urlscan.io logo urlscan.io
SecurityTrails logo

app.tiflux.com Open in urlscan Pro
104.26.7.202  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Submission: On March 13 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 41 HTTP transactions. The main IP is 104.26.7.202, located in and belongs to CLOUDFLARENET, US. The main domain is app.tiflux.com.
TLS certificate: Issued by GTS CA 1P5 on January 30th 2024. Valid for: 3 months.
This is the only time app.tiflux.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 104.26.7.202 13335 (CLOUDFLAR...)
2 172.253.63.97 15169 (GOOGLE)
1 54.94.91.141 16509 (AMAZON-02)
1 99.86.229.44 16509 (AMAZON-02)
2 31.13.66.19 32934 (FACEBOOK)
2 13.107.213.38 8075 (MICROSOFT...)
2 216.239.34.181 15169 (GOOGLE)
1 142.250.31.156 15169 (GOOGLE)
1 142.251.179.94 15169 (GOOGLE)
3 20.96.88.162 8075 (MICROSOFT...)
4 142.251.163.103 15169 (GOOGLE)
5 3.162.93.20 16509 (AMAZON-02)
1 31.13.66.35 32934 (FACEBOOK)
6 172.253.63.94 15169 (GOOGLE)
1 2 20.125.209.212 8075 (MICROSOFT...)
1 1 13.107.21.200 8068 (MICROSOFT...)
1 35.223.116.65 396982 (GOOGLE-CL...)
1 34.68.90.188 396982 (GOOGLE-CL...)
41 17
8    104.26.7.202 (None, )

ASN13335 (CLOUDFLARENET, US)
app.tiflux.com
2    172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
www.googletagmanager.com
1    54.94.91.141 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-91-141.sa-east-1.compute.amazonaws.com
cdn.bitrix24.com.br
1    99.86.229.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-44.iad79.r.cloudfront.net
www.clickcease.com
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
2    13.107.213.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.250.31.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f156.1e100.net
stats.g.doubleclick.net
1    142.251.179.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f94.1e100.net
www.google.ca
3    20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
k.clarity.ms
4    142.251.163.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f103.1e100.net
www.google.com
5    3.162.93.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-93-20.iad61.r.cloudfront.net
d335luupugsy2.cloudfront.net
1    31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com
www.facebook.com
6    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
www.gstatic.com
fonts.gstatic.com
2    20.125.209.212 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com
pageview-notify.rdstation.com.br
1    34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com
popups.rdstation.com.br
Apex Domain
Subdomains		 Transfer
8 tiflux.com
app.tiflux.com
1 MB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 756
k.clarity.ms — Cisco Umbrella Rank: 19636
c.clarity.ms — Cisco Umbrella Rank: 1360
28 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
446 KB
6 google.com
analytics.google.com — Cisco Umbrella Rank: 148
www.google.com — Cisco Umbrella Rank: 2
37 KB
5 cloudfront.net
d335luupugsy2.cloudfront.net
71 KB
2 rdstation.com.br
pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 121160
popups.rdstation.com.br — Cisco Umbrella Rank: 100199
865 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
69 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
191 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 244
766 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
274 B
1 google.ca
www.google.ca — Cisco Umbrella Rank: 9781
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
253 B
1 clickcease.com
www.clickcease.com — Cisco Umbrella Rank: 11973
43 KB
1 bitrix24.com.br
cdn.bitrix24.com.br
12 KB
41 14
Domain Requested by
8 app.tiflux.com 1 redirects app.tiflux.com
5 d335luupugsy2.cloudfront.net app.tiflux.com
d335luupugsy2.cloudfront.net
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com app.tiflux.com
www.gstatic.com
www.google.com
3 k.clarity.ms www.clarity.ms
2 c.clarity.ms 1 redirects
2 fonts.gstatic.com www.google.com
2 analytics.google.com www.googletagmanager.com
2 www.clarity.ms app.tiflux.com
www.clarity.ms
2 connect.facebook.net app.tiflux.com
connect.facebook.net
2 www.googletagmanager.com app.tiflux.com
www.googletagmanager.com
1 popups.rdstation.com.br d335luupugsy2.cloudfront.net
1 pageview-notify.rdstation.com.br d335luupugsy2.cloudfront.net
1 c.bing.com 1 redirects
1 www.facebook.com app.tiflux.com
1 www.google.ca app.tiflux.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.clickcease.com app.tiflux.com
1 cdn.bitrix24.com.br app.tiflux.com
41 19

This site contains no links.

