uslayer.com Open in urlscan Pro
2606:4700:3033::6815:3872 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uslayer.com/
Effective URL:
https://uslayer.com/
Submission: On June 16 via manual (June 16th 2023, 9:25:06 am UTC) from LK — Scanned from DE

Summary HTTP 26 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3033::6815:3872, located in United States and belongs to CLOUDFLARENET, US. The main domain is uslayer.com.
TLS certificate: Issued by GTS CA 1P5 on May 28th 2023. Valid for: 3 months.

This is the only time uslayer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::ac43:b8e0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:303... 2606:4700:3033::6815:3872	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f08... 2a03:2880:f084:a:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
26	11

1 2606:4700:3036::ac43:b8e0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

uslayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3033::6815:3872 (United States)

ASN13335 (CLOUDFLARENET, US)

uslayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:a:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

socialplugin.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	uslayer.com 1 redirects uslayer.com	646 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1007 w.clarity.ms — Cisco Umbrella Rank: 8719 c.clarity.ms — Cisco Umbrella Rank: 1573	27 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176 socialplugin.facebook.net — Cisco Umbrella Rank: 12322	91 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	132 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 246	739 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1832	251 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	82 KB
0	github.io Failed uslayer.github.io Failed
26	9

	Domain	Requested by
12	uslayer.com	1 redirects uslayer.com
3	www.facebook.com	connect.facebook.net
2	c.clarity.ms	1 redirects
2	w.clarity.ms	www.clarity.ms
2	www.clarity.ms	uslayer.com www.clarity.ms
2	cdn.jsdelivr.net	uslayer.com cdn.jsdelivr.net
1	c.bing.com	1 redirects
1	socialplugin.facebook.net	connect.facebook.net
1	region1.google-analytics.com	www.googletagmanager.com
1	connect.facebook.net	uslayer.com
1	www.googletagmanager.com	uslayer.com
0	uslayer.github.io Failed	uslayer.com
26	12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
g.page
hosting.uslayer.com

Subject Issuer	Validity	Valid
uslayer.com GTS CA 1P5	`2023-05-28` - `2023-08-26`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-25` - `2023-06-23`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.socialplugin.facebook.net DigiCert SHA2 High Assurance Server CA	`2023-03-25` - `2023-06-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://uslayer.com/
Frame ID: CC775306C9B4237E8550895AF96945D4
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Innovative IT Solutions | US LAYERFacebookTwitterUS LAYER

Page URL History Show full URLs

http://uslayer.com/ HTTP 301
https://uslayer.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

26
Requests

92 %
HTTPS

83 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

979 kB
Transfer

2425 kB
Size

12
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/uslayer
Title: Facebook Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/us_layer
Title: Twitter Twitter

Search URL Search Domain Scan URL

URL: https://g.page/uslayer/review
Title: Review us on Google

Search URL Search Domain Scan URL

URL: https://www.facebook.com/uslayer/reviews/
Title: Recomend us on Facebook

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/
Title: Get started

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/google-apps
Title: Google Workspace

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/web-hosting/datacenter-network
Title: Datacenter Details

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/web-hosting/data-protection-recovery
Title: Backup and Recovery

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/optimized-wordpress-hosting
Title: WordPress Hosting

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/cloudhosting
Title: Cloud Hosting

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/web-hosting/linux-hosting
Title: Linux Hosting

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/website-design
Title: Website Builder

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/domain-registration/
Title: Register Domain Name

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/domain-registration/domain-registration-price
Title: View Domain Pricing

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/domain-registration/domain-whois-lookup
Title: Whois Lookup

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/domain-registration/free-with-domain-registration
Title: Free with Every Domain

Search URL Search Domain Scan URL

URL: https://hosting.uslayer.com/domain-registration/domain-name-suggestion-tool
Title: Name Suggestion Tool

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uslayer.com/ HTTP 301
https://uslayer.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=45A8E8B180D5402E873F583EE414872A&RedC=c.clarity.ms&MXFR=16C5B572DE226F7A3FBFA640DA22619F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=45A8E8B180D5402E873F583EE414872A&MUID=19D47006F0D06B433E2D6334F15B6A80

