casinos.ballys.com Open in urlscan Pro
205.185.216.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.doverdowns.com/
Effective URL:
https://casinos.ballys.com/dover/
Submission: On November 11 via api (November 11th 2022, 11:05:17 am UTC) from US — Scanned from DE

Summary HTTP 48 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 48 HTTP transactions. The main IP is 205.185.216.10, located in United States and belongs to STACKPATH-CDN, US. The main domain is casinos.ballys.com. The Cisco Umbrella rank of the primary domain is 437222.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 15th 2022. Valid for: a year.

This is the only time casinos.ballys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	72.52.10.14 72.52.10.14	32787 (PROLEXIC-...) (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK)
24	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
8	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 3	52.211.12.99 52.211.12.99	16509 (AMAZON-02) (AMAZON-02)
1	34.242.111.67 34.242.111.67	16509 (AMAZON-02) (AMAZON-02)
3	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	34.249.11.23 34.249.11.23	16509 (AMAZON-02) (AMAZON-02)
4	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
48	11

1 72.52.10.14 (United States) 1 redirects

ASN32787 (PROLEXIC-TECHNOLOGIES-DDOS-MITIGATION-NETWORK, US)
PTR: a72-52-10-14.deploy.static.akamaitechnologies.com

www.doverdowns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

casinos.ballys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

app.hospitalitysem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.211.12.99 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.242.111.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-111-67.eu-west-1.compute.amazonaws.com

vizergy.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

sstats.vizergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.11.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-11-23.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

www.vizergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ballys.com casinos.ballys.com — Cisco Umbrella Rank: 437222	2 MB
8	hospitalitysem.com app.hospitalitysem.com — Cisco Umbrella Rank: 242400	37 KB
7	vizergy.com sstats.vizergy.com — Cisco Umbrella Rank: 182562 www.vizergy.com — Cisco Umbrella Rank: 519287	34 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 197 vizergy.demdex.net — Cisco Umbrella Rank: 169355	6 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 ajax.googleapis.com — Cisco Umbrella Rank: 304	35 KB
2	gstatic.com fonts.gstatic.com	27 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1007	517 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	54 KB
1	doverdowns.com 1 redirects www.doverdowns.com	555 B
48	9

	Domain	Requested by
24	casinos.ballys.com	casinos.ballys.com
8	app.hospitalitysem.com	casinos.ballys.com www.vizergy.com
4	www.vizergy.com	casinos.ballys.com www.vizergy.com
3	sstats.vizergy.com	casinos.ballys.com
3	dpm.demdex.net	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	casinos.ballys.com www.vizergy.com
1	ajax.googleapis.com	www.vizergy.com
1	cm.everesttech.net	1 redirects
1	vizergy.demdex.net	casinos.ballys.com
1	www.googletagmanager.com	casinos.ballys.com
1	www.doverdowns.com	1 redirects
48	12

This site contains links to these domains. Also see Links.

Domain
www.ballys.com
onlinegaming.ballysdover.com
recruiting.ultipro.com
reservations.ballysdover.com
ballysdover.pcwebserv.com
onlinegaming.doverdowns.com
g.page
www.instagram.com
www.facebook.com
twitter.com
investors.twinriverwwholdings.com
www.vizergy.com

Subject Issuer	Validity	Valid
casinos.ballys.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-15` - `2023-07-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
app.hospitalitysem.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
sstats.vizergy.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-23` - `2023-10-24`	a year	crt.sh
www.vizergy.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-27` - `2023-10-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://casinos.ballys.com/dover/
Frame ID: D22F7625BCEE29A6473C2BCEDB9F8CE0
Requests: 33 HTTP requests in this frame

Frame: https://vizergy.demdex.net/dest5.html?d_nsid=0
Frame ID: 434439B1AF33C8DD3C62255C61FCBD0F
Requests: 1 HTTP requests in this frame

Frame: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
Frame ID: A6BB9CB6802E87A3D73289BA83B38989
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play & Stay at Delaware's Largest Casino | Bally's Dover Casino Resort

Page URL History Show full URLs

http://www.doverdowns.com/ HTTP 301
https://casinos.ballys.com/dover/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

96 %
HTTPS

33 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

2245 kB
Transfer

3373 kB
Size

19
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ballys.com/home/default.aspx
Title: Ballys.com

Search URL Search Domain Scan URL

URL: https://www.ballys.com/about/casinos-resorts/default.aspx
Title: Locations

Search URL Search Domain Scan URL

URL: https://onlinegaming.ballysdover.com/
Title: Online Gaming

Search URL Search Domain Scan URL

URL: https://recruiting.ultipro.com/TWI1006TRWH/JobBoard/b9cc79c4-75a2-4800-8508-16504f7a2d90/?q=&o=postedDateDesc&w=&wc=&we=&wpst=&f4=7uOCy6RBfVKfD3vU5pt4Dw
Title: Careers

Search URL Search Domain Scan URL

URL: https://reservations.ballysdover.com/cgi-bin/LANSAWEB?PROCFUN+rn+resnet+res+funcparms+UP%28A2560%29:;TRANS14;;;;;;?
Title: Book Now

Search URL Search Domain Scan URL

URL: https://ballysdover.pcwebserv.com/admin/login
Title: Player Portal

Search URL Search Domain Scan URL

URL: http://onlinegaming.doverdowns.com/
Title: Online Gaming

Search URL Search Domain Scan URL

URL: https://g.page/DoverDowns?share
Title: Map

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ballysdover/
Title: @ballysdover

