URL: https://mail.checkin.weareelevate.global/
Submission: On July 24 via api from US — Scanned from GB

Summary

This website contacted 12 IPs in 4 countries across 5 domains to perform 24 HTTP transactions. The main IP is 5.134.13.76, located in United Kingdom and belongs to UKNOC-AS, GB. The main domain is mail.checkin.weareelevate.global.
TLS certificate: Issued by R11 on July 23rd 2024. Valid for: 3 months.
This is the only time mail.checkin.weareelevate.global was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5.134.13.76 34282 (UKNOC-AS)
4 172.67.6.159 13335 (CLOUDFLAR...)
4 104.18.72.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.70.113 13335 (CLOUDFLAR...)
2 172.217.16.155 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.16.51.111 13335 (CLOUDFLAR...)
2 172.217.18.106 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.202 ()
24 12
Apex Domain
Subdomains
Transfer
10 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 492
identitytoolkit.googleapis.com — Cisco Umbrella Rank: 6472
firestore.googleapis.com — Cisco Umbrella Rank: 1344
71 KB
5 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3854
ekr.zdassets.com — Cisco Umbrella Rank: 4356
343 KB
5 landbot.io
cdn.landbot.io — Cisco Umbrella Rank: 150329
welcome.landbot.io — Cisco Umbrella Rank: 408942
505 KB
2 zendesk.com
elevatestaffing.zendesk.com
2 KB
2 weareelevate.global
mail.checkin.weareelevate.global
weareelevate.global
6 KB
24 5
Domain Requested by
4 identitytoolkit.googleapis.com cdn.landbot.io
4 static.zdassets.com mail.checkin.weareelevate.global
static.zdassets.com
4 cdn.landbot.io mail.checkin.weareelevate.global
cdn.landbot.io
3 firestore.googleapis.com cdn.landbot.io
3 storage.googleapis.com cdn.landbot.io
2 elevatestaffing.zendesk.com static.zdassets.com
1 welcome.landbot.io cdn.landbot.io
1 weareelevate.global
1 ekr.zdassets.com static.zdassets.com
1 mail.checkin.weareelevate.global
24 10

This site contains no links.

Subject Issuer Validity Valid
cpcontacts.checkin.weareelevate.global
R11
2024-07-23 -
2024-10-21
3 months crt.sh
landbot.io
WE1
2024-07-05 -
2024-10-03
3 months crt.sh
zdassets.com
E6
2024-06-29 -
2024-09-27
3 months crt.sh
storage.googleapis.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
mail.weareelevate.global
R11
2024-07-15 -
2024-10-13
3 months crt.sh
upload.video.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
elevatestaffing.zendesk.com
E5
2024-06-13 -
2024-09-11
3 months crt.sh
edgecert.googleapis.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh

This page contains 3 frames:

Primary Page: https://mail.checkin.weareelevate.global/
Frame ID: D59E8B727218B32248B53101DD2D29E5
Requests: 12 HTTP requests in this frame

Frame: https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Frame ID: F890A9BEA15BB760158504B30E2F689D
Requests: 5 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Frame ID: EA882444576E6D4BD8ABC82E1F2C08D1
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Check-In And Check-Out With Elevate

