promo.mr.bet Open in urlscan Pro
172.67.24.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://myparcelservice.com/
Effective URL:
https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Submission: On May 24 via automatic, source certstream-suspicious (May 24th 2022, 11:43:51 am UTC) — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 23 HTTP transactions. The main IP is 172.67.24.15, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo.mr.bet.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2021. Valid for: a year.

This is the only time promo.mr.bet was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	144.202.17.238 144.202.17.238	20473 (AS-CHOOPA) (AS-CHOOPA)
1 1	5.183.188.40 5.183.188.40	200487 (OOOVPS-AS) (OOOVPS-AS)
1	172.67.24.15 172.67.24.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	104.26.13.169 104.26.13.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2

1 144.202.17.238 (Atlanta, United States) 1 redirects

ASN20473 (AS-CHOOPA, US)
PTR: 144.202.17.238.vultrusercontent.com

myparcelservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.183.188.40 (Russian Federation) 1 redirects

ASN200487 (OOOVPS-AS, RU)
PTR: sa96625fc.fastvps-server.com

5.183.188.40	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.24.15 (United States)

ASN13335 (CLOUDFLARENET, US)

promo.mr.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.26.13.169 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mb-cdn-promo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	mb-cdn-promo.net www.mb-cdn-promo.net	807 KB
1	mr.bet promo.mr.bet	7 KB
1	myparcelservice.com 1 redirects myparcelservice.com	1 KB
23	3

	Domain	Requested by
22	www.mb-cdn-promo.net	promo.mr.bet www.mb-cdn-promo.net
1	promo.mr.bet
1	myparcelservice.com	1 redirects
23	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-11` - `2022-07-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Frame ID: 8859D950688A889B89CC347D37798536
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Register to Get Online Casino Welcome Offer - Mr.Bet

Page URL History Show full URLs

https://myparcelservice.com/ HTTP 302
http://5.183.188.40/click.php?key=49g5crigtpdxiequn6rd&sub1=a4profithouse2br&sub2=A4xvsemogusx29... HTTP 302
https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngm... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

813 kB
Transfer

933 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://myparcelservice.com/ HTTP 302
http://5.183.188.40/click.php?key=49g5crigtpdxiequn6rd&sub1=a4profithouse2br&sub2=A4xvsemogusx290br&sub5=36j72i117l3d HTTP 302
https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
promo.mr.bet/
Redirect Chain

https://myparcelservice.com/
http://5.183.188.40/click.php?key=49g5crigtpdxiequn6rd&sub1=a4profithouse2br&sub2=A4xvsemogusx290br&sub5=36j72i117l3d
https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut

27 KB
7 KB

72ms
41ms

Document
text/html

172.67.24.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.24.15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bb80b76854b67f1469391ba87f0d12fe6634528c90832159cc3d1dc432ee3e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7105c68e89e79b5b-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 24 May 2022 11:43:46 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
x-frame-options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 24 May 2022 11:43:46 GMT
Location: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Server: nginx/1.20.2
Transfer-Encoding: chunked

GET
H2 200 style.min.css
www.mb-cdn-promo.net/landings/web/mb_reg/css/ 19 KB
5 KB 381ms
35ms Stylesheet
text/css 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e5751787b1b4faa29d56192c7828c19ca8b2ac6baf8b68d91523fa4302b493b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mr.bet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Aug 2019 10:30:14 GMT
server: cloudflare
age: 1534
etag: W/"5d6657b6-4a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqI4ZXbPKEgk%2B6OS2FmsyFXF8sWQns8qEZjSicED4dWgRxZGcLxyiMfXZTdVLa34N2pvdOL0eD0BHNCz3B%2BJDecHVCBzvGAviX%2FY0lyWC2igq%2B29BINIDRvletLunkmSl8Kr4Jnn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7105c6910b84915f-FRA

