 Oct 2020 10:18:03 GMT
glyphicons-halflings-regular.woff2
www.thelayoff.com/assets/TLO/app/fonts/bootstrap/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thelayoff.com/assets/TLO/app/fonts/bootstrap/glyphicons-halflings-regular.woff2
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:843b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/assets/TLO/app/css/app-9fdede37ab.css
Origin
https://www.thelayoff.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
cf-cache-status
HIT
server
cloudflare
age
289
etag
"wI9szA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
status
200
x-cloud-trace-context
efe1e8b92b9cfbd6aa4633b1350a1d66
cache-control
public, max-age=432000
cf-ray
532b40507bffcbb4-VIE
expires
Fri, 08 Nov 2019 23:21:01 GMT
prebid
ib.adnxs.com/ut/v3/ 		491 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
de02fac84d530afd17d8e1a9da2a12e28ab82419a6ee226edab11be93b59e836
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 08 Nov 2019 23:15:52 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.9:80
AN-X-Request-Uuid
0a25adcb-7347-48db-8b40-566fc3716828
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thelayoff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
491
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		469 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
fa688be227144e44f5480026666142175a319eccca2648931a0280af7c458afc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 08 Nov 2019 23:15:52 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid
6d0e0a12-6769-4469-9107-d8d8ee2258e8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thelayoff.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
469
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.28.0-pre
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
164db90c8f7a0e67edcfdc82b371cc72227b82f5c6f060cab97768bb0485c045

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 08 Nov 2019 23:15:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.thelayoff.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
translator
hbopenbid.pubmatic.com/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
b65d866a0dfd8d7a8c9ccea786307322f2972ed58d1cd6348f1956e66eddced5

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
x-openrtb-version
2.3
status
200
content-type
application/json
access-control-allow-origin
https://www.thelayoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
dmx.districtm.io/b/ 		0
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
status
204
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, POST
access-control-allow-origin
https://www.thelayoff.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
532b4050dd90d70d-FRA
access-control-allow-headers
origin, content-type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20964&site_id=263354&zone_id=1302244&size_id=9&alt_size_ids=8%2C10&p_pos=unknown&rf=https%3A%2F%2Fwww.thelayoff.com%2F&tk_flint=pbjs_lite_v2.28.0-pre&x_source.tid=243128b3-8930-4df0-91df-34c4d285ea4e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9073793458216175
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
12fb8a53f5cb35f3e7db070e39adca8c159853b6276a25aca8bf81882121a384

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 08 Nov 2019 23:15:50 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.thelayoff.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=435
Content-Length
1431
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20964&site_id=263354&zone_id=1302250&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.thelayoff.com%2F&tk_flint=pbjs_lite_v2.28.0-pre&x_source.tid=0eda2587-764f-43c5-b942-243217ca5cfc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.10842244406099866
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
63fd73b4220c0b3a833f46e2038069e23534235241d437c5c9d4e09739aff43f

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 08 Nov 2019 23:15:50 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.thelayoff.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=244
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20964&site_id=263354&zone_id=1302256&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.thelayoff.com%2F&tk_flint=pbjs_lite_v2.28.0-pre&x_source.tid=42ccc267-10ad-4d0b-bb1e-b5df87206802&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.30892251535813275
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
ff299be4e662770c307b3510671a652142a04a10694288a394dc47f78514aaad

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 08 Nov 2019 23:15:50 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.thelayoff.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=231
Content-Length
1409
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20964&site_id=263354&zone_id=1302284&size_id=2&alt_size_ids=16&p_pos=unknown&rf=https%3A%2F%2Fwww.thelayoff.com%2F&tk_flint=pbjs_lite_v2.28.0-pre&x_source.tid=d092678c-e05c-4c01-a222-ed5760cd74f1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8846845285417833
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
276d57cce436c92c9039575d6b75328a9b147c459c68e456beed940c5dd07d8a

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 08 Nov 2019 23:15:50 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.thelayoff.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=466
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
as-sec.casalemedia.com/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=383784&v=7.2&r=%7B%22id%22%3A%223501788b61273ff%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2236c973b211f7034%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22383784%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%223781d92493a4f3a%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22383784%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22id%22%3A%2238acabd3c802c27%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22383785%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2239bf74b1240ca1d%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22383787%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2240f23087c3dfd9d%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22383789%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%2241261a22d6bc655%22%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22383789%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thelayoff.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6c6a4017b9401c52650ff59cdb9f6e80a8496b4410cf10e8177c8c2433df14f9

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 08 Nov 2019 23:15:50 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.thelayoff.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
800
Expires
Fri, 08 Nov 2019 23:15:50 GMT
cse.js
cse.google.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=partner-pub-2815355632543185:7817595802
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
gws /
Resource Hash
d71d5a2d951cf57192ea6667506e0f8fafa1abc8f0a6d7a9666989f60083a439
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3486
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:50 GMT
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic%7COpen+Sans:400,400italic,700,700italic%7CAnonymous+Pro:400,700
Origin
https://www.thelayoff.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 30 Oct 2019 14:25:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:02 GMT
server
sffe
age
809402
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9728
x-xss-protection
0
expires
Thu, 29 Oct 2020 14:25:48 GMT
0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v14/0QIvMX1D_JOuMwr7I_FMl_E.woff2
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2a80dc3e72230cd009ad952ebac959905d921e509aebe911704557d0311da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic%7COpen+Sans:400,400italic,700,700italic%7CAnonymous+Pro:400,700
Origin
https://www.thelayoff.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 03:16:06 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:22 GMT
server
sffe
age
763184
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15608
x-xss-protection
0
expires
Fri, 30 Oct 2020 03:16:06 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		118 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.thelayoff.com%2F&pid=wR9oOvCbu3vaV&cb=0&ws=1600x1200&v=7.42.00&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-TLO_sticky%22%2C%22s%22%3A%5B%22300x600%22%2C%22240x240%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22356742356%2FTLO_sticky%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TLO_top%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22356742356%2FTLO_top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TLO_above-fold%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22356742356%2FTLO_above-fold%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TLO_bottom%22%2C%22s%22%3A%5B%22728x90%22%2C%22336x280%22%5D%2C%22sn%22%3A%22356742356%2FTLO_bottom%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TLO_1x1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22356742356%2FTLO_1x1%22%7D%5D&cfgv=0&pubid=c98d9ca3-74f6-411e-a97e-3e9fb7150426&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
Server /
Resource Hash
7a8d01999fc91d793021fcfc407a572d65868b944a430c944d71322f6c598b24

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
FRA2-C2
status
200
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.thelayoff.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
126
via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
x-amz-cf-id
ARJUkvlL1mRH09Teu8uiSeuzCbzd88JHgjoOhI-GAby8UoGXdSacHw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-86-250.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 13:47:39 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
25517
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Fri, 01 Nov 2019 13:46:13 GMT
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
xG1CRB2Ca5ESxK2aHNHE5DBwgogZWKxYewuhgWzS6TIysx-Ma6ljCg==
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2533
date
Fri, 08 Nov 2019 22:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sat, 09 Nov 2019 00:33:37 GMT
fbevents.js
connect.facebook.net/en_US/ 		122 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
981be39924f4c8320f4daa8b8cdd7468455e46a30bd0cfef24ba5c74c2a6b12d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
27377
x-xss-protection
0
pragma
public
x-fb-debug
fYxMuiE2OuvsHNIXJPHY09LLrxnVwJXEjgqMpfu1Fg5uFZeLJeEijPqoLQyjX3Nt2Aw3jdvtOysrutAdN4YFOA==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Fri, 08 Nov 2019 23:15:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
signupNewUser
www.googleapis.com/identitytoolkit/v3/relyingparty/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=AIzaSyBNObR8JSiVATaUd_N_WQuq0xOf-7wNtds
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/app/js/app-ef86c89ae4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
071e19e6d6a9a326a94db31f11288d7745f6cd899e38e63686a52fca4d0677d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
X-Client-Version
Chrome/JsCore/5.5.0/FirebaseCore-web
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
946
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.thelayoff.com
access-control-expose-headers
date,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6d248d1bca62a13f7a5a6363736e10b4858dd4cc539aaf0018b40b036ac5757