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

24
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

10
Subdomains

12
IPs

4
Countries

927 kB
Transfer

3052 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
mail.checkin.weareelevate.global/
1 KB
781 B
Document
General
Full URL
https://mail.checkin.weareelevate.global/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.134.13.76 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS
weareelevate.gds.guru.net.uk
Software
LiteSpeed /
Resource Hash
47e16a6079230b41f8820e1ec002960799c86a109cf0e725e06065c9fc25e21d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
527
content-type
text/html
date
Wed, 24 Jul 2024 08:50:48 GMT
last-modified
Tue, 23 Jul 2024 23:52:33 GMT
server
LiteSpeed
vary
Accept-Encoding
landbot-3.0.0.js
cdn.landbot.io/landbot-3/
2 MB
471 KB
Script
General
Full URL
https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Requested by
Host: mail.checkin.weareelevate.global
URL: https://mail.checkin.weareelevate.global/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624e7b0876addb7fe283e3e353bfcf8145a9f311616b742411dd988629f1b06b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-guploader-uploadid
ACJd0NqLhlyNDUqc2VpwNzgrIwDrzyBnXmb2NLOfo0oz9VTUpg-JUc2ChHQMeeX6nQ42K4wzHO8eLsrNZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
481168
last-modified
Tue, 20 Feb 2024 16:33:04 GMT
server
cloudflare
etag
"b0675d16627f954545888eb1ac5236b4"
vary
Accept-Encoding
x-goog-generation
1708446784696571
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=JHapfw==, md5=sGddFmJ/lUVFiI6xrFI2tA==
access-control-expose-headers
Content-Type
cache-control
max-age=120, no-transform
x-goog-stored-content-length
481168
accept-ranges
bytes
cf-ray
8a82aa2cecdb885f-LHR
expires
Wed, 24 Jul 2024 08:50:48 GMT
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=2b2d259e-0699-4d5c-82cf-ee4ac324cb5a
Requested by
Host: mail.checkin.weareelevate.global
URL: https://mail.checkin.weareelevate.global/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:48 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
RHCK4VW3DV78KC29
age
4
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
uzHppUAFshGca5fa+F5E7670AoUC86ZKZbWaJnMBcGbpQb+CpGhGHglRbacEm7gO9XIbKIP2UbY=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TlBkKzToisQrtgUWkIn89XeY0vGaL7OMuch9DQFzYFFcNv3dTfvTsn%2BvL%2FYaE4c1hxIjUUI%2BnKYwhQaS1qwJK5TqvzGeEptA6rBH3%2FWKgTG0FNOMfWNOg8KDiJyixbUMPOki0Pg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8a82aa2d2b3e60e9-LHR
access-control-allow-headers
*
index.json
storage.googleapis.com/landbot.pro/v3/H-2562525-3VLKEMO5KE0ETDRL/
4 KB
5 KB
Fetch
General
Full URL
https://storage.googleapis.com/landbot.pro/v3/H-2562525-3VLKEMO5KE0ETDRL/index.json?ts=1721811048944
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4d942eece4279fa2a81ef75c58aaa6cdde0f514da7c48b149a84ebd17af0cc8b

Request headers

Accept
application/json
Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:49 GMT
x-guploader-uploadid
AHxI1nPeBcZffAsPmRADBGGYyu7Ve2yKzKaG4yq9vvamN4e0QwpS7LVsJujBRow_GkFgdDFAfAV3ZGibkPXo2nw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4387
last-modified
Wed, 24 Jul 2024 01:23:40 GMT
server
UploadServer
etag
"5abcedf43d9e3e6c6ab259acb299fd1e"
x-goog-generation
1721784220109337
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=kjORnw==, md5=Wrzt9D2ePmxqslmsspn9Hg==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-store
x-goog-stored-content-length
4387
accept-ranges
bytes
expires
Thu, 24 Jul 2025 08:50:49 GMT
2b2d259e-0699-4d5c-82cf-ee4ac324cb5a
ekr.zdassets.com/compose/
2 KB
2 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/2b2d259e-0699-4d5c-82cf-ee4ac324cb5a
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2b2d259e-0699-4d5c-82cf-ee4ac324cb5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ecc975964f0fa892cfb13973041fb0fda05bb3d1cc874d2ef1f4107ed55058
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:49 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8a80880c8b0534cb-SEA, 8a80880c8b0534cb-SEA, 8a80880c8b0534cb-SEA
x-runtime
0.004351
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"22ecc975964f0fa892cfb13973041fb0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGt%2FHUlQ91JBLxIdJdERADMNkgWyyiGVUw5RP3bx%2BZB7ZSgnAa%2F77OM7y2JJEMZnH00O%2BtoL%2Bp5foqK8DoLu0QMxlRKLBZs9ZbBICeaFexUKDg%2B9FuWIRuEKkkSV5xAmpYw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes, yes
cf-ray
8a82aa30ba1f6346-LHR
cropped-ELEVATE_LOGO_APP_ICON-copy-32x32.jpg
weareelevate.global/wp-content/uploads/2023/02/
5 KB
6 KB
Other
General
Full URL
https://weareelevate.global/wp-content/uploads/2023/02/cropped-ELEVATE_LOGO_APP_ICON-copy-32x32.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.134.13.76 , United Kingdom, ASN34282 (UKNOC-AS, GB),
Reverse DNS
weareelevate.gds.guru.net.uk
Software
LiteSpeed /
Resource Hash
2fbc20213257b4856efef9b896640970fc5a65917dc744fbdd8a248680058bc2

