For teams whose customers cross a boundary they don’t own
Cryptographic, fraud-protected attribution at the edges where every other analytics tool goes dark.
You’re paying for clicks. 10–30% are bots. The rest disappear the moment they leave your domain. We pick up where everyone else stops.
Here’s the bargain in two columns. The left side is yours to own. The right side belongs to whoever runs the boundary — a retailer, an app store, a merchant checkout, a partner site. Nobody who sells you “full-funnel” coverage actually has it.
Signed clicks, anonymous cross-domain identity, first-party tracking. Whether the wall is a retailer’s domain, an app store, a merchant’s checkout, or a partner site — the shape of the answer is the same.
A creator drops a branded shortlink. We sign the click, stitch the cross-domain journey on your owned domains, and capture the verified outbound click to the retailer. The retailer’s domain is the dark zone.
Stop paying per click when 10–30% of clicks are bots. Every click carries a signed TUID; the fraud verdict happens at the signature, not in a weekly clawback report.
Stitch a visitor across all your owned domains — before they log in — with a single-use, audience-bound HMAC handoff. The cross-domain story is the headline here.
One instance of the pattern from the previous section — a CPG journey, Instagram to retailer click-out. Swap the boundary and the diagram still reads: lit on your side, dark on theirs.
“The last click before they leave is the strongest intent signal you’ll ever own.”
A creator drops a recipe Reel with go.your-brand.com/quick-pasta. Tap → 302 to your site. We mint TUID 7f3c…b81e, signed and stamped with the campaign slug.
Same TUID, now on www.your-brand.com. The cross-domain handoff is an audience-bound nonce — no login, no cookie hop, no third-party request. Reads two recipes, leaves.
Same browser, same TUID. No referrer this time — just navigates back to the recipe. Stays 4 min. The intent is building; we can already see it.
Click on the retailer button — the click-out event fires, TUID still attached. This is the strongest purchase-intent signal you will ever capture. Campaign A gets credit, verified and signed.
We don’t see this — and we won’t pretend we do. The retailer’s domain is sealed, and that’s the honest end of the journey.
The narrative sells why we’re different. This is what’s actually in the box. No roadmap items, no asterisks — all available in the workspace on day one.
Your own domain. go.your-brand.com/summer-launch — or qtrk.link while you set up DNS.
Generated in-app, downloadable as SVG/PNG, optional center logo.
One shortlink, different destination per country. US → A, UK → B, default → C.
Weighted destination variants, sticky per visitor — same TUID always lands on the same arm.
Set expires_at per link; the worker hard-stops at expiry.
max_uses per link, atomically enforced via D1 counters.
Gate any shortlink behind a passcode. Useful for unreleased landing pages.
Run shortlinks under the client’s domain via Cloudflare for SaaS — fully white-labeled.
Define an ordered event sequence; the admin shows step conversion and drop-off.
SSE direct from our edge to your browser. No polling, no hop — used by the live dashboard.
Push every event (or just goal completions) to your endpoint with retry + signing.
Every workspace mutation recorded with actor, before/after, and metadata.
A 30-minute call on your domains, your top channels, and what a first-party tracker on a domain you own would look like.