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb44a5e28b65adaa17b5db1f931e4681ae8103a5f194b8c0704ecc5611a83bb3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lora:400,400italic,700,700italic%7COpen+Sans:400,400italic,700,700italic%7CAnonymous+Pro:400,700
Origin
https://www.thelayoff.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 30 Oct 2019 07:35:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
834012
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9080
x-xss-protection
0
expires
Thu, 29 Oct 2020 07:35:38 GMT
gpt.js
www.googletagservices.com/tag/js/ 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3c89aab95c5aaaa2396cfbb1c1640841884a106067ff593c21b4d7d6d258044a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"331 / 349 of 1000 / last-modified: 1573250786"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15679
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:50 GMT
cse_element__en.js
www.google.com/cse/static/element/b5752d27691147d6/ 		256 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/b5752d27691147d6/cse_element__en.js?usqp=CAI%3D
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f50798458e958d44022e68ed50eaf58ee47256a163f3022681fe1c899139d612
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 18:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Sep 2019 16:22:21 GMT
server
sffe
age
16465
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
86564
x-xss-protection
0
expires
Sat, 07 Nov 2020 18:41:25 GMT
default+en.css
www.google.com/cse/static/element/b5752d27691147d6/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/b5752d27691147d6/default+en.css
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 18:41:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Sep 2019 16:22:21 GMT
server
sffe
age
16465
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9042
x-xss-protection
0
expires
Sat, 07 Nov 2020 18:41:25 GMT
default.css
www.google.com/cse/static/style/look/v3/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v3/default.css
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8c5519ff6e93dfefc21c8b9c586ceef2060b2161e6be946d5b704341456ef053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 22:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 May 2019 14:00:00 GMT
server
sffe
age
1462
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2805
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:41:28 GMT
collect
www.google-analytics.com/j/ 		1 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j79&a=1643081881&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thelayoff.com%2F&ul=en-us&de=UTF-8&dt=TheLayoff.com%20-%20Layoffs%20Discussion%20Board&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAIABAAAAAC~&jid=1440388188&gjid=581179161&cid=570564621.1573254951&tid=UA-10256470-8&_gid=254406685.1573254951&_r=1&gtm=2wgav3M3VN9S&z=2014129289
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.thelayoff.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1810234349221521
connect.facebook.net/signals/config/ 		306 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1810234349221521?v=2.9.11&r=stable
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b9b3bafd0b42167e324c64a926c419a933f2a53af0cbd000fc3e490648cdc395
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
3f3/+Bwk/mpLSBjcF14GTO1Z8oWkyfniQul5BWayOyNwx4pdwavx8xD6NSqJjPdOFXhOhezqbYBVuqSqJyvoeQ==
x-fb-trip-id
365799557
x-frame-options
DENY
date
Fri, 08 Nov 2019 23:15:50 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.thelayoff.com
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		122 B
189 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thelayoff.com
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
3f7987d0367cacefd096628023a51c3630a605542c2843836db75d605ba20f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
119
x-xss-protection
0
pubads_impl_2019110401.js
securepubads.g.doubleclick.net/gpt/ 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
89db741bbe693e04001902f6651d3f47bcfd0b216bc35cd1896e33086f7c4ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Nov 2019 14:08:43 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
59437
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:50 GMT
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame E9D0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_oath_r1u_dm_pm_dmx
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_oath_r1u_dm_pm_dmx&dcc=t
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_oath_r1u_dm_pm_dmx&dcc=t
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.16 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.thelayoff.com/
Accept-Encoding
gzip, deflate, br
Cookie
ad-id=A1HRC7skQ0Apj7F6bdxW4kc|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

Server
Server
Date
Fri, 08 Nov 2019 23:15:51 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
197
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A1HRC7skQ0Apj7F6bdxW4kc; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 23:15:50 GMT; Path=/; HttpOnly ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 23:15:51 GMT; Path=/; HttpOnly
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Fri, 08 Nov 2019 23:15:50 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rbd_oath_r1u_dm_pm_dmx&dcc=t
Set-Cookie
ad-id=A1HRC7skQ0Apj7F6bdxW4kc|t; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2020 23:15:50 GMT; Path=/; HttpOnly
Vary
User-Agent
async-ads.js
cse.google.com/adsense/search/ 		163 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b3e7e06d88adc66b1e1b8ea4f09e7745fc9ecae778f0a7bacf8460102e4c7996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"12809746324115681374"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:50 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/b5752d27691147d6/cse_element__en.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.google.com/cse/static/style/look/v3/default.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 18:38:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 30 Nov 2017 13:30:00 GMT
server
sffe
age
707827
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1018
x-xss-protection
0
expires
Fri, 30 Oct 2020 18:38:43 GMT
googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ 		551 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/b5752d27691147d6/cse_element__en.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 02:48:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Jan 2017 21:30:00 GMT
server
sffe
age
678464
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
551
x-xss-protection
0
expires
Sat, 31 Oct 2020 02:48:06 GMT
googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ 		919 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/googlelogo_grey_46x15dp.png
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 21:23:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Dec 2016 15:00:00 GMT
server
sffe
age
611526
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
919
x-xss-protection
0
expires
Sat, 31 Oct 2020 21:23:44 GMT
generate_204
clients1.google.com/ 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status
204
date
Fri, 08 Nov 2019 23:15:50 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		89 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2184706580188492&correlator=395992035702643&output=ldjh&impl=fifs&adsid=NT&jar=2019-11-08-23&eid=21065094%2C21062453&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191108&iu_parts=356742356%2CTLO_sticky%2CTLO_top%2CTLO_above-fold%2CTLO_bottom%2CTLO_1x1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x600%7C240x240%7C160x600%7C120x600%2C728x90%2C728x90%2C728x90%7C336x280%2C1x1&prev_scp=amznbid%3D2%26amznp%3D2%26hb_size_pubmatic%3D160x600%26hb_pb_pubmatic%3D0.02%26hb_adid_pubmatic%3D460a5e6084c5539%26hb_bidder_pubmatic%3Dpubmatic%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D0.00%26hb_adid_rubicon%3D43c852b56715596%26hb_bidder_rubicon%3Drubicon%26hb_size%3D160x600%26hb_pb%3D0.02%26hb_adid%3D460a5e6084c5539%26hb_bidder%3Dpubmatic%7Camznbid%3D2%26amznp%3D2%26hb_size_ix%3D728x90%26hb_pb_ix%3D0.32%26hb_adid_ix%3D50feb58f11cafc1%26hb_bidder_ix%3Dix%26hb_size_pubmatic%3D728x90%26hb_pb_pubmatic%3D0.02%26hb_adid_pubmatic%3D47ba076ef04df8c%26hb_bidder_pubmatic%3Dpubmatic%26hb_size%3D728x90%26hb_pb%3D0.32%26hb_adid%3D50feb58f11cafc1%26hb_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%26hb_size_pubmatic%3D728x90%26hb_pb_pubmatic%3D0.02%26hb_adid_pubmatic%3D48646473a87a4bb%26hb_bidder_pubmatic%3Dpubmatic%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D4480437e662b6a4%26hb_bidder_rubicon%3Drubicon%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D48646473a87a4bb%26hb_bidder%3Dpubmatic%7Camznbid%3D2%26amznp%3D2%26hb_size_pubmatic%3D728x90%26hb_pb_pubmatic%3D0.00%26hb_adid_pubmatic%3D491234b998af97d%26hb_bidder_pubmatic%3Dpubmatic%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D491234b998af97d%26hb_bidder%3Dpubmatic%7Camznbid%3D2%26amznp%3D2&cust_params=floortest%3Dfalse%26refreshIteration%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1573254950&dt=1573254950889&dlt=1573254950402&idt=467&frm=20&biw=1585&bih=1200&oid=3&adxs=1028%2C290%2C290%2C-9%2C-9&adys=62%2C72%2C712%2C-9%2C-9&adks=40942128%2C1171346050%2C1258267148%2C3006822149%2C412018597&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thelayoff.com%2F&dssz=24&icsg=33557675&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1%7C728x90%7C728x90%7C0x-1%7C0x-1&msz=300x-1%7C728x90%7C728x90%7C0x-1%7C0x-1&ga_vid=1206852594.1573254951&ga_sid=1573254951&ga_hid=1643081881&fws=512%2C0%2C0%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
9d7da3c3a28d081755ffbac485ae97be19834093c765760697f447c3384f202e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14827
x-xss-protection
0
google-lineitem-id
5098724559,5078338215,-1,-1,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138274018786,138271701588,-1,-1,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thelayoff.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019110401.js
securepubads.g.doubleclick.net/gpt/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
d3cd091705544e4df29bbee72ca66f1233f6fa01447742156675c21ba59e6e15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Nov 2019 14:08:43 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25051
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:50 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1810234349221521&ev=PageView&dl=https%3A%2F%2Fwww.thelayoff.com%2F&rl=&if=false&ts=1573254950939&sw=1600&sh=1200&v=2.9.11&r=stable&ec=0&o=30&fbp=fb.1.1573254950938.1626876864&it=1573254950706&coo=false&rqm=GET
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Fri, 08 Nov 2019 23:15:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4A68 		0
296 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIGJfr51Xl54vQCzwXfQbI3BUfhb6P6KMOdywBYO90MtT81slQm0JUFqzOeiSRLTCvPmOPnw-6OvImwP69uITnyRQXp9ffsxEhaDRebVNcj_l3sRFWGDBMkHaL6K8rEZX5-9wCy2GXJfBOc-aUF8u7xHmP-4jDCGV-vcs74aJJGmzN6TyLpNtP2p5Uawe9Es9tkyG2aJW1sVMOhx505OwnSp5EvQ02l4IsWtQAKNqdm5A2Cf6YfDvQPMgl5jkOoKGffPaPwYNxWA&sai=AMfl-YRKutgYQ-6LM1oZsDgb54wKc8owweMnYDe3vyCFmCDBnWdBlHA0lrJTFbWNkDqyXKtwxXR2yWx8sMFLCfgE2vIPf5CZ4TLBF3Ys4Zn-Qg&sig=Cg0ArKJSzF0wRPT9Zyj2EAE&urlfix=1&adurl=
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 08 Nov 2019 23:15:51 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:51 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4A68
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?userid=&ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6757078562819405968
42 B
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6757078562819405968
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Fri, 08 Nov 2019 23:15:51 GMT
X-lat
Pug22017:0:567
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6757078562819405968
Date
Fri, 08 Nov 2019 23:15:51 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
show_banner
dspcluster.adfarm1.adition.com/ Frame 4A68 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=4394367&cid=3382379&bid=10588066&auction=86AEA6B8-922C-4AF2-AA82-85EBDC8DBE6E&ts=1573254950535&bidid=6757078558521488781&p[ssp:9,adSlotId:2167967,supplyId:158314,domain:thelayoff.com,trafficType:2,isUserUnknown:1,auctionType:0,lat:49.1,long:10.71,bidId:6757078558521488781,advertiserId:570220]&userid=&adhost=ad-dsp40
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.67 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
dspcluster.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
add2c859e87d32e017a49999e4fdd13fc5e12b8567f4e705b7153735c28da697

