user.worktrips.com Open in urlscan Pro
13.69.68.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnk.worktrips.com/ls/click?upn=u001.u-2FgYlCpAY4f69YjQIpsLwQZ8cOoyhAo8bYa0b1z1DCS52Az2VoSmMAdL4prU9SwPIk3zIsPnpbiV...
Effective URL:
https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581...
Submission: On April 16 via manual (April 16th 2024, 6:39:49 am UTC) from PL — Scanned from NL

Summary HTTP 48 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 7 domains to perform 48 HTTP transactions. The main IP is 13.69.68.43, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is user.worktrips.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on August 1st 2023. Valid for: a year.

This is the only time user.worktrips.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	13.69.68.43 13.69.68.43	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1 1	20.107.115.173 20.107.115.173	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
1	52.57.182.108 52.57.182.108	16509 (AMAZON-02) (AMAZON-02)
7	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	18.173.187.79 18.173.187.79	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::720	54113 (FASTLY) (FASTLY)
1	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	10

32 13.69.68.43 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lnk.worktrips.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user.worktrips.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.107.115.173 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.worktrips.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.181 (United States)

ASN54113 (FASTLY, US)

api.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.182.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-182-108.eu-central-1.compute.amazonaws.com

widget.usersnap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-79.muc50.r.cloudfront.net

resources.usersnap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

hotailors.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	worktrips.com 2 redirects lnk.worktrips.com user.worktrips.com login.worktrips.com	718 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2270 ekr.zdassets.com — Cisco Umbrella Rank: 2600	361 KB
2	gstatic.com fonts.gstatic.com	165 KB
2	usersnap.com widget.usersnap.com — Cisco Umbrella Rank: 24045 resources.usersnap.com — Cisco Umbrella Rank: 31122	143 KB
2	unsplash.com api.unsplash.com — Cisco Umbrella Rank: 79666 Failed images.unsplash.com — Cisco Umbrella Rank: 5918	299 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	zendesk.com hotailors.zendesk.com	1 KB
48	7

	Domain	Requested by
31	user.worktrips.com	user.worktrips.com
6	static.zdassets.com	user.worktrips.com static.zdassets.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	client
1	hotailors.zendesk.com	static.zdassets.com
1	images.unsplash.com
1	resources.usersnap.com	widget.usersnap.com
1	ekr.zdassets.com	static.zdassets.com
1	widget.usersnap.com	user.worktrips.com
1	login.worktrips.com	1 redirects
1	api.unsplash.com	user.worktrips.com
1	lnk.worktrips.com	1 redirects
48	12

This site contains links to these domains. Also see Links.

Domain
worktrips.com

Subject Issuer	Validity	Valid
*.worktrips.com Sectigo RSA Organization Validation Secure Server CA	`2023-08-01` - `2024-08-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.unsplash.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-07` - `2025-05-09`	a year	crt.sh
usersnap.com Amazon RSA 2048 M03	`2023-08-09` - `2024-09-06`	a year	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
images.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
hotailors.zendesk.com E1	`2024-03-31` - `2024-06-29`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Frame ID: 5BBC4AA017F86E6E63C445D7F4F4F7D3
Requests: 39 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/snippet.js
Frame ID: 65163BE59CDD7874A8EFA2C8C777E2D1
Requests: 2 HTTP requests in this frame

Frame: https://resources.usersnap.com/widget-assets/js/entries/setup/31accd6592c60440a8aa.js
Frame ID: 5BB8EDB038BFD2B12CA6D0F097B2D52F
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Frame ID: 6D2FB6CB987D237AAD4C119B9D1F0068
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UserPanel

Page URL History Show full URLs

https://lnk.worktrips.com/ls/click?upn=u001.u-2FgYlCpAY4f69YjQIpsLwQZ8cOoyhAo8bYa0b1z1DCS52Az2VoSmMAdL... HTTP 302
https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-39... Page URL
https://login.worktrips.com/realms/worktrips/protocol/openid-connect/auth?client_id=auth&redirect_uri=ht... HTTP 302
https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4... Page URL

Page Statistics

48
Requests

98 %
HTTPS

30 %
IPv6

7
Domains

12
Subdomains

10
IPs

4
Countries

1687 kB
Transfer

6021 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://worktrips.com/Travellers.pdf
Title: Traveler Terms and conditions

Search URL Search Domain Scan URL

URL: https://worktrips.com/Approvers.pdf
Title: Administrator Terms and conditions

