URL: https://checkin.weareelevate.global/
Submission: On July 24 via api from US — Scanned from GB

Summary

This website contacted 11 IPs in 4 countries across 5 domains to perform 24 HTTP transactions. The main IP is 5.134.13.76, located in United Kingdom and belongs to UKNOC-AS, GB. The main domain is checkin.weareelevate.global.
TLS certificate: Issued by R11 on July 23rd 2024. Valid for: 3 months.
This is the only time checkin.weareelevate.global was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5.134.13.76 34282 (UKNOC-AS)
5 172.67.6.159 13335 (CLOUDFLAR...)
4 104.18.70.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.72.113 13335 (CLOUDFLAR...)
2 172.217.16.155 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.16.138 15169 (GOOGLE)
2 104.16.53.111 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.138 ()
24 11
Apex Domain
Subdomains
Transfer
10 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 492
identitytoolkit.googleapis.com — Cisco Umbrella Rank: 6472
firestore.googleapis.com — Cisco Umbrella Rank: 1344
71 KB
5 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3854
ekr.zdassets.com — Cisco Umbrella Rank: 4356
343 KB
5 landbot.io
cdn.landbot.io — Cisco Umbrella Rank: 150329
welcome.landbot.io — Cisco Umbrella Rank: 408942
505 KB
2 zendesk.com
elevatestaffing.zendesk.com
2 KB
2 weareelevate.global
checkin.weareelevate.global
weareelevate.global
6 KB
24 5
Domain Requested by
4 identitytoolkit.googleapis.com cdn.landbot.io
4 static.zdassets.com checkin.weareelevate.global
static.zdassets.com
4 cdn.landbot.io checkin.weareelevate.global
cdn.landbot.io
3 firestore.googleapis.com cdn.landbot.io
3 storage.googleapis.com cdn.landbot.io
2 elevatestaffing.zendesk.com static.zdassets.com
1 welcome.landbot.io cdn.landbot.io
1 weareelevate.global
1 ekr.zdassets.com static.zdassets.com
1 checkin.weareelevate.global
24 10

This site contains no links.

Subject Issuer Validity Valid
cpcontacts.checkin.weareelevate.global
R11
2024-07-23 -
2024-10-21
3 months crt.sh
landbot.io
WE1
2024-07-05 -
2024-10-03
3 months crt.sh
zdassets.com
E6
2024-06-29 -
2024-09-27
3 months crt.sh
storage.googleapis.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
mail.weareelevate.global
R11
2024-07-15 -
2024-10-13
3 months crt.sh
upload.video.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
elevatestaffing.zendesk.com
E5
2024-06-13 -
2024-09-11
3 months crt.sh
edgecert.googleapis.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh

This page contains 3 frames:

Primary Page: https://checkin.weareelevate.global/
Frame ID: 6FAC07304E0AFF1947E9202CFA0E6A02
Requests: 12 HTTP requests in this frame

Frame: https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Frame ID: F73445593B255F4EDDC0C4568E0FBADB
Requests: 5 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Frame ID: 6637C2013CE7746A304FB6B5616CFE58
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Check-In And Check-Out With Elevate