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
uslayer.com/
Redirect Chain

http://uslayer.com/
https://uslayer.com/

16 KB
6 KB

141ms
117ms

Document
text/html

2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uslayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28cb603665bad68b9d4b8b0a9f0453d5b4475b6af47e8429d095831ec5c88e7b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 0
alt-svc: h3=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 7d8200becd903a6d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 16 Jun 2023 09:24:59 GMT
expires: Fri, 16 Jun 2023 08:13:24 GMT
last-modified: Sun, 21 May 2023 05:55:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKpGEWGb8ZTNWJJcqtnuOAMK1vmDeFlYYmSbHdAxO3zSTwXdejzRBrMMFvzNHNC1QpTxltW7SdqFD6Cyu6aHuZlrZ2psBq5DnNUbZSrl9onqXlYoZc2LaL5DAYy9hggyaJ0UZrQVik3EsA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-fastly-request-id: d14b497cda1dcab446e988bf0494e672255ba7c9
x-github-request-id: 7976:C3D6:630297:664FC3:648C174B
x-origin-cache: HIT
x-proxy-cache: MISS
x-served-by: cache-fra-eddf8230045-FRA
x-timer: S1686907499.341216,VS0,VE86

Redirect headers

CF-RAY: 7d8200be5b189bbe-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 16 Jun 2023 09:24:59 GMT
Expires: Fri, 16 Jun 2023 10:24:59 GMT
Location: https://uslayer.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQWS5sd6en6MpSdKyNJKeXckay%2FIopSjuOeNRnM82OEENUHP3rcFaZS5vsz%2BQJv0k8FPf4A1rrElJIXMdmfilYP7CBTDMhm6cb6E%2FLl4nrhZBOvWnObDM40HArGRmvD81lY%2BSM7jVktoGw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
uslayer.com/assets/css/ 216 KB
32 KB 1017ms
1016ms Stylesheet
text/css 2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uslayer.com/assets/css/bootstrap.min.css
Requested by: Host: uslayer.com
URL: https://uslayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id: 0d3e9d2f0e87c02ea6c2baf09d0f1d3bb52419da
date: Fri, 16 Jun 2023 09:25:00 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 16 Jun 2023 08:56:33 GMT
x-cache: MISS
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-jnb7027-JNB
last-modified: Sun, 21 May 2023 05:55:34 GMT
server: cloudflare
x-github-request-id: EFDE:3C45:35FC3:4B93A:648C2169
x-timer: S1686905193.165661,VS0,VE256
etag: W/"6469b256-35e6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4Gvy89RLlfPKb58v07sYcVqTbDJE1mazgiYWnAajJ31pCHWMj1lXPiYJHP74Z4pHab%2BJQikiDzd9aujkTTPbL1APsNX%2Fajy9Eo4e4QjLheEhtBqJsD%2Bmpjjs5wedxMSrmnZPLhtEEYElg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 7d8200bf8e893a6d-FRA
x-cache-hits: 0

GET
H2 200 btrap.css
uslayer.com/assets/css/ 35 KB
7 KB 485ms
484ms Stylesheet
text/css 2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uslayer.com/assets/css/btrap.css
Requested by: Host: uslayer.com
URL: https://uslayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee2c5c2332aca5b888726ab997174a91dbe302733a46d07ca0736e4f13d16bec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id: 83dc4a94fae4e68ee7a092ecf25b98ddd3f20321
date: Fri, 16 Jun 2023 09:24:59 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 16 Jun 2023 09:34:59 GMT
x-cache: MISS
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-jnb7021-JNB
last-modified: Sun, 21 May 2023 05:55:34 GMT
server: cloudflare
x-github-request-id: D3BE:61D6:40D16:573CB:648C2A6A
x-timer: S1686907500.550829,VS0,VE258
etag: W/"6469b256-8dda"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aFbY6%2BWAlOZrsB86mOFA2HlHqbONpIchnkGLAawiYVDv7Qy4d%2F4qj141N228%2Fj3HYhWdbtVBZaomhEQKH%2Fk27mJOQUaoBE1Q0r%2F0bu0VWBBoaHVFRGvJYBNcMEzagyT8rMZpGpOUodJ0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 7d8200bf8e8b3a6d-FRA
x-cache-hits: 0

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/ 93 KB
13 KB 63ms
16ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css