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Nov 2019 00:15:51 +0100
Server
ADITIONSERVER v1.0
ETag
6757078562815476846
P3P
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1797
Expires
Sat, 01 Jan 2000 00:00:00 GMT
/
dsp.active-agent.com/reporting/ Frame 4A68 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.active-agent.com/reporting/?auctionId=86AEA6B8-922C-4AF2-AA82-85EBDC8DBE6E&bid=6757078558521488781&bannerId=10588066&campaignId=3382379&contentUnitId=4394367&impressionId=49&ssp=9&xr=&xc=&winningPrice=0.029267&contacts=1.0
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.114.159.66 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
dsp.active-agent.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Nov 2019 23:15:51 GMT
Access-Control-Allow-Credentials
false
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4A68 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
66557b1fd9e362afdfa527946d2f7702a2edd34c87797cfd6dfe2d9916d2af6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573228288990065"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29293
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:51 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fc2c078ff7dbfc4334dc543b2fb93107671a69ebdeee982e1f8b866e252ea322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573228288990065"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29485
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BB7A 		0
57 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ_R1zxbIU5xJL-uDW_oEulfz-UnIAq_8RCDz1yI3IdwuqFVCzxMb_n3qAZa-uR-oEl0HbMoPI7bO1wIpO-vhE7mxoR4gOGdfASV5XlYQMriDnh6tX_-TpmIl4Cmgo3dvtwiv1J6n0yrbcnnIRBmmEoHNlaDW6_2KCeKA4UYRMQNbSDevbU5xIVE9B-gUxQul9zeAxEzmDYkldYHWXIZR8eSbN3LP5PPBi2cxMZO6h-dDpjFVv1qTgfu7zi2_F-4p_ICMzIA&sai=AMfl-YTGyaifVucQIDXN_-zGLde1LF_QU8ekKDSHLMIxS3IbT5SFCmC1w_Edm9aXYNvjCY-2HCdnEWMeg6AMq9chc4LQz34DcHuvGWcQok5CYg&sig=Cg0ArKJSzCRi24h6dMj4EAE&urlfix=1&adurl=
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 08 Nov 2019 23:15:51 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
ifnotify
a3226.casalemedia.com/ Frame 6985 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=1556F35&r=1C83D01F&t=5DC5F726&u=X3QtMko4cFBRZWdGWkJfejAxTVFXYnFt&m=34c1229780357dd9c81d73d15774ba1e&wp=2F&aid=8016F9864D0DB78F&tid=1584C&s=5DB29&cp=0.47&n=www.thelayoff.com&pr=xx&epr=3501788b61273ff
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.80.38.195 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
a3226.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.thelayoff.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

Date
Fri, 08 Nov 2019 23:15:51 GMT
Server
Apache
Pragma
no-cache
Cache-Control
no-cache
Expires
0
Keep-Alive
timeout=1, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
/
track.adform.net/adfscript/ Frame BB7A 		19 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=33874401;rtbwp=XcX3JgAAAAAaCwKFt2WTOvGm2umM28mHXUN65w;rtbdata=B8QJFj_s5v6YwjAbvrKKd1YmlHoFEs80njySi_tRYIkZJTBYs00563Old88m-j_2o19kOFQ94rgsXngxqbl14q3iOqTZM29sXTagvS720YLeSo5uQsJhAV1rnV-hThGScrVEMDgVys0r6_NNkQsDUdNKXLlxyusku8gGyj_pMfxxilprU64grUh3fd5SZSiYtvSFY5mlLnJFi4PAHBEVgDyN-0Iu20TdQeEimShqzcc1
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
56e99b915efac04ab83e31935609a5a1d04001f2d09c64791e24c077a7e73ab1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9663
expires
-1
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame BB7A 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
66557b1fd9e362afdfa527946d2f7702a2edd34c87797cfd6dfe2d9916d2af6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573228288990065"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29293
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:51 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011910251950120/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011910251950120/amp4ads-host-v0.js
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
866c1cf254c11afbcb1689842e0eb3ed4973f7edada9f814d5e6b72cd54b9b56
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
16846
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7923
x-xss-protection
0
server
sffe
date
Fri, 08 Nov 2019 18:35:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"78dc79e454080e42"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Nov 2020 18:35:05 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011910251950120/ Frame 521C 		243 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
25226e6e3ba0503974bdf2075bc6e44ff223c59520aae1f1722759050d988232
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
16848
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
78754
x-xss-protection
0
server
sffe
date
Fri, 08 Nov 2019 18:35:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e013cb1224f59e75"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Nov 2020 18:35:03 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 521C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011910251950120/v0/amp-ad-exit-0.1.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d94dd9f1c15cb40a01fe3f987c6499414a7ef7e06e505aa1e25b067cfddd3acf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
115511
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6069
x-xss-protection
0
server
sffe
date
Thu, 07 Nov 2019 15:10:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"537ce8f1ba726417"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Nov 2020 15:10:40 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 521C 		151 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011910251950120/v0/amp-analytics-0.1.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e21da87120c823e7856f1e2af9d73746e19590b71407869dccb2d203115d451c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
16848
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
47460
x-xss-protection
0
server
sffe
date
Fri, 08 Nov 2019 18:35:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8efde0f72d912957"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Nov 2020 18:35:03 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 521C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011910251950120/v0/amp-fit-text-0.1.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87ed2f2b7e6cca24345f5b11714e96b5695527dcbb27b401e938a059ae049b12
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
115438
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1593
x-xss-protection
0
server
sffe
date
Thu, 07 Nov 2019 15:11:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"69b72fb8329d9e71"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Nov 2020 15:11:53 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 521C 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011910251950120/v0/amp-form-0.1.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
24af76725a32febb7ba698e7c6c3f1db7eae95380fc500d1d534272364b5100a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
115471
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15697
x-xss-protection
0
server
sffe
date
Thu, 07 Nov 2019 15:11:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5217ce22b5d5bd36"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Nov 2020 15:11:20 GMT
css
fonts.googleapis.com/ Frame 521C 		4 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 08 Nov 2019 23:15:51 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 08 Nov 2019 23:15:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:51 GMT
truncated
/ Frame 521C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8add56447c38941b7aa4b97d9481f1e68bd72b6565ba48276cc56169bd34196

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2184706580188492&r=300x600%7C240x240%7C160x600%7C120x600&w=1&h=1
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 521C 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 07 Nov 2019 23:33:41 GMT
x-content-type-options
nosniff
server
cafe
age
85330
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:33:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 521C 		295 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 08 Nov 2019 21:53:21 GMT
x-content-type-options
nosniff
server
cafe
age
4950
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 09 Nov 2019 21:53:21 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 521C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C1IGxJvfFXefHOdvQgAeDn4H4CY_In9pZyqGG6M4K__WQ49cCEAEggo_FaGCVAqABu6m96gLIAQGpAvUybEIpVn0-4AIAqAMByAMKqgTVAU_Qpw8zD7cYHqSANja1pYLf4jG1A3WrNbczmeUQh5BRgR7h5lrCBj-wvWzm1PrdnSXIWG42GycCtb-c1x87N2XO9jcAaS-8kR3euKzMr7uF2AifcXrVcsNqACYcVslVekei5DbP_QzAWndB8vjTGGLl4kUB7TyzAZNStGhWV0I1J4KYcJF4e91mSU7TjLUHamo_NBmEqTqzC4m6aLmTX52TkIx34kbcj-MaBvAwSDeegoOSab8ZI4EkBUvdq7oTo3W2lAS7qW1kuSchQs7RfB-9k3fR3MAEmKTwxJcC4AQBkgUECAQYAZIFBAgFGASgBlGAB63WwpUBqAeOzhuoB9XJG6gHk9gbqAe6BqgH2csbqAfPzBuoB6a-G9gHAfIHBBDnngTSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU3MTQ0NzkxMTk0NDA2MTSACgPYEww&sigh=4tFPTNv-tkU&tpd=AGWhJmsOEDsaavfv50_92QiL6S82vbKKOKPcGtfnCuVWZn_bfQ
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 521C 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://www.thelayoff.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Wed, 30 Oct 2019 14:33:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
808917
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11056
x-xss-protection
0
expires
Thu, 29 Oct 2020 14:33:54 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 521C 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://www.thelayoff.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 18:43:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
707558
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11016
x-xss-protection
0
expires
Fri, 30 Oct 2020 18:43:13 GMT
getAccountInfo
www.googleapis.com/identitytoolkit/v3/relyingparty/ 		258 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyBNObR8JSiVATaUd_N_WQuq0xOf-7wNtds
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/assets/TLO/app/js/app-ef86c89ae4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
fe14472cff27aeb554162f64c3ff496477a0458cfb723566df3a4b0958049d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.thelayoff.com/
X-Client-Version
Chrome/JsCore/5.5.0/FirebaseCore-web
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
203
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.thelayoff.com
access-control-expose-headers
date,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame BB7A 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e489838524616dacd00ae3a6e811f6906e561e93c314dc4d7d0d1c9145480ccf

