promo.mr.bet Open in urlscan Pro
104.22.4.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fishersgames.xyz/
Effective URL:
https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747
Submission: On September 23 via api (September 23rd 2024, 3:26:28 pm UTC) from US — Scanned from CA

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 6 domains to perform 47 HTTP transactions. The main IP is 104.22.4.204, located in and belongs to CLOUDFLARENET, US. The main domain is promo.mr.bet.
TLS certificate: Issued by WE1 on August 6th 2024. Valid for: 3 months.

This is the only time promo.mr.bet was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:26ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	193.111.210.87 193.111.210.87	204957 (GREENFLOI...) (GREENFLOID-AS)
2 2	2a0a:8c44::3b1 2a0a:8c44::3b1	204957 (GREENFLOI...) (GREENFLOID-AS)
2 2	2606:4700:303... 2606:4700:3035::6815:d50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.22.4.204 104.22.4.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	172.67.74.12 172.67.74.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.71.231 104.21.71.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	3

1 2606:4700:3033::6815:26ae (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fishersgames.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.111.210.87 (Geneva, Switzerland) 2 redirects

ASN204957 (GREENFLOID-AS, US)
PTR: leads122063.vds

193.111.210.87	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0a:8c44::3b1 (Bulgaria) 2 redirects

ASN204957 (GREENFLOID-AS, US)

traff-leads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:d50 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

leadshub.ssmart-links.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.4.204 (None, )

ASN13335 (CLOUDFLARENET, US)

promo.mr.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 172.67.74.12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnl.mb-cdn-promo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.71.231 (None, )

ASN13335 (CLOUDFLARENET, US)

slogin.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	mb-cdn-promo.net cdnl.mb-cdn-promo.net	2 MB
2	ssmart-links.com 2 redirects leadshub.ssmart-links.com	1 KB
2	traff-leads.com 2 redirects traff-leads.com	1 KB
1	slogin.biz slogin.biz	3 KB
1	mr.bet promo.mr.bet	11 KB
1	fishersgames.xyz 1 redirects fishersgames.xyz	802 B
47	6

	Domain	Requested by
45	cdnl.mb-cdn-promo.net	promo.mr.bet cdnl.mb-cdn-promo.net
2	leadshub.ssmart-links.com	2 redirects
2	traff-leads.com	2 redirects
1	slogin.biz	promo.mr.bet
1	promo.mr.bet
1	fishersgames.xyz	1 redirects
47	6

This site contains no links.

Subject Issuer	Validity	Valid
mr.bet WE1	`2024-08-06` - `2024-11-04`	3 months	crt.sh
mb-cdn-promo.net WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
slogin.biz WE1	`2024-08-28` - `2024-11-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747
Frame ID: 83AD454C87FE884DAA51307C097A981A
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mr.Bet

Page URL History Show full URLs

https://fishersgames.xyz/ HTTP 302
http://193.111.210.87/bSW8V6T1 HTTP 307
https://193.111.210.87/bSW8V6T1 HTTP 302
https://traff-leads.com/den?sub2=omg4&sub3=omg4&sub4=3i22bbn4gkhs HTTP 302
https://leadshub.ssmart-links.com/sl?id=62c400ef6323a514dbc02325&pid=6247&sub2=omg4 HTTP 302
https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f... HTTP 307
http://193.111.210.87/bSW8V6T1 HTTP 302
https://traff-leads.com/den?sub2=omg4&sub3=omg4&sub4=3i22bbn4gkhv HTTP 302
https://leadshub.ssmart-links.com/sl?id=62c400ef6323a514dbc02325&pid=6247&sub2=omg4 HTTP 302
https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

1878 kB
Transfer

2559 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fishersgames.xyz/ HTTP 302
http://193.111.210.87/bSW8V6T1 HTTP 307
https://193.111.210.87/bSW8V6T1 HTTP 302
https://traff-leads.com/den?sub2=omg4&sub3=omg4&sub4=3i22bbn4gkhs HTTP 302
https://leadshub.ssmart-links.com/sl?id=62c400ef6323a514dbc02325&pid=6247&sub2=omg4 HTTP 302
https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188915d69c000015c09cf HTTP 307
http://193.111.210.87/bSW8V6T1 HTTP 302
https://traff-leads.com/den?sub2=omg4&sub3=omg4&sub4=3i22bbn4gkhv HTTP 302
https://leadshub.ssmart-links.com/sl?id=62c400ef6323a514dbc02325&pid=6247&sub2=omg4 HTTP 302
https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
promo.mr.bet/
Redirect Chain

https://fishersgames.xyz/
http://193.111.210.87/bSW8V6T1
https://193.111.210.87/bSW8V6T1
https://traff-leads.com/den?sub2=omg4&sub3=omg4&sub4=3i22bbn4gkhs
https://leadshub.ssmart-links.com/sl?id=62c400ef6323a514dbc02325&pid=6247&sub2=omg4
https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188915d69c000015c09cf
http://193.111.210.87/bSW8V6T1
https://traff-leads.com/den?sub2=omg4&sub3=omg4&sub4=3i22bbn4gkhv
https://leadshub.ssmart-links.com/sl?id=62c400ef6323a514dbc02325&pid=6247&sub2=omg4
https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

48 KB
11 KB

477ms
475ms

Document
text/html

104.22.4.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.4.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe747906cbe4f9c7579e3d2f839f6efa6caf22a42af2210fbc564672008f617e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8c7b8d37fcdb36c5-YYZ
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 23 Sep 2024 15:26:11 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noarchive, notranslate
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8c7b8d36dd5ea1d8-YYZ
content-length: 0
date: Mon, 23 Sep 2024 15:26:11 GMT
location: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfIT%2BK7DytV4FK0kSZPODsPvoET3QzekBkt6Xm%2BVQwZT3Wp%2FWEbmu5iQi7ulY5n%2F%2BiqeRXLk%2BtoQMstJhRqToGMorebfopFsHKgkR%2BdZo6NDIQQS0vpqxh2k9Hyvi2FXZ3fiKpEZe9jHiAI8DCmdGa4%2FL5L9TLOn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-adjust-use-original-forwarded-for: 1