Requested by

Host: uslayer.com
URL: https://uslayer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Jun 2023 09:24:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 7533434
x-jsd-version: 1.10.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12937
x-served-by: cache-fra-eddf8230031-FRA, cache-ams21021-AMS
x-jsd-version-type: version
etag: W/"17579-AwBvMnkuAzSX6cpoNztsM4YwWTM"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 custom.css
uslayer.com/assets/css/ 618 B
781 B 469ms
469ms Stylesheet
text/css 2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uslayer.com/assets/css/custom.css
Requested by: Host: uslayer.com
URL: https://uslayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49da2b7e3f370833a36c7078dca847aa7a0d34011dae5e8eaee7f12a7dcc2b0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id: 80502623a77612f57e1900e1727dfb29f38c38c2
date: Fri, 16 Jun 2023 09:24:59 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
cf-polished: origSize=935
x-cache: MISS
x-cache-hits: 0
alt-svc: h3=":443"; ma=86400
x-served-by: cache-jnb7022-JNB
cf-bgj: minify
last-modified: Sun, 21 May 2023 05:55:34 GMT
x-github-request-id: 233E:62E8:3C235:51C07:648C2169
x-timer: S1686905193.170050,VS0,VE250
server: cloudflare
etag: W/"6469b256-3a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXCWxBn4ANz%2Bb3nVXfZRNi49x6bhMaDkfa0kR7XoVJz6V8YhU9PTlLM6qIkN27zFQiQKVMji0lpPZjwfGVo%2Bq6pfB86B2BtKix3d0oLi92bXO6kY%2BoAWos%2BmCMa911xkWv1SCntMGZNoew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-origin-cache: HIT
cf-ray: 7d8200bf8e8c3a6d-FRA
expires: Fri, 16 Jun 2023 08:56:33 GMT

GET
H2 200 uslayer-logo.svg
uslayer.com/assets/images/ 2 KB
1 KB 466ms
466ms Image
image/svg+xml 2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uslayer.com/assets/images/uslayer-logo.svg
Requested by: Host: uslayer.com
URL: https://uslayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e380e9edf18c6fd44888c36753a82e0682ff7a6fb480c458f37572ded44c04f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id: a0a8691d47146b2cb4649cc93d45039cb3590472
date: Fri, 16 Jun 2023 09:24:59 GMT
via: 1.1 varnish
content-encoding: br
expires: Fri, 16 Jun 2023 08:56:34 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-jnb7022-JNB
last-modified: Sun, 21 May 2023 05:55:34 GMT
server: cloudflare
x-github-request-id: E9B0:6EA1:35DD4:4BC0D:648C216A
x-timer: S1686905194.107269,VS0,VE254
etag: W/"6469b256-7f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwY5DDWzk%2BerFsvCmYiLK3%2F2Ttz%2B%2BbZS6jgdNsWppH54ZgF6hkUg%2FoZAErYJdDYAMtb1CRe6zawvOy1PBpv0wf9jhVcUHGzu9xwLKfWmLOfAbGIIlZefuKr3i6psetkJzj35xdLI80%2FWcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
x-origin-cache: HIT
cf-ray: 7d8200bf8e8d3a6d-FRA
x-cache-hits: 0

GET
H2 200 header.svg
uslayer.com/assets/images/ 32 KB
12 KB 481ms
480ms Image
image/svg+xml 2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uslayer.com/assets/images/header.svg
Requested by: Host: uslayer.com
URL: https://uslayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480f6bd21cd0ba0aa53316f670d97d8fc3a3448c409ab45f2abac08eb878fe71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id: 310cfdf3a7db969f8a12e3053d62a5b9a57cc272
date: Fri, 16 Jun 2023 09:24:59 GMT
via: 1.1 varnish
content-encoding: br
expires: Fri, 16 Jun 2023 09:34:59 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-jnb7025-JNB
last-modified: Sun, 21 May 2023 05:55:34 GMT
server: cloudflare
x-github-request-id: DD6C:7BFE:37E0D:4E44F:648C2A6B
x-timer: S1686907500.559255,VS0,VE256
etag: W/"6469b256-8054"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1DkeFJ68EbbL8dtmNCJRIJyFpbncu4a0zbL9fzr0zRuP9ptp7tlLZfSNK7UeBRg850r%2BXvoVLNCYK9Ni77pVji3lEOj6jBgeNWYxSOwUDKSTEKtetvu5dGKMESBIgWCfR3c%2FrnGtrUdrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
x-origin-cache: HIT
cf-ray: 7d8200bf8e8e3a6d-FRA
x-cache-hits: 0

