www.ballys.com Open in urlscan Pro
2606:4700:7::a29f:820b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ballys.com/
Effective URL:
https://www.ballys.com/home/default.aspx
Submission: On March 28 via api (March 28th 2024, 1:45:51 am UTC) from IN — Scanned from DE

Summary HTTP 53 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 53 HTTP transactions. The main IP is 2606:4700:7::a29f:820b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ballys.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2023. Valid for: a year.

This is the only time www.ballys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.159.129.11 162.159.129.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 16	2606:4700:7::... 2606:4700:7::a29f:820b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	143.204.98.63 143.204.98.63	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
1 1	2600:9000:249... 2600:9000:2491:2000:16:fecd:21c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1a0... 2400:52e0:1a00::1068:1	200325 (BUNNYCDN) (BUNNYCDN)
3	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:20:... 2606:4700:20::ac43:4771	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1 1	18.66.112.74 18.66.112.74	16509 (AMAZON-02) (AMAZON-02)
1 1	13.32.121.78 13.32.121.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:d5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	10

1 162.159.129.11 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ballys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:7::a29f:820b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ballys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

s29.q4cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-63.fra50.r.cloudfront.net

widgets.q4app.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:2000:16:fecd:21c0:21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d1azc1qln24ryf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::1068:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

cdn.icomoon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4771 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sidebar.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.74 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-74.fra56.r.cloudfront.net

login.q4inc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.78 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-78.fra60.r.cloudfront.net

auth.platform.q4inc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d5f (United States)

ASN13335 (CLOUDFLARENET, US)

sidebar.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	q4cdn.com s29.q4cdn.com — Cisco Umbrella Rank: 167598	4 MB
17	ballys.com 2 redirects ballys.com — Cisco Umbrella Rank: 169869 www.ballys.com	363 KB
3	bugherd.com 1 redirects www.bugherd.com — Cisco Umbrella Rank: 19809 sidebar.bugherd.com — Cisco Umbrella Rank: 20726	8 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	885 B
2	q4inc.com 2 redirects login.q4inc.com — Cisco Umbrella Rank: 48013 auth.platform.q4inc.com — Cisco Umbrella Rank: 52662	2 KB
2	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6410	426 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
1	gstatic.com www.gstatic.com	201 KB
1	icomoon.io cdn.icomoon.io — Cisco Umbrella Rank: 13447	11 KB
1	cloudfront.net 1 redirects d1azc1qln24ryf.cloudfront.net	318 B
1	q4app.com widgets.q4app.com — Cisco Umbrella Rank: 49600	20 KB
53	11

	Domain	Requested by
26	s29.q4cdn.com	www.ballys.com s29.q4cdn.com
16	www.ballys.com	1 redirects www.ballys.com
3	www.google.com	www.ballys.com www.gstatic.com
2	sidebar.bugherd.com	www.ballys.com www.bugherd.com
2	pro.ip-api.com	s29.q4cdn.com www.ballys.com
2	www.google-analytics.com	www.ballys.com www.google-analytics.com
1	auth.platform.q4inc.com	1 redirects
1	login.q4inc.com	1 redirects
1	www.gstatic.com	www.google.com
1	www.bugherd.com	1 redirects
1	cdn.icomoon.io	s29.q4cdn.com
1	d1azc1qln24ryf.cloudfront.net	1 redirects
1	widgets.q4app.com	www.ballys.com
1	ballys.com	1 redirects
53	14

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
s29.q4cdn.com
www.q4inc.com

Subject Issuer	Validity	Valid
www.ballys.com Cloudflare Inc ECC CA-3	`2023-06-17` - `2024-06-16`	a year	crt.sh
s29.q4cdn.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
widgets.q4app.com Amazon RSA 2048 M03	`2023-11-16` - `2024-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-21` - `2025-01-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
bugherd.com GTS CA 1P5	`2024-02-05` - `2024-05-05`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.ballys.com/home/default.aspx
Frame ID: 742EFDDFED2E738B7E340C82B2B97EA9
Requests: 49 HTTP requests in this frame

Frame: https://www.ballys.com/q4logincallback.aspx
Frame ID: AC077740C359765FA3B312947016F114
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W&co=aHR0cHM6Ly93d3cuYmFsbHlzLmNvbTo0NDM.&hl=de&v=moV1mTgQ6S91nuTnmll4Y9yf&size=invisible&cb=oe9axbiesou8
Frame ID: 360A423DD1083FFA945D5F3ACA8B8E68
Requests: 1 HTTP requests in this frame

Frame: https://sidebar.bugherd.com/sidebar/embed_html?apikey=ioaqqagwfnvvvmhyo77x5g
Frame ID: FEBAFE42FFEEA74AF6972993725971B1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=moV1mTgQ6S91nuTnmll4Y9yf&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W
Frame ID: 839733D5AB4551D3F2E9E0A701636DF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bally's Corporation - Home

Page URL History Show full URLs

http://ballys.com/ HTTP 307
https://ballys.com/ HTTP 301
https://www.ballys.com/ HTTP 301
https://www.ballys.com/home/default.aspx Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)
<input[^>]+name="__VIEWSTATE

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

53
Requests

96 %
HTTPS

57 %
IPv6

11
Domains

14
Subdomains

10
IPs

4
Countries

4237 kB
Transfer

6552 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/ballyscorporation/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Ballys-Corporation-102914878554521

Search URL Search Domain Scan URL

URL: https://twitter.com/BallysCorp

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ballyscorporation/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCu9ujFo_PPT28EJVfby2v7A

Search URL Search Domain Scan URL

URL: https://s29.q4cdn.com/580102441/files/doc_downloads/2023/05/modern-slavery-document.pdf
Title: Modern Slavery Statement

Search URL Search Domain Scan URL

URL: https://s29.q4cdn.com/580102441/files/doc_downloads/2022/08/VENDOR-LICENSING-REQUIREMENTS-BY-STATE__100_.pdf
Title: Vendor Licensing Requirements

Search URL Search Domain Scan URL

URL: https://www.q4inc.com/Powered-by-Q4/
Title: Powered By Q4 Inc. 5.119.0.1 (opens in new window)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ballys.com/ HTTP 307
https://ballys.com/ HTTP 301
https://www.ballys.com/ HTTP 301
https://www.ballys.com/home/default.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://d1azc1qln24ryf.cloudfront.net/50912/Q4ballys2022corp/q4-icons.woff2?91q097 HTTP 302
https://cdn.icomoon.io/50912/Q4ballys2022corp/q4-icons.woff2

Request Chain 40

https://www.bugherd.com/sidebarv2.js?apikey=ioaqqagwfnvvvmhyo77x5g HTTP 302
https://sidebar.bugherd.com/embed.js?apikey=ioaqqagwfnvvvmhyo77x5g