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BallysDover
Title: Bally's Dover Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/BallysDover
Title: Bally's Dover Twitter

Search URL Search Domain Scan URL

URL: https://investors.twinriverwwholdings.com/home/default.aspx
Title: Investors

Search URL Search Domain Scan URL

URL: https://www.vizergy.com/hotel-website-design.htm
Title: Website Design

Search URL Search Domain Scan URL

URL: https://www.vizergy.com/
Title: Vizergy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.doverdowns.com/ HTTP 301
https://casinos.ballys.com/dover/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1C1238B352785AA60A490D4C%40AdobeOrg&d_nsid=0&ts=1668164711320 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1C1238B352785AA60A490D4C%40AdobeOrg&d_nsid=0&ts=1668164711320

Request Chain 28

https://cm.everesttech.net/cm/dd?d_uuid=51987993178559786821856442854012052278 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y24sZwAAALiMfwN-

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
casinos.ballys.com/dover/
Redirect Chain

http://www.doverdowns.com/
https://casinos.ballys.com/dover/

519 KB
80 KB

1246ms
960ms

Document
text/html

205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

184023cc194abd5c6d81d800b885d3bdcecb3117c95d6244b9d086c1419f59c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
content-length: 81144
content-type: text/html
date: Fri, 11 Nov 2022 11:05:09 GMT
etag: "805cb64580f4d81:0"
last-modified: Wed, 09 Nov 2022 21:14:37 GMT
referrer-policy: no-referrer-when-downgrade
server
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-hw: 1668164709.dop164.fr8.t,1668164709.cds166.fr8.hn,1668164709.cds155.fr8.c
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 122
Content-Security-Policy: script-src 'self'
Content-Type: text/html; charset=utf-8
Date: Fri, 11 Nov 2022 11:05:09 GMT
Expires: -1
Keep-Alive: timeout=5
Location: https://casinos.ballys.com/dover/
Pragma: no-cache
Vary: Accept
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
cache-control: no-cache, no-store, must-revalidate

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 132ms
47ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400|Oswald:700

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

989864d87bd38077377c38c0d39acb7c4020ba724171680f6b1245a2163d2806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 11:05:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Nov 2022 11:05:10 GMT

GET
H2 200 DelawareLotteryLogo-Stroke.png
casinos.ballys.com/dover/files/6408/ 12 KB
13 KB 49ms
49ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/dover/files/6408/DelawareLotteryLogo-Stroke.png

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2ad5081ac2db9ef21f79a8a9335889ef1fd81c4040feb3f9bfded75d060fdd89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Jan 2022 22:08:23 GMT
server
etag: "61a77510ef16d81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds139.fr8.c
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 12784
x-xss-protection: 1; mode=block

GET
H2 200 combined-home.js Show response
casinos.ballys.com/dover/files/6408/ 237 KB
60 KB 41ms
41ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/6408/combined-home.js?dt=202006020820

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

7b32aa87c2e2ac11ed29b6ef0b1f03af484439dfcf964e57e8d3c4f8ba658d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Nov 2022 21:14:26 GMT
server
etag: "0e5273f80f4d81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds135.fr8.c
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 61377
x-xss-protection: 1; mode=block

GET
H2 200 javascript-iframeResizer.parent.js Show response
app.hospitalitysem.com/forms/ 27 KB
8 KB 413ms
68ms Script
application/x-javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hospitalitysem.com/forms/javascript-iframeResizer.parent.js

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

1e3e4ba4b097c899520a81e88c6e94823f990083634f503bb625357f08c0be37

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Feb 2021 16:45:30 GMT
server
strict-transport-security: max-age=86400
etag: "0f13624ccffd61:0"
x-hw: 1668164711.dop142.fr8.t,1668164711.cds158.fr8.hn,1668164711.cds242.fr8.c
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7619
x-xss-protection: 1; mode=block

GET
H2 200 combined.js Show response
casinos.ballys.com/dover/files/templates/2062/ 112 KB
31 KB 49ms
48ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/templates/2062/combined.js

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

649463e34657a9302094f7f17315dfac6d5bc7744510d4fe23dd447d44f43bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Nov 2022 21:14:36 GMT
server
etag: "0c61d4580f4d81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds057.fr8.c
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 31762
x-xss-protection: 1; mode=block

GET
H2 200 visitorapi.js Show response
casinos.ballys.com/dover/ 60 KB
19 KB 56ms
55ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/visitorapi.js?dt=202004151000

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

9706635cf0fb661636ddd5f95f314c4d2c996a96d6807c6cdd08cbab71670c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Nov 2022 21:42:20 GMT
server
etag: "06f02484f4d81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds261.fr8.c
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 19803
x-xss-protection: 1; mode=block

GET
H2 200 appmeasurement.js Show response
casinos.ballys.com/dover/ 57 KB
21 KB 56ms
55ms Script
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/appmeasurement.js?dt=202004271600

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

ee8659d9fbf2571bbfe2d5f2d4cc12cd12b82699016a601ebe9a510e1c6e9373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Nov 2022 21:42:20 GMT
server
etag: "06f02484f4d81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds166.fr8.c
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 21129
x-xss-protection: 1; mode=block