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
gzip
last-modified
Wed, 23 Oct 2019 07:33:00 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 10 Nov 2019 02:10:31 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 4A68 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
cc0069dab5b1c410fc8bb1a109f8ceb4792e4780bbe7ea9e969662a7d6e49915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 22:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Oct 2019 14:04:48 GMT
server
sffe
age
1761
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2032
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:46:30 GMT
ftg_t_v_bk.min.js
c.t4ft.de/c/ Frame 4A68 		40 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.t4ft.de/c/ftg_t_v_bk.min.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a01:4f8:120:53ef::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.10.3, static-1201 /
Resource Hash
14ab4b5ec62c192ebeefbf12502ff9570eff1ad636f236df06cab090803f29fb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 23:15:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Sep 2018 12:25:48 GMT
Server
nginx/1.10.3, static-1201
ETag
W/"5ba0eecc-a1b0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 09 Nov 2019 00:15:51 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 521C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Redirect headers

date
Fri, 08 Nov 2019 23:15:51 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
246
x-xss-protection
0
impl_v55.js
www.googletagservices.com/dcm/ Frame 4A68 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v55.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0ec7c1eac6e0f82237b25ed509bf0e48b3cd7f9d989e8e8cac94e8b39edcca46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 18:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Oct 2019 14:05:29 GMT
server
sffe
age
16160
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9535
x-xss-protection
0
expires
Sat, 07 Nov 2020 18:46:31 GMT
/
track.adform.net/wpf/v2/sla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dThjCEP3DRgEhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame BB7A 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/sla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dThjCEP3DRgEhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWojLrabh16DL6qgXK_Pmtd0UbUV8afuyPBAhqvnVrwobr5UnzDdYejftckuyPBDjaY2ftckkCoq1HACVddTVkTlXVHatQVD_DJhCizgzH_y3EjNpmVWN9dPBSk8jV.lV9dVdIilmX6QStKEmaUaAwHCSFQ_01kKJA237lY5BSmxGY5BNBtQT.clYIT3SvgMJgJ0Nc1lF4XVA4.L9.gJ.elF1VLf4.9dPgJ2MnGmRgJ2MnGmRgJ1KMKNc0FAKXV4jMk.3tJ/adfserve/?CC=1&bn=33874401;rtbwp=XcX3JgAAAAAaCwKFt2WTOvGm2umM28mHXUN65w;rtbdata=B8QJFj_s5v6YwjAbvrKKd1YmlHoFEs80njySi_tRYIkZJTBYs00563Old88m-j_2o19kOFQ94rgsXngxqbl14q3iOqTZM29sXTagvS720YLeSo5uQsJhAV1rnV-hThGScrVEMDgVys0r6_NNkQsDUdNKXLlxyusku8gGyj_pMfxxilprU64grUh3fd5SZSiYtvSFY5mlLnJFi4PAHBEVgDyN-0Iu20TdQeEimShqzcc1;js=1;adfxid=1x;3898;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=2|2&CREFURL=https%3A%2F%2Fwww.thelayoff.com%2F
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
818b10f3c71fdbb081253e3448c741c909ae2a3528d208a706afe0f9cfce9355

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
2740
expires
-1
B23442722.259241582;dc_ver=55.153;dc_eid=40004000;sz=160x600;osdl=1;u_sd=1;dc_adk=636708789;ord=gaos3z;click=https%3A%2F%2Fdspcluster.adfarm1.adition.com%2Fredi%3Flid%3D6757078562815476846%26gdpr%3...
ad.doubleclick.net/ddm/adi/N5249.3201872APEX/ Frame AC39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N5249.3201872APEX/B23442722.259241582;dc_ver=55.153;dc_eid=40004000;sz=160x600;osdl=1;u_sd=1;dc_adk=636708789;ord=gaos3z;click=https%3A%2F%2Fdspcluster.adfarm1.adition.com%2Fredi%3Flid%3D6757078562815476846%26gdpr%3D0%26gdpr_consent%3D%26gdpr_pd%3D0%26userid%3D0%26sid%3D4394367%26kid%3D3382379%26bid%3D10588066%26c%3D23300%26keyword%3D%26bidid%3D6757078558521488781%26clickurl%3D;dc_rfl=1,https%3A%2F%2Fwww.thelayoff.com%2F$0;xdt=0;crlt=OUaOrwJrlF;osda=2;sttr=25;prcl=s?
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.230 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ad.doubleclick.net
:scheme
https
:path
/ddm/adi/N5249.3201872APEX/B23442722.259241582;dc_ver=55.153;dc_eid=40004000;sz=160x600;osdl=1;u_sd=1;dc_adk=636708789;ord=gaos3z;click=https%3A%2F%2Fdspcluster.adfarm1.adition.com%2Fredi%3Flid%3D6757078562815476846%26gdpr%3D0%26gdpr_consent%3D%26gdpr_pd%3D0%26userid%3D0%26sid%3D4394367%26kid%3D3382379%26bid%3D10588066%26c%3D23300%26keyword%3D%26bidid%3D6757078558521488781%26clickurl%3D;dc_rfl=1,https%3A%2F%2Fwww.thelayoff.com%2F$0;xdt=0;crlt=OUaOrwJrlF;osda=2;sttr=25;prcl=s?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.thelayoff.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmEXjcJeBwHc5tUaIhriLZxzqZ_kSym39nzgijZIdGO51FTTdQ-UKO7rp5j; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 08 Nov 2019 23:15:51 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
7599
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4A68 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fc2c078ff7dbfc4334dc543b2fb93107671a69ebdeee982e1f8b866e252ea322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1573228288990065"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29485
x-xss-protection
0
expires
Fri, 08 Nov 2019 23:15:51 GMT
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 24F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.thelayoff.com/
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156657:2; KADUSERCOOKIE=3C38C6B5-906C-47BB-8245-3372E37EFF54; chk=1; DPSync3=1574380800%3A201_197%7C1573257600%3A174; SyncRTB3=1574035200%3A63%7C1573776000%3A2_15%7C1575763200%3A203%7C1574380800%3A56_21_161_3_166_71_189_54_81_176_7_8_22_55_204_104; PugT=1573254951; PUBMDCID=3; KRTBCOOKIE_1101=23040-6757078562819405968; KRTBCOOKIE_27=16735-uid:c1705dc5-f630-4b00-831d-bb6fcdc2dc38&KRTB&16736-uid:c1705dc5-f630-4b00-831d-bb6fcdc2dc38; KRTBCOOKIE_80=16514-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&22987-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&22995-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&23025-CAESECorueAYcrZx1R4aV2YHMkM; KRTBCOOKIE_391=22924-546768211129381623; KRTBCOOKIE_153=19420-d_ys-iSv_fhvr_ercP3i-ySoq61vr_75cfp5ep7T&KRTB&22979-d_ys-iSv_fhvr_ercP3i-ySoq61vr_75cfp5ep7T; KRTBCOOKIE_22=14911-2642824835685195317&KRTB&23049-2642824835685195317&KRTB&23150-2642824835685195317; KRTBCOOKIE_377=22918-82fb198b-13fc-4a37-a31e-6e4785367a9b&KRTB&23031-82fb198b-13fc-4a37-a31e-6e4785367a9b; KRTBCOOKIE_1074=22956-e_b460bc07-6042-449b-8514-fa58e5ad7660; SPugT=1573254951; KRTBCOOKIE_188=3189-no-consent&KRTB&22716-no-consent; KRTBCOOKIE_699=22727-AABzFk67i-4AABQuZHrZRw&KRTB&22744-AABzFk67i-4AABQuZHrZRw&KRTB&22745-AABzFk67i-4AABQuZHrZRw; KRTBCOOKIE_466=16530-9ce0a0ae-a54f-43fa-90eb-27ab81b65286&KRTB&16532-9ce0a0ae-a54f-43fa-90eb-27ab81b65286; KRTBCOOKIE_336=5844-5951945986597681644; KRTBCOOKIE_218=4056-XcX3JwAAAIv_XFdY&KRTB&22922-XcX3JwAAAIv_XFdY&KRTB&22978-XcX3JwAAAIv_XFdY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=91184
Expires
Sun, 10 Nov 2019 00:35:35 GMT
Date
Fri, 08 Nov 2019 23:15:51 GMT
Connection
keep-alive
Vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame DB20 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=158314&siteId=582108&adId=2167967&adType=10&adServerId=243&kefact=0.032298&kaxefact=0.032298&kadNetFrequecy=0&kadwidth=160&kadheight=600&kadsizeid=10&kltstamp=1573254950&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.032298&dcId=3&tldId=58537646&passback=0&svr=BID22432U&ekefact=JvfFXemDCACiFiBFLVe4ewtx18mLDU7pjhKwxYMkxAnLEXFJ&ekaxefact=JvfFXfuDCABH38zJ5AyDIDJ-OUpBftpsIOoShXy_8IBRw_HC&ekpbmtpfact=JvfFXQmECAB67qh6yiArZvY3cRlVM3bkv3Cfr5PiPZtegOwJ&enpp=JvfFXRiECABm3c_8J-OFr_z3-KQAjgr80mqYasfUpMeaMavK&crID=10588066&lpu=lenovo.com&ucrid=17685149595899459527&campaignId=23040&creativeId=0&pctr=0.000000&wDSPByrId=3314&wDspId=1101&wbId=8&wrId=0&wAdvID=727566&isRTB=1&rtbId=86AEA6B8-922C-4AF2-AA82-85EBDC8DBE6E&imprId=4B919146-DC7D-4F3C-ABCE-CFCB6D6B6908&oid=4B919146-DC7D-4F3C-ABCE-CFCB6D6B6908&cntryId=58&domain=thelayoff.com&pageURL=https%3A%2F%2Fwww.thelayoff.com%2F&sec=1
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
aktrack.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.thelayoff.com/
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES; pi=156657:2; KADUSERCOOKIE=3C38C6B5-906C-47BB-8245-3372E37EFF54; chk=1; DPSync3=1574380800%3A201_197%7C1573257600%3A174; SyncRTB3=1574035200%3A63%7C1573776000%3A2_15%7C1575763200%3A203%7C1574380800%3A56_21_161_3_166_71_189_54_81_176_7_8_22_55_204_104; PugT=1573254951; PUBMDCID=3; KRTBCOOKIE_1101=23040-6757078562819405968; KRTBCOOKIE_27=16735-uid:c1705dc5-f630-4b00-831d-bb6fcdc2dc38&KRTB&16736-uid:c1705dc5-f630-4b00-831d-bb6fcdc2dc38; KRTBCOOKIE_80=16514-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&22987-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&22995-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&23025-CAESECorueAYcrZx1R4aV2YHMkM; KRTBCOOKIE_391=22924-546768211129381623; KRTBCOOKIE_153=19420-d_ys-iSv_fhvr_ercP3i-ySoq61vr_75cfp5ep7T&KRTB&22979-d_ys-iSv_fhvr_ercP3i-ySoq61vr_75cfp5ep7T; KRTBCOOKIE_22=14911-2642824835685195317&KRTB&23049-2642824835685195317&KRTB&23150-2642824835685195317; KRTBCOOKIE_377=22918-82fb198b-13fc-4a37-a31e-6e4785367a9b&KRTB&23031-82fb198b-13fc-4a37-a31e-6e4785367a9b; KRTBCOOKIE_1074=22956-e_b460bc07-6042-449b-8514-fa58e5ad7660; SPugT=1573254951; KRTBCOOKIE_188=3189-no-consent&KRTB&22716-no-consent; KRTBCOOKIE_699=22727-AABzFk67i-4AABQuZHrZRw&KRTB&22744-AABzFk67i-4AABQuZHrZRw&KRTB&22745-AABzFk67i-4AABQuZHrZRw; KRTBCOOKIE_466=16530-9ce0a0ae-a54f-43fa-90eb-27ab81b65286&KRTB&16532-9ce0a0ae-a54f-43fa-90eb-27ab81b65286; KRTBCOOKIE_336=5844-5951945986597681644; KRTBCOOKIE_218=4056-XcX3JwAAAIv_XFdY&KRTB&22922-XcX3JwAAAIv_XFdY&KRTB&22978-XcX3JwAAAIv_XFdY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

