pulse.rails-api-pr-3591.devx.prize.dev Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pulse.rails-api-pr-3591.devx.prize.dev/
Submission: On September 20 via api (September 20th 2024, 3:29:13 pm UTC) from US — Scanned from NL

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is pulse.rails-api-pr-3591.devx.prize.dev.
TLS certificate: Issued by WE1 on September 19th 2024. Valid for: 3 months.

This is the only time pulse.rails-api-pr-3591.devx.prize.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:401... 2a00:1450:4013:c18::54	15169 (GOOGLE) (GOOGLE)
4	151.101.131.9 151.101.131.9	54113 (FASTLY) (FASTLY)
2	35.170.228.5 35.170.228.5	14618 (AMAZON-AES) (AMAZON-AES)
17	4

9 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

pulse.rails-api-pr-3591.devx.prize.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.rails-api-pr-3591.devx.prize.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4013:c18::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.131.9 (San Francisco, United States)

ASN54113 (FASTLY, US)

sdk.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.228.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-228-5.compute-1.amazonaws.com

auth.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	prize.dev pulse.rails-api-pr-3591.devx.prize.dev api.rails-api-pr-3591.devx.prize.dev	488 KB
6	split.io sdk.split.io — Cisco Umbrella Rank: 2558 auth.split.io — Cisco Umbrella Rank: 2951	15 KB
2	google.com accounts.google.com — Cisco Umbrella Rank: 16	87 KB
17	3

	Domain	Requested by
7	pulse.rails-api-pr-3591.devx.prize.dev	pulse.rails-api-pr-3591.devx.prize.dev
4	sdk.split.io	pulse.rails-api-pr-3591.devx.prize.dev
2	api.rails-api-pr-3591.devx.prize.dev	pulse.rails-api-pr-3591.devx.prize.dev
2	auth.split.io	pulse.rails-api-pr-3591.devx.prize.dev
2	accounts.google.com	pulse.rails-api-pr-3591.devx.prize.dev accounts.google.com
17	5

This site contains no links.

Subject Issuer	Validity	Valid
pulse.rails-api-pr-3591.devx.prize.dev WE1	`2024-09-19` - `2024-12-18`	3 months	crt.sh
accounts.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.split.io GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
api.rails-api-pr-3591.devx.prize.dev WE1	`2024-09-19` - `2024-12-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pulse.rails-api-pr-3591.devx.prize.dev/
Frame ID: B729F8508506167424AE38FCC50D00BA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PrizePicks Back Office

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Page Statistics

17
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

591 kB
Transfer

1969 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
pulse.rails-api-pr-3591.devx.prize.dev/ 1005 B
1 KB 458ms
296ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.rails-api-pr-3591.devx.prize.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f73578c676b755d32a4fe1afc424db3d73bc745e48fadbe403f3b6175a251d08

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8c62d9302c4490fe-FRA
content-encoding: br
content-type: text/html
date: Fri, 20 Sep 2024 15:28:59 GMT
last-modified: Fri, 20 Sep 2024 06:40:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FF%2BHPB%2BIglYVtBHPfdTWAD3SKNvNwSD%2F2eR5%2F7mFQ8cdVqsrNr1FH%2FcpqTbDEjaYv%2FeCDUdJ0zINVtSBLiPoJNRrWOkcg2udNvzM3x7O2vYtSgLNGnhPWWK3JTE5GiGLijy920bW8%2BYI4sL6rUixkIhW3keUbJLLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding

GET
H3 200 speculation
pulse.rails-api-pr-3591.devx.prize.dev/cdn-cgi/ 128 B
584 B 100ms
100ms Other
application/speculationrules+json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.rails-api-pr-3591.devx.prize.dev/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pulse.rails-api-pr-3591.devx.prize.dev
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wj%2FtAtG1VckJIKHRnrljZtdY3fc7GKuPunvLz5z05ml30CID89yeMiKmjRKR6Mlum1cOQazB7Jo%2BLUFTGKipFhZxsAwwXbq8L5k4%2B0hGpyiutn7jOBX9WiEv5M6FpdKpnGP1vl4UA6Z9ewdKlG3mL1%2B0PSwyMjt9Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c62d9323e8e90fe-FRA
access-control-allow-origin: https://pulse.rails-api-pr-3591.devx.prize.dev
content-length: 128
date: Fri, 20 Sep 2024 15:28:59 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 index-CQzNUaI-.js Show response
pulse.rails-api-pr-3591.devx.prize.dev/assets/ 1 MB
416 KB 526ms
526ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.rails-api-pr-3591.devx.prize.dev/assets/index-CQzNUaI-.js
Requested by: Host: pulse.rails-api-pr-3591.devx.prize.dev
URL: https://pulse.rails-api-pr-3591.devx.prize.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3c2a5431594a2da62ea016ad7db96447749562c8acf6a1f8c92a88d5071fb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pulse.rails-api-pr-3591.devx.prize.dev
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/