GET
H2 200 print.css
casinos.ballys.com/dover/files/templates/2062/ 1 KB
654 B 62ms
61ms Stylesheet
text/css 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/templates/2062/print.css

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2952be0e630b34ec1dc0987aeb7273a3626b1e418e8156b8c77545b74fdc53e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Sep 2021 13:59:51 GMT
server
etag: "80a5caf6cba0d71:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds258.fr8.c
content-type: text/css
cache-control: no-cache
accept-ranges: bytes
content-length: 506
x-xss-protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 139 KB
54 KB 140ms
53ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NP4WWJR

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c202b23a46bc2931f3af0b7e5803ba42a0e47db246c1ecae6236b6fd6b9eeaf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54444
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Nov 2022 11:05:11 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 BallyThrill_W_CdXBd.woff2
casinos.ballys.com/dover/files/templates/2062/ 23 KB
23 KB 56ms
55ms Font
application/font-woff2 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/templates/2062/BallyThrill_W_CdXBd.woff2

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

314fb096eb0ae7be07c486e121c88c3a6d786042ea6a59039ec5ec2cf0c2c9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casinos.ballys.com/dover/
Origin: https://casinos.ballys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Sep 2022 18:55:50 GMT
server
etag: "bf2566ed6bd3d81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds210.fr8.c
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
content-length: 23220
x-xss-protection: 1; mode=block

GET
H2 200 BallyThrill_W_Bd.woff2
casinos.ballys.com/dover/files/templates/2062/ 23 KB
23 KB 71ms
70ms Font
application/font-woff2 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/templates/2062/BallyThrill_W_Bd.woff2

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

b4ae9708dbe649d403050094f2baffc2cbba42239c047146835821cb28063228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casinos.ballys.com/dover/
Origin: https://casinos.ballys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Sep 2022 18:55:45 GMT
server
etag: "acab56ea6bd3d81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds232.fr8.c
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
content-length: 23608
x-xss-protection: 1; mode=block

GET
H2 200 BallyThrill_W_Rg.woff2
casinos.ballys.com/dover/files/templates/2062/ 22 KB
22 KB 66ms
65ms Font
application/font-woff2 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/templates/2062/BallyThrill_W_Rg.woff2

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

efe3af706e55709699ff6edbb099b58baa3067ef663808905e56116781e1f146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casinos.ballys.com/dover/
Origin: https://casinos.ballys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Sep 2022 18:55:58 GMT
server
etag: "4a304af26bd3d81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds277.fr8.c
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
content-length: 22520
x-xss-protection: 1; mode=block

GET
H2 200 20648000_ImageLargeWidth.jpg
casinos.ballys.com/dover/files/6408/ 710 KB
710 KB 54ms
53ms Image
image/jpeg 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/dover/files/6408/20648000_ImageLargeWidth.jpg

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

12ac8c14774a19c98537cff78b4e64008ea24b532919f5a290e0080373bdd10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Apr 2022 19:19:03 GMT
server
etag: "76555ad85848d81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds151.fr8.c
content-type: image/jpeg
cache-control: no-cache
accept-ranges: bytes
content-length: 726909
x-xss-protection: 1; mode=block

GET
H2 200 BallyThrill_W_CdBd.woff2
casinos.ballys.com/dover/files/templates/2062/ 23 KB
23 KB 85ms
85ms Font
application/font-woff2 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/templates/2062/BallyThrill_W_CdBd.woff2

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

9b117b0d059579977c18244ffbf43d839fc93f243ce555e3615a131fe2bf39de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casinos.ballys.com/dover/
Origin: https://casinos.ballys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 28 Sep 2022 18:56:02 GMT
server
etag: "bb3d6ef46bd3d81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds249.fr8.c
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
content-length: 23604
x-xss-protection: 1; mode=block

GET
H2 200 fa-light-300.woff2
casinos.ballys.com/dover/files/templates/2062/ 92 KB
92 KB 116ms
116ms Font
application/font-woff2 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/templates/2062/fa-light-300.woff2

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2f3d5fef7692918616eaa963e436ca2e166a6a446d6162f4d68734b145cc4625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casinos.ballys.com/dover/
Origin: https://casinos.ballys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 18:53:24 GMT
server
etag: "139a9d4c5aad41:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds057.fr8.c
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
content-length: 94203
x-xss-protection: 1; mode=block

GET
H2 200 fa-brands-400.woff2
casinos.ballys.com/dover/files/templates/2062/ 62 KB
62 KB 106ms
105ms Font
application/font-woff2 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/templates/2062/fa-brands-400.woff2

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

c99447c0467a6686ac287c918f58863746f4a110da909e45d3e40e110d1d2e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casinos.ballys.com/dover/
Origin: https://casinos.ballys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 18:53:31 GMT
server
etag: "97460505aad41:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164710.dop164.fr8.t,1668164710.cds166.fr8.hn,1668164710.cds107.fr8.c
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
content-length: 63486
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1C1238B352785AA60A490D4C%40AdobeOrg&d_nsid=0&ts=1668164711320
https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1C1238B352785AA60A490D4C%40AdobeOrg&d_nsid=0&ts=1668164711320

366 B
1 KB

58ms
58ms

XHR
application/json

52.211.12.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1C1238B352785AA60A490D4C%40AdobeOrg&d_nsid=0&ts=1668164711320

