URL: https://support.baffle.io/
Submission: On December 02 via automatic, source certstream-suspicious — Scanned from US

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 19 HTTP transactions. The main IP is 18.234.10.85, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is support.baffle.io.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 7th 2023. Valid for: a year.
This is the only time support.baffle.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 18.234.10.85 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.196.14.45 14618 (AMAZON-AES)
19 4
Apex Domain
Subdomains
Transfer
14 baffle.io
support.baffle.io
baffle.io
275 KB
1 ladesk.com
4.ue1.vbus.apps.ladesk.com — Cisco Umbrella Rank: 148285
0 netlify.com Failed
nostalgic-fermat-6932a4.netlify.com Failed
0 cloudflare.com Failed
cdnjs.cloudflare.com Failed
0 cssscript.com Failed
www.cssscript.com Failed
19 5
Domain Requested by
13 support.baffle.io support.baffle.io
1 4.ue1.vbus.apps.ladesk.com support.baffle.io
1 baffle.io support.baffle.io
0 nostalgic-fermat-6932a4.netlify.com Failed support.baffle.io
0 cdnjs.cloudflare.com Failed support.baffle.io
0 www.cssscript.com Failed support.baffle.io
19 6

This site contains no links.

Subject Issuer Validity Valid
support.baffle.io
ZeroSSL RSA Domain Secure Site CA
2023-12-07 -
2024-12-06
a year crt.sh
baffle.io
WE1
2024-10-27 -
2025-01-25
3 months crt.sh
4.ue1.vbus.apps.ladesk.com
R11
2024-10-23 -
2025-01-21
3 months crt.sh

This page contains 2 frames:

Primary Page: https://support.baffle.io/
Frame ID: BFCE213398CFC5CCAF6AA5754D324009
Requests: 18 HTTP requests in this frame

Frame: https://4.ue1.vbus.apps.ladesk.com/5_51_5_26/scripts/lib/bus.html?v=5.51.5.26
Frame ID: 3F53C2558DD6F69EF3C81840F2874F78
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Baffle Support Portal