Subject Issuer Validity Valid
tiflux.com
GTS CA 1P5		 2024-01-30 -
2024-04-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.bitrix24.com.br
Go Daddy Secure Certificate Authority - G2		 2023-05-03 -
2024-06-03		 a year crt.sh
clickcease.com
Amazon RSA 2048 M02		 2023-11-26 -
2024-12-24		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-21 -
2024-03-20		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.rdstation.com.br
Sectigo RSA Domain Validation Secure Server CA		 2023-08-31 -
2024-06-04		 9 months crt.sh
popups.rdstation.com.br
R3		 2024-02-22 -
2024-05-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Frame ID: 4763836B8605700B87A9740F2D7AB0F1
Requests: 31 HTTP requests in this frame

Frame: https://app.tiflux.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Frame ID: 4667423CB5717B7EA5E69DB903A0CAFD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d&co=aHR0cHM6Ly9hcHAudGlmbHV4LmNvbTo0NDM.&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=6laoyb2q9bi4
Frame ID: 86044D5EF440E80451DE31824A2CA6C6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Experimente agora mesmo o Tiflux - Teste Grátis - Help Desk, Service Desk, CSM

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

41
Requests

95 %
HTTPS

0 %
IPv6

14
Domains

19
Subdomains

17
IPs

3
Countries

2311 kB
Transfer

4793 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://app.tiflux.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://app.tiflux.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Request Chain 33
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=329D2DC4F0B54E7F95DB516257B83B91&RedC=c.clarity.ms&MXFR=1AF3706D02EC6FB83BF5642C06EC6135 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=329D2DC4F0B54E7F95DB516257B83B91&MUID=345D135C4B556BD72DE6071D4A7F6AE0

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.tiflux.com/registro/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f22faec461edfce05f2c47ce4fe139febb988e694dae935a625727de75ce08c
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
863a39bc78f63987-YYZ
content-encoding
gzip
content-type
text/html
date
Wed, 13 Mar 2024 07:14:10 GMT
last-modified
Mon, 11 Dec 2023 13:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ej4v3gBytw9uvFIyHs0isB35q1sWRo3Gavyars7IJK0Npf%2BCcRBPT61OM%2Fx%2Bk03dRkxcgumkC0UUG%2BtJynZd%2FMgTHb6wB%2FSKPCdV4%2F09pJYRHVK2xhhmcovQdKt%2FJpZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0
vary
Accept-Encoding
x-content-type-options
nosniff
index-7471a43e.js
app.tiflux.com/registro/assets/ 		661 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.tiflux.com/registro/assets/index-7471a43e.js
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f1a1b38f57015a4dd8c65207ad7cfde91d39981b0b9da6215a772274b5db50
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Origin
https://app.tiflux.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 13:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
server
cloudflare
etag
W/"65770b6c-a539a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGgJJfP2YfNQqiJmevjkT8OMSNri2I8UmsWaa2zzBJi0lNibIBqGq0nQeSxZO6NMipI9lW2uFl0LN2xYK5%2BPlnnlM4VJH9UPQp2GPRTXGkgZ%2B7yuvSUvdOoFnOXgfieH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cf-ray
863a39bf1ad83987-YYZ
alt-svc
h3=":443"; ma=86400
index-b09c45b0.css
app.tiflux.com/registro/assets/ 		563 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.tiflux.com/registro/assets/index-b09c45b0.css
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09c45b0e5e1463eaa24e111a11905c4091c509d9e3fa170ffb63ed22c4df303
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 13:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
server
cloudflare
etag
W/"65770b6c-8cd90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtmSmeWWaRGZ1Yxl1wSdO2hVrQbNMEM0rk%2F9WOpbkX29u%2FI4EZTn2jFEGoeUjw3D%2Fi%2BB1QTqtDRjMhBS1kdQWyZcjXESmdRBKG3y%2BGPOy1ezEMNpbyie7YapJqGhY1uE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cf-ray
863a39bf1ad73987-YYZ
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		290 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MDSFTJS
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3cabec72519490ca87f042d2fe9900c92b11bb6f4e75226492a2936922674082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99886
x-xss-protection
0
last-modified
Wed, 13 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Mar 2024 07:14:10 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EY9Q8KJXC2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDSFTJS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d2f2f509aca0e9a43e047c061000f3421b2ab712a28ff1b57a7991f5dce446c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95333
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 13 Mar 2024 07:14:10 GMT
call.tracker.js
cdn.bitrix24.com.br/b11591269/crm/tag/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bitrix24.com.br/b11591269/crm/tag/call.tracker.js?28505234
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.94.91.141 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-94-91-141.sa-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
58a070ed3a36136982625f54e3ce747fc6e4b163a123aa49e18bc7187e773867