Request headers

Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:49 GMT
last-modified
Thu, 14 Sep 2023 12:14:35 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
5361
expires
Wed, 31 Jul 2024 08:50:49 GMT
fonts.css
cdn.landbot.io/assets/fonts/Montserrat/ Frame F890
7 KB
1 KB
Stylesheet
General
Full URL
https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
265bd58ccef96a13749152106ccb4b194c6394bb91adb98d316d06e6f5a4d874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
age
381
x-guploader-uploadid
ABPtcPoGs4CAdypIz3j4lZyPK2Y3Un1gpeEMB3Bx1MefAEd_IuCkyno5Ra_uv7eduwAWaZqxl3imTVYWwQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
715
last-modified
Tue, 19 Dec 2023 14:16:27 GMT
server
cloudflare
etag
"f7d630cf3e25242f4c23b19f9d6b8beb"
vary
Accept-Encoding
x-goog-generation
1702995387896185
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=/YR2LQ==, md5=99Ywzz4lJC9MI7GfnWuL6w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
715
accept-ranges
bytes
cf-ray
8a82aa31eabe885f-LHR
expires
Wed, 24 Jul 2024 09:44:28 GMT
MZ6VL03KZ6W537LMO16FYYKD0CGL5LEZ.png
storage.googleapis.com/media.landbot.io/564629/channels/ Frame F890
32 KB
32 KB
Image
General
Full URL
https://storage.googleapis.com/media.landbot.io/564629/channels/MZ6VL03KZ6W537LMO16FYYKD0CGL5LEZ.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f155.1e100.net
Software
UploadServer /
Resource Hash
f6a77d61b37b06d2f45db4f1317693a644055b58c5a24e57448658a36a04efe4