Protocol

HTTP/1.1

Server

52.211.12.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9f9ae6e6f10e08d565db77311be674c11f58786def5c0973db703b6a081a6643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-02fc48b13.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: EuIJfgz/SVM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://casinos.ballys.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 311
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-02cc342ef.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: mEQJZGS1Rvs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://casinos.ballys.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1C1238B352785AA60A490D4C%40AdobeOrg&d_nsid=0&ts=1668164711320
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 ajax-loader.gif
casinos.ballys.com/dover/files/widgets/5551/ 4 KB
4 KB 41ms
41ms Image
image/gif 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/dover/files/widgets/5551/ajax-loader.gif

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Sep 2021 18:43:42 GMT
server
etag: "62c432742aa0d71:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164711.dop164.fr8.t,1668164711.cds166.fr8.hn,1668164711.cds161.fr8.c
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 4178
x-xss-protection: 1; mode=block

GET
H2 200 cdn-cache.aspx Show response
casinos.ballys.com/dover/ 162 B
337 B 393ms
392ms XHR
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/cdn-cache.aspx?url=https%3A%2F%2Fcms.vizergy.com%2Ftime%2Findex.aspx%3FtimezoneName%3DEastern%20Standard%20Time%26callback%3DTimeEasternStandardTimeModalPopup30PremiumWidget1211484&cacheseconds=30

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/files/6408/combined-home.js?dt=202006020820

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2bc90b83bc2227d8ffd49998d404af4fd163271cc42c833b23797ec421aebf7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://casinos.ballys.com/dover/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server
x-frame-options: SAMEORIGIN
x-hw: 1668164711.dop164.fr8.t,1668164711.cds166.fr8.hn,1668164711.cds215.fr8.s,1668164711.dop022.at2.r,1668164711.cds007.at2.p,1668164711.cds215.fr8.p
content-type: text/javascript; charset=utf-8
cache-control: private, s-maxage=30,no-cache
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 widget1211679.js Show response
casinos.ballys.com/dover/files/6408/ 51 KB
9 KB 494ms
494ms XHR
application/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/6408/widget1211679.js?callback=widget1211679DataCallback&_=1668164710988

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/files/6408/combined-home.js?dt=202006020820

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

6faef25fd006a51a52e656231327e9eaf4a6e248361633ef1d992cb7ef5960df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://casinos.ballys.com/dover/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 31 Oct 2022 12:46:11 GMT
server
etag: "1667220371"
x-frame-options: SAMEORIGIN
x-hw: 1668164711.dop164.fr8.t,1668164711.cds166.fr8.hn,1668164711.cds012.fr8.s,1668164711.dop213.at2.r,1668164711.cds221.at2.p,1668164711.cds012.fr8.s,1668164711.dop213.at2.r,1668164711.cds221.at2.p,1668164711.cds012.fr8.p
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 8686
x-xss-protection: 1; mode=block

GET
H2 200 fa-regular-400.woff2
casinos.ballys.com/dover/files/templates/2062/ 87 KB
87 KB 41ms
40ms Font
application/font-woff2 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://casinos.ballys.com/dover/files/templates/2062/fa-regular-400.woff2

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

71b95feb5096d4e3f1638a20e890e424479e08bcacaf2f68275efd8e147b44de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casinos.ballys.com/dover/
Origin: https://casinos.ballys.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 18:53:17 GMT
server
etag: "72dd2c485aad41:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164711.dop164.fr8.t,1668164711.cds166.fr8.hn,1668164711.cds135.fr8.c
content-type: application/font-woff2
cache-control: no-cache
accept-ranges: bytes
content-length: 88682
x-xss-protection: 1; mode=block

GET
H2 200 logoDover-WhiteH.png
casinos.ballys.com/dover/files/6408/ 40 KB
40 KB 54ms
51ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/dover/files/6408/logoDover-WhiteH.png

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

360070a9bf365e0eef0305203ce5101e7c45a64cab98b2ecdcd998b1475f5706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Sep 2021 18:13:22 GMT
server
etag: "3568705bcbb3d71:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164711.dop164.fr8.t,1668164711.cds166.fr8.hn,1668164711.cds247.fr8.c
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 40892
x-xss-protection: 1; mode=block

GET
H2 200 dice.png
casinos.ballys.com/dover/files/6408/ 126 KB
126 KB 44ms
41ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/dover/files/6408/dice.png

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

9e629da00cf823ee91fd1587841f530c08d0ec9ecedf33c20da03b8997e691f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Sep 2021 15:44:40 GMT
server
etag: "27ddb946489fd71:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164711.dop164.fr8.t,1668164711.cds166.fr8.hn,1668164711.cds262.fr8.c
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 128763
x-xss-protection: 1; mode=block

GET
H2 200 playingCards.png
casinos.ballys.com/dover/files/6408/ 161 KB
162 KB 45ms
44ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/dover/files/6408/playingCards.png

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

107ee564755b7afcc8909f721ca2a71e38bd7e95d808d40f46830befdcc820c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Sep 2021 15:42:09 GMT
server
etag: "536294ec479fd71:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164711.dop164.fr8.t,1668164711.cds166.fr8.hn,1668164711.cds137.fr8.c
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 165290
x-xss-protection: 1; mode=block

GET
H2 200 gameToken.png
casinos.ballys.com/dover/files/6408/ 240 KB
240 KB 51ms
51ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/dover/files/6408/gameToken.png

