www.bus.com Open in urlscan Pro
2606:4700:10::6816:ba4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.jupitermachinetools.shreevardhaman.bus.com/
Effective URL:
https://www.bus.com/tickets/
Submission Tags: krdtest
Submission: On May 15 via api (May 15th 2021, 1:17:40 pm UTC) from JP

Summary HTTP 58 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 16 domains to perform 58 HTTP transactions. The main IP is 2606:4700:10::6816:ba4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bus.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 5th 2021. Valid for: a year.

This is the only time www.bus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.224.27.210 54.224.27.210	14618 (AMAZON-AES) (AMAZON-AES)
2 20	2606:4700:10:... 2606:4700:10::6816:ba4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	13.32.6.90 13.32.6.90	16509 (AMAZON-02) (AMAZON-02)
1	99.86.244.81 99.86.244.81	16509 (AMAZON-02) (AMAZON-02)
2	52.217.32.28 52.217.32.28	16509 (AMAZON-02) (AMAZON-02)
2	52.37.21.144 52.37.21.144	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.174.151.106 35.174.151.106	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	35.186.241.51 35.186.241.51	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
58	21

1 54.224.27.210 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-27-210.compute-1.amazonaws.com

www.jupitermachinetools.shreevardhaman.bus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:10::6816:ba4 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.bus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assetsw.bus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.bus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.6.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-6-90.vie50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.244.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-244-81.vie50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.32.28 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

funcss.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.37.21.144 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-21-144.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.174.151.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-4-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	bus.com 3 redirects www.jupitermachinetools.shreevardhaman.bus.com www.bus.com assetsw.bus.com go.bus.com	476 KB
5	trustpilot.com widget.trustpilot.com	39 KB
4	google.de ampcid.google.de www.google.de	697 B
4	google.com 1 redirects ampcid.google.com www.google.com	728 B
4	bing.com bat.bing.com	9 KB
4	google-analytics.com www.google-analytics.com	20 KB
3	facebook.com www.facebook.com	352 B
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
3	facebook.net connect.facebook.net	101 KB
2	mixpanel.com api-js.mixpanel.com	411 B
2	pardot.com pi.pardot.com	4 KB
2	googleadservices.com www.googleadservices.com	15 KB
2	segment.io api.segment.io	277 B
2	amazonaws.com funcss.s3.amazonaws.com	36 KB
1	mxpnl.com cdn.mxpnl.com	25 KB
1	segment.com cdn.segment.com	70 KB
58	16

	Domain	Requested by
18	www.bus.com	2 redirects www.bus.com
5	widget.trustpilot.com	www.bus.com widget.trustpilot.com
4	bat.bing.com	cdn.segment.com bat.bing.com
4	www.google-analytics.com	cdn.segment.com www.google-analytics.com
3	www.facebook.com	connect.facebook.net
3	www.google.de
3	www.google.com	1 redirects
3	connect.facebook.net	cdn.segment.com connect.facebook.net
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	api-js.mixpanel.com	cdn.mxpnl.com
2	pi.pardot.com	cdn.segment.com pi.pardot.com
2	www.googleadservices.com	cdn.segment.com www.googleadservices.com
2	api.segment.io	cdn.segment.com
2	funcss.s3.amazonaws.com	www.bus.com
1	go.bus.com	pi.pardot.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	cdn.mxpnl.com	cdn.segment.com
1	cdn.segment.com	www.bus.com
1	assetsw.bus.com	www.bus.com
1	www.jupitermachinetools.shreevardhaman.bus.com	1 redirects
58	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-05` - `2022-05-04`	a year	crt.sh
*.trustpilot.com Amazon	`2021-04-03` - `2022-05-02`	a year	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2020-12-05` - `2021-12-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.bus.com/tickets/
Frame ID: 4CC67D4620AABE39F9842D86C7181ECB
Requests: 54 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c6adc001575a50001b6a1b8
Frame ID: A34A83C38F37991B8FCBCC55C4F52675
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.jupitermachinetools.shreevardhaman.bus.com/ HTTP 301
http://www.bus.com/tickets/www.jupitermachinetools.shreevardhaman/ HTTP 301
https://www.bus.com/tickets/www.jupitermachinetools.shreevardhaman/ HTTP 302
https://www.bus.com/tickets/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

58
Requests

100 %
HTTPS

64 %
IPv6

16
Domains

22
Subdomains

21
IPs

3
Countries

798 kB
Transfer

2025 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/buscomhq/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/buscom/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/buscomhq/
Title: instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.jupitermachinetools.shreevardhaman.bus.com/ HTTP 301
http://www.bus.com/tickets/www.jupitermachinetools.shreevardhaman/ HTTP 301
https://www.bus.com/tickets/www.jupitermachinetools.shreevardhaman/ HTTP 302
https://www.bus.com/tickets/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902365392/?random=1978294225&cv=9&fst=1621084638620&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&tiba=Tickets%20%7C%20Bus.com&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=3smfYJLdJ5aqx_APpfiA4As&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/902365392/?random=1978294225&cv=9&fst=1621084638620&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&tiba=Tickets%20%7C%20Bus.com&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3smfYJLdJ5aqx_APpfiA4As&cid=CAQSKQCNIrLMrbzWMaQDNSjYQtnQcHngwDpmw2FZn4IbuelXTZaDVruwKNJK&random=1975490872&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/902365392/?random=1978294225&cv=9&fst=1621084638620&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&tiba=Tickets%20%7C%20Bus.com&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3smfYJLdJ5aqx_APpfiA4As&cid=CAQSKQCNIrLMrbzWMaQDNSjYQtnQcHngwDpmw2FZn4IbuelXTZaDVruwKNJK&random=1975490872&resp=GooglemKTybQhCsO&ipr=y