Request headers

Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:49 GMT
x-guploader-uploadid
AHxI1nNUKCaGRl4tNwqQjGXoRqjr8Olxk23fVEabOHTiDG6vZ8mCZCuP7ldWLdF50DdCrhAQiZ8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32681
last-modified
Tue, 23 Jul 2024 18:27:16 GMT
server
UploadServer
etag
"338056b94275c0de3507d807f19b95b4"
x-goog-generation
1721759236886123
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=vtajVw==, md5=M4BWuUJ1wN41B9gH8ZuVtA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
32681
accept-ranges
bytes
expires
Wed, 24 Jul 2024 09:50:49 GMT
/
welcome.landbot.io/webchat/auth/H-2562525-3VLKEMO5KE0ETDRL/
2 KB
2 KB
Fetch
General
Full URL
https://welcome.landbot.io/webchat/auth/H-2562525-3VLKEMO5KE0ETDRL/
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:166e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc8cb9282e263a42642b3168d58e296a28e39d6a450b7d8a599ca7e797b41ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json
Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
server
cloudflare
allow
GET, POST, HEAD, OPTIONS
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cf-ray
8a82aa32dc3894d5-LHR
access-control-allow-headers
*
content-length
1821
alt-svc
h3=":443"; ma=86400
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
cdn.landbot.io/assets/fonts/Montserrat/ Frame F890
30 KB
31 KB
Font
General
Full URL
https://cdn.landbot.io/assets/fonts/Montserrat/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Origin
https://mail.checkin.weareelevate.global
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
x-guploader-uploadid
AHxI1nPpV_o6fVYetFKuYhFfmsR6-1plHWReLUo8HcZ-HB2rx52Ci-RwKzLcpiOvsC7IOyEk0Qk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
30884
last-modified
Wed, 24 Jul 2024 07:00:01 GMT
server
cloudflare
etag
"cdde31e24a80e82d4adda965152598e6"
vary
Accept-Encoding
x-goog-generation
1712746936580398
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=Lhl5dQ==, md5=zd4x4kqA6C1K3allFSWY5g==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
30884
accept-ranges
bytes
cf-ray
8a82aa32999979ba-LHR
expires
Wed, 24 Jul 2024 09:00:36 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
cdn.landbot.io/assets/fonts/Montserrat/ Frame F890
30 KB
0
Font
General
Full URL
https://cdn.landbot.io/assets/fonts/Montserrat/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.6.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.landbot.io/assets/fonts/Montserrat/fonts.css
Origin
https://mail.checkin.weareelevate.global
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-guploader-uploadid
AHxI1nPpV_o6fVYetFKuYhFfmsR6-1plHWReLUo8HcZ-HB2rx52Ci-RwKzLcpiOvsC7IOyEk0Qk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
content-length
30884
last-modified
Wed, 24 Jul 2024 07:00:01 GMT
server
cloudflare
etag
"cdde31e24a80e82d4adda965152598e6"
vary
Accept-Encoding
x-goog-generation
1712746936580398
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=Lhl5dQ==, md5=zd4x4kqA6C1K3allFSWY5g==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
30884
accept-ranges
bytes
cf-ray
8a82aa32999979ba-LHR
expires
Wed, 24 Jul 2024 09:00:36 GMT
accounts:signInWithCustomToken
identitytoolkit.googleapis.com/v1/
1 KB
1 KB
Fetch
General
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eac09caa9656846194bff3d20811a7999091ce2eb054bb8a7a14901dd2317b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Firebase-gmpid
1:918494355153:web:d67e2dcbb1f0779f276ff0
Referer
X-Client-Version
Chrome/JsCore/9.22.2/FirebaseCore-web
X-Firebase-Client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTIgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEyIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC85LjIyLjIgZmlyZS1hdXRoLzAuMjMuMiBmaXJlLWF1dGgtZXNtMjAxNy8wLjIzLjIgZmlyZS1mc3QvMy4xMi4yIGZpcmUtZnN0LWVzbTIwMTcvMy4xMi4yIiwiZGF0ZXMiOlsiMjAyNC0wNy0yNCJdfV19
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 08:50:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://mail.checkin.weareelevate.global
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
974
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
accounts:signInWithCustomToken
identitytoolkit.googleapis.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:signInWithCustomToken?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version,x-firebase-client,x-firebase-gmpid