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

19
Requests

79 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

4
IPs

1
Countries

275 kB
Transfer

663 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
support.baffle.io/
10 KB
5 KB
Document
General
Full URL
https://support.baffle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
f3b1a321848d18a239ca4a9b99f0bd86e51cab7a0d938a5579a16bfb9b0e45c3
Security Headers
Name Value
Content-Security-Policy default-src *.qualityunit.com *.google.com *.googletagmanager.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'; script-src *.fbcdn.net *.facebook.com *.twimg.com *.twitter.com *.qualityunit.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'; frame-src *.qualityunit.com *.ladesk.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'; connect-src *.fbcdn.net *.facebook.com *.twimg.com *.twitter.com *.qualityunit.com *.qualityunit.com *.google.com *.googletagmanager.com maps.googleapis.com *.ladesk.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval' wss:; style-src *.qualityunit.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data:; font-src *.gstatic.com 'self' data:;
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
0
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-security-policy
default-src *.qualityunit.com *.google.com *.googletagmanager.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'; script-src *.fbcdn.net *.facebook.com *.twimg.com *.twitter.com *.qualityunit.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'; frame-src *.qualityunit.com *.ladesk.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'; connect-src *.fbcdn.net *.facebook.com *.twimg.com *.twitter.com *.qualityunit.com *.qualityunit.com *.google.com *.googletagmanager.com maps.googleapis.com *.ladesk.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval' wss:; style-src *.qualityunit.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data:; font-src *.gstatic.com 'self' data:;
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 19:41:07 GMT
expires
26 Jun 1997 05:00:00 GMT
la-ver
5.51.5.26
pragma
no-cache
referrer-policy
no-referrer
server
Apache/2.4.57 (Unix)
strict-transport-security
max-age=10886400; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish (prod-ue1)
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-varnish
263159834
x-xss-protection
1; mode=block
kb.css
support.baffle.io/themes/kb/montana/
232 KB
57 KB
Stylesheet
General
Full URL
https://support.baffle.io/themes/kb/montana/kb.css?v=5.51.5.26
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
89f2daef3fb59bab1c4ba296e7d25bdf0fdba6cda6d17095be10e402b9ae40cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"3a1fa-627d52bc34a00"
age
32
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
240059055 228361057
content-length
57919
date
Mon, 02 Dec 2024 19:40:35 GMT
content-type
text/css
last-modified
Tue, 26 Nov 2024 18:39:36 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26
bundle.e3f8621f3498fb9699e2.css
support.baffle.io/static/webpack/liveagent-common-bundle/
1 KB
601 B
Stylesheet
General
Full URL
https://support.baffle.io/static/webpack/liveagent-common-bundle/bundle.e3f8621f3498fb9699e2.css
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
a1ae07b34b7c57774fd2f92a88a9b47dfe77d89262b7db5176b7932d8e29c467
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"582-627d52acf2600"
age
32
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
17825907 7045475
content-length
533
date
Mon, 02 Dec 2024 19:40:35 GMT
content-type
text/css
last-modified
Tue, 26 Nov 2024 18:39:20 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26
index.php
support.baffle.io/
8 KB
2 KB
Stylesheet
General
Full URL
https://support.baffle.io/index.php?type=css&v=5.51.5.26&c=1732864098&kbid=kb_defa
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
704af0b378550af9bef95d73125105eca7b3281e51e8730fc1a1d2b92552a251
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
32
x-content-type-options
nosniff, nosniff
expires
Mon, 02 Dec 2024 20:40:35 GMT
x-varnish
5112021 15499466
date
Mon, 02 Dec 2024 19:40:35 GMT
content-type
text/css;charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 02 Dec 2024 19:40:35 GMT
la-ver
5.51.5.26
cache-control
max-age=3600, public
pragma
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
content-length
1853
server
Apache/2.4.57 (Unix)
bundle-09c5bdd57d387328717c.esm.js
support.baffle.io/static/webpack/liveagent-common-bundle/
41 KB
14 KB
Script
General
Full URL
https://support.baffle.io/static/webpack/liveagent-common-bundle/bundle-09c5bdd57d387328717c.esm.js
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
50a3d9ee8040428a6b6a564c8166ad6b839cde8bd9995347b02759d258fcd0ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"a3fd-627d52acf2600"
age
32
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
229704654 244023692
content-length
14458
date
Mon, 02 Dec 2024 19:40:35 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 18:39:20 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26
stringutils-de61a176319e908e4d31.esm.js
support.baffle.io/static/webpack/liveagent-common-bundle/
203 KB
79 KB
Script
General
Full URL
https://support.baffle.io/static/webpack/liveagent-common-bundle/stringutils-de61a176319e908e4d31.esm.js
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
a2fb1b36873c6e834723242bee86a0d5e3419bada859268f245b403484403aac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"32c40-627d52acf2600"
age
0
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
187536553
date
Mon, 02 Dec 2024 19:41:07 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 18:39:20 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26
fixedmenu.js
support.baffle.io/themes/kb/montana/js/
255 B
212 B
Script
General
Full URL
https://support.baffle.io/themes/kb/montana/js/fixedmenu.js?v=5.51.5.26
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
969a2fef09cd443227c81df3942feea92e82aa093d5212e1bc24742f8bbb5ee6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
content-encoding
gzip
etag
W/"ff-627d52bc34a00"
age
0
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
240059056
date
Mon, 02 Dec 2024 19:41:07 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 18:39:36 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26
track.js
support.baffle.io/scripts/
49 KB
13 KB
Script
General
Full URL
https://support.baffle.io/scripts/track.js
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
59eda655b2af9936e87548893472328efa781a853b01f4aa8aa2352ec330f05e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
cache-control
max-age=300, public
content-encoding
gzip
etag
W/"c577-627d52acf2600"
age
0
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
259588168
date
Mon, 02 Dec 2024 19:41:07 GMT
content-type
application/javascript
last-modified
Tue, 26 Nov 2024 18:39:20 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26
window-date-picker.css
www.cssscript.com/demo/window-date-time-picker/dist/css/
0
0

select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.10/css/
0
0

window-date-picker.js
nostalgic-fermat-6932a4.netlify.com/
0
0

select2.js
nostalgic-fermat-6932a4.netlify.com/
0
0

body-bg-light.png
support.baffle.io/themes/kb/montana/img/
935 B
1004 B
Image
General
Full URL
https://support.baffle.io/themes/kb/montana/img/body-bg-light.png
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/index.php?type=css&v=5.51.5.26&c=1732864098&kbid=kb_defa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
05f72f54a42d54538f4a355d8e0a48f84ad254036c1735cc4a190890a7ee6a6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://support.baffle.io/index.php?type=css&v=5.51.5.26&c=1732864098&kbid=kb_defa