Response headers

cache-control: public, max-age=14400, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66ec41e5-15c4a9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2Z%2Bucq8gG5f5dYHSHzdOsyFMXLYalCmJyrZj2%2BnsMNVt4yvhRldd7%2B7hx2XIEzFNCDpd9EMWsBN4VfKCSivbpxz0MQepke3umvWLMGJXXVe30uHjWqiyXBb0hgwk5PG3qgDyPkcoydwsVN5sJ%2FljnZv2d8%2BxUzE5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c62d9323e9090fe-FRA
expires: Fri, 20 Sep 2024 16:28:59 GMT
date: Fri, 20 Sep 2024 15:28:59 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:23:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 index-CszV9eRB.css
pulse.rails-api-pr-3591.devx.prize.dev/assets/ 92 KB
16 KB 498ms
498ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.rails-api-pr-3591.devx.prize.dev/assets/index-CszV9eRB.css
Requested by: Host: pulse.rails-api-pr-3591.devx.prize.dev
URL: https://pulse.rails-api-pr-3591.devx.prize.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a528aad288e03c91739da871d9ecfa3d7df587d51ea8efc10e718cab7aa76422

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pulse.rails-api-pr-3591.devx.prize.dev
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/

Response headers

cache-control: public, max-age=14400, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66ec41e5-16eca"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MmTiIUUal%2FsYu8fizOHN89Zux7j36yWMe8BAubNXnNEhXVA%2FS%2BFcOlcd7k5I%2BvdVhcN3QHyNHuHzRURfIn6ukFje1SENMJj%2BP4sZQQlO8i%2FDkRO8Kx%2BI4IybAa0uaBRaNLr1CJ95LqYVL7BgSiEtVpyB4rWowz6sww%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c62d9323e9290fe-FRA
expires: Fri, 20 Sep 2024 16:28:59 GMT
date: Fri, 20 Sep 2024 15:28:59 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 15:23:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 client Show response
accounts.google.com/gsi/ 227 KB
87 KB 235ms
70ms Script
application/javascript 2a00:1450:4013:c18::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: pulse.rails-api-pr-3591.devx.prize.dev
URL: https://pulse.rails-api-pr-3591.devx.prize.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c18::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66e1f93ae1583122915b1d0f34e48cdf0a507ada72215db1999c9e1abf0b5115

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0FygUchfHaEiqD37UThgEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/

Response headers

content-security-policy: script-src 'report-sample' 'nonce-0FygUchfHaEiqD37UThgEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 15:28:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Fri, 20 Sep 2024 15:28:59 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 anon Show response
sdk.split.io/api/mySegments/ 17 B
246 B 132ms
131ms Fetch
application/json 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anon

Requested by

Host: pulse.rails-api-pr-3591.devx.prize.dev
URL: https://pulse.rails-api-pr-3591.devx.prize.dev/assets/index-CQzNUaI-.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Authorization: Bearer 401ggpe4c5ur5cd4kkhaoqgojp7ur0tqeul7
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
SplitSDKVersion: react-1.12.0

Response headers

access-control-expose-headers: Access-Control-Allow-Origin,X-Request-Id
content-encoding: gzip
etag: "1000002"
age: 5876
x-cache: HIT, HIT
trace: cache-iad-kjyo7100069-IAD-d54d828f-1051-4cef-90f8-af720506846c; cache-mad2200118-MAD-87c4b15f-0b04-4528-a252-cd23e4ef708a
date: Fri, 20 Sep 2024 15:29:01 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-iad-kjyo7100069-IAD, cache-mad2200111-MAD
x-cache-hits: 72, 0
vary: Accept-Encoding, Origin, Authorization
strict-transport-security: max-age=15770000; includeSubdomains
cache-control: no-transform, max-age=60, s-maxage=60
x-timer: S1726846141.135725,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 143 KB
14 KB 130ms
129ms Fetch
application/json 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?s=1.1&since=-1

Requested by

Host: pulse.rails-api-pr-3591.devx.prize.dev
URL: https://pulse.rails-api-pr-3591.devx.prize.dev/assets/index-CQzNUaI-.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fcf6a660a22c0a5a02f50d2015519502a5766412f58b6c8445f03e8afcbc1b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Authorization: Bearer 401ggpe4c5ur5cd4kkhaoqgojp7ur0tqeul7
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
SplitSDKVersion: react-1.12.0