GET
H2 200 common.signup.css
cdnl.mb-cdn-promo.net/landings/dist/ 7 KB
2 KB 329ms
64ms Stylesheet
text/css 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/dist/common.signup.css?v=1727089534

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

775ca53d9962cc889cad361546fd0ac2900a60384b30c60c33f84e20c9ad695c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f14c14-1cf8"
age: 539
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubFtfjFj00wgLeNHlYlBCHeH1FDSGjoVdJ8hmyJeaHLM2wvDsd8SqO0FrG7VX8zg223yFZuUvlBzSdO9bWIOPB2JwZg4iI%2Bcg3VRPmHzYeokwo6pA%2BTPXlN3uPjbbegSbVyfefDlVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 23 Sep 2024 11:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3eade2abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 web.mb_wo117_class_creg.css
cdnl.mb-cdn-promo.net/landings/dist/ 32 KB
6 KB 316ms
61ms Stylesheet
text/css 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88847fc3ba3d8e6d6aba94ffafe19c9c455955240e801404417e8d132512e6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f14c13-7ee5"
age: 1853
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AWBdFsKZ%2BW%2FnvjO08N5Yi2hqnTFjHyR%2FVGbBaNEI%2BP7%2BW004YswTN%2BmJkrtSC43qOhF9fudLUtQbSLCLm97KMHGQwZDCXJbnExetRk0b7jhfCIokbUktQ9K6PD1OX14Hcsnrvt10lw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 23 Sep 2024 11:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3eade0abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 logo_mb.png
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/logo/ 9 KB
9 KB 316ms
63ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/logo/logo_mb.png

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65e1dd04d9ffa5099d260f63e2115144067dd4e2589d0f6ef4e5a91b07409f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "664f0c05-2366"
age: 2878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPNeIXVKr92v3wUhoWMIu4aFfqulFrMENTr0Vu%2F7M7VLz8zYxJ8LxX1Bz5JrpIj%2F16zwWPsFK3vA3GxHkrO4lF9XhpgZsm2NTXqSzE58YAK%2F9muVd3sr9weNVMQy4mbqrjlpd27JqA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/png
last-modified: Thu, 23 May 2024 09:27:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3eade6abc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9062
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 beast_band_logo.png
cdnl.mb-cdn-promo.net/landings/web/mb_wo117_class_creg/img/ 152 KB
153 KB 346ms
94ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/web/mb_wo117_class_creg/img/beast_band_logo.png

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ef6f33d257ae72afe3510842f038dc104baeb276e41dc484e45344bba2c70c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "65defa25-260cf"
age: 1852
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AoLjfFD7RF5jH5wIbHd5eo4syPWEkvPVaYUQ3JxY0XYFHDfT%2FLDyr9TKrepCZ6779J22e6rH8azfShXjTyFq6Iv3lySnuEHZ%2FhPxubIX00jG33Jk4U0l7fBVmW%2Fe%2FsCDEKp%2B2rWBBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/png
last-modified: Wed, 28 Feb 2024 09:17:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3eade4abc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 155855
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 step_icon_1.png
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/ny/ 3 KB
3 KB 117ms
76ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/ny/step_icon_1.png

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cf1b306c444d177f1725b9587e8f27af1a71a0db9368e8b7ed558c6c8aa9e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "6579b045-a95"
age: 1852
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bv9%2BILrmqTX8jrnJ696sAN32dwhd7Ui8ZuVohJ0Y3V30EQC4YalgtI%2F0GMpX5X8ve2Z0mV9R4UqRMde5jIBY8d51Ix0SUsDb%2FKuAVhYAA0gsKO3ZuvfmrC60AKuuO%2BwQilupUd9tIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/png
last-modified: Wed, 13 Dec 2023 13:23:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3ece08abc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2709
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 step_icon_2.png
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/ny/ 2 KB
3 KB 118ms
77ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/ny/step_icon_2.png

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aedc4ba2805453c04b38e164ea1b8a5c25adfe4502b7d3c44eee37986696867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "6579b045-9dc"
age: 1852
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GFua9uQ9cefP6PjXb9X%2F1te8fdVeZmzO2HVA%2BnRnwcXXbkCruPvfYRbkSYaL%2BvOsGRldCwxkCF9ItLmj6oxgdjgcL7OB6o%2F48AG044nVJS6VGhyz9hFrSZXDXvUU6nhxcAesS%2BzwYA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/png
last-modified: Wed, 13 Dec 2023 13:23:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3ece09abc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2524
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 step_icon_3.png
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/ny/ 2 KB
3 KB 159ms
118ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/ny/step_icon_3.png