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

24
Requests

100 %
HTTPS

27 %
IPv6

5
Domains

10
Subdomains

11
IPs

4
Countries

927 kB
Transfer

3052 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
checkin.weareelevate.global/
1 KB
781 B
Document
General
Full URL
https://checkin.weareelevate.global/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.134.13.76 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS
weareelevate.gds.guru.net.uk
Software
LiteSpeed /
Resource Hash
47e16a6079230b41f8820e1ec002960799c86a109cf0e725e06065c9fc25e21d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
527
content-type
text/html
date
Wed, 24 Jul 2024 10:46:29 GMT
last-modified
Tue, 23 Jul 2024 23:52:33 GMT
server
LiteSpeed
vary
Accept-Encoding
landbot-3.0.0.js
cdn.landbot.io/landbot-3/
2 MB
471 KB
Script
General
Full URL
https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Requested by
Host: checkin.weareelevate.global
URL: https://checkin.weareelevate.global/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624e7b0876addb7fe283e3e353bfcf8145a9f311616b742411dd988629f1b06b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-guploader-uploadid
ACJd0NqLhlyNDUqc2VpwNzgrIwDrzyBnXmb2NLOfo0oz9VTUpg-JUc2ChHQMeeX6nQ42K4wzHO8eLsrNZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
481168
last-modified
Tue, 20 Feb 2024 16:33:04 GMT
server
cloudflare
etag
"b0675d16627f954545888eb1ac5236b4"
vary
Accept-Encoding
x-goog-generation
1708446784696571
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=JHapfw==, md5=sGddFmJ/lUVFiI6xrFI2tA==
access-control-expose-headers
Content-Type
cache-control
max-age=120, no-transform
x-goog-stored-content-length
481168
accept-ranges
bytes
cf-ray
8a8353a5ecce0696-LHR
expires
Wed, 24 Jul 2024 10:46:30 GMT
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=2b2d259e-0699-4d5c-82cf-ee4ac324cb5a
Requested by
Host: checkin.weareelevate.global
URL: https://checkin.weareelevate.global/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:30 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
RHCK4VW3DV78KC29
age
53
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
uzHppUAFshGca5fa+F5E7670AoUC86ZKZbWaJnMBcGbpQb+CpGhGHglRbacEm7gO9XIbKIP2UbY=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FehfUjic5GsDbF1rQPAJKWsTcd%2BzTXn0y4YrpJydSLs%2F330ShRR2ZV%2FIdDHLfvvpF0TmWQmmsprwX4FOoofRlO2JKgn3Jpf1q3kqJjdKEstOWSdLpKnkx7%2B1ZhGcPiHRdVnJcE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8a8353a61842d184-LHR
access-control-allow-headers
*
index.json
storage.googleapis.com/landbot.pro/v3/H-2562525-3VLKEMO5KE0ETDRL/
4 KB
5 KB
Fetch
General
Full URL
https://storage.googleapis.com/landbot.pro/v3/H-2562525-3VLKEMO5KE0ETDRL/index.json?ts=1721817990434
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4d942eece4279fa2a81ef75c58aaa6cdde0f514da7c48b149a84ebd17af0cc8b

Request headers

Accept
application/json
Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:30 GMT
x-guploader-uploadid
AHxI1nOxNz6ezywta5oCZP1GN4ZYzs020lRD9Nk4P4H2KVTEKADdi4_IFyPtxzwtUC7JSt5G7991M0VjzA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4387
last-modified
Wed, 24 Jul 2024 01:23:40 GMT
server
UploadServer
etag
"5abcedf43d9e3e6c6ab259acb299fd1e"
x-goog-generation
1721784220109337
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=kjORnw==, md5=Wrzt9D2ePmxqslmsspn9Hg==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-store
x-goog-stored-content-length
4387
accept-ranges
bytes
expires
Thu, 24 Jul 2025 10:46:30 GMT
2b2d259e-0699-4d5c-82cf-ee4ac324cb5a
ekr.zdassets.com/compose/
2 KB
2 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/2b2d259e-0699-4d5c-82cf-ee4ac324cb5a
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2b2d259e-0699-4d5c-82cf-ee4ac324cb5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ecc975964f0fa892cfb13973041fb0fda05bb3d1cc874d2ef1f4107ed55058
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:31 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8a7f95c658fd76a1-SEA, 8a7f95c658fd76a1-SEA, 8a7f95c658fd76a1-SEA
x-runtime
0.003994
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"22ecc975964f0fa892cfb13973041fb0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAOmd6sah0VhBdCufUkg4PNONfoGNXy7vVv8yYsp0EZ%2B2svWqp0wnVL4P55AkoBt7EfP6zwWJmeYPx407GWNwnq5GLhhaNPvNhqe5a7Rm5V0VeWWkk6xk%2F4%2FI5iAyUaSXjA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes, yes
cf-ray
8a8353a8ed467333-LHR
cropped-ELEVATE_LOGO_APP_ICON-copy-32x32.jpg
weareelevate.global/wp-content/uploads/2023/02/
5 KB
6 KB
Other
General
Full URL
https://weareelevate.global/wp-content/uploads/2023/02/cropped-ELEVATE_LOGO_APP_ICON-copy-32x32.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.134.13.76 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS
weareelevate.gds.guru.net.uk
Software
LiteSpeed /
Resource Hash
2fbc20213257b4856efef9b896640970fc5a65917dc744fbdd8a248680058bc2