Content-Type
text/html
Content-Length
0
Date
Fri, 08 Nov 2019 23:15:51 GMT
Connection
keep-alive
/
t4ft.de/bk/ Frame 4A68 		91 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t4ft.de/bk/?t=1573254951&ftgid=yCrFYswGq6PbzPqq&ls[]=https%3A%2F%2Fwww.thelayoff.com%2F&ls[]=https%3A%2F%2Fwww.thelayoff.com%2F&lss=dd&vid=0&x=aid%3D1434%26fcui%3D801066%26fcai%3D3382379%26ffli%3D87867%26fpli%3D4394367%26adId%3D10588066%26element%3Dftge_10588066%26size%3D160x600%26dmp.aa%3D9%252F158314%252F2167967%252Fthelayoff.com&cb=ftgu_1110010674
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
85.10.200.83 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-200-83.clients.your-server.de
Software
nginx/1.10.3, ws-0603 /
Resource Hash
a3fad14539b7df6cda9ebf70fc0f13b790519d7f4204f1a93fb4b310396cf7bd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 23:15:51 GMT
Cache-Control
no-store, must-revalidate
Server
nginx/1.10.3, ws-0603
Content-Length
91
Content-Type
text/javascript;charset=UTF-8
xbf.html
c.t4ft.de/s/ Frame 4650 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://c.t4ft.de/s/xbf.html
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a01:4f8:120:53ef::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.10.3 static-1201 /
Resource Hash

Request headers

Host
c.t4ft.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.thelayoff.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

Server
nginx/1.10.3 static-1201
Date
Fri, 08 Nov 2019 23:15:51 GMT
Content-Type
text/html
Last-Modified
Thu, 13 Oct 2016 12:35:48 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"57ff7fa4-dd"
Expires
Sat, 09 Nov 2019 00:15:51 GMT
Cache-Control
max-age=3600
Content-Encoding
gzip
truncated
/ Frame 4A68 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa5e522bb40646a3577b5195f07e87ac5c6eff8521e29cd5173324eea5d29155

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png
adform_pixel.js
www.adform.com/banners/Html/Elements/Files/2050835/7162780/assets/ Frame BB7A 		808 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adform.com/banners/Html/Elements/Files/2050835/7162780/assets/adform_pixel.js
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.164 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
856d9bc511057438a24e5c6c056f2ef394ccdc57fc0a221d9bf2986be286debe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: blob: https: 'unsafe-inline' 'unsafe-eval' 'report-sample'; report-uri https://adformweb.report-uri.com/r/d/csp/enforce
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 23:15:52 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{report_to:default,max_age:2592000,include_subdomains:true}
Age
5120
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Report-To
{group:default,max_age:2592000,endpoints:[{url:https://adformweb.report-uri.com/a/d/g}],include_subdomains:true}
Connection
keep-alive
Last-Modified
Sun, 06 Oct 2019 11:15:57 GMT
Server
cloudflare
ETag
W/"2597346d377cd51:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=14400
Content-Security-Policy
upgrade-insecure-requests; default-src data: blob: https: 'unsafe-inline' 'unsafe-eval' 'report-sample'; report-uri https://adformweb.report-uri.com/r/d/csp/enforce
CF-RAY
532b405a1b93d6bd-FRA
Cf-Bgj
minify
/
track.adform.net/csimpr/ Frame BB7A 		35 B
425 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=33874401&csi=0AxpZayEtFLyKcm2JLGWFcJtA2cGUEkZTU1-U9p996TBXB012qLbCxiRfCYNweOV5U8_YT6rFSrJf7NJ_bi5Kaj79CZuKYVPHL1XwCUf-NNlK439tRQGEw2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:51 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.thelayoff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ThirdParty
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.180/e/.wSBgiD/i/8IC-4gAAAAKAA/r:types/ Frame BB7A 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.180/e/.wSBgiD/i/8IC-4gAAAAKAA/r:types/ThirdParty
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
977564dbb279f23ecc8621722b2a65066d85958cf508c30bfb18a4ec9342f046

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:51 GMT
content-encoding
gzip
last-modified
Wed, 23 Oct 2019 07:33:00 GMT
server
nginx
status
200
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sun, 10 Nov 2019 02:51:06 GMT
ADTECH;apid=1Ab5200bae-027d-11ea-9707-026865e42056;cfp=1;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff.com;sub2=1538;sub3=https%253a%252f%252fwww.thelayoff.com...
adserverams.adtech.de/addyn/3.0/1727/6676618/0/225/ Frame BB7A
Redirect Chain
  • https://adserverams.adtech.de/addyn/3.0/1727/6676618/0/225/ADTECH;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff.com;sub2=1538;sub3=https%253a%252f%252fwww.thelayoff.com%252f;s...
  • https://adserverams.adtech.de/addyn/3.0/1727/6676618/0/225/ADTECH;cfp=1;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff.com;sub2=1538;sub3=https%253a%252f%252fww...
  • https://adserver-eu.adtech.advertising.com/addyn/3.0/1727/6676618/0/225/ADTECH;rdhost=adserverams.adtech.de;cfp=1;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff...
  • https://adserver-eu.adtech.advertising.com/addyn/3.0/1727/6676618/0/225/ADTECH;rdhost=adserverams.adtech.de;cfp=2;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff...
  • https://adserverams.adtech.de/addyn/3.0/1727/6676618/0/225/ADTECH;apid=1Ab5200bae-027d-11ea-9707-026865e42056;cfp=1;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayo...
424 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adserverams.adtech.de/addyn/3.0/1727/6676618/0/225/ADTECH;apid=1Ab5200bae-027d-11ea-9707-026865e42056;cfp=1;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff.com;sub2=1538;sub3=https%253a%252f%252fwww.thelayoff.com%252f;sub4=;kvdvar1=thelayoff.coma;kvdvar2=1538a;kvdvar3=https%253a%252f%252fwww.thelayoff.com%252fa;kvdvar4=a;kvdref=a;kvdhref=https%3A%2F%2Fwww.thelayoff.com%2Fa;kvnfi=eyJyZXN1bHQiOmZhbHNlfQ==;kvins=eyJyZXN1bHQiOmZhbHNlfQ==;kvlgt=a;key=546768211129381623;rdclick=
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.2 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
e0fbb43b659ec70bb47c00dbe82546a8ca1586d34ed6eaa9717ee5337c1785a6

Request headers

Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:52 GMT
server
Adtech Adserver
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
200
cache-control
no-store, no-cache
content-type
application/x-javascript
content-length
424
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:52 GMT
server
nginx
status
302
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
location
https://adserverams.adtech.de/addyn/3.0/1727/6676618/0/225/ADTECH;apid=1Ab5200bae-027d-11ea-9707-026865e42056;cfp=1;rndc=1573254951;loc=100;target=_blank;grp=[group];misc=1573254951718;sub1=thelayoff.com;sub2=1538;sub3=https%253a%252f%252fwww.thelayoff.com%252f;sub4=;kvdvar1=thelayoff.coma;kvdvar2=1538a;kvdvar3=https%253a%252f%252fwww.thelayoff.com%252fa;kvdvar4=a;kvdref=a;kvdhref=https%3A%2F%2Fwww.thelayoff.com%2Fa;kvnfi=eyJyZXN1bHQiOmZhbHNlfQ==;kvins=eyJyZXN1bHQiOmZhbHNlfQ==;kvlgt=a;key=546768211129381623;rdclick=
cache-control
no-store, no-cache
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
Ad19654042St1Sz225Sq113179503V4Id1.jpg
aka-cdn.adtech.de/images/410/ Frame BB7A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aka-cdn.adtech.de/images/410/Ad19654042St1Sz225Sq113179503V4Id1.jpg
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.12 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frb/6757) /
Resource Hash
2765ae8da778c27f70fceb98ffaf50fae1708c317684acc08aac012108c5fd5b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:52 GMT
last-modified
Tue, 05 Nov 2019 16:44:26 GMT
server
ECAcc (frb/6757)
x-cache
HIT
content-type
image/jpeg
status
200
cache-control
max-age=608400
accept-ranges
bytes
content-length
14509
expires
Sat, 16 Nov 2019 00:15:52 GMT
truncated
/ Frame BB7A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b2789f278107614867e3910835ec03094f95c1704d91baa2d64697411fd61b0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type
image/png
.lp
rk-gea-prod.firebaseio.com/ Frame 47BA 		421 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rk-gea-prod.firebaseio.com/.lp?start=t&ser=37608607&cb=1&v=5
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
1b3751a51d5e066f1ae8b80363a6859c997168f4493656d6ecbff3166e8e0233
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 23:15:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
421
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
.lp
s-usc1c-nss-212.firebaseio.com/ Frame DED5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-212.firebaseio.com/.lp?dframe=t&id=483686&pw=xjO1KVfjFD&ns=rk-gea-prod
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Host
s-usc1c-nss-212.firebaseio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.thelayoff.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