Request Chain 44

https://login.q4inc.com/authorize?client_id=gKrDY1E9BUSWfU7DGuW2CO4rjdskiNg7&scope=openid+profile+email&response_type=code&response_mode=query&nonce=thZKy9Gzk4QMBZoxIIqOpfXaPA&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwczovL3d3dy5iYWxseXMuY29tL3E0bG9naW5jYWxsYmFjay5hc3B4IiwiZXhwIjoxNzE2ODExOTU1LjAsImlhdCI6MTcxMTU1MjM1NS4wLCJpc3MiOiJRNC5XZWIuUHVibGljLlNpdGUiLCJhdWQiOiJ1cHN0cmVhbS5jZG4ud2ViLnByZC5xNGluYy5jb20ifQ.juK1a5_g4FpwuFiAAbxWxSTdyd_sC2pYsSdMid_udeY&redirect_uri=https%3a%2f%2fauth.platform.q4inc.com%2fauth%2fpublicAuthRedirect&prompt=none HTTP 302
https://auth.platform.q4inc.com/auth/publicAuthRedirect?error=login_required&error_description=Login%20required&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJyZXR1cm5VcmwiOiJodHRwczovL3d3dy5iYWxseXMuY29tL3E0bG9naW5jYWxsYmFjay5hc3B4IiwiZXhwIjoxNzE2ODExOTU1LjAsImlhdCI6MTcxMTU1MjM1NS4wLCJpc3MiOiJRNC5XZWIuUHVibGljLlNpdGUiLCJhdWQiOiJ1cHN0cmVhbS5jZG4ud2ViLnByZC5xNGluYy5jb20ifQ.juK1a5_g4FpwuFiAAbxWxSTdyd_sC2pYsSdMid_udeY HTTP 301
https://www.ballys.com/q4logincallback.aspx

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request default.aspx Show response
www.ballys.com/home/
Redirect Chain

http://ballys.com/
https://ballys.com/
https://www.ballys.com/
https://www.ballys.com/home/default.aspx

59 KB
18 KB

145ms
144ms

Document
text/html

2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8617e7901535082194507b2c6881ec869a88df5fc401e7d3937a6077cc3b59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status: HIT
cf-ray: 86b3f13c8983aca9-TXL
content-encoding: gzip
content-length: 18590
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 01:45:43 GMT
etag: 0872b80f0ee5f424ef4f13a3e3459e8b
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: public, max-age=120, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status: EXPIRED
cf-ray: 86b3f13a8f76aca9-TXL
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 01:45:43 GMT
location: /home/default.aspx
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 print.css
s29.q4cdn.com/580102441/files/css/ 3 KB
1 KB 193ms
89ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/css/print.css
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 1104af4ec5fd522b923898ae46be7a55bc7d62350d291b231400efb27e4de913

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:43 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 20:50:22 GMT
server: keycdn
x-amz-request-id: VNWSNDTZZDVSEXXN
x-edge-location: defr
etag: W/"9e71dfea1584fe67a0710304c0c70c40"
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: PniMkYk5YN/8jgfLlSPrzdqrZOqs1c5JmBjO54w0kLbxOZy9anGCztivp3ArQBJRqgU5W0Ga4Fg=
expires: Thu, 28 Mar 2024 02:45:43 GMT

GET
H2 200 global.css
s29.q4cdn.com/580102441/files/css/ 272 KB
51 KB 165ms
61ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: caf3e77cd2ce8de9cf23e8c124cf5e629759f15d40fb8eb3c869f4fdbad59fb0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:43 GMT
content-encoding: gzip
last-modified: Wed, 24 Jan 2024 19:57:24 GMT
server: keycdn
x-amz-request-id: C3H0VQAJB7HQ5TVD
x-edge-location: defr
etag: W/"9ab69c29fbbbf830d5b5b7e198cf5ae8"
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: djT7wYXvyoH0UkmUTowEAuW3mi3Mkbi5VlbAdFo9e4/UYvXKI23pni2E0lI0/vm2LoT4za6YWlY=
expires: Thu, 28 Mar 2024 02:45:43 GMT

GET
H2 200 client.css
s29.q4cdn.com/580102441/files/css/ 77 KB
18 KB 135ms
31ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/css/client.css?v=43091
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 1fdee77b1a99ab3c6f419317b64e4318eaf66d81b4644ea43304a04dc9979408

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:43 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2024 14:01:22 GMT
server: keycdn
x-amz-request-id: S7J26CF2C98P646V
x-edge-location: defr
etag: W/"93b6102faaf0a985e5196ed3010b8814"
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: BKDiAKkvYClGSmdiICEAm4hRDLPNYmFiDxmsntsERnY/e2wmh5BrfpWAdWfSz7mw5ezOSK8YUKQ=
expires: Thu, 28 Mar 2024 02:45:43 GMT

GET
H2 200 evergreen.1.0.0.min.css
www.ballys.com/css/evergreen/dist/default/ 332 KB
49 KB 233ms
233ms Stylesheet
text/css 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/css/evergreen/dist/default/evergreen.1.0.0.min.css

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f8557031eb7474446251dc183fc53b476ba5ba474099fae0628749f2465aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 50239
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Mar 2024 21:32:18 GMT
server: cloudflare
etag: 6738803d7cca6be206406818716b51c7
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f13d7a96aca9-TXL

GET
H2 200 GlobalBranding.ashx
www.ballys.com/ 173 KB
28 KB 191ms
191ms Stylesheet
text/css 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/GlobalBranding.ashx

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a89b2aaf657a12a30cf8a5b5f7c3e315a5b02d4e51d831f14701a72d9a92de1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
etag: 5b43178282af2fc0b5d9c5db630c92a6
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f13d7a99aca9-TXL
content-length: 28166
x-xss-protection: 1; mode=block

GET
H2 200 evergreen.core.1.0.0.min.js Show response
www.ballys.com/js/module/widgets/dist/dependencies/ 715 KB
199 KB 308ms
308ms Script
application/javascript 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/js/module/widgets/dist/dependencies/evergreen.core.1.0.0.min.js

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67d639044adffa71df6b9a0439597a614bf02fffd0095c55942bdee4382958bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 203606
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Mar 2024 21:32:20 GMT
server: cloudflare
etag: 9651862588b8dbf9a9f71c82427432b1
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f13d7a9aaca9-TXL

GET
H2 200 evergreen.app.1.0.0.min.js Show response
www.ballys.com/js/module/widgets/dist/dependencies/ 47 KB
11 KB 138ms
138ms Script
application/javascript 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/js/module/widgets/dist/dependencies/evergreen.app.1.0.0.min.js

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc7876402f7e92aa3b92bf4040c6f5da55f48155619af669873c31beaf70d313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 11547
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Mar 2024 21:32:20 GMT
server: cloudflare
etag: c7c502b6fcb846c8be52249bc5faec43
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f140ee1daca9-TXL

