qa.pwa.ballyrewards.com Open in urlscan Pro
44.240.208.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qa.pwa.ballyrewards.com/
Effective URL:
https://qa.pwa.ballyrewards.com/chicago/
Submission: On February 29 via api (February 29th 2024, 11:05:08 am UTC) from IN — Scanned from DE

Summary HTTP 31 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 31 HTTP transactions. The main IP is 44.240.208.99, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is qa.pwa.ballyrewards.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 12th 2023. Valid for: a year.

This is the only time qa.pwa.ballyrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 15	44.240.208.99 44.240.208.99	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	18.224.113.188 18.224.113.188	16509 (AMAZON-02) (AMAZON-02)
4	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
4	18.233.115.216 18.233.115.216	14618 (AMAZON-AES) (AMAZON-AES)
6	151.101.3.52 151.101.3.52	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
31	8

15 44.240.208.99 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-208-99.us-west-2.compute.amazonaws.com

qa.pwa.ballyrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.224.113.188 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-113-188.us-east-2.compute.amazonaws.com

nhtbk7csw8.execute-api.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.233.115.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-115-216.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.3.52 (United States)

ASN54113 (FASTLY, US)

casinos.ballys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ballyrewards.com 3 redirects qa.pwa.ballyrewards.com	295 KB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 547 events.launchdarkly.com — Cisco Umbrella Rank: 951 clientstream.launchdarkly.com — Cisco Umbrella Rank: 917	2 KB
6	ballys.com casinos.ballys.com — Cisco Umbrella Rank: 451810	1 MB
2	amazonaws.com nhtbk7csw8.execute-api.us-east-2.amazonaws.com	2 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	1 KB
31	6

	Domain	Requested by
15	qa.pwa.ballyrewards.com	3 redirects qa.pwa.ballyrewards.com
6	casinos.ballys.com	qa.pwa.ballyrewards.com
4	events.launchdarkly.com	qa.pwa.ballyrewards.com
4	app.launchdarkly.com	qa.pwa.ballyrewards.com
2	nhtbk7csw8.execute-api.us-east-2.amazonaws.com	qa.pwa.ballyrewards.com
1	clientstream.launchdarkly.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	qa.pwa.ballyrewards.com
31	8

This site contains links to these domains. Also see Links.

Domain
casinos.ballys.com

Subject Issuer	Validity	Valid
*.qa.pwa.ballyrewards.com Amazon RSA 2048 M03	`2023-12-12` - `2025-01-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.execute-api.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-06-01` - `2024-06-29`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M02	`2023-06-21` - `2024-07-20`	a year	crt.sh
casinos.ballys.com Certainly Intermediate R1	`2024-02-27` - `2024-03-28`	a month	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-08-09` - `2024-09-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://qa.pwa.ballyrewards.com/chicago/
Frame ID: 2EA678BBBD2D104FE293DFC9D8D3D4D5
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bally's Rewards

Page URL History Show full URLs

http://qa.pwa.ballyrewards.com/ HTTP 301
https://qa.pwa.ballyrewards.com/ HTTP 302
http://qa.pwa.ballyrewards.com/chicago/ HTTP 301
https://qa.pwa.ballyrewards.com/chicago/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

31
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1534 kB
Transfer

1837 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://casinos.ballys.com/chicago/rewards-club.htm
Title: Benefits

Search URL Search Domain Scan URL

URL: https://casinos.ballys.com/chicago/casino.htm
Title: Casino

Search URL Search Domain Scan URL

URL: https://casinos.ballys.com/chicago/dining.htm
Title: Dining

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qa.pwa.ballyrewards.com/ HTTP 301
https://qa.pwa.ballyrewards.com/ HTTP 302
http://qa.pwa.ballyrewards.com/chicago/ HTTP 301
https://qa.pwa.ballyrewards.com/chicago/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
qa.pwa.ballyrewards.com/chicago/
Redirect Chain

http://qa.pwa.ballyrewards.com/
https://qa.pwa.ballyrewards.com/
http://qa.pwa.ballyrewards.com/chicago/
https://qa.pwa.ballyrewards.com/chicago/

1 KB
814 B

177ms
177ms

Document
text/html

44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: fcf399c6912283b2b0344d6b9dcb159d8762e080dc404e3215713847a4d4cb72