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3-29

200

Primary Request / Show response
www.bus.com/tickets/
Redirect Chain

https://www.jupitermachinetools.shreevardhaman.bus.com/
http://www.bus.com/tickets/www.jupitermachinetools.shreevardhaman/
https://www.bus.com/tickets/www.jupitermachinetools.shreevardhaman/
https://www.bus.com/tickets/

66 KB
14 KB

2023ms
1999ms

Document
text/html

2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b4d0739a904196621a9dbdf98660f299bc4fb24de1478d616af4f30063e7c34

Request headers

:method: GET
:authority: www.bus.com
:scheme: https
:path: /tickets/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
content-type: text/html; charset=UTF-8
cf-ray: 64fca5391cc84d84-FRA
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://www.bus.com/wp-json/>; rel="https://api.w.org/", <https://www.bus.com/wp-json/wp/v2/pages/13176>; rel="alternate"; type="application/json", <https://www.bus.com/?p=13176>; rel=shortlink
vary: Accept-Encoding
via: 1.1 vegur, 1.1 vegur
cf-cache-status: BYPASS
cf-apo-via: origin,page-rules
cf-edge-cache: cache,platform=wordpress
cf-request-id: 0a11c597b000004d849a204000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
server: cloudflare
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 15 May 2021 13:17:15 GMT
content-type: text/html; charset=UTF-8
location: /tickets/
cf-ray: 64fca5341be44eda-FRA
cache-control: no-cache, must-revalidate, max-age=0
expires: Wed, 11 Jan 1984 05:00:00 GMT
set-cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9; path=/
via: 1.1 vegur, 1.1 vegur
cf-cache-status: BYPASS
cf-apo-via: origin,page-rules
cf-edge-cache: cache,platform=wordpress
cf-request-id: 0a11c5949100004edadf833000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-redirect-by: WordPress
vary: Accept-Encoding
server: cloudflare
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 tiny-slider.css
www.bus.com/content/themes/buscom/assets/css/ 2 KB
1 KB 18ms
16ms Stylesheet
text/css 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/css/tiny-slider.css?ver=5.7
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4507d50970318a455fa8460536804736196e51764583ddbc24e13cd4573b984

Request headers

:path: /content/themes/buscom/assets/css/tiny-slider.css?ver=5.7
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331170
cf-bgj: minify
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c59f8400004d84f0132000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: W/"6092dc58-7e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 64fca545aacc4d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 all.css
www.bus.com/content/themes/buscom/assets/css/ 236 KB
38 KB 42ms
40ms Stylesheet
text/css 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/css/all.css?ver=5.7
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99b90db99a8c21b5745d40bfc3c2d7ae5487e62c37bcf0ab29cbeab3c51a2dee

Request headers

:path: /content/themes/buscom/assets/css/all.css?ver=5.7
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331170
cf-polished: origSize=242062
cf-bgj: minify
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c59f8500004d84df024000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: W/"6092dc58-3b18e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 64fca545aace4d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 jquery.min.js Show response
www.bus.com/wp/wp-includes/js/jquery/ 87 KB
31 KB 513ms
511ms Script
application/javascript 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/wp/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c59f8500004d849d36c000000001
pragma: public
last-modified: Tue, 09 Mar 2021 20:18:09 GMT
server: cloudflare
etag: W/"6047d801-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 vegur
cache-control: max-age=315360000 public, must-revalidate, proxy-revalidate
cf-ray: 64fca545aad14d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 polyfill.min.js Show response
www.bus.com/content/themes/buscom/assets/js/lib/ 3 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/js/lib/polyfill.min.js?ver=5.7
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66a9e827146c7cffff75212032752172352dc9eca81efe3ff413eb9e008f73a

Request headers

:path: /content/themes/buscom/assets/js/lib/polyfill.min.js?ver=5.7
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 331169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c59f8500004d84d581f000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: W/"6092dc58-caf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 vegur
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 64fca545aad24d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 scripts.js Show response
www.bus.com/content/themes/buscom/assets/js/ 5 KB
2 KB 43ms
41ms Script
application/javascript 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/js/scripts.js?ver=5.7
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a2123240b31c6cf1dfcf5e4e202ce9f216d4a687bd339be5f80c65002580057

Request headers

:path: /content/themes/buscom/assets/js/scripts.js?ver=5.7
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331169
cf-polished: origSize=6821
cf-bgj: minify
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c59f8600004d8487064000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: W/"6092dc58-1aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 64fca545aad54d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Tickets-Charter-Bus-Rentals-compressor.jpg
assetsw.bus.com/content/uploads/2020/02/13134318/ 74 KB
74 KB 144ms
135ms Image
image/jpeg 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetsw.bus.com/content/uploads/2020/02/13134318/Tickets-Charter-Bus-Rentals-compressor.jpg
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eb8ee46de4c34a6097de84f03db44468beedb2eefd0a4fef9429f864943f83a

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75619
cf-request-id: 0a11c5a02c00004eda71032000000001
last-modified: Thu, 13 Feb 2020 18:43:19 GMT
server: cloudflare
etag: "a9249395883e02c9527372af8f54f638"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 64fca546aae64eda-FRA
x-amz-cf-id: rnkCHKP_8rdrj7uDySpv1EFFYJBXgdiQUS19p0gLzSghMf0mQHRtqg==
expires: Fri, 12 Feb 2021 18:43:18 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 19ms
18ms Script
application/x-javascript 13.32.6.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.bus.com
URL: https://www.bus.com/tickets/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.6.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-6-90.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