GET
H2 200 evergreen.q4Api.min.js Show response
www.ballys.com/js/module/widgets/dist/latest/ 20 KB
6 KB 138ms
137ms Script
application/javascript 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/js/module/widgets/dist/latest/evergreen.q4Api.min.js

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ee14b020ce1fd5ca96360187dd18df7941cfe1b527ea64880a69798914f4452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 5658
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Mar 2024 21:32:20 GMT
server: cloudflare
etag: 3fd12f1deb90b4c88eff5030d2cbb300
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f141df1eaca9-TXL

GET
H2 200 evergreen.q4Pager.min.js Show response
www.ballys.com/js/module/widgets/dist/latest/ 7 KB
2 KB 156ms
156ms Script
application/javascript 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/js/module/widgets/dist/latest/evergreen.q4Pager.min.js

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45829737ba1d0247ce8d9c5547d2b68c9885310da0fdab62203be03072359acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1882
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Mar 2024 21:32:20 GMT
server: cloudflare
etag: a80d80dc9a5646ed8b58c90906dffdbd
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f142b839aca9-TXL

GET
H2 200 evergreen.q4Slideshow.min.js Show response
www.ballys.com/js/module/widgets/dist/latest/ 3 KB
1 KB 149ms
149ms Script
application/javascript 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/js/module/widgets/dist/latest/evergreen.q4Slideshow.min.js

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

594624169452a84979e67230f9aeda2a00863776d7d134f743b76ba548a172ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1383
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Mar 2024 21:32:20 GMT
server: cloudflare
etag: ef1d55f1f7ece15ddbd3870276686e4a
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f143b952aca9-TXL

GET
H2 200 index.js Show response
www.ballys.com/js/typescript/dist/ 93 KB
30 KB 163ms
163ms Script
application/javascript 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/js/typescript/dist/index.js

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b22fdc3cdef62dcead438f5af7c63ba076f6ef5fa03eac664f5ae20f5c762fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 30875
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Mar 2024 21:32:20 GMT
server: cloudflare
etag: e65fe1921d581a736fa82f1b81bf6fa4
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f144aa26aca9-TXL

GET
H2 200 index.js Show response
www.ballys.com/js/typescript/dist/q4CookieConsent/ 7 KB
2 KB 151ms
151ms Script
application/javascript 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/js/typescript/dist/q4CookieConsent/index.js

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0e7d302aedad7adc3b609836bc8b288699000bcfba1c0736e26a653f924983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2418
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Mar 2024 21:32:20 GMT
server: cloudflare
etag: 2be086fb0ce8b6791d9ef6dc248add81
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f145bb58aca9-TXL

GET
H2 200 q4.core.1.1.8.min.js Show response
s29.q4cdn.com/580102441/files/js/ 577 KB
196 KB 32ms
32ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/js/q4.core.1.1.8.min.js
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 92ba185805d95a3f232a82db1ced426c1a19ff00e682329600aaec6a6a88d5d4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:44 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 20:52:14 GMT
server: keycdn
x-amz-request-id: YDC84ZF7VN2R55N5
x-edge-location: defr
etag: W/"08536a2bc9e22e3a836bbf5abe0fd01f"
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: Aw9zV56OtoQL/cMT5w2WlzKIpaolwy/03Lly42b9yE7ifFZdxOpI6drMbT/xAb+dr58N6awfZ8I=
expires: Thu, 28 Mar 2024 02:45:44 GMT

GET
H2 200 q4.app.1.1.8.min.js Show response
s29.q4cdn.com/580102441/files/js/ 40 KB
12 KB 29ms
29ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/js/q4.app.1.1.8.min.js
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 76de334924b6cff139b2c1c9fb0bcb18f1f4544b371d865da87cb10e29fdd2f0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:44 GMT
content-encoding: gzip
last-modified: Fri, 18 Mar 2022 20:52:13 GMT
server: keycdn
x-amz-request-id: RDN23705Z2E39V97
x-edge-location: defr
etag: W/"46d73f0ccd71d4fb6c9c0d89320135b6"
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: sdH4++cyyOdsG52yHW7nf19eeQ5b5qrCOSmKleqHnqsMkHrGu13ndRd/HVQgS4eG8ZQizN0h1GQ=
expires: Thu, 28 Mar 2024 02:45:44 GMT

GET
H2 200 q4.api.1.13.5.min.js Show response
widgets.q4app.com/widgets/ 19 KB
20 KB 135ms
32ms Script
application/javascript 143.204.98.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.q4app.com/widgets/q4.api.1.13.5.min.js
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-63.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c80b9c772236e0ce6671b8b44acf218404602df4bb28f0862e4338e364775d95

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:22:35 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jan 2022 00:06:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 1391
etag: "86b75f71eb36547a763d3271411abc6c"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 19787
x-amz-cf-id: y7ntchcYFK7kp56z7vQikuQ9j-i2sa7jyf71jYfrjgBiD9MfQzbp9A==

GET
H2 200 nav.js Show response
s29.q4cdn.com/580102441/files/js/ 76 KB
18 KB 30ms
30ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/js/nav.js
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: a3c5ba2348fe43201b82380b77dfa94f59a05c11b4832a9513a11ad663d0ba95

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
last-modified: Fri, 25 Mar 2022 15:47:28 GMT
server: keycdn
x-amz-request-id: XG1FA9RPNKBX1FB1
x-edge-location: defr
etag: W/"68d1e9d6b700c02d0ff61082f5d79b55"
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: GU7S/a+4NfVS83v2tDSlA0D8zd4NtJ5onnsOWMrz9ZBYMCns26JCmWUDssfoUMpa4Wgm/hs2OFg=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 nice-select.js Show response
s29.q4cdn.com/580102441/files/js/ 6 KB
2 KB 28ms
28ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/js/nice-select.js
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 1d9e733187b29f33e739098e7824af1a6c59bc929779183eff9c51c18c8164c5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 10:07:06 GMT
server: keycdn
x-amz-request-id: XG17PRC66HKYR8ER
x-edge-location: defr
etag: W/"d5996d5d1dde9f53ad5ce3e7ca62e1a9"
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: 7qFvaSZKhRRXpa4UW+JWdoeLHZmL1saYekSCk5ls+80CKdy+L2JLRAGV76ixFQWCVkESgHL50+k=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 q4.datepicker.1.0.0.min.js Show response
s29.q4cdn.com/580102441/files/js/ 13 KB
5 KB 29ms
28ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/js/q4.datepicker.1.0.0.min.js
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 0c734046f0192afc21d839b6724070a7ba436c1646286afd9b35d6ec268c336c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 13:30:10 GMT
server: keycdn
x-amz-request-id: XG16985JYQ4ZFEKK
x-edge-location: defr
etag: W/"d7e43da7b6bbb391a061b920883f391a"
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: mbdHDIqM4MiveOJ4P/OtgluxA4IuIKf2RKU9dahFmop5mACBUXUhd85R4M+skSdQYYgTLGW118U=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 146ms
46ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 27 Mar 2024 23:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7057
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 28 Mar 2024 01:48:08 GMT

