pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io Open in urlscan Pro
2606:4700:3037::6815:fcb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
Submission: On September 04 via api (September 4th 2024, 9:58:01 pm UTC) from US — Scanned from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 3 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3037::6815:fcb, located in United States and belongs to CLOUDFLARENET, US. The main domain is pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io.
TLS certificate: Issued by WE1 on September 4th 2024. Valid for: 3 months.

This is the only time pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3037::6815:fcb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c21::54	15169 (GOOGLE) (GOOGLE)
4	151.101.195.9 151.101.195.9	54113 (FASTLY) (FASTLY)
2	44.197.221.236 44.197.221.236	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:20:... 2606:4700:20::ac43:4415	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	6

6 2606:4700:3037::6815:fcb (United States)

ASN13335 (CLOUDFLARENET, US)

pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c21::54 (Washington, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.195.9 (San Francisco, United States)

ASN54113 (FASTLY, US)

sdk.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.197.221.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-221-236.compute-1.amazonaws.com

auth.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4415 (United States)

ASN13335 (CLOUDFLARENET, US)

api.development.prizepicks.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	prizepicks.io pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io api.development.prizepicks.io Failed	467 KB
6	split.io sdk.split.io — Cisco Umbrella Rank: 3177 auth.split.io — Cisco Umbrella Rank: 3740	14 KB
2	google.com accounts.google.com — Cisco Umbrella Rank: 46	87 KB
16	3

	Domain	Requested by
6	pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io	pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
4	sdk.split.io	pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
2	auth.split.io	pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
2	accounts.google.com	pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io accounts.google.com
1	api.development.prizepicks.io	pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
16	5

This site contains no links.

Subject Issuer	Validity	Valid
pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
accounts.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.split.io GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
prizepicks.io E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
Frame ID: 20475BF033A9F6B091B9510E74257104
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PrizePicks Back Office

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Page Statistics

16
Requests

94 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

6
IPs

1
Countries

569 kB
Transfer

1902 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/ 991 B
1 KB 394ms
204ms Document
text/html 2606:4700:3037::6815:fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9de7f17ced88c46822071fe0d0cec41765f03f54d03fe4107be79dc82b51a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8be13ce1ca3e159f-EWR
content-encoding: br
content-type: text/html
date: Wed, 04 Sep 2024 21:57:53 GMT
last-modified: Wed, 04 Sep 2024 19:10:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1q3knJ1XsDuyN4YJiwcMiEe%2BxzMtXsAO%2B%2BC7Z%2B7q47Vxi6DNCSlRn1EudPmQJSdm6Z94Mg0lL1I%2BPkbrPSXhBOpnAf2XQ%2FJFZrKir8Cl8v3DTmRjrSySaWeL0gullGbJ3seHDQyUXFENPOFNwUu1LuihP4EHblGC%2FwxvO0r6M282JA6hRbxOUJ%2BDRhFZ3NFRTJhlOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding

GET
H3 200 index-BQwMY2BE.js Show response
pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/ 1 MB
397 KB 572ms
571ms Script
application/javascript 2606:4700:3037::6815:fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/index-BQwMY2BE.js

Requested by

Host: pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
URL: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfa37a8f1de3cbd0e759210a6bf1b36ca5a3ff5672236b3a4104e9559b105863

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
Origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 21:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains
last-modified: Wed, 04 Sep 2024 19:08:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
etag: W/"66d8b032-14d3f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fR%2B%2FT%2B%2FEliduT0BnpjISoDyqMN9H4%2BePkhlZTabNiaJ44FPhar50oYC9lTESrZ9Xcu5zBt8g4F5aRtMg9cu9hM0ORCTlKTcGVGB6sUm2QiKxd%2BdK1R9Oq1NfurhmwSXHcbQUXAaLZnSOeEsHrk69nWQR6Qxgd3iHtv7js0EsgiA%2F0DsP831AxL7EZofixR13BzmVTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400, proxy-revalidate
cf-ray: 8be13ce33b9f159f-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 04 Sep 2024 22:57:53 GMT