497686ff9f639ad2f229371c721f48c11823bd1c81d76cbfbdecd1ad68279cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 22157
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Sat, 15 May 2021 07:08:01 GMT
content-length: 6857
x-xss-protection: 1; mode=block
last-modified: Mon, 10 May 2021 07:07:39 GMT
server: AmazonS3
etag: "c49c54cd9fab85665a9fb17dc4221423"
content-type: application/x-javascript
via: 1.1 015d563c1df00e18321ce956266180b1.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: OUYXFkQs4SDyI61OuE5xbnikCnfPu5NbLSBcyLEpK_6K4-pA5K1bmg==

GET
H3-29 200 Harriet-v2-Display-Bold.woff2
www.bus.com/content/themes/buscom/assets/fonts/ 81 KB
82 KB 28ms
26ms Font
font/woff2 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/fonts/Harriet-v2-Display-Bold.woff2
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc840df0e3045f443951577698fdbb34d9690bc618962e50797c9919ac0d5085

Request headers

sec-fetch-mode: cors
origin: https://www.bus.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
:path: /content/themes/buscom/assets/fonts/Harriet-v2-Display-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.bus.com
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 83220
cf-request-id: 0a11c59f8600004d8491b26000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: "6092dc58-14514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 64fca545aad74d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 inter-v3-latin-ext_latin_cyrillic-regular.woff2
www.bus.com/content/themes/buscom/assets/fonts/ 90 KB
91 KB 48ms
46ms Font
font/woff2 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/fonts/inter-v3-latin-ext_latin_cyrillic-regular.woff2
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 097abaee219ea809614f8424883fcd4f55f81b0b20d025f65b27f20d6426b0b2

Request headers

sec-fetch-mode: cors
origin: https://www.bus.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
:path: /content/themes/buscom/assets/fonts/inter-v3-latin-ext_latin_cyrillic-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.bus.com
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92536
cf-request-id: 0a11c59f8600004d849ea21000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: "6092dc58-16978"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 64fca545aad84d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 inter-v3-latin-ext_latin_cyrillic-600.woff2
www.bus.com/content/themes/buscom/assets/fonts/ 98 KB
99 KB 53ms
51ms Font
font/woff2 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/fonts/inter-v3-latin-ext_latin_cyrillic-600.woff2
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac761614c3119c30f022106c0a6778d618a0e144e6a8a8fa2e93b6a7a24770f

Request headers

sec-fetch-mode: cors
origin: https://www.bus.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
:path: /content/themes/buscom/assets/fonts/inter-v3-latin-ext_latin_cyrillic-600.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.bus.com
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 100812
cf-request-id: 0a11c59f8700004d848a839000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: "6092dc58-189cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 64fca545aad94d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 btm-style21.css
www.bus.com/content/themes/buscom/assets/css/ 24 KB
5 KB 18ms
18ms Stylesheet
text/css 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/css/btm-style21.css?ver=5.7
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3de92076f171c3436c521932f53a1386dc58f89e3241830ae2cd2110df882967

Request headers

:path: /content/themes/buscom/assets/css/btm-style21.css?ver=5.7
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331169
cf-polished: origSize=24521
cf-bgj: minify
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c59fc100004d8495857000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: W/"6092dc58-5fc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 64fca5460bbf4d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 scripts.min.js Show response
www.bus.com/content/themes/buscom/assets/js/build/ 47 KB
13 KB 15ms
14ms Script
application/javascript 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/js/build/scripts.min.js?ver=1620237400
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa7f0d1fb21dba56493262f4757e01107e3c23eac65f8b1e0573d4ad3db1514

Request headers

:path: /content/themes/buscom/assets/js/build/scripts.min.js?ver=1620237400
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 331169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c59fd400004d8471383000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: W/"6092dc58-bd3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 vegur
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 64fca5461c004d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 iframe-after.js Show response
www.bus.com/content/themes/buscom/assets/js/ 590 B
813 B 18ms
18ms Script
application/javascript 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/js/iframe-after.js?ver=1620237400
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 524f68664f4e16c2d8d036a4385a978113de32863511dd8f817bdc5af25757ae

Request headers

:path: /content/themes/buscom/assets/js/iframe-after.js?ver=1620237400
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331169
cf-polished: origSize=1011
cf-bgj: minify
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c5a0ce00004d849ea43000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: W/"6092dc58-3f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 64fca547afa44d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 tiny-slider.js Show response
www.bus.com/content/themes/buscom/assets/js/lib/ 64 KB
17 KB 21ms
21ms Script
application/javascript 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/js/lib/tiny-slider.js?ver=5.7
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba9068b79fde046800bacd8fe9710b523723a623011fd82697118971ea3c31e0

Request headers

:path: /content/themes/buscom/assets/js/lib/tiny-slider.js?ver=5.7
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331169
cf-polished: origSize=100576
cf-bgj: minify
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c59fe600004d84d09f9000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: W/"6092dc58-188e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 64fca5463c454d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 carousel.js Show response
www.bus.com/content/themes/buscom/assets/js/ 4 KB
2 KB 19ms
18ms Script
application/javascript 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/js/carousel.js?ver=5.7
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bad0cdf6f4895ca6233a40f5b0b04d9a058196d3d221bfe8bf9dca91ea968402

Request headers

:path: /content/themes/buscom/assets/js/carousel.js?ver=5.7
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331169
cf-polished: origSize=5452
cf-bgj: minify
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c59ffe00004d84bc1e4000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: W/"6092dc58-154c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 64fca5466cab4d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 intersection-observer.js Show response
www.bus.com/content/themes/buscom/assets/js/lib/ 7 KB
3 KB 16ms
16ms Script
application/javascript 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bus.com/content/themes/buscom/assets/js/lib/intersection-observer.js?ver=5.7
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e78bc207523f9df32fbcc5f072d9dbdc9cecd3c87a95281d4b066d92e1cf19

