urlscan.io logo urlscan.io
SecurityTrails logo

pulse.rails-api-pr-3971.devx.prize.dev Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pulse.rails-api-pr-3971.devx.prize.dev/
Effective URL: https://pulse.rails-api-pr-3971.devx.prize.dev/
Submission: On November 15 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is pulse.rails-api-pr-3971.devx.prize.dev.
TLS certificate: Issued by WE1 on November 14th 2024. Valid for: 3 months.
This is the only time pulse.rails-api-pr-3971.devx.prize.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 188.114.97.3 13335 (CLOUDFLAR...)
2 2a00:1450:401... 15169 (GOOGLE)
4 151.101.67.9 ()
2 35.170.228.5 14618 (AMAZON-AES)
16 4
Apex Domain
Subdomains		 Transfer
8 prize.dev
pulse.rails-api-pr-3971.devx.prize.dev
api.rails-api-pr-3971.devx.prize.dev
584 KB
6 split.io
sdk.split.io — Cisco Umbrella Rank: 2962
auth.split.io — Cisco Umbrella Rank: 3602
16 KB
2 google.com
accounts.google.com — Cisco Umbrella Rank: 26
86 KB
16 3
Domain Requested by
6 pulse.rails-api-pr-3971.devx.prize.dev pulse.rails-api-pr-3971.devx.prize.dev
4 sdk.split.io pulse.rails-api-pr-3971.devx.prize.dev
2 api.rails-api-pr-3971.devx.prize.dev pulse.rails-api-pr-3971.devx.prize.dev
2 auth.split.io pulse.rails-api-pr-3971.devx.prize.dev
2 accounts.google.com pulse.rails-api-pr-3971.devx.prize.dev
accounts.google.com
16 5

This site contains no links.

Subject Issuer Validity Valid
pulse.rails-api-pr-3971.devx.prize.dev
WE1		 2024-11-14 -
2025-02-13		 3 months crt.sh
accounts.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.split.io
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
api.rails-api-pr-3971.devx.prize.dev
WE1		 2024-11-14 -
2025-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pulse.rails-api-pr-3971.devx.prize.dev/
Frame ID: 2C3D9DD6B50BD9195AD2C190DDB1563D
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PrizePicks Back Office

Page URL History Show full URLs

  1. http://pulse.rails-api-pr-3971.devx.prize.dev/ HTTP 307
    https://pulse.rails-api-pr-3971.devx.prize.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Page Statistics