Search URL Search Domain Scan URL

URL: https://worktrips.com/PrivacyPolicy.pdf
Title: Privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnk.worktrips.com/ls/click?upn=u001.u-2FgYlCpAY4f69YjQIpsLwQZ8cOoyhAo8bYa0b1z1DCS52Az2VoSmMAdL4prU9SwPIk3zIsPnpbiV1ocs43-2F0OUqANn2KBLABnkNDmlmynUSC8NSYTYp5FubLQEAJow7Orzjr4usvgk9bUwQGf1XqqpiNOp5fxLJZqt-2B-2FSm8TtZg9sJAEsF6E2Pld4N6KCmsjl8MuhbObD8-2BkAopka-2FjuB9zM2fGmv61xoy5HwwRqcT4-3DvWQR_AKRg43yPFYyxgPB8KFwkYl3pe47Z-2BKrcK1iZTENgjXfSP66d0xWcr2Otp1lOFmZU2IIayuE88i7oaOSTDoGlnfBFxFbW2IPYdL0zOw3DsNA3iqhsCn26Y7KTdiqmeRHj8h7ylPNv6J-2B9eUm1HbXjO5TPpDnC72d6uXL-2FYnxisM0XFZWHUNItMbjSeRjjTYI7q4BVgCzt0GZHBgJMQtizeDXQdQGqSMMXZRWSo85Ctm6BRvfmhAs1oHjx9RYiDs6fT-2Bu5uZaiBn4dpMm-2Ftki97drJUQvZv1kkKsIK0ns10k0eQqN3mh8w96ixEQnEgmsiaSiHU4Hu9LXQ-2BoRQDl8ykvZHGmXFrh9Lm4BRpbjm646LZMXgqe0dLWc1VnLmJzrbKuB5z793OKFErd7Q26l2teNdCZUfu0r-2FJw78PAvf7yc-3D HTTP 302
https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en Page URL
https://login.worktrips.com/realms/worktrips/protocol/openid-connect/auth?client_id=auth&redirect_uri=https%3A%2F%2Fuser.worktrips.com%2Factivate%2FbWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%253D%253D%2F2568%2Fpc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568%2Fen&state=fe13704e-6069-46d2-b9d2-9fbdaa0a53b7&response_mode=fragment&response_type=code%20id_token%20token&scope=openid&nonce=3815bd20-0d9f-49c1-8216-22464d96c6ba&prompt=none&code_challenge=sdoSfnteCIWwkNitymPh7eSA8bKFLIJpYVPSNWQH1mk&code_challenge_method=S256 HTTP 302
https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://lnk.worktrips.com/ls/click?upn=u001.u-2FgYlCpAY4f69YjQIpsLwQZ8cOoyhAo8bYa0b1z1DCS52Az2VoSmMAdL4prU9SwPIk3zIsPnpbiV1ocs43-2F0OUqANn2KBLABnkNDmlmynUSC8NSYTYp5FubLQEAJow7Orzjr4usvgk9bUwQGf1XqqpiNOp5fxLJZqt-2B-2FSm8TtZg9sJAEsF6E2Pld4N6KCmsjl8MuhbObD8-2BkAopka-2FjuB9zM2fGmv61xoy5HwwRqcT4-3DvWQR_AKRg43yPFYyxgPB8KFwkYl3pe47Z-2BKrcK1iZTENgjXfSP66d0xWcr2Otp1lOFmZU2IIayuE88i7oaOSTDoGlnfBFxFbW2IPYdL0zOw3DsNA3iqhsCn26Y7KTdiqmeRHj8h7ylPNv6J-2B9eUm1HbXjO5TPpDnC72d6uXL-2FYnxisM0XFZWHUNItMbjSeRjjTYI7q4BVgCzt0GZHBgJMQtizeDXQdQGqSMMXZRWSo85Ctm6BRvfmhAs1oHjx9RYiDs6fT-2Bu5uZaiBn4dpMm-2Ftki97drJUQvZv1kkKsIK0ns10k0eQqN3mh8w96ixEQnEgmsiaSiHU4Hu9LXQ-2BoRQDl8ykvZHGmXFrh9Lm4BRpbjm646LZMXgqe0dLWc1VnLmJzrbKuB5z793OKFErd7Q26l2teNdCZUfu0r-2FJw78PAvf7yc-3D HTTP 302
https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

en Show response
user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/
Redirect Chain

https://lnk.worktrips.com/ls/click?upn=u001.u-2FgYlCpAY4f69YjQIpsLwQZ8cOoyhAo8bYa0b1z1DCS52Az2VoSmMAdL4prU9SwPIk3zIsPnpbiV1ocs43-2F0OUqANn2KBLABnkNDmlmynUSC8NSYTYp5FubLQEAJow7Orzjr4usvgk9bUwQGf1Xqq...
https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

5 KB
2 KB

96ms
65ms

Document
text/html

13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

64bc6706213b9a838c955f0a4bcd2c9c22600eead3e97baa681f2822d3c2c9b0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=3600 public, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 06:39:42 GMT
expires: Tue, 16 Apr 2024 07:39:42 GMT
request-context: appId=cid-v1:
server: nginx
x-frame-options: DENY
x-powered-by: Hotailors TEAM