Request headers

:path: /content/themes/buscom/assets/js/lib/intersection-observer.js?ver=5.7
pragma: no-cache
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.bus.com/tickets/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 vegur, 1.1 vegur
cf-cache-status: HIT
age: 331169
cf-bgj: minify
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c5a01200004d84aabed000000001
pragma: public
last-modified: Wed, 05 May 2021 17:56:40 GMT
server: cloudflare
etag: W/"6092dc58-1a90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray: 64fca5468d0e4d84-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/g0lq2Ey2E186wDKsGrLgvZFAbEWEj6AL/ 413 KB
70 KB 715ms
674ms Script
text/javascript 99.86.244.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/g0lq2Ey2E186wDKsGrLgvZFAbEWEj6AL/analytics.min.js
Requested by: Host: www.bus.com
URL: https://www.bus.com/tickets/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.244.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-244-81.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42e7728a868159be517264ffffc3a7810178c93f273d938acbd59bbb0b76fef7

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Mwdb47Z.P5SkdEmEyXUmlJeVc_U_lfwp
content-encoding: br
etag: W/"944b83c7252c8dbffd9048f5864eab22"
x-amz-cf-pop: VIE50-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Sat, 15 May 2021 00:43:17 GMT
server: AmazonS3
date: Sat, 15 May 2021 13:17:19 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: Ko9gsMo0Sengool-yESN2jT7NvzkPhcjq5GlkxaOJdHMQRr-MVtuKg==

GET
H/1.1 200
OK 2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2
funcss.s3.amazonaws.com/fonts/ 16 KB
17 KB 476ms
149ms Font
binary/octet-stream 52.217.32.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://funcss.s3.amazonaws.com/fonts/2cd55546-ec00-4af9-aeca-4a3cd186da53.woff2
Requested by: Host: www.bus.com
URL: https://www.bus.com/content/themes/buscom/assets/css/all.css?ver=5.7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.32.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0

Request headers

Origin: https://www.bus.com
Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 15 May 2021 13:17:19 GMT
Last-Modified: Fri, 13 Sep 2019 16:20:26 GMT
Server: AmazonS3
x-amz-request-id: QFGTFZK0EGA8J1T7
ETag: "457e94a5b665614917d1dc45a13d97b8"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, must_revalidate, max-age=31557600
Accept-Ranges: bytes
Content-Length: 16560
x-amz-id-2: bym00p5F3/tAz+DqqsH1AuTpfQpf2dHUU0Ays5haxEiU/rVK57RdP+9E2envWmDMO08GinnGCJo=
Access-Control-Expose-Headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2

GET
H/1.1 200
OK aad99a1f-7917-4dd6-bbb5-b07cedbff64f.woff2
funcss.s3.amazonaws.com/fonts/ 18 KB
19 KB 471ms
140ms Font
binary/octet-stream 52.217.32.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://funcss.s3.amazonaws.com/fonts/aad99a1f-7917-4dd6-bbb5-b07cedbff64f.woff2
Requested by: Host: www.bus.com
URL: https://www.bus.com/content/themes/buscom/assets/css/all.css?ver=5.7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.32.28 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 546c5c4226870838e2f457b0150d341f718006137e306b2708d5c8b2bf663c57

Request headers

Origin: https://www.bus.com
Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 15 May 2021 13:17:19 GMT
Last-Modified: Fri, 13 Sep 2019 16:20:26 GMT
Server: AmazonS3
x-amz-request-id: QFGT334ZAJ6PJY8B
ETag: "d42bfc911f5d68722bc0e2bb0f0e46d3"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, must_revalidate, max-age=31557600
Accept-Ranges: bytes
Content-Length: 18564
x-amz-id-2: a5jMkfpAiEWwrTaXgg8n3UCk53aMOGQ/AwevWxc/bfEV5Rs/0MOzm+N16OP45BSSurAKcrmMODE=
Access-Control-Expose-Headers: x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame A34A 11 KB
3 KB 36ms
36ms Document
text/html 13.32.6.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c6adc001575a50001b6a1b8

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.6.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-6-90.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9954976480ba2c51272fb1279dce290f1abea3c68f26881f7a4ff34a81aef620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: widget.trustpilot.com
:scheme: https
:path: /trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c6adc001575a50001b6a1b8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.bus.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.bus.com/

Response headers

content-type: text/html
content-length: 2626
last-modified: Mon, 10 May 2021 10:00:59 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Sat, 15 May 2021 13:17:17 GMT
cache-control: max-age=86400
etag: "5c4d16cf6c4476b9433878c31ba70b3f"
x-cache: Hit from cloudfront
via: 1.1 015d563c1df00e18321ce956266180b1.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: GTgQUTDjnAGvq9hKQ4c9NPm3ZUvtKKPTQo21WdxfQvXfyTCgtQ5CBw==

GET
H3-29 401 current Show response
www.bus.com/api/v2/users/ 49 B
1 KB 517ms
516ms XHR
text/plain 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bus.com/api/v2/users/current