Access-Control-Request-Method
POST
Origin
https://mail.checkin.weareelevate.global
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version,x-firebase-client,x-firebase-gmpid
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://mail.checkin.weareelevate.global
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 24 Jul 2024 08:50:49 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
web-widget-main-93ae424.js
static.zdassets.com/web_widget/classic/latest/ Frame EA88
972 KB
278 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2b2d259e-0699-4d5c-82cf-ee4ac324cb5a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
719e197440f6e4d2dde51734b53a57dbeedce015141980d51652717b97f310bb
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:49 GMT
x-amz-version-id
8j5KiAy8US3fP9FvnbLUStbzsQEc9UUm
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5Z3JCB8BABW8SWKY
age
99
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
DRMlQ9hYi+Iwf8vkyHef2MyGz6U2Cnh9QdYxMxOFymAPIEVo+gl8T/EZIyAd8/HI7Mid4mbdwf1DX+DF9pmLWg==
last-modified
Wed, 17 Jul 2024 12:15:23 GMT
server
cloudflare
etag
W/"9d8465f07ffcdbd872263a7ba43f384b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b2TRvvY7prkLx2UsVePOWo6X7FQr7isi%2B2S%2BvIZ8r7SxaurNt4bRrIWs0qC1CxwfjyK8qSMwVKxxaEtuukvni2%2BEnYndLu88R3bvQVN%2BhEkbQeRuG%2BB3njIXbT3A2g1fKAe1fl4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a82aa34dd6c60e9-LHR
access-control-allow-headers
*
expires
Thu, 17 Jul 2025 12:15:22 GMT
en-us-json-93ae424.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame EA88
25 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-93ae424.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:50 GMT
x-amz-version-id
xHBdYmQcGxRLX5O73vv1Qbw18uHqusNK
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5Z3TANJGWW61ME6D
age
86000
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
qB7+TpGPoKgxhDqcq0smM/GaK73nz18fFk/7Ty75mmGm6JypmeQ4jF2isAYOY710v+QANUh6ysM=
last-modified
Wed, 17 Jul 2024 12:15:25 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zmntUnoBUKFxnRKGDaQQ1z3CxD2Ajxfyuvcvh74ClSSxxDeOF1RGBqWz8AOrJn5FptZagjTM1AfzPCSbrjARVRzD1FySqycMKvrryigNdP4rQCdtJm3Bf24%2FZ9M64aOmC3so2XU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a82aa3718b860e9-LHR
access-control-allow-headers
*
expires
Thu, 17 Jul 2025 12:15:24 GMT
config
elevatestaffing.zendesk.com/embeddable/ Frame EA88
1 KB
1 KB
Fetch
General
Full URL
https://elevatestaffing.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd6b44827e9ff4e24dab497d2d6f506a13f310f76478363f823714c94a29dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:50 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-596b8fcbc9-4rchr
x-cached
MISS
x-request-id
8a8268ed8d26becb-LHR
x-runtime
0.021751
server
cloudflare
etag
W/"efd6b44827e9ff4e24dab497d2d6f506"
x-zendesk-zorg
yes
vary
Accept, Origin, Accept-Encoding
access-control-max-age
7200
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zYxjBm3R4BrC8nO1lLTMyxMbghfd8L44wkGuOSVEt91A403MCemj1VcpyRPsgd84VzSALGalm9L%2FIA5IJf9sSd%2BJQ0Rn1bJ7YnqgNB6rypSOjSFKNiPbGJumhCw6wGyfRZ4xM75V88BlOaX66A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
max-age=60, public, stale-while-revalidate=600, stale-if-error=3600
content-type
application/json; charset=utf-8
cf-ray
8a82aa38bb3279bc-LHR
accounts:lookup
identitytoolkit.googleapis.com/v1/
326 B
263 B
Fetch
General
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
ESF /
Resource Hash
a69aaacc68bb3f8bb6513638734daaf1a96c9a25086fe8afc859891daa5fb0c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Firebase-gmpid
1:918494355153:web:d67e2dcbb1f0779f276ff0
Referer
X-Client-Version
Chrome/JsCore/9.22.2/FirebaseCore-web
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 08:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://mail.checkin.weareelevate.global
access-control-expose-headers
date,vary,vary,vary,content-encoding,server,content-length
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
238
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
accounts:lookup