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa74b31362772b32ce8f46e27808d97158fa5dd1b6d0f095821d6100f9b64166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "6579b045-9f6"
age: 1852
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lm2eV2%2BZoDKmx5iWlSQT6Y971k%2BKqfdkH0SuizDu7ZJbUtBv2jFCaiSuX2ebOnBeeLJqeVKccdGNct14MWKHk5kAIY474K3yC1%2FO%2BPnDNAVt8N%2BXVYyzSQof2i58lHh%2Fuw%2Br0PUmjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/png
last-modified: Wed, 13 Dec 2023 13:23:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3ece0aabc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2550
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 pragmatic-play.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 8 KB
4 KB 151ms
113ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/pragmatic-play.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b15cf1029631a4c67f891044d3db9fb588b10a1d9c825ed463cb17fafa1b3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-213c"
age: 6702
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DWML5ne36XGbJRPc3Jd2gmBOVnkCipfzxFCESSsK0ADb%2F4fnKgRdyldR1q6wXT%2FkTL85tt6pEdONrpsjT0C4439H3qcD6O55Za4l5WYEksjYF7o2HMVx5STMWL8jIPr6iERFlmEP9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3ece11abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 playtech.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 12 KB
5 KB 241ms
193ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/playtech.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d81187464740d0a53bfcb19b04356012ae1d2df0189a74e7845582af853c4622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-2ffa"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0vriaeSZFVfkAM4brronGIYpuWoBRy6G%2FqM866ni07dx5DZHithb4X4aIQ1CU9KbZGDzUa6p6CoVVIKMvjZThnnPJnNF9iYoduqgVApN0qB5NXMih5oT%2FRE0Fv%2B0af6PPI9RDasfNA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e8dabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 microgaming.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 10 KB
3 KB 184ms
136ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/microgaming.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99eeb9baac0271b1bb4cdec280672645fa8b932a2d306d3594cb10db2c2d1fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-28ef"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gztLBhB6jvmEjPTOrBnBxqHGw2SLTDYgM5pfn4AE4xvN6K%2BZI1TC%2BF33Q5AoYSN705Cz6%2BgKPhG60yE5tjexgABw%2BCInlIqy5A7ygh6WrOjNe%2Fv9D53ithv6c%2FRUBemBStggYWDTA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3ea2abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 quickspin.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 6 KB
3 KB 175ms
128ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/quickspin.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9857229c5e9b874f13253458e5b5cae5dcd334034fc3512ab8fc1a71f0f5700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-17f7"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GbGjbTkUEQROdCpZqq%2BXhpLMqX4TrDuQw1tXz%2BBo4oRnetvslpFFBUEoCAzk9JMZ5jOhZDzVVnW9lenCCcexrqcZeTRYVREMVM8QmgVOS%2B84dvQRp2z4sRkLoGFRVyR0Emum8CBrNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e99abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 Igrosoft.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 12 KB
5 KB 169ms
122ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/Igrosoft.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b943d346a5058b98b8756a270dfe5cf6de66950460c5be05d73cc312778e94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-2e4b"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPxJ50aqYxHtfN5b266eKhdnAt5JRFKY0jJPK26lzkPoIhY5BAtE%2Bd8zuSYpQd4ziX3UvJgeUVjEVZjAxzSbFAe6S7bPKlEN4f4L8SGBfAqd39XtOQjW9Y6xi%2BfOqp6GsolNvHZYYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e95abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 spinomenal.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 7 KB
3 KB 167ms
120ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/spinomenal.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0600fc75941566056433321b7f4084c2c63120a1d39a3139fba4032091d0f4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-1bbe"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqKey56FcbQHKA0Mo7bRT2R9EcPDTK33EDz52mZpebXpvEGilhTX1CEr6UcYMEmBdlzEkmcmQHecc4XTutCSaDxo0wor6ltmYK8a3%2FsIdkZ0N6WYN7PUYXtn9B9WB7AwucPSYd%2FuwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e9dabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 relax.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 9 KB
4 KB 226ms
179ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/relax.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ff3c0b9205948cc75eb0647c6f159f3918a63c9f9150d11a99cf93f634b9dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-235b"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKiiouk4Kgl9a%2BxEXMEqSnn91rLdw78ILnvoaLzU%2BaA5Ps87UAsCCK5lZkMitauyrQtoqJhXFYGuATaU6zCxmA4sweQBHjAzfligEvBLQOvvKMupmj6hr0eIEUe0ffZJwAonuAxW1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3ea9abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 edict.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 10 KB
3 KB 153ms
107ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/edict.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d4d9bb8e859a3541e3fe0a2b050a7c5252a898b7c81d742384a0570a6ff2833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-2672"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbI1mxGTCa4s87U7KCvUOQE3cX3CEGOHwq1v9QRuJzCR6j5FaGIP5oh6seSDNGQma9RhghVRRQ5UJTs3iLxiBFB7URRfdahUA2qOiDjHKrkGIa4pvCitgFbP2TqOlaFj0jxjVYouhw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3ea1abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 play-n-go.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 4 KB
2 KB 174ms
128ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/play-n-go.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