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

cb044c5f800aa96e0c7bdecbf65aa551792446ac2eb033c3bfa108fc0b77a849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Sep 2021 15:42:08 GMT
server
etag: "d9c51aec479fd71:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164711.dop164.fr8.t,1668164711.cds166.fr8.hn,1668164711.cds245.fr8.c
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 245409
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK dest5.html Show response
vizergy.demdex.net/ Frame 4344 7 KB
3 KB 293ms
55ms Document
text/html 34.242.111.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vizergy.demdex.net/dest5.html?d_nsid=0

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/visitorapi.js?dt=202004151000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.242.111.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-242-111-67.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://casinos.ballys.com/dover/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v045-06452629d.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5u5zfEoGSvY=
content-encoding: gzip
date: Fri, 11 Nov 2022 11:05:11 GMT
last-modified: Fri, 28 Oct 2022 13:34:30 GMT
vary: accept-encoding

GET
H2 200 id Show response
sstats.vizergy.com/ 48 B
467 B 181ms
50ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.vizergy.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=1C1238B352785AA60A490D4C%40AdobeOrg&mid=49615852684636754601530563188787810248&ts=1668164711683

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/visitorapi.js?dt=202004151000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

0be6d430074d4936460904179330f187695864138cf6ffadadcc6e36f52b7da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casinos.ballys.com/dover/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Nov 2022 11:05:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://casinos.ballys.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y24sZwAAALiMfwN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=51987993178559786821856442854012052278
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y24sZwAAALiMfwN-

42 B
942 B

59ms
58ms

Image
image/gif

52.211.12.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y24sZwAAALiMfwN-

Protocol

HTTP/1.1

Server

52.211.12.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-12-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-00c503e2b.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ec7LEl5UTjc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y24sZwAAALiMfwN-
Date: Fri, 11 Nov 2022 11:05:11 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s93987678998214
sstats.vizergy.com/b/ss/vizballys.com-dover/1/JS-2.20.0/ 43 B
324 B 50ms
50ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sstats.vizergy.com/b/ss/vizballys.com-dover/1/JS-2.20.0/s93987678998214?AQB=1&ndh=1&pf=1&t=11%2F10%2F2022%2011%3A5%3A11%205%200&mid=49615852684636754601530563188787810248&aamlh=6&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=home&g=https%3A%2F%2Fcasinos.ballys.com%2Fdover%2F&ch=home&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=casinos.ballys.com&v1=casinos.ballys.com&h1=home&c12=New&c13=1&c14=New%20Visitor&c15=6%3A00AM&c16=Friday%20&c17=Weekday&v20=New&v21=1&v22=New%20Visitor&v23=6%3A00AM&c24=49615852684636754601530563188787810248&v24=Friday%20&v25=Weekday&v28=Direct&v29=Direct&v30=Direct&v36=Direct&v37=Direct&v47=49615852684636754601530563188787810248&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=1C1238B352785AA60A490D4C%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:05:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 12 Nov 2022 11:05:11 GMT
server: jag
etag: 3582356440935890944-4619700772491289431
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 11:05:11 GMT

GET
H2 200 cdn-cache.aspx Show response
casinos.ballys.com/dover/ 163 B
315 B 371ms
371ms XHR
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/files/6408/combined-home.js?dt=202006020820

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

3dca19cb5262947416dbc07fb4d052c5da055ff46c5fa0b76f5995373f5216b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://casinos.ballys.com/dover/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
server
x-frame-options: SAMEORIGIN
x-hw: 1668164712.dop164.fr8.t,1668164712.cds166.fr8.hn,1668164712.cds254.fr8.s,1668164712.dop208.at2.r,1668164712.cds223.at2.p,1668164712.cds254.fr8.p
content-type: text/javascript; charset=utf-8
cache-control: private, s-maxage=30,no-cache
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 index.aspx Show response
www.vizergy.com/forms/ Frame A6BB 29 KB
14 KB 625ms
525ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Requested by

Host: casinos.ballys.com
URL: https://casinos.ballys.com/dover/files/6408/combined-home.js?dt=202006020820

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

a4f85a1df3d90d3841c2c0caa46b306fe86c1c00fcb970d605dd023f7bf00285

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://casinos.ballys.com/dover/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache,private,no-store,must-revalidate,max-stale=0,post-check=0,pre-check=0,no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 11 Nov 2022 11:05:14 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CAO PSA OUR"
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: fbs
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-content-type-options: nosniff
x-hw: 1668164714.cds228.fr8.hn,1668164714.cds167.fr8.sc,1668164714.cdn2-wafbe01-fra1.stackpath.systems.-.wx,1668164714.cds167.fr8.p
x-xss-protection: 1; mode=block

GET
H2 200 bgStickersRed.png
casinos.ballys.com/dover/files/templates/2062/ 205 KB
205 KB 43ms
40ms Image
image/png 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://casinos.ballys.com/dover/files/templates/2062/bgStickersRed.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

e85ad142382c4a507e066507d9b4d6ece83a09e7fd91c7e8cf67504cdc16dd08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:14 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Jan 2022 20:43:47 GMT
server
etag: "65fd84275dd81:0"
x-frame-options: SAMEORIGIN
x-hw: 1668164714.dop164.fr8.t,1668164714.cds166.fr8.hn,1668164714.cds247.fr8.c
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 209653
x-xss-protection: 1; mode=block