Request headers

Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:30 GMT
last-modified
Thu, 14 Sep 2023 12:14:35 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
5361
expires
Wed, 31 Jul 2024 10:46:30 GMT
fonts.css
cdn.landbot.io/assets/fonts/Montserrat/ Frame F734
7 KB
1 KB
Stylesheet
General
Full URL
https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
265bd58ccef96a13749152106ccb4b194c6394bb91adb98d316d06e6f5a4d874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
120
x-guploader-uploadid
ABPtcPoGs4CAdypIz3j4lZyPK2Y3Un1gpeEMB3Bx1MefAEd_IuCkyno5Ra_uv7eduwAWaZqxl3imTVYWwQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
715
last-modified
Tue, 19 Dec 2023 14:16:27 GMT
server
cloudflare
etag
"f7d630cf3e25242f4c23b19f9d6b8beb"
vary
Accept-Encoding
x-goog-generation
1702995387896185
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=/YR2LQ==, md5=99Ywzz4lJC9MI7GfnWuL6w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
715
accept-ranges
bytes
cf-ray
8a8353a9c8f50696-LHR
expires
Wed, 24 Jul 2024 11:44:30 GMT
MZ6VL03KZ6W537LMO16FYYKD0CGL5LEZ.png
storage.googleapis.com/media.landbot.io/564629/channels/ Frame F734
32 KB
32 KB
Image
General
Full URL
https://storage.googleapis.com/media.landbot.io/564629/channels/MZ6VL03KZ6W537LMO16FYYKD0CGL5LEZ.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f155.1e100.net
Software
UploadServer /
Resource Hash
f6a77d61b37b06d2f45db4f1317693a644055b58c5a24e57448658a36a04efe4