Response headers

access-control-expose-headers: Access-Control-Allow-Origin,X-Request-Id
content-encoding: gzip
etag: "1726789703388"
age: 55584
x-cache: HIT, HIT
trace: cache-iad-kjyo7100099-IAD-cb584ae1-9724-4e1c-9067-009e349ec188; cache-mad2200085-MAD-50cb9a48-0d9f-42b0-9829-4d8530a6a018
date: Fri, 20 Sep 2024 15:29:01 GMT
content-type: application/json; charset=utf-8
last-modified: Thu, 19 Sep 2024 23:48:23 GMT
x-served-by: cache-iad-kjyo7100099-IAD, cache-mad2200111-MAD
x-cache-hits: 14, 0
vary: Accept-Encoding, Origin, Authorization
strict-transport-security: max-age=15770000; includeSubdomains
cache-control: no-transform, max-age=60, s-maxage=60
x-timer: S1726846141.135681,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13430

GET
H/1.1 200
OK auth Show response
auth.split.io/api/v2/ 679 B
1 KB 141ms
136ms Fetch
application/json 35.170.228.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/v2/auth?s=1.1&users=anon

Requested by

Host: pulse.rails-api-pr-3591.devx.prize.dev
URL: https://pulse.rails-api-pr-3591.devx.prize.dev/assets/index-CQzNUaI-.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.228.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-228-5.compute-1.amazonaws.com

Software

Resource Hash

039dcd25bc71370e3c6b7e96ee2865b7b5fb051adcf990d73370da5ceed775df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15770000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Authorization: Bearer 401ggpe4c5ur5cd4kkhaoqgojp7ur0tqeul7
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json
SplitSDKVersion: react-1.12.0

Response headers

x-frame-options: DENY
Strict-Transport-Security: max-age=15770000; includeSubDomains
content-security-policy: frame-ancestors 'self'
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
Access-Control-Allow-Origin: https://pulse.rails-api-pr-3591.devx.prize.dev
Content-Length: 679
Date: Fri, 20 Sep 2024 15:29:01 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion

OPTIONS
H2 200 anon
sdk.split.io/api/mySegments/ 0
0 561ms
123ms Preflight 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anon

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://pulse.rails-api-pr-3591.devx.prize.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://pulse.rails-api-pr-3591.devx.prize.dev
access-control-max-age: 7200
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length: 37
date: Fri, 20 Sep 2024 15:29:01 GMT
retry-after: 0
server: Varnish
strict-transport-security: max-age=15770000; includeSubdomains
vary: Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-mad2200111-MAD
x-timer: S1726846141.009905,VS0,VE0

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ 0
0 553ms
123ms Preflight 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?s=1.1&since=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.9 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://pulse.rails-api-pr-3591.devx.prize.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://pulse.rails-api-pr-3591.devx.prize.dev
access-control-max-age: 7200
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length: 37
date: Fri, 20 Sep 2024 15:29:01 GMT
retry-after: 0
server: Varnish
strict-transport-security: max-age=15770000; includeSubdomains
vary: Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-mad2200111-MAD
x-timer: S1726846141.010003,VS0,VE0

OPTIONS
H/1.1 200
OK auth
auth.split.io/api/v2/ 0
0 806ms
169ms Preflight
application/json 35.170.228.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/v2/auth?s=1.1&users=anon

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.170.228.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-170-228-5.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15770000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://pulse.rails-api-pr-3591.devx.prize.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://pulse.rails-api-pr-3591.devx.prize.dev
Connection: keep-alive
Content-Length: 4
Content-Type: application/json; charset=utf-8
Date: Fri, 20 Sep 2024 15:29:01 GMT
Strict-Transport-Security: max-age=15770000; includeSubDomains
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
x-frame-options: DENY
x-permitted-cross-domain-policies: master-only

GET
H3 200 pp-logo.png
pulse.rails-api-pr-3591.devx.prize.dev/ 1005 B
1 KB 363ms
351ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.rails-api-pr-3591.devx.prize.dev/pp-logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f73578c676b755d32a4fe1afc424db3d73bc745e48fadbe403f3b6175a251d08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/