458bbcb521e5ffd5b50145ae242a59d7c48cdbfb691d50eee0f72d53789c2fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-107a"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WMFcZ7qp0G53TJGYwKoFnTbbfLE2vumVAPGMVLW%2Fu4RpfRoGZEgBCYr3ynb33%2BLnTpRP7DWVMP1iyxZtcxjxTfKFXiL8qESPIY2OsmsUHjjqEWeviMdk%2FgFBbl%2Fg5kmvWsAJyVwImg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e91abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 gamomat.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 2 KB
1 KB 185ms
139ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/gamomat.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6de887fd88c2de20261f79e2cdfc323fd8dc41a84afd392afbcb7ad63f8f88b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-842"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5J6Na9xI9T8oyMhC7kFcrS8clHPkBIHjFu0aRcQUsFIXNKIQalyoxzZTFBFxGt%2FkxnIUVXSxduCwsHO3w5Iibg77dRUo69oYOq0pN%2FjR%2Fy0YPRWi0JTQzxoKnj2d1S8i4LODO9d1A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3eaaabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 playson.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 5 KB
2 KB 167ms
121ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/playson.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ea78a92dd0b29f7199b65d1c7722780c3c0b2e578914d79e8e8efed60745186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-1559"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=287%2B0Xn%2B%2BwbFRObSoxJ%2B04H0ay952tn7eZsj2IudBvOThXAOymwz%2Fnopj6Q73udVkOzouhyWIajxxcHLVofGg0ZYBuQSNuDg%2BeQ%2FPGApmryb9FpBQ9PB9UjgA09e5Rn42%2BWfk1561g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e87abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 wazdan.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 2 KB
1 KB 165ms
120ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/wazdan.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afb9a1ef04d4ffc9b969ffe782f850ce0e13c47273b55a07573b3e74030a43a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-9b3"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqBWmsC7n%2F5o2qoZhjhwGT8%2FS00NCI4RNVrLRaMfYLCZumX9wNP%2B%2F24UpXqReXnSj5xQWK0IQVwl%2FF%2FMsZNzUxZZxoQ0y%2BQnGR6%2BzGf74zk%2BXl10S1CP62dbsQtWVhQW270a2HDU6g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e8fabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 habanero.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 24 KB
10 KB 221ms
176ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/habanero.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caab6fc7641c62809817cd0c21b8675c190a3c60111134104534f44dcc183c26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-6143"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XejvU00bEgquPkytLRMcEdMnT9L4d3zn3%2BNANK9%2Fqg25qIS%2FFdBis0SUDshe9CWZ67mpss%2BkZplskpLf08CYd0vIwuETL%2FMXzBK4LhmZu0jYYHzvyHuRgA8q9AZF0VgtXdKXXrHhrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3ea3abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 red-rake.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 11 KB
5 KB 245ms
201ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/red-rake.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17feead3de2760c3d1a3bd2c559f1ae248cf9dd650f73866b0995c2d92b18341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-2df6"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KncN8ySDaKxCo2FVkpxZWhtyup1J%2BNG22xt6C9kVCQi0PsNgJ75c1DT5HvmviYmJYxdf2W0j4lKbH45TrDF%2FK6R2sjxZPy6TZmmpFwhO%2BxFftPmvIKJpQHt8UNy7dwypt9E5kJEVhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e9babc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 red-tiger.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 23 KB
11 KB 219ms
175ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/red-tiger.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df4307a13805d3f0e31f77a7355e404227555d6d7ca050dd5ba31a02fcf24fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-5c59"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vM%2FDAx9TXxIJtFhZDDYAnqKJn6YMWSmjg3Mab4vXmKjapzN5tKnObqVYev3LZebv5JWS0xX9uWI6wlOcZo5JhYThJjQ4fr1nx7FBocggN%2BQwwypJzjFtIxPEDNTJeNZ4bPBlOaBExw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3ea4abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 askgamblers.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 9 KB
4 KB 181ms
137ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/askgamblers.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b83942260e9d8765f503f54b0d3011bfdaa6542dfedd9659b51fa1ccb7fe7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-2429"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rP1%2BgOv%2FQyYanU26sI%2F3%2FTIoHHFqucn8fPb1B3BcjWtyMXt2qbW2xc3fsliTqSBqve9%2FVpqCVyds%2Fcitue4wDapVpZ1Pyp8dTV2G9%2Bve4Q0qsEoOyLBHQgg4r3JhABCQCjSPG071wA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3ea6abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 slotozilla.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 65 KB
28 KB 242ms
198ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/slotozilla.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6b44b69d95089ae32bd45366ec76e45a2411f726058c463e77635ef0455395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-1056a"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0QcEgjFBj1xcr6vo%2Fknk2Ml5mnERDZEpLMfDmjZn8eUjNZth8mrvINUVBwcaSVuZ11E3fOOscKdG7Mdb0nhW%2BvX6wQJB7Il%2FBgcAEMeTINqQIxp7jTToqz7KqxLq5V1IFWf6YqS3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e9eabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 18+.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 4 KB
2 KB 168ms
126ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/18+.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71e6c7dbac73ec50a18a6795e14560f3cf0f7a97e7f686d6c51dcc43af71ba41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-e53"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdXpLTGNN8C4bf9%2BELBZZoYcIU9HRer7BvWzDsBll3lwNU0PeZe8UGGJYOOTUmZqEhpdXohZUDRwZrHldj7qyChR1zI%2F3%2FqmKa24GMHrJDAU2%2FibmD%2BnLTDX80I9ttz%2B2fAgDCNzAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e8babc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 mr-gamble-ceal.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/ 12 KB
10 KB 151ms
109ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/footer/mr-gamble-ceal.svg

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa5a5bdef25469aba858692d3d77c029eb732b7e15ee5778529acdb967d15755

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"659e61d3-3135"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vbEuGn2iaDvvZ5D7skrEC10%2FEJje3%2BAcwHCBHVn28cnDHq%2FRzGATj3SLELTCAB%2FuY4%2FV3MrO5J9pzVxPmd0cUaxnCLJx4%2F3wjWLizlrbEEYBbWpHQK3vCjBgZ94t%2FByCWgIjOEZSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Jan 2024 09:22:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3e93abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 jquery.min.js Show response
cdnl.mb-cdn-promo.net/landings/common/_default/js/ 82 KB
30 KB 128ms
88ms Script
application/javascript 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/js/jquery.min.js?v=1727089534

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"64d4c559-1499c"
age: 539
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tthd6f85eMaxcqINh5BtXJgQ%2B1zwUAoS8aUXLDwYUuFvH64hBzqWqk43w8lrsNI%2BfY2RFPxv3XpD2ac83CqlaBpxyiECPEpYU8rUKT587rfXvvUofh3P667NrKMNRhSGY8dwFoWM1g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 11:09:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3ece0cabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 common.signup.js Show response
cdnl.mb-cdn-promo.net/landings/dist/ 622 KB
192 KB 167ms
124ms Script
application/javascript 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/dist/common.signup.js?v=1727089534

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a39b27143a38cc79da521d97186e4c66df3167fbb0555e9aab63d642ae01e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f14c14-9b9ec"
age: 539
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1XoTrNc%2FHlkICI7yGeAR6T7x2uKpiUyLcd1hv39Qh2h7er3zdPEyCAAlvI%2BtW%2F48qHviuvvlhbn4YvUoKTwwGGmmbaxmtSlKncN7Mlgq9nTtpBECNNAaWVn4Xd4a7PxtCPqcn62Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 23 Sep 2024 11:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3eacabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 common.webmHelper.js Show response
cdnl.mb-cdn-promo.net/landings/dist/ 2 KB
1 KB 219ms
177ms Script
application/javascript 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/dist/common.webmHelper.js?v=1727089534