identitytoolkit.googleapis.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=AIzaSyAMzOSqjrX0oWPoiGUrUDM0mOmxTqeYS8o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f106.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-client-version,x-firebase-gmpid
Access-Control-Request-Method
POST
Origin
https://mail.checkin.weareelevate.global
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-client-version,x-firebase-gmpid
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://mail.checkin.weareelevate.global
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 24 Jul 2024 08:50:50 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
web-widget-chat-sdk-93ae424.js
static.zdassets.com/web_widget/classic/latest/ Frame EA88
216 KB
53 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-93ae424.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:50 GMT
x-amz-version-id
adcabCswwmciAHCNIehT_qbw73qTf6Y0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
5Z3HJRWMEYF77C6T
age
86000
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
9KESAtdNNb86O8hvyXgMOmsbxpfjTUKBuINbeL4xNxSCMjfYh3NzKK6oAFHaLwR2pOADUIDl4tU=
last-modified
Wed, 17 Jul 2024 12:15:23 GMT
server
cloudflare
etag
W/"bf7f24c006f934261d7ff732b528402b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gz3Ic1BoS4bZt%2FyfrXshXfflzfWy0UqMb4Vxe1YCahc6nBS5wNwXu8o1YRAV1Ks0VPYnNznCRWR2iFjy3V47SI0PasK6YTsrcldDKpsJYLnUIS%2FJHRECJma56NGZOHF3mRzCk0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a82aa38baac60e9-LHR
access-control-allow-headers
*
expires
Thu, 17 Jul 2025 12:15:22 GMT
status
elevatestaffing.zendesk.com/talk_embeddables_service/web/ Frame EA88
116 B
963 B
XHR
General
Full URL
https://elevatestaffing.zendesk.com/talk_embeddables_service/web/status?subdomain=elevatestaffing&nickname=EA%20Digital%20Line%20(HQ)
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-93ae424.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e711e70f0fcb8971e482dcf6bec9a3d01cc0f8075f8ddacd649f41fb3a9cbaf1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-dns-prefetch-control
off
x-xss-protection
1; mode=block
x-request-id
8a82aa38bb3379bc-LHR
server
cloudflare
etag
W/"74-SD1ECppV4+THD/gONuKuqqRQDEA"
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
499
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Kf38%2Fm55xeFu1K065iwvDyLj4f%2FAlWFiUNqC3t5MHH9vc%2FJOeZ7dyPcFpOO6yD8zdBiWk6YQOzHSEsukz2Df2rZWXk5xTsbrvTjdT%2BvfyKWZDbTGKnqVl7bhoA5Eg0h0QRkaCfG1izZYfL%2BBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-zendesk-zorg
yes
x-ratelimit-reset
1721811052
x-ratelimit-limit
500
cf-ray
8a82aa38bb3379bc-LHR
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
54 B
463 B
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=85807&CVER=22&X-HTTP-Session-Id=gsessionid&zx=9ykfyyuhmr4w&t=1
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12246eb4b87f7b8e97cd00146c4fae3e4358d8998daa9b3065e31b3f2d667cdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jul 2024 08:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-wire-protocol
h2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://mail.checkin.weareelevate.global
access-control-expose-headers
x-client-wire-protocol,x-http-session-id
cache-control
private
access-control-allow-credentials
true
x-http-session-id
9x-6evXsFHQaI7V0s_Hoz-H0odvVjd1bVrg4--R5D64
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
413 B
0
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=9x-6evXsFHQaI7V0s_Hoz-H0odvVjd1bVrg4--R5D64&VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=rpc&SID=iGVF3GzUO2GnQhmkDcQjMQ&AID=0&CI=0&TYPE=xmlhttp&zx=k19r9086gzie&t=1
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Referer, origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://mail.checkin.weareelevate.global
cache-control
private, max-age=0
access-control-allow-credentials
true
x-debug-tracking-id
18242185233550206601;o=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
PSPQSVE9NSIFFY8VP91S6JQKPIO8IQOV.png
storage.googleapis.com/media.landbot.io/564629/channels/ Frame F890
32 KB
32 KB
Image
General
Full URL
https://storage.googleapis.com/media.landbot.io/564629/channels/PSPQSVE9NSIFFY8VP91S6JQKPIO8IQOV.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f155.1e100.net
Software
UploadServer /
Resource Hash
f6a77d61b37b06d2f45db4f1317693a644055b58c5a24e57448658a36a04efe4