GET
H2 200 WebResource.axd Show response
www.vizergy.com/forms/ Frame A6BB 23 KB
6 KB 523ms
515ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vizergy.com/forms/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZPKJoFVKzIqMgEd0fdc0ArJiME90CdLzaYV7HN5KIEkcTmibEA2&t=637814473746327080

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 26 Feb 2022 09:42:54 GMT
server: fbs
strict-transport-security: max-age=86400
x-hw: 1668164714.cds228.fr8.hn,1668164714.cds227.fr8.sc,1668164715.waf1-node03-fra02.stackpath.systems.-.wx,1668164715.cds227.fr8.p
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,no-cache
content-length: 6007
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 03:34:35 GMT

GET
H2 200 javascript-iframeResizer.child.js Show response
app.hospitalitysem.com/forms/ Frame A6BB 33 KB
9 KB 51ms
43ms Script
application/x-javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hospitalitysem.com/forms/javascript-iframeResizer.child.js

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

a87046269f6237cbb6e2a07648833051bdded4c9f19b5b7fd79411d51be9f901

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Feb 2021 16:45:30 GMT
server
strict-transport-security: max-age=86400
etag: "0f13624ccffd61:0"
x-hw: 1668164714.dop142.fr8.t,1668164714.cds158.fr8.hn,1668164714.cds245.fr8.c
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9019
x-xss-protection: 1; mode=block

GET
H2 200 javascript-common.js Show response
app.hospitalitysem.com/forms/ Frame A6BB 692 B
466 B 51ms
42ms Script
application/x-javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hospitalitysem.com/forms/javascript-common.js

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

962a9dc54be7401e9b23c30c0062a75ed74e922d210481eb436741afd8fcdcf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Feb 2021 16:45:30 GMT
server
strict-transport-security: max-age=86400
etag: "0f13624ccffd61:0"
x-hw: 1668164714.dop142.fr8.t,1668164714.cds158.fr8.hn,1668164714.cds201.fr8.c
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 351
x-xss-protection: 1; mode=block

GET
H2 200 index.js Show response
www.vizergy.com/forms/javascript/ Frame A6BB 26 KB
5 KB 503ms
495ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vizergy.com/forms/javascript/index.js?dt=20220107

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

d96d81d7c1d57848b9073211340981f41e5c15f3bfdcb1624c370022792c7199

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Sep 2022 15:53:07 GMT
server: fbs
strict-transport-security: max-age=86400
etag: "80f325689bced81:0"
vary: Accept-Encoding
x-hw: 1668164714.cds228.fr8.hn,1668164714.cds009.fr8.sc,1668164715.waf1-node01-fra02.stackpath.systems.-.wx,1668164715.cds009.fr8.p
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: no-cache
content-length: 4640
x-xss-protection: 1; mode=block

GET
H2 200 css-calendar-system.css
app.hospitalitysem.com/forms/ Frame A6BB 6 KB
2 KB 49ms
42ms Stylesheet
text/css 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hospitalitysem.com/forms/css-calendar-system.css

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

bcfb9fcd9ccfaea1eec9dd785292a977cd02bdfb10ba202e040ca9ba76355c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Feb 2021 16:45:30 GMT
server
strict-transport-security: max-age=86400
etag: "0f13624ccffd61:0"
x-hw: 1668164714.dop142.fr8.t,1668164714.cds158.fr8.hn,1668164714.cds257.fr8.c
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1418
x-xss-protection: 1; mode=block

GET
H2 200 javascript-calendar.js Show response
app.hospitalitysem.com/forms/ Frame A6BB 50 KB
13 KB 61ms
54ms Script
application/x-javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hospitalitysem.com/forms/javascript-calendar.js

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

b953d5294dc36595a63bacf82e2ad4b99295753fc7b108feac15659ebdce735f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Feb 2021 16:45:30 GMT
server
strict-transport-security: max-age=86400
etag: "0f13624ccffd61:0"
x-hw: 1668164714.dop142.fr8.t,1668164714.cds158.fr8.hn,1668164714.cds216.fr8.c
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 13591
x-xss-protection: 1; mode=block

GET
H2 200 javascript-lang-calendar-en.js Show response
app.hospitalitysem.com/forms/ Frame A6BB 4 KB
2 KB 69ms
62ms Script
application/x-javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hospitalitysem.com/forms/javascript-lang-calendar-en.js

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

58f37c507fa67ae8902e23090ab09f2f97dcb048ef0e3e8bec2fb5f80a0e740a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Feb 2021 16:45:30 GMT
server
strict-transport-security: max-age=86400
etag: "0f13624ccffd61:0"
x-hw: 1668164714.dop142.fr8.t,1668164714.cds158.fr8.hn,1668164714.cds273.fr8.c
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1615
x-xss-protection: 1; mode=block

GET
H2 200 javascript-calendar-setup.js Show response
app.hospitalitysem.com/forms/ Frame A6BB 9 KB
3 KB 70ms
63ms Script
application/x-javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hospitalitysem.com/forms/javascript-calendar-setup.js

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

cae3415be6bf50deeae1250d6e5139ad57d5ca9079e7bc748ecb0186053c5d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Feb 2021 16:45:30 GMT
server
strict-transport-security: max-age=86400
etag: "0f13624ccffd61:0"
x-hw: 1668164714.dop142.fr8.t,1668164714.cds158.fr8.hn,1668164714.cds247.fr8.c
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3015
x-xss-protection: 1; mode=block