GET
H2 200 home-and-bussiness-security.svg
uslayer.com/assets/images/ 875 KB
230 KB 1059ms
1059ms Image
image/svg+xml 2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uslayer.com/assets/images/home-and-bussiness-security.svg
Requested by: Host: uslayer.com
URL: https://uslayer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2018d0db7cb67a468b3de38d2ab2fd1b0427b00a836c6f8c4651f81ef2925496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id: 2d73656b4cd674dd1166d71e9da53a271cdadc05
date: Fri, 16 Jun 2023 09:25:00 GMT
via: 1.1 varnish
content-encoding: br
expires: Fri, 16 Jun 2023 09:34:59 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-jnb7022-JNB
last-modified: Sun, 21 May 2023 05:55:34 GMT
server: cloudflare
x-github-request-id: A66C:61D6:3D00F:529A2:648C216A
x-timer: S1686905194.098007,VS0,VE272
etag: W/"6469b256-dad93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oL1NKaeKal348BdJw5vFGhRSsAUoqAoWXoUAzsvn40BB31nhYDDwhbOwOeHz1YH0xycyj81K6%2BAojPH%2BG%2Bd70fzXouzFmDvBvn7zr8j0a4Z24RvN9hzJl3f%2FswpgRa%2BG0q%2FhTEcrBC4AKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
x-origin-cache: HIT
cf-ray: 7d8200bf8e8f3a6d-FRA
x-cache-hits: 0

GET
H2 200 rocket-loader.min.js Show response
uslayer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uslayer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: uslayer.com
URL: https://uslayer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 09:24:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Jun 2023 14:46:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64833b49-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaaHB%2FlD34%2FFQ9A8QnYtoHfdXhVAR9jGipuqaje4FZ%2FKRfw7rlNZQUK58YMqPhA0YsKGQ85rTibssUoZzMc%2BRRnTXSukQclIKN1xGUwbs1A9MolycD9jUqY50ZR4DqhD9gmpdiNVRUTHLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7d8200bf8e903a6d-FRA
expires: Sun, 18 Jun 2023 09:24:59 GMT

GET
H3 200 test.min.js Show response
uslayer.com/assets/js/ 19 KB
7 KB 463ms
462ms Script
application/javascript 2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uslayer.com/assets/js/test.min.js
Requested by: Host: uslayer.com
URL: https://uslayer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ebc274c31d9143889e7cccd4a6da714d665fb3cad9c527b27ba638186ae616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id: 34d1d1e0d20a47ea79669208f9e1a9aed891e8e9
date: Fri, 16 Jun 2023 09:25:00 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 16 Jun 2023 08:56:34 GMT
x-cache: MISS
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-jnb7025-JNB
last-modified: Sun, 21 May 2023 05:55:34 GMT
server: cloudflare
x-github-request-id: EFE0:225D:3BBCD:515F7:648C216A
x-timer: S1686905194.060056,VS0,VE253
etag: W/"6469b256-4d04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlA6sSsnGWywW%2B1CV3Su59GHk63NHrcoG8874eNARUArue6v%2Bommklwo%2B8JwWcaSTYXlWMUBZwmjox3xp6CkOau5VnsEy3JRlngJKZjND9j%2BOG8k94LBsYxliCkmUjKu1hUVgFNruScjKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 7d8200c5fa6837d2-FRA
x-cache-hits: 0

GET
H3 200 bootstrap.bundle.min.js Show response
uslayer.com/assets/js/ 79 KB
24 KB 496ms
496ms Script
application/javascript 2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uslayer.com/assets/js/bootstrap.bundle.min.js
Requested by: Host: uslayer.com
URL: https://uslayer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id: 766f4f8022d7c82ed855164bc243e9cf17ec1173
date: Fri, 16 Jun 2023 09:25:00 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
expires: Fri, 16 Jun 2023 08:56:34 GMT
x-cache: MISS
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-jnb7022-JNB
last-modified: Sun, 21 May 2023 05:55:34 GMT
server: cloudflare
x-github-request-id: 233E:62E8:3C237:51C0A:648C2169
x-timer: S1686905194.882649,VS0,VE258
etag: W/"6469b256-13ad7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOw65IkRWp5t%2FGbxzRhIf9simhGnGi2eemKpNShPBFAAxLAyn%2FwlelyhuADYh%2Bz3i2SwQ1oaCgB45ek6JURwgG%2B8p%2BcGgYCwOjsNl5S9fXXOVU816apn%2BA56t%2BDE%2BcoJDx1JWZGA%2B5wIPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
cf-ray: 7d8200c60a6a37d2-FRA
x-cache-hits: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
82 KB 44ms
22ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SX2M6Q5WKD