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

716f676bfa1772085ef1f9be4715a4dde6d6b2e62c220dc7c8758155cae40041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f14c14-809"
age: 4612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2U4ItjOr8pVN6gbeEi0ehoWpTp14mbKb8uIYDE9%2FdP7%2FcltIlWdDI6qt3RoW8cH2tSOmn09ItTWEDAI5QoVfxxMBhV%2Fpk%2Fmk4jcSiR4F9pGTRXEtHIoZpWF%2Bhqz0Yw5a7riSDUeuw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 23 Sep 2024 11:08:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3f3eaeabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 web.mb_wo117_class_creg.js Show response
cdnl.mb-cdn-promo.net/landings/dist/ 536 B
671 B 159ms
119ms Script
application/javascript 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.js

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6817f99245b6c90d13040bcf0b1ce398426c278f252c2824ec8fff53a2b30432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f14c13-218"
age: 1853
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tFFGlnLOGMRvMQ3an4bLpgtGFBuVvGHki882iTG9Y21lv8f8%2FINWaTyuji0CxjYLTzUJRoUKsiZexkFxzyRfU4LMyTRz%2FF5xXfWa00zXRRqjc1UHhciAVX8%2ByIyg3fheEIhr%2BIHlVg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 23 Sep 2024 11:08:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3ece0dabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 currency_wb2500.js Show response
cdnl.mb-cdn-promo.net/landings/common/_default/js/ 827 B
731 B 154ms
114ms Script
application/javascript 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/js/currency_wb2500.js?v=1727089534

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae5264dec1a81e5dd7eb6534b735dd298adc4d35a4dbbb2340ebe079b781302d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6666d221-33b"
age: 81
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kr6FgXpsW28MwfrQ9j2x49NUB30dIVfNbVb42MlPBVjeJqEu76%2BaptYmMZDHCp9g0vF0RCIEoBT2FH9sQbfI3C9bnOj29sdXyUVQt%2Bbifm6hA8lCRuDUR0%2BsHQpM2jvNfy%2BEU7oiQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 10 Jun 2024 10:14:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3ece0eabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 slogin.js Show response
slogin.biz/ 8 KB
3 KB 308ms
55ms Script
text/javascript 104.21.71.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://slogin.biz/slogin.js?v=1727089534

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.71.231 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc10605b0632ab286434d6eb5e3609d4efd7cd053cf0f91b3dc645b3425988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
age: 540
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9kea1OpiwZu8sZ0zel43zbpK7JSWA8hy4GRRUtATF3I9D4LsatPOj2C4UepQgVjYgtdTKHrc4WIpw%2BUhfCEk30A0o995EJVv14dVzghyZy1QCbvwamqz%2FDwCsqiL"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2024 15:17:12 GMT
strict-transport-security: max-age=31536000; preload, max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d404a13ab9c-YYZ
accept-ranges: bytes
content-length: 2982
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 slogin_init.js Show response
cdnl.mb-cdn-promo.net/landings/common/web/js/ 365 B
536 B 366ms
328ms Script
application/javascript 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/web/js/slogin_init.js?v=1727089534

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3171e0a73c2018e3628d3b103acabd6cc20617763f21bfa346c736399849c071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"64d4c559-16d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sXVwkFzCzppI2f12bvCXalJwmXL0iN1ICttPLt%2B9uO7d%2BtgFmCxfg2BLIfEbYz2Uo94SVuH0A8fwaa0XsQmMvOnuUas3zhXpz0G9H14fbgqSitsODz6FG86YmaO5oqu8LGpk7u4tKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 11:09:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d3ece0fabc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 bg.jpg
cdnl.mb-cdn-promo.net/landings/web/mb_wo117_class_creg/img/ 225 KB
225 KB 353ms
352ms Image
image/jpeg 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/web/mb_wo117_class_creg/img/bg.jpg

Requested by

Host: cdnl.mb-cdn-promo.net
URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c780a75e2c1a160c379f657f80862efd69e20aa2131edc9fd16942b06db5de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Response headers

x-robots-tag: noarchive, notranslate
cf-bgj: h2pri
etag: "65defa25-38322"
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CN4aHF4LxbdcJJ1ScPnq%2BEqa97%2BgQr6ZQYagu0LuDt79fPur3YrHBXe2iFizpS9DsHIUEUC2MEZY7xv2LPEMlrelyA4%2BWzRH4GC4uhXTPJ%2FVjKPsMNKf%2BMX0Imf90m8%2B6muO7oagRw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/jpeg
last-modified: Wed, 28 Feb 2024 09:17:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d40b862abc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 230178
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 lights.png
cdnl.mb-cdn-promo.net/landings/web/mb_wo117_class_creg/img/ 396 KB
397 KB 392ms
391ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/web/mb_wo117_class_creg/img/lights.png

Requested by

Host: cdnl.mb-cdn-promo.net
URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7845a662663b43e8485ef09f78ca2b4132a4cc2836849c12fc23d7c6ead5b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: REVALIDATED
etag: "65defa25-62fea"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2XcD0J0UshQzayQQkhFF3cCUIpHVtVP0cbKviCUx2UCb6boQdTrkmNBe3O7dKJ1GMiSh%2FlTUOSI2NAXgs7fjMEdJkrx%2BlQxZmDjogS0qsitwPE8RqfbEofTLaMyAJbMUk0YDQILPbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/png
last-modified: Wed, 28 Feb 2024 09:17:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d40d88dabc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 405482
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 heroes.png
cdnl.mb-cdn-promo.net/landings/web/mb_wo117_class_creg/img/ 193 KB
193 KB 608ms
585ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/web/mb_wo117_class_creg/img/heroes.png

