Submitted URL: http://www.wanderu.com//en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Effective URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Submission: On October 01 via api from US — Scanned from CA

Summary

This website contacted 15 IPs in 2 countries across 10 domains to perform 48 HTTP transactions. The main IP is 104.17.190.4, located in and belongs to CLOUDFLARENET, US. The main domain is www.wanderu.com. The Cisco Umbrella rank of the primary domain is 495531.
TLS certificate: Issued by WE1 on September 21st 2024. Valid for: 3 months.
This is the only time www.wanderu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
25 wanderu.com
www.wanderu.com — Cisco Umbrella Rank: 495531
static-01.wanderu.com — Cisco Umbrella Rank: 314859
sp.wanderu.com — Cisco Umbrella Rank: 389568
api.wanderu.com — Cisco Umbrella Rank: 379764
571 KB
5 maze.co
snippet.maze.co — Cisco Umbrella Rank: 12606
prompts.maze.co — Cisco Umbrella Rank: 12218
16 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
accounts.google.com — Cisco Umbrella Rank: 20
analytics.google.com — Cisco Umbrella Rank: 158
87 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
td.doubleclick.net — Cisco Umbrella Rank: 216
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
23 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
84 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 10961
127 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
195 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
2 KB
1 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 6224
8 KB
48 10
Domain Requested by
12 static-01.wanderu.com www.wanderu.com
static-01.wanderu.com
6 api.wanderu.com static-01.wanderu.com
5 sp.wanderu.com www.wanderu.com
static-01.wanderu.com
3 www.google-analytics.com static-01.wanderu.com
www.google-analytics.com
3 snippet.maze.co www.wanderu.com
snippet.maze.co
2 accounts.google.com static-01.wanderu.com
accounts.google.com
2 prompts.maze.co static-01.wanderu.com
2 connect.facebook.net static-01.wanderu.com
connect.facebook.net
2 www.google.ca www.wanderu.com
2 td.doubleclick.net www.googletagmanager.com
2 www.googletagmanager.com www.wanderu.com
www.google-analytics.com
2 www.wanderu.com 1 redirects
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com static-01.wanderu.com
1 www.facebook.com static-01.wanderu.com
1 www.google.com www.wanderu.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 widget.trustpilot.com www.wanderu.com
48 18

This site contains links to these domains. Also see Links.

Domain
cars.wanderu.com
Subject Issuer Validity Valid
wanderu.com
WE1
2024-09-21 -
2024-12-20
3 months crt.sh
*.trustpilot.com
Amazon RSA 2048 M03
2024-01-03 -
2025-01-31
a year crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.maze.co
Amazon RSA 2048 M03
2024-03-07 -
2025-04-06
a year crt.sh
*.g.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google.ca
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-07-10 -
2024-10-08
3 months crt.sh
accounts.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Frame ID: 8C3CAB5448D4F1AEBD08D66536D04150
Requests: 43 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/931730023?random=1727750365184&cv=11&fst=1727750365184&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9176061774za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wanderu.com%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&hn=www.googleadservices.com&frm=0&tiba=Wanderu%3A%20Search%20%26%20Compare%20Cheap%20Bus%20and%20Train%20Tickets&npa=0&pscdl=noapi&auid=514863120.1727750365&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 6AC73F8D5C3A1791BEBAC0E26A21D76E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-CFJNLR5E5N&gacid=1900411510.1727750366&gtm=45je49u0v9117562339za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685~101747727&z=1943475722
Frame ID: 4727C705BE251E520F5C95697AA7AA86
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Wanderu: Search & Compare Cheap Bus and Train Tickets

Page URL History Show full URLs

  1. http://www.wanderu.com//en/-us//train//us/-il//chicago//us/-ca//los/-angeles// HTTP 307
    https://www.wanderu.com//en/-us//train//us/-il//chicago//us/-ca//los/-angeles// HTTP 301
    https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles// Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