16
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

687 kB
Transfer

2305 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pulse.rails-api-pr-3971.devx.prize.dev/ HTTP 307
    https://pulse.rails-api-pr-3971.devx.prize.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pulse.rails-api-pr-3971.devx.prize.dev/
Redirect Chain
  • http://pulse.rails-api-pr-3971.devx.prize.dev/
  • https://pulse.rails-api-pr-3971.devx.prize.dev/
1005 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pulse.rails-api-pr-3971.devx.prize.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d79cf946ed82a1d61c041cb5f86cf39f8ede7e53d63bda7bc178cbd0e39dbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e2b5a1fcc226563-AMS
content-encoding
zstd
content-type
text/html
date
Fri, 15 Nov 2024 01:08:46 GMT
last-modified
Fri, 15 Nov 2024 00:52:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1XvPZXlnC17HmGcVoffpNzL6cTIqX4HNOcyXzvUgUq6We2DJddMm6Vt3dah4oFmpLhkeT6q1yxUnSk5IcTdUtADy2JJ99i6OH7MT2AJ8AaYwfhAfaDjEvFBsnGeuhD5UHExL804Zz23glTdNT%2FKOQ%2FtUPxC%2BpC1T2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=16776&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4255&recv_bytes=4551&delivery_rate=675&cwnd=12000&unsent_bytes=0&cid=8878909b47962ba2&ts=654&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://pulse.rails-api-pr-3971.devx.prize.dev/
Non-Authoritative-Reason
HSTS
index-Bo9ZAay2.js
pulse.rails-api-pr-3971.devx.prize.dev/assets/ 		2 MB
503 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pulse.rails-api-pr-3971.devx.prize.dev/assets/index-Bo9ZAay2.js
Requested by
Host: pulse.rails-api-pr-3971.devx.prize.dev
URL: https://pulse.rails-api-pr-3971.devx.prize.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
473910f06fca41d5313ce3a617d1574ffdf8fbc13f21bf95d955f3c8e8a215fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pulse.rails-api-pr-3971.devx.prize.dev
Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"6736989d-1a6635"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GRHrKJCv%2FgKjKGCsrZ25fORJd%2BWNSjnV4q8%2BPcD8pR1Pe59Hryf79cWhnK2LeReOHnQuHQpnATEqY76rVgYGeD%2BwAtAZJGd%2FgcNvn6uVBePDpFuoh0JkBqxxyJEAxiOpeCfYXtKg2CKKbaB1SvSpKnJ4mQdL7LYRLg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 02:08:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16562&sent=16&recv=14&lost=0&retrans=0&sent_bytes=5667&recv_bytes=5344&delivery_rate=92084&cwnd=12000&unsent_bytes=0&cid=8878909b47962ba2&ts=1169&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 15 Nov 2024 01:08:47 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 00:41:01 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=14400, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e2b5a225d8b6563-AMS
server
cloudflare
index-S7NvAAvn.css
pulse.rails-api-pr-3971.devx.prize.dev/assets/ 		112 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pulse.rails-api-pr-3971.devx.prize.dev/assets/index-S7NvAAvn.css
Requested by
Host: pulse.rails-api-pr-3971.devx.prize.dev
URL: https://pulse.rails-api-pr-3971.devx.prize.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a02953bb3a3834e6aeab6224c20b7abcce23c10b73be55e2908e4092672dcdec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pulse.rails-api-pr-3971.devx.prize.dev
Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
W/"6736989d-1c022"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wcpVWtD1BDicFksxdB%2BYINUs2iCAvjIBH%2BVRUBiK4hrLLdZGsUjqQfUK9EPbwsECY%2FXgtL8iaxfK7e7duKiUdCZ03GRkV0%2Fdyghtx3JzydyiZXkVW5RKYQu7b%2FkHC6vDPiSKGyU%2B48qiOulSR08MpY93jGet9XvXlg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 02:08:47 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16562&sent=26&recv=14&lost=0&retrans=0&sent_bytes=17667&recv_bytes=5344&delivery_rate=92084&cwnd=12000&unsent_bytes=0&cid=8878909b47962ba2&ts=1171&x=1", cfExtPri, cfHdrFlush;dur=13
date
Fri, 15 Nov 2024 01:08:47 GMT
content-type
text/css
last-modified
Fri, 15 Nov 2024 00:41:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=14400, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e2b5a225d8d6563-AMS
server
cloudflare
client
accounts.google.com/gsi/ 		226 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: pulse.rails-api-pr-3971.devx.prize.dev
URL: https://pulse.rails-api-pr-3971.devx.prize.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
944ef054582e61ff2ec8b5357cb7313d435e5fd88007de1a251c31d1fe59241f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-e-frx9G4aYYhMLkg5EBB0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-e-frx9G4aYYhMLkg5EBB0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control
private, max-age=1800
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options
nosniff
expires
Fri, 15 Nov 2024 01:08:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date
Fri, 15 Nov 2024 01:08:47 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
anon
sdk.split.io/api/mySegments/ 		17 B
422 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/anon
Requested by
Host: pulse.rails-api-pr-3971.devx.prize.dev
URL: https://pulse.rails-api-pr-3971.devx.prize.dev/assets/index-Bo9ZAay2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 San Francisco, United States, ASN (),
Reverse DNS
Software
/
Resource Hash
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Authorization
Bearer 401ggpe4c5ur5cd4kkhaoqgojp7ur0tqeul7
Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
SplitSDKVersion
react-1.12.0

Response headers

access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
content-encoding
gzip
etag
"1000002"
age
242006
x-cache
HIT, HIT
trace
cache-iad-kjyo7100069-IAD-8c4f8a18-63b9-4a93-a3f2-7537a2b0df4d; cache-ams21027-AMS-7dd50e18-4eac-4730-bb85-e08832275d8c
date
Fri, 15 Nov 2024 01:08:48 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kjyo7100069-IAD, cache-ams21071-AMS
x-cache-hits
336, 2
vary
Accept-Encoding, Origin, Authorization
strict-transport-security
max-age=15770000; includeSubdomains
cache-control
no-transform, max-age=60, s-maxage=60
x-timer
S1731632928.225187,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
41
splitChanges
sdk.split.io/api/ 		164 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?s=1.1&since=-1
Requested by
Host: pulse.rails-api-pr-3971.devx.prize.dev
URL: https://pulse.rails-api-pr-3971.devx.prize.dev/assets/index-Bo9ZAay2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 San Francisco, United States, ASN (),
Reverse DNS
Software
/
Resource Hash
2a1a960b61ab31f0b29b20c1148ac73cd806d4a31047ff4e801e686c841909e6
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Authorization
Bearer 401ggpe4c5ur5cd4kkhaoqgojp7ur0tqeul7
Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
SplitSDKVersion
react-1.12.0