Requested by

Host: cdnl.mb-cdn-promo.net
URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7db3ef97d0ad2ec7ded77ae651477284bf17933569d0497c7f86596e3043be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: MISS
etag: "65defa25-3027c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ukNGzlewxL2eZp3Y3JOv6OUZ%2BjQq4H3LHrhF1Grr8Hco56q3PAmCMrGf6zVvypeZ3LodFwHbU4mQa6b1Zv37JPLM275X7ivF5K6Ddu5qwr027xuDAcCJUc9qQNc4BaCEXnPpV2JUwg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:13 GMT
content-type: image/png
last-modified: Wed, 28 Feb 2024 09:17:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d4118d5abc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 197244
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 popup_bg.png
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/beastband/ 72 KB
73 KB 157ms
144ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/beastband/popup_bg.png

Requested by

Host: cdnl.mb-cdn-promo.net
URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0de558d07e3d4071523628101fd79d9867c3c8b9267a3a4d7c401c2e569c342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "65defa25-1216b"
age: 1852
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ahL3igHaTSkG5%2FkTF4e2ftEJ8bzkCOM0fJQWyMo9VdXGiYd4x294lVrP1OUvUQCNvizJeASJoSnh2ZHXEhDwTwJziNlD57CMcbRWWCasClFuJuNeLukginkGpTwp%2BCU9cFjRDhd0BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/png
last-modified: Wed, 28 Feb 2024 09:17:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d4118d6abc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 74091
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 hero_sprite.png
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/beastband/ 211 KB
212 KB 161ms
149ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/beastband/hero_sprite.png

Requested by

Host: cdnl.mb-cdn-promo.net
URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd76168a4b1a930a100cce751ffe8429b148b1c65a7e409e172f1080a9802df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "65defa25-34c4c"
age: 1852
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZoz%2BuIBAHuc0Jcosb3BLJde71CylF24cXUvVu00dmhJeStK7cHNOMLH2E2L6wW0VzCWzNtZhIJuW50nxp6f0a9Dv%2FIoeGybCnqNlv8FTmSwMHxtNrz4SPnaKBddaalmiY1vMLxtug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/png
last-modified: Wed, 28 Feb 2024 09:17:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d4118d9abc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 216140
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 gifts.png
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/beastband/ 44 KB
45 KB 155ms
143ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/form/beastband/gifts.png

Requested by

Host: cdnl.mb-cdn-promo.net
URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0c48096f7edc8642758abdd4ff033570d18361d7850f244bf2551bd79800911

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "65defa25-b0ff"
age: 1849
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=62dnsf50UnrILW606H73HCOCegwVo0FYm0s9RMq3qWUubZ6IO8W%2BnI%2BCz%2FXcCcgdw1YctnSrI3%2FbGVfxhJlWTYR3wVe4J3Lf97VsraIrMb3TP10bj%2Fck0pcx1AInSfrLOAuVMJ5kpg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:12 GMT
content-type: image/png
last-modified: Wed, 28 Feb 2024 09:17:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d4118dbabc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 45311
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 opensans-regular.woff2
cdnl.mb-cdn-promo.net/landings/common/_default/fonts/OpenSans/Regular/ 59 KB
59 KB 234ms
52ms Font
font/woff2 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/fonts/OpenSans/Regular/opensans-regular.woff2

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38df043aef07a5b6e8290e78a01a74aac8306e5fc10a2a61fba6c30ca1da68df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://promo.mr.bet
Referer: https://promo.mr.bet/

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "64d4c558-eab0"
age: 5103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtL1fb9A5G7oNnXYDMRQiGsIR6NyCWMnZ37ueTkSFowHT5Dm468sUmMYPw5wOVRieXyyCLvIsMIQ25xdrDbiVaUA5aMgLmO9ehFwnsLXDftH3ffOw9OeAzq23EmKNrnM2vlgT8e5bA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:13 GMT
content-type: font/woff2
last-modified: Thu, 10 Aug 2023 11:09:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d441b9336a8-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60080
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 OpenSans-ExtraBold.woff2
cdnl.mb-cdn-promo.net/landings/common/_default/fonts/OpenSans/ExtraBold/ 57 KB
57 KB 291ms
110ms Font
font/woff2 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/fonts/OpenSans/ExtraBold/OpenSans-ExtraBold.woff2

Requested by

Host: cdnl.mb-cdn-promo.net
URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a53918b89323c6e9ab8e57f695eed9539adb9300612f0c82f534a6df0d12710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://promo.mr.bet
Referer: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "64d4c558-e480"
age: 5103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3baWBhrb%2BCWWD8ipClOfsWB2wZoFZKlt%2Fnwile8Owef0JV47OxMJZaCSCVheZ2vJiJAs%2BW1BiP9RPyAgDy17O8S4URbx0tvZNiNoi6R%2B%2F3GmcqKjkamLHRky%2FycMY5KgZBQZxr54Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:13 GMT
content-type: font/woff2
last-modified: Thu, 10 Aug 2023 11:09:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d441b9b36a8-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58496
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 baloo-regular.woff2
cdnl.mb-cdn-promo.net/landings/common/_default/fonts/Baloo/ 28 KB
29 KB 617ms
462ms Font
font/woff2 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/fonts/Baloo/baloo-regular.woff2?v=1727089534

Requested by

Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a23691a3b6d820e02d4640399fdf2222009cb9aa5aa769597f7297f4caabb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://promo.mr.bet
Referer: https://promo.mr.bet/

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: MISS
etag: "64d4c558-71c0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oe%2FqVVOa5etCwgjdAmMv%2FyUKppVT9mTF3MEwHZalj25WDwO9Lq7vDpG%2FiiDgVQjTrTEGanv20pvZ0YemzXI521MCL8HFHvdqspin322xbZhbyn52GyW7t1h7DbCvmNFwGBpYyd90kg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:13 GMT
content-type: font/woff2
last-modified: Thu, 10 Aug 2023 11:09:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d441b9836a8-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29120
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 mb-signup-sprite.png
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/icons/ 3 KB
3 KB 54ms
53ms Image
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/icons/mb-signup-sprite.png