GET
H2 200 WebResource.axd Show response
www.vizergy.com/forms/ Frame A6BB 26 KB
7 KB 496ms
490ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vizergy.com/forms/WebResource.axd?d=x2nkrMJGXkMELz33nwnakIz1MjE3Y-hRYvM1s1tMzRWk__N1b5IKwSgN_zsMkavO07pK1T690sVEfHXSYapv-ekGzYo1&t=637814473746327080

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

fbs /

Resource Hash

ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 26 Feb 2022 09:42:54 GMT
server: fbs
strict-transport-security: max-age=86400
x-hw: 1668164714.cds228.fr8.hn,1668164714.cds273.fr8.sc,1668164715.cdn2-redis01-fra1.stackpath.systems.-.wx,1668164715.cds273.fr8.p
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,no-cache
content-length: 7228
x-xss-protection: 1; mode=block
expires: Sat, 11 Nov 2023 03:34:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ Frame A6BB 92 KB
33 KB 124ms
37ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 23:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 23:09:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A6BB 4 KB
831 B 54ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400|Oswald:700

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

989864d87bd38077377c38c0d39acb7c4020ba724171680f6b1245a2163d2806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 11 Nov 2022 11:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 11:05:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Nov 2022 11:05:14 GMT

GET
H2 200 css-print.css
app.hospitalitysem.com/forms/ Frame A6BB 61 B
201 B 68ms
63ms Stylesheet
text/css 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hospitalitysem.com/forms/css-print.css

Requested by

Host: www.vizergy.com
URL: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

bdf4241df62726a3c6975e4d4f2b5d00c39ea473388d10e1e3fd33f8eb0a241c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vizergy.com/forms/index.aspx?formid=9474&autosize=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:05:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Feb 2021 16:45:30 GMT
server
strict-transport-security: max-age=86400
etag: "0f13624ccffd61:0"
x-hw: 1668164714.dop142.fr8.t,1668164714.cds158.fr8.hn,1668164714.cds132.fr8.c
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 87
x-xss-protection: 1; mode=block

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame A6BB 16 KB
17 KB 123ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.vizergy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 18:52:55 GMT
x-content-type-options: nosniff
age: 317540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 18:52:55 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ Frame A6BB 10 KB
10 KB 134ms
49ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Oswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.vizergy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:09:54 GMT
x-content-type-options: nosniff
age: 309321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 21:09:54 GMT

GET
H2 200 s99900315851017
sstats.vizergy.com/b/ss/vizballys.com-dover/1/JS-2.20.0/ 43 B
312 B 50ms
50ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sstats.vizergy.com/b/ss/vizballys.com-dover/1/JS-2.20.0/s99900315851017?AQB=1&ndh=1&pf=1&t=11%2F10%2F2022%2011%3A5%3A15%205%200&mid=49615852684636754601530563188787810248&aamlh=6&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&pageName=home&g=https%3A%2F%2Fcasinos.ballys.com%2Fdover%2F&events=event8&v32=newsletters&pe=lnk_o&pev2=iframe%20event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=1C1238B352785AA60A490D4C%40AdobeOrg&lrt=53&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://casinos.ballys.com/dover/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Nov 2022 11:05:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 12 Nov 2022 11:05:15 GMT
server: jag
etag: 3582356447907217408-4619792220936914488
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 10 Nov 2022 11:05:15 GMT