Request headers

Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:30 GMT
age
0
x-guploader-uploadid
AHxI1nNbkjIMIIQbrFRpPptDCfgAC1Xz3nfaSY6fLuliat68dzte8YErYeFDced1mwBISoqoB9g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32681
last-modified
Tue, 23 Jul 2024 18:27:16 GMT
server
UploadServer
etag
"338056b94275c0de3507d807f19b95b4"
x-goog-generation
1721759236886123
x-goog-hash
crc32c=vtajVw==, md5=M4BWuUJ1wN41B9gH8ZuVtA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
32681
accept-ranges
bytes
content-type
image/png
expires
Wed, 24 Jul 2024 11:46:30 GMT
/
welcome.landbot.io/webchat/auth/H-2562525-3VLKEMO5KE0ETDRL/
2 KB
2 KB
Fetch
General
Full URL
https://welcome.landbot.io/webchat/auth/H-2562525-3VLKEMO5KE0ETDRL/
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ee6a7e604e32155337247e7452cfb12a99b2d069b094e94565fad7458370f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
server
cloudflare
allow
GET, POST, HEAD, OPTIONS
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cf-ray
8a8353aa4e6b4883-LHR
access-control-allow-headers
*
content-length
1820
alt-svc
h3=":443"; ma=86400
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
cdn.landbot.io/assets/fonts/Montserrat/ Frame F734
30 KB
31 KB
Font
General
Full URL
https://cdn.landbot.io/assets/fonts/Montserrat/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Origin
https://checkin.weareelevate.global
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-guploader-uploadid
ACJd0NoD7oxmKMvXHhO6HieL6tp-fJT38R_eewtX8x-EycthsbHppNxkeXhxmizilmLE6VaZmLw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
30884
last-modified
Wed, 29 May 2024 10:19:30 GMT
server
cloudflare
etag
"cdde31e24a80e82d4adda965152598e6"
vary
Accept-Encoding
x-goog-generation
1712746936580398
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=Lhl5dQ==, md5=zd4x4kqA6C1K3allFSWY5g==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
30884
accept-ranges
bytes
cf-ray
8a8353aa6aa74969-LHR
expires
Wed, 24 Jul 2024 11:35:22 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
cdn.landbot.io/assets/fonts/Montserrat/ Frame F734
30 KB
0
Font
General
Full URL
https://cdn.landbot.io/assets/fonts/Montserrat/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Origin
https://checkin.weareelevate.global
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-guploader-uploadid
ACJd0NoD7oxmKMvXHhO6HieL6tp-fJT38R_eewtX8x-EycthsbHppNxkeXhxmizilmLE6VaZmLw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
30884
last-modified
Wed, 29 May 2024 10:19:30 GMT
server
cloudflare
etag
"cdde31e24a80e82d4adda965152598e6"
vary
Accept-Encoding
x-goog-generation
1712746936580398
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=Lhl5dQ==, md5=zd4x4kqA6C1K3allFSWY5g==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
30884
accept-ranges
bytes
cf-ray
8a8353aa6aa74969-LHR
expires
Wed, 24 Jul 2024 11:35:22 GMT
accounts:signInWithCustomToken
identitytoolkit.googleapis.com/v1/
1 KB
1 KB
Fetch
General
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60467d5078866ac1ac4fa08a60e3ee63ad03b999966582255722170fe73ae7ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Firebase-gmpid
1:918494355153:web:d67e2dcbb1f0779f276ff0
Referer
X-Client-Version
Chrome/JsCore/9.22.2/FirebaseCore-web
X-Firebase-Client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTIgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEyIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC85LjIyLjIgZmlyZS1hdXRoLzAuMjMuMiBmaXJlLWF1dGgtZXNtMjAxNy8wLjIzLjIgZmlyZS1mc3QvMy4xMi4yIGZpcmUtZnN0LWVzbTIwMTcvMy4xMi4yIiwiZGF0ZXMiOlsiMjAyNC0wNy0yNCJdfV19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 10:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://checkin.weareelevate.global
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
981
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
accounts:signInWithCustomToken
identitytoolkit.googleapis.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version,x-firebase-client,x-firebase-gmpid
Access-Control-Request-Method
POST
Origin
https://checkin.weareelevate.global
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version,x-firebase-client,x-firebase-gmpid
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://checkin.weareelevate.global
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 24 Jul 2024 10:46:31 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
web-widget-main-93ae424.js
static.zdassets.com/web_widget/classic/latest/ Frame 6637
972 KB
278 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2b2d259e-0699-4d5c-82cf-ee4ac324cb5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
719e197440f6e4d2dde51734b53a57dbeedce015141980d51652717b97f310bb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:31 GMT
x-amz-version-id
8j5KiAy8US3fP9FvnbLUStbzsQEc9UUm
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5Z3JCB8BABW8SWKY
age
57
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
DRMlQ9hYi+Iwf8vkyHef2MyGz6U2Cnh9QdYxMxOFymAPIEVo+gl8T/EZIyAd8/HI7Mid4mbdwf1DX+DF9pmLWg==
last-modified
Wed, 17 Jul 2024 12:15:23 GMT
server
cloudflare
etag
W/"9d8465f07ffcdbd872263a7ba43f384b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qme%2BM3VHyUyd63IW7GIX8ZltRVGLtflxzVxmCDBwIO5uc8nudNEIH2O3hqvRavao1ZkaNQQxCyq6aWX72btpH%2BywsQ5FX4BnpMQjuYZboJac2bz%2FVTGdvbMl2UzlNuyqRLVyrcM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a8353acc999d184-LHR
access-control-allow-headers
*
expires
Thu, 17 Jul 2025 12:15:22 GMT
accounts:lookup
identitytoolkit.googleapis.com/v1/
326 B
263 B
Fetch
General
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
ESF /
Resource Hash
ec1ea568d0a85a61d5ab0dbc126e5666c21429d7ddae4ed18b9e3ed0c2b8a276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Firebase-gmpid
1:918494355153:web:d67e2dcbb1f0779f276ff0
Referer
X-Client-Version
Chrome/JsCore/9.22.2/FirebaseCore-web
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 10:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://checkin.weareelevate.global