GET
H3 200 index-BWlfgZGW.css
pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/ 91 KB
16 KB 312ms
310ms Stylesheet
text/css 2606:4700:3037::6815:fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/index-BWlfgZGW.css

Requested by

Host: pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
URL: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a166301ce396bce7aef9d70f10317c90462dbd2765399adcd6684865f4800a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
Origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 21:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains
last-modified: Wed, 04 Sep 2024 19:08:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
etag: W/"66d8b032-16b6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DIttEOVrbP9SmnXwiYgSB9aQTQKrH8CCMH29Hp7HHPZDP5xY103qsxALYIclrBDAPgJZaprVn0yLnG6vQrLpAsSO%2B4v691ToXcJ8lNouMsM%2Bid1zin%2BzpRPXqQtKCxZMR%2BXKJsVtYwOsXxQ69x%2BXNAIc8z3Npbhj6gv0SXPf%2F7PPRDeoz1rB6WusNwnAdDIyllAYAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400, proxy-revalidate
cf-ray: 8be13ce33ba1159f-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 04 Sep 2024 22:57:53 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 227 KB
86 KB 722ms
81ms Script
application/javascript 2607:f8b0:4004:c21::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
URL: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aea089db05b89969655cc753bacbab47aadf75a84b8be415ef21357aad40877f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aGukClnpah1DUXHljr_7NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 21:57:54 GMT
content-security-policy: script-src 'report-sample' 'nonce-aGukClnpah1DUXHljr_7NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 04 Sep 2024 21:57:54 GMT

OPTIONS
H2 200 anon
sdk.split.io/api/mySegments/ 0
0 166ms
58ms Preflight 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
access-control-max-age: 7200
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length: 37
date: Wed, 04 Sep 2024 21:57:54 GMT
retry-after: 0
server: Varnish
strict-transport-security: max-age=15770000; includeSubdomains
vary: Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-ewr-kewr1740075-EWR
x-timer: S1725487075.972711,VS0,VE0

GET
H2 200 anon Show response
sdk.split.io/api/mySegments/ 17 B
455 B 31ms
30ms Fetch
application/json 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anon

Requested by

Host: pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
URL: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/index-BQwMY2BE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: application/json
Referer: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
SplitSDKVersion: react-1.12.0
Authorization: Bearer 401ggpe4c5ur5cd4kkhaoqgojp7ur0tqeul7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubdomains
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 04 Sep 2024 21:57:55 GMT
age: 29231
x-cache: HIT, HIT
content-length: 41
x-served-by: cache-iad-kjyo7100069-IAD, cache-ewr-kewr1740075-EWR
x-timer: S1725487075.027505,VS0,VE1
etag: "1000002"
vary: Accept-Encoding, Origin, Authorization
trace: cache-iad-kjyo7100069-IAD-2dd68a40-66ea-490b-9bee-f22864502cf2; cache-ewr-kewr1740048-EWR-d824b170-d5a7-4c1f-882d-5d49414e3434
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-Id
cache-control: no-transform, max-age=60, s-maxage=60
accept-ranges: bytes
x-cache-hits: 25, 0

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 137 KB
13 KB 32ms
30ms Fetch
application/json 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?s=1.1&since=-1

Requested by

Host: pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
URL: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/index-BQwMY2BE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7ae8ee17953e1f3786645e583f7dfedbd5eabf0fcaa13d81be868a35c498c038

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: application/json
Referer: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
SplitSDKVersion: react-1.12.0
Authorization: Bearer 401ggpe4c5ur5cd4kkhaoqgojp7ur0tqeul7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubdomains
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 04 Sep 2024 21:57:55 GMT
age: 12711
x-cache: HIT, MISS
content-length: 12665
x-served-by: cache-iad-kjyo7100099-IAD, cache-ewr-kewr1740075-EWR
last-modified: Wed, 04 Sep 2024 18:04:16 GMT
x-timer: S1725487075.027518,VS0,VE8
etag: "1725473056022"
vary: Accept-Encoding, Origin, Authorization
content-type: application/json; charset=utf-8
trace: cache-iad-kjyo7100099-IAD-723f844c-f9db-4483-9be2-34f123030018; cache-ewr-kewr1740075-EWR-9b4a2347-bf18-46a1-bd29-bf099e544c8b
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-Id
cache-control: no-transform, max-age=60, s-maxage=60
accept-ranges: bytes
x-cache-hits: 12, 0