Requested by

Host: www.bus.com
URL: https://www.bus.com/wp/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9150fbd683b9c553d2881b9d1ea04168329e5a2cd999ce0ec99ee34b8eab678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: PHPSESSID=vrkecpq28cb1dgcm0dp8j6ca508hdbb9; pll_language=en
:path: /api/v2/users/current
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.bus.com
referer: https://www.bus.com/tickets/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.bus.com/tickets/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:18 GMT
content-encoding: gzip
vary: Origin,Accept-Encoding
cf-cache-status: BYPASS
cf-ray: 64fca54a6e814d84-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c5a28700004d84b93c5000000001
x-request-id: 3721a629-31f6-4045-ba9f-a454b4967567
x-runtime: 0.008914
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-language: en-US
via: 1.1 vegur, 1.1 vegur
cache-control: no-cache
cf-apo-via: origin,page-rules
set-cookie: _BusCom_session=Y243akh6OEdsVHBjUFg1YkxZaHZyTk85N2lTU1ZFNHZNVlhYWlg5R0kvUndtT0taOHB4Tm54b2JkdjJ4ZFJoUWNzWUhzdVJuS0xHbFEzVk5CRWwyNW52eEJXdlNDKzBjZFFSQXFMRkNISVhzYzhGUjAxR05CcUFTeFA3Nnh2blppWis4cmVhN01sQjBUWXJYWGN5TktTYkJ3Q1p6MnlFQ1A2K2lvOUVtM0taL0o0NGdFd3F3cEtVT0NJaEkzMXUvYytBRGdyNThReTAxMHlGbTBkSGVlN0NFMWl3RjJ5eExBcWp5UzhWdWVhbDNLQ25IM2pNZ0pKeER5VmVHdkROSCtSY1VSMmxseHlBTk5ZMUd0ZW83YjNQbHkwZ1BSWmZjTmdzbGlLYTBPN0tLS0RvYmRydVdMcy9tenJvVVhUSGFwYW0yMytsVnZIZ3gyaWxvNTRvZzArcGhRUjZkL1RhVTZHNHFTVmd6a2luWkdhdWtobmpraWRCaHpoaUhzNDREaFl0N2NIVTZyb0ZFbExicWxPSVN5UT09LS02MVZjcGdrQzM4Q2ZzdUFRUnE4UjBBPT0%3D--0d87b506cc403c2f02e531bd2171179cad73cb58; domain=.bus.com; path=/; expires=Sat, 22 May 2021 13:17:18 GMT; secure; HttpOnly
content-type: */*; charset=utf-8

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame A34A 90 KB
25 KB 20ms
19ms Script
application/x-javascript 13.32.6.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c6adc001575a50001b6a1b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.6.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-6-90.vie50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e7f92cd383880eb87b807ae32155b9107bb317f72bd700003b74fe01513e6ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c6adc001575a50001b6a1b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 11751
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Sat, 15 May 2021 10:01:26 GMT
content-length: 25258
x-xss-protection: 1; mode=block
last-modified: Mon, 10 May 2021 10:01:00 GMT
server: AmazonS3
etag: "6b76f8af1d2fc8a8f3776586d71a0082"
content-type: application/x-javascript
via: 1.1 015d563c1df00e18321ce956266180b1.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C2
accept-ranges: bytes
x-amz-cf-id: HdnthhbEDHF26-BCUmC6Pixq85U1bDciHycggmz1n059GOpOg53kpA==

GET
H2 200 53aa8912dec7e10d38f59f36 Show response
widget.trustpilot.com/trustbox-data/ Frame A34A 7 KB
3 KB 63ms
62ms XHR
application/json 13.32.6.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8912dec7e10d38f59f36?businessUnitId=5c6adc001575a50001b6a1b8&locale=en-US&reviewStars=4%2C5&includeReviews=true&reviewsPerPage=15

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.6.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-6-90.vie50.r.cloudfront.net

Software

Resource Hash

84aab5a12076bcf0e4fff52df87d2d68577ff01f10d36967efc40a484f6b89dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c6adc001575a50001b6a1b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C2
x-cache: RefreshHit from cloudfront
date: Sat, 15 May 2021 13:17:17 GMT
content-length: 2501
x-xss-protection: 1; mode=block
x-skip-cache-cookie: 0
etag: "5024b4623d44fa0707a2d4438153021c"
vary: Accept-Encoding
x-fallback-status: BYPASS
content-type: application/json; charset=utf-8
via: 1.1 015d563c1df00e18321ce956266180b1.cloudfront.net (CloudFront)
cache-control: public,max-age=1800
x-amz-cf-id: g8ncHAL23_56j76g1zVtMe07W8YZniffZjzD5B2PUDrrN33789lWvg==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame A34A 0
309 B 61ms
60ms XHR
text/plain 13.32.6.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=140px&styleWidth=100%25&theme=light&stars=4%2C5&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5c6adc001575a50001b6a1b8&widgetId=53aa8912dec7e10d38f59f36

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.6.90 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-6-90.vie50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c6adc001575a50001b6a1b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 15 May 2021 13:17:17 GMT
via: 1.1 015d563c1df00e18321ce956266180b1.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-C2
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: OWweMbJEjGl0ayMCtp7_DNDPNFmWrGDVI-w2KwM5bWhEjrvdcuEIZg==
x-xss-protection: 1; mode=block

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
139 B 536ms
188ms XHR
application/json 52.37.21.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/g0lq2Ey2E186wDKsGrLgvZFAbEWEj6AL/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.21.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-21-144.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bus.com
date: Sat, 15 May 2021 13:17:18 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
138 B 531ms
188ms XHR
application/json 52.37.21.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/g0lq2Ey2E186wDKsGrLgvZFAbEWEj6AL/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.21.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-21-144.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.bus.com
date: Sat, 15 May 2021 13:17:18 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/g0lq2Ey2E186wDKsGrLgvZFAbEWEj6AL/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6442
date: Sat, 15 May 2021 11:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 15 May 2021 13:29:56 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 44ms
19ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/g0lq2Ey2E186wDKsGrLgvZFAbEWEj6AL/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14057
x-xss-protection: 0
server: cafe
etag: 15306424688967737279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 15 May 2021 13:17:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/g0lq2Ey2E186wDKsGrLgvZFAbEWEj6AL/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: xL03K5DSfITo3u4jo6mvm1SIsM4q7y8vLTO1r9bZ5/2hMsudcL7ofhEC5XjyJyvGhJdo1HOyhaOctUPkm/H7Og==
x-fb-trip-id: 2052514463
x-frame-options: DENY
date: Sat, 15 May 2021 13:17:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 75 KB
25 KB 23ms
7ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/g0lq2Ey2E186wDKsGrLgvZFAbEWEj6AL/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:10:23 GMT
content-encoding: gzip
age: 415
x-guploader-uploadid: ABg5-UzG7Pz73C0TFhdfeqERNUx4tZ2-pxh2-8MDsyjgMLBClBo5wnBqz9OEdHh9PChAOA53obYj-SYyX-9Xy4dpMMU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 25572
last-modified: Thu, 28 Jan 2021 18:21:54 GMT
server: UploadServer
etag: "765779983eed1c9fc2821b4507eea08b"
vary: Accept-Encoding
x-goog-hash: crc32c=kP//+g==, md5=dld5mD7tHJ/CghtFB+6giw==
x-goog-generation: 1611858114590219
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 25572
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 15 May 2021 13:20:23 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 56ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/g0lq2Ey2E186wDKsGrLgvZFAbEWEj6AL/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:17 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 17:21:02 GMT
x-msedge-ref: Ref A: 188BEFC849D240C588456FDD7E059253 Ref B: FRAEDGE1211 Ref C: 2021-05-15T13:17:18Z
etag: "0d398608930d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8910

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 445ms
123ms Script
application/javascript 35.174.151.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/g0lq2Ey2E186wDKsGrLgvZFAbEWEj6AL/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-4-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: b7939e67e521a72f9344e54fe85a3edff247ac537235f178a522ae836dbf6820

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 15 May 2021 13:17:18 GMT
Content-Encoding: gzip
X-Pardot-Route: 4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB: a5df88223e39cf9fcb783877fed82f24
Last-Modified: Fri, 14 May 2021 18:59:01 GMT
Server: PardotServer
ETag: "14be-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1923
Expires: Mon, 15 May 2023 13:17:18 GMT

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 15ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 12:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2757
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Sat, 15 May 2021 13:31:21 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
533 B 34ms
13ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 May 2021 13:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bus.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3-29 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.39

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-xss-protection: 0
pragma: public
x-fb-debug: ztcCnwU3ssME8JOmW+11BEd85Qnvd5IiHMJKGEysp7W01WWlmi8iVAqeesUx04PTdRDTsem1gbJwmZBZ1IU0ng==
date: Sat, 15 May 2021 13:17:18 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 1529783763927730 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 69ms
69ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1529783763927730?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e40f4ba9435c1dfafc376cf442e6c65874318d3379a7f11e9a96e977a06ae1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 5eyAz3qPxK+3sl5UcMpJY7ELrZL2Zt4YC4IzWPFsQwixyIUwLsVjm7hbGswT/IMvCKVhCYLQas4LfxawDsrwIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 15 May 2021 13:17:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
343 B 49ms
33ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1621084638600

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Sat, 15 May 2021 13:17:18 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.bus.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
alt-svc: clear
content-length: 1

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
68 B 48ms
33ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1621084638602

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Sat, 15 May 2021 13:17:18 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.bus.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
alt-svc: clear
content-length: 1

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
462 B 34ms
13ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 May 2021 13:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bus.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 204 5751734 Show response
bat.bing.com/p/action/ 0
127 B 161ms
161ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5751734
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 15 May 2021 13:17:18 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 1D62FD7A8DB440748313E356F40BB827 Ref B: FRAEDGE1211 Ref C: 2021-05-15T13:17:18Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
171 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5751734&Ver=2&mid=f0aed4cc-777f-4d14-afe6-37e39ba2660f&sid=dfdc1450b57f11eba9ad6f04712cd768&vid=dfdc4540b57f11eb9898233fd17fb683&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Tickets%20%7C%20Bus.com&p=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&r=&lt=4960&evt=pageLoad&msclkid=N&sv=1&rn=37899
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 15 May 2021 13:17:18 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 56813A1E31704912B732A06ECFB4637B Ref B: FRAEDGE1211 Ref C: 2021-05-15T13:17:18Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
94 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5751734&Ver=2&mid=f0aed4cc-777f-4d14-afe6-37e39ba2660f&sid=dfdc1450b57f11eba9ad6f04712cd768&vid=dfdc4540b57f11eb9898233fd17fb683&vids=0&ea=track&el=Viewed%20Tickets%20Page&el2=Viewed%20Tickets%20Page&evt=custom&msclkid=N&rn=426450
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 15 May 2021 13:17:18 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 1DA4FE7DFE244096AF250E07D865462E Ref B: FRAEDGE1211 Ref C: 2021-05-15T13:17:18Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/902365392/ 2 KB
1 KB 38ms
21ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/902365392/?random=1621084638620&cv=9&fst=1621084638620&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&tiba=Tickets%20%7C%20Bus.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

caba0eccb2aaba9c2580f0715ddd22d534051236e6f1424cb743f83de345f45a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 13:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/902365392/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902365392/?random=1621084638625&cv=9&fst=1621084638625&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=path%3D%2Ftickets%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DTickets%20%7C%20Bus.com%3Burl%3Dhttps%3A%2F%2Fwww.bus.com%2Ftickets%2F&frm=0&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&tiba=Tickets%20%7C%20Bus.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74a98be8bda51f0d21d3c70026ad19636ebf4874a9d4fc42d50be0c2431c90cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 13:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1039
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-60995191-1&cid=1403225346.1621084639&jid=562326475&gjid=528849478&_gid=1509635371.1621084639&_u=aGBAgEAjAAQCAE~&z=167654768

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 15 May 2021 13:17:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.bus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=491565102&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&dp=%2Ftickets%2F&ul=en-us&de=UTF-8&dt=Tickets%20%7C%20Bus.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAQC~&jid=562326475&gjid=528849478&cid=1403225346.1621084639&tid=UA-60995191-1&_gid=1509635371.1621084639&z=727033405