48
Requests

100 %
HTTPS

47 %
IPv6

10
Domains

18
Subdomains

15
IPs

2
Countries

988 kB
Transfer

3259 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.wanderu.com//en/-us//train//us/-il//chicago//us/-ca//los/-angeles// HTTP 307
    https://www.wanderu.com//en/-us//train//us/-il//chicago//us/-ca//los/-angeles// HTTP 301
    https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles// Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Redirect Chain
  • http://www.wanderu.com//en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
  • https://www.wanderu.com//en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
  • https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
130 KB
35 KB
Document
General
Full URL
https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e948610d4b505a7b03a074a3e0cd1114978dbcc4963cb48aa9e89eb886447d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
MISS
cf-ray
8cb91502dc22ac0f-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 01 Oct 2024 02:39:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
77
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cf-cache-status
MISS
cf-ray
8cb91501daedac0f-YYZ
content-type
text/html; charset=utf-8
date
Tue, 01 Oct 2024 02:39:24 GMT
location
/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept, Accept-Encoding
x-content-type-options
nosniff nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
59
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block
126.721f13c9.css
static-01.wanderu.com/s3/ui/prod/static/css/
191 KB
32 KB
Stylesheet
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/css/126.721f13c9.css
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6b4bd26a02b518fe6410b174d20421976cbd7e8ee75ff1e5d78d8403f473b0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2fb21-6231d7843d8c0-gzip"
age
290758
expires
Wed, 09 Oct 2024 02:39:24 GMT
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
text/css
last-modified
Fri, 27 Sep 2024 17:48:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
cf-ray
8cb915040d01ac0f-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
32850
server
cloudflare
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/
24 KB
8 KB
Script
General
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-104.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
295fefc8bb1e9ec4dc6a33b4edb010cffdf73c2d28f520a5eb44181dc5a3b623
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-encoding
gzip
etag
"149f8b397fe711244ef204823190cb86"
age
57025
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
ZHy_27W_mAfO4Ow3nr1bMgiZDItiM-3whuujxIoQG5LdkT7rjp22nw==
date
Mon, 30 Sep 2024 10:49:00 GMT
content-type
application/x-javascript
last-modified
Mon, 16 Sep 2024 09:19:53 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=86400
via
1.1 73c72f4ba985fa512968a14b5bd2f576.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
7514
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
wanderu-logo.e19fc775.svg
static-01.wanderu.com/s3/ui/prod/static/media/
3 KB
2 KB
Image
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/media/wanderu-logo.e19fc775.svg
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4e5c1c06d3db1b3581402b88e3420f5d455a59ee3afec1615236e92b602b7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
content-encoding
br
cf-cache-status
HIT
etag
W/"dba-621eef800d0c0"
age
454150
cf-ray
8cb915042d0bac0f-YYZ
expires
Wed, 09 Oct 2024 02:39:24 GMT
access-control-allow-origin
*
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
image/svg+xml
last-modified
Thu, 12 Sep 2024 16:55:07 GMT
vary
Accept-Encoding
server
cloudflare
us.3cc0d38b.svg
static-01.wanderu.com/s3/ui/prod/static/media/
4 KB
849 B
Image
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/media/us.3cc0d38b.svg
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
content-encoding
br
cf-cache-status
HIT
etag
W/"116d-621eef800d0c0"
age
446697
cf-ray
8cb915040d02ac0f-YYZ
expires
Wed, 09 Oct 2024 02:39:24 GMT
access-control-allow-origin
*
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
image/svg+xml
last-modified
Thu, 12 Sep 2024 16:55:07 GMT
vary
Accept-Encoding
server
cloudflare
chiku-uh-oh.7263c9cc.svg
static-01.wanderu.com/s3/ui/prod/static/media/
3 KB
1 KB
Image
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/media/chiku-uh-oh.7263c9cc.svg
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
137479e9b75b1afbbf3f3d1e994235d28fb201f5af47d88c7ca5df53c8cf4a53
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
content-encoding
br
cf-cache-status
HIT
etag
W/"c88-621eef800d0c0"
cf-ray
8cb915040d05ac0f-YYZ
expires
Wed, 09 Oct 2024 02:39:24 GMT
access-control-allow-origin
*
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
image/svg+xml
last-modified
Thu, 12 Sep 2024 16:55:07 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/
275 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-931730023
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6b2edc791f414152184118e16098fecadcc70397aa4dc726b411580ad81e661
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 01 Oct 2024 02:39:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 01 Oct 2024 00:36:01 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96560
x-xss-protection
0
server
Google Tag Manager
889.126562d7.js
static-01.wanderu.com/s3/ui/prod/static/js/
43 KB
12 KB
Script
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/js/889.126562d7.js
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfb63ef7e434bc93630daa79cbd903b67cd9f65eda771798bfb7ce42bd64d49a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.wanderu.com
Referer
https://www.wanderu.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"aca0-6231d79197840-gzip"
age
290670
expires
Wed, 09 Oct 2024 02:39:24 GMT
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
text/javascript
last-modified
Fri, 27 Sep 2024 17:49:13 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
cf-ray
8cb915047e80ab64-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
11962
server
cloudflare
125.982d95f0.js
static-01.wanderu.com/s3/ui/prod/static/js/
5 KB
3 KB
Script
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/js/125.982d95f0.js
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8057d49eb5c09a02c1728736ec0644f9e8dd522718b37845aa34d869e5ae366
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.wanderu.com
Referer
https://www.wanderu.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"14fd-6231d78625d40-gzip"
age
290670
expires
Wed, 09 Oct 2024 02:39:24 GMT
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
text/javascript
last-modified
Fri, 27 Sep 2024 17:49:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
cf-ray
8cb915047e82ab64-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2257
server
cloudflare
903.42e024be.js
static-01.wanderu.com/s3/ui/prod/static/js/
649 KB
206 KB
Script
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3a5945432ebbf14292b307181700608b304daee4bd8fb4b1f89a6281c43cba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.wanderu.com
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
content-encoding
gzip
cf-cache-status
HIT
etag
"a245f-6231d79197840-gzip"
age
290670
cf-ray
8cb915047e84ab64-YYZ
expires
Wed, 09 Oct 2024 02:39:24 GMT
access-control-allow-origin
*
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
text/javascript
last-modified
Fri, 27 Sep 2024 17:49:13 GMT
vary
Accept-Encoding
server
cloudflare
126.7ea4b734.js
static-01.wanderu.com/s3/ui/prod/static/js/
899 KB
224 KB
Script
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/js/126.7ea4b734.js
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb85a28557b0c780a031b1d91727c157e9efadd0a3895804a6df509255c9e6d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.wanderu.com
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
content-encoding
gzip
cf-cache-status
HIT
etag
"e0d7d-6231d78625d40-gzip"
age
290670
cf-ray
8cb915047e83ab64-YYZ
expires
Wed, 09 Oct 2024 02:39:24 GMT
access-control-allow-origin
*
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
text/javascript
last-modified
Fri, 27 Sep 2024 17:49:01 GMT
vary
Accept-Encoding
server
cloudflare
i
sp.wanderu.com/
43 B
318 B
Image
General
Full URL
https://sp.wanderu.com/i?e=se&se_ca=pixel_page_load&se_ac=loaded&se_pr=213a3d3c-5b13-493f-b5e1-643b926c373e&url=https%3A%2F%2Fwww.wanderu.com%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&refr=&aid=ui_react&tna=pixel
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8cb915048d5cac0f-YYZ
access-control-allow-origin
*
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
image/gif
server
cloudflare
maze-universal-loader.js
snippet.maze.co/
2 KB
1 KB
Script
General
Full URL
https://snippet.maze.co/maze-universal-loader.js?apiKey=9ba5fdc8-ac0b-4be5-823a-3ae26ab46dcf
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-82.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1249cc5196f4197fe921c7417e9ad6b73f555988b1cff11d53c2bc35bdb5fb27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