GET
H2 200 jquery.min.js Show response
www.mb-cdn-promo.net/landings/common/_default/js/ 82 KB
30 KB 378ms
31ms Script
application/javascript 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/js/jquery.min.js?=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mr.bet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Aug 2019 07:54:19 GMT
server: cloudflare
age: 1689
etag: W/"5d66332b-1499c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzQ3O7Yi6lCaV6AlBDPn%2BFXJLKOpIgVfpn6vWQL1wsqg0PbNkNQ6AsSkiRmAMhuCbgWC4T7Orx8QfUgSe3QFQlUgQTEP%2FYFghZOqHn1OUBFWATZlsH%2BJ4u8zU0rjYt95KJns3rPs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7105c6910b85915f-FRA

GET
H2 200 jquery.selectric.min.js Show response
www.mb-cdn-promo.net/landings/common/_default/js/ 14 KB
5 KB 374ms
28ms Script
application/javascript 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/js/jquery.selectric.min.js
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 345107d9a2c7bc55dd206e93b733446030d6cd28523680efd34696bce3cc7007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mr.bet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Aug 2019 07:54:19 GMT
server: cloudflare
age: 4209
etag: W/"5d66332b-379a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89M8RUSnL64jEuDrGGdvz%2BUvieXJnoidhwjLl%2BcPG%2Bfi%2F2THFVDLwb3PdbXE97P%2FfLe7UpAcNwbeZjBnolUcbPtNp1UBQyCRTVsOuIvR5MiVgJxOplgLi49CbpqW014IsSkIleMx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7105c6910b89915f-FRA

GET
H2 200 jquery.form-validator.min.js Show response
www.mb-cdn-promo.net/landings/web/mb_reg/js/ 28 KB
10 KB 367ms
21ms Script
application/javascript 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/js/jquery.form-validator.min.js
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db947ec853867e8e724e80b6afd0f2acb17921b345e71a3a8d0076dcebf364e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mr.bet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Aug 2019 07:54:20 GMT
server: cloudflare
age: 5865
etag: W/"5d66332c-71f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9zRkHrRhx%2FthYZxujeuLu5bbSFD56Hm282rZDFfRtLjaOAAiQlW9K0a9oBC8xiLDKZYvcHpSG6s1Nt7b9p%2B%2B9zoePNKCj3E5Qkbq0RhUuKvIvdZstB8PA%2FvayTDHqrwV%2B9dY8H5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7105c6910b8a915f-FRA

GET
H2 200 RegistrationService.js Show response
www.mb-cdn-promo.net/landings/common/_default/js/ 3 KB
1 KB 369ms
23ms Script
application/javascript 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/js/RegistrationService.js?v=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6707ff1d839376798abea76f699bac49956b1aad0aae2be7b98e12fe32ea36ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mr.bet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 10:10:02 GMT
server: cloudflare
age: 1689
etag: W/"6023b0fa-cd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpoi77HJ0dlRK%2BEXHEkKZZjSv6sjs1VWZTFaxbR8qf7KQypY629idfSHmXJGM%2BbElEKaXFGCyYaieMOLY6E1s3hR%2FnVTAbYB0XQ2Q%2BNR5aQP9HjlmQ7KaYv44bLiv%2F00yKSqtiM7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7105c6910b8c915f-FRA

GET
H2 200 2step_form.js Show response
www.mb-cdn-promo.net/landings/common/_default/js/ 5 KB
2 KB 370ms
24ms Script
application/javascript 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/js/2step_form.js?v=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35553567f38ab52e4b9b1df5a7a6a51b445eec7b1ade361ddb29ed6b98cbcd74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mr.bet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 07:04:42 GMT
server: cloudflare
age: 1689
etag: W/"60d18b8a-1343"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONvi0K0gsGwvb4wll%2BmKftnun59LS8%2BNBSo%2BycQMRo9hkCZosZQ6BLO7gXn%2BndIq5Jy0j%2FF2%2BGY3%2FQTpeVk6FCcL2XUsUBpB%2FCO6YKX2FVhPpAuLWTo5IpOvS%2FdTMW2%2FU41mlMkm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7105c6910b8d915f-FRA