Redirect headers

content-length: 186
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 06:39:42 GMT
location: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
server: nginx/1.25.2
x-robots-tag: noindex, nofollow

GET
H2 200 worktrips.svg
user.worktrips.com/assets/images/ 4 KB
4 KB 142ms
141ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/images/worktrips.svg

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

808c1fb47655ada7e4eb808cd4c7117df6eea04fe0f3f8e607216888e4c1be41

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:42 GMT
date: Tue, 16 Apr 2024 06:39:42 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 runtime.8f30e77cc1db1f12.js Show response
user.worktrips.com/ 3 KB
2 KB 150ms
149ms Script
application/javascript 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/runtime.8f30e77cc1db1f12.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

3ae2984c18af85f4b986229b907cc17e00255891aea7593ee1a86f9ad72b6e90

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:42 GMT
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 polyfills.aea84085a7a6328f.js Show response
user.worktrips.com/ 33 KB
13 KB 184ms
183ms Script
application/javascript 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/polyfills.aea84085a7a6328f.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

d65c0df103745e88f04ac21d2b57c4fb2ce3265c7fa21240b44305270b824e10

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:42 GMT
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 main.86c2dfa0b6d78ddd.js Show response
user.worktrips.com/ 1 MB
402 KB 185ms
184ms Script
application/javascript 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/main.86c2dfa0b6d78ddd.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

621aae9047ea052cbc86657d0049ff9224bf64785c4550355a69de5508274b2f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:42 GMT
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 splash-screen.css
user.worktrips.com/assets/styles/ 2 KB
628 B 130ms
129ms Stylesheet
text/css 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/assets/styles/splash-screen.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

e6017b4a7720c7b120ab2d1c8583425251ba654b7dcb46c78e3859342aa3450b

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:42 GMT
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 89ms
32ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:300,400,500,600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b90a0138acbc792fd830b8c211807bb64f0b98ad56fc4e552b7401dfd1dc005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 06:39:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Apr 2024 06:39:42 GMT

GET
H2 200 styles.8a681401c60237e4.css
user.worktrips.com/ 161 KB
27 KB 152ms
152ms Stylesheet
text/css 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/styles.8a681401c60237e4.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

327eb101c16ec0f8c0c4031de0a5b157bd5f846562d76818ff36684a0d3ec285

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:42 GMT
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 en.json
user.worktrips.com/assets/i18n/ 250 KB
250 KB 81ms
80ms XHR
application/json 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/assets/i18n/en.json

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/polyfills.aea84085a7a6328f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/json; charset=utf-8
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET random
api.unsplash.com/photos/ 0
0

GET
H2

200

Primary Request en Show response
user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/
Redirect Chain

https://login.worktrips.com/realms/worktrips/protocol/openid-connect/auth?client_id=auth&redirect_uri=https%3A%2F%2Fuser.worktrips.com%2Factivate%2FbWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%253D%253D%...
https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

5 KB
2 KB

72ms
72ms

Document
text/html

13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/main.86c2dfa0b6d78ddd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

64bc6706213b9a838c955f0a4bcd2c9c22600eead3e97baa681f2822d3c2c9b0

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=3600 public, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 06:39:43 GMT
expires: Tue, 16 Apr 2024 07:39:43 GMT
request-context: appId=cid-v1:
server: nginx
x-frame-options: DENY
x-powered-by: Hotailors TEAM

Redirect headers

Cache-Control: no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 16 Apr 2024 06:39:43 GMT
Location: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en#error=login_required&state=fe13704e-6069-46d2-b9d2-9fbdaa0a53b7
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: Hotailors TEAM
X-XSS-Protection: 1; mode=block 1; mode=block

GET
H2 200 house-outline.svg
user.worktrips.com/assets/icons/ 610 B
647 B 162ms
160ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/icons/house-outline.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 building.svg
user.worktrips.com/assets/icons/ 1011 B
1 KB 173ms
172ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/icons/building.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 residential-block.svg
user.worktrips.com/assets/icons/ 856 B
893 B 163ms
162ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/icons/residential-block.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 location_city.svg
user.worktrips.com/assets/icons/ 322 B
359 B 166ms
165ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/icons/location_city.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 apartment.svg
user.worktrips.com/assets/icons/ 437 B
474 B 173ms
172ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/icons/apartment.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 worktrips.svg
user.worktrips.com/assets/images/ 4 KB
0 142ms
141ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/images/worktrips.svg

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

808c1fb47655ada7e4eb808cd4c7117df6eea04fe0f3f8e607216888e4c1be41

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:
date: Tue, 16 Apr 2024 06:39:42 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
expires: Tue, 16 Apr 2024 07:39:42 GMT