Content-Encoding
br
x-amz-version-id
Esruug4qG9KVSrtSgnDnAuBrV7Xy2YFk
ETag
W/"71f1968b32546c7f60b7f4868a872e50"
Age
148
Alt-Svc
h3=":443"; ma=86400
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
N-LDLa6Nr-Nxyxz1ptnrMKcmR2OaZzE7RTRuJJgN4zMVufrI65tOYg==
Date
Tue, 01 Oct 2024 02:36:57 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
Last-Modified
Mon, 30 Sep 2024 17:06:54 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=43200
Connection
keep-alive
Via
1.1 7002831b3049ff1090da3f99329ed2b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P9
Server
AmazonS3
x-amz-server-side-encryption
AES256
proxima-vara-normal.a1f1ccf7.woff2
static-01.wanderu.com/s3/ui/prod/static/fonts/
11 KB
11 KB
Font
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/fonts/proxima-vara-normal.a1f1ccf7.woff2
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/css/126.721f13c9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03b61992d95809300c98ce7a96dc47d6e05edb1823f3f761d5e8d134d55f3875
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.wanderu.com
Referer
https://static-01.wanderu.com/s3/ui/prod/static/css/126.721f13c9.css

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
cf-cache-status
HIT
etag
"2c58-620ac709c0200"
age
1177370
cf-ray
8cb91504aebdab64-YYZ
expires
Wed, 09 Oct 2024 02:39:24 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11352
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
application/font-woff2
last-modified
Tue, 27 Aug 2024 16:07:36 GMT
vary
Accept-Encoding
server
cloudflare
proxima-vara-bold.cadbb3e3.woff2
static-01.wanderu.com/s3/ui/prod/static/fonts/
11 KB
12 KB
Font
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/fonts/proxima-vara-bold.cadbb3e3.woff2
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/css/126.721f13c9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e8f062d055aa497909b7001f7299d2f67357000f09ae8f97802ea007b825d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.wanderu.com
Referer
https://static-01.wanderu.com/s3/ui/prod/static/css/126.721f13c9.css

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
cf-cache-status
HIT
etag
"2cbc-621eef749b5c0"
age
1176168
cf-ray
8cb91504aebeab64-YYZ
expires
Wed, 09 Oct 2024 02:39:24 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11452
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
application/font-woff2
last-modified
Thu, 12 Sep 2024 16:54:55 GMT
vary
Accept-Encoding
server
cloudflare
contextualScaffold.js
snippet.maze.co/static/1326a5a76c43a93dfb918ab7bf0fa8dad93ca021/
20 KB
7 KB
Script
General
Full URL
https://snippet.maze.co/static/1326a5a76c43a93dfb918ab7bf0fa8dad93ca021/contextualScaffold.js
Requested by
Host: snippet.maze.co
URL: https://snippet.maze.co/maze-universal-loader.js?apiKey=9ba5fdc8-ac0b-4be5-823a-3ae26ab46dcf
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-82.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f93e7904beec641a2536741d2787ae830c65bc4fe84957964bb483c8337c4ca0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