Response headers

cache-control: max-age=14400, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
speculation-rules: "/cdn-cgi/speculation"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVvOSVZUA9tZyfbvZvvcSVfCQa8Fn0Ws5wj1bZzc5Dg97SPHFmWfDjsDhY0yJ8jXE%2Bqr9Ikh9LBCHI5dlJ9t%2FBBCXqvwcPF9qdpzdEAwuktgysQtPFu4ateRYSoAwTWmnaPpYiCOhkWIjHLzvEPwGxdff%2FrtKlR9kw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c62d93d293890fe-FRA
date: Fri, 20 Sep 2024 15:29:01 GMT
content-type: text/html
last-modified: Fri, 20 Sep 2024 06:40:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 401 current Show response
api.rails-api-pr-3591.devx.prize.dev/api/v1/admin/ 24 B
1 KB 478ms
360ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rails-api-pr-3591.devx.prize.dev/api/v1/admin/current

Requested by

Host: pulse.rails-api-pr-3591.devx.prize.dev
URL: https://pulse.rails-api-pr-3591.devx.prize.dev/assets/index-CQzNUaI-.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce2b8875e39d23cd3204a7235e6beb63814407150a753dca40c3d94a2cb3904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
content-type: application/json; charset=UTF-8

Response headers

access-control-max-age: 86400
x-request-id: 15adcab4-636d-4fe1-a7b8-03524b1f6d8a
access-control-expose-headers: Authorization, Etag
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53l7bCgkwu8xujFs8q2TmrDs7%2Bdfkx7vVTf5aILzkyxEFbTYXizqPKuErqoXGGsamkied1pjbn3iq8Mm9wQfQayHEWT%2BvMWV6K66omQPBcaK5hyoaXZq15alBUwNR1bbzkM2crYChd2Lx3YUqyoueuJt9iFyHx0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 15:29:02 GMT
content-type: application/json; charset=utf-8
vary: origin
x-runtime: 0.035416
x-frame-options: SAMEORIGIN
cache-control: no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8c62d9448cfe1c22-FRA
access-control-allow-origin: https://pulse.rails-api-pr-3591.devx.prize.dev
content-length: 24
x-xss-protection: 0
server: cloudflare

OPTIONS
H3 200 current
api.rails-api-pr-3591.devx.prize.dev/api/v1/admin/ 0
0 449ms
326ms Preflight 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rails-api-pr-3591.devx.prize.dev/api/v1/admin/current
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://pulse.rails-api-pr-3591.devx.prize.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
access-control-allow-origin: https://pulse.rails-api-pr-3591.devx.prize.dev
access-control-expose-headers: Authorization, Etag
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 8c62d941bfb62c1a-FRA
content-length: 0
date: Fri, 20 Sep 2024 15:29:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORKS60A9E1YY%2FdU5%2FF%2B2Q3Hp95XgYOFBWq9O3AtjGK1QpyGiKQeIwUxsjRc%2FkpFXJXr1%2FTJNdQlPCF%2Bh5vWja15Dkmaddhq9c0667FSatqb4osIo5KgFBRK5HrHPgVL2hM6HGF7tVhIdgE%2F9oi%2BsseQi%2FWFhOOA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style
accounts.google.com/gsi/ 533 B
610 B 263ms
261ms Stylesheet
text/css 2a00:1450:4013:c18::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c18::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-TGTUbrGBYiwhXeADI5yvMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-TGTUbrGBYiwhXeADI5yvMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=86400
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 15:29:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Fri, 20 Sep 2024 15:29:02 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 name-logo-B0MoE-dk.svg
pulse.rails-api-pr-3591.devx.prize.dev/assets/ 8 KB
4 KB 290ms
288ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pulse.rails-api-pr-3591.devx.prize.dev/assets/name-logo-B0MoE-dk.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09cdcabb68d9d039a0bbb221489a93f596d6fe5778c0ee74bc94619f877a350c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/

Response headers

cache-control: public, max-age=14400, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66ec41e5-2033"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TW5kK%2FJ3fT1LTc%2FVP8VigLuy%2FLpxtCOaduepcB%2FAkWfd0sETOC7kEL9tkPgGlwx2V%2FZI0DcqfWCEH8js2j7wc5IbusiDwlbOwE%2BlvLhPJ1Rp%2Fj1u3NuHTbbU5rZ2%2BEF2rY6uyQfRIzIB5C0%2BLXWaYssEVmdj7acc6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c62d9471a5b90fe-FRA
expires: Fri, 20 Sep 2024 16:29:02 GMT
date: Fri, 20 Sep 2024 15:29:02 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2024 15:23:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 IndustryBook-CuBicWjI.ttf
pulse.rails-api-pr-3591.devx.prize.dev/assets/ 103 KB
48 KB 552ms
551ms Font
font/ttf 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pulse.rails-api-pr-3591.devx.prize.dev/assets/IndustryBook-CuBicWjI.ttf
Requested by: Host: pulse.rails-api-pr-3591.devx.prize.dev
URL: https://pulse.rails-api-pr-3591.devx.prize.dev/assets/index-CszV9eRB.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34c950f75209672c6f74232c62eec0a6842d22a456d5c395984df05c22658492