Requested by

Host: cdnl.mb-cdn-promo.net
URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6e4f8dce04fc3e8acb9f41e972e4cb1a27c258dd2319e423304cd588a3c28f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "64d4c559-bb4"
age: 5103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbiwPfKZxq30vJ%2BjGSGMgbsTa%2FqIkejj2ZEXazrIKnnKUWrFTMvE9Zu5LMtPAFUACPtRHjcQ6Vmtor%2Ba9R5KZuveN9yoT7a6iZVIlIHozWRhPVMGNEKKsVeofoyss0vpxj2eICV3GA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:13 GMT
content-type: image/png
last-modified: Thu, 10 Aug 2023 11:09:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d45ddd6abc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2996
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 google-social.svg
cdnl.mb-cdn-promo.net/landings/common/_default/img/social/ 1 KB
943 B 88ms
87ms Image
image/svg+xml 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/social/google-social.svg

Requested by

Host: cdnl.mb-cdn-promo.net
URL: https://cdnl.mb-cdn-promo.net/landings/dist/common.signup.css?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b1f89121c3fc3dc18a63e0aa207281a58508d6b4910d7ce187dfcd7856dceb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://cdnl.mb-cdn-promo.net/landings/dist/common.signup.css?v=1727089534

Response headers

x-robots-tag: noarchive, notranslate
content-encoding: gzip
cf-cache-status: HIT
etag: W/"64d4c559-55f"
age: 2878
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BBUEY2DEkG3Ec4SSAlPjQxhYx8JOTketntnZhpTIjPVPOiuTOf%2F0TUElPQYuHpN70YZPiylrCC2wNje0LD1rEhHnZvnPm4YndhUZiQc0wpo92y5nEzGSYKTGFvY699Wo3%2BDm6GCeg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:13 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Thu, 10 Aug 2023 11:09:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d45ddd7abc4-YYZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 OpenSans-Bold.woff2
cdnl.mb-cdn-promo.net/landings/common/_default/fonts/OpenSans/Bold/ 57 KB
57 KB 69ms
68ms Font
font/woff2 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/fonts/OpenSans/Bold/OpenSans-Bold.woff2

Requested by

Host: cdnl.mb-cdn-promo.net
URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

640b22c0c8b70ab87e6c9b9abd26d5e40040647aa7c6a5a90b1db3659fbd6219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://promo.mr.bet
Referer: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo117_class_creg.css?v=1727089534

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "64d4c558-e350"
age: 5103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k3C9Q%2FRAKcJWH2fTNtAFzpxdLq%2BHHcF1RJM41XiTFHQ8g7kV6biM6LNHNc6Oe7jEye4PuzwWfhmTG5Y6fYkMPjL2Uzbo%2FZ4ZUQ%2Fk9rTRRkyC%2BtCQqEDFlzGkIHIC5JIZsujNqnoofA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:13 GMT
content-type: font/woff2
last-modified: Thu, 10 Aug 2023 11:09:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d463e2236a8-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58192
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 favicon-32x32.png
cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/favicon/ 3 KB
3 KB 62ms
61ms Other
image/png 172.67.74.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/favicon/favicon-32x32.png?v=1727089534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4073ff35454fa575546b253ede1d7b0d695d2552a0b57e54c92850d2723261dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://promo.mr.bet/?lp=mb_wo117_class_creg&trackCode=aff_345988_3_Streamers_TikTok_6247&cid=66f188935e6cf00001d29747

Response headers

x-robots-tag: noarchive, notranslate
cf-cache-status: HIT
etag: "66f145ef-c39"
age: 6703
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l97S66%2BUsv6KHuIbbG0npE3Hf4RJP9TetQdhXCmxEfqFmmMx%2B6B14eSySopk19E0utl9Oxjw%2F%2BxRdimTdnywsNPVvTMswcRO1bO39t9vsdFX8MzcwpBjoZlZuH5Wv%2FhEQnCnU0%2FGcw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Mon, 23 Sep 2024 15:26:13 GMT
content-type: image/png
last-modified: Mon, 23 Sep 2024 10:41:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
cf-ray: 8c7b8d47d861abc4-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3129
x-xss-protection: 1; mode=block
server: cloudflare

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fishersgames.xyz/	1970-01-21 00:29:43	Name: _subid Value: 3lue7354gkhp
fishersgames.xyz/	1970-01-20 23:46:31	Name: 6908b Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEwMTFcIjoxNzI3MTA1MTY2fSxcImNhbXBhaWduc1wiOntcIjU2MlwiOjE3MjcxMDUxNjZ9LFwidGltZVwiOjE3MjcxMDUxNjZ9In0.tpegIx7K7FoXatmEF2UaX7lwKUbSCdhN2X_yy_ACLkk
193.111.210.87/	1970-01-20 23:46:31	Name: 6908b Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEwMTNcIjoxNzI3MTA1MTY4fSxcImNhbXBhaWduc1wiOntcIjU2M1wiOjE3MjcxMDUxNjh9LFwidGltZVwiOjE3MjcxMDUxNjh9In0.XslvaJ3YoAGhmtzrf3mPx4lr3-liVDAIEha5aADND4c
traff-leads.com/	1970-01-20 23:46:31	Name: 6908b Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjExXCI6MTcyNzEwNTE2OX0sXCJjYW1wYWlnbnNcIjp7XCIxXCI6MTcyNzEwNTE2OX0sXCJ0aW1lXCI6MTcyNzEwNTE2OX0ifQ.OcA7yj6DRbInYl7QCq8LcOnSfdvK2SUEH9NBTPJiK8Q
193.111.210.87/	1970-01-21 00:29:43	Name: _subid Value: 3i22bbn4gkhv
193.111.210.87/	1970-01-21 00:29:43	Name: _token Value: uuid_3i22bbn4gkhv_3i22bbn4gkhv66f18892a3ee15.86284402
traff-leads.com/	1970-01-21 00:29:43	Name: _subid Value: 3lue7354gki0
leadshub.ssmart-links.com/	1970-01-21 08:30:41	Name: afclick Value: 66f188935e6cf00001d29747
promo.mr.bet/	1969-12-31 23:59:59	Name: pid Value: 3
promo.mr.bet/	1970-01-20 23:46:31	Name: ForwardParameter Value: lp%3Dmb_wo117_class_creg%26cid%3D66f188935e6cf00001d29747

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnl.mb-cdn-promo.net
fishersgames.xyz
leadshub.ssmart-links.com
promo.mr.bet
slogin.biz
traff-leads.com
104.21.71.231
104.22.4.204
172.67.74.12
193.111.210.87
2606:4700:3033::6815:26ae
2606:4700:3035::6815:d50
2a0a:8c44::3b1
0600fc75941566056433321b7f4084c2c63120a1d39a3139fba4032091d0f4e5
0b15cf1029631a4c67f891044d3db9fb588b10a1d9c825ed463cb17fafa1b3ef
17feead3de2760c3d1a3bd2c559f1ae248cf9dd650f73866b0995c2d92b18341
1a53918b89323c6e9ab8e57f695eed9539adb9300612f0c82f534a6df0d12710
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2aedc4ba2805453c04b38e164ea1b8a5c25adfe4502b7d3c44eee37986696867
2c780a75e2c1a160c379f657f80862efd69e20aa2131edc9fd16942b06db5de7
3171e0a73c2018e3628d3b103acabd6cc20617763f21bfa346c736399849c071
36a39b27143a38cc79da521d97186e4c66df3167fbb0555e9aab63d642ae01e1
38df043aef07a5b6e8290e78a01a74aac8306e5fc10a2a61fba6c30ca1da68df
3ea78a92dd0b29f7199b65d1c7722780c3c0b2e578914d79e8e8efed60745186
4073ff35454fa575546b253ede1d7b0d695d2552a0b57e54c92850d2723261dc
458bbcb521e5ffd5b50145ae242a59d7c48cdbfb691d50eee0f72d53789c2fa1
5b943d346a5058b98b8756a270dfe5cf6de66950460c5be05d73cc312778e94d
5ff3c0b9205948cc75eb0647c6f159f3918a63c9f9150d11a99cf93f634b9dbd
63a23691a3b6d820e02d4640399fdf2222009cb9aa5aa769597f7297f4caabb2
640b22c0c8b70ab87e6c9b9abd26d5e40040647aa7c6a5a90b1db3659fbd6219
6817f99245b6c90d13040bcf0b1ce398426c278f252c2824ec8fff53a2b30432
6adc10605b0632ab286434d6eb5e3609d4efd7cd053cf0f91b3dc645b3425988
6b83942260e9d8765f503f54b0d3011bfdaa6542dfedd9659b51fa1ccb7fe7df
6de887fd88c2de20261f79e2cdfc323fd8dc41a84afd392afbcb7ad63f8f88b0
716f676bfa1772085ef1f9be4715a4dde6d6b2e62c220dc7c8758155cae40041
71e6c7dbac73ec50a18a6795e14560f3cf0f7a97e7f686d6c51dcc43af71ba41
775ca53d9962cc889cad361546fd0ac2900a60384b30c60c33f84e20c9ad695c
7b1f89121c3fc3dc18a63e0aa207281a58508d6b4910d7ce187dfcd7856dceb7
7cf1b306c444d177f1725b9587e8f27af1a71a0db9368e8b7ed558c6c8aa9e10
7d4d9bb8e859a3541e3fe0a2b050a7c5252a898b7c81d742384a0570a6ff2833
88847fc3ba3d8e6d6aba94ffafe19c9c455955240e801404417e8d132512e6a7
99eeb9baac0271b1bb4cdec280672645fa8b932a2d306d3594cb10db2c2d1fac
9ef6f33d257ae72afe3510842f038dc104baeb276e41dc484e45344bba2c70c4
a0de558d07e3d4071523628101fd79d9867c3c8b9267a3a4d7c401c2e569c342
ae5264dec1a81e5dd7eb6534b735dd298adc4d35a4dbbb2340ebe079b781302d
afb9a1ef04d4ffc9b969ffe782f850ce0e13c47273b55a07573b3e74030a43a2
b7db3ef97d0ad2ec7ded77ae651477284bf17933569d0497c7f86596e3043be2
c6e4f8dce04fc3e8acb9f41e972e4cb1a27c258dd2319e423304cd588a3c28f7
c7845a662663b43e8485ef09f78ca2b4132a4cc2836849c12fc23d7c6ead5b8f
caab6fc7641c62809817cd0c21b8675c190a3c60111134104534f44dcc183c26
d81187464740d0a53bfcb19b04356012ae1d2df0189a74e7845582af853c4622
d9857229c5e9b874f13253458e5b5cae5dcd334034fc3512ab8fc1a71f0f5700
df4307a13805d3f0e31f77a7355e404227555d6d7ca050dd5ba31a02fcf24fda
f0c48096f7edc8642758abdd4ff033570d18361d7850f244bf2551bd79800911
f65e1dd04d9ffa5099d260f63e2115144067dd4e2589d0f6ef4e5a91b07409f3
fa5a5bdef25469aba858692d3d77c029eb732b7e15ee5778529acdb967d15755
fa74b31362772b32ce8f46e27808d97158fa5dd1b6d0f095821d6100f9b64166
fb6b44b69d95089ae32bd45366ec76e45a2411f726058c463e77635ef0455395
fdd76168a4b1a930a100cce751ffe8429b148b1c65a7e409e172f1080a9802df
fe747906cbe4f9c7579e3d2f839f6efa6caf22a42af2210fbc564672008f617e

promo.mr.bet Open in urlscan Pro 104.22.4.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

43 %IPv6

6 Domains

6 Subdomains

3 IPs

4 Countries

1878 kBTransfer

2559 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promo.mr.bet Open in urlscan Pro
104.22.4.204 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

6
Subdomains

3
IPs

4
Countries

1878 kB
Transfer

2559 kB
Size

10
Cookies

47 HTTP transactions
0 data transactions