urlscan.io logo urlscan.io
SecurityTrails logo

gate.mrbl.cc Open in urlscan Pro
2606:4700:20::681a:82b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
Effective URL: https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
Submission: On December 11 via manual from PH — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 2606:4700:20::681a:82b, located in United States and belongs to CLOUDFLARENET, US. The main domain is gate.mrbl.cc.
TLS certificate: Issued by WE1 on December 6th 2024. Valid for: 3 months.
This is the only time gate.mrbl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:20:... 13335 (CLOUDFLAR...)
4 1
Apex Domain
Subdomains		 Transfer
4 mrbl.cc
gate.mrbl.cc
43 KB
4 1
Domain Requested by
4 gate.mrbl.cc gate.mrbl.cc
4 1

This site contains no links.

Subject Issuer Validity Valid
mrbl.cc
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
Frame ID: 634F466102648B50D55E611F251836BC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340 HTTP 307
    https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340 Page URL
  2. https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340 Page URL

Page Statistics

4
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

43 kB
Transfer

113 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340 HTTP 307
    https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340 Page URL
  2. https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340 HTTP 307
  • https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
337d06ce-b722-11ef-b8d3-c24131dc5340
gate.mrbl.cc/payments/process/
Redirect Chain
  • http://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
  • https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
60 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:82b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171ba891135204de58b7b7b1047ccc71f6b3b4271a34fbee918ae3d753204b04
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' secure.mifinity.com; frame-src 'self' secure.mifinity.com; style-src-elem 'self' fonts.googleapis.com chart.googleapis.com 'unsafe-inline'; font-src 'self' fonts.googleapis.com fonts.gstatic.com chart.googleapis.com; script-src 'self' secure.mifinity.com; worker-src 'self' 'unsafe-inline' blob:; connect-src 'self'; img-src 'self' cdn.redoc.ly chart.googleapis.com data:; style-src 'self' 'sha256-r/8UxgyVuIjCS2KBjDCakdwJlWPc4melv2JqfkrKOdM=' secure.mifinity.com 'unsafe-inline'; base-uri 'self'; form-action *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-scripts allow-scripts allow-same-origin allow-forms allow-modals allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation; report-to csp-endpoint;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept, Authorization, Content-Type
access-control-allow-methods
GET, POST, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8f01cc8748735367-LAX
content-encoding
br
content-security-policy
default-src 'self' 'unsafe-inline' secure.mifinity.com; frame-src 'self' secure.mifinity.com; style-src-elem 'self' fonts.googleapis.com chart.googleapis.com 'unsafe-inline'; font-src 'self' fonts.googleapis.com fonts.gstatic.com chart.googleapis.com; script-src 'self' secure.mifinity.com; worker-src 'self' 'unsafe-inline' blob:; connect-src 'self'; img-src 'self' cdn.redoc.ly chart.googleapis.com data:; style-src 'self' 'sha256-r/8UxgyVuIjCS2KBjDCakdwJlWPc4melv2JqfkrKOdM=' secure.mifinity.com 'unsafe-inline'; base-uri 'self'; form-action *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-scripts allow-scripts allow-same-origin allow-forms allow-modals allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation; report-to csp-endpoint;
content-type
text/html; charset=UTF-8
date
Wed, 11 Dec 2024 01:46:06 GMT
expect-ct
max-age=86400, enforce
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(self), usb=(), fullscreen=(), display-capture=(), autoplay=(), encrypted-media=(), picture-in-picture=(), gamepad=(), midi=(), encrypted-media=(), document-domain=()
referrer-policy
no-referrer-when-downgrade
report-to
{"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"\/csp-report"}]}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=70700&min_rtt=70657&rtt_var=11243&sent=9&recv=11&lost=0&retrans=0&sent_bytes=3933&recv_bytes=2383&delivery_rate=55001&cwnd=253&unsent_bytes=0&cid=4be5b62b4dd889b5&ts=911&x=0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
allow-from *
x-xss-protection
1; mode=block