GET
H2 200 script.js Show response
www.mb-cdn-promo.net/landings/common/_default/js/ 3 KB
1 KB 375ms
29ms Script
application/javascript 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/js/script.js?=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d772f8300746a80cfc3b79b7c99f37d61a9d1439784b04b24bb44c7d8f52969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mr.bet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Jun 2021 07:04:42 GMT
server: cloudflare
age: 1689
etag: W/"60d18b8a-d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FMEmkLJJYmsryJyomtrZ15bduCo7YmhzhtMSSkVd3P6QToPu5o7vC%2BtTXStScT0IqCRTlSSqWQkGgpl7i2F7RJ5ZUH1FoCw8xLZnuLIfrPWhqtsP1zIXzeQrW6MIdNITE4Qaq1p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7105c6910b93915f-FRA

GET
H2 200 currency_wo1500.js Show response
www.mb-cdn-promo.net/landings/common/_default/js/ 600 B
628 B 371ms
26ms Script
application/javascript 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/js/currency_wo1500.js?v=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a0844930343207de1f35e80791d2f581275b5d946956af677bdca5da213794d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mr.bet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Apr 2022 09:58:12 GMT
server: cloudflare
age: 1697
etag: W/"6253fbb4-258"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7j6DPWsJqHHtwyq%2F8Q1dnOFM6ekHVcrcTxtb%2F96vrb57QsykNs1gHaxS09Z5XJAdEuL00bLSEkqzoEOwcyl055XGYt%2FIi%2Fr2%2Btfj8CFbt5BE0j%2Bzaxz0z9iXSIrelSaFobQCwAB7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7105c6910b91915f-FRA

GET
H2 200 mbRegScroll.js Show response
www.mb-cdn-promo.net/landings/common/_default/js/ 539 B
535 B 372ms
27ms Script
application/javascript 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/js/mbRegScroll.js?v=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c8afa9319c44d41909d465fdfac803c3a30cda94c685c0daa4b78dffdfa5ca3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.mr.bet/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Oct 2020 11:20:36 GMT
server: cloudflare
age: 1530
etag: W/"5f901984-21b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BPYi9cukq0OuMAIgtAlghLN8q557VIiPyO3c5I3RZMDm89p9f6XRqMgdgPCZJ8sT%2BfzQV0jC4q%2BiTsXtZj00gIH0uy2EErfPAB09mI8TrbGD4J8WN%2BDg31cxVpC%2Fm4NhPhXiZH%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7105c6910b90915f-FRA

GET
H2 200 mb_wo-bg.jpg
www.mb-cdn-promo.net/landings/web/mb_reg/img/ 16 KB
16 KB 21ms
20ms Image
image/jpeg 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/img/mb_wo-bg.jpg
Requested by: Host: www.mb-cdn-promo.net
URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cf6a8e4720008ebcd41bbd877f143ffacba3f69bf88c60248eb695479508192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5864
content-length: 16196
last-modified: Wed, 28 Aug 2019 07:54:20 GMT
server: cloudflare
etag: "5d66332c-3f44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzAghtU0mPK3LK8XHU9fyXrOvKyHr%2FPyAKFjoSf4EeH9Y0Gm%2FXIJ18s0VTMfLoJf1exkKzkX9I3PuSSnI5bahznc8Sb9AVMLB8zgGBts4RAzbff3AFsFpE5JQImnc39LfrocgboS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c6915c30915f-FRA
cf-bgj: h2pri