Response headers

access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
content-encoding
gzip
etag
"1731613703881"
age
18835
x-cache
HIT, HIT
trace
cache-iad-kjyo7100099-IAD-f7dfa6f0-a9bb-44e8-ad25-c9e401f9c4c2; cache-ams2100146-AMS-8f26f643-4ab6-4a72-8cf5-565e7b06e208
date
Fri, 15 Nov 2024 01:08:48 GMT
content-type
application/json; charset=utf-8
last-modified
Thu, 14 Nov 2024 19:48:23 GMT
x-served-by
cache-iad-kjyo7100099-IAD, cache-ams21071-AMS
x-cache-hits
5, 0
vary
Accept-Encoding, Origin, Authorization
strict-transport-security
max-age=15770000; includeSubdomains
cache-control
no-transform, max-age=60, s-maxage=60
x-timer
S1731632928.225155,VS0,VE1
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
14701
auth
auth.split.io/api/v2/ 		679 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.split.io/api/v2/auth?s=1.1&users=anon
Requested by
Host: pulse.rails-api-pr-3971.devx.prize.dev
URL: https://pulse.rails-api-pr-3971.devx.prize.dev/assets/index-Bo9ZAay2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.228.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-228-5.compute-1.amazonaws.com
Software
/
Resource Hash
33847012e2fda12061ea61a008aaab2863e8041f90a625f70cb814d561a89c3f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15770000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Authorization
Bearer 401ggpe4c5ur5cd4kkhaoqgojp7ur0tqeul7
Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json
SplitSDKVersion
react-1.12.0

Response headers

x-frame-options
DENY
Strict-Transport-Security
max-age=15770000; includeSubDomains
content-security-policy
frame-ancestors 'self'
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, OPTIONS
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
Access-Control-Allow-Origin
https://pulse.rails-api-pr-3971.devx.prize.dev
Content-Length
679
Date
Fri, 15 Nov 2024 01:08:48 GMT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
anon
sdk.split.io/api/mySegments/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/anon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 San Francisco, United States, ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://pulse.rails-api-pr-3971.devx.prize.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://pulse.rails-api-pr-3971.devx.prize.dev
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Fri, 15 Nov 2024 01:08:48 GMT
retry-after
0
server
Varnish
strict-transport-security
max-age=15770000; includeSubdomains
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-ams21071-AMS
x-timer
S1731632928.205130,VS0,VE0
splitChanges
sdk.split.io/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?s=1.1&since=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 San Francisco, United States, ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://pulse.rails-api-pr-3971.devx.prize.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://pulse.rails-api-pr-3971.devx.prize.dev
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Fri, 15 Nov 2024 01:08:48 GMT
retry-after
0
server
Varnish
strict-transport-security
max-age=15770000; includeSubdomains
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-ams21071-AMS
x-timer
S1731632928.205146,VS0,VE0
auth
auth.split.io/api/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.split.io/api/v2/auth?s=1.1&users=anon
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.228.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-228-5.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15770000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://pulse.rails-api-pr-3971.devx.prize.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://pulse.rails-api-pr-3971.devx.prize.dev
Connection
keep-alive
Content-Length
4
Content-Type
application/json; charset=utf-8
Date
Fri, 15 Nov 2024 01:08:48 GMT
Strict-Transport-Security
max-age=15770000; includeSubDomains
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
master-only
pp-logo.png
pulse.rails-api-pr-3971.devx.prize.dev/ 		1005 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pulse.rails-api-pr-3971.devx.prize.dev/pp-logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d79cf946ed82a1d61c041cb5f86cf39f8ede7e53d63bda7bc178cbd0e39dbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/