Server
nginx
Date
Fri, 08 Nov 2019 23:15:52 GMT
Content-Type
text/html; charset=utf-8
Content-Length
419
Connection
keep-alive
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
.lp
s-usc1c-nss-212.firebaseio.com/ Frame 47BA 		15 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-212.firebaseio.com/.lp?id=483686&pw=xjO1KVfjFD&ser=39760880&ns=rk-gea-prod
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 23:15:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
15
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1810234349221521&ev=Microdata&dl=https%3A%2F%2Fwww.thelayoff.com%2F&rl=&if=false&ts=1573254952569&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TheLayoff.com%20-%20Layoffs%20Discussion%20Board%22%2C%22meta%3Adescription%22%3A%22Layoffs%20Discussion%2C%20News%20and%20Rumors.%20Ask%2C%20answer%2C%20speculate%20on%20layoffs%20in%20your%20company...%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.11&r=stable&ec=1&o=30&fbp=fb.1.1573254950938.1626876864&it=1573254950706&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date
Fri, 08 Nov 2019 23:15:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Fri, 08 Nov 2019 23:15:52 GMT
.lp
s-usc1c-nss-212.firebaseio.com/ Frame 47BA 		58 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-212.firebaseio.com/.lp?id=483686&pw=xjO1KVfjFD&ser=39760881&ns=rk-gea-prod&seg0=0&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MSwiYSI6InMiLCJiIjp7ImMiOnsic2RrLmpzLjUtNS0wIjoxfX19fQ..
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 23:15:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
58
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 981A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.thelayoff.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 08 Nov 2019 23:15:52 GMT
Age
8170438
Connection
keep-alive
X-Served-By
cache-jfk8123-JFK, cache-hhn4083-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1276778, 10528374
X-Timer
S1573254953.717454,VS0,VE0
Vary
Accept-Encoding
index.html
cdn.districtm.io/ids/ Frame A9B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.thelayoff.com/
accept-encoding
gzip, deflate, br
cookie
__cfduid=d3501a19a59611a6a752b43b6500b85621573254951
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

status
200
date
Fri, 08 Nov 2019 23:15:52 GMT
content-type
text/html
cf-cache-status
DYNAMIC
cache-control
s-maxage=1209600, max-age=14400
cf-ray
532b405e5d09d70d-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 10 Jan 2019 16:50:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
server
cloudflare
content-encoding
br
Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 3726 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.thelayoff.com/
Accept-Encoding
gzip, deflate, br
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156657:2; KADUSERCOOKIE=3C38C6B5-906C-47BB-8245-3372E37EFF54; chk=1; DPSync3=1574380800%3A201_197%7C1573257600%3A174; SyncRTB3=1574035200%3A63%7C1573776000%3A2_15%7C1575763200%3A203%7C1574380800%3A56_21_161_3_166_71_189_54_81_176_7_8_22_55_204_104; PugT=1573254951; PUBMDCID=3; KRTBCOOKIE_1101=23040-6757078562819405968; KRTBCOOKIE_27=16735-uid:c1705dc5-f630-4b00-831d-bb6fcdc2dc38&KRTB&16736-uid:c1705dc5-f630-4b00-831d-bb6fcdc2dc38; KRTBCOOKIE_80=16514-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&22987-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&22995-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&23025-CAESECorueAYcrZx1R4aV2YHMkM; KRTBCOOKIE_391=22924-546768211129381623; KRTBCOOKIE_153=19420-d_ys-iSv_fhvr_ercP3i-ySoq61vr_75cfp5ep7T&KRTB&22979-d_ys-iSv_fhvr_ercP3i-ySoq61vr_75cfp5ep7T; KRTBCOOKIE_22=14911-2642824835685195317&KRTB&23049-2642824835685195317&KRTB&23150-2642824835685195317; KRTBCOOKIE_377=22918-82fb198b-13fc-4a37-a31e-6e4785367a9b&KRTB&23031-82fb198b-13fc-4a37-a31e-6e4785367a9b; KRTBCOOKIE_1074=22956-e_b460bc07-6042-449b-8514-fa58e5ad7660; SPugT=1573254951; KRTBCOOKIE_188=3189-no-consent&KRTB&22716-no-consent; KRTBCOOKIE_699=22727-AABzFk67i-4AABQuZHrZRw&KRTB&22744-AABzFk67i-4AABQuZHrZRw&KRTB&22745-AABzFk67i-4AABQuZHrZRw; KRTBCOOKIE_466=16530-9ce0a0ae-a54f-43fa-90eb-27ab81b65286&KRTB&16532-9ce0a0ae-a54f-43fa-90eb-27ab81b65286; KRTBCOOKIE_336=5844-5951945986597681644; KRTBCOOKIE_218=4056-XcX3JwAAAIv_XFdY&KRTB&22922-XcX3JwAAAIv_XFdY&KRTB&22978-XcX3JwAAAIv_XFdY; KRTBCOOKIE_1051=22884-18072662402202372477; KRTBCOOKIE_279=22890-b4f23126-027d-11ea-8196-77c1752dcf8c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

Last-Modified
Fri, 26 Jul 2019 09:39:45 GMT
ETag
"13006b6-9bf6-58e925294ef26"
Server
Apache/2.2.15 (CentOS)
Set-Cookie
KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14898
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=91183
Expires
Sun, 10 Nov 2019 00:35:35 GMT
Date
Fri, 08 Nov 2019 23:15:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 15E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.thelayoff.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Wed, 06 Nov 2019 23:32:57 GMT
Content-Encoding
gzip
Content-Length
7503
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=74093
Expires
Sat, 09 Nov 2019 19:50:45 GMT
Date
Fri, 08 Nov 2019 23:15:52 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame B716 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: d2yxxa3y12yhno.cloudfront.net
URL: https://d2yxxa3y12yhno.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.thelayoff.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.thelayoff.com/