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 58 B
213 B 132ms
40ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=6KddQSe576qrfNb&fields=isp,org
Requested by: Host: s29.q4cdn.com
URL: https://s29.q4cdn.com/580102441/files/js/q4.core.1.1.8.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: a06d1b68ff61f68a0b61ef1531f7e4c43b787d0956de9a65445fb2d2f6564cfa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 28 Mar 2024 01:45:45 GMT
Content-Length: 58
Content-Type: application/json; charset=utf-8

GET
H2 200 WebResource.axd Show response
www.ballys.com/ 23 KB
6 KB 155ms
154ms Script
application/x-javascript 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZDSH1oVlXKNmZSXd3zYZ2Gq6ERm6jivSb4ijerOGYkuGRtePZg2&t=638368898203105627

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 6007
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 03:23:40 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f1496f34aca9-TXL
expires: Thu, 13 Mar 2025 08:01:50 GMT

GET
H2 200 BallyThrill-W-Rg.woff2
s29.q4cdn.com/580102441/files/design/fonts/ 22 KB
22 KB 113ms
54ms Font
application/octet-stream 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/design/fonts/BallyThrill-W-Rg.woff2
Requested by: Host: s29.q4cdn.com
URL: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: efe3af706e55709699ff6edbb099b58baa3067ef663808905e56116781e1f146

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Origin: https://www.ballys.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Tue, 03 May 2022 08:01:40 GMT
server: keycdn
x-amz-request-id: EJ8VF5EKYDDQNB1R
x-edge-location: defr
etag: "8138a017e565e8dfe8385d8d3ebd3728"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 22492
x-amz-id-2: 5XxvG55IzfBjICNWdlAGxbFBLcF5com0lj71QsDdtWIMyNFror7CBx97AJn1J6+lXaLdfsnS6Mk=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 WebResource.axd Show response
www.ballys.com/ 26 KB
7 KB 150ms
150ms Script
application/x-javascript 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/WebResource.axd?d=x2nkrMJGXkMELz33nwnakMh5buNcZ-t3T4nCU0ZQt96Kk4JDhdv7pdb3Agzis1zDln1EUlimtVH-8O9nKu6Z_e6vBso1&t=638368898203105627

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 7228
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Nov 2023 03:23:40 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
cache-control: public, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f14a6848aca9-TXL
expires: Thu, 13 Mar 2025 08:01:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
208 B 53ms
53ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=620099073&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ballys.com%2Fhome%2Fdefault.aspx&dp=%2Fhome%2Fdefault.aspx&ul=en-us&de=UTF-8&dt=Bally%27s%20Corporation%20-%20Home&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YEBAAEABAAAAACAAI~&jid=1602956665&gjid=1249963875&cid=1822812376.1711590345&tid=UA-11111111-1&_gid=1210529472.1711590345&_r=1&_slc=1&z=2018213165

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Mar 2024 01:45:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ballys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo.svg
s29.q4cdn.com/580102441/files/design/ 5 KB
3 KB 28ms
28ms Image
image/svg+xml 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29.q4cdn.com/580102441/files/design/logo.svg
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: c82debd944f63b1448d4e8468b3d36ad7e03b1fd1d9ec67434ca32e831d9a457

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 14:13:08 GMT
server: keycdn
x-amz-request-id: SXBTC0YBV1GQ9KQ6
x-edge-location: defr
etag: W/"e8fb53fb45b416751475ff0451f39b11"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: 3eWt2Om/TpFchFCZgHv4Fi4QA8FqcFbrOJyk0uInjHeBcIghiD1D5taiDzKBYGFFUXZertvitG0=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 BallyThrill-W-Bd.woff2
s29.q4cdn.com/580102441/files/design/fonts/ 23 KB
23 KB 28ms
28ms Font
application/octet-stream 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/design/fonts/BallyThrill-W-Bd.woff2
Requested by: Host: s29.q4cdn.com
URL: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: b4ae9708dbe649d403050094f2baffc2cbba42239c047146835821cb28063228

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Origin: https://www.ballys.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Tue, 03 May 2022 08:01:01 GMT
server: keycdn
x-amz-request-id: EJ8P6DJB1DGXJYBX
x-edge-location: defr
etag: "6cb2b060e1586fd0759e8489c3ab6538"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 23580
x-amz-id-2: dsgK/AK2XAPZpkGQUu5n4WwyVxH6mwbQfMfA5xCQPumRJNI6Q0tnDwvM0obYp42SreLuz6jNyxU=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2

200

q4-icons.woff2
cdn.icomoon.io/50912/Q4ballys2022corp/
Redirect Chain

https://d1azc1qln24ryf.cloudfront.net/50912/Q4ballys2022corp/q4-icons.woff2?91q097
https://cdn.icomoon.io/50912/Q4ballys2022corp/q4-icons.woff2

10 KB
11 KB

397ms
150ms

Font
application/font-woff2

2400:52e0:1a00::1068:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.icomoon.io/50912/Q4ballys2022corp/q4-icons.woff2
Requested by: Host: s29.q4cdn.com
URL: https://s29.q4cdn.com/580102441/files/css/client.css?v=43091
Protocol: H2
Server: 2400:52e0:1a00::1068:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1068 /
Resource Hash: 32a072d83f70ed964b7a3b1e6e02b3c5b550c4a866aec57eae4fbff2d06d3701

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s29.q4cdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
cdn-edgestorageid: 941
cdn-cachedat: 10/31/2023 19:46:38
cdn-pullzone: 1460617
content-length: 10636
last-modified: Tue, 05 Apr 2022 09:59:01 GMT
server: BunnyCDN-IL1-1068
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "ad7064b6362194ca4375f592f988c407"
content-type: application/font-woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: dd4aa74a-23b0-4a02-a963-0a23a001f729
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 61a1194029b7ca2e152886bb54b1bb05
accept-ranges: bytes
cdn-requestcountrycode: SE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Thu, 28 Mar 2024 01:45:45 GMT
via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P7
x-cache: FunctionGeneratedResponse from cloudfront
location: https://cdn.icomoon.io/50912/Q4ballys2022corp/q4-icons.woff2
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: pP7XxiwCCtZj-cPFJAO2QHfEIbNRvVOtZEBEMyMvreekLA-sGgrtGw==