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
238
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
accounts:lookup
identitytoolkit.googleapis.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f138.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version,x-firebase-gmpid
Access-Control-Request-Method
POST
Origin
https://checkin.weareelevate.global
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version,x-firebase-gmpid
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://checkin.weareelevate.global
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 24 Jul 2024 10:46:31 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
en-us-json-93ae424.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 6637
25 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-93ae424.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:31 GMT
x-amz-version-id
xHBdYmQcGxRLX5O73vv1Qbw18uHqusNK
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5Z3TANJGWW61ME6D
age
92941
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
qB7+TpGPoKgxhDqcq0smM/GaK73nz18fFk/7Ty75mmGm6JypmeQ4jF2isAYOY710v+QANUh6ysM=
last-modified
Wed, 17 Jul 2024 12:15:25 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbUKINqRhRg%2FFB5fA9DpxlIVrjwrIrHWtRKU61GTNC0Pgm%2BeusZVbCiFrSOcP277xwmVg1LyWvQV5sNFH2J01ZWYywQmZkfaD2XHgXQTODppH%2BcFZcdUvDXcUxrK7p0Q2hOsPCw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a8353aedcacd184-LHR
access-control-allow-headers
*
expires
Thu, 17 Jul 2025 12:15:24 GMT
config
elevatestaffing.zendesk.com/embeddable/ Frame 6637
1 KB
1 KB
Fetch
General
Full URL
https://elevatestaffing.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd6b44827e9ff4e24dab497d2d6f506a13f310f76478363f823714c94a29dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:31 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-596b8fcbc9-4rchr
x-cached
MISS
x-request-id
8a8353af7aaa779d-LHR
x-runtime
0.025454
server
cloudflare
etag
W/"efd6b44827e9ff4e24dab497d2d6f506"
x-zendesk-zorg
yes
vary
Accept, Origin, Accept-Encoding
access-control-max-age
7200
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YwR35akw00UBioq%2Bm1NhsKnrxsjs0uowu4S5fYd4pz9XqAcwYQ3g%2FydTKipc2cy6oNR7sfT%2FFI0qSeNbJWZ6ou1Zn9adPjRqa9PHKSvRfJ8c3u0RHNptHODJYsPy9B%2Fr7qSOHs3T9YXK0is%2Fqg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=60, public, stale-while-revalidate=600, stale-if-error=3600
content-type
application/json; charset=utf-8
cf-ray
8a8353af7aaa779d-LHR
web-widget-chat-sdk-93ae424.js
static.zdassets.com/web_widget/classic/latest/ Frame 6637
216 KB
53 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-93ae424.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:31 GMT
x-amz-version-id
adcabCswwmciAHCNIehT_qbw73qTf6Y0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5Z3HJRWMEYF77C6T
age
92941
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
9KESAtdNNb86O8hvyXgMOmsbxpfjTUKBuINbeL4xNxSCMjfYh3NzKK6oAFHaLwR2pOADUIDl4tU=
last-modified
Wed, 17 Jul 2024 12:15:23 GMT
server
cloudflare
etag
W/"bf7f24c006f934261d7ff732b528402b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=26leUM1NuiSiGECO40yBSZWavVSowE7OGGbwnByitQ73jIZ7uJ25ReYtKoLeCT3s%2B5ga49lkiSrWu%2BmKEud8LXVJ73FFa%2BkonjPr22An0OFI5a4%2Fkdgj2oR1WXEAZwYM4FYm%2BUs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a8353af3d30d184-LHR
access-control-allow-headers
*
expires
Thu, 17 Jul 2025 12:15:22 GMT
status
elevatestaffing.zendesk.com/talk_embeddables_service/web/ Frame 6637
116 B
965 B
XHR
General
Full URL
https://elevatestaffing.zendesk.com/talk_embeddables_service/web/status?subdomain=elevatestaffing&nickname=EA%20Digital%20Line%20(HQ)
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e711e70f0fcb8971e482dcf6bec9a3d01cc0f8075f8ddacd649f41fb3a9cbaf1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
x-request-id
8a8353af7aac779d-LHR
server
cloudflare
etag
W/"74-SD1ECppV4+THD/gONuKuqqRQDEA"
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
499
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0HMC6rFzMXEXzPnfwtdSYoJXaXuXUgve6OyKvCnAGoOGov%2F1wkyIlTF0gRhXpUr20MX0%2BsZXprqpgfQxaG0nY9ZsS%2Ft7E3rNBhIfeCEMQqowwaYOP57rkwF%2FiSnVHhQA0UAqG%2F4C7Nj66OslUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-zendesk-zorg
yes
x-ratelimit-reset
1721817993
x-ratelimit-limit
500
cf-ray
8a8353af7aac779d-LHR
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
54 B
460 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=67172&CVER=22&X-HTTP-Session-Id=gsessionid&zx=fdxg3ka260ye&t=1
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98f70479b6c3ba112d5179820e2755ae41382eecb8f47534f3d04f788ab413a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jul 2024 10:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-wire-protocol
h2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://checkin.weareelevate.global
access-control-expose-headers
x-client-wire-protocol,x-http-session-id
cache-control
private
access-control-allow-credentials
true
x-http-session-id
f4RvqEyh6z1SfzNc_Of6lOU3JpJ_V7F3pRHF6ZfUzso
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
413 B
0
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=f4RvqEyh6z1SfzNc_Of6lOU3JpJ_V7F3pRHF6ZfUzso&VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=rpc&SID=-IGJolPBNnVJst7ZNbdBzA&AID=0&CI=0&TYPE=xmlhttp&zx=sp00rjmo6n0w&t=1
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Referer, origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://checkin.weareelevate.global
cache-control
private, max-age=0
access-control-allow-credentials
true
x-debug-tracking-id
7715146695490989145;o=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
PSPQSVE9NSIFFY8VP91S6JQKPIO8IQOV.png
storage.googleapis.com/media.landbot.io/564629/channels/ Frame F734
32 KB
32 KB
Image
General
Full URL
https://storage.googleapis.com/media.landbot.io/564629/channels/PSPQSVE9NSIFFY8VP91S6JQKPIO8IQOV.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f155.1e100.net
Software
UploadServer /
Resource Hash
f6a77d61b37b06d2f45db4f1317693a644055b58c5a24e57448658a36a04efe4