Request headers

Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:51 GMT
x-guploader-uploadid
AHxI1nMddZ5HWYLge5CYl2rjftyJzmzC6xkh41ap5glfkpspopPL0ba6ybfcSYaYqwkfQaKUDM8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32681
last-modified
Tue, 23 Jul 2024 18:28:35 GMT
server
UploadServer
etag
"338056b94275c0de3507d807f19b95b4"
x-goog-generation
1721759315593398
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=vtajVw==, md5=M4BWuUJ1wN41B9gH8ZuVtA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
32681
accept-ranges
bytes
expires
Wed, 24 Jul 2024 09:50:51 GMT
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/
17 B
0
Fetch
General
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=9x-6evXsFHQaI7V0s_Hoz-H0odvVjd1bVrg4--R5D64&VER=8&database=projects%2Ffirestore-helloumi%2Fdatabases%2F(default)&RID=rpc&SID=iGVF3GzUO2GnQhmkDcQjMQ&AID=3&CI=0&TYPE=xmlhttp&zx=y8fmg4ysitpk&t=1
Requested by
Host: cdn.landbot.io
URL: https://cdn.landbot.io/landbot-3/landbot-3.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.202 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mail.checkin.weareelevate.global/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 08:50:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://mail.checkin.weareelevate.global
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| webpackChunklandbot_3 object| Landbot function| Container function| ContainerPopup function| Fullpage function| Livechat function| Native function| Popup object| myLandbot object| zEWebpackACJsonp function| zE function| zEmbed boolean| zEACLoaded function| $zopim

2 Cookies

Domain/Path Name / Value
.landbot.io/ Name: __cf_bm
Value: l8S9hOCqna75rcYEv852bcf2gtzDj5oZEXsp9IeSIio-1721811048-1.0.1.1-ijQwittiw3SXJS2WAkMZ1lAK1KGEPFhDa85nYpZKJJMrCBeW2BOk_YccAFdjLcYY8A085BRs1pyHlV3nxaqlOg
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: tKcSc0KAdim/g/QOmQ2UiS9e/8FaiAwtHsY6NpI0phf0229E7fsplF0TvuKH+TjUQWOyNPaL54mEm5Zsqigu5wotH+k/n/lMUBeJl7KKayByvCJwxUDoq8x8TT4l

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.landbot.io
ekr.zdassets.com
elevatestaffing.zendesk.com
firestore.googleapis.com
identitytoolkit.googleapis.com
mail.checkin.weareelevate.global
static.zdassets.com
storage.googleapis.com
weareelevate.global
welcome.landbot.io
104.16.51.111
104.18.70.113
104.18.72.113
172.217.16.155
172.217.16.202
172.217.18.106
172.67.6.159
2606:4700:10::6816:166e
2a00:1450:4001:812::201b
2a00:1450:4001:81c::200a
2a00:1450:4001:82a::200a
5.134.13.76
12246eb4b87f7b8e97cd00146c4fae3e4358d8998daa9b3065e31b3f2d667cdb
22ecc975964f0fa892cfb13973041fb0fda05bb3d1cc874d2ef1f4107ed55058
265bd58ccef96a13749152106ccb4b194c6394bb91adb98d316d06e6f5a4d874
2fbc20213257b4856efef9b896640970fc5a65917dc744fbdd8a248680058bc2
47e16a6079230b41f8820e1ec002960799c86a109cf0e725e06065c9fc25e21d
4d942eece4279fa2a81ef75c58aaa6cdde0f514da7c48b149a84ebd17af0cc8b
624e7b0876addb7fe283e3e353bfcf8145a9f311616b742411dd988629f1b06b
719e197440f6e4d2dde51734b53a57dbeedce015141980d51652717b97f310bb
7eeb99e9f0563d79a34bf9d13c260f0552269bbde05b145d331cdf1aae47c25a
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a69aaacc68bb3f8bb6513638734daaf1a96c9a25086fe8afc859891daa5fb0c6
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
e711e70f0fcb8971e482dcf6bec9a3d01cc0f8075f8ddacd649f41fb3a9cbaf1
eac09caa9656846194bff3d20811a7999091ce2eb054bb8a7a14901dd2317b62
efd6b44827e9ff4e24dab497d2d6f506a13f310f76478363f823714c94a29dc3
f6a77d61b37b06d2f45db4f1317693a644055b58c5a24e57448658a36a04efe4
fbc8cb9282e263a42642b3168d58e296a28e39d6a450b7d8a599ca7e797b41ae