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ 0
0 162ms
58ms Preflight 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?s=1.1&since=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
access-control-max-age: 7200
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length: 37
date: Wed, 04 Sep 2024 21:57:54 GMT
retry-after: 0
server: Varnish
strict-transport-security: max-age=15770000; includeSubdomains
vary: Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-ewr-kewr1740075-EWR
x-timer: S1725487075.972661,VS0,VE0

GET
H/1.1 200
OK auth Show response
auth.split.io/api/v2/ 679 B
1 KB 34ms
33ms Fetch
application/json 44.197.221.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/v2/auth?s=1.1&users=anon

Requested by

Host: pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
URL: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/index-BQwMY2BE.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.197.221.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-197-221-236.compute-1.amazonaws.com

Software

Resource Hash

0574ce1ab1b5bdd5c07fa2bfd54d71680c82f96af9cb13037013ee2c7031cc62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15770000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json
Referer: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
SplitSDKVersion: react-1.12.0
Authorization: Bearer 401ggpe4c5ur5cd4kkhaoqgojp7ur0tqeul7
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 04 Sep 2024 21:57:55 GMT
Strict-Transport-Security: max-age=15770000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
Content-Length: 679

GET
H3 200 pp-logo.png
pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/ 991 B
1 KB 69ms
68ms Other
text/html 2606:4700:3037::6815:fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/pp-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9de7f17ced88c46822071fe0d0cec41765f03f54d03fe4107be79dc82b51a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 21:57:54 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 04 Sep 2024 19:10:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QfkH1Yo%2Bsza7swW1RHdw9vvTAiVYyTdJvhktxP8iSllcgQ1mx1ODlCDm62EDYAbchdaknTOsgJgZ70K6GgP%2BeHUEd5z31gIbOQcS3%2B%2B%2Bnjg5Kttl0ylGuJ3Ynq3xvbawhJmzcge2EkZeGSDmu8sWEyhiR8CMaVWr4WLyFKmiVfRCg43ib%2BzlUhx4bzr77cXkgwMRdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 8be13cea3977159f-EWR
alt-svc: h3=":443"; ma=86400

OPTIONS
H/1.1 200
OK auth
auth.split.io/api/v2/ 0
0 273ms
29ms Preflight
application/json 44.197.221.236
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/v2/auth?s=1.1&users=anon

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.197.221.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-197-221-236.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15770000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
Connection: keep-alive
Content-Length: 4
Content-Type: application/json; charset=utf-8
Date: Wed, 04 Sep 2024 21:57:55 GMT
Strict-Transport-Security: max-age=15770000; includeSubDomains
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only

GET current
api.development.prizepicks.io/api/v1/admin/ 0
0

OPTIONS
H2 200 current
api.development.prizepicks.io/api/v1/admin/ 0
0 214ms
97ms Preflight 2606:4700:20::ac43:4415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.development.prizepicks.io/api/v1/admin/current
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4415 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
access-control-expose-headers: Authorization, Etag
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 8be13cec6a254233-EWR
content-length: 0
date: Wed, 04 Sep 2024 21:57:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1YOXgCZ1X8G6Ub6%2Fny5w1R824j0j8MEDlzghKp%2BFXgwtIx0IGomt32uXyU84MfEPssGfGxTENSrAbcHDymryj6JCqAT5xI%2FcW5YGQDME1kAZfqjx0p%2B4xXbosMXnkZpHATgrea0JmvsZ9m4tR5lALktFUkM3QhZf0mmH"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style
accounts.google.com/gsi/ 533 B
609 B 102ms
101ms Stylesheet
text/css 2607:f8b0:4004:c21::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rFIGqylvITaEJuTY_ZAEOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 21:57:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-rFIGqylvITaEJuTY_ZAEOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 04 Sep 2024 21:57:58 GMT