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Fri, 08 Nov 2019 23:15:52 GMT
Age
8170438
Connection
keep-alive
X-Served-By
cache-jfk8123-JFK, cache-hhn4083-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1276778, 10528375
X-Timer
S1573254953.724529,VS0,VE0
Vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 521C 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQTuKZHgw14ILf-A9rpj4GJFM7fJYYguDy1Mc-tCF0W0mJnfb8n72HmfQx5wpL6K6TR6kuX9d07rA9afIfEdC4eM-4xHJRySzjB2K3Ol90NIEXcL7S8YacZS7m1Q&sai=AMfl-YTvly9_EZdodmr8QiGK9hCmpJZPM-qwU15e563c6_hP5ZsCvKmYAdmbgZUDD_LUQ3FsA9f-FMajrHsjc2vDJXKwlUwPBWbCTjh9AgZanA&sig=Cg0ArKJSzHQuzzzagO2mEAE&id=ampim&o=290,712&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=68&tls=1068&g=100&h=100&pt=560&tt=1069&rpt=560&rst=1573254951178&r=v&adk=1258267148&avms=ampa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
.lp
s-usc1c-nss-212.firebaseio.com/ Frame 47BA 		522 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-212.firebaseio.com/.lp?id=483686&pw=xjO1KVfjFD&ser=39760882&ns=rk-gea-prod&seg0=1&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MiwiYSI6ImF1dGgiLCJiIjp7ImNyZWQiOiJleUpoYkdjaU9pSlNVekkxTmlJc0ltdHBaQ0k2SWpJMU1EZ3hNV05rWXpZd09XUTVNR1k1T0RFMU1URTVNV0l5WW1NNVltUXdZMlZpT1dNd01EUWlMQ0owZVhBaU9pSktWMVFpZlEuZXlKd2NtOTJhV1JsY2w5cFpDSTZJbUZ1YjI1NWJXOTFjeUlzSW1semN5STZJbWgwZEhCek9pOHZjMlZqZFhKbGRHOXJaVzR1WjI5dloyeGxMbU52YlM5MGFHVXRiR0Y1YjJabUxXaHlaQ0lzSW1GMVpDSTZJblJvWlMxc1lYbHZabVl0YUhKa0lpd2lZWFYwYUY5MGFXMWxJam94TlRjek1qVTBPVFV4TENKMWMyVnlYMmxrSWpvaWQzbENZbkYwYzIxRFYxSnNPVkoxTmt4M05tVldSMnR4UkZVek15SXNJbk4xWWlJNkluZDVRbUp4ZEhOdFExZFNiRGxTZFRaTWR6WmxWa2RyY1VSVk16TWlMQ0pwWVhRaU9qRTFOek15TlRRNU5URXNJbVY0Y0NJNk1UVTNNekkxT0RVMU1Td2labWx5WldKaGMyVWlPbnNpYVdSbGJuUnBkR2xsY3lJNmUzMHNJbk5wWjI1ZmFXNWZjSEp2ZG1sa1pYSWlPaUpoYm05dWVXMXZkWE1pZlgwLmZuUTRUbXZsOHk2b0FOV3hGb3ZPb05fWFlXOVFObnFobWVzSm1oS2tMbXVpcFlVUHV5UVE0a1dIaTFJVDZZRzVObkJkUFNxR0gwWXVxVVI2WWVhelFMTVBFdl9ROEkzSFVXdHlNN1hLMG1la2t5aTRCd3owT1pnTXpvQ0t1LVBzYnNBV1Zzay1DSUo4TmlOM0w0aEZBRlMzZ2ltaHI2dklTaVFQbE5fd0c2MkN3WkFxM2trOVdtQklka19OaUktdHRNd2p3Ml9QSWQ5TEV1TU1ORlJfZGZXbmh3Ym8xajZLS1F5UXhVRWdMYUNmZkN0REdWRnlRQjhha1dlWjFpTE4yQmN4OFAzVmFiQnhwRkNPX0NoNzB2VHk4ZTlrMGZFaXdYa25FejJYWWpwUDkydTVfYWxrR181QTl4U3FMUVcxMVpkVXFlX203d185cFdDa3RvcVl5ZyJ9fX0.&seg1=2&ts1=1&d1=eyJ0IjoiZCIsImQiOnsiciI6MywiYSI6InEiLCJiIjp7InAiOiIvVExPL3NoYXJlcy9ub2RlL19ob21lcGFnZSIsImgiOiIifX19
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
9702f74f729fa3253d7097e13f4d05abbc1256ff8924355d98df0ef82155df83
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 23:15:52 GMT
Server
nginx
Connection
keep-alive
Content-Length
522
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
.lp
s-usc1c-nss-212.firebaseio.com/ Frame 47BA 		154 B
396 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-212.firebaseio.com/.lp?id=483686&pw=xjO1KVfjFD&ser=39760883&ns=rk-gea-prod
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
7ad839fb8c148e380ae713bcb1a753c5cc1b3dd85a07c89aae78f705906887db
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 23:15:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
154
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
.lp
s-usc1c-nss-212.firebaseio.com/ Frame 47BA 		58 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-212.firebaseio.com/.lp?id=483686&pw=xjO1KVfjFD&ser=39760884&ns=rk-gea-prod&seg0=3&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6NCwiYSI6Im4iLCJiIjp7InAiOiIvVExPL3NoYXJlcy9ub2RlL19ob21lcGFnZSJ9fX0.
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
45a62612e268b34b017b6de9f97b3fde93af5c5d894cfac868ffe3dcbaef99b5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 23:15:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
58
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame BB7A 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstp6YE1X--JTlGtBM6KeVJmVCoyR_ZQ28Gl9AFvOj5BeHX-NPnTh-pTFnHs4JQ2QrJv0uVqwsUeGAhYBQlMQ7VGt0waqh7SkWZqK_2k2fE&sig=Cg0ArKJSzJNsPLnPqacvEAE&adk=1171346050&tt=-1&bs=1585%2C1200&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&p=72,290,162,1018&cm=1&mcvt=1032&rs=3&ht=0&tfs=25&tls=1057&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1573254951175&dlt&rpt=968&isd=0&msd=0&ext&imams=1&xdi=0&ps=1585%2C2314&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-7-11-2-10-10-0-0-0&tvt=1056&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.thelayoff.com%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
.lp
s-usc1c-nss-212.firebaseio.com/ Frame 47BA 		70 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-usc1c-nss-212.firebaseio.com/.lp?id=483686&pw=xjO1KVfjFD&ser=39760885&ns=rk-gea-prod&seg0=4&ts0=1&d0=eyJ0IjoiYyIsImQiOnsidCI6Im4iLCJkIjp7fX19
Requested by
Host: www.thelayoff.com
URL: https://www.thelayoff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2600:1901:0:94b6:: , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
a65618ea6ceb126274d4a9b8defe4d8fa1da7fef8ade8e43c411c3cd381cb7f6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date
Fri, 08 Nov 2019 23:15:53 GMT
Server
nginx
Connection
keep-alive
Content-Length
70
Strict-Transport-Security
max-age=31556926; includeSubDomains; preload
Content-Type
application/javascript; charset=utf-8
/
track.adform.net/serving/unload/ Frame BB7A 		35 B
416 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=546768211129381623@@33874401,7828196703662321533,100|1200|0|0|0|0|0|0|0||41|0|1538|8016F9864D0DB78F_1|||1|0|0|zESWX586YCkYkXwmDcHjleVPP2E-qxUqyX-zSf24uSmo-_QmbimFTxy9V8AlH_jTxwT7y02gn_81|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:53 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.thelayoff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame BB7A 		35 B
416 B 		Other
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=546768211129381623@@33874401,7828196703662321533,100|4499|0|0|0|0|0|0|0||155|0|1538|8016F9864D0DB78F_1|||1|0|0|zESWX586YCkYkXwmDcHjleVPP2E-qxUqyX-zSf24uSmo-_QmbimFTxy9V8AlH_jTxwT7y02gn_81|||01|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.thelayoff.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Nov 2019 23:15:56 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.thelayoff.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| onformdata object| onpointerrawupdate object| apstag number| adsStart function| detectWidth function| detectPage number| TIMEOUT object| googletag object| pbjs object| adUnits object| a9Slots boolean| a9BidsBack string| device string| pageType function| initAdServer function| doDisplay string| dfpNetwork object| sizeMapping number| len string| sid object| dataLayer function| pbjsChunk object| dfpAdunitsToRefresh object| __core-js_shared__ object| gcseDiv object| google_tag_manager boolean| apstagLOADED string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| _typeof function| $ function| jQuery number| __styled-components-init__ object| core function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| embedPostForm object| sharePermalink object| sharePostForm object| reportPostForm object| __gcse object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| google object| closure_lm_133078 function| _googCsa number| nextSearchboxId number| googleNDT_ number| _googCsaAlwaysHttps number| googleAltLoader number| google_srt undefined| google_measure_js_timing boolean| google_noFetch number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| google_image_requests object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| Adform function| pLPCommand1 function| pRTLPCB1

34 Cookies

Domain/Path Name / Value
.adform.net/ Name: TPC
Value: 1573254951718
.adform.net/ Name: adtrc
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1051
Value: 22884-18072662402202372477
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-XcX3JwAAAIv_XFdY&KRTB&22922-XcX3JwAAAIv_XFdY&KRTB&22978-XcX3JwAAAIv_XFdY
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-9ce0a0ae-a54f-43fa-90eb-27ab81b65286&KRTB&16532-9ce0a0ae-a54f-43fa-90eb-27ab81b65286
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABzFk67i-4AABQuZHrZRw&KRTB&22744-AABzFk67i-4AABQuZHrZRw&KRTB&22745-AABzFk67i-4AABQuZHrZRw
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2642824835685195317&KRTB&23049-2642824835685195317&KRTB&23150-2642824835685195317
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-546768211129381623
.pubmatic.com/ Name: chk
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 22918-82fb198b-13fc-4a37-a31e-6e4785367a9b&KRTB&23031-82fb198b-13fc-4a37-a31e-6e4785367a9b
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&22987-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&22995-CAESECorueAYcrZx1R4aV2YHMkM&KRTB&23025-CAESECorueAYcrZx1R4aV2YHMkM
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-b4f23126-027d-11ea-8196-77c1752dcf8c
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:c1705dc5-f630-4b00-831d-bb6fcdc2dc38&KRTB&16736-uid:c1705dc5-f630-4b00-831d-bb6fcdc2dc38
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6757078562819405968
.pubmatic.com/ Name: PugT
Value: 1573254951
.pubmatic.com/ Name: DPSync3
Value: 1574380800%3A201_197%7C1573257600%3A174
.yahoo.com/ Name: B
Value: calp1f1esbtp7&b=3&s=3k
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3C38C6B5-906C-47BB-8245-3372E37EFF54
.districtm.io/ Name: __cfduid
Value: d3501a19a59611a6a752b43b6500b85621573254951
.amazon-adsystem.com/ Name: ad-id
Value: A1HRC7skQ0Apj7F6bdxW4kc
.pubmatic.com/ Name: SyncRTB3
Value: 1574035200%3A63%7C1573776000%3A2_15%7C1575763200%3A203%7C1574380800%3A56_21_161_3_166_71_189_54_81_176_7_8_22_55_204_104
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.ads.pubmatic.com/ Name: KCCH
Value: YES
.thelayoff.com/ Name: _fbp
Value: fb.1.1573254950938.1626876864
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent&KRTB&22716-no-consent
.adform.net/ Name: uid
Value: 546768211129381623
.pubmatic.com/ Name: SPugT
Value: 1573254951
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5951945986597681644
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: pi
Value: 156657:2
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_b460bc07-6042-449b-8514-fa58e5ad7660
.pubmatic.com/ Name: PUBMDCID
Value: 3
.thelayoff.com/ Name: __gads
Value: ID=ca5221133d4597d9:T=1573254950:S=ALNI_MaCQQSrTP7uo5rZNErmRCx2haU7EQ
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-d_ys-iSv_fhvr_ercP3i-ySoq61vr_75cfp5ep7T&KRTB&22979-d_ys-iSv_fhvr_ercP3i-ySoq61vr_75cfp5ep7T