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 29 Feb 2024 11:05:02 GMT
etag: W/"65798a71-4bc"
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Thu, 29 Feb 2024 11:05:01 GMT
Location: https://qa.pwa.ballyrewards.com:443/chicago/
Server: awselb/2.0

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 11:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 10:19:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 11:05:02 GMT

GET
H2 200 main.9790e99b.js Show response
qa.pwa.ballyrewards.com/chicago/static/js/ 373 KB
132 KB 357ms
356ms Script
application/javascript 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: a9e190a7d45dc39d200588dde365771c861834dc3b6ebe8d6c2bd6f3a2b5e867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:02 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
etag: W/"65798a71-5d431"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main.fa9c2544.css
qa.pwa.ballyrewards.com/chicago/static/css/ 68 KB
15 KB 355ms
354ms Stylesheet
text/css 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: cf170081f5bdcfefaa3a9bfe816acb1139802d77320c373aa1b7bff6f60869d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:02 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
etag: W/"65798a71-110b0"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 login-background.png
qa.pwa.ballyrewards.com/chicago/assets/ 0
24 KB 695ms
695ms Other
image/png 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/assets/login-background.png
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:19 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a4f-5efe"
content-length: 24318
content-type: image/png

OPTIONS
H2 200 codes
nhtbk7csw8.execute-api.us-east-2.amazonaws.com/dev/property/ 0
0 350ms
112ms Preflight
application/json 18.224.113.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nhtbk7csw8.execute-api.us-east-2.amazonaws.com/dev/property/codes?isOneAppProperty=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.224.113.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-113-188.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: GET
Origin: https://qa.pwa.ballyrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 29 Feb 2024 11:05:03 GMT
x-amz-apigw-id: T5Sy6FHPiYcERdA=
x-amzn-requestid: 138a410b-6583-4486-a927-2a02ddfc481e
x-amzn-trace-id: Root=1-65e064df-42b76a1c44ee53cf729ac9e9

OPTIONS
H2 200 647e0cd2897d0613328bf965
app.launchdarkly.com/sdk/goals/ 0
0 325ms
292ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/647e0cd2897d0613328bf965

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://qa.pwa.ballyrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 29 Feb 2024 11:05:03 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230106-FRA
x-timer: S1709204703.920141,VS0,VE286

OPTIONS
H2 204 647e0cd2897d0613328bf965
events.launchdarkly.com/events/diagnostic/ 0
0 302ms
99ms Preflight 18.233.115.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/647e0cd2897d0613328bf965

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-115-216.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://qa.pwa.ballyrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 29 Feb 2024 11:05:03 GMT
strict-transport-security: max-age=31536000

GET
H2 200 widget1425820.js Show response
casinos.ballys.com/chicago/files/6823/ 4 KB
1 KB 145ms
106ms Script
application/javascript 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/chicago/files/6823/widget1425820.js?callback=widget1425820DataCallback

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2bb6d79e375b8753a7f372fc60ac98e8b98d9e077d901eecaa84bc19f3721396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, HIT
content-length: 723
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780147-PDK, cache-fra-eddf8230020-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Oct 2023 21:15:29 GMT
server
x-timer: S1709204703.923796,VS0,VE99
etag: "806e611d1f7d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 widget1440679.js Show response
casinos.ballys.com/chicago/files/6823/ 5 KB
900 B 450ms
411ms Script
application/javascript 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/chicago/files/6823/widget1440679.js?callback=widget1440679DataCallback

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f28e0c34bef84fe590a2427c3be6d2648377f5d852dece148012d2fea4699856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: HIT, HIT
content-length: 734
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780099-PDK, cache-fra-eddf8230020-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Nov 2023 15:56:34 GMT
server
x-timer: S1709204703.923828,VS0,VE404
etag: "065d4fcdbcda1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 widget1425847.js Show response
casinos.ballys.com/chicago/files/6823/ 2 KB
910 B 458ms
419ms Script
application/javascript 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/chicago/files/6823/widget1425847.js?callback=widget1425847DataCallback

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8adbb402fbd9be91dd7bfff54d0fb891c6aed9e94a6e9a3e31e121cd61ab0200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 72373
x-cache: HIT, MISS
content-length: 737
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780058-PDK, cache-fra-eddf8230020-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Oct 2023 13:04:39 GMT
server
x-timer: S1709204703.923898,VS0,VE412
etag: "80d1c29b1fad91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 128, 0

GET
H2 200 codes Show response
nhtbk7csw8.execute-api.us-east-2.amazonaws.com/dev/property/ 2 KB
2 KB 616ms
616ms Fetch
application/json 18.224.113.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nhtbk7csw8.execute-api.us-east-2.amazonaws.com/dev/property/codes?isOneAppProperty=true
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.224.113.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-224-113-188.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 1d1d45d86cc68def3dbc4a11491f70931fe1bb51b11f756bfc6118bf9a216012

Request headers

Referer: https://qa.pwa.ballyrewards.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
x-api-key: DmumdQkMbD9NqJJ3LLTsSaiShreMBOJX2QJZ5L4x
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 29 Feb 2024 11:05:03 GMT
x-amzn-trace-id: Root=1-65e064df-3204f0a60c6e752c674e2457
x-amzn-requestid: 04c37c9d-2261-4653-a38f-09d999ad79ae
content-length: 1629
x-amz-apigw-id: T5Sy7HlRCYcEgiw=
content-type: application/json

GET
H2 200 exclusive-offer.png
qa.pwa.ballyrewards.com/chicago/assets/ 7 KB
7 KB 177ms
177ms Image
image/png 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/assets/exclusive-offer.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: aea6019946baf77625346cc7aa4ed1567d5ddab5d582745fe41b6d0b51f98958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:19 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a4f-1c80"
content-length: 7296
content-type: image/png

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNjMyNTFiNzAtZDZmMi0xMWVlLTlkNTQtMzU0NGY5ODdlNTkyIn0
app.launchdarkly.com/sdk/evalx/647e0cd2897d0613328bf965/contexts/ 0
0 133ms
102ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/647e0cd2897d0613328bf965/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNjMyNTFiNzAtZDZmMi0xMWVlLTlkNTQtMzU0NGY5ODdlNTkyIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://qa.pwa.ballyrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 29 Feb 2024 11:05:03 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230106-FRA
x-timer: S1709204703.920312,VS0,VE95

GET
H2 200 647e0cd2897d0613328bf965 Show response
app.launchdarkly.com/sdk/goals/ 2 B
177 B 160ms
160ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/647e0cd2897d0613328bf965

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://qa.pwa.ballyrewards.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Thu, 29 Feb 2024 11:05:03 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: MISS
content-length: 26
x-served-by: cache-fra-eddf8230106-FRA
x-timer: S1709204703.213294,VS0,VE147
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 0

POST
H2 202 647e0cd2897d0613328bf965 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 99ms
99ms XHR
application/json 18.233.115.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/647e0cd2897d0613328bf965

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-115-216.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://qa.pwa.ballyrewards.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Feb 2024 11:05:03 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNjMyNTFiNzAtZDZmMi0xMWVlLTlkNTQtMzU0NGY5ODdlNTkyIn0 Show response
app.launchdarkly.com/sdk/evalx/647e0cd2897d0613328bf965/contexts/ 3 KB
994 B 551ms
551ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/647e0cd2897d0613328bf965/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNjMyNTFiNzAtZDZmMi0xMWVlLTlkNTQtMzU0NGY5ODdlNTkyIn0
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60a9ed04348dedf18d168ca1ed2c8a9704da57dbc9415c77a3083d624b2ffab0

Request headers

Referer: https://qa.pwa.ballyrewards.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:03 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 623
x-served-by: cache-fra-etou8220030-FRA, cache-fra-eddf8230106-FRA
x-timer: S1709204703.022635,VS0,VE545
etag: "152dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H2 200 bally_buck_coin_inactive.bc745dec4bcbb4826f65.svg
qa.pwa.ballyrewards.com/chicago/static/media/ 12 KB
6 KB 179ms
178ms Image
image/svg+xml 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/media/bally_buck_coin_inactive.bc745dec4bcbb4826f65.svg
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: a7e955d1669395bc38833354a336b365b6374546d1f9c36e87d9cf9a944c33ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:02 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
etag: W/"65798a71-3160"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 bally_buck_coin.3c7bc7b35265ffc4edfb.svg
qa.pwa.ballyrewards.com/chicago/static/media/ 13 KB
6 KB 180ms
179ms Image
image/svg+xml 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/media/bally_buck_coin.3c7bc7b35265ffc4edfb.svg
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: 4f4be2040c3a97536e22981a456cea9eedd56d5b62d785f70444418440a38066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:02 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
etag: W/"65798a71-3257"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 icon.b51fafe3a29c1118769b.ttf
qa.pwa.ballyrewards.com/chicago/static/media/ 33 KB
33 KB 177ms
177ms Font
application/octet-stream 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/media/icon.b51fafe3a29c1118769b.ttf
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: 1f93d0dfc0f53193816217098f3bb98dbbf832a67e181469272a4e7a195e232a