GET
H2 200 confeti.png
www.mb-cdn-promo.net/landings/web/mb_reg/img/ 52 KB
53 KB 19ms
19ms Image
image/png 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/img/confeti.png
Requested by: Host: www.mb-cdn-promo.net
URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d764331c5468918869db9543377fddc309d6a0ffc3d7d5e999c40b7f005a9b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6537
content-length: 53436
last-modified: Wed, 28 Aug 2019 07:54:20 GMT
server: cloudflare
etag: "5d66332c-d0bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vej4a3FeXFaliF6QX8IzcSzzSujXC8olYcbean6a1iUoBrk7daJNV%2Fk6%2B2ipggAd6sg8JdkfQVrzOnNaCpFpx%2B1gJIAuta%2BZfBX%2B5ovT0CyVl6tpW66SZCZgtJhHJJG4u7Kw20Sv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c6915c32915f-FRA

GET
H2 200 slot-machines-img.png
www.mb-cdn-promo.net/landings/web/mb_reg/img/ 71 KB
72 KB 20ms
19ms Image
image/png 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/img/slot-machines-img.png
Requested by: Host: www.mb-cdn-promo.net
URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67b7c0e07a209d31c65940a1e1d5c66803370185dc571ab7a695e1162d4a103a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6210
content-length: 73011
last-modified: Wed, 28 Aug 2019 07:54:20 GMT
server: cloudflare
etag: "5d66332c-11d33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SPIMxuuGX%2Fkp3ytvnC2Ft30TZ8dXS1WqRhXJWY5VetJ0pVu1pzJllODU46fxldXvweTnKp8Y0pQ8WZ4b8J2XBQuUTok2QT8KlWLkQQAv%2FJJLCGpJl07vA53hmC%2B83yzAo0Uq6hf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c6915c37915f-FRA

GET
H2 200 gifts-img.png
www.mb-cdn-promo.net/landings/web/mb_reg/img/ 39 KB
39 KB 34ms
33ms Image
image/png 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/img/gifts-img.png
Requested by: Host: www.mb-cdn-promo.net
URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cde2ab753f6da4743e32c98d9dba164cb7165c0354a2e32a95d3cf68f4adf0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5864
content-length: 40003
last-modified: Wed, 28 Aug 2019 07:54:20 GMT
server: cloudflare
etag: "5d66332c-9c43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0cCdGeNL6z0HckpJAQcratKvMXvgisKn421VagQg%2B7Nd9qR83BPxAZ4xteEO0RYS2VUQnLt%2FFQAe0HEGE9NgqT0P0P5s5%2BK8%2BfAlGZ3CO3nTbankkg2nYtJuIQn%2BLhMA2oFZyT%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c6915c39915f-FRA

GET
H2 200 mr-bet-img.png
www.mb-cdn-promo.net/landings/web/mb_reg/img/ 42 KB
43 KB 26ms
25ms Image
image/png 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/img/mr-bet-img.png
Requested by: Host: www.mb-cdn-promo.net
URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02cf6729099a4be4da395fef870b08960806d36ef985b326eb0679d8a8beb647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7093
content-length: 43500
last-modified: Wed, 28 Aug 2019 07:54:20 GMT
server: cloudflare
etag: "5d66332c-a9ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcdlvdWW5gHqeXvHVJKd0GqHY%2BUu5Y4AhASe%2BEPddUC83oFQHS6QkMqe0ncqbnWmVvr2WIJRoBwZ104Tv6tb9p3%2FUkbsYk%2F8zogK77GaiFy3LJzi6KEt33beJbl4xQXQMcJ8QkUf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c6915c3b915f-FRA

GET
H2 200 mrbet-logo.svg
www.mb-cdn-promo.net/landings/web/mb_reg/img/ 7 KB
3 KB 25ms
25ms Image
image/svg+xml 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/img/mrbet-logo.svg
Requested by: Host: www.mb-cdn-promo.net
URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b915a763d9f5b8490e8b31330fc12972d34b4db047fd20a55b02c2cc526414e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Aug 2019 07:54:20 GMT
server: cloudflare
age: 6923
etag: W/"5d66332c-1a6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y60IQhDlP1Svi04KdV5qsnj6SW9xeEm9%2BFcKq4Ut%2FYr%2BiTIsjoqVOrwXjPHcTg7Jtk%2FnKmad8eF49zCK53DVJT542aO8s9vC9XNG8uwvHN%2Bg14Ez89VlUkJ3sdgTO2UTB%2B6fr9gX"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7105c6915c3d915f-FRA