GET
H2 200 runtime.8f30e77cc1db1f12.js Show response
user.worktrips.com/ 3 KB
0 150ms
149ms Script
application/javascript 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/runtime.8f30e77cc1db1f12.js

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

3ae2984c18af85f4b986229b907cc17e00255891aea7593ee1a86f9ad72b6e90

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, no-transform
expires: Tue, 16 Apr 2024 07:39:42 GMT

GET
H2 200 polyfills.aea84085a7a6328f.js Show response
user.worktrips.com/ 33 KB
0 184ms
183ms Script
application/javascript 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/polyfills.aea84085a7a6328f.js

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

d65c0df103745e88f04ac21d2b57c4fb2ce3265c7fa21240b44305270b824e10

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, no-transform
expires: Tue, 16 Apr 2024 07:39:42 GMT

GET
H2 200 main.86c2dfa0b6d78ddd.js Show response
user.worktrips.com/ 1 MB
0 185ms
184ms Script
application/javascript 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/main.86c2dfa0b6d78ddd.js

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

621aae9047ea052cbc86657d0049ff9224bf64785c4550355a69de5508274b2f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, no-transform
expires: Tue, 16 Apr 2024 07:39:42 GMT

GET
H2 200 splash-screen.css
user.worktrips.com/assets/styles/ 2 KB
0 130ms
129ms Stylesheet
text/css 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/assets/styles/splash-screen.css

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

e6017b4a7720c7b120ab2d1c8583425251ba654b7dcb46c78e3859342aa3450b

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: max-age=3600, public, no-transform
expires: Tue, 16 Apr 2024 07:39:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
0 89ms
32ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:300,400,500,600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b90a0138acbc792fd830b8c211807bb64f0b98ad56fc4e552b7401dfd1dc005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 06:39:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Apr 2024 06:39:42 GMT

GET
H2 200 styles.8a681401c60237e4.css
user.worktrips.com/ 161 KB
0 152ms
152ms Stylesheet
text/css 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/styles.8a681401c60237e4.css

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

327eb101c16ec0f8c0c4031de0a5b157bd5f846562d76818ff36684a0d3ec285

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:
date: Tue, 16 Apr 2024 06:39:42 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: text/css; charset=utf-8
cache-control: max-age=3600, public, no-transform
expires: Tue, 16 Apr 2024 07:39:42 GMT

GET
H2 200 en.json Show response
user.worktrips.com/assets/i18n/ 250 KB
0 0ms
0ms XHR
application/json 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/assets/i18n/en.json

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/polyfills.aea84085a7a6328f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

1daa2f730b1d26e2178a94766c3238f655be0158e9a8dad405c43e3ec4717fd3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/json; charset=utf-8
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 house-outline.svg
user.worktrips.com/assets/icons/ 610 B
0 162ms
160ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/icons/house-outline.svg

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/main.86c2dfa0b6d78ddd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

b07bb5989472a103791138ae3a68ae7d6a3379058b56529a9f85a65007736bf8

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
expires: Tue, 16 Apr 2024 07:39:43 GMT

GET
H2 200 building.svg
user.worktrips.com/assets/icons/ 1011 B
0 173ms
172ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/icons/building.svg

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/main.86c2dfa0b6d78ddd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

363c1f3e9847981e387c8e5e7b7c1e015cc125fce7ee36186b97ee79f5bd2ad3

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
expires: Tue, 16 Apr 2024 07:39:43 GMT

GET
H2 200 location_city.svg
user.worktrips.com/assets/icons/ 322 B
0 166ms
165ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/icons/location_city.svg

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/main.86c2dfa0b6d78ddd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

23ba487d94232795f9c771809e0879c7a99afa21cd251beddff25ef514f2634e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
expires: Tue, 16 Apr 2024 07:39:43 GMT

GET
H2 200 apartment.svg
user.worktrips.com/assets/icons/ 437 B
0 173ms
172ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/icons/apartment.svg

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/main.86c2dfa0b6d78ddd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

dc427b24a52109a74717932b27c6a14bdf819bbf785b7d913a236c6993db344d

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

request-context: appId=cid-v1:
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
expires: Tue, 16 Apr 2024 07:39:43 GMT

GET
H2 200 random Show response
api.unsplash.com/photos/ 55 KB
8 KB 165ms
165ms XHR
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.unsplash.com/photos/random?client_id=nKP65JXmnIx3xI50Rxy4nN7_4z0F1w04uVxeFFpkfJk&query=travel&orientation=landscape

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/polyfills.aea84085a7a6328f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy / hero-app