Request headers

Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:32 GMT
age
0
x-guploader-uploadid
AHxI1nMy0gzJ9GUd9e0Anl1CP0qGrRrUflDtS_CQfSR76iEE2aoXGSIinFL5uA19RrZRLNCEve0
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32681
last-modified
Tue, 23 Jul 2024 18:28:35 GMT
server
UploadServer
etag
"338056b94275c0de3507d807f19b95b4"
x-goog-generation
1721759315593398
x-goog-hash
crc32c=vtajVw==, md5=M4BWuUJ1wN41B9gH8ZuVtA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
32681
accept-ranges
bytes
content-type
image/png
expires
Wed, 24 Jul 2024 11:46:32 GMT
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
17 B
0
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=f4RvqEyh6z1SfzNc_Of6lOU3JpJ_V7F3pRHF6ZfUzso&VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=rpc&SID=-IGJolPBNnVJst7ZNbdBzA&AID=3&CI=0&TYPE=xmlhttp&zx=4gy4qiggp8pr&t=1
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.138 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 10:46:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://checkin.weareelevate.global
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| webpackChunklandbot_3 object| Landbot function| Container function| ContainerPopup function| Fullpage function| Livechat function| Native function| Popup object| myLandbot object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded function| $zopim

2 Cookies

Domain/Path Name / Value
.landbot.io/ Name: __cf_bm
Value: NLs5l_xh_dGabV_sCKIyE2BmGD9D1BfxrbiA87qSPEU-1721817990-1.0.1.1-KPtfbBN9ZgpUXXsVpHSaAXgsmvTw.3flPXys4m3ZtGERppPbF14Ble4i9pvc945zUHTvODiG78mndGnLJlO1jQ
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: SWHSulqaEtEI4p42BbDO/or/uhyHOIkWO8R9w0FdvCxpghw2c4AjCKvIh2zvBGOtkWT/XVGaxHOEoEafv+/Dv3MWYutAjG5nHimL1s/quOf2DrSOHy+gfnXeJ1bF

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.landbot.io
checkin.weareelevate.global
ekr.zdassets.com
elevatestaffing.zendesk.com
firestore.googleapis.com
identitytoolkit.googleapis.com
static.zdassets.com
storage.googleapis.com
weareelevate.global
welcome.landbot.io
104.16.53.111
104.18.70.113
104.18.72.113
142.250.186.138
172.217.16.138
172.217.16.155
172.67.6.159
2a00:1450:4001:803::200a
2a00:1450:4001:809::201b
2a00:1450:4001:82a::200a
5.134.13.76
13ee6a7e604e32155337247e7452cfb12a99b2d069b094e94565fad7458370f7
22ecc975964f0fa892cfb13973041fb0fda05bb3d1cc874d2ef1f4107ed55058
265bd58ccef96a13749152106ccb4b194c6394bb91adb98d316d06e6f5a4d874
2fbc20213257b4856efef9b896640970fc5a65917dc744fbdd8a248680058bc2
47e16a6079230b41f8820e1ec002960799c86a109cf0e725e06065c9fc25e21d
4d942eece4279fa2a81ef75c58aaa6cdde0f514da7c48b149a84ebd17af0cc8b
60467d5078866ac1ac4fa08a60e3ee63ad03b999966582255722170fe73ae7ab
624e7b0876addb7fe283e3e353bfcf8145a9f311616b742411dd988629f1b06b
719e197440f6e4d2dde51734b53a57dbeedce015141980d51652717b97f310bb
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
98f70479b6c3ba112d5179820e2755ae41382eecb8f47534f3d04f788ab413a3
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
e711e70f0fcb8971e482dcf6bec9a3d01cc0f8075f8ddacd649f41fb3a9cbaf1
ec1ea568d0a85a61d5ab0dbc126e5666c21429d7ddae4ed18b9e3ed0c2b8a276
efd6b44827e9ff4e24dab497d2d6f506a13f310f76478363f823714c94a29dc3
f6a77d61b37b06d2f45db4f1317693a644055b58c5a24e57448658a36a04efe4