GET
H2 200 sprite-general.png
www.mb-cdn-promo.net/landings/web/mb_reg/img/ 49 KB
50 KB 26ms
25ms Image
image/png 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/img/sprite-general.png
Requested by: Host: www.mb-cdn-promo.net
URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73fd3f5111b989e49c35213e50bf20be67825f257dbf53766f789265edd8dc45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6210
content-length: 50463
last-modified: Wed, 28 Aug 2019 07:54:20 GMT
server: cloudflare
etag: "5d66332c-c51f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3j8HiU908fc6TQdRPMPfLW5oOC8Olc8Se476vkvFhcjkZ0wB4GfZq6GYwoo%2F%2FeBo6UeAOxRObJpEgp5d9%2BbchUjmD9b1uY1h9UUvorumbFMwlV5O1mTEkONx9wM0l0dcxan3z41"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c6915c3f915f-FRA

GET
H2 200 logos-sprite-safety.png
www.mb-cdn-promo.net/landings/web/mb_reg/img/ 20 KB
20 KB 24ms
24ms Image
image/png 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/img/logos-sprite-safety.png
Requested by: Host: www.mb-cdn-promo.net
URL: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 892df5e47dd1a197b0a9c7a01e7a8a27ca297d15a16b9430c4bc4ae0c5e1cfc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mb-cdn-promo.net/landings/web/mb_reg/css/style.min.css?v=1653390694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5643
content-length: 20620
last-modified: Wed, 28 Aug 2019 07:54:20 GMT
server: cloudflare
etag: "5d66332c-508c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJTZTO5S6BTl377SHar6cJJMHNhDNJ0YYkQFyEEYPpXYP2ztxh%2Ff3ol0sct6oK5TDcFsDTLQwrJin7OJ8gsPC2Ai3szgaodun1FgYBwWtArCRxMSEupdAB7sVC9wHzh2Ps4aehxS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c6915c42915f-FRA

GET
H2 200 Lato-Black.woff
www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Black/ 126 KB
126 KB 50ms
19ms Font
application/octet-stream 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Black/Lato-Black.woff?v=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c62a09b73696310100d8e22694daa8d8dc78bf3f9b0d939b167a6dc13ed2cef

Request headers

Referer: https://promo.mr.bet/
Origin: https://promo.mr.bet
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1043
content-length: 128815
last-modified: Mon, 23 Dec 2019 08:51:18 GMT
server: cloudflare
etag: "5e008006-1f72f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVGWIIvlKJZnYkdAys3%2BcbDQGh%2FZEazXFbMsznCoEdueBxBKCCfvJN2pBrOWJrwcpNCDqERAxgKUjDh0GjJdsGWyG9PR1y1p0zK03xn4YIjjwTSOjjW5kkkUnI4dz6oSGFUSd1JT"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c6919ceb9253-FRA

GET
H2 200 Lato-Bold.woff
www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Bold/ 129 KB
129 KB 56ms
26ms Font
application/octet-stream 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Bold/Lato-Bold.woff?v=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d604fce81f938586329f820a2256bad46c067aca0a69c943853b6c7e1880cfd

Request headers

Referer: https://promo.mr.bet/
Origin: https://promo.mr.bet
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1534
content-length: 131918
last-modified: Mon, 23 Dec 2019 08:51:18 GMT
server: cloudflare
etag: "5e008006-2034e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu9zSgdcUAod64BqY0T891x%2BOX2V5zHFSC7XKwGqIFqf%2FedDxpjSJpQR9al0rFEm6vzAduxZu4XMqM0s9aMhLszE1IVGYidJXIY6Q7mU4W7XyDBc57m%2FhksqMQVynvU2Kx8RSamn"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c6919cf09253-FRA

GET
H2 200 SourceSansPro.woff
www.mb-cdn-promo.net/landings/common/_default/fonts/SourceSansPro/Regular/ 113 KB
114 KB 70ms
41ms Font
application/octet-stream 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/fonts/SourceSansPro/Regular/SourceSansPro.woff
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa64619f9c614379cac25c92b9aa350b9e002d221f68bf7b18b4baa3058f56cb

Request headers

Referer: https://promo.mr.bet/
Origin: https://promo.mr.bet
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3662
content-length: 116072
last-modified: Thu, 03 Feb 2022 10:14:29 GMT
server: cloudflare
etag: "61fbab05-1c568"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Am%2BKhUuS9WcZNaILtuakgoTqmcPBYiyGpzFAJ5fhZ0itDXjOfF7S5PxJiXUGz9FpBbDcSKtriALJ5PljR1RZ0EVjk6p6R8azyyMGdamF5kmaaJpH6oOVcfdvK9DmZg1M5mn2oT5Q"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c6919cf39253-FRA

GET
H2 200 Lato-Black.woff2
www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Black/ 42 KB
43 KB 34ms
34ms Font
application/octet-stream 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Black/Lato-Black.woff2?v=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c997abb38ede2240d957b57a3216882e8416b1f757f26b92128a8875e00e73

Request headers

Referer: https://promo.mr.bet/
Origin: https://promo.mr.bet
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1043
content-length: 43456
last-modified: Wed, 18 Dec 2019 10:59:43 GMT
server: cloudflare
etag: "5dfa069f-a9c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXfB5SJIqXGP8b2RsoGlCaJXurxkYw36Ass4fbC0Rcj530gI49cWLcWvggm7y1sHF5gmO8ap04nuCWbNqsey%2Bh%2B4qR5cyoT%2FKiiLq%2Be14YpOaIO8Zxy2cPI43MVi3F7JENUpy11T"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c691dd6f9253-FRA

GET
H2 200 Lato-Bold.woff2
www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Bold/ 43 KB
44 KB 52ms
52ms Font
application/octet-stream 104.26.13.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Bold/Lato-Bold.woff2?v=1653390694
Requested by: Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540

Request headers

Referer: https://promo.mr.bet/
Origin: https://promo.mr.bet
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 11:43:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1534
content-length: 44380
last-modified: Wed, 18 Dec 2019 10:59:43 GMT
server: cloudflare
etag: "5dfa069f-ad5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVoF0KLwbrmbSlOmUMTMpgsSLRPuSMltR6QuRNHIzEbUq9f2Q4Zu5mdEvACMr2r9%2BL6r6k6DFvVO%2FYajwjm0FIRNbUoBPz0ekKqydo4sfcFA0B%2F0%2FG%2Bxqx9u8LEO6R7CjzdcSkJP"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7105c691ed779253-FRA

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
myparcelservice.com/	1970-01-20 04:01:11	Name: _subid Value: 36j72i117l3d
myparcelservice.com/	1970-01-20 04:01:11	Name: _token Value: uuid_36j72i117l3d_36j72i117l3d628cc4f2b06a22.68876996
myparcelservice.com/	1970-02-08 06:34:31	Name: 85c52 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI3MTdcIjoxNjUzMzkyNjI2fSxcImNhbXBhaWduc1wiOntcIjI5MFwiOjE2NTMzOTI2MjZ9LFwidGltZVwiOjE2NTMzOTI2MjZ9In0.u7gh3wmrbLf3ezrzrCf6R6wHFHHSfJRwR2TsCpLi__Y
5.183.188.40/	1970-01-20 03:17:59	Name: uclick Value: fngmxo
5.183.188.40/	1970-01-20 03:17:59	Name: uclickhash Value: fngmxo-fngmxo-gxwj-521z-lpqq-hqtl-hqp2-a34f35
promo.mr.bet/	1969-12-31 23:59:59	Name: pid Value: 3
promo.mr.bet/	1970-01-20 03:17:59	Name: ForwardParameter Value: lp%3Dmb_reg%26cid%3D86ff9fngmxo131

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut(Line 467) Message: Failed to decode downloaded font: https://www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Black/Lato-Black.woff?v=1653390694
other	warning	URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut(Line 467) Message: OTS parsing error: incorrect file size in WOFF header
other	warning	URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut(Line 467) Message: Failed to decode downloaded font: https://www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Bold/Lato-Bold.woff?v=1653390694
other	warning	URL: https://promo.mr.bet/?lp=mb_reg&trackCode=aff_1b5ddb_153_Facebook_A4xvsemogusx290br&cid=86ff9fngmxo131&tst=ut(Line 467) Message: OTS parsing error: incorrect file size in WOFF header

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

myparcelservice.com
promo.mr.bet
www.mb-cdn-promo.net
104.26.13.169
144.202.17.238
172.67.24.15
5.183.188.40
02cf6729099a4be4da395fef870b08960806d36ef985b326eb0679d8a8beb647
0e5751787b1b4faa29d56192c7828c19ca8b2ac6baf8b68d91523fa4302b493b
1bb80b76854b67f1469391ba87f0d12fe6634528c90832159cc3d1dc432ee3e3
1c62a09b73696310100d8e22694daa8d8dc78bf3f9b0d939b167a6dc13ed2cef
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
276401632a998400be8a5895038f4f72d3760d3c3d6aaf3cf445d109cb9d1540
345107d9a2c7bc55dd206e93b733446030d6cd28523680efd34696bce3cc7007
35553567f38ab52e4b9b1df5a7a6a51b445eec7b1ade361ddb29ed6b98cbcd74
3cde2ab753f6da4743e32c98d9dba164cb7165c0354a2e32a95d3cf68f4adf0a
4d604fce81f938586329f820a2256bad46c067aca0a69c943853b6c7e1880cfd
4d764331c5468918869db9543377fddc309d6a0ffc3d7d5e999c40b7f005a9b9
5a0844930343207de1f35e80791d2f581275b5d946956af677bdca5da213794d
6707ff1d839376798abea76f699bac49956b1aad0aae2be7b98e12fe32ea36ca
67b7c0e07a209d31c65940a1e1d5c66803370185dc571ab7a695e1162d4a103a
73fd3f5111b989e49c35213e50bf20be67825f257dbf53766f789265edd8dc45
7c8afa9319c44d41909d465fdfac803c3a30cda94c685c0daa4b78dffdfa5ca3
7cf6a8e4720008ebcd41bbd877f143ffacba3f69bf88c60248eb695479508192
892df5e47dd1a197b0a9c7a01e7a8a27ca297d15a16b9430c4bc4ae0c5e1cfc3
9d772f8300746a80cfc3b79b7c99f37d61a9d1439784b04b24bb44c7d8f52969
aa64619f9c614379cac25c92b9aa350b9e002d221f68bf7b18b4baa3058f56cb
b915a763d9f5b8490e8b31330fc12972d34b4db047fd20a55b02c2cc526414e8
db947ec853867e8e724e80b6afd0f2acb17921b345e71a3a8d0076dcebf364e1
e2c997abb38ede2240d957b57a3216882e8416b1f757f26b92128a8875e00e73

promo.mr.bet Open in urlscan Pro 172.67.24.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

813 kBTransfer

933 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

7 Cookies

4 Console Messages

Security Headers

Indicators

promo.mr.bet Open in urlscan Pro
172.67.24.15 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

813 kB
Transfer

933 kB
Size

7
Cookies

23 HTTP transactions
0 data transactions