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:11 GMT
content-encoding
gzip
last-modified
Tue, 26 Jul 2022 12:10:46 GMT
server
nginx
etag
W/"ce256a9fc4fbe11696c6b438a9404aa7"
content-type
application/javascript
cache-control
max-age=2592000
x-bitrix-lb
lb-sa-2
server-timing
t1;dur=0.130, t2;dur=0.130, t3;dur=0.000, tc1;dur=127925, tc2;dur=15266, tc3;dur=20
expires
Fri, 12 Apr 2024 07:14:11 GMT
stat.js
www.clickcease.com/monitor/ 		142 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clickcease.com/monitor/stat.js
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.229.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-229-44.iad79.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding
gzip
via
1.1 c9bcf1ef5ff6ccbffc94a95572996802.cloudfront.net (CloudFront)
date
Wed, 13 Mar 2024 07:14:07 GMT
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop
IAD79-C3
age
8
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Sep 2023 09:05:15 GMT
server
AmazonS3
etag
W/"e112b8bf96f23bc2970347a3c98e37fc"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
microphone 'none'; camera 'none';
x-amz-cf-id
KhvfNUewbsREFwZczzNSIoPfgDC4w77oSfqYjCd-_kQlUas4Iu8yOg==
fbevents.js
connect.facebook.net/en_US/ 		215 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Mar 2024 07:14:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1380, tbw=2775, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
Lj+1Yk43a7BiRmhRHCIZ5JaOiHStEv1x3jv73BM/s4cIraUiaCy26QaUR39otI9bw5yJMO2CM8179Odq0wnyGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
a9bqjh2zew
www.clarity.ms/tag/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/a9bqjh2zew?ref=gtm2
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b9826bd768d8c11b0f7547e8fe6ed426c5483d9d5c75c013ad12d28a4508f80b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
-1
date
Wed, 13 Mar 2024 07:14:10 GMT
x-azure-ref
20240313T071410Z-11f2m7kfdd3635b9gmvq6mhusw000000010g000000005qqv
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1036
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
collect
analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-EY9Q8KJXC2&gtm=45je43b0v886753596z8850295382za200&_p=1710314050422&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1431071141.1710314051&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710314050&sct=1&seg=0&dl=https%3A%2F%2Fapp.tiflux.com%2Fregistro%2F%3Futm_source%3Doutbound%26utm_medium%3Dapollo%26utm_campaign%3Dti&dt=Experimente%20agora%20mesmo%20o%20Tiflux%20-%20Teste%20Gr%C3%A1tis%20-%20Help%20Desk%2C%20Service%20Desk%2C%20CSM&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=882
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EY9Q8KJXC2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 07:14:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.tiflux.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EY9Q8KJXC2&cid=1431071141.1710314051&gtm=45je43b0v886753596z8850295382za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EY9Q8KJXC2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 07:14:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.tiflux.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EY9Q8KJXC2&cid=1431071141.1710314051&gtm=45je43b0v886753596z8850295382za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=805043973
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 07:14:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.24/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.24/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/a9bqjh2zew?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.213.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:10 GMT
content-encoding
br
last-modified
Sun, 10 Mar 2024 17:00:12 GMT
etag
W/"0x8DC41238D312F83"
vary
Accept-Encoding
x-azure-ref
20240313T071410Z-11f2m7kfdd3635b9gmvq6mhusw000000010g000000005qr5
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
018b5061-e01e-0061-4f17-740d98000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
554431739311069
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/554431739311069?v=2.9.148&r=stable&domain=app.tiflux.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
eb6026cb95889fa4fd1d8182a5c0441f44e34ad1ee1d6c7c9b0f54ab1e36ed24
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 13 Mar 2024 07:14:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=61, mss=1380, tbw=62438, tp=-1, tpl=-1, uplat=128, ullat=0
pragma
public
x-fb-debug
/czo3DykZ9Cvk6datNPKpGkVgfTfIk9IZc0WSCo/Jp+WEbJHklw3aFDY/BvG5f2I19fn2iRDPy/ixB8Sg/NwJA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
k.clarity.ms/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.tiflux.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://app.tiflux.com
Date
Wed, 13 Mar 2024 07:14:11 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/assets/index-7471a43e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f103.1e100.net
Software
GSE /
Resource Hash
4d3e8ec871c4d1914635d49e4250c666240a4526eeb6703a9dca93c7cdebb79f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 13 Mar 2024 07:14:11 GMT
15837602-f9fe-4cab-964a-6e8cab03644d-loader.js
d335luupugsy2.cloudfront.net/js/loader-scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/loader-scripts/15837602-f9fe-4cab-964a-6e8cab03644d-loader.js
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/assets/index-7471a43e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.93.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-93-20.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
34a3a63c1cd11423f1f7ae80c640cfb7b9d12b7f9f193f0b36dbe946640a3c66