Requested by

Host: uslayer.com
URL: https://uslayer.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa3f7d2b1222d005df6236ae4e77ddc10cb8d758defb23798ffe25a6c8de8d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 09:25:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Jun 2023 09:25:00 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/fonts/ 118 KB
119 KB 30ms
13ms Font
font/woff2 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css
Origin: https://uslayer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Jun 2023 09:25:00 GMT
x-content-type-options: nosniff
age: 7454384
x-jsd-version: 1.10.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121296
x-served-by: cache-fra-eddf8230115-FRA, cache-ams21022-AMS
x-jsd-version-type: version
etag: W/"1d9d0-F9rQd2iZrRvq2r0GHDTioiss3nQ"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET noto.ttf
uslayer.github.io/assets/ 0
0

GET
H3 200 web-hosting-screenshot.jpg
uslayer.com/assets/images/ 320 KB
321 KB 1159ms
1159ms Image
image/jpeg 2606:4700:3033::6815:3872
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uslayer.com/assets/images/web-hosting-screenshot.jpg
Requested by: Host: uslayer.com
URL: https://uslayer.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3872 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1152e829acf914809fe0217aa64d4591ce6ea8b2b93ebf443426f85e6c376fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-fastly-request-id: e49516aad143595e79f915ba4a5161e6c78d4163
date: Fri, 16 Jun 2023 09:25:01 GMT
via: 1.1 varnish
expires: Fri, 16 Jun 2023 09:35:00 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 328092
x-served-by: cache-jnb7021-JNB
last-modified: Sun, 21 May 2023 05:55:34 GMT
server: cloudflare
x-github-request-id: 9EA4:61D6:40D1F:573D3:648C2A6C
x-timer: S1686907501.637271,VS0,VE733
etag: "6469b256-5019c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1BnKNndhN80ZMh0K%2FcLiFDc6igrvi97dUokaN3wHNvVVXIB7yfl%2BFwpaB2vIvkBBuOvoGdBBTRtrl3xi5BdntyuNfjDR9v6F4Qzhzn9C0jxKr2ayWvLWvsBc0WKJFyaWPqB1QeSTXNNpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 7d8200c63aba37d2-FRA
x-cache-hits: 0

GET
H2 200 ejdzgl0xtg Show response
www.clarity.ms/tag/ 647 B
1011 B 149ms
111ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ejdzgl0xtg?ref=bwt
Requested by: Host: uslayer.com
URL: https://uslayer.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 2470c75e94a42b40157e3d44bfb6705deafb1254b183e605f14c8a57b402de64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: -1
date: Fri, 16 Jun 2023 09:25:00 GMT
x-azure-ref: 20230616T092500Z-tykk1fgrgt1f9bhywvmpna5hhw00000002w000000002q5az
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 647
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_US/sdk/ 315 KB
90 KB 27ms
10ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Requested by