GET
H3 200 name-logo-B0MoE-dk.svg
pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/ 8 KB
4 KB 633ms
633ms Image
image/svg+xml 2606:4700:3037::6815:fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/name-logo-B0MoE-dk.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09cdcabb68d9d039a0bbb221489a93f596d6fe5778c0ee74bc94619f877a350c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 21:57:58 GMT
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains
last-modified: Wed, 04 Sep 2024 19:08:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
etag: W/"66d8b032-2033"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5F4bw0Kl6tuXKkPxpMz76RHUESAEpXevDvQLNgEI8m34DlWTDdZTFKtKIaBQdUrRWZWrR3EFcLVKJxe8ZGk5LCRtwgp6RDK2r9obDN3VrX2KUGG7POpYITPLhrJe2TVLpmAjoUTlpvT27fTMu79G%2BU5iBlkxXqSCOCgxzV7E8rackg7ZAa2jujft6hQwF%2FyLRMad3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400, proxy-revalidate
cf-ray: 8be13d02cd8c159f-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 04 Sep 2024 22:57:58 GMT

GET
H3 200 IndustryBook-CuBicWjI.ttf
pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/ 103 KB
48 KB 643ms
642ms Font
font/ttf 2606:4700:3037::6815:fcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/IndustryBook-CuBicWjI.ttf

Requested by

Host: pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
URL: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/index-BWlfgZGW.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:fcb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c950f75209672c6f74232c62eec0a6842d22a456d5c395984df05c22658492

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/assets/index-BWlfgZGW.css
Origin: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 04 Sep 2024 21:57:58 GMT
content-encoding: gzip
strict-transport-security: max-age=0; includeSubDomains
last-modified: Wed, 04 Sep 2024 19:08:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
server: cloudflare
etag: W/"66d8b032-19bf0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a283hEo2%2BwGiDKPYlij8cffbGGW1BlInKUg8hUOZ2QiWscZ1CHMYfeTiJ7jeMEWnRpiDm4th5dwqWKM%2BeKFCZkSWIhMlOnFrNeaxDHz4f8ktWqDklms9bllE8XR5kdtmlse64ocmtjttaA%2FrfnCQnk735sMOyI52FDwuFtHyxCsB0BsBdJ2nWXXM6S%2BNccVuMcoSxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: public, max-age=14400, proxy-revalidate
cf-ray: 8be13d02fdba159f-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 04 Sep 2024 22:57:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.development.prizepicks.io
URL: https://api.development.prizepicks.io/api/v1/admin/current

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	error	URL: https://pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io/ Message: Provider's accounts list is empty.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.development.prizepicks.io
auth.split.io
pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io
sdk.split.io
api.development.prizepicks.io
151.101.195.9
2606:4700:20::ac43:4415
2606:4700:3037::6815:fcb
2607:f8b0:4004:c21::54
44.197.221.236
0574ce1ab1b5bdd5c07fa2bfd54d71680c82f96af9cb13037013ee2c7031cc62
09cdcabb68d9d039a0bbb221489a93f596d6fe5778c0ee74bc94619f877a350c
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
34c950f75209672c6f74232c62eec0a6842d22a456d5c395984df05c22658492
7ae8ee17953e1f3786645e583f7dfedbd5eabf0fcaa13d81be868a35c498c038
a166301ce396bce7aef9d70f10317c90462dbd2765399adcd6684865f4800a03
aea089db05b89969655cc753bacbab47aadf75a84b8be415ef21357aad40877f
b9de7f17ced88c46822071fe0d0cec41765f03f54d03fe4107be79dc82b51a31
dfa37a8f1de3cbd0e759210a6bf1b36ca5a3ff5672236b3a4104e9559b105863

pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io Open in urlscan Pro 2606:4700:3037::6815:fcb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

60 %IPv6

3 Domains

5 Subdomains

6 IPs

1 Countries

569 kBTransfer

1902 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

pulse.backoffice-pr-618.us-east4.gcpdev.prizepicks.io Open in urlscan Pro
2606:4700:3037::6815:fcb Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

6
IPs

1
Countries

569 kB
Transfer

1902 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions