promo.mr.bet Open in urlscan Pro
104.22.5.204  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response promo.mr.bet/	44 KB 11 KB	1368ms 487ms	Document text/html	104.22.5.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.5.204 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b91a4f5ea942ef7f1de35de522f02bb391f34bf6c303bee299ed21a4ab752d4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers cf-cache-status DYNAMIC cf-ray 8b956e397d68ac52-YYZ content-encoding gzip content-type text/html; charset=utf-8 date Mon, 26 Aug 2024 17:09:37 GMT referrer-policy no-referrer-when-downgrade server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-robots-tag noarchive, notranslate x-xss-protection 1; mode=block
GET H2	200	footer_providers_mb.css cdnl.mb-cdn-promo.net/landings/common/_default/css/	2 KB 982 B	134ms 34ms	Stylesheet text/css	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/common/_default/css/footer_providers_mb.css?v=1724331261 Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3065ea8d147c3ba02a027e1e7c5a7296254f44a55bad37caeaaf539a39cda610 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2753 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:12 GMT server cloudflare etag W/"64d4c558-759" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wP9TLkfsoj3WDMxbFtgxOlZkK3AILH8XxghtBVwn66LkRKgP2BBWV7OAOsJOFo7zUZvAwZwA%2FiSFwl1xHZnpM3ZTCz1HrgIQfywljEBEqgmjpIyBoV2%2FcVVMIlp4zmAe5MYOBiTV%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d184c544f-YYZ
GET H2	200	common.signup.css cdnl.mb-cdn-promo.net/landings/dist/	7 KB 2 KB	133ms 34ms	Stylesheet text/css	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/dist/common.signup.css?v=1724331261 Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d38115630be03a719b62f5267b4727586f322951fe7b9ced6e971eaf8fec8b2f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4953 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 22 Aug 2024 12:56:23 GMT server cloudflare etag W/"66c73577-1c84" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYYhzbgMMZDQJRVJo4EzQ%2FcyUFfS0VZFcS16RgGQufv0Aewj6XDYg1XAL9xE%2FkLsbHaPwLdPU1wSCUzXuV3wLbKXbguQUr5irlWxMEjJnNZFtGzWNh1ZhkRvJcW8qrGXgJwRVqd8sA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d084a544f-YYZ
GET H2	200	web.mb_wo33_class_creg.css cdnl.mb-cdn-promo.net/landings/dist/	16 KB 4 KB	134ms 35ms	Stylesheet text/css	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3a3577d11dd20e2076b7533589272c60cb17da9cec45a5e4241521d76c6f13b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2752 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 22 Aug 2024 12:56:23 GMT server cloudflare etag W/"66c73577-413d" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QaQNC94SPqCyaWSUdN%2B70g52NECCkiLWxFvdjmIdQJW3VWCXADF6nSxgP2O%2BbLu8kkYSi2ayQFr9d46c85AbleWn4wo1cHlR4SQUGv51a22zYlleHUSZbBC0kgb6jEbHYC1%2FXMAKEg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d184d544f-YYZ
GET H2	200	common.signup.js Show response cdnl.mb-cdn-promo.net/landings/dist/	622 KB 192 KB	160ms 159ms	Script application/javascript	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/dist/common.signup.js?v=1724331261 Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e149be833abb63ea7211e1e9cad86448a5be5f7f7f5ef6e588bde2c56c312e6c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4952 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 22 Aug 2024 12:56:23 GMT server cloudflare etag W/"66c73577-9b9ec" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ay%2F8uV2DzCZm4agqzN0OHB4eIZKUnwgTee37p6NGzcM9T14O%2FvI5BT1IEJo4iFiQ18UOm2W7Qe81jBqrQ1RFppDrM2j3e35NJBDUVM7j5Vbl9Ucr15AH3ZeqiO8UgDXMLzLkN%2FhFOg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d78a4544f-YYZ
GET H2	200	web.mb_wo33_class_creg.js Show response cdnl.mb-cdn-promo.net/landings/dist/	682 B 952 B	159ms 158ms	Script application/javascript	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.js?v=1724331261 Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f65876cfe4e5476f43e4bcdd17cc4317a8d2535a9d8b2138423c12ccd6ddb86 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2752 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 22 Aug 2024 12:56:23 GMT server cloudflare etag W/"66c73577-2aa" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9q5z%2BLNfwTkScTWFzIbzpfyHARuFyWKLgdVtvJPjLVSHL0rMnLOvbCikaEMBpeQerYfEcD5BLsT6IV0lO08TcrfbClAbJ4ozrSMBjRfU%2FWN%2F%2FMfRHbcGgoUtLA43W23Gm0%2B7fttFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d78a5544f-YYZ
GET H2	200	jquery.min.js Show response cdnl.mb-cdn-promo.net/landings/common/_default/js/	82 KB 29 KB	167ms 68ms	Script application/javascript	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/common/_default/js/jquery.min.js?v=1724331261 Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4952 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:13 GMT server cloudflare etag W/"64d4c559-1499c" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2DeKkHUyn5IFYi5yJgDwemiKdB%2BgnXqNfuj%2BmiKT%2FErAQEXOvBziQ6VaXdeRmC0pou%2B0GmI0ly0HTdllN%2BiW%2BklkKwpiRc2FfwNex8AyEj8usVp%2B4ObOvVULyLKlsKJ3MvwlGeyOQQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d3879544f-YYZ
GET H2	200	currency_wb2500.js Show response cdnl.mb-cdn-promo.net/landings/common/_default/js/	827 B 747 B	134ms 35ms	Script application/javascript	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/common/_default/js/currency_wb2500.js?v=1724331261 Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae5264dec1a81e5dd7eb6534b735dd298adc4d35a4dbbb2340ebe079b781302d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1822 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 10 Jun 2024 10:14:57 GMT server cloudflare etag W/"6666d221-33b" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SyziQKPTX1ORRgwFfs8FRdtcWlVF2xNoxd1zowdvAGxY9xa9JyFoLiQO62vKlSsYEt4CLZue79KKodiW97XEEQ7OzHmuhTJAlillJVdDTpPdF7wE83F41rSAFgGLGZLK%2FSd8rlGCnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d184e544f-YYZ
GET H2	200	webview-redirect.js Show response cdnl.mb-cdn-promo.net/landings/common/web/js/	402 B 557 B	499ms 401ms	Script application/javascript	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/common/web/js/webview-redirect.js?v=1724331261 Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 409f921d2d0a2382f9c70e96a77ed375c073688cc75db45d914fb6a67524fd62 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:13 GMT server cloudflare etag W/"64d4c559-192" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XchUfwezDjINR1twM%2Fm1%2Bp%2BU436e59Xz3qcT00UdlsyyO5H1eXIlZd8X5lMkA4Rp6wr9p%2FPgtPs2mHRfcuNMMaBAvHhTuZ8EChTzFPmP7DU%2BLIQJ4K558SjvRkybEisnFrN66yUXYA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d184f544f-YYZ
GET H3	200	slogin.js Show response slogin.biz/	8 KB 4 KB	145ms 76ms	Script text/javascript	172.67.172.18 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://slogin.biz/slogin.js?v=1724331261 Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.172.18 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc10605b0632ab286434d6eb5e3609d4efd7cd053cf0f91b3dc645b3425988 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload, max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload, max-age=31536000; includeSubDomains; preload cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4952 alt-svc h3=":443"; ma=86400 content-length 2982 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Mon, 26 Aug 2024 15:47:05 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TdDBJJtqu7ejjUxewumFCliNyWRD%2F7Z8rUoZoqEr6N1LM3Os4YMHhGhlmzbCGm17vT6Q7hzrB6AsnsmKhhWRIfH8KCN76kSnN31SWg%2FCraL1AVdDQJxzHqiqHm%2BL"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=14400 accept-ranges bytes x-robots-tag noarchive, notranslate cf-ray 8b956e3d2bf0ab45-YYZ
GET H2	200	slogin_init.js Show response cdnl.mb-cdn-promo.net/landings/common/web/js/	365 B 513 B	499ms 402ms	Script application/javascript	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/common/web/js/slogin_init.js?v=1724331261 Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3171e0a73c2018e3628d3b103acabd6cc20617763f21bfa346c736399849c071 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:13 GMT server cloudflare etag W/"64d4c559-16d" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVLnqJXcXTxXbhVrwt625n845hyPYgXs03WwAU84LcskfcMJbYvdtDtZDQs4icWG4a9%2BRS8%2F8kViNVtFBeK9wVLMQ6wCNm4FZL%2Bi4trKPbZyR%2B6FqzadcbrRzV2llNQhUL3hdQlZUw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d3878544f-YYZ
GET H2	200	bg.jpg cdnl.mb-cdn-promo.net/landings/web/mb_wo33_class_creg/img/	82 KB 82 KB	68ms 60ms	Image image/jpeg	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnl.mb-cdn-promo.net/landings/web/mb_wo33_class_creg/img/bg.jpg Requested by Host: cdnl.mb-cdn-promo.net URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85b3c9e9da3e9455d8ca5e981f4340fcc6cce074133f311e044132fe9e2cb989 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2752 content-length 83501 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade cf-bgj h2pri last-modified Thu, 10 Aug 2023 11:09:14 GMT server cloudflare etag "64d4c55a-1462d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9QMZ5GKUmBmgZ05WdfTJh7suvFpCsZof%2FPafWGqQWWXkW%2BxtpBy%2FR%2BQhkvCc3OKae4y%2F17lYkxo8BbeEToR%2Buvf3NHuaitDtERmQcR%2BQsLT8sl9EHdwqWwWia8HbtB3tXBOh%2FekF6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-robots-tag noarchive, notranslate cf-ray 8b956e3d78a6544f-YYZ
GET H2	200	girls.png cdnl.mb-cdn-promo.net/landings/web/mb_wo33_class_creg/img/	194 KB 194 KB	358ms 356ms	Image image/png	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnl.mb-cdn-promo.net/landings/web/mb_wo33_class_creg/img/girls.png Requested by Host: cdnl.mb-cdn-promo.net URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34c4926d5bcf8168554e30c819abdfb725ed712ba66ca93edaeb325c84390c49 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 198310 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:14 GMT server cloudflare etag "64d4c55a-306a6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rSaYDFYainYuRKuQ4LjatXZFIeaZHMfoJPtYxPycupWPlyUiS%2Bb5eelR%2F6SR9K7LGBaoryC2U5xU98ih7ksTvg%2BSpYEpF6pC0jkvgy2rq8N9WeOyMH%2B7esO1kYmAN%2Ffbl7A5XVzZ5Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-robots-tag noarchive, notranslate cf-ray 8b956e3d78a7544f-YYZ
GET H2	200	casino.png cdnl.mb-cdn-promo.net/landings/web/mb_wo33_class_creg/img/	153 KB 154 KB	430ms 429ms	Image image/png	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnl.mb-cdn-promo.net/landings/web/mb_wo33_class_creg/img/casino.png Requested by Host: cdnl.mb-cdn-promo.net URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d4d6643ec3c11be7037a523b5c2de001ae716f92c43b99bc6192dc7a668e731c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-length 157094 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:14 GMT server cloudflare etag "64d4c55a-265a6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2mkChXtreLU1m7EGDSC0OxwLBkiX1UuxbaSNEonLEZVt4nKEiQd%2F%2FiUFDDpjiExR%2BTNIQqAmAumslZfREoGKC9WDAIE1b%2FYDDhvi2u4dTIYvRH3lX0wVLksRQWrvIrZxeHRjGgIAQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-robots-tag noarchive, notranslate cf-ray 8b956e3d78a8544f-YYZ
GET H2	200	mrbet-logo.svg cdnl.mb-cdn-promo.net/landings/web/mb_wo33_class_creg/img/	7 KB 3 KB	136ms 135ms	Image image/svg+xml	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnl.mb-cdn-promo.net/landings/web/mb_wo33_class_creg/img/mrbet-logo.svg Requested by Host: cdnl.mb-cdn-promo.net URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b915a763d9f5b8490e8b31330fc12972d34b4db047fd20a55b02c2cc526414e8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2752 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:14 GMT server cloudflare etag W/"64d4c55a-1a6e" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tT9QRuabQy8Pe0mvo2zlqpu0RUxig7bymbb8xLvGZNh96%2By4MCgfEUxzjoXklhreKQv8Rgq%2B0eEcK6bb2E433CBeft%2Ft7oK2GHvEkjc%2B9sK%2BFZy1eSSXkXgAIvaK8A9IVDbsAdcWxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d78aa544f-YYZ
GET H2	200	providers_light_bg_sprite.svg cdnl.mb-cdn-promo.net/landings/common/_default/img/	75 KB 32 KB	137ms 136ms	Image image/svg+xml	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnl.mb-cdn-promo.net/landings/common/_default/img/providers_light_bg_sprite.svg Requested by Host: cdnl.mb-cdn-promo.net URL: https://cdnl.mb-cdn-promo.net/landings/common/_default/css/footer_providers_mb.css?v=1724331261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7e32185f7b0342a308915fd27787482e115472e3f2336d313f249be9c3f9867 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdnl.mb-cdn-promo.net/landings/common/_default/css/footer_providers_mb.css?v=1724331261 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2752 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:13 GMT server cloudflare etag W/"64d4c559-12cf9" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wzQeP3ivyNpMIdO4O2wg3rcejr5%2BM%2Bzg8RFjv9WfBWjSRovhiWzosozvDvTFTh6aCSYxRmIjnhPSDX6J1Q79b7T63U8fUwt6pyxf4We5Bbm1Y7cruQEePZrPo7XZNzJw5X45rD39UA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e3d78ac544f-YYZ
GET H2	200	SourceSansPro.woff cdnl.mb-cdn-promo.net/landings/common/_default/fonts/SourceSansPro/Regular/	113 KB 114 KB	644ms 346ms	Font font/woff	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/common/_default/fonts/SourceSansPro/Regular/SourceSansPro.woff Requested by Host: promo.mr.bet URL: https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa64619f9c614379cac25c92b9aa350b9e002d221f68bf7b18b4baa3058f56cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/ Origin https://promo.mr.bet User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 5625 content-length 116072 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:13 GMT server cloudflare etag "64d4c559-1c568" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcghyZMssolX4JsSmY1qU5D6pgP%2FRfBRyrQ01fB1QcXvyDK0PmT5bLrx8LcDj7N5MIa04tXkJ9%2Bnr1zIz5NxQzSBdoN3HO%2F3BgCHjS4jqAmQCI4ejYaGiSvxwcee7pJPPAsWR8goqQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-robots-tag noarchive, notranslate cf-ray 8b956e41488e38e1-YYZ
GET H2	200	sprite-general-min.png cdnl.mb-cdn-promo.net/landings/common/_default/img/	2 KB 2 KB	39ms 34ms	Image image/png	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnl.mb-cdn-promo.net/landings/common/_default/img/sprite-general-min.png Requested by Host: cdnl.mb-cdn-promo.net URL: https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cea742d9eed759dd2fab51ef2ec4fe026099d5cc666c43dd9cd98ba7085a38d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdnl.mb-cdn-promo.net/landings/dist/web.mb_wo33_class_creg.css?v=1724331261 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 723 content-length 2095 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:13 GMT server cloudflare etag "64d4c559-82f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fH2g0qvZsXH%2B8bJg8VQL%2Bpy2o%2FXwcKWf4iwA2ZhjBy63%2FFPg54SjkR6vEZbYub1AoGpQr7r89wJ00zThwc7zlU8jOhlRoMT1jkOZV3RA0ZhfdVdAY1uwxISXoYNga8J9MowYx%2FxMAQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-robots-tag noarchive, notranslate cf-ray 8b956e414c10544f-YYZ
GET H2	200	google-social.svg cdnl.mb-cdn-promo.net/landings/common/_default/img/social/	1 KB 949 B	38ms 37ms	Image image/svg+xml	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdnl.mb-cdn-promo.net/landings/common/_default/img/social/google-social.svg Requested by Host: cdnl.mb-cdn-promo.net URL: https://cdnl.mb-cdn-promo.net/landings/dist/common.signup.css?v=1724331261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b1f89121c3fc3dc18a63e0aa207281a58508d6b4910d7ce187dfcd7856dceb7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://cdnl.mb-cdn-promo.net/landings/dist/common.signup.css?v=1724331261 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4776 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:13 GMT server cloudflare etag W/"64d4c559-55f" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PSV2xQNESINibKKqYAmJC6lT3CBqAUHN0sYiAYuJYYe12N%2FUKX3ONjq%2B9ARpGTH0axVd68hHg5KG%2FZhXFL1G%2FHf0fK4NTFPVIEmJAVIiQInlCDhRULXxlodKWv6y6jFzf%2FRH%2Fnvgow%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=14400 x-robots-tag noarchive, notranslate cf-ray 8b956e414c11544f-YYZ