Host: uslayer.com
URL: https://uslayer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae9e21d4deee91ced9d64e1953d668025d5a24133a234555903a9d722e9e2328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 09:25:00 GMT
content-md5: guQKtBSLydvGU7PpW/FLyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 91109
x-fb-debug: kMXWM9iB4BZrMq/FmNDL3uuJAc3gQFo5ZLllLErfoV9M0RHup+9YGa5+z6b4COSo6xR8SdqishoEjq1+DaJGHQ==
x-fb-trip-id: 1679558926
x-fb-content-md5: 877856e82a0d39d569fa1fbb3c93f637
cross-origin-opener-policy: same-origin-allow-popups
etag: "4cc621400afbd2ce79606502f0d8f51b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Fri, 16 Jun 2023 09:31:31 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 46ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SX2M6Q5WKD&gtm=45je36e0&_p=1980647001&cid=1719450556.1686907501&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686907500&sct=1&seg=0&dl=https%3A%2F%2Fuslayer.com%2F&dt=Innovative%20IT%20Solutions%20%7C%20US%20LAYER&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SX2M6Q5WKD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 09:25:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://uslayer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
24 KB 19ms
18ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ejdzgl0xtg?ref=bwt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 09:25:00 GMT
content-encoding: br
last-modified: Mon, 12 Jun 2023 16:14:21 GMT
etag: W/"0x8DB6B6014B0AA22"
vary: Accept-Encoding
x-azure-ref: 20230616T092500Z-tykk1fgrgt1f9bhywvmpna5hhw00000002w000000002q5bz
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: fdd9dea1-401e-000a-4df5-9e8a6c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
291 B 342ms
103ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://uslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://uslayer.com
Date: Fri, 16 Jun 2023 09:25:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 / Show response
socialplugin.facebook.net/new_domain_gating/ 40 B
1 KB 161ms
122ms XHR
application/json 2a03:2880:f084:a:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=1316215625090703&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:a:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://uslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 09:25:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: jLGSjA/8GaTd+kl3I78h9ceAgzWQOW9w02M+ckPUxmN2TZY7YquLbFaHclzU5zZJmQxYH5mGTPBsLi8xAu7j/g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://uslayer.com
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=45A8E8B180D5402E873F583EE414872A&RedC=c.clarity.ms&MXFR=16C5B572DE226F7A3FBFA640DA22619F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=45A8E8B180D5402E873F583EE414872A&MUID=19D47006F0D06B433E2D6334F15B6A80

42 B
442 B

30ms
30ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=45A8E8B180D5402E873F583EE414872A&MUID=19D47006F0D06B433E2D6334F15B6A80
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uslayer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Jun 2023 09:25:00 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 16 Jun 2023 09:25:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 219E52D12A8E4799A090F151D06E8A2E Ref B: FRA31EDGE0216 Ref C: 2023-06-16T09:25:01Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=45A8E8B180D5402E873F583EE414872A&MUID=19D47006F0D06B433E2D6334F15B6A80
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
2 KB 338ms
320ms XHR
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1778e090997a%26domain%3Duslayer.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fuslayer.com%252Ff1b5d857f388734%26relation%3Dparent.parent&current_url=https%3A%2F%2Fuslayer.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=8e6a9ba6-526c-48fe-9428-8e808688c28c&page_id=1316215625090703&request_time=1686907501157&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://uslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 09:25:01 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 4T5Mq1sFkFMyW5eOg/kz0OtVXy4jULrwqEurUiutSGEog8guE4zfTX/VldOEwfZ9rOaQQIcGwMco8TAXEmXKmA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://uslayer.com
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.facebook.com/plugins/customer_chat/facade/ 1 KB
919 B 550ms
533ms XHR
application/json 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1778e090997a%26domain%3Duslayer.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fuslayer.com%252Ff1b5d857f388734%26relation%3Dparent.parent&current_url=https%3A%2F%2Fuslayer.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=8e6a9ba6-526c-48fe-9428-8e808688c28c&page_id=1316215625090703&request_time=1686907501157&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4d1c023f59d599e8987a6572987efe4bb9c4057daa02282bbf0060854273a88

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://uslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 16 Jun 2023 09:25:01 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: baaGtO3Kh/vl6ocuflcn6ir+Si6kbffX72Jjukej5KuErWUAnLIP3L1V2jYiFIINTsGnTXopQ2g9CCM25Ld24Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/json; charset=utf-8
x-frame-options: DENY
access-control-allow-origin: https://uslayer.com
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
123 B 121ms
120ms XHR
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1778e090997a%26domain%3Duslayer.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fuslayer.com%252Ff1b5d857f388734%26relation%3Dparent.parent&current_url=https%3A%2F%2Fuslayer.com%2F&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=554&locale=en_US&log_id=8e6a9ba6-526c-48fe-9428-8e808688c28c&page_id=1316215625090703&request_time=1686907501711&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://uslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Fri, 16 Jun 2023 09:25:01 GMT
document-policy: force-load-at-top
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: QMA5B6UcCpmVj0jPYCBkUUwlAnTxr1IZa5TJ74jCNPy+YGb5ql7FxvYBxtPs0dmetshQ9QQgBkCH7FckahT9Iw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://uslayer.com
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
291 B 92ms
92ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://uslayer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://uslayer.com
Date: Fri, 16 Jun 2023 09:25:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uslayer.github.io
URL: https://uslayer.github.io/assets/noto.ttf