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://pulse.rails-api-pr-3591.devx.prize.dev
Referer: https://pulse.rails-api-pr-3591.devx.prize.dev/assets/index-CszV9eRB.css

Response headers

cache-control: public, max-age=14400, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66ec41e5-19bf0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UMp69cuqEvsI3JRWlZy249cbiLCCLEbCexpYEWKMoTTPbU4dduCu9uf1IrC7OJS13ZOXpPIVTYEpNMbSGayvEa15%2F5jdkKtXrJzueGZLVKuJbdyYs6v76dasHyuGxv56luf5nylS5%2FXY%2FDceNx0MuRIUPcYwpzzcAA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c62d9476a9190fe-FRA
expires: Fri, 20 Sep 2024 16:29:02 GMT
date: Fri, 20 Sep 2024 15:29:03 GMT
content-type: font/ttf
last-modified: Thu, 19 Sep 2024 15:23:17 GMT
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.prize.dev/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: JeGiW6tD2BgMfaXS81fjBX5RiOl7Zr8PddVT_srUzSl140l_bCQPcPD0Tg_WDTOSi_FicoI7ySrDKzD4HMqRTQ
			api.rails-api-pr-3591.devx.prize.dev/	1970-01-20 23:50:50	Name: _prizepicks_session Value: weIckLUibS1AeMaulXoXUKlXv8p0FhmiS%2Bppjhk05J5jRkO9KiZH%2FSoZ75MbHkPYInPXAx46Qs5w1CQ%2BVlI3wSfFMclzlSgZ17lMtIHFI5vxOJyaz%2FISBSbRg7Sj2bNyM8Zm%2FlPq7OHs%2FUxUUM0MBbl2yu%2BsHeaRFzdbE7fgp6SzruKdFrhkmmArPG7HPOvgcVoQTlTNpuYDao1vgJXlVxnkqQbUb%2FMft%2FthgP7YoDuv%2B0zjgmbmhnzHFv%2BSD9oyUf0H1ItPgLbHS6L9edPyrQlzBgyrkx5lFADnK%2Fu%2BRdOciRjPcknk1oX0qKxIB86CGg%3D%3D--vyNpLI78HUTOomwR--IkMxl0ZmEuiDDSBK1vJbqQ%3D%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rails-api-pr-3591.devx.prize.dev/api/v1/admin/current Message: Failed to load resource: the server responded with a status of 401 ()
recommendation	verbose	URL: https://pulse.rails-api-pr-3591.devx.prize.dev/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	error	URL: https://pulse.rails-api-pr-3591.devx.prize.dev/ Message: Provider's accounts list is empty.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.rails-api-pr-3591.devx.prize.dev
auth.split.io
pulse.rails-api-pr-3591.devx.prize.dev
sdk.split.io
151.101.131.9
188.114.97.3
2a00:1450:4013:c18::54
35.170.228.5
039dcd25bc71370e3c6b7e96ee2865b7b5fb051adcf990d73370da5ceed775df
09cdcabb68d9d039a0bbb221489a93f596d6fe5778c0ee74bc94619f877a350c
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
34c950f75209672c6f74232c62eec0a6842d22a456d5c395984df05c22658492
66e1f93ae1583122915b1d0f34e48cdf0a507ada72215db1999c9e1abf0b5115
a528aad288e03c91739da871d9ecfa3d7df587d51ea8efc10e718cab7aa76422
dce2b8875e39d23cd3204a7235e6beb63814407150a753dca40c3d94a2cb3904
ee3c2a5431594a2da62ea016ad7db96447749562c8acf6a1f8c92a88d5071fb5
f73578c676b755d32a4fe1afc424db3d73bc745e48fadbe403f3b6175a251d08
fcf6a660a22c0a5a02f50d2015519502a5766412f58b6c8445f03e8afcbc1b7a

pulse.rails-api-pr-3591.devx.prize.dev Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

25 %IPv6

3 Domains

5 Subdomains

4 IPs

2 Countries

591 kBTransfer

1969 kBSize

2 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

3 Console Messages

Indicators

pulse.rails-api-pr-3591.devx.prize.dev Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

591 kB
Transfer

1969 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions