qa.pwa.ballyrewards.com Open in urlscan Pro
35.161.158.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://qa.pwa.ballyrewards.com/
Effective URL:
https://qa.pwa.ballyrewards.com/chicago/
Submission: On March 14 via api (March 14th 2024, 5:01:07 am UTC) from IN — Scanned from DE

Summary HTTP 31 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 31 HTTP transactions. The main IP is 35.161.158.123, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is qa.pwa.ballyrewards.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 12th 2023. Valid for: a year.

This is the only time qa.pwa.ballyrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 15	35.161.158.123 35.161.158.123	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	3.15.36.135 3.15.36.135	16509 (AMAZON-02) (AMAZON-02)
4	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
4	35.173.153.33 35.173.153.33	14618 (AMAZON-AES) (AMAZON-AES)
6	151.101.67.52 151.101.67.52	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
31	8

15 35.161.158.123 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-158-123.us-west-2.compute.amazonaws.com

qa.pwa.ballyrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.15.36.135 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-36-135.us-east-2.compute.amazonaws.com

nhtbk7csw8.execute-api.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.173.153.33 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-153-33.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.67.52 (United States)

ASN54113 (FASTLY, US)

casinos.ballys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ballyrewards.com 3 redirects qa.pwa.ballyrewards.com	295 KB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 542 events.launchdarkly.com — Cisco Umbrella Rank: 945 clientstream.launchdarkly.com — Cisco Umbrella Rank: 962	2 KB
6	ballys.com casinos.ballys.com — Cisco Umbrella Rank: 579103	1 MB
2	amazonaws.com nhtbk7csw8.execute-api.us-east-2.amazonaws.com	2 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
31	6

	Domain	Requested by
15	qa.pwa.ballyrewards.com	3 redirects qa.pwa.ballyrewards.com
6	casinos.ballys.com	qa.pwa.ballyrewards.com
4	events.launchdarkly.com	qa.pwa.ballyrewards.com
4	app.launchdarkly.com	qa.pwa.ballyrewards.com
2	nhtbk7csw8.execute-api.us-east-2.amazonaws.com	qa.pwa.ballyrewards.com
1	clientstream.launchdarkly.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	qa.pwa.ballyrewards.com
31	8

This site contains links to these domains. Also see Links.

Domain
casinos.ballys.com

Subject Issuer	Validity	Valid
*.qa.pwa.ballyrewards.com Amazon RSA 2048 M03	`2023-12-12` - `2025-01-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.execute-api.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-06-01` - `2024-06-29`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M02	`2023-06-21` - `2024-07-20`	a year	crt.sh
casinos.ballys.com Certainly Intermediate R1	`2024-02-27` - `2024-03-28`	a month	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-08-09` - `2024-09-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://qa.pwa.ballyrewards.com/chicago/
Frame ID: CBD5F7EA9917141F528D732F58333378
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bally's Rewards

Page URL History Show full URLs

http://qa.pwa.ballyrewards.com/ HTTP 301
https://qa.pwa.ballyrewards.com/ HTTP 302
http://qa.pwa.ballyrewards.com/chicago/ HTTP 301
https://qa.pwa.ballyrewards.com/chicago/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

31
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1535 kB
Transfer

1840 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://casinos.ballys.com/chicago/rewards-club.htm
Title: Benefits

Search URL Search Domain Scan URL

URL: https://casinos.ballys.com/chicago/casino.htm
Title: Casino

Search URL Search Domain Scan URL

URL: https://casinos.ballys.com/chicago/dining.htm
Title: Dining

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://qa.pwa.ballyrewards.com/ HTTP 301
https://qa.pwa.ballyrewards.com/ HTTP 302
http://qa.pwa.ballyrewards.com/chicago/ HTTP 301
https://qa.pwa.ballyrewards.com/chicago/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
qa.pwa.ballyrewards.com/chicago/
Redirect Chain

http://qa.pwa.ballyrewards.com/
https://qa.pwa.ballyrewards.com/
http://qa.pwa.ballyrewards.com/chicago/
https://qa.pwa.ballyrewards.com/chicago/

1 KB
814 B

190ms
190ms

Document
text/html

35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: fcf399c6912283b2b0344d6b9dcb159d8762e080dc404e3215713847a4d4cb72

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 14 Mar 2024 05:01:01 GMT
etag: W/"65798a71-4bc"
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Thu, 14 Mar 2024 05:01:01 GMT
Location: https://qa.pwa.ballyrewards.com:443/chicago/
Server: awselb/2.0

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 81ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 05:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 03:20:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 05:01:01 GMT

GET
H2 200 main.9790e99b.js Show response
qa.pwa.ballyrewards.com/chicago/static/js/ 373 KB
132 KB 379ms
379ms Script
application/javascript 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: a9e190a7d45dc39d200588dde365771c861834dc3b6ebe8d6c2bd6f3a2b5e867

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
etag: W/"65798a71-5d431"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main.fa9c2544.css
qa.pwa.ballyrewards.com/chicago/static/css/ 68 KB
15 KB 378ms
378ms Stylesheet
text/css 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: cf170081f5bdcfefaa3a9bfe816acb1139802d77320c373aa1b7bff6f60869d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
etag: W/"65798a71-110b0"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 login-background.png
qa.pwa.ballyrewards.com/chicago/assets/ 0
24 KB 743ms
742ms Other
image/png 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/assets/login-background.png
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:01 GMT
last-modified: Wed, 13 Dec 2023 10:41:19 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a4f-5efe"
content-length: 24318
content-type: image/png

OPTIONS
H2 200 codes
nhtbk7csw8.execute-api.us-east-2.amazonaws.com/dev/property/ 0
0 361ms
116ms Preflight
application/json 3.15.36.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nhtbk7csw8.execute-api.us-east-2.amazonaws.com/dev/property/codes?isOneAppProperty=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.135 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-135.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: GET
Origin: https://qa.pwa.ballyrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 14 Mar 2024 05:01:02 GMT
x-amz-apigw-id: UmmmVGBRCYcEIeA=
x-amzn-requestid: 63d079cd-b593-4cf3-bc4c-e865acb23f37
x-amzn-trace-id: Root=1-65f2848e-68e7d28817177aac01fa5545

OPTIONS
H2 200 647e0cd2897d0613328bf965
app.launchdarkly.com/sdk/goals/ 0
0 169ms
114ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/647e0cd2897d0613328bf965

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://qa.pwa.ballyrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 14 Mar 2024 05:01:02 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220042-FRA
x-timer: S1710392462.457671,VS0,VE91

OPTIONS
H2 204 647e0cd2897d0613328bf965
events.launchdarkly.com/events/diagnostic/ 0
0 344ms
112ms Preflight 35.173.153.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/647e0cd2897d0613328bf965

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

35.173.153.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-153-33.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://qa.pwa.ballyrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 14 Mar 2024 05:01:02 GMT
strict-transport-security: max-age=31536000

GET
H2 200 widget1425820.js Show response
casinos.ballys.com/chicago/files/6823/ 4 KB
1 KB 483ms
420ms Script
application/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/chicago/files/6823/widget1425820.js?callback=widget1425820DataCallback

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2bb6d79e375b8753a7f372fc60ac98e8b98d9e077d901eecaa84bc19f3721396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 123058
x-cache: HIT, MISS
content-length: 723
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kfty2130023-PDK, cache-fra-etou8220129-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 05 Oct 2023 21:15:29 GMT
server
x-timer: S1710392462.458020,VS0,VE400
etag: "806e611d1f7d91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 4, 0

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiZGFmYThiODAtZTFiZi0xMWVlLWExYTMtZmQ1YWQxZDA4ZjFjIn0
app.launchdarkly.com/sdk/evalx/647e0cd2897d0613328bf965/contexts/ 0
0 177ms
124ms Preflight 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/647e0cd2897d0613328bf965/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiZGFmYThiODAtZTFiZi0xMWVlLWExYTMtZmQ1YWQxZDA4ZjFjIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://qa.pwa.ballyrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 14 Mar 2024 05:01:02 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220042-FRA
x-timer: S1710392462.457675,VS0,VE101

GET
H2 200 widget1440679.js Show response
casinos.ballys.com/chicago/files/6823/ 5 KB
887 B 493ms
429ms Script
application/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/chicago/files/6823/widget1440679.js?callback=widget1440679DataCallback

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f28e0c34bef84fe590a2427c3be6d2648377f5d852dece148012d2fea4699856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 123294
x-cache: HIT, MISS
content-length: 734
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780099-PDK, cache-fra-etou8220129-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Nov 2023 15:56:34 GMT
server
x-timer: S1710392462.458146,VS0,VE409
etag: "065d4fcdbcda1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 13, 0

GET
H2 200 widget1425847.js Show response
casinos.ballys.com/chicago/files/6823/ 2 KB
895 B 491ms
428ms Script
application/javascript 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/chicago/files/6823/widget1425847.js?callback=widget1425847DataCallback

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8adbb402fbd9be91dd7bfff54d0fb891c6aed9e94a6e9a3e31e121cd61ab0200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
via: 1.1 varnish, 1.1 varnish
age: 123294
x-cache: HIT, MISS
content-length: 737
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780058-PDK, cache-fra-etou8220129-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 Oct 2023 13:04:39 GMT
server
x-timer: S1710392462.458019,VS0,VE408
etag: "80d1c29b1fad91:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 26, 0

GET
H2 200 codes Show response
nhtbk7csw8.execute-api.us-east-2.amazonaws.com/dev/property/ 2 KB
2 KB 1821ms
1820ms Fetch
application/json 3.15.36.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nhtbk7csw8.execute-api.us-east-2.amazonaws.com/dev/property/codes?isOneAppProperty=true
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.15.36.135 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-36-135.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2d0782ab84f00bed0fcb5ce156b70a1034d26f50bf2b730701d4ee328dc34b8e

Request headers

Referer: https://qa.pwa.ballyrewards.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
x-api-key: DmumdQkMbD9NqJJ3LLTsSaiShreMBOJX2QJZ5L4x
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 14 Mar 2024 05:01:04 GMT
x-amzn-trace-id: Root=1-65f2848e-44df16126fa5b90131666517
x-amzn-requestid: f21320fb-57b3-496b-8807-be09b1a477df
content-length: 2156
x-amz-apigw-id: UmmmXF45iYcECRg=
content-type: application/json

GET
H2 200 exclusive-offer.png
qa.pwa.ballyrewards.com/chicago/assets/ 7 KB
7 KB 189ms
189ms Image
image/png 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/assets/exclusive-offer.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: aea6019946baf77625346cc7aa4ed1567d5ddab5d582745fe41b6d0b51f98958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:19 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a4f-1c80"
content-length: 7296
content-type: image/png

GET
H2 200 647e0cd2897d0613328bf965 Show response
app.launchdarkly.com/sdk/goals/ 2 B
178 B 212ms
212ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/647e0cd2897d0613328bf965

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://qa.pwa.ballyrewards.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 varnish
date: Thu, 14 Mar 2024 05:01:02 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: MISS
content-length: 26
x-served-by: cache-fra-etou8220042-FRA
x-timer: S1710392463.569374,VS0,VE192
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 0

POST
H2 202 647e0cd2897d0613328bf965 Show response
events.launchdarkly.com/events/diagnostic/ 0
344 B 121ms
121ms XHR
application/json 35.173.153.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/647e0cd2897d0613328bf965

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

35.173.153.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-153-33.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://qa.pwa.ballyrewards.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiZGFmYThiODAtZTFiZi0xMWVlLWExYTMtZmQ1YWQxZDA4ZjFjIn0 Show response
app.launchdarkly.com/sdk/evalx/647e0cd2897d0613328bf965/contexts/ 5 KB
1 KB 265ms
265ms XHR
application/json 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/647e0cd2897d0613328bf965/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiZGFmYThiODAtZTFiZi0xMWVlLWExYTMtZmQ1YWQxZDA4ZjFjIn0
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 970090463fc396c801a31777df1b551c4b8a965f9f185bf4bf6e990d5dccbcef

Request headers

Referer: https://qa.pwa.ballyrewards.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 720
x-served-by: cache-fra-eddf8230082-FRA, cache-fra-etou8220042-FRA
x-timer: S1710392463.579420,VS0,VE245
etag: "180dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H2 200 bally_buck_coin_inactive.bc745dec4bcbb4826f65.svg
qa.pwa.ballyrewards.com/chicago/static/media/ 12 KB
6 KB 189ms
189ms Image
image/svg+xml 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/media/bally_buck_coin_inactive.bc745dec4bcbb4826f65.svg
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: a7e955d1669395bc38833354a336b365b6374546d1f9c36e87d9cf9a944c33ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
etag: W/"65798a71-3160"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 bally_buck_coin.3c7bc7b35265ffc4edfb.svg
qa.pwa.ballyrewards.com/chicago/static/media/ 13 KB
6 KB 191ms
191ms Image
image/svg+xml 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/media/bally_buck_coin.3c7bc7b35265ffc4edfb.svg
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: 4f4be2040c3a97536e22981a456cea9eedd56d5b62d785f70444418440a38066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
etag: W/"65798a71-3257"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 icon.b51fafe3a29c1118769b.ttf
qa.pwa.ballyrewards.com/chicago/static/media/ 33 KB
33 KB 189ms
189ms Font
application/octet-stream 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/media/icon.b51fafe3a29c1118769b.ttf
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: 1f93d0dfc0f53193816217098f3bb98dbbf832a67e181469272a4e7a195e232a

Request headers

Referer: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Origin: https://qa.pwa.ballyrewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a71-823c"
content-length: 33340
content-type: application/octet-stream

GET
H2 200 BallyThrill_W_CdBd.f9f2e3e941aa63d5b1a3.woff2
qa.pwa.ballyrewards.com/chicago/static/media/ 23 KB
23 KB 190ms
190ms Font
font/woff2 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.pwa.ballyrewards.com/chicago/static/media/BallyThrill_W_CdBd.f9f2e3e941aa63d5b1a3.woff2
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: 9b117b0d059579977c18244ffbf43d839fc93f243ce555e3615a131fe2bf39de

Request headers

Referer: https://qa.pwa.ballyrewards.com/chicago/static/css/main.fa9c2544.css
Origin: https://qa.pwa.ballyrewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:53 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a71-5c18"
content-length: 23576
content-type: font/woff2

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://qa.pwa.ballyrewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 08:49:49 GMT
x-content-type-options: nosniff
age: 159073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 08:49:49 GMT

GET
H2 200 logo.png
qa.pwa.ballyrewards.com/chicago/assets/ 10 KB
10 KB 189ms
189ms Image
image/png 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/assets/logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: f40c958d3a97ac584bfbfd9b8579f572aa9a53fcd8a01d2acb9738d2ac3eb2e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:19 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a4f-27eb"
content-length: 10219
content-type: image/png

GET
H2 200 logo-white.png
qa.pwa.ballyrewards.com/chicago/assets/ 30 KB
30 KB 190ms
190ms Image
image/png 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/assets/logo-white.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: 73cb38c0ec784082fc5acc842002240afd07c60fb8326906d55b1f0cffc6aa14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:19 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a4f-771e"
content-length: 30494
content-type: image/png

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiZGFmYThiODAtZTFiZi0xMWVlLWExYTMtZmQ1YWQxZDA4ZjFjIn0
clientstream.launchdarkly.com/eval/647e0cd2897d0613328bf965/ 5 KB
0 239ms
131ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/647e0cd2897d0613328bf965/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiZGFmYThiODAtZTFiZi0xMWVlLWExYTMtZmQ1YWQxZDA4ZjFjIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://qa.pwa.ballyrewards.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:03 GMT
strict-transport-security: max-age=31536000
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-content-length
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 exclusive-offer.png
qa.pwa.ballyrewards.com/chicago/assets/ 7 KB
7 KB 189ms
189ms Image
image/png 35.161.158.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.pwa.ballyrewards.com/chicago/assets/exclusive-offer.png
Requested by: Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.158.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-158-123.us-west-2.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: aea6019946baf77625346cc7aa4ed1567d5ddab5d582745fe41b6d0b51f98958

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/chicago/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:02 GMT
last-modified: Wed, 13 Dec 2023 10:41:19 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "65798a4f-1c80"
content-length: 7296
content-type: image/png

GET
H2 200 Casino-1.png
casinos.ballys.com/chicago/files/6823/ 420 KB
421 KB 429ms
428ms Image
image/png 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/chicago/files/6823/Casino-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c52edb10abffd83261f31b57f05be2fe5c99f41b33f686eb4ccc0dc0c94fa2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
age: 0
x-cache: MISS, HIT
content-length: 430276
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780076-PDK, cache-fra-etou8220129-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Aug 2023 11:02:37 GMT
server
x-timer: S1710392463.890675,VS0,VE408
etag: "451ecfae67c4d91:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 Dining-1.png
casinos.ballys.com/chicago/files/6823/ 440 KB
441 KB 473ms
473ms Image
image/png 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/chicago/files/6823/Dining-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fb617d3c6a1daaec65ab534713adb59954d412035bcfa98428574ddb9560940c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
age: 0
x-cache: HIT, HIT
content-length: 450808
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780072-PDK, cache-fra-etou8220129-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Aug 2023 11:02:38 GMT
server
x-timer: S1710392463.890789,VS0,VE412
etag: "6af7feae67c4d91:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 10, 1

GET
H2 200 Rewards-1.png
casinos.ballys.com/chicago/files/6823/ 325 KB
325 KB 473ms
473ms Image
image/png 151.101.67.52
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/chicago/files/6823/Rewards-1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

095d56960b20340ca25cd74b20ce58e6c7add0c44111ecd6f186fe38eca7be42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.pwa.ballyrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 05:01:03 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
age: 0
x-cache: HIT, HIT
content-length: 332316
x-xss-protection: 1; mode=block
x-served-by: cache-pdk-kpdk1780116-PDK, cache-fra-etou8220129-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Aug 2023 11:02:41 GMT
server
x-timer: S1710392463.890792,VS0,VE410
etag: "28f33bb167c4d91:0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 10, 1

POST
H2 202 647e0cd2897d0613328bf965 Show response
events.launchdarkly.com/events/bulk/ 0
344 B 134ms
133ms XHR
application/json 35.173.153.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/647e0cd2897d0613328bf965

Requested by

Host: qa.pwa.ballyrewards.com
URL: https://qa.pwa.ballyrewards.com/chicago/static/js/main.9790e99b.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

35.173.153.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-153-33.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID: dc2bdf90-e1bf-11ee-a1a3-fd5ad1d08f1c
X-LaunchDarkly-Event-Schema: 4
accept-language: de-DE,de;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json
Referer: https://qa.pwa.ballyrewards.com/
X-LaunchDarkly-Wrapper: react-client-sdk/3.0.10

Response headers

date: Thu, 14 Mar 2024 05:01:04 GMT
strict-transport-security: max-age=31536000
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 647e0cd2897d0613328bf965
events.launchdarkly.com/events/bulk/ 0
0 113ms
113ms Preflight 35.173.153.33
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/647e0cd2897d0613328bf965

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

35.173.153.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-153-33.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://qa.pwa.ballyrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 14 Mar 2024 05:01:04 GMT
strict-transport-security: max-age=31536000

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkballys_chicago

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://qa.pwa.ballyrewards.com/chicago/ Message: <link rel=preload> must have a valid `as` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
casinos.ballys.com
clientstream.launchdarkly.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
nhtbk7csw8.execute-api.us-east-2.amazonaws.com
qa.pwa.ballyrewards.com
151.101.2.217
151.101.67.52
2a00:1450:4001:80b::2003
2a00:1450:4001:829::200a
3.15.36.135
35.161.158.123
35.173.153.33
76.223.31.44
095d56960b20340ca25cd74b20ce58e6c7add0c44111ecd6f186fe38eca7be42
1f93d0dfc0f53193816217098f3bb98dbbf832a67e181469272a4e7a195e232a
2bb6d79e375b8753a7f372fc60ac98e8b98d9e077d901eecaa84bc19f3721396
2d0782ab84f00bed0fcb5ce156b70a1034d26f50bf2b730701d4ee328dc34b8e
3c52edb10abffd83261f31b57f05be2fe5c99f41b33f686eb4ccc0dc0c94fa2f
4f4be2040c3a97536e22981a456cea9eedd56d5b62d785f70444418440a38066
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
73cb38c0ec784082fc5acc842002240afd07c60fb8326906d55b1f0cffc6aa14
77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8adbb402fbd9be91dd7bfff54d0fb891c6aed9e94a6e9a3e31e121cd61ab0200
970090463fc396c801a31777df1b551c4b8a965f9f185bf4bf6e990d5dccbcef
9b117b0d059579977c18244ffbf43d839fc93f243ce555e3615a131fe2bf39de
a7e955d1669395bc38833354a336b365b6374546d1f9c36e87d9cf9a944c33ab
a9e190a7d45dc39d200588dde365771c861834dc3b6ebe8d6c2bd6f3a2b5e867
aea6019946baf77625346cc7aa4ed1567d5ddab5d582745fe41b6d0b51f98958
cf170081f5bdcfefaa3a9bfe816acb1139802d77320c373aa1b7bff6f60869d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f28e0c34bef84fe590a2427c3be6d2648377f5d852dece148012d2fea4699856
f40c958d3a97ac584bfbfd9b8579f572aa9a53fcd8a01d2acb9738d2ac3eb2e7
fb617d3c6a1daaec65ab534713adb59954d412035bcfa98428574ddb9560940c
fcf399c6912283b2b0344d6b9dcb159d8762e080dc404e3215713847a4d4cb72

qa.pwa.ballyrewards.com Open in urlscan Pro 35.161.158.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

25 %IPv6

6 Domains

8 Subdomains

8 IPs

2 Countries

1535 kBTransfer

1840 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qa.pwa.ballyrewards.com Open in urlscan Pro
35.161.158.123 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1535 kB
Transfer

1840 kB
Size

0
Cookies

31 HTTP transactions
0 data transactions