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uslayer.com/	1970-01-20 22:11:07	Name: _ga_SX2M6Q5WKD Value: GS1.1.1686907500.1.0.1686907500.0.0.0
.uslayer.com/	1970-01-20 22:11:07	Name: _ga Value: GA1.1.1719450556.1686907501
www.clarity.ms/	1970-01-20 21:20:43	Name: CLID Value: 2c0c9df7e0994412affb0e1b2c0d70e9.20230616.20240615
.uslayer.com/	1970-01-20 21:20:43	Name: _clck Value: 1w5428q\|2\|fci\|0\|1262
.bing.com/	1970-01-20 21:56:43	Name: MUID Value: 19D47006F0D06B433E2D6334F15B6A80
.c.bing.com/	1970-01-20 12:45:12	Name: MR Value: 0
.c.bing.com/	1970-01-20 21:56:43	Name: SRM_B Value: 19D47006F0D06B433E2D6334F15B6A80
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 21:56:43	Name: MUID Value: 19D47006F0D06B433E2D6334F15B6A80
.c.clarity.ms/	1970-01-20 12:45:12	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 12:35:08	Name: ANONCHK Value: 0
.uslayer.com/	1970-01-20 12:36:33	Name: _clsk Value: f32syt\|1686907501271\|1\|1\|w.clarity.ms/collect

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://uslayer.com/ Message: Access to font at 'https://uslayer.github.io/assets/noto.ttf' from origin 'https://uslayer.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://uslayer.github.io/assets/noto.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn.jsdelivr.net
connect.facebook.net
region1.google-analytics.com
socialplugin.facebook.net
uslayer.com
uslayer.github.io
w.clarity.ms
www.clarity.ms
www.facebook.com
www.googletagmanager.com
uslayer.github.io
2001:4860:4802:32::36
23.96.124.156
2606:4700:3033::6815:3872
2606:4700:3036::ac43:b8e0
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:82f::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f084:a:face:b00c:0:2
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::485
68.219.88.97
061f0b1ea79e6e2ca24f4603e55d3e909f7471ba0b279cdb6dea40554106c6a2
2018d0db7cb67a468b3de38d2ab2fd1b0427b00a836c6f8c4651f81ef2925496
2470c75e94a42b40157e3d44bfb6705deafb1254b183e605f14c8a57b402de64
28cb603665bad68b9d4b8b0a9f0453d5b4475b6af47e8429d095831ec5c88e7b
3e380e9edf18c6fd44888c36753a82e0682ff7a6fb480c458f37572ded44c04f
480f6bd21cd0ba0aa53316f670d97d8fc3a3448c409ab45f2abac08eb878fe71
49da2b7e3f370833a36c7078dca847aa7a0d34011dae5e8eaee7f12a7dcc2b0e
932ea15108928991bcf0c0a46415fc652de5ffc0158c35205357b90c65eeb386
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aa3f7d2b1222d005df6236ae4e77ddc10cb8d758defb23798ffe25a6c8de8d4f
ae9e21d4deee91ced9d64e1953d668025d5a24133a234555903a9d722e9e2328
b4ebc274c31d9143889e7cccd4a6da714d665fb3cad9c527b27ba638186ae616
c1152e829acf914809fe0217aa64d4591ce6ea8b2b93ebf443426f85e6c376fb
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d1c023f59d599e8987a6572987efe4bb9c4057daa02282bbf0060854273a88
ee2c5c2332aca5b888726ab997174a91dbe302733a46d07ca0736e4f13d16bec

uslayer.com Open in urlscan Pro 2606:4700:3033::6815:3872 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

92 %HTTPS

83 %IPv6

9 Domains

12 Subdomains

11 IPs

3 Countries

979 kBTransfer

2425 kBSize

12 Cookies

17 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

12 Cookies

2 Console Messages

uslayer.com Open in urlscan Pro
2606:4700:3033::6815:3872 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

92 %
HTTPS

83 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

979 kB
Transfer

2425 kB
Size

12
Cookies

26 HTTP transactions
0 data transactions