Request headers

Referer: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Origin: https://qa.pwa.ballyrewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a71-823c"
content-length: 33340
content-type: application/octet-stream

GET
H2 200 BallyThrill_W_CdBd.f9f2e3e941aa63d5b1a3.woff2
qa.pwa.ballyrewards.com/chicago/static/media/ 23 KB
23 KB 178ms
178ms Font
font/woff2 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/media/BallyThrill_W_CdBd.f9f2e3e941aa63d5b1a3.woff2
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: 9b117b0d059579977c18244ffbf43d839fc93f243ce555e3615a131fe2bf39de

Request headers

Referer: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Origin: https://qa.pwa.ballyrewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a71-5c18"
content-length: 23576
content-type: font/woff2

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 30ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qa.pwa.ballyrewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 20:21:18 GMT
x-content-type-options: nosniff
age: 53024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 20:21:18 GMT

GET
H2 200 logo.png
qa.pwa.ballyrewards.com/chicago/assets/ 10 KB
10 KB 177ms
177ms Image
image/png 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/assets/logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: f40c958d3a97ac584bfbfd9b8579f572aa9a53fcd8a01d2acb9738d2ac3eb2e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:19 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a4f-27eb"
content-length: 10219
content-type: image/png

GET
H2 200 logo-white.png
qa.pwa.ballyrewards.com/chicago/assets/ 30 KB
30 KB 177ms
177ms Image
image/png 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/assets/logo-white.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: 73cb38c0ec784082fc5acc842002240afd07c60fb8326906d55b1f0cffc6aa14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:19 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a4f-771e"
content-length: 30494
content-type: image/png

GET
H2 200 exclusive-offer.png
qa.pwa.ballyrewards.com/chicago/assets/ 7 KB
7 KB 177ms
177ms Image
image/png 44.240.208.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/assets/exclusive-offer.png
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.208.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-208-99.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: aea6019946baf77625346cc7aa4ed1567d5ddab5d582745fe41b6d0b51f98958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:03 GMT
last-modified: Wed, 13 Dec 2023 10:41:19 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a4f-1c80"
content-length: 7296
content-type: image/png

GET
H2 200 Casino-1.png
casinos.ballys.com/chicago/files/6823/ 420 KB
421 KB 655ms
654ms Image
image/png 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/chicago/files/6823/Casino-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c52edb10abffd83261f31b57f05be2fe5c99f41b33f686eb4ccc0dc0c94fa2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:03 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
age: 71019
x-cache: HIT, MISS
content-length: 430276
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780076-PDK, cache-fra-eddf8230020-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Aug 2023 11:02:37 GMT
server
x-timer: S1709204703.338043,VS0,VE648
etag: "451ecfae67c4d91:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 5, 0

GET
H2 200 Dining-1.png
casinos.ballys.com/chicago/files/6823/ 440 KB
441 KB 351ms
350ms Image
image/png 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/chicago/files/6823/Dining-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fb617d3c6a1daaec65ab534713adb59954d412035bcfa98428574ddb9560940c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:03 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
age: 71019
x-cache: HIT, MISS
content-length: 450808
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780072-PDK, cache-fra-eddf8230020-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Aug 2023 11:02:38 GMT
server
x-timer: S1709204703.338004,VS0,VE342
etag: "6af7feae67c4d91:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 5, 0

GET
H2 200 Rewards-1.png
casinos.ballys.com/chicago/files/6823/ 325 KB
325 KB 423ms
422ms Image
image/png 151.101.3.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/chicago/files/6823/Rewards-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.3.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

095d56960b20340ca25cd74b20ce58e6c7add0c44111ecd6f186fe38eca7be42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:03 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
age: 0
x-cache: HIT, HIT
content-length: 332316
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780116-PDK, cache-fra-eddf8230020-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Aug 2023 11:02:41 GMT
server
x-timer: S1709204703.338200,VS0,VE414
etag: "28f33bb167c4d91:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNjMyNTFiNzAtZDZmMi0xMWVlLTlkNTQtMzU0NGY5ODdlNTkyIn0
clientstream.launchdarkly.com/eval/647e0cd2897d0613328bf965/ 3 KB
0 197ms
112ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/647e0cd2897d0613328bf965/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNjMyNTFiNzAtZDZmMi0xMWVlLTlkNTQtMzU0NGY5ODdlNTkyIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://qa.pwa.ballyrewards.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 11:05:03 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST
H2 202 647e0cd2897d0613328bf965 Show response
events.launchdarkly.com/events/bulk/ 0
344 B 107ms
107ms XHR
application/json 18.233.115.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/647e0cd2897d0613328bf965

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-115-216.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: 64564870-d6f2-11ee-9d54-3544f987e592
X-LaunchDarkly-Event-Schema: 4
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json
Referer: https://qa.pwa.ballyrewards.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10

Response headers

date: Thu, 29 Feb 2024 11:05:05 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 647e0cd2897d0613328bf965
events.launchdarkly.com/events/bulk/ 0
0 99ms
99ms Preflight 18.233.115.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/647e0cd2897d0613328bf965

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.233.115.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-233-115-216.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://qa.pwa.ballyrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 29 Feb 2024 11:05:04 GMT
strict-transport-security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkballys_chicago

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://qa.pwa.ballyrewards.com/chicago/ Message: <link rel=preload> must have a valid `as` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
casinos.ballys.com
clientstream.launchdarkly.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
nhtbk7csw8.execute-api.us-east-2.amazonaws.com
qa.pwa.ballyrewards.com
151.101.130.217
151.101.3.52
18.224.113.188
18.233.115.216
2a00:1450:4001:80b::200a
2a00:1450:4001:830::2003
44.240.208.99
76.223.31.44
095d56960b20340ca25cd74b20ce58e6c7add0c44111ecd6f186fe38eca7be42
1d1d45d86cc68def3dbc4a11491f70931fe1bb51b11f756bfc6118bf9a216012
1f93d0dfc0f53193816217098f3bb98dbbf832a67e181469272a4e7a195e232a
2bb6d79e375b8753a7f372fc60ac98e8b98d9e077d901eecaa84bc19f3721396
3c52edb10abffd83261f31b57f05be2fe5c99f41b33f686eb4ccc0dc0c94fa2f
4f4be2040c3a97536e22981a456cea9eedd56d5b62d785f70444418440a38066
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
60a9ed04348dedf18d168ca1ed2c8a9704da57dbc9415c77a3083d624b2ffab0
73cb38c0ec784082fc5acc842002240afd07c60fb8326906d55b1f0cffc6aa14
77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8adbb402fbd9be91dd7bfff54d0fb891c6aed9e94a6e9a3e31e121cd61ab0200
9b117b0d059579977c18244ffbf43d839fc93f243ce555e3615a131fe2bf39de
a7e955d1669395bc38833354a336b365b6374546d1f9c36e87d9cf9a944c33ab
a9e190a7d45dc39d200588dde365771c861834dc3b6ebe8d6c2bd6f3a2b5e867
aea6019946baf77625346cc7aa4ed1567d5ddab5d582745fe41b6d0b51f98958
cf170081f5bdcfefaa3a9bfe816acb1139802d77320c373aa1b7bff6f60869d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f28e0c34bef84fe590a2427c3be6d2648377f5d852dece148012d2fea4699856
f40c958d3a97ac584bfbfd9b8579f572aa9a53fcd8a01d2acb9738d2ac3eb2e7
fb617d3c6a1daaec65ab534713adb59954d412035bcfa98428574ddb9560940c
fcf399c6912283b2b0344d6b9dcb159d8762e080dc404e3215713847a4d4cb72

qa.pwa.ballyrewards.com Open in urlscan Pro 44.240.208.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

25 %IPv6

6 Domains

8 Subdomains

8 IPs

2 Countries

1534 kBTransfer

1837 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qa.pwa.ballyrewards.com Open in urlscan Pro
44.240.208.99 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1534 kB
Transfer

1837 kB
Size

0
Cookies

31 HTTP transactions
0 data transactions