GET
H2 200 BallyThrill-W-CdXBd.woff2
s29.q4cdn.com/580102441/files/design/fonts/ 23 KB
23 KB 29ms
28ms Font
application/octet-stream 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/design/fonts/BallyThrill-W-CdXBd.woff2
Requested by: Host: s29.q4cdn.com
URL: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 314fb096eb0ae7be07c486e121c88c3a6d786042ea6a59039ec5ec2cf0c2c9ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Origin: https://www.ballys.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Tue, 03 May 2022 08:01:30 GMT
server: keycdn
x-amz-request-id: EJ8KGK6HEEPH1WN7
x-edge-location: defr
etag: "b17ba2aab5a27871bc8e3e3e4f68f680"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 23192
x-amz-id-2: bgrV0j85GSatLluT/fJa4b8jx06G4fsclf38VOu5sOVHYHXag28GodZ+UM31NZnRofEo1tVEeUI=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 BallyThrill-W-CdBd.woff2
s29.q4cdn.com/580102441/files/design/fonts/ 23 KB
23 KB 53ms
53ms Font
application/octet-stream 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/design/fonts/BallyThrill-W-CdBd.woff2
Requested by: Host: s29.q4cdn.com
URL: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 9b117b0d059579977c18244ffbf43d839fc93f243ce555e3615a131fe2bf39de

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Origin: https://www.ballys.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Tue, 03 May 2022 08:01:24 GMT
server: keycdn
x-amz-request-id: EJ8RJ9D85KA77WFA
x-edge-location: defr
etag: "2ba3dc984b5cda7b0b722285dbf1d14f"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 23576
x-amz-id-2: ySQkwE9vSwhjxLZpX+o7czYe4zI79Fe9EK9Q7UUChL4xAdZd1VVnFvQGHD0m7XBbfd+GZdDFgJw=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 score.svg
s29.q4cdn.com/580102441/files/images/homepage/ 4 KB
2 KB 29ms
29ms Image
image/svg+xml 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29.q4cdn.com/580102441/files/images/homepage/score.svg
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: e5b47d24931f514bc464b1c98a5c5cbef3f2a9769a542b071dc44c4702b9a585

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 13:03:29 GMT
server: keycdn
x-amz-request-id: H6G3FSCYSMSCXN5C
x-edge-location: defr
etag: W/"334476e2cd8a21ad807cc8567d8055de"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: 9ToZqI7Y42Lm4GrDpQXG9dcMh5Q+lWo2Y3R4KnJJG91u9ybj002D76BFu3vOmP6HfNlYls9ezCc=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
885 B 165ms
54ms Script
text/javascript 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onLoad__ctrl0_ctl24_recaptcha&render=explicit

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

202b57d68c41b98e9d2f4ff9d68ef9858a757bb0ac66e102265d2b6195c81165

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 28 Mar 2024 01:45:45 GMT

GET
H2 200 aos.js Show response
s29.q4cdn.com/580102441/files/js/ 14 KB
5 KB 30ms
30ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/js/aos.js
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 11:25:48 GMT
server: keycdn
x-amz-request-id: EJ8HWYKQBZRDT99Y
x-edge-location: defr
etag: W/"70b4897108480dbe11c443c2ab7679c9"
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: t8S9mOaIz9TMhmv8qM6iMbXd9pGaj9UzqgFx6/7Bq1GGTyl+jlN0zZyiU2Plmzym597ZWLnMOuk=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 206 banner-animation.mp4
s29.q4cdn.com/580102441/files/videos/ 542 KB
543 KB 28ms
28ms Media
video/mp4 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/videos/banner-animation.mp4
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: f5ba51a07e38fc867fab4d6015a144281bc3810a598d1d7fc804ae357b4e3bc6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www.ballys.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Tue, 14 Jun 2022 12:57:11 GMT
server: keycdn
x-amz-request-id: 1MFP97P4X1VATESM
x-edge-location: defr
etag: "3103b26ad43af34d4679f9890b7bb919"
x-cache: HIT
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-555497/555498
cache-control: max-age=3600
Content-Length: 555498
x-amz-id-2: m9U0+gceE/Wq+O+AOSXZRG5JwXZXvC8GFvd2QFRvXlWs6LU85n+7ldHr6TJJ19r6BsdJV3OweAc=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 atlantic-city.jpg
s29.q4cdn.com/580102441/files/images/casinos-and-resorts/locations-accordion/ 305 KB
305 KB 51ms
51ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29.q4cdn.com/580102441/files/images/casinos-and-resorts/locations-accordion/atlantic-city.jpg
Requested by: Host: s29.q4cdn.com
URL: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: d89efebb11d9fa87ec8ab7b64f91ab52e45e4f3df60fe4ff4e321a500328a939

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Fri, 13 May 2022 08:07:00 GMT
server: keycdn
x-amz-request-id: 6RJVNA01RM2X2SF3
x-edge-location: defr
etag: "1f7f367b1706d2049b0c8a5b5272e551"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 312137
x-amz-id-2: 5sOephAJVtPEqBNMQcBQMCq6la5KlM0WIu56bSqyL7UYG9wzm6Twl9+0Uy1z/9nQ3CNrJtQjvIk=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 phones-banner-corp-web.png
s29.q4cdn.com/580102441/files/images/banner-slider/ 1 MB
1 MB 51ms
51ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29.q4cdn.com/580102441/files/images/banner-slider/phones-banner-corp-web.png
Requested by: Host: s29.q4cdn.com
URL: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 87592d6d0bd1c44a4966fce82a89e5034c8b580941da5c530b6909e0dac5bc71

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Sat, 16 Sep 2023 23:15:35 GMT
server: keycdn
x-amz-request-id: 6RJTTPS3V47QSTC4
x-edge-location: defr
etag: "6ea31e8c099f00482e46a568662cc733"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1488118
x-amz-id-2: ORFjwwdE4y3wlrj23H6V3wc2RJycno860xfrPvR7CPpM0JZJdedlLKUPyhgFJgwpqEOa524/DJ0=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 red-boxes-1.jpg
s29.q4cdn.com/580102441/files/images/homepage/ 204 KB
204 KB 51ms
51ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29.q4cdn.com/580102441/files/images/homepage/red-boxes-1.jpg
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: e75bdc6d860a83a0443e4b5965056611db8849f8a2da60651bf39df6b1d0b533

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Mon, 16 May 2022 09:18:10 GMT
server: keycdn
x-amz-request-id: 6RJZT97RNAHR1WXE
x-edge-location: defr
etag: "1ce74d91ca0f4c4c97f7a80055ead99c"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 208535
x-amz-id-2: +10x5G0Tp4HW+6CTL9uYQiGLp+myfXyO2fyQHWNpGMIto4CwN8t47pPBaINtXTATQBvLnrOBnlg=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 ballys-Int-NA.jpg
s29.q4cdn.com/580102441/files/images/homepage/ 552 KB
553 KB 50ms
49ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29.q4cdn.com/580102441/files/images/homepage/ballys-Int-NA.jpg
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 6282f3816c8275ec665e7dfdab133d26952a55d33e9bc5cfb5a4214bd41e923f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Wed, 17 Aug 2022 14:29:58 GMT
server: keycdn
x-amz-request-id: 6RJPBBF0QEWNXSS1
x-edge-location: defr
etag: "67ec47ed19cdf74759a05afbb1c2f1a3"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 564932
x-amz-id-2: DzyPvPrz3F3i6/ttZLtCHVm1xz672rSNceT/OzBdK6SGSsv+05ZqYNwXmQ2QcqyNYptgM1KPpSA=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 chips-homepage-res.jpg
s29.q4cdn.com/580102441/files/images/ 93 KB
93 KB 49ms
49ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29.q4cdn.com/580102441/files/images/chips-homepage-res.jpg
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 5fc3b690de1a2e6016d666b8230fd402eb72bb2e6f3a693dfd25b3be8bf0cb00

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Fri, 20 May 2022 13:24:49 GMT
server: keycdn
x-amz-request-id: 6RJV1F6W1Z7G8232
x-edge-location: defr
etag: "6b347180359d55f9b45e2836a4ef9708"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 94771
x-amz-id-2: gf260CNsTFb2/Hibh/CUQF4AX6tq68EUH9nyM0AR/uW4UF8L6iXy5jFrGBK8Jkxu14/izrLi54U=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 who-we-are.png
s29.q4cdn.com/580102441/files/images/homepage/ 50 KB
51 KB 49ms
49ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29.q4cdn.com/580102441/files/images/homepage/who-we-are.png
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: eacade8d1bdc84a93034baed35797c0b1791d1215e6f4ee69993fcdcccf04c05

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Tue, 03 May 2022 11:23:39 GMT
server: keycdn
x-amz-request-id: YNGV4HX13747KCT7
x-edge-location: defr
etag: "e8945cf8b0d25fe9832e106817e8bfe9"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 51347
x-amz-id-2: F7/RW8CMjMJw5miaS4wGIh0mmGlweQBaUwkYZCDf/vj6T7DpOzojx8cOhRYmqvNgqDoUguhRytU=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 footer-hey.svg
s29.q4cdn.com/580102441/files/design/svg/ 2 KB
1 KB 48ms
48ms Image
image/svg+xml 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s29.q4cdn.com/580102441/files/design/svg/footer-hey.svg
Requested by: Host: s29.q4cdn.com
URL: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 0616d32832b12a2a05c338718cc463b73f916276a282de8d749708692ed84402

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://s29.q4cdn.com/580102441/files/css/global.css?v=42845
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
last-modified: Fri, 17 Jun 2022 07:16:24 GMT
server: keycdn
x-amz-request-id: YNGW1Y6F3QCH4V2D
x-edge-location: defr
etag: W/"b1951ee17c945f33830872f1256f250a"
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-id-2: CrGThPPa560XdHirZN9v3Jo58DsjZoSLcJty1ObYGd+cuKvVMK9rR+JY8xbA5oqlJA7Usqoaq44=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2

200

embed.js Show response
sidebar.bugherd.com/
Redirect Chain

https://www.bugherd.com/sidebarv2.js?apikey=ioaqqagwfnvvvmhyo77x5g
https://sidebar.bugherd.com/embed.js?apikey=ioaqqagwfnvvvmhyo77x5g

18 KB
7 KB

338ms
328ms

Script
text/javascript

2606:4700:20::ac43:4771
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sidebar.bugherd.com/embed.js?apikey=ioaqqagwfnvvvmhyo77x5g

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Server

2606:4700:20::ac43:4771 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b8bdf75e48265301894eca33aa09017e93c8b4374688a6401fc22748f64d34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ballys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Thu, 28 Mar 2024 01:45:46 GMT
access-control-request-method: *
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
cf-cache-status: EXPIRED
via: 1.1 vegur
content-encoding: br
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711590345&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=e1M%2Bb3KzaZCmJ7L22xLkAyp4B201iZspAESc15wSkqA%3D
x-request-id: f8694f3b-03c8-47bd-954d-c0860c05cd1d
x-runtime: 0.003029
referrer-policy: origin
server: cloudflare
etag: W/"7b4942b9ca3d1e2153c10d6d28d516bb"
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711590345&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=e1M%2Bb3KzaZCmJ7L22xLkAyp4B201iZspAESc15wSkqA%3D"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: http://sidebar.bugherd.com
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
cache-control: public, max-age=14400
access-control-allow-credentials: true
access-control-max-age: 1728000
cf-ray: 86b3f14ca8289738-FRA
access-control-allow-headers: x-csrf-token, Content-Type, X-Pusher-Socket-ID, Authentication
vary: Accept-Encoding

Redirect headers

date: Thu, 28 Mar 2024 01:45:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7w9Bn3uuvvpONhddoZuvH4EmgSBUuzkV5KEgd81JgKvRaY3OcEnEpoVZ9KZBhvAJUfRA2OYqwQTtkyfkb8g5l3U2K2P1lfL50M4gigSLLIzsiacUTJh26h%2FpY72eRJrBPKQ%2B010tMM2faUcfWA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://sidebar.bugherd.com/embed.js?apikey=ioaqqagwfnvvvmhyo77x5g
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 86b3f14c5fff9738-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 206 banner-animation.mp4
s29.q4cdn.com/580102441/files/videos/ 64 KB
0 41ms
41ms Media
video/mp4 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/videos/banner-animation.mp4
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://www.ballys.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
last-modified: Tue, 14 Jun 2022 12:57:11 GMT
server: keycdn
x-amz-request-id: 1MFP97P4X1VATESM
x-edge-location: defr
etag: "3103b26ad43af34d4679f9890b7bb919"
x-cache: HIT
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-555497/555498
cache-control: max-age=3600
Content-Length: 555498
x-amz-id-2: m9U0+gceE/Wq+O+AOSXZRG5JwXZXvC8GFvd2QFRvXlWs6LU85n+7ldHr6TJJ19r6BsdJV3OweAc=
expires: Thu, 28 Mar 2024 02:45:45 GMT

GET
H2 200 anti-csrf.js Show response
www.ballys.com/js/ 2 KB
909 B 160ms
160ms Script
application/javascript 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/js/anti-csrf.js

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/home/default.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64deea8d3844605b4884ce523931c6582ee35e02eec9c531047a8201cc768a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 822
x-xss-protection: 1; mode=block
last-modified: Mon, 25 Mar 2024 21:32:20 GMT
server: cloudflare
etag: 3068b4a4231a802c2e760e6f77e13e01
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
accept-ranges: bytes
cf-ray: 86b3f14be9feaca9-TXL

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/ 502 KB
201 KB 151ms
47ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoad__ctrl0_ctl24_recaptcha&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4ddb0e0c3bda5d6e61d56a544a7ff9ea3691eaa5126187daa6ed1875ba93e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
Origin: https://www.ballys.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 22:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204859
x-xss-protection: 0
last-modified: Mon, 25 Mar 2024 04:00:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Mar 2025 22:05:04 GMT

GET
H2

200

q4logincallback.aspx Show response
www.ballys.com/ Frame AC07
Redirect Chain

https://login.q4inc.com/authorize?client_id=gKrDY1E9BUSWfU7DGuW2CO4rjdskiNg7&scope=openid+profile+email&response_type=code&response_mode=query&nonce=thZKy9Gzk4QMBZoxIIqOpfXaPA&state=eyJhbGciOiJodHR...
https://auth.platform.q4inc.com/auth/publicAuthRedirect?error=login_required&error_description=Login%20required&state=eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiI...
https://www.ballys.com/q4logincallback.aspx

666 B
603 B

532ms
532ms

Document
text/html

2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/q4logincallback.aspx

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/js/typescript/dist/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f9ae10b1dc8dc5ecee81344a5db4b070c6052ab471593c2dbf3fcf24d0d6997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ballys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: public, max-age=10, stale-if-error=86400, stale-while-revalidate=86400
cf-cache-status: HIT
cf-ray: 86b3f1503ec9aca9-TXL
content-encoding: gzip
content-length: 492
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 01:45:46 GMT
etag: b5cfece6bc0eb7a9054aa3d5741b58b7
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-type: application/json
date: Thu, 28 Mar 2024 01:45:46 GMT
location: https://www.ballys.com/q4logincallback.aspx#error=400
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
x-amz-apigw-id: VUTHoErxoAMEbew=
x-amz-cf-id: jVgLWmtxH4-3Q6SQZLduFDigYmUQ9rqjlZ9q16-umkM8Pd7Kxk6NgA==
x-amz-cf-pop: FRA60-P1
x-amzn-requestid: d99d0f44-9e32-4e2d-94de-3afdf83abc54
x-amzn-trace-id: Root=1-6604cbca-1ccc581c04ad56b46b02fe63;Parent=557253895a126217;Sampled=0;lineage=5c4bdb31:0
x-cache: Miss from cloudfront

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 360A 0
0 164ms
70ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W&co=aHR0cHM6Ly93d3cuYmFsbHlzLmNvbTo0NDM.&hl=de&v=moV1mTgQ6S91nuTnmll4Y9yf&size=invisible&cb=oe9axbiesou8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pdZCsyZVA-ec9DeYF81vFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ballys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pdZCsyZVA-ec9DeYF81vFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Mar 2024 01:45:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 embed_html
sidebar.bugherd.com/sidebar/ Frame FEBA 0
0 395ms
332ms Document
text/html 2606:4700:20::681a:d5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sidebar.bugherd.com/sidebar/embed_html?apikey=ioaqqagwfnvvvmhyo77x5g

Requested by

Host: www.bugherd.com
URL: https://www.bugherd.com/sidebarv2.js?apikey=ioaqqagwfnvvvmhyo77x5g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:d5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ballys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-csrf-token, Content-Type, X-Pusher-Socket-ID, Authentication
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: http://sidebar.bugherd.com
access-control-max-age: 1728000
access-control-request-method: *
cache-control: public, max-age=14400
cf-cache-status: EXPIRED
cf-ray: 86b3f14f28eb3624-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 01:45:46 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
p3p: CP="NOI ADM DEV COM NAV OUR STP"
referrer-policy: origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1711590346&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=OMIw0yLWb4ynJV80Feb6%2FeZBPidx7bKnMSh7o4xdxpE%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1711590346&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&s=OMIw0yLWb4ynJV80Feb6%2FeZBPidx7bKnMSh7o4xdxpE%3D
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: f143dfd7-a1ca-46f2-ac19-9eab6c591422
x-runtime: 0.003583
x-xss-protection: 1; mode=block

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 8397 0
0 62ms
61ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=moV1mTgQ6S91nuTnmll4Y9yf&k=6LcKf8wZAAAAADYEeFvKUvdj80FVct5G98mSJ29W

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7QJQ9jB2-9y7YlXDOyBmqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ballys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7QJQ9jB2-9y7YlXDOyBmqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Mar 2024 01:45:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 58 B
213 B 40ms
40ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=6KddQSe576qrfNb&fields=isp,org
Requested by: Host: www.ballys.com
URL: https://www.ballys.com/js/typescript/dist/index.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: a06d1b68ff61f68a0b61ef1531f7e4c43b787d0956de9a65445fb2d2f6564cfa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 28 Mar 2024 01:45:46 GMT
Content-Length: 58
Content-Type: application/json; charset=utf-8

GET
H2 200 favicon.ico
s29.q4cdn.com/580102441/files/ 1 KB
1 KB 28ms
27ms Other
application/octet-stream 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 99a0dc21e94d157552bef11380e1d4878211a6aa9c0f61961edf08e04a74ac4c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:46 GMT
last-modified: Thu, 24 Mar 2022 15:29:33 GMT
server: keycdn
x-amz-request-id: H81WJ6H76HYY0S4B
x-edge-location: defr
etag: "a5bbc54906bc675802fb010ec56a1e32"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1150
x-amz-id-2: 1g599IDoyPxy0dG0jpTQx8SUlaZAxCo68ulO+AFZPqzrRcaH5xr3EFJLJqyM0b7PbEPooR5iQSg=
expires: Thu, 28 Mar 2024 02:45:46 GMT

GET
H2 200 favicon.ico
s29.q4cdn.com/580102441/files/ 1 KB
1 KB 28ms
28ms Other
application/octet-stream 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s29.q4cdn.com/580102441/files/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 99a0dc21e94d157552bef11380e1d4878211a6aa9c0f61961edf08e04a74ac4c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.ballys.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:45:46 GMT
last-modified: Thu, 24 Mar 2022 15:29:33 GMT
server: keycdn
x-amz-request-id: H81WJ6H76HYY0S4B
x-edge-location: defr
etag: "a5bbc54906bc675802fb010ec56a1e32"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1150
x-amz-id-2: 1g599IDoyPxy0dG0jpTQx8SUlaZAxCo68ulO+AFZPqzrRcaH5xr3EFJLJqyM0b7PbEPooR5iQSg=
expires: Thu, 28 Mar 2024 02:45:46 GMT

POST
H2 200 xc9 Show response
www.ballys.com/x0k461/e6c1b/ 2 B
278 B 143ms
143ms XHR
text/plain 2606:4700:7::a29f:820b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ballys.com/x0k461/e6c1b/xc9

Requested by

Host: www.ballys.com
URL: https://www.ballys.com/js/typescript/dist/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:820b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.ballys.com/home/default.aspx
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 28 Mar 2024 01:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: https://www.ballys.com
access-control-allow-credentials: true
cf-ray: 86b3f1546b3aaca9-TXL
content-length: 2

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 23:45:42	Name: _GRECAPTCHA Value: 09AM9qaEIlJz-WpW2_FZ1q9b1kXelI50KNk-3GNF9mErMzJ1zyIRbksfIHoh4aDmCVKBQqr-hN4A3tDvXkUGo21jA
.ballys.com/	1970-01-21 05:02:30	Name: _ga Value: GA1.2.1822812376.1711590345
.ballys.com/	1970-01-20 19:27:56	Name: _gid Value: GA1.2.1210529472.1711590345
.ballys.com/	1970-01-20 19:26:30	Name: _gat_Client Value: 1
www.ballys.com/	1969-12-31 23:59:59	Name: contrast Value: false
login.q4inc.com/	1970-01-21 04:12:27	Name: did Value: s%3Av0%3Ae5356ee0-eca4-11ee-bfa2-8b4ed60f1676.BGo77Ll4n5aNvt3Cj7MEXoDUwXMNFhlHTxrPBeqDTus
www.ballys.com/	1970-01-20 19:26:32	Name: __uxq412__ses.e3e9 Value: *
www.ballys.com/	1970-01-21 04:12:06	Name: __uxq412__id.e3e9 Value: 86796c23-89ad-48ef-84c7-200a7e74b638.1711590347.1.1711590347.1711590347.0b3e87b9-a130-4125-88c9-2e37e3aaf73f
www.ballys.com/	1970-01-21 04:12:06	Name: sp Value: cf190de3-15de-430a-9799-e8c4466ee5ec

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.ballys.com/home/default.aspx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ballys.com/home/default.aspx Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.ballys.com/home/default.aspx Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.platform.q4inc.com
ballys.com
cdn.icomoon.io
d1azc1qln24ryf.cloudfront.net
login.q4inc.com
pro.ip-api.com
s29.q4cdn.com
sidebar.bugherd.com
widgets.q4app.com
www.ballys.com
www.bugherd.com
www.google-analytics.com
www.google.com
www.gstatic.com
13.32.121.78
142.250.185.132
143.204.98.63
162.159.129.11
18.66.112.74
2400:52e0:1a00::1068:1
2600:9000:2491:2000:16:fecd:21c0:21
2606:4700:20::681a:d5f
2606:4700:20::ac43:4771
2606:4700:7::a29f:820b
2a00:1450:4001:803::200e
2a00:1450:4001:80b::2003
2a0b:4d07:102::1
51.77.64.70
0616d32832b12a2a05c338718cc463b73f916276a282de8d749708692ed84402
0c734046f0192afc21d839b6724070a7ba436c1646286afd9b35d6ec268c336c
0ee14b020ce1fd5ca96360187dd18df7941cfe1b527ea64880a69798914f4452
1104af4ec5fd522b923898ae46be7a55bc7d62350d291b231400efb27e4de913
11f8557031eb7474446251dc183fc53b476ba5ba474099fae0628749f2465aac
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d9e733187b29f33e739098e7824af1a6c59bc929779183eff9c51c18c8164c5
1fdee77b1a99ab3c6f419317b64e4318eaf66d81b4644ea43304a04dc9979408
202b57d68c41b98e9d2f4ff9d68ef9858a757bb0ac66e102265d2b6195c81165
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a0e7d302aedad7adc3b609836bc8b288699000bcfba1c0736e26a653f924983
314fb096eb0ae7be07c486e121c88c3a6d786042ea6a59039ec5ec2cf0c2c9ee
32a072d83f70ed964b7a3b1e6e02b3c5b550c4a866aec57eae4fbff2d06d3701
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
45829737ba1d0247ce8d9c5547d2b68c9885310da0fdab62203be03072359acf
4b8bdf75e48265301894eca33aa09017e93c8b4374688a6401fc22748f64d34e
594624169452a84979e67230f9aeda2a00863776d7d134f743b76ba548a172ab
5fc3b690de1a2e6016d666b8230fd402eb72bb2e6f3a693dfd25b3be8bf0cb00
6282f3816c8275ec665e7dfdab133d26952a55d33e9bc5cfb5a4214bd41e923f
64deea8d3844605b4884ce523931c6582ee35e02eec9c531047a8201cc768a58
67d639044adffa71df6b9a0439597a614bf02fffd0095c55942bdee4382958bd
76de334924b6cff139b2c1c9fb0bcb18f1f4544b371d865da87cb10e29fdd2f0
7f9ae10b1dc8dc5ecee81344a5db4b070c6052ab471593c2dbf3fcf24d0d6997
87592d6d0bd1c44a4966fce82a89e5034c8b580941da5c530b6909e0dac5bc71
92ba185805d95a3f232a82db1ced426c1a19ff00e682329600aaec6a6a88d5d4
99a0dc21e94d157552bef11380e1d4878211a6aa9c0f61961edf08e04a74ac4c
9b117b0d059579977c18244ffbf43d839fc93f243ce555e3615a131fe2bf39de
a06d1b68ff61f68a0b61ef1531f7e4c43b787d0956de9a65445fb2d2f6564cfa
a3c5ba2348fe43201b82380b77dfa94f59a05c11b4832a9513a11ad663d0ba95
a89b2aaf657a12a30cf8a5b5f7c3e315a5b02d4e51d831f14701a72d9a92de1f
aa4ddb0e0c3bda5d6e61d56a544a7ff9ea3691eaa5126187daa6ed1875ba93e7
b22fdc3cdef62dcead438f5af7c63ba076f6ef5fa03eac664f5ae20f5c762fba
b4ae9708dbe649d403050094f2baffc2cbba42239c047146835821cb28063228
c80b9c772236e0ce6671b8b44acf218404602df4bb28f0862e4338e364775d95
c82debd944f63b1448d4e8468b3d36ad7e03b1fd1d9ec67434ca32e831d9a457
c8617e7901535082194507b2c6881ec869a88df5fc401e7d3937a6077cc3b59a
caf3e77cd2ce8de9cf23e8c124cf5e629759f15d40fb8eb3c869f4fdbad59fb0
d89efebb11d9fa87ec8ab7b64f91ab52e45e4f3df60fe4ff4e321a500328a939
dc7876402f7e92aa3b92bf4040c6f5da55f48155619af669873c31beaf70d313
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e5b47d24931f514bc464b1c98a5c5cbef3f2a9769a542b071dc44c4702b9a585
e75bdc6d860a83a0443e4b5965056611db8849f8a2da60651bf39df6b1d0b533
eacade8d1bdc84a93034baed35797c0b1791d1215e6f4ee69993fcdcccf04c05
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
efe3af706e55709699ff6edbb099b58baa3067ef663808905e56116781e1f146
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f5ba51a07e38fc867fab4d6015a144281bc3810a598d1d7fc804ae357b4e3bc6

www.ballys.com Open in urlscan Pro 2606:4700:7::a29f:820b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

96 %HTTPS

57 %IPv6

11 Domains

14 Subdomains

10 IPs

4 Countries

4237 kBTransfer

6552 kBSize

9 Cookies

8 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ballys.com Open in urlscan Pro
2606:4700:7::a29f:820b Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

96 %
HTTPS

57 %
IPv6

11
Domains

14
Subdomains

10
IPs

4
Countries

4237 kB
Transfer

6552 kB
Size

9
Cookies

53 HTTP transactions
0 data transactions