Redirect headers

Location
https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
Non-Authoritative-Reason
HttpsUpgrades
base_style.89b3daa0.css
gate.mrbl.cc/build/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gate.mrbl.cc/build/base_style.89b3daa0.css
Requested by
Host: gate.mrbl.cc
URL: https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:82b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e177dcbb863ffdeab7f01ed762eb6103ad1b5bd255cf621babe52efe5ac9e2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"6758caf4-edc"
age
5076
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPYhjgXe0wxjSoyasvVUuqeXirXI34PYeQOL5ud%2F3AaoiPkUbyd2mQajxfHTh8%2FvuQ6%2FVwVDZ3RWB5G%2BPqxV7iNFkN5gzhLb49s8uiINBKrvRdddDhGqI5dxg7rrOSYPGeUjpeXsyoXSYw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=71287&min_rtt=70561&rtt_var=1341&sent=39&recv=24&lost=0&retrans=0&sent_bytes=27644&recv_bytes=2550&delivery_rate=288707&cwnd=257&unsent_bytes=0&cid=4be5b62b4dd889b5&ts=1141&x=0"
date
Wed, 11 Dec 2024 01:46:06 GMT
content-type
text/css
last-modified
Tue, 10 Dec 2024 23:12:52 GMT
vary
Accept-Encoding
x-frame-options
allow-from *
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8f01cc8dcf305367-LAX
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(self), usb=(), fullscreen=(), display-capture=(), autoplay=(), encrypted-media=(), picture-in-picture=(), gamepad=(), midi=(), encrypted-media=(), document-domain=()
x-xss-protection
1; mode=block
server
cloudflare
favicon.ico
gate.mrbl.cc/ 		18 KB
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gate.mrbl.cc/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:82b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bc2d04c3370764871421a3eb958815f310f5223611c87c8535368690a126121
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340