GET H2	200	favicon-32x32.png cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/favicon/	1 KB 2 KB	62ms 60ms	Other image/png	172.67.74.12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnl.mb-cdn-promo.net/landings/common/_default/img/mb/favicon/favicon-32x32.png?v=1724331261 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d2c69c359cbced4583aa9523af476f4083ef2ee712bdd04d5eb76e3b440ecec Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://promo.mr.bet/?ad=3045640&browser=Chrome&campaign=194085&feed=feed11&lp=mb_wo33_class_creg&site=0c72a5f7&subday=100&tid=nonwk654d60f70000f694&trackCode=aff_0599bc_7_clickstar_MRB_CL_194085_feed11_0c72a5f7_3045640_Chrome_100 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Mon, 26 Aug 2024 17:09:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 638 content-length 1470 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 10 Aug 2023 11:09:13 GMT server cloudflare etag "64d4c559-5be" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6LzG2HK3M%2F57XUiz5%2BiFH61Yps37mbSe2GhaIhqBt5D9xgTW%2Fl9pYqo7rV1bOUals7UAwMl5U3Pggm13nFeH9uAG7LV6TysJN165rjE6VatI1zg0i4vA27qo1noaQo8rgRlE6wBJA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-robots-tag noarchive, notranslate cf-ray 8b956e42dd68544f-YYZ

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| trackCodeName string| trackCode string| redirectUrI string| receiver function| $ function| jQuery object| currencyText object| data string| country string| ua string| sloginHost object| slogin function| redirectForm function| sloginCallback object| button object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __INTLIFY__ object| regeneratorRuntime boolean| __VUE_OPTIONS_API__ boolean| __VUE__ object| __VUE_DEVTOOLS_PLUGINS__

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			promo.mr.bet/	1969-12-31 23:59:59	Name: pid Value: 3
			promo.mr.bet/	1970-01-20 23:06:18	Name: ForwardParameter Value: lp%3Dmb_wo33_class_creg%26tid%3Dnonwk654d60f70000f694

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnl.mb-cdn-promo.net
promo.mr.bet
slogin.biz
104.22.5.204
172.67.172.18
172.67.74.12
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2cea742d9eed759dd2fab51ef2ec4fe026099d5cc666c43dd9cd98ba7085a38d
3065ea8d147c3ba02a027e1e7c5a7296254f44a55bad37caeaaf539a39cda610
3171e0a73c2018e3628d3b103acabd6cc20617763f21bfa346c736399849c071
34c4926d5bcf8168554e30c819abdfb725ed712ba66ca93edaeb325c84390c49
409f921d2d0a2382f9c70e96a77ed375c073688cc75db45d914fb6a67524fd62
6adc10605b0632ab286434d6eb5e3609d4efd7cd053cf0f91b3dc645b3425988
6b91a4f5ea942ef7f1de35de522f02bb391f34bf6c303bee299ed21a4ab752d4
6d2c69c359cbced4583aa9523af476f4083ef2ee712bdd04d5eb76e3b440ecec
7b1f89121c3fc3dc18a63e0aa207281a58508d6b4910d7ce187dfcd7856dceb7
85b3c9e9da3e9455d8ca5e981f4340fcc6cce074133f311e044132fe9e2cb989
9f65876cfe4e5476f43e4bcdd17cc4317a8d2535a9d8b2138423c12ccd6ddb86
a3a3577d11dd20e2076b7533589272c60cb17da9cec45a5e4241521d76c6f13b
aa64619f9c614379cac25c92b9aa350b9e002d221f68bf7b18b4baa3058f56cb
ae5264dec1a81e5dd7eb6534b735dd298adc4d35a4dbbb2340ebe079b781302d
b915a763d9f5b8490e8b31330fc12972d34b4db047fd20a55b02c2cc526414e8
d38115630be03a719b62f5267b4727586f322951fe7b9ced6e971eaf8fec8b2f
d4d6643ec3c11be7037a523b5c2de001ae716f92c43b99bc6192dc7a668e731c
e149be833abb63ea7211e1e9cad86448a5be5f7f7f5ef6e588bde2c56c312e6c
f7e32185f7b0342a308915fd27787482e115472e3f2336d313f249be9c3f9867