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
dW3NHlJ2HpT2agbxheY9rjf3H1Ys9bJN
content-encoding
gzip
via
1.1 1ac532da7db85d551ad10ca7bd9957b8.cloudfront.net (CloudFront)
date
Wed, 13 Mar 2024 07:14:12 GMT
last-modified
Tue, 20 Feb 2024 14:38:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
x-amz-server-side-encryption
AES256
etag
W/"00442010ef5a2fd5aed07f2143b78ffa"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
UDP5HnjEYteNrNjPMe-Rx0QuDBz5h4LD11XZ71BzHyr0klTuN4bvnQ==
tiflux-nova-logo-260b70ed.svg
app.tiflux.com/registro/assets/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.tiflux.com/registro/assets/tiflux-nova-logo-260b70ed.svg
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.7.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
260b70ed63ad5bf1bb4db75c3ff7e5e2575c74c04624e9c039ce102c05744b65
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:11 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 13:15:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"65770b6c-930"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCSqfMLvDLdSe9HIcvPyher3H8AWS5fecepdAwMJMe1rIetuuXGqviAtHO1FSpG9Fd1Lni6bDSg%2BItQzu0dl8CTJfMDmvWnT1FHe4xRgqAbBLhT8i4omptYNev0R8dtV"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
863a39c33e1738e1-YYZ
alt-svc
h3=":443"; ma=86400
client-img-2a482891.jpg
app.tiflux.com/registro/assets/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.tiflux.com/registro/assets/client-img-2a482891.jpg
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.7.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a482891d906b121fe6ca8b3646b5f30883caec1eb9601beab8e695b6ed74457
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:11 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1143580
last-modified
Mon, 11 Dec 2023 13:15:24 GMT
server
cloudflare
etag
"65770b6c-11731c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6B%2FiIYTz7N3YYrHQYdrRyI4DATV0yisU8BiRFjy6wKrLJ%2B3eb6c6bDk7T07qsPl2%2FKl3XVNCPm56iN9tvpWUsYOS1jFaV%2Fjqs2P1fTgYTlIjb5abI4vpu0lILmtsu82"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
863a39c33e1838e1-YYZ
main.js
app.tiflux.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/ Frame 4667
Redirect Chain
  • https://app.tiflux.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://app.tiflux.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.tiflux.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H3
Server
104.26.7.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1606aabba8b7f81722fbb2d7fdf346c8050d329ea382f1cce7d1101a425a617
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXyC2Whf45%2FP5ivkuk%2FBMRH0Wlg9pBKUhu6vuhs9jnUp%2BRS4RC1Aq1lsQ6manSJK9bSAyd%2BhFP1dO%2BEuHGsGV%2BTghiPxBVXXVdbl6vBZDpktdbAeM6fkNgW7Wt6ZYYYE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
863a39c38e4538e1-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 13 Mar 2024 07:14:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6sImdAGVingPKrqlm%2FXPYmpr4U5NB1s0q1qmc9KiyTG0wQXGAxXKpstY02V0O4bWz2SXdv12zGlDRS%2BnRYMyxG68QFKx13cZznJZ2KFa%2BDQx%2Ffff3B5f6DI%2BDGkMR6r"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/5b600c458061/main.js
cache-control
max-age=300, public
cf-ray
863a39c34e2138e1-YYZ
alt-svc
h3=":443"; ma=86400
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=554431739311069&ev=PageView&dl=https%3A%2F%2Fapp.tiflux.com%2Fregistro%2F%3Futm_source%3Doutbound%26utm_medium%3Dapollo%26utm_campaign%3Dti&rl=&if=false&ts=1710314051110&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.1.1710314051109.2037469451&ler=empty&cdl=API_unavailable&it=1710314050805&coo=false&rqm=GET
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-iad3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 13 Mar 2024 07:14:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
863a39bc78f63987
app.tiflux.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4667 		0
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.tiflux.com/cdn-cgi/challenge-platform/h/g/jsd/r/863a39bc78f63987
Requested by
Host: app.tiflux.com
URL: https://app.tiflux.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.7.202 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Mar 2024 07:14:11 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ld4zhHdCxnjdDQyPeIAwuXU3iRMtoshUNzgexiPWGUeLFr6IOvc%2Bkjt0VnkM0MNAzamFdb5BL%2BHAm4ktCrehzcZSXYvGHnIwye1p%2FAqsYIQiotGYaCywXTh9o2zL%2BMhN"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
863a39c44ec738e1-YYZ
alt-svc
h3=":443"; ma=86400
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 		490 KB
195 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.tiflux.com/
Origin
https://app.tiflux.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 19:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199059
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Mar 2025 19:07:42 GMT
anchor
www.google.com/recaptcha/api2/ Frame 8604 		45 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d&co=aHR0cHM6Ly9hcHAudGlmbHV4LmNvbTo0NDM.&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=6laoyb2q9bi4
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f103.1e100.net
Software
GSE /
Resource Hash
8b741a5566fceb7219a6f51e87a0af78332e18180c8c30fe9a28960c59385ad0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P5LPQcfjz4FNYEgbTZF1lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.tiflux.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-P5LPQcfjz4FNYEgbTZF1lw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Mar 2024 07:14:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 8604 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d&co=aHR0cHM6Ly9hcHAudGlmbHV4LmNvbTo0NDM.&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=6laoyb2q9bi4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 06:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Mar 2025 06:59:12 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 8604 		490 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d&co=aHR0cHM6Ly9hcHAudGlmbHV4LmNvbTo0NDM.&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=6laoyb2q9bi4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 19:07:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199059
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Mar 2025 19:07:42 GMT
lead-tracking.min.js
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/15837602-f9fe-4cab-964a-6e8cab03644d-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.93.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-93-20.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding
gzip
via
1.1 1ac532da7db85d551ad10ca7bd9957b8.cloudfront.net (CloudFront)
date
Tue, 12 Mar 2024 07:27:15 GMT
last-modified
Mon, 17 Aug 2020 12:56:23 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
age
85617
etag
W/"361325c86c17ebc03ff0f4d88d267a83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ZwqkQkTbb1Rd6nq_xbRDhz48qrCFRoO2-o6W3rNe3UuFTAlyJTxFew==
traffic-source-cookie.min.js
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/15837602-f9fe-4cab-964a-6e8cab03644d-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.93.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-93-20.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding
gzip
via
1.1 1ac532da7db85d551ad10ca7bd9957b8.cloudfront.net (CloudFront)
date
Tue, 12 Mar 2024 07:42:04 GMT
last-modified
Mon, 09 Jan 2023 17:04:37 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
age
84728
x-amz-server-side-encryption
AES256
etag
W/"dae3ed517b23abad11d0bd6b79f24080"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
g0cF3x6YqNQeM_0tj3w6E5fyX9KC9JOs7D2mGY7YzKdaT4UWcIrWgA==
uRR1sRPRLtZfwf5bdrgjW5kKsmrbC4ge_Gpx92wGck4.js
www.google.com/js/bg/ Frame 8604 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/uRR1sRPRLtZfwf5bdrgjW5kKsmrbC4ge_Gpx92wGck4.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f103.1e100.net
Software
sffe /
Resource Hash
b91475b113d12ed65fc1fe5b76b8235b990ab26adb0b881efc6a71f76c06724e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d&co=aHR0cHM6Ly9hcHAudGlmbHV4LmNvbTo0NDM.&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=6laoyb2q9bi4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 06:03:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
90643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7354
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Mar 2025 06:03:28 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8604 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 21:55:14 GMT
x-content-type-options
nosniff
age
465537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 14 Mar 2024 21:55:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8604 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d&co=aHR0cHM6Ly9hcHAudGlmbHV4LmNvbTo0NDM.&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=6laoyb2q9bi4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 22:02:49 GMT
x-content-type-options
nosniff
age
465082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Mar 2025 22:02:49 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8604 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d&co=aHR0cHM6Ly9hcHAudGlmbHV4LmNvbTo0NDM.&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=6laoyb2q9bi4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 22:15:27 GMT
x-content-type-options
nosniff
age
464324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 07 Mar 2025 22:15:27 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 8604 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d&co=aHR0cHM6Ly9hcHAudGlmbHV4LmNvbTo0NDM.&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=6laoyb2q9bi4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.103 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f103.1e100.net
Software
GSE /
Resource Hash
91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJ0LodAAAAAL353BNT5gvLcNBK1smGZVHI6h2d&co=aHR0cHM6Ly9hcHAudGlmbHV4LmNvbTo0NDM.&hl=en&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=6laoyb2q9bi4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 07:14:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 13 Mar 2024 07:14:11 GMT
collect
k.clarity.ms/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.tiflux.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://app.tiflux.com
Date
Wed, 13 Mar 2024 07:14:12 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=329D2DC4F0B54E7F95DB516257B83B91&RedC=c.clarity.ms&MXFR=1AF3706D02EC6FB83BF5642C06EC6135
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=329D2DC4F0B54E7F95DB516257B83B91&MUID=345D135C4B556BD72DE6071D4A7F6AE0
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=329D2DC4F0B54E7F95DB516257B83B91&MUID=345D135C4B556BD72DE6071D4A7F6AE0
Protocol
H2
Server
20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 07:14:12 GMT
last-modified
Fri, 01 Mar 2024 22:54:06 GMT
server
Microsoft-IIS/10.0
etag
"8573f85c2b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 13 Mar 2024 07:14:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CD780367A27B4C6AAE9A42D414CC44D4 Ref B: YTO01EDGE0813 Ref C: 2024-03-13T07:14:12Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=329D2DC4F0B54E7F95DB516257B83B91&MUID=345D135C4B556BD72DE6071D4A7F6AE0
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
send
pageview-notify.rdstation.com.br/ 		36 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pageview-notify.rdstation.com.br/send
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.116.223.35.bc.googleusercontent.com
Software
/
Resource Hash
d1e666601a9beb9d34e1bee0cd3db41df81ff2a255ef617203592971e1b197d1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.tiflux.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 13 Mar 2024 07:14:12 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html;charset=utf-8
access-control-allow-origin
https://app.tiflux.com
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
*, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length
36
x-xss-protection
1; mode=block
rdstation-popup.min.js
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 		202 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/15837602-f9fe-4cab-964a-6e8cab03644d-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.93.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-93-20.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
225343440217a5d22f3877ec17dc7ee6d830ee741a47228cfd1781362ad00474

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 09:47:56 GMT
content-encoding
gzip
via
1.1 1ac532da7db85d551ad10ca7bd9957b8.cloudfront.net (CloudFront)
x-amz-version-id
p5CvNmBR8Hi2L2KZd2nEga.lokO16FDg
last-modified
Mon, 29 Jan 2024 17:45:12 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
age
77177
etag
"ebe3e4ed1116d2f30c297f590cf2bfc7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
56869
x-amz-cf-id
ycsArCNX3X3QVL0-CWs5pmlATrIOAwMV-xToUxoKhXhnZRA5_N_yog==
rd-js-integration.min.js
d335luupugsy2.cloudfront.net/js/integration/2.0.0/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d335luupugsy2.cloudfront.net/js/integration/2.0.0/rd-js-integration.min.js?v=1
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/15837602-f9fe-4cab-964a-6e8cab03644d-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.93.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-93-20.iad61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4aa9e3a976f20cd4babf17dcdd27e63335a70191d322432a6f6c868d73a5cfa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
3dngmS.4H4nxkAQ1dQ4Zed.bkb2I4WUy
content-encoding
gzip
via
1.1 1ac532da7db85d551ad10ca7bd9957b8.cloudfront.net (CloudFront)
date
Tue, 12 Mar 2024 09:45:22 GMT
x-amz-cf-pop
IAD61-P1
age
77331
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9976
last-modified
Wed, 29 Mar 2023 14:01:04 GMT
server
AmazonS3
etag
"a101060a6ec593b54e9c4227f96e2695"
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, must-revalidate
accept-ranges
bytes
x-amz-cf-id
3o1Mii39zoi01HIjrDxtwUBXaRhK_Vui8duRWab9tjrhf-msxa11tA==
show.json
popups.rdstation.com.br/popup/ 		13 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://popups.rdstation.com.br/popup/show.json?account_id=561807&uniq=_ure7bryvi&ref=aHR0cHM6Ly9hcHAudGlmbHV4LmNvbS9yZWdpc3Ryby8%2FdXRtX3NvdXJjZT1vdXRib3VuZCZ1dG1fbWVkaXVtPWFwb2xsbyZ1dG1fY2FtcGFpZ249dGk%3D
Requested by
Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.90.68.34.bc.googleusercontent.com
Software
/
Resource Hash
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
Security Headers
Name Value
Strict-Transport-Security max-age=7776000
X-Frame-Options sameorigin

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=7776000
date
Wed, 13 Mar 2024 07:14:12 GMT
referrer-policy
strict-origin-when-cross-origin
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options
sameorigin
content-type
application/json
access-control-allow-origin
*
content-length
13
collect
k.clarity.ms/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.tiflux.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://app.tiflux.com
Date
Wed, 13 Mar 2024 07:14:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-EY9Q8KJXC2&gtm=45je43b0v886753596za200&_p=1710314050422&gcd=13l3l3l3l1&npa=0&dma=0&cid=1431071141.1710314051&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1710314050&sct=1&seg=0&dl=https%3A%2F%2Fapp.tiflux.com%2Fregistro%2F%3Futm_source%3Doutbound%26utm_medium%3Dapollo%26utm_campaign%3Dti&dt=Experimente%20agora%20mesmo%20o%20Tiflux%20-%20Teste%20Gr%C3%A1tis%20-%20Help%20Desk%2C%20Service%20Desk%2C%20CSM&en=scroll&epn.percent_scrolled=90&_et=8&tfd=5893
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EY9Q8KJXC2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://app.tiflux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Mar 2024 07:14:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.tiflux.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| getUrlParameter function| setCookieGeneral function| checkCookie object| script string| target object| elem function| fbq function| _fbq function| clarity object| global object| g_ED string| g_countrycode function| g_save_toLocalStorage function| g_setup_Enhanced_Conversion_Data function| g_validateEmail object| enhanced_conversion_data function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| ccConsole function| getBrowserFingerprint boolean| ccinstalled object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| b24Tracker object| b24order object| recaptcha object| closure_lm_495709 object| RDStation object| RDCookieControl boolean| RDStationTrackingCodeChecker object| LeadTracking object| TrafficSourceCookie object| RdstationPopup object| credentials object| RdstationFormsIntegration

20 Cookies

Domain/Path Name / Value
.tiflux.com/ Name: _gcl_au
Value: 1.1.920226988.1710314051
.tiflux.com/ Name: utm_source
Value: outbound
.tiflux.com/ Name: utm_medium
Value: apollo
.tiflux.com/ Name: utm_campaign
Value: ti
.tiflux.com/ Name: _ga
Value: GA1.1.1431071141.1710314051
www.clarity.ms/ Name: CLID
Value: f2fffdd867f54936a7d00b586d959d73.20240313.20250313
.tiflux.com/ Name: _ga_EY9Q8KJXC2
Value: GS1.1.1710314050.1.0.1710314050.60.0.0
.tiflux.com/ Name: _clck
Value: 10ue0u8%7C2%7Cfk1%7C0%7C1533
.tiflux.com/ Name: _clsk
Value: 1c91u1m%7C1710314051101%7C1%7C1%7Ck.clarity.ms%2Fcollect
.tiflux.com/ Name: _fbp
Value: fb.1.1710314051109.2037469451
.tiflux.com/ Name: cf_clearance
Value: 8i6p34kSgaY8PPOA9Jztiy4tVhyI2Fw5I8..xHR_EjY-1710314051-1.0.1.1-usMvaWSH62Oa7KR3HrPtZfEt0Yi3H6DNmqlS3Y79MZzVYSGyUq7DROClSZ4sKXn5Bn8a1JPc5TCUvYwcUofTtg
.tiflux.com/ Name: __trf.src
Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoidXRtX3NvdXJjZT1vdXRib3VuZCZ1dG1fbWVkaXVtPWFwb2xsbyZ1dG1fY2FtcGFpZ249dGkiLCJleHRyYV9wYXJhbXMiOnt9fSwiY3VycmVudF9zZXNzaW9uIjp7InZhbHVlIjoidXRtX3NvdXJjZT1vdXRib3VuZCZ1dG1fbWVkaXVtPWFwb2xsbyZ1dG1fY2FtcGFpZ249dGkiLCJleHRyYV9wYXJhbXMiOnt9fSwiY3JlYXRlZF9hdCI6MTcxMDMxNDA1MTY3MH0=
.tiflux.com/ Name: rdtrk
Value: %7B%22id%22%3A%2294fc6135-f8ab-4384-ba0a-943ab4a308aa%22%7D
.bing.com/ Name: MUID
Value: 345D135C4B556BD72DE6071D4A7F6AE0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 345D135C4B556BD72DE6071D4A7F6AE0
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 345D135C4B556BD72DE6071D4A7F6AE0
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