Resource Hash

0ee0d7b1eca8c5e6c2ae130cef8d8dcab9a4f70eac400e11ed7f2eb9389b0b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://user.worktrips.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 23e942830f1b13b409ec4f6301f6e4db05fc3150
strict-transport-security: max-age=63072000; includeSubDomains
access-control-request-method: *
content-encoding: br
date: Tue, 16 Apr 2024 06:39:43 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
x-powered-by: hero-app
x-cache: MISS, MISS
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713249583&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=RZK0Vurp3%2FNunEDN899vSsCiC%2Fn4pmPExpR5uh%2FL%2BHQ%3D
x-request-id: eada56b5-a5bc-442a-81b0-ca1a7414bb46
x-served-by: cache-iad-kcgs7200092-IAD, cache-ams21056-AMS
x-runtime: 0.053948
server: Cowboy
x-timer: S1713249583.298900,VS0,VE149
etag: W/"0ee0d7b1eca8c5e6c2ae130cef8d8dca"
vary: Accept-Encoding,Authorization,Accept-Language,Accept
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713249583&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&s=RZK0Vurp3%2FNunEDN899vSsCiC%2Fn4pmPExpR5uh%2FL%2BHQ%3D"}]}
x-unsplash-version: v1
access-control-expose-headers: Link,X-Total,X-Per-Page,X-RateLimit-Limit,X-RateLimit-Remaining
cache-control: private,max-age=0,stale-if-error=3600,stale-while-revalidate=0
content-type: application/json
x-ratelimit-limit: 50
content-language: en
accept-ranges: bytes
access-control-allow-headers: *
x-ratelimit-remaining: 36
x-cache-hits: 0, 0

GET
H2 200 residential-block.svg
user.worktrips.com/assets/icons/ 856 B
0 0ms
0ms Image
image/svg+xml 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://user.worktrips.com/assets/icons/residential-block.svg

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/svg+xml
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 sygnet.png
user.worktrips.com/assets/images/ 5 KB
5 KB 62ms
61ms Other
image/png 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/assets/images/sygnet.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

34796ccd095271836245265bad87bfbfac2a3c380d6527db37249c70ad776fbf

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/png
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 572b2e25-4cc1-49db-ad11-a02bf7e8354d Show response
widget.usersnap.com/load/ 9 KB
4 KB 92ms
38ms Script
application/javascript 52.57.182.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.usersnap.com/load/572b2e25-4cc1-49db-ad11-a02bf7e8354d?onload=onUsersnapLoad

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/main.86c2dfa0b6d78ddd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.182.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-182-108.eu-central-1.compute.amazonaws.com

Software

Resource Hash

8c05ddf22567afcd1c1e7425e411cebf661688b1e3d186d46447cbe99ef9c7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:39:43 GMT
strict-transport-security: max-age=31536000
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=10
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ Frame 6516 10 KB
5 KB 74ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/main.86c2dfa0b6d78ddd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:39:43 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: CYEYQJYMT4QZ3T8W
age: 17
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: w9Ykh+WtFixOrLFiNzGhpYHZOwk6DKoyxfhtDfVQkoErmToTSi1OHWtlNSPdHtDc+O/3ZoaZyAk=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BqgJ2y8XKqBgglNFHhunyFJGNN4oyWXZR2nlY4yeumUsBoAuXpPpr1exZd0tpMdnASRhpoI7fQmRDUHYgzYpORCmeJXmgLZCS4AXGm0lhN1WXpNdRsn9Mqq22WZrhYId%2BT30l4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 87522e090c517745-AMS
access-control-allow-headers: *

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 74ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:300,400,500,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 17:14:11 GMT
x-content-type-options: nosniff
age: 48332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Apr 2025 17:14:11 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v141/ 126 KB
126 KB 101ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v141/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:16:07 GMT
x-content-type-options: nosniff
age: 19416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128616
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:13:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Apr 2025 01:16:07 GMT

GET
H2 200 common.c1431022f6177500.js Show response
user.worktrips.com/ 20 KB
4 KB 64ms
64ms Script
application/javascript 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/common.c1431022f6177500.js

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/runtime.8f30e77cc1db1f12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

8c8dcd85e824325a40743c4e57d41d68b4ff13b5c87c43a0cbda19103de2531e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 443.c7f981fd66f6de63.js Show response
user.worktrips.com/ 3 KB
1 KB 69ms
69ms Script
application/javascript 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/443.c7f981fd66f6de63.js

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/runtime.8f30e77cc1db1f12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

6ef638f1a89babae9d903c70e5992727f8ae4438596c8c4067351c3b8aac37cb

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 hotailors.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame 6516 836 B
1 KB 643ms
606ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/hotailors.zendesk.com