Response headers

server
cloudflare
cache-control
max-age=14400, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fg7ZS97MWgIgpwVgHa%2BjnDJ%2BNqQwwPWGU5sxZMgYL425xMlST5gsOjcDU4dX7JBbT2vYxWzGNmo92rIt4UPdAoorri3ejPETs7eVa2A2fs38gxPjtjzgAOHy0KF09fvWE67SNhrPrqHK2RJCW%2F4mldXYiZu48tMAIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e2b5a2949ba6563-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30416&sent=483&recv=101&lost=0&retrans=0&sent_bytes=557701&recv_bytes=9543&delivery_rate=6694992&cwnd=139200&unsent_bytes=0&cid=8878909b47962ba2&ts=2180&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 15 Nov 2024 01:08:48 GMT
content-type
text/html
last-modified
Fri, 15 Nov 2024 00:52:40 GMT
vary
Accept-Encoding
priority
u=1,i
current
api.rails-api-pr-3971.devx.prize.dev/api/v1/admin/ 		24 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rails-api-pr-3971.devx.prize.dev/api/v1/admin/current
Requested by
Host: pulse.rails-api-pr-3971.devx.prize.dev
URL: https://pulse.rails-api-pr-3971.devx.prize.dev/assets/index-Bo9ZAay2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce2b8875e39d23cd3204a7235e6beb63814407150a753dca40c3d94a2cb3904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json; charset=UTF-8

Response headers

access-control-max-age
86400
x-request-id
4a21c625-1daa-4ab8-8909-128b86f9d5f3
access-control-expose-headers
Authorization, Etag
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DzJQpiUTqQxCV3RSiWwjvAUqeR4z1tXtzeOajzIRYfMv1NR5xIfExb8FtbCMLkKUFFvlrkJneUwPwJ5hL6EIm4a3DCn8yOTSeBVw4zfxwe2Qvwe%2FJm7qawaTEFbzhXi7gMr5WMaGKB4Qiwip3fkx3flSC9JdIk4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15185&sent=10&recv=9&lost=0&retrans=0&sent_bytes=2190&recv_bytes=4287&delivery_rate=670&cwnd=12000&unsent_bytes=0&cid=3a04cd2d695bf5f3&ts=252&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 15 Nov 2024 01:08:48 GMT
content-type
application/json; charset=utf-8
vary
origin
x-runtime
0.009103
priority
u=1,i
x-frame-options
SAMEORIGIN
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8e2b5a2be83c5c4b-AMS
access-control-allow-origin
https://pulse.rails-api-pr-3971.devx.prize.dev
content-length
24
x-xss-protection
0
server
cloudflare
current
api.rails-api-pr-3971.devx.prize.dev/api/v1/admin/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.rails-api-pr-3971.devx.prize.dev/api/v1/admin/current
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pulse.rails-api-pr-3971.devx.prize.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin
https://pulse.rails-api-pr-3971.devx.prize.dev
access-control-expose-headers
Authorization, Etag
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e2b5a2a5be96564-AMS
content-length
0
date
Fri, 15 Nov 2024 01:08:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAgXhgdn2rkpqQlHz%2FtMbPCWiUI1Pvt5xxcV8NInHfqBG9ueO4q4uCSNMwoNWVRCVbUn7j2AhU87BSrA6JH0pHMLRxE5gfxnt%2Fz7gcdM%2BfaudZ9smA6P3m3UN0HaCvmjCzC00ncl29DK46ZxakFE24%2FrFApjh9g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=17308&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4160&recv_bytes=4476&delivery_rate=664&cwnd=12000&unsent_bytes=0&cid=1c496864b30d268d&ts=246&x=1" cfExtPri cfHdrFlush;dur=0
style
accounts.google.com/gsi/ 		533 B
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LKodFNEd4ZBFkaDuRnb2kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/