Response headers

vary
Accept-Encoding
etag
"3a7-627d52bc34a00"
age
0
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
3309929
content-length
935
date
Mon, 02 Dec 2024 19:41:07 GMT
content-type
image/png
last-modified
Tue, 26 Nov 2024 18:39:36 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26
file.php
support.baffle.io/scripts/
20 KB
6 KB
Image
General
Full URL
https://support.baffle.io/scripts/file.php?view=Y&file=5h0wh3f9u2j1peffwel9l9suy6bsptk8
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/index.php?type=css&v=5.51.5.26&c=1732864098&kbid=kb_defa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
d66971a509de7efbeb40af5c8863413f9921a8b6665e8f7c55e06557d2f17e01
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://support.baffle.io/index.php?type=css&v=5.51.5.26&c=1732864098&kbid=kb_defa

Response headers

vary
Accept-Encoding
cache-control
max-age=36000
content-encoding
gzip
age
0
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
expires
Tue, 03 Dec 24 05:41:08 +0000
accept-ranges
bytes
x-varnish
264241172
date
Mon, 02 Dec 2024 19:41:07 GMT
content-disposition
filename="bafflelogo.svg"
content-type
image/svg+xml
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26
home-header-backgroung.jpg
baffle.io/wp-content/uploads/2020/05/
73 KB
74 KB
Image
General
Full URL
https://baffle.io/wp-content/uploads/2020/05/home-header-backgroung.jpg
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/index.php?type=css&v=5.51.5.26&c=1732864098&kbid=kb_defa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:dd0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad1c571771bea45c9f24632e4838507db81c2f3fb67671efeb4adec50a820b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://support.baffle.io/

Response headers

cf-cache-status
MISS
etag
"64ca5f71-123db"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4q7J7WHdvqSUStxDrYfwh8cewVl1FBW5j6TrVE1EYUXg1P6UTS95goqul5clP1np258RxURy5N4nxNTxEfs%2FKiTrOK4tOQ8WHShgQ2h6h9YLVh8XON1BQ5cNVBhGxoqAkNdiTKuZAc4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=71301&min_rtt=71284&rtt_var=11304&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2343&delivery_rate=54514&cwnd=34&unsent_bytes=0&cid=891f0f8ed3f92c73&ts=222&x=0"
date
Mon, 02 Dec 2024 19:41:08 GMT
content-type
image/jpeg
last-modified
Wed, 02 Aug 2023 13:51:45 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ebdcaedfc3139de-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
74715
server
cloudflare
glyphicons-halflings-regular.woff2
support.baffle.io/themes/kb/montana/fonts/
18 KB
18 KB
Font
General
Full URL
https://support.baffle.io/themes/kb/montana/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/index.php?type=css&v=5.51.5.26&c=1732864098&kbid=kb_defa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://support.baffle.io
Referer
https://support.baffle.io/index.php?type=css&v=5.51.5.26&c=1732864098&kbid=kb_defa

Response headers

vary
Accept-Encoding
etag
"466c-627d52bc34a00"
age
0
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
258343010
content-length
18028
date
Mon, 02 Dec 2024 19:41:08 GMT
content-type
font/woff2
last-modified
Tue, 26 Nov 2024 18:39:36 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26
track_visit.php
support.baffle.io/scripts/
511 B
346 B
Script
General
Full URL
https://support.baffle.io/scripts/track_visit.php?t=Y&C=Track&B=r0z45m07whtwgwpxgar49j72t712z&S=dhynrfk3munda05waq72bvusj5b2n&pt=Baffle%20Support%20Portal&url=__S__support.baffle.io%2F&ref=&sr=1600x1200&ud=%7B%7D&vn=Y&ci=&jstk=Y
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
0871863a0ffaae2f3bb828fe78601027fac5bf2cb3f15963dd945a53ba76aa1f
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
cache-control
max-age=15, public
content-encoding
gzip
pragma
age
0
x-content-type-options
nosniff, nosniff
via
1.1 varnish (prod-ue1)
expires
Mon, 02 Dec 2024 19:41:23 GMT
accept-ranges
bytes
x-varnish
235832140
date
Mon, 02 Dec 2024 19:41:08 GMT
content-type
application/javascript
last-modified
Mon, 02 Dec 2024 19:41:08 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26
bus.html
4.ue1.vbus.apps.ladesk.com/5_51_5_26/scripts/lib/ Frame 3F53
0
0
Document
General
Full URL
https://4.ue1.vbus.apps.ladesk.com/5_51_5_26/scripts/lib/bus.html?v=5.51.5.26
Requested by
Host: support.baffle.io
URL: https://support.baffle.io/scripts/track.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.196.14.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-14-45.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
35
content-encoding
gzip
content-length
140
content-type
text/html; charset=utf-8
date
Mon, 02 Dec 2024 19:41:08 GMT
etag
W/"13b-627d52acf2600"
last-modified
Tue, 26 Nov 2024 18:39:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish (prod-ue1)
x-content-type-options
nosniff
x-varnish
264503303 258703679
favicon.ico
support.baffle.io/themes/kb/montana/img/
5 KB
5 KB
Other
General
Full URL
https://support.baffle.io/themes/kb/montana/img/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.234.10.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-10-85.compute-1.amazonaws.com
Software
Apache/2.4.57 (Unix) /
Resource Hash
8979fef1a667b37581fb2ba0a044f8723cb9a4bd82cd40240f07e3d5a5e696d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding
etag
"1536-627d52bc34a00"
age
0
x-content-type-options
nosniff
via
1.1 varnish (prod-ue1)
accept-ranges
bytes
x-varnish
13238358
content-length
5430
date
Mon, 02 Dec 2024 19:41:08 GMT
content-type
image/x-icon
last-modified
Tue, 26 Nov 2024 18:39:36 GMT
server
Apache/2.4.57 (Unix)
la-ver
5.51.5.26