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.doverdowns.com/	1969-12-31 23:59:59	Name: NSC_us_nbsl-83+63+21+25-91 Value: ffffffff2fe39b9845525d5f4f58455e445a4a423660
.ballys.com/	1970-01-20 09:32:20	Name: _gcl_au Value: 1.1.1448818491.1668164711
casinos.ballys.com/	1970-01-20 07:32:49	Name: acceptCookies Value: 1
.demdex.net/	1970-01-20 11:41:56	Name: demdex Value: 51987993178559786821856442854012052278
.ballys.com/	1969-12-31 23:59:59	Name: AMCVS_1C1238B352785AA60A490D4C%40AdobeOrg Value: 1
.vizergy.com/	1970-01-20 16:58:44	Name: s_ecid Value: MCMID%7C49615852684636754601530563188787810248
.ballys.com/	1970-01-20 07:22:46	Name: s_tbm Value: true
.ballys.com/	1970-01-20 16:09:07	Name: s_vnc365 Value: 1699700711870%26vn%3D1
.ballys.com/	1970-01-20 07:22:46	Name: s_ivc Value: true
.ballys.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 16:08:20	Name: everest_g_v2 Value: g_surferid~Y24sZwAAALiMfwN-
.dpm.demdex.net/	1970-01-20 11:41:56	Name: dpm Value: 51987993178559786821856442854012052278
.ballys.com/	1970-01-20 16:58:44	Name: AMCV_1C1238B352785AA60A490D4C%40AdobeOrg Value: -408604571%7CMCIDTS%7C19308%7CMCMID%7C49615852684636754601530563188787810248%7CMCAAMLH-1668769511%7C6%7CMCAAMB-1668769511%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1668171911s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19315%7CvVersion%7C4.6.0
casinos.ballys.com/	1970-01-20 07:24:11	Name: modalSignup Value: 1
www.vizergy.com/	1969-12-31 23:59:59	Name: SPSI Value: d0940ec0cf3e1d941cf48c8e6b93061c
.ballys.com/	1970-01-20 08:05:56	Name: s_nr30 Value: 1668164715086-New
.ballys.com/	1970-01-20 16:58:44	Name: s_tslv Value: 1668164715088
.ballys.com/	1970-01-20 16:58:44	Name: sViz_ev36 Value: %5B%5B%27Direct%27%2C%271668164715090%27%5D%5D
.ballys.com/	1970-01-20 16:58:44	Name: sViz_ev37 Value: %5B%5B%27Direct%27%2C%271668164715093%27%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.hospitalitysem.com
casinos.ballys.com
cm.everesttech.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
sstats.vizergy.com
vizergy.demdex.net
www.doverdowns.com
www.googletagmanager.com
www.vizergy.com
15.188.95.229
151.139.128.10
205.185.216.10
205.185.216.42
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
34.242.111.67
34.249.11.23
52.211.12.99
72.52.10.14
0be6d430074d4936460904179330f187695864138cf6ffadadcc6e36f52b7da1
107ee564755b7afcc8909f721ca2a71e38bd7e95d808d40f46830befdcc820c9
12ac8c14774a19c98537cff78b4e64008ea24b532919f5a290e0080373bdd10d
184023cc194abd5c6d81d800b885d3bdcecb3117c95d6244b9d086c1419f59c4
1e3e4ba4b097c899520a81e88c6e94823f990083634f503bb625357f08c0be37
2952be0e630b34ec1dc0987aeb7273a3626b1e418e8156b8c77545b74fdc53e4
2ad5081ac2db9ef21f79a8a9335889ef1fd81c4040feb3f9bfded75d060fdd89
2bc90b83bc2227d8ffd49998d404af4fd163271cc42c833b23797ec421aebf7f
2f3d5fef7692918616eaa963e436ca2e166a6a446d6162f4d68734b145cc4625
314fb096eb0ae7be07c486e121c88c3a6d786042ea6a59039ec5ec2cf0c2c9ee
360070a9bf365e0eef0305203ce5101e7c45a64cab98b2ecdcd998b1475f5706
3dca19cb5262947416dbc07fb4d052c5da055ff46c5fa0b76f5995373f5216b9
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
58f37c507fa67ae8902e23090ab09f2f97dcb048ef0e3e8bec2fb5f80a0e740a
649463e34657a9302094f7f17315dfac6d5bc7744510d4fe23dd447d44f43bd4
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6faef25fd006a51a52e656231327e9eaf4a6e248361633ef1d992cb7ef5960df
71b95feb5096d4e3f1638a20e890e424479e08bcacaf2f68275efd8e147b44de
7b32aa87c2e2ac11ed29b6ef0b1f03af484439dfcf964e57e8d3c4f8ba658d3d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
962a9dc54be7401e9b23c30c0062a75ed74e922d210481eb436741afd8fcdcf4
9706635cf0fb661636ddd5f95f314c4d2c996a96d6807c6cdd08cbab71670c5a
989864d87bd38077377c38c0d39acb7c4020ba724171680f6b1245a2163d2806
9b117b0d059579977c18244ffbf43d839fc93f243ce555e3615a131fe2bf39de
9e629da00cf823ee91fd1587841f530c08d0ec9ecedf33c20da03b8997e691f4
9f9ae6e6f10e08d565db77311be674c11f58786def5c0973db703b6a081a6643
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4f85a1df3d90d3841c2c0caa46b306fe86c1c00fcb970d605dd023f7bf00285
a87046269f6237cbb6e2a07648833051bdded4c9f19b5b7fd79411d51be9f901
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b4ae9708dbe649d403050094f2baffc2cbba42239c047146835821cb28063228
b953d5294dc36595a63bacf82e2ad4b99295753fc7b108feac15659ebdce735f
bcfb9fcd9ccfaea1eec9dd785292a977cd02bdfb10ba202e040ca9ba76355c36
bdf4241df62726a3c6975e4d4f2b5d00c39ea473388d10e1e3fd33f8eb0a241c
c202b23a46bc2931f3af0b7e5803ba42a0e47db246c1ecae6236b6fd6b9eeaf4
c99447c0467a6686ac287c918f58863746f4a110da909e45d3e40e110d1d2e0f
cae3415be6bf50deeae1250d6e5139ad57d5ca9079e7bc748ecb0186053c5d8d
cb044c5f800aa96e0c7bdecbf65aa551792446ac2eb033c3bfa108fc0b77a849
d96d81d7c1d57848b9073211340981f41e5c15f3bfdcb1624c370022792c7199
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e85ad142382c4a507e066507d9b4d6ece83a09e7fd91c7e8cf67504cdc16dd08
ee8659d9fbf2571bbfe2d5f2d4cc12cd12b82699016a601ebe9a510e1c6e9373
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
efe3af706e55709699ff6edbb099b58baa3067ef663808905e56116781e1f146

casinos.ballys.com Open in urlscan Pro 205.185.216.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

96 %HTTPS

33 %IPv6

9 Domains

12 Subdomains

11 IPs

4 Countries

2245 kBTransfer

3373 kBSize

19 Cookies

14 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

casinos.ballys.com Open in urlscan Pro
205.185.216.10 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

96 %
HTTPS

33 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

2245 kB
Transfer

3373 kB
Size

19
Cookies

48 HTTP transactions
1 data transactions