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

240d7b1a69b66850cac5031ad9a44fd370da10a35bf6a5eb95da0e2678235de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:39:44 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 872abb267ae87d9e-SEA, 872abb267ae87d9e-SEA
x-runtime: 0.011318
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"240d7b1a69b66850cac5031ad9a44fd3"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFcpPD457ZJf0yaHB%2BbwdkLKkK17fzy2kTeFe6ktmyQ1uI6%2Br3Si2PgVdD38zAlskm9gj1PwZXkNQKNWViynqIv0VjkuoI9p8jUsmzaEMBkZrb7O4KwPScCZjM1A0C09ZVI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 87522e098dd2b7a0-AMS

GET
H2 200 31accd6592c60440a8aa.js Show response
resources.usersnap.com/widget-assets/js/entries/setup/ Frame 5BB8 647 KB
139 KB 110ms
32ms Script
text/javascript 18.173.187.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.usersnap.com/widget-assets/js/entries/setup/31accd6592c60440a8aa.js
Requested by: Host: widget.usersnap.com
URL: https://widget.usersnap.com/load/572b2e25-4cc1-49db-ad11-a02bf7e8354d?onload=onUsersnapLoad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-79.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9acedd5993a3f757813fce0258dd0409352d00ad389a1c389e3a2a0d8ce93307

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 14:52:49 GMT
content-encoding: br
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Apr 2024 14:41:00 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 402415
etag: W/"cc02989fe454d978c883f8d32a104804"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
x-amz-cf-id: HDJJipEB4S2ZXT9QaKNJrLPqenHYnFbiuy8FFtvG_NktVCpxCg-hiA==

GET
H2 200 521.b15578f494ad3c40.js Show response
user.worktrips.com/ 2 KB
1 KB 58ms
57ms Script
application/javascript 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/521.b15578f494ad3c40.js

Requested by

Host: user.worktrips.com
URL: https://user.worktrips.com/runtime.8f30e77cc1db1f12.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

73b020636dfaadcd76f319f45adef6410ef56d7807c27a23b32cb0cdce8aca31

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ==/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Origin: https://user.worktrips.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
content-encoding: gzip
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 photo-1507525428034-b723cf961d3e
images.unsplash.com/ 290 KB
290 KB 215ms
175ms Image
image/jpeg 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1507525428034-b723cf961d3e?ixid=M3wzMzEzMjR8MHwxfHJhbmRvbXx8fHx8fHx8fDE3MTMyNDk1ODN8&ixlib=rb-4.0.3&w=1920&q=80

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

325d719026117a46475ea4bf7d549cc01aa21851cd190fed073cd798612f4339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:39:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Apr 2024 13:22:13 GMT
server: Google Frontend
age: 667050
x-cache: HIT, MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: 6c8ac1203e1694202dc7a4ef70e6ed78498ca927
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 296990
x-served-by: cache-sjc10043-SJC, cache-ams21061-AMS

GET
H2 200 sygnet.png
user.worktrips.com/assets/images/ 5 KB
0 0ms
0ms Other
image/png 13.69.68.43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://user.worktrips.com/assets/images/sygnet.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.43 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx / Hotailors TEAM

Resource Hash

34796ccd095271836245265bad87bfbfac2a3c380d6527db37249c70ad776fbf

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://user.worktrips.com/activate/bWljaGFsLmt1bGluc2tpQGNvbGxpZXJzLmNvbQ%3D%3D/2568/pc2568d1eb331f-3986-4a12-999e-2d3c33ad581c67ca47c5f3fc9ac1dfce10ea8204e568/en
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Tue, 16 Apr 2024 07:39:43 GMT
date: Tue, 16 Apr 2024 06:39:43 GMT
server: nginx
x-powered-by: Hotailors TEAM
x-frame-options: DENY
content-type: image/png
cache-control: max-age=3600, public, no-transform
request-context: appId=cid-v1:

GET
H2 200 web-widget-main-7bc1c0f.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 6D2F 969 KB
277 KB 28ms
27ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4ac95d1ab40c0d78d98acf1da862b901ce896b43f738c7b1731c986a612bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:39:44 GMT
x-amz-version-id: _IYDenNVju8wHXIpAa8FJzBqmTlghdyK
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 64S1GV9HNQKB0DVA
age: 59
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ldH41+NY0+fYAgvbqFIJmvudIE2j/SxzaKSwKqxB3P/vSWpJ08HqoFV2mSP6KWgMbK8lgvcvTvmD4moNqUmffw==
last-modified: Mon, 08 Apr 2024 13:46:13 GMT
server: cloudflare
etag: W/"3784cf5e1ddd3a68e335f3bb4a5e2fcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1EKKdvUKMt0Wefvvcia2xqB6TwxiU9E88TNk8Ojti58BM7QZxGGJqmJ9hSt0SmqAf88mKxHVPp1EDkqvlHrv7%2BqTxXC01Qxd0KxJekjtv4AqAbYHO8FPZFB4GIG0ubIjsb5PJdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 87522e0d68d27745-AMS
access-control-allow-headers: *
expires: Tue, 08 Apr 2025 13:46:12 GMT