15 Console Messages

Source Level URL
Text
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/554431739311069?v=2.9.148&r=stable&domain=app.tiflux.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.tiflux.com/registro/?utm_source=outbound&utm_medium=apollo&utm_campaign=ti
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
app.tiflux.com
c.bing.com
c.clarity.ms
cdn.bitrix24.com.br
connect.facebook.net
d335luupugsy2.cloudfront.net
fonts.gstatic.com
k.clarity.ms
pageview-notify.rdstation.com.br
popups.rdstation.com.br
stats.g.doubleclick.net
www.clarity.ms
www.clickcease.com
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
104.26.7.202
13.107.21.200
13.107.213.38
142.250.31.156
142.251.163.103
142.251.179.94
172.253.63.94
172.253.63.97
20.125.209.212
20.96.88.162
216.239.34.181
3.162.93.20
31.13.66.19
31.13.66.35
34.68.90.188
35.223.116.65
54.94.91.141
99.86.229.44
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
225343440217a5d22f3877ec17dc7ee6d830ee741a47228cfd1781362ad00474
260b70ed63ad5bf1bb4db75c3ff7e5e2575c74c04624e9c039ce102c05744b65
2a482891d906b121fe6ca8b3646b5f30883caec1eb9601beab8e695b6ed74457
34a3a63c1cd11423f1f7ae80c640cfb7b9d12b7f9f193f0b36dbe946640a3c66
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
3cabec72519490ca87f042d2fe9900c92b11bb6f4e75226492a2936922674082
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4c06e93049378bf0cdbbe5d3a1d0c302ac2d35faec13623ad812ee41495a2a57
4d3e8ec871c4d1914635d49e4250c666240a4526eeb6703a9dca93c7cdebb79f
4f22faec461edfce05f2c47ce4fe139febb988e694dae935a625727de75ce08c
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
58a070ed3a36136982625f54e3ce747fc6e4b163a123aa49e18bc7187e773867
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
85f1a1b38f57015a4dd8c65207ad7cfde91d39981b0b9da6215a772274b5db50
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
8b741a5566fceb7219a6f51e87a0af78332e18180c8c30fe9a28960c59385ad0
91e9008a809223ca505257c7cb9232b7bf13e7fbf45e3f6dd2cfca538e7141eb
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
b09c45b0e5e1463eaa24e111a11905c4091c509d9e3fa170ffb63ed22c4df303
b91475b113d12ed65fc1fe5b76b8235b990ab26adb0b881efc6a71f76c06724e
b9826bd768d8c11b0f7547e8fe6ed426c5483d9d5c75c013ad12d28a4508f80b
d1e666601a9beb9d34e1bee0cd3db41df81ff2a255ef617203592971e1b197d1
d2f2f509aca0e9a43e047c061000f3421b2ab712a28ff1b57a7991f5dce446c7
e1606aabba8b7f81722fbb2d7fdf346c8050d329ea382f1cce7d1101a425a617
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6026cb95889fa4fd1d8182a5c0441f44e34ad1ee1d6c7c9b0f54ab1e36ed24
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4aa9e3a976f20cd4babf17dcdd27e63335a70191d322432a6f6c868d73a5cfa
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5