Response headers

content-encoding
br
cf-cache-status
EXPIRED
etag
W/"6758c387-4942"
expect-ct
max-age=86400, enforce
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SHI56flGJY1wTMh9M5LQou%2BZeSIe4eUnnaTiCPMRb4QJVM3k8j6l1%2FNrHXdT2Eo53AcDWN%2Fqof2ImZueUP%2BhPbl5QQhMk1c43oDDhO8emil5ANP9zwAbDkVXTMdCJako2YY5UM1qdyss1A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=72553&min_rtt=70561&rtt_var=3537&sent=43&recv=26&lost=0&retrans=0&sent_bytes=29454&recv_bytes=2672&delivery_rate=288707&cwnd=257&unsent_bytes=0&cid=4be5b62b4dd889b5&ts=1834&x=0"
date
Wed, 11 Dec 2024 01:46:07 GMT
content-type
image/x-icon
last-modified
Tue, 10 Dec 2024 22:41:11 GMT
vary
Accept-Encoding
x-frame-options
allow-from *
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
cf-ray
8f01cc8e6fbb5367-LAX
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(self), usb=(), fullscreen=(), display-capture=(), autoplay=(), encrypted-media=(), picture-in-picture=(), gamepad=(), midi=(), encrypted-media=(), document-domain=()
x-xss-protection
1; mode=block
server
cloudflare
Primary Request 337d06ce-b722-11ef-b8d3-c24131dc5340
gate.mrbl.cc/payments/process/ 		31 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:82b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' secure.mifinity.com; frame-src 'self' secure.mifinity.com; style-src-elem 'self' fonts.googleapis.com chart.googleapis.com 'unsafe-inline'; font-src 'self' fonts.googleapis.com fonts.gstatic.com chart.googleapis.com; script-src 'self' secure.mifinity.com; worker-src 'self' 'unsafe-inline' blob:; connect-src 'self'; img-src 'self' cdn.redoc.ly chart.googleapis.com data:; style-src 'self' 'sha256-r/8UxgyVuIjCS2KBjDCakdwJlWPc4melv2JqfkrKOdM=' secure.mifinity.com 'unsafe-inline'; base-uri 'self'; form-action *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-scripts allow-scripts allow-same-origin allow-forms allow-modals allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation; report-to csp-endpoint;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept, Authorization, Content-Type
access-control-allow-methods
GET, POST, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8f01cca12b965367-LAX
content-encoding
br
content-security-policy
default-src 'self' 'unsafe-inline' secure.mifinity.com; frame-src 'self' secure.mifinity.com; style-src-elem 'self' fonts.googleapis.com chart.googleapis.com 'unsafe-inline'; font-src 'self' fonts.googleapis.com fonts.gstatic.com chart.googleapis.com; script-src 'self' secure.mifinity.com; worker-src 'self' 'unsafe-inline' blob:; connect-src 'self'; img-src 'self' cdn.redoc.ly chart.googleapis.com data:; style-src 'self' 'sha256-r/8UxgyVuIjCS2KBjDCakdwJlWPc4melv2JqfkrKOdM=' secure.mifinity.com 'unsafe-inline'; base-uri 'self'; form-action *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-scripts allow-scripts allow-same-origin allow-forms allow-modals allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation; report-to csp-endpoint;
content-type
text/html; charset=UTF-8
date
Wed, 11 Dec 2024 01:46:09 GMT
expect-ct
max-age=86400, enforce
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(self), usb=(), fullscreen=(), display-capture=(), autoplay=(), encrypted-media=(), picture-in-picture=(), gamepad=(), midi=(), encrypted-media=(), document-domain=()
referrer-policy
no-referrer-when-downgrade
report-to
{"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"\/csp-report"}]}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=71747&min_rtt=70561&rtt_var=1051&sent=63&recv=34&lost=0&retrans=0&sent_bytes=49104&recv_bytes=2770&delivery_rate=337016&cwnd=257&unsent_bytes=0&cid=4be5b62b4dd889b5&ts=4747&x=0"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
allow-from *
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning URL: https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error URL: https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340(Line 3)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' secure.mifinity.com". Either the 'unsafe-inline' keyword, a hash ('sha256-Mmk/V7Mz1jw5EWcj/9/ehBytUp6SgD056zQVGJLn2DY='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340(Line 70)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' secure.mifinity.com". Either the 'unsafe-inline' keyword, a hash ('sha256-NvbJQ19PtdXiWomRSnD1FDFhvZCKFR4fcPVttRVzIv4='), or a nonce ('nonce-...') is required to enable inline execution.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning URL: https://gate.mrbl.cc/payments/process/337d06ce-b722-11ef-b8d3-c24131dc5340
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' secure.mifinity.com; frame-src 'self' secure.mifinity.com; style-src-elem 'self' fonts.googleapis.com chart.googleapis.com 'unsafe-inline'; font-src 'self' fonts.googleapis.com fonts.gstatic.com chart.googleapis.com; script-src 'self' secure.mifinity.com; worker-src 'self' 'unsafe-inline' blob:; connect-src 'self'; img-src 'self' cdn.redoc.ly chart.googleapis.com data:; style-src 'self' 'sha256-r/8UxgyVuIjCS2KBjDCakdwJlWPc4melv2JqfkrKOdM=' secure.mifinity.com 'unsafe-inline'; base-uri 'self'; form-action *; upgrade-insecure-requests; block-all-mixed-content; sandbox allow-scripts allow-scripts allow-same-origin allow-forms allow-modals allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation; report-to csp-endpoint;
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from *
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gate.mrbl.cc
2606:4700:20::681a:82b
171ba891135204de58b7b7b1047ccc71f6b3b4271a34fbee918ae3d753204b04
1bc2d04c3370764871421a3eb958815f310f5223611c87c8535368690a126121
e7e177dcbb863ffdeab7f01ed762eb6103ad1b5bd255cf621babe52efe5ac9e2