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 10:29:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=491565102&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&dp=%2Ftickets%2F&ul=en-us&de=UTF-8&dt=Tickets%20%7C%20Bus.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20Tickets%20Page&ev=0&_u=aGBAgEAjAAQCAE~&jid=&gjid=&cid=1403225346.1621084639&tid=UA-60995191-1&_gid=1509635371.1621084639&z=705867963

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 10:29:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10061
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/902365392/ 42 B
108 B 19ms
18ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/902365392/?random=1621084638625&cv=9&fst=1621083600000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=path%3D%2Ftickets%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DTickets%20%7C%20Bus.com%3Burl%3Dhttps%3A%2F%2Fwww.bus.com%2Ftickets%2F&frm=0&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&tiba=Tickets%20%7C%20Bus.com&async=1&fmt=3&is_vtc=1&random=598908089&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 13:17:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/902365392/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/902365392/?random=1621084638625&cv=9&fst=1621083600000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=path%3D%2Ftickets%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DTickets%20%7C%20Bus.com%3Burl%3Dhttps%3A%2F%2Fwww.bus.com%2Ftickets%2F&frm=0&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&tiba=Tickets%20%7C%20Bus.com&async=1&fmt=3&is_vtc=1&random=598908089&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 13:17:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/902365392/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/902365392/?random=1978294225&cv=9&fst=1621084638620&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u...
https://www.google.com/pagead/1p-conversion/902365392/?random=1978294225&cv=9&fst=1621084638620&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_hi...
https://www.google.de/pagead/1p-conversion/902365392/?random=1978294225&cv=9&fst=1621084638620&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his...

42 B
64 B

29ms
28ms

Image
image/gif

2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/902365392/?random=1978294225&cv=9&fst=1621084638620&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&tiba=Tickets%20%7C%20Bus.com&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3smfYJLdJ5aqx_APpfiA4As&cid=CAQSKQCNIrLMrbzWMaQDNSjYQtnQcHngwDpmw2FZn4IbuelXTZaDVruwKNJK&random=1975490872&resp=GooglemKTybQhCsO&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 13:17:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 May 2021 13:17:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/902365392/?random=1978294225&cv=9&fst=1621084638620&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&tiba=Tickets%20%7C%20Bus.com&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=3smfYJLdJ5aqx_APpfiA4As&cid=CAQSKQCNIrLMrbzWMaQDNSjYQtnQcHngwDpmw2FZn4IbuelXTZaDVruwKNJK&random=1975490872&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1529783763927730&ev=PageView&dl=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&rl=&if=false&ts=1621084638685&sw=1600&sh=1200&v=2.9.39&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1621084638683.1493906522&it=1621084638580&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=l1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 15 May 2021 13:17:18 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1529783763927730&ev=Viewed%20Tickets%20Page&dl=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&rl=&if=false&ts=1621084638688&cd[noninteraction]=true&sw=1600&sh=1200&v=2.9.39&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1621084638683.1493906522&it=1621084638580&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-2edc3dbad5738e3b35ddc967a361f7e9&tm=2&exp=l1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 15 May 2021 13:17:18 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 38ms
36ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-60995191-1&cid=1403225346.1621084639&jid=562326475&_u=aGBAgEAjAAQCAE~&z=126935844

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 13:17:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-60995191-1&cid=1403225346.1621084639&jid=562326475&_u=aGBAgEAjAAQCAE~&z=126935844

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 May 2021 13:17:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 492ms
492ms Script
text/javascript 35.174.151.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=6440&account_id=485621&title=Tickets%20%7C%20Bus.com&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.174.151.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-4-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

fd0dcce8f2989e9a8d6d0b1a499e633f2fc5f961b871fb1dab47612f1abc7d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 May 2021 13:17:19 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: a5df88223e39cf9fcb783877fed82f24
X-Pardot-Rsp: 16/110/16
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 545
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
104 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryGTEAVpUDi31P6wX8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 15 May 2021 13:17:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.bus.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 analytics Show response
go.bus.com/ 50 B
782 B 932ms
915ms Script
text/javascript 2606:4700:10::6816:ba4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.bus.com/analytics?conly=true&visitor_id=179148273&visitor_id_sign=17f6010c4a6e336c5d23f5cab7474b91399c297416257399b4bb55f6b30d041bb188d4c6d64a6cffd472227a8851d612ed50aa83&pi_opt_in=&campaign_id=6440&account_id=485621&title=Tickets%20%7C%20Bus.com&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=6440&account_id=485621&title=Tickets%20%7C%20Bus.com&url=https%3A%2F%2Fwww.bus.com%2Ftickets%2F&referrer=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:10::6816:ba4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Referer: https://www.bus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 13:17:20 GMT
content-encoding: gzip
x-pardot-route: d5a18e4517a9c8ba62b77de366a4cdb5
cf-cache-status: BYPASS
x-pardot-rsp: 16/110/16
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a11c5a91300004edaa00c1000000001
pragma: no-cache
x-pardot-lb: d3d7f55bb0643f40d338b3c1e133d5c5
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-apo-via: origin,host
cf-ray: 64fca554ee834eda-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bus.com/	1970-01-20 03:03:40	Name: ajs_anonymous_id Value: %220c579acb-1bd9-43c7-87ae-8175ebef02c2%22
.bus.com/	1970-01-19 18:28:09	Name: _BusCom_session Value: Y243akh6OEdsVHBjUFg1YkxZaHZyTk85N2lTU1ZFNHZNVlhYWlg5R0kvUndtT0taOHB4Tm54b2JkdjJ4ZFJoUWNzWUhzdVJuS0xHbFEzVk5CRWwyNW52eEJXdlNDKzBjZFFSQXFMRkNISVhzYzhGUjAxR05CcUFTeFA3Nnh2blppWis4cmVhN01sQjBUWXJYWGN5TktTYkJ3Q1p6MnlFQ1A2K2lvOUVtM0taL0o0NGdFd3F3cEtVT0NJaEkzMXUvYytBRGdyNThReTAxMHlGbTBkSGVlN0NFMWl3RjJ5eExBcWp5UzhWdWVhbDNLQ25IM2pNZ0pKeER5VmVHdkROSCtSY1VSMmxseHlBTk5ZMUd0ZW83YjNQbHkwZ1BSWmZjTmdzbGlLYTBPN0tLS0RvYmRydVdMcy9tenJvVVhUSGFwYW0yMytsVnZIZ3gyaWxvNTRvZzArcGhRUjZkL1RhVTZHNHFTVmd6a2luWkdhdWtobmpraWRCaHpoaUhzNDREaFl0N2NIVTZyb0ZFbExicWxPSVN5UT09LS02MVZjcGdrQzM4Q2ZzdUFRUnE4UjBBPT0%3D--0d87b506cc403c2f02e531bd2171179cad73cb58
www.bus.com/	1970-01-20 03:03:40	Name: pll_language Value: en
.bus.com/	1970-01-19 18:18:04	Name: AMP_TOKEN Value: %24RETRIEVING
www.bus.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: vrkecpq28cb1dgcm0dp8j6ca508hdbb9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
api-js.mixpanel.com
api.segment.io
assetsw.bus.com
bat.bing.com
cdn.mxpnl.com
cdn.segment.com
connect.facebook.net
funcss.s3.amazonaws.com
go.bus.com
googleads.g.doubleclick.net
pi.pardot.com
stats.g.doubleclick.net
widget.trustpilot.com
www.bus.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.jupitermachinetools.shreevardhaman.bus.com
13.32.6.90
142.250.181.226
2600:1901:0:498c::
2606:4700:10::6816:ba4
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:828::200e
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c0a::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.174.151.106
35.186.241.51
52.217.32.28
52.37.21.144
54.224.27.210
99.86.244.81
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
097abaee219ea809614f8424883fcd4f55f81b0b20d025f65b27f20d6426b0b2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299
3a2123240b31c6cf1dfcf5e4e202ce9f216d4a687bd339be5f80c65002580057
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3de92076f171c3436c521932f53a1386dc58f89e3241830ae2cd2110df882967
42e7728a868159be517264ffffc3a7810178c93f273d938acbd59bbb0b76fef7
497686ff9f639ad2f229371c721f48c11823bd1c81d76cbfbdecd1ad68279cdc
524f68664f4e16c2d8d036a4385a978113de32863511dd8f817bdc5af25757ae
546c5c4226870838e2f457b0150d341f718006137e306b2708d5c8b2bf663c57
5eb8ee46de4c34a6097de84f03db44468beedb2eefd0a4fef9429f864943f83a
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
62e78bc207523f9df32fbcc5f072d9dbdc9cecd3c87a95281d4b066d92e1cf19
6b4d0739a904196621a9dbdf98660f299bc4fb24de1478d616af4f30063e7c34
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74a98be8bda51f0d21d3c70026ad19636ebf4874a9d4fc42d50be0c2431c90cd
7bdf2d6d46e641a0c03746f42712decb7547af00786702e5dd41efaf19f31af0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84aab5a12076bcf0e4fff52df87d2d68577ff01f10d36967efc40a484f6b89dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9954976480ba2c51272fb1279dce290f1abea3c68f26881f7a4ff34a81aef620
997f5bfb9f0c74974ec265633b71dd76c5f0224611dd26775db3cc823ec24947
99b90db99a8c21b5745d40bfc3c2d7ae5487e62c37bcf0ab29cbeab3c51a2dee
9e40f4ba9435c1dfafc376cf442e6c65874318d3379a7f11e9a96e977a06ae1b
a4507d50970318a455fa8460536804736196e51764583ddbc24e13cd4573b984
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a9150fbd683b9c553d2881b9d1ea04168329e5a2cd999ce0ec99ee34b8eab678
b7939e67e521a72f9344e54fe85a3edff247ac537235f178a522ae836dbf6820
ba9068b79fde046800bacd8fe9710b523723a623011fd82697118971ea3c31e0
bad0cdf6f4895ca6233a40f5b0b04d9a058196d3d221bfe8bf9dca91ea968402
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caba0eccb2aaba9c2580f0715ddd22d534051236e6f1424cb743f83de345f45a
d66a9e827146c7cffff75212032752172352dc9eca81efe3ff413eb9e008f73a
daa7f0d1fb21dba56493262f4757e01107e3c23eac65f8b1e0573d4ad3db1514
dac761614c3119c30f022106c0a6778d618a0e144e6a8a8fa2e93b6a7a24770f
dc840df0e3045f443951577698fdbb34d9690bc618962e50797c9919ac0d5085
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f92cd383880eb87b807ae32155b9107bb317f72bd700003b74fe01513e6ffd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd0dcce8f2989e9a8d6d0b1a499e633f2fc5f961b871fb1dab47612f1abc7d06

www.bus.com Open in urlscan Pro 2606:4700:10::6816:ba4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

64 %IPv6

16 Domains

22 Subdomains

21 IPs

3 Countries

798 kBTransfer

2025 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.bus.com Open in urlscan Pro
2606:4700:10::6816:ba4 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

64 %
IPv6

16
Domains

22
Subdomains

21
IPs

3
Countries

798 kB
Transfer

2025 kB
Size

5
Cookies

58 HTTP transactions
0 data transactions