Response headers

content-security-policy
script-src 'report-sample' 'nonce-LKodFNEd4ZBFkaDuRnb2kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control
private, max-age=86400
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options
nosniff
expires
Fri, 15 Nov 2024 01:08:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date
Fri, 15 Nov 2024 01:08:48 GMT
x-xss-protection
0
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
name-logo-B0MoE-dk.svg
pulse.rails-api-pr-3971.devx.prize.dev/assets/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pulse.rails-api-pr-3971.devx.prize.dev/assets/name-logo-B0MoE-dk.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09cdcabb68d9d039a0bbb221489a93f596d6fe5778c0ee74bc94619f877a350c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
W/"6736989d-2033"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DegUns5F%2Ffmf4b%2F5KRaRDbp21VosLAC92BFw%2FRSG3TEQs%2FSC20xygXv%2FoKonDmJmMl6uLSH%2FdWeHr7D0YUT7tCIMc%2Fd8%2B2f8cu16%2FCQNbVldyDhIsiYTd2ryTyx0ne95Pd6%2B0NtQtJJcwzBu1t4WQ6w0n7SeLZ%2BXOw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 02:08:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28581&sent=487&recv=104&lost=0&retrans=0&sent_bytes=559114&recv_bytes=10524&delivery_rate=5556&cwnd=139200&unsent_bytes=0&cid=8878909b47962ba2&ts=2865&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 15 Nov 2024 01:08:49 GMT
content-type
image/svg+xml
last-modified
Fri, 15 Nov 2024 00:41:01 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=14400, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e2b5a2d9c046563-AMS
server
cloudflare
IndustryBook-CuBicWjI.ttf
pulse.rails-api-pr-3971.devx.prize.dev/assets/ 		103 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pulse.rails-api-pr-3971.devx.prize.dev/assets/IndustryBook-CuBicWjI.ttf
Requested by
Host: pulse.rails-api-pr-3971.devx.prize.dev
URL: https://pulse.rails-api-pr-3971.devx.prize.dev/assets/index-S7NvAAvn.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c950f75209672c6f74232c62eec0a6842d22a456d5c395984df05c22658492

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://pulse.rails-api-pr-3971.devx.prize.dev
Referer
https://pulse.rails-api-pr-3971.devx.prize.dev/assets/index-S7NvAAvn.css

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
W/"6736989d-19bf0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HuUlegrr3ud%2BfE9pwczG4lvGvoAnHzeR%2F7Agz3FavV3S%2F2WAifX2FDIpIPBqj6Azl1NNGPDNIT04gcuY9FIGyDpl30oaE1Yy6%2B6Ngy4pLGPvYB4Nk3aOMicW5NyeHkNJ7DXcCIpC%2BbqvJZMN49wVu2kqQio1ua1Rvg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 02:08:49 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28581&sent=493&recv=104&lost=0&retrans=1&sent_bytes=564627&recv_bytes=10524&delivery_rate=5556&cwnd=139200&unsent_bytes=0&cid=8878909b47962ba2&ts=3009&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 15 Nov 2024 01:08:49 GMT
content-type
font/ttf
last-modified
Fri, 15 Nov 2024 00:41:01 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=14400, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e2b5a2dbc146563-AMS
server
cloudflare

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| default_gsi object| _F_toggles object| google object| backoffice string| __reactRouterVersion object| L object| closure_lm_232271 object| __G_ID_CLIENT__

2 Cookies

Domain/Path Name / Value
.prize.dev/ Name: CSRF-TOKEN
Value: w8kYHWw0cy_Jojxxp-gpIj6yaERJc6PurRGlWV6VsjwSdxVYOtCgNyEc5sJS0vEbf2u9DRknhSGcTQ-MF6sE2A
api.rails-api-pr-3971.devx.prize.dev/ Name: _prizepicks_session
Value: YlqJD1gdT0jnL8Lunmz%2B%2FPzMErV1Bx1kEsdG34H89n8%2F6SiuDHc9cQ9z%2FBHNM86lrwn9IboTihF5VsuJrrr5DOj41Wi6RBW2acPmOCvBRIweY3bx56QT06GXjG%2F33%2FQeJ%2Fs9tNRdb38TVDiDbgtShsJnTn29ldW6KD%2BwOZryj9jiC%2BZ%2BhZkalHGgC4du3DfJXZJqbbFgqLE9nWvU0ggiiKfsYjPUwKUddCbtv%2BQ1Qx%2BTUo%2FgI%2FxlYGII3QTa38w8TX8AU21v%2Buq%2Ff8hPO2S6ExV3HSpzaPiO8E35KX5G8u4zvlEILMpumGE7OVA6zlsO9Q%3D%3D--oj4PM3oxYNUMsMvO--dUHCilXho6gwvoeRhxdKqw%3D%3D

3 Console Messages

Source Level URL
Text
network error URL: https://api.rails-api-pr-3971.devx.prize.dev/api/v1/admin/current
Message:
Failed to load resource: the server responded with a status of 401 ()
recommendation verbose URL: https://pulse.rails-api-pr-3971.devx.prize.dev/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other error URL: https://pulse.rails-api-pr-3971.devx.prize.dev/
Message:
Provider's accounts list is empty.