Content-Encoding
br
x-amz-version-id
aRKrM.RqpUuspImr_UiIra3qxIe8Zw6L
ETag
W/"33f95017166c1ed17736aa5ec484d5cf"
Age
147
Alt-Svc
h3=":443"; ma=86400
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
uQSCI3wtd11_6WexS-9JJ2iq49Z9EHy5BBoXIWAXlalQhs9ChPm1ZA==
Date
Tue, 01 Oct 2024 02:36:58 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
Last-Modified
Mon, 30 Sep 2024 17:06:55 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=31536000, immutable
Connection
keep-alive
Via
1.1 7002831b3049ff1090da3f99329ed2b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK52-P9
Server
AmazonS3
x-amz-server-side-encryption
AES256
VptKUeuZCeTBKkpg.js
static-01.wanderu.com/s3/business/js/3.23.0/
78 KB
25 KB
Script
General
Full URL
https://static-01.wanderu.com/s3/business/js/3.23.0/VptKUeuZCeTBKkpg.js
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/126.7ea4b734.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612c77eb760d1733603ea2ac8a8fc15d113fda6cb95c418bab24b4a53df246c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"136b7-6165116af1940-gzip"
age
1181631
expires
Wed, 09 Oct 2024 02:39:25 GMT
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
text/javascript
last-modified
Wed, 17 Apr 2024 20:56:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
cf-ray
8cb915061ea3ac0f-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
25850
server
cloudflare
auth.json
api.wanderu.com/v2/
656 B
963 B
Fetch
General
Full URL
https://api.wanderu.com/v2/auth.json
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af3cb6d17c855fca67125631cbb5e3d701a3f5afdbbcd945d1296855c715b7d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.wanderu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"290-GSeAZllS6GmD28679Yk8BkgOBbU"
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
cf-ray
8cb9150628aaab64-YYZ
access-control-allow-origin
https://www.wanderu.com
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/931730023/
6 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/931730023/?random=1727750365184&cv=11&fst=1727750365184&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9176061774za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wanderu.com%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&hn=www.googleadservices.com&frm=0&tiba=Wanderu%3A%20Search%20%26%20Compare%20Cheap%20Bus%20and%20Train%20Tickets&npa=0&pscdl=noapi&auid=514863120.1727750365&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-931730023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
f7c751a187d74deea830883ea5d92041a091cc40b943ceb5fbc7cb2bf71ee3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2390
date
Tue, 01 Oct 2024 02:39:25 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
931730023
td.doubleclick.net/td/rul/ Frame 6AC7
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/931730023?random=1727750365184&cv=11&fst=1727750365184&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9176061774za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wanderu.com%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&hn=www.googleadservices.com&frm=0&tiba=Wanderu%3A%20Search%20%26%20Compare%20Cheap%20Bus%20and%20Train%20Tickets&npa=0&pscdl=noapi&auid=514863120.1727750365&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-931730023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wanderu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Oct 2024 02:39:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tp2
sp.wanderu.com/unblock/ Frame
0
0
Preflight
General
Full URL
https://sp.wanderu.com/unblock/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.wanderu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.wanderu.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
8cb91506c963ab64-YYZ
content-length
0
date
Tue, 01 Oct 2024 02:39:25 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
tp2
sp.wanderu.com/unblock/
2 B
194 B
XHR
General
Full URL
https://sp.wanderu.com/unblock/tp2
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8cb915072fe2ac0f-YYZ
access-control-allow-origin
https://www.wanderu.com
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
splittest.json
api.wanderu.com/v2/
422 B
504 B
Fetch
General
Full URL
https://api.wanderu.com/v2/splittest.json?id=36887a9d-f8f9-4d83-974f-f26d7ef5a8e9&ipAddress=unknown&path=%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&queryParams=
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8cd977ffed55728f606b3abb733546e05fa27f889e02a9f5088f4b3b757cc40
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.wanderu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-TOKEN
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzZXNzaW9uSWQiOiJYTmpudnNZb05uRDhnV3ZzMTc0SEhmYm0zZDNIOXEzNyIsImNyZWRlbnRpYWxzIjp7ImNsaWVudElkIjoiaGpNUUFYSnpiUnNnRlVEN2dWajl5azdvM0ZuQ0d6cE9Dbmxickgya3JNcyIsImJ1aWxkSWQiOiI0LjEuNjMiLCJjbGllbnROYW1lIjoid2FuZGVydS53ZWIuc2VhcmNoIiwidHlwZSI6InVzZXIiLCJ1c2VybmFtZSI6ImFub255bW91cyJ9LCJtZXRhIjp7IndhbmRlcnVWaXNpdG9ySUQiOiIzNjg4N2E5ZC1mOGY5LTRkODMtOTc0Zi1mMjZkN2VmNWE4ZTkifSwiaWF0IjoxNzI3NzUwMzY1LCJleHAiOjE3NDM1MTgzNjV9.MmGcPC_jp-xm8mYVQL8tCXpdTtNVlRt3bzwj3VImsm4