11 Console Messages

Source Level URL
Text
console-api info URL: https://www.thelayoff.com/assets/TLO/app/js/app-ef86c89ae4.js(Line 4)
Message:
%cDownload the React DevTools for a better development experience: https://fb.me/react-devtools font-weight:bold
console-api warning URL: https://www.thelayoff.com/assets/TLO/app/js/app-ef86c89ae4.js(Line 4)
Message:
Warning: The "extend" API will be removed in the upcoming v4.0 release. Use styled(StyledComponent) instead. You can find more information here: https://github.com/styled-components/styled-components/issues/1546
console-api log URL: https://www.thelayoff.com/assets/TLO/app/js/app-ef86c89ae4.js(Line 4)
Message:
Clipboard.isSupported() true
console-api log URL: https://www.thelayoff.com/assets/TLO/app/js/app-ef86c89ae4.js(Line 4)
Message:
Clipboard.isSupported() true
console-api log URL: https://www.thelayoff.com/assets/TLO/app/js/app-ef86c89ae4.js(Line 4)
Message:
Clipboard.isSupported() true
console-api log URL: https://www.thelayoff.com/(Line 318)
Message:
BDS back 262 [object Object],[object Object],[object Object],[object Object],[object Object]
console-api info URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js(Line 508)
Message:
Powered by AMP ⚡ HTML – Version 1910251950120 https://www.thelayoff.com/
console-api log URL: https://www.adform.com/banners/Html/Elements/Files/2050835/7162780/assets/adform_pixel.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: https://www.thelayoff.com/prebid.js(Line 4)
Message:
Adunit is now viewable div-gpt-ad-TLO_above-fold
console-api log URL: https://www.thelayoff.com/prebid.js(Line 4)
Message:
Adunit is now viewable div-gpt-ad-TLO_sticky
console-api log URL: https://www.thelayoff.com/prebid.js(Line 4)
Message:
Adunit is now viewable div-gpt-ad-TLO_top

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3226.casalemedia.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
adserver-eu.adtech.advertising.com
adserverams.adtech.de
adservice.google.com
adservice.google.de
aka-cdn.adtech.de
aktrack.pubmatic.com
ap.lijit.com
as-sec.casalemedia.com
c.amazon-adsystem.com
c.t4ft.de
cdn.ampproject.org
cdn.districtm.io
clients1.google.com
connect.facebook.net
cse.google.com
d2yxxa3y12yhno.cloudfront.net
dmx.districtm.io
dsp.active-agent.com
dsp.adfarm1.adition.com
dspcluster.adfarm1.adition.com
dw7nrwnn2bkh1.cloudfront.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
pagead2.googlesyndication.com
rk-gea-prod.firebaseio.com
s-usc1c-nss-212.firebaseio.com
s1.adform.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
t4ft.de
thelayoff.com
tpc.googlesyndication.com
track.adform.net
www.adform.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.googletagmanager.com
www.googletagservices.com
www.thelayoff.com
104.109.78.125
104.16.68.69
104.20.45.164
13.225.86.250
151.101.113.108
152.199.22.12
152.199.22.2
152.199.22.24
172.217.16.130
172.217.21.230
185.33.223.80
185.64.189.110
185.64.189.112
185.80.38.195
2.18.233.180
2.18.234.21
216.52.2.48
2600:1901:0:94b6::
2600:9000:20eb:b800:6:266a:9940:21
2600:9000:2156:da00:f:e7d4:f900:21
2606:4700:10::6814:843b
2a00:1450:4001:800::2001
2a00:1450:4001:800::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:815::200e
2a00:1450:4001:816::2002
2a00:1450:4001:819::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:81e::200a
2a00:1450:4001:821::2003
2a00:1450:4001:821::200e
2a00:1450:4001:824::200e
2a01:4f8:120:53ef::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.236.211.40
37.157.4.24
37.157.5.72
52.94.220.16
69.173.144.142
85.10.200.83
85.114.159.66
85.114.159.67
85.114.159.93
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
071e19e6d6a9a326a94db31f11288d7745f6cd899e38e63686a52fca4d0677d6
0b2789f278107614867e3910835ec03094f95c1704d91baa2d64697411fd61b0
0ec7c1eac6e0f82237b25ed509bf0e48b3cd7f9d989e8e8cac94e8b39edcca46
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12fb8a53f5cb35f3e7db070e39adca8c159853b6276a25aca8bf81882121a384
13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43
14ab4b5ec62c192ebeefbf12502ff9570eff1ad636f236df06cab090803f29fb
164db90c8f7a0e67edcfdc82b371cc72227b82f5c6f060cab97768bb0485c045
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a540f6076c4f976eb9c9192ed544e8985b2d6069439823bcbc65ff51bb9f213
1b3751a51d5e066f1ae8b80363a6859c997168f4493656d6ecbff3166e8e0233
1b957f9dae3447f060741a85a4dac51025280e56a67fbe369da265f0a76cca96
1d578dc3367ffc480f6c230a912f72e3906d4438b5daaf1c319fd3b7a006cd3d
20de509ebd7adb9f968f897b985800c3989e7d46741ccbc4771957d35d6f94e0
24af76725a32febb7ba698e7c6c3f1db7eae95380fc500d1d534272364b5100a
25226e6e3ba0503974bdf2075bc6e44ff223c59520aae1f1722759050d988232
2765ae8da778c27f70fceb98ffaf50fae1708c317684acc08aac012108c5fd5b
276d57cce436c92c9039575d6b75328a9b147c459c68e456beed940c5dd07d8a
2f2486edc79d23ab2aea40e04af0ca4d39533b736fc195300d9d65f43ecf51e2
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3c89aab95c5aaaa2396cfbb1c1640841884a106067ff593c21b4d7d6d258044a
3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd
3f7987d0367cacefd096628023a51c3630a605542c2843836db75d605ba20f0c
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
45a62612e268b34b017b6de9f97b3fde93af5c5d894cfac868ffe3dcbaef99b5
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56e99b915efac04ab83e31935609a5a1d04001f2d09c64791e24c077a7e73ab1
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
63fd73b4220c0b3a833f46e2038069e23534235241d437c5c9d4e09739aff43f
66557b1fd9e362afdfa527946d2f7702a2edd34c87797cfd6dfe2d9916d2af6b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6a4017b9401c52650ff59cdb9f6e80a8496b4410cf10e8177c8c2433df14f9
7a8d01999fc91d793021fcfc407a572d65868b944a430c944d71322f6c598b24
7ad839fb8c148e380ae713bcb1a753c5cc1b3dd85a07c89aae78f705906887db
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
818b10f3c71fdbb081253e3448c741c909ae2a3528d208a706afe0f9cfce9355
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
856d9bc511057438a24e5c6c056f2ef394ccdc57fc0a221d9bf2986be286debe
866c1cf254c11afbcb1689842e0eb3ed4973f7edada9f814d5e6b72cd54b9b56
87ed2f2b7e6cca24345f5b11714e96b5695527dcbb27b401e938a059ae049b12
89db741bbe693e04001902f6651d3f47bcfd0b216bc35cd1896e33086f7c4ad7
8c5519ff6e93dfefc21c8b9c586ceef2060b2161e6be946d5b704341456ef053
9702f74f729fa3253d7097e13f4d05abbc1256ff8924355d98df0ef82155df83
977564dbb279f23ecc8621722b2a65066d85958cf508c30bfb18a4ec9342f046
981be39924f4c8320f4daa8b8cdd7468455e46a30bd0cfef24ba5c74c2a6b12d
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
9d7da3c3a28d081755ffbac485ae97be19834093c765760697f447c3384f202e
a3fad14539b7df6cda9ebf70fc0f13b790519d7f4204f1a93fb4b310396cf7bd
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a65618ea6ceb126274d4a9b8defe4d8fa1da7fef8ade8e43c411c3cd381cb7f6
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
aa5e522bb40646a3577b5195f07e87ac5c6eff8521e29cd5173324eea5d29155
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
add2c859e87d32e017a49999e4fdd13fc5e12b8567f4e705b7153735c28da697
b309669c41ca2fdd08e2a933c092dfc5c05de08aa443b8297ab5d44b72e8e594
b3e7e06d88adc66b1e1b8ea4f09e7745fc9ecae778f0a7bacf8460102e4c7996
b65d866a0dfd8d7a8c9ccea786307322f2972ed58d1cd6348f1956e66eddced5
b9b3bafd0b42167e324c64a926c419a933f2a53af0cbd000fc3e490648cdc395
bb2a80dc3e72230cd009ad952ebac959905d921e509aebe911704557d0311da3
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1
c6d248d1bca62a13f7a5a6363736e10b4858dd4cc539aaf0018b40b036ac5757
c8add56447c38941b7aa4b97d9481f1e68bd72b6565ba48276cc56169bd34196
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc0069dab5b1c410fc8bb1a109f8ceb4792e4780bbe7ea9e969662a7d6e49915
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d3cd091705544e4df29bbee72ca66f1233f6fa01447742156675c21ba59e6e15
d65decba94fc640ec41d79a16daa61281bbdfa8311ff95c0395435b8507f16ac
d71d5a2d951cf57192ea6667506e0f8fafa1abc8f0a6d7a9666989f60083a439
d7bfa7b3cbb54b639cd038a8779a47e7dedf4937d36f8b35797ccc6194a766fd
d94dd9f1c15cb40a01fe3f987c6499414a7ef7e06e505aa1e25b067cfddd3acf
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de02fac84d530afd17d8e1a9da2a12e28ab82419a6ee226edab11be93b59e836
e0fbb43b659ec70bb47c00dbe82546a8ca1586d34ed6eaa9717ee5337c1785a6
e21da87120c823e7856f1e2af9d73746e19590b71407869dccb2d203115d451c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e489838524616dacd00ae3a6e811f6906e561e93c314dc4d7d0d1c9145480ccf
eb44a5e28b65adaa17b5db1f931e4681ae8103a5f194b8c0704ecc5611a83bb3
eccc6b2085060a99d4aa885a2621db68750a2e2bc045e90e5409cb5f168b44e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
f50798458e958d44022e68ed50eaf58ee47256a163f3022681fe1c899139d612
fa688be227144e44f5480026666142175a319eccca2648931a0280af7c458afc
fc2c078ff7dbfc4334dc543b2fb93107671a69ebdeee982e1f8b866e252ea322
fd1cfb37ac3249212f6195de1f30b804f2a32f611adebab6be0fb27dfa2a7c2b
fe14472cff27aeb554162f64c3ff496477a0458cfb723566df3a4b0958049d60
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff299be4e662770c307b3510671a652142a04a10694288a394dc47f78514aaad
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305