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.cssscript.com
URL
https://www.cssscript.com/demo/window-date-time-picker/dist/css/window-date-picker.css
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.10/css/select2.min.css
Domain
nostalgic-fermat-6932a4.netlify.com
URL
https://nostalgic-fermat-6932a4.netlify.com/window-date-picker.js
Domain
nostalgic-fermat-6932a4.netlify.com
URL
https://nostalgic-fermat-6932a4.netlify.com/select2.js

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkliveagent object| Tippy function| UndoManager object| LiveAgentWebpackBundle function| ConversationLinkOptions object| StringUtilsJS object| HtmlToText function| isGoogleMapsApiLoaded function| clearFilter function| submitFilter function| hashCode object| LiveAgentTrackerXD function| LiveAgent function| LiveAgentTracker

4 Cookies

Domain/Path Name / Value
support.baffle.io/ Name: visitor_la_sid
Value: 7zxxmjnq3rkmsdfd1resywt58q08l97n
support.baffle.io/ Name: LaVisitorNew
Value: Y
.baffle.io/ Name: LaVisitorId_c3VwcG9ydC5iYWZmbGUuaW8v
Value: r0z45m07whtwgwpxgar49j72t712z
support.baffle.io/ Name: LaSID
Value: dhynrfk3munda05waq72bvusj5b2n

4 Console Messages

Source Level URL
Text
security error URL: https://support.baffle.io/(Line 89)
Message:
Refused to load the stylesheet 'https://www.cssscript.com/demo/window-date-time-picker/dist/css/window-date-picker.css' because it violates the following Content Security Policy directive: "style-src *.qualityunit.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://support.baffle.io/(Line 90)
Message:
Refused to load the stylesheet 'https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.10/css/select2.min.css' because it violates the following Content Security Policy directive: "style-src *.qualityunit.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://support.baffle.io/
Message:
Refused to load the script 'https://nostalgic-fermat-6932a4.netlify.com/window-date-picker.js' because it violates the following Content Security Policy directive: "script-src *.fbcdn.net *.facebook.com *.twimg.com *.twitter.com *.qualityunit.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://support.baffle.io/
Message:
Refused to load the script 'https://nostalgic-fermat-6932a4.netlify.com/select2.js' because it violates the following Content Security Policy directive: "script-src *.fbcdn.net *.facebook.com *.twimg.com *.twitter.com *.qualityunit.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *.qualityunit.com *.google.com *.googletagmanager.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'; script-src *.fbcdn.net *.facebook.com *.twimg.com *.twitter.com *.qualityunit.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'; frame-src *.qualityunit.com *.ladesk.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval'; connect-src *.fbcdn.net *.facebook.com *.twimg.com *.twitter.com *.qualityunit.com *.qualityunit.com *.google.com *.googletagmanager.com maps.googleapis.com *.ladesk.com baffle.ladesk.com support.baffle.io 1.ue1.vbus.apps.ladesk.com 2.ue1.vbus.apps.ladesk.com 3.ue1.vbus.apps.ladesk.com 4.ue1.vbus.apps.ladesk.com 5.ue1.vbus.apps.ladesk.com 6.ue1.vbus.apps.ladesk.com qla-prod-ue1-la-opensips-01.prod-ue1.live-agent.net 'self' 'unsafe-inline' 'unsafe-eval' wss:; style-src *.qualityunit.com *.googleapis.com 'self' 'unsafe-inline' 'unsafe-eval'; img-src * data:; font-src *.gstatic.com 'self' data:;
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block