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"1a6-kasb6+6LUDdEv5sagYCpEAHT7q4"
x-envoy-upstream-service-time
28
access-control-allow-credentials
true
cf-ray
8cb915074a04ab64-YYZ
access-control-allow-origin
https://www.wanderu.com
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
splittest.json
api.wanderu.com/v2/ Frame
0
0
Preflight
General
Full URL
https://api.wanderu.com/v2/splittest.json?id=36887a9d-f8f9-4d83-974f-f26d7ef5a8e9&ipAddress=unknown&path=%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&queryParams=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-token
Access-Control-Request-Method
GET
Origin
https://www.wanderu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Accept,Accept-Language,Accept-Encoding,X-TOKEN
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.wanderu.com
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
8cb91506d96cab64-YYZ
date
Tue, 01 Oct 2024 02:39:25 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Origin
x-envoy-upstream-service-time
1
/
www.google.com/pagead/1p-user-list/931730023/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/931730023/?random=1727750365184&cv=11&fst=1727748000000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9176061774za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wanderu.com%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&hn=www.googleadservices.com&frm=0&tiba=Wanderu%3A%20Search%20%26%20Compare%20Cheap%20Bus%20and%20Train%20Tickets&npa=0&pscdl=noapi&auid=514863120.1727750365&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf-5BjljRDM6EU97Ypaeo6Ed459dyEgA&random=1875373685&rmt_tld=0&ipr=y
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 01 Oct 2024 02:39:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/931730023/
42 B
64 B
Image
General
Full URL
https://www.google.ca/pagead/1p-user-list/931730023/?random=1727750365184&cv=11&fst=1727748000000&bg=ffffff&guid=ON&async=1&gtm=45be49u0v9176061774za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.wanderu.com%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&hn=www.googleadservices.com&frm=0&tiba=Wanderu%3A%20Search%20%26%20Compare%20Cheap%20Bus%20and%20Train%20Tickets&npa=0&pscdl=noapi&auid=514863120.1727750365&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf-5BjljRDM6EU97Ypaeo6Ed459dyEgA&random=1875373685&rmt_tld=1&ipr=y
Requested by
Host: www.wanderu.com
URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 01 Oct 2024 02:39:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
tp2
sp.wanderu.com/unblock/
2 B
58 B
XHR
General
Full URL
https://sp.wanderu.com/unblock/tp2
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8cb91507982bac0f-YYZ
access-control-allow-origin
https://www.wanderu.com
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/126.7ea4b734.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-encoding
gzip
age
5953
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 01 Oct 2024 03:00:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 01:00:12 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
ping.json
api.wanderu.com/v2/
629 B
685 B
Fetch
General
Full URL
https://api.wanderu.com/v2/ping.json
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac8ef0b699983edbf5543207ae2eea896ed3dd415bbafa1d3f4b9ccfa14db7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"275-+Oj9pzP4zBp0qLB+jhIw3zMZ7CI"
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
cf-ray
8cb915084ae5ab64-YYZ
access-control-allow-origin
https://www.wanderu.com
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/126.7ea4b734.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
eb3c042f3f329a5fdf12ed7c80e7cea066c4af870e98bf8113b22bb4befec671
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-md5
VoCDD0L42xiKYHJn3TGQTg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"0822806456ec3bc0a735b9c70627bbd6"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Tue, 01 Oct 2024 02:52:44 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=1200s
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
dd1342776a3be7d0657f81dded24e45c
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=23, mss=1232, tbw=4509, tp=11, tpl=0, uplat=0, ullat=-1
x-fb-debug
/gzmscNWtOc+4Bq5q6/pJBwF+reNLiWhESC+OMMmzNyWPvWVoZWxyRv6qxLOOMEXfq/3ikeWJs4VAw9M5WYkWg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1688
tp2
sp.wanderu.com/unblock/
2 B
91 B
XHR
General
Full URL
https://sp.wanderu.com/unblock/tp2
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8cb91509999eac0f-YYZ
access-control-allow-origin
https://www.wanderu.com
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
sdk.js
connect.facebook.net/en_US/
288 KB
82 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8d5ac06e473edd914da152a3a5715953
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
f9c55932540d50f626b6dbf9480405ad6baa29c964a74705c6ecc57569163a16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.wanderu.com
Referer
https://www.wanderu.com/

Response headers

content-md5
tD1DPHgNoYI1FDYvpCs9tA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"1e2aafccdc49298082d9872473253a7c"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 01 Oct 2025 01:55:40 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
0b4ba62dde038b943b5474c19d818256
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4439, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
kY6fAWbHQXukLMN09QaxWNFd8nb/RB+82ZKoGv1oLtWd7dxMBoTW3ESW11ReskRvuyhr6V9C3t9M1V4lEEV0Eg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
84027
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-encoding
br
age
943
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Tue, 01 Oct 2024 03:23:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 02:23:42 GMT
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1129
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/j/
15 B
434 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=387817954&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wanderu.com%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&ul=en-ca&de=UTF-8&dt=Wanderu%3A%20Search%20%26%20Compare%20Cheap%20Bus%20and%20Train%20Tickets&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIJAAAAACAMI~&jid=844164211&gjid=1714665862&cid=1900411510.1727750366&tid=UA-23346503-19&_gid=381626690.1727750366&_r=1&_slc=1&z=947408913
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0e28e6ffba6ad1f08a50b3d5463793c64e8fde15bc513c7aec4e35c5fb67b095
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.wanderu.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 02:39:25 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.wanderu.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
status
www.facebook.com/x/oauth/
0
2 KB
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=1299527856739590&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.wanderu.com%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

access-control-expose-headers
fb-s
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420631315023367589"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
text/plain; charset=UTF-8
x-fb-debug
IzvBid0j3ZQ0fgznnXWu/wmJEHRJIq9LE4W006vfbE7CvnSvNbTWwILIiPT6sh3EakVHvLD1SouiSE4aM/A4KA==
strict-transport-security
max-age=15552000; preload
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420631315023367589", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
cache-control
private, no-cache, no-store, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1297, tbw=2755, tp=-1, tpl=-1, uplat=12, ullat=0
pragma
no-cache
fb-s
unknown
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
https://www.wanderu.com
content-length
0
origin-agent-cluster
?0
widgets
prompts.maze.co/api/ Frame
0
0
Preflight
General
Full URL
https://prompts.maze.co/api/widgets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.179.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-179-225.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-maze-correlation-id,x-maze-snippet-src
Access-Control-Request-Method
POST
Origin
https://www.wanderu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key,x-maze-correlation-id,x-maze-snippet-src
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
600
date
Tue, 01 Oct 2024 02:39:25 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
widgets
prompts.maze.co/api/
569 B
727 B
Fetch
General
Full URL
https://prompts.maze.co/api/widgets
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.179.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-179-225.compute-1.amazonaws.com
Software
/ Express
Resource Hash
1d7626c53c30ab81e93864845b134bd3d8370bbc5f5dce33d927d3e04977912b

Request headers

x-maze-correlation-id
1727750364999-687.7227728916813
x-maze-snippet-src
contextual-widget
Referer
https://www.wanderu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
x-api-key
9ba5fdc8-ac0b-4be5-823a-3ae26ab46dcf

Response headers

access-control-allow-origin
*
content-length
569
date
Tue, 01 Oct 2024 02:39:25 GMT
etag
W/"239-B7gz7Z4DP1I+AkK3I/a+hIO5xac"
content-type
application/json; charset=utf-8
x-powered-by
Express
js
www.googletagmanager.com/gtag/
299 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CFJNLR5E5N&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f3fa2d2532e17b3804c21c4f5b6983267ad20528563ca489bca325de73ab5b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 01 Oct 2024 02:39:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102711
x-xss-protection
0
server
Google Tag Manager
favicon.ico
static-01.wanderu.com/s3/ui/prod/static/media/
9 KB
2 KB
Other
General
Full URL
https://static-01.wanderu.com/s3/ui/prod/static/media/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d906af5e9bb7d680ae476849f78c1008459cf445b651ef0e11eae89b68a4d3e4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=691200
content-encoding
br
cf-cache-status
HIT
etag
W/"25be-621eef800d0c0"
age
457757
cf-ray
8cb9150a8a5cac0f-YYZ
expires
Wed, 09 Oct 2024 02:39:25 GMT
access-control-allow-origin
*
date
Tue, 01 Oct 2024 02:39:25 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 12 Sep 2024 16:55:07 GMT
vary
Accept-Encoding
server
cloudflare
client
accounts.google.com/gsi/
227 KB
86 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/126.7ea4b734.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:140f::54 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7883634a1217d887b99db89dabe33c3b0b7fcc077721a10128abff7f9df77708
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-arMM5ERECAA-nWsO5jJd0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-arMM5ERECAA-nWsO5jJd0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control
private, max-age=1800
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options
nosniff
expires
Tue, 01 Oct 2024 02:39:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date
Tue, 01 Oct 2024 02:39:26 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
contextualScaffoldHelpers.js
snippet.maze.co/static/1326a5a76c43a93dfb918ab7bf0fa8dad93ca021/
20 KB
6 KB
Script
General
Full URL
https://snippet.maze.co/static/1326a5a76c43a93dfb918ab7bf0fa8dad93ca021/contextualScaffoldHelpers.js
Requested by
Host: snippet.maze.co
URL: https://snippet.maze.co/static/1326a5a76c43a93dfb918ab7bf0fa8dad93ca021/contextualScaffold.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.249.91.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-82.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6d49bf2bde22621c0f35e19a6ddcab3997325be921fb9a3ed66897f36fa0e53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-encoding
br
x-amz-version-id
XQtWlgVORC_hFKN4n1DS7O5ck9EHUYAA
age
2
etag
W/"8ee4acd1380d101ce48b6b566601ca78"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
3kFp2qSuiYPRDo0oc1aRCz2K8Wg7pv-U04j1azbjGpda8l34P8L9_A==
date
Tue, 01 Oct 2024 02:39:24 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 17:06:55 GMT
cache-control
max-age=31536000, immutable
via
1.1 9b0814f74b20835098fe6c38b6ceeac4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
analytics.google.com/g/
0
545 B
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CFJNLR5E5N&gtm=45je49u0v9117562339za200&_p=1727750364868&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101671035~101686685~101747727&ul=en-ca&sr=1600x1200&cid=1900411510.1727750366&ecid=322749061&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.wanderu.com%2Fen-us%2Fen%2F-us%2F%2Ftrain%2F%2Fus%2F-il%2F%2Fchicago%2F%2Fus%2F-ca%2F%2Flos%2F-angeles%2F%2F&dt=Wanderu%3A%20Search%20%26%20Compare%20Cheap%20Bus%20and%20Train%20Tickets&sid=1727750366&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1669
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.wanderu.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 02:39:26 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
554 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CFJNLR5E5N&cid=1900411510.1727750366&gtm=45je49u0v9117562339za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101671035~101686685~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CFJNLR5E5N&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.wanderu.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 02:39:26 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 4727
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-CFJNLR5E5N&gacid=1900411510.1727750366&gtm=45je49u0v9117562339za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685~101747727&z=1943475722
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CFJNLR5E5N&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wanderu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 01 Oct 2024 02:39:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/
42 B
63 B
Image
General
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CFJNLR5E5N&cid=1900411510.1727750366&gtm=45je49u0v9117562339za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101671035~101686685~101747727&tag_exp=101671035~101686685~101747727&z=1710712053
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 01 Oct 2024 02:39:26 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
events.json
api.wanderu.com/v2/
116 B
423 B
Fetch
General
Full URL
https://api.wanderu.com/v2/events.json
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
087aa76bbd2f6184b9281d1006516fa57df69aab47a337a9f9b0e3c8995518bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.wanderu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"74-hFA6ctLg76Se6kl7iANa1KTgX/U"
x-envoy-upstream-service-time
5
access-control-allow-credentials
true
cf-ray
8cb9150c3eb3ab64-YYZ
access-control-allow-origin
https://www.wanderu.com
date
Tue, 01 Oct 2024 02:39:26 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
style
accounts.google.com/gsi/
533 B
586 B
Stylesheet
General
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:140f::54 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Oce-lNx2UKsWNlql9NhSoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wanderu.com/

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Oce-lNx2UKsWNlql9NhSoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control
private, max-age=86400
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options
nosniff
expires
Tue, 01 Oct 2024 02:39:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date
Tue, 01 Oct 2024 02:39:26 GMT
x-xss-protection
0
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
auth.json
api.wanderu.com/v2/
948 B
1 KB
Fetch
General
Full URL
https://api.wanderu.com/v2/auth.json
Requested by
Host: static-01.wanderu.com
URL: https://static-01.wanderu.com/s3/ui/prod/static/js/903.42e024be.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.190.4 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204cfc11a8d840a5dba400790b1d74a32221bbf7db212569c71573be4f2dfb6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.wanderu.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"3b4-dybMGyv0QPoQSOvV0alijGPjfPA"
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
cf-ray
8cb9150cef67ab64-YYZ
access-control-allow-origin
https://www.wanderu.com
date
Tue, 01 Oct 2024 02:39:26 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| appSettings string| __uuid object| __INITIAL_STATE__ object| __INITIAL_I18N__ function| gtag object| dataLayer string| mazeUniversalSnippetApiKey object| Trustpilot object| webpackJsonp number| MAZE_LOG_LEVEL object| mazePrompts object| DD_RUM function| setImmediate function| clearImmediate object| GlobalSnowplowNamespace function| snowplow object| google_tag_manager object| google_tag_data object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| fbAsyncInit object| FB object| gaplugins object| gaGlobal object| gaData object| __buffer object| mazeHelpers object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_266539

13 Cookies

Domain/Path Name / Value
.wanderu.com/ Name: __cf_bm
Value: g0ScDXgQiyEDfPpbkARnJrw8999qeMRP94Pfk7WOZLw-1727750364-1.0.1.1-3xFX.aYR7fh_.aPgYRj_2AZ8gE749MykT8rl8VNCgl2ElRZSkaSlUmjKgWwZxft79Bjx0UldyPUw7F8Jur1XLcJLkNHYd0K7QgvNYJTkFVg
sp.wanderu.com/ Name: sp
Value: 69708b9a-f5c1-41ed-a4dd-73ed6876657f
.www.wanderu.com/ Name: split-test-id
Value: 36887a9d-f8f9-4d83-974f-f26d7ef5a8e9
.wanderu.com/ Name: _gcl_au
Value: 1.1.514863120.1727750365
.wanderu.com/ Name: _sp_ses.0cf6
Value: *
.wanderu.com/ Name: sp
Value: 69708b9a-f5c1-41ed-a4dd-73ed6876657f
.wanderu.com/ Name: _sp_id.0cf6
Value: 5692fdbb-4209-4397-9e3f-5dde6bf4ac7d.1727750365.1.1727750365..9103611b-ba01-4e45-8c0d-f0d3f597b20d..e59d5e70-be3b-4293-be1d-7c3d5f412304.1727750365229.4
.wanderu.com/ Name: _ga
Value: GA1.2.1900411510.1727750366
.wanderu.com/ Name: _gid
Value: GA1.2.381626690.1727750366
.wanderu.com/ Name: _gat
Value: 1
.wanderu.com/ Name: _ga_CFJNLR5E5N
Value: GS1.2.1727750366.1.0.1727750366.60.0.322749061
.doubleclick.net/ Name: IDE
Value: AHWqTUkxEoBZFB4mS6ebBm4qCJUw0GjeOFo7Kh2RTbxxNcX6ArWdJn2EaK8rv9WH
www.wanderu.com/ Name: _dd_s
Value: rum=0&expire=1727751265113