GET
H2 200 en-us-json-7bc1c0f.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 6D2F 25 KB
6 KB 32ms
32ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-7bc1c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:39:44 GMT
x-amz-version-id: LLNIVxZ_bojnmbOmqAvI_43_VNrKfel_
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DKWT4SJ3NP0VX855
age: 413675
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: W9B1SBtAeKjZ8kR3+2GgpY7yqrRwEUd74ifS+fdKkR32Prbx0bEwMeNV6dGVRlF6Cg02ybWPMLk=
last-modified: Mon, 08 Apr 2024 13:46:15 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ABqYcBl2rj47J6xa1ZiyfpPhIoLvSjdqRFvCF3L%2BFbkB7v9GTJGSgVCGKH4U%2FoULEnGxRulvZAU0Z2AxmR97LAu%2FaKwD5P2jZEa%2FGE1tVxYE1zvK0K7d1IrejbJjQgnyb1%2BjbeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 87522e0e6a1d7745-AMS
access-control-allow-headers: *
expires: Tue, 08 Apr 2025 13:46:13 GMT

GET
H2 200 config Show response
hotailors.zendesk.com/embeddable/ Frame 6D2F 491 B
1 KB 117ms
63ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotailors.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0d736a641f1cfa763309f3ae9356d91c90489b20fa6a43fae75f341157f950c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:39:44 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5cb97d8d79-j5k4r
x-cached: MISS
x-runtime: 0.001702
last-modified: Tue, 16 Apr 2024 06:37:45 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gZ3ZCHVVeCdOtACmA1KmchRqr75icgYO%2B%2BxOV5CA1qK0ZJNN1fwGUqRyOeACPLUiKryEQkQIYXFVAGpwVVduYmDKugjW0UFJt9pCxPwpmAtNTwd0xEafhxByxYxKh%2BCnQUHZwvaaw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 87522e0ecb379f8d-AMS

GET
H2 200 web-widget-chat-sdk-7bc1c0f.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 6D2F 202 KB
51 KB 32ms
32ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-7bc1c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:39:44 GMT
x-amz-version-id: PnwdCuJviouphoOKkGhIayUUaC4tYXWL
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 7P01XWB44YSSFFP5
age: 413675
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: XxQ8S/lBv1OtyK14Vkg8IAF2w1ME0kGwFoL/pkM7jEvNEGJZFHeFeFmAEaVODwS7Try+N51fJGM=
last-modified: Mon, 08 Apr 2024 13:46:13 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=McEnv9azy4v0gkwiDz5C0WW5yBgrx1Q6ttrcVxFELQ3%2BGmRjJQWs4uwFwf3LmP%2FwbEmxm%2FvgdqFFC%2B1DiintLFEZxhHYTpn4LDOujHEMbOse5%2F1zzQEjgOEka8K4erTbYQlZ9qQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 87522e0eba777745-AMS
access-control-allow-headers: *
expires: Tue, 08 Apr 2025 13:46:12 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-7bc1c0f.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 6D2F 236 B
646 B 27ms
27ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-7bc1c0f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-7bc1c0f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:39:44 GMT
x-amz-version-id: Lm_gk05VN5DG3iiQELVQYeeCHNOGOA_r
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: XFADR46K4TGX035H
age: 413674
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: R3PecKyMJCGDs4JT2rQH8kobx+xe4PmFL3bhxKf2ufYIH8AcJNe/MKDfH2LJ2tMd1M/EVwVYdpk=
last-modified: Mon, 08 Apr 2024 13:46:13 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sC%2FK%2BbmpZfitSadUNgXIqTZnxKvQNowEsKb870yVTkF3p%2FjDcAF3deQ9OFp1rtDeWO2TnVhftGohcf%2Fqz4MmW7GNOa%2FUeSycmkH6xiOPvjkudNaRcKG30IjvcYoHbavpAWKkWKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 87522e119d397745-AMS
access-control-allow-headers: *
expires: Tue, 08 Apr 2025 13:46:12 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 6D2F 19 KB
20 KB 30ms
29ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:39:44 GMT
x-amz-version-id: Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KH5VE2Z70ZGQ75A2
age: 2643616
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified: Wed, 29 Nov 2023 08:06:43 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Egwar4x0GhGUGI7HpQTLf0A6uehtdQkPr0EWxo0wKbOcGdPrwt5yYMULsWvzydTbdQI5Kz8nFQd0VbuG3X9qysI%2Bnos1czQogqN4EJpB3%2FR2urjvegxAKN5FITBGvvgTm3pO%2FqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 87522e120db67745-AMS
access-control-allow-headers: *
expires: Thu, 28 Nov 2024 08:06:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.unsplash.com
URL: https://api.unsplash.com/photos/random?client_id=nKP65JXmnIx3xI50Rxy4nN7_4z0F1w04uVxeFFpkfJk&query=travel&orientation=landscape