2 Console Messages

Source Level URL
Text
network error URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://www.wanderu.com/en-us/en/-us//train//us/-il//chicago//us/-ca//los/-angeles//
Message:
Provider's accounts list is empty.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
analytics.google.com
api.wanderu.com
connect.facebook.net
googleads.g.doubleclick.net
prompts.maze.co
snippet.maze.co
sp.wanderu.com
static-01.wanderu.com
stats.g.doubleclick.net
td.doubleclick.net
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.wanderu.com
104.17.190.4
13.249.91.82
142.250.72.100
142.250.80.35
142.251.35.162
157.240.241.1
18.173.219.104
2607:f8b0:4004:c09::9a
2607:f8b0:4006:806::2008
2607:f8b0:4006:80d::200e
2607:f8b0:4006:81f::200e
2607:f8b0:4006:823::2002
2607:f8b0:4023:140f::54
2a03:2880:f112:182:face:b00c:0:25de
54.145.179.225
03b61992d95809300c98ce7a96dc47d6e05edb1823f3f761d5e8d134d55f3875
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05e8f062d055aa497909b7001f7299d2f67357000f09ae8f97802ea007b825d0
087aa76bbd2f6184b9281d1006516fa57df69aab47a337a9f9b0e3c8995518bb
0e28e6ffba6ad1f08a50b3d5463793c64e8fde15bc513c7aec4e35c5fb67b095
1249cc5196f4197fe921c7417e9ad6b73f555988b1cff11d53c2bc35bdb5fb27
137479e9b75b1afbbf3f3d1e994235d28fb201f5af47d88c7ca5df53c8cf4a53
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d7626c53c30ab81e93864845b134bd3d8370bbc5f5dce33d927d3e04977912b
1f3fa2d2532e17b3804c21c4f5b6983267ad20528563ca489bca325de73ab5b3
204cfc11a8d840a5dba400790b1d74a32221bbf7db212569c71573be4f2dfb6e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
295fefc8bb1e9ec4dc6a33b4edb010cffdf73c2d28f520a5eb44181dc5a3b623
3a3a5945432ebbf14292b307181700608b304daee4bd8fb4b1f89a6281c43cba
3e6b4bd26a02b518fe6410b174d20421976cbd7e8ee75ff1e5d78d8403f473b0
612c77eb760d1733603ea2ac8a8fc15d113fda6cb95c418bab24b4a53df246c9
7883634a1217d887b99db89dabe33c3b0b7fcc077721a10128abff7f9df77708
7e948610d4b505a7b03a074a3e0cd1114978dbcc4963cb48aa9e89eb886447d2
9ac8ef0b699983edbf5543207ae2eea896ed3dd415bbafa1d3f4b9ccfa14db7b
a8057d49eb5c09a02c1728736ec0644f9e8dd522718b37845aa34d869e5ae366
af3cb6d17c855fca67125631cbb5e3d701a3f5afdbbcd945d1296855c715b7d0
b6d49bf2bde22621c0f35e19a6ddcab3997325be921fb9a3ed66897f36fa0e53
bfb63ef7e434bc93630daa79cbd903b67cd9f65eda771798bfb7ce42bd64d49a
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
c8cd977ffed55728f606b3abb733546e05fa27f889e02a9f5088f4b3b757cc40
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d6b2edc791f414152184118e16098fecadcc70397aa4dc726b411580ad81e661
d906af5e9bb7d680ae476849f78c1008459cf445b651ef0e11eae89b68a4d3e4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfb85a28557b0c780a031b1d91727c157e9efadd0a3895804a6df509255c9e6d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3c042f3f329a5fdf12ed7c80e7cea066c4af870e98bf8113b22bb4befec671
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7c751a187d74deea830883ea5d92041a091cc40b943ceb5fbc7cb2bf71ee3d3
f93e7904beec641a2536741d2787ae830c65bc4fe84957964bb483c8337c4ca0
f9c55932540d50f626b6dbf9480405ad6baa29c964a74705c6ecc57569163a16
ff4e5c1c06d3db1b3581402b88e3420f5d455a59ee3afec1615236e92b602b7c