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.worktrips.com/realms/worktrips/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 84d749b3-d3b8-4417-8663-03f2e0dd93ff.a3a1125ebe27-64666
login.worktrips.com/realms/worktrips/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 84d749b3-d3b8-4417-8663-03f2e0dd93ff.a3a1125ebe27-64666
widget-mediator.zopim.com/	1970-01-20 20:04:14	Name: AWSALBCORS Value: /C+CqunwrstUnM7ta/LN3lV2+FRSdcPmbAKCQXCAOXCUb5ceROClMic+DQJCv9ZEwFd8iKqkzQX1eaaS+581OinNPGp9z9/DR66ghAxOyayopp45rjRIOmtxADv+
.worktrips.com/	1970-01-21 04:39:45	Name: __zlcmid Value: 1LJmeGrS202pqKp

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.unsplash.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
hotailors.zendesk.com
images.unsplash.com
lnk.worktrips.com
login.worktrips.com
resources.usersnap.com
static.zdassets.com
user.worktrips.com
widget.usersnap.com
api.unsplash.com
104.16.51.111
104.18.70.113
13.69.68.43
151.101.1.181
18.173.187.79
20.107.115.173
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a04:4e42:600::720
52.57.182.108
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
0b90a0138acbc792fd830b8c211807bb64f0b98ad56fc4e552b7401dfd1dc005
0ee0d7b1eca8c5e6c2ae130cef8d8dcab9a4f70eac400e11ed7f2eb9389b0b25
1daa2f730b1d26e2178a94766c3238f655be0158e9a8dad405c43e3ec4717fd3
23ba487d94232795f9c771809e0879c7a99afa21cd251beddff25ef514f2634e
240d7b1a69b66850cac5031ad9a44fd370da10a35bf6a5eb95da0e2678235de5
325d719026117a46475ea4bf7d549cc01aa21851cd190fed073cd798612f4339
327eb101c16ec0f8c0c4031de0a5b157bd5f846562d76818ff36684a0d3ec285
34796ccd095271836245265bad87bfbfac2a3c380d6527db37249c70ad776fbf
363c1f3e9847981e387c8e5e7b7c1e015cc125fce7ee36186b97ee79f5bd2ad3
3ae2984c18af85f4b986229b907cc17e00255891aea7593ee1a86f9ad72b6e90
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b
621aae9047ea052cbc86657d0049ff9224bf64785c4550355a69de5508274b2f
64bc6706213b9a838c955f0a4bcd2c9c22600eead3e97baa681f2822d3c2c9b0
6ef638f1a89babae9d903c70e5992727f8ae4438596c8c4067351c3b8aac37cb
73b020636dfaadcd76f319f45adef6410ef56d7807c27a23b32cb0cdce8aca31
7f4ac95d1ab40c0d78d98acf1da862b901ce896b43f738c7b1731c986a612bf4
808c1fb47655ada7e4eb808cd4c7117df6eea04fe0f3f8e607216888e4c1be41
8c05ddf22567afcd1c1e7425e411cebf661688b1e3d186d46447cbe99ef9c7fe
8c8dcd85e824325a40743c4e57d41d68b4ff13b5c87c43a0cbda19103de2531e
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
9acedd5993a3f757813fce0258dd0409352d00ad389a1c389e3a2a0d8ce93307
a0d736a641f1cfa763309f3ae9356d91c90489b20fa6a43fae75f341157f950c
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
b07bb5989472a103791138ae3a68ae7d6a3379058b56529a9f85a65007736bf8
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d65c0df103745e88f04ac21d2b57c4fb2ce3265c7fa21240b44305270b824e10
dc427b24a52109a74717932b27c6a14bdf819bbf785b7d913a236c6993db344d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6017b4a7720c7b120ab2d1c8583425251ba654b7dcb46c78e3859342aa3450b

user.worktrips.com Open in urlscan Pro 13.69.68.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

48 Requests

98 %HTTPS

30 %IPv6

7 Domains

12 Subdomains

10 IPs

4 Countries

1687 kBTransfer

6021 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

user.worktrips.com Open in urlscan Pro
13.69.68.43 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

30 %
IPv6

7
Domains

12
Subdomains

10
IPs

4
Countries

1687 kB
Transfer

6021 kB
Size

4
Cookies

48 HTTP transactions
0 data transactions