urlscan.io logo urlscan.io
SecurityTrails logo

promo.mr.bet Open in urlscan Pro
104.22.4.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vl9.me/9mvkUR
Effective URL: https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Submission: On April 29 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 104.22.4.204, located in and belongs to CLOUDFLARENET, US. The main domain is promo.mr.bet.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2021. Valid for: a year.
This is the only time promo.mr.bet was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 137.184.108.90 14061 (DIGITALOC...)
1 104.22.4.204 13335 (CLOUDFLAR...)
6 172.67.74.12 13335 (CLOUDFLAR...)
7 2
Apex Domain
Subdomains		 Transfer
6 mb-cdn-promo.net
www.mb-cdn-promo.net
287 KB
1 mr.bet
promo.mr.bet
1 KB
1 vl9.me
vl9.me
184 B
7 3
Domain Requested by
6 www.mb-cdn-promo.net promo.mr.bet
www.mb-cdn-promo.net
1 promo.mr.bet
1 vl9.me 1 redirects
7 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-11 -
2022-07-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Frame ID: 799F60BC47B24EFF153BE7D3E036498C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mr.bet casino

Page URL History Show full URLs

  1. http://vl9.me/9mvkUR HTTP 302
    https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21 Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

288 kB
Transfer

292 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vl9.me/9mvkUR HTTP 302
    https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promo.mr.bet/
Redirect Chain
  • http://vl9.me/9mvkUR
  • https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.4.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f1bb48bdb277ef9883a8847f7d8dac768e19e5cf903b82cfac45ecc133526c7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
70376c2668459bb6-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 29 Apr 2022 10:40:57 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
x-frame-options
SAMEORIGIN

Redirect headers

Content-Length
0
Date
Fri, 29 Apr 2022 10:40:57 GMT
Server
nginx/1.10.3
location
https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
style.css
www.mb-cdn-promo.net/landings/web/mb_access_denied/css/ 		656 B
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mb-cdn-promo.net/landings/web/mb_access_denied/css/style.css?v={{cdn_version}}
Requested by
Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a86cc48b87b9a2c457052ef67d152aab1e10cd35b1b7e06bae5555c51d1c496

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://promo.mr.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 10:40:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 28 Aug 2019 07:54:19 GMT
server
cloudflare
etag
W/"5d66332b-290"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaZ220XJ5iQ0pIf54%2F8OL68UkXe0U5wl%2Fo%2BIjXQxx3cnEIZ9Hgsux%2BXawZsWDfIn%2Fpspn1abj9biFi3MFfKvfaZ%2Be3XKZKmPClN0yD5M%2BWQf4zMgpiG2KxouiIyk7ryy04znlId5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70376c27385a9136-FRA
webview-redirect.js
www.mb-cdn-promo.net/landings/common/web/js/ 		402 B
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mb-cdn-promo.net/landings/common/web/js/webview-redirect.js?v={{cdn_version}}
Requested by
Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
409f921d2d0a2382f9c70e96a77ed375c073688cc75db45d914fb6a67524fd62

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://promo.mr.bet/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 10:40:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Aug 2019 07:54:19 GMT
server
cloudflare
age
5408
etag
W/"5d66332b-192"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DpM3zebMiQ3at%2FwTN3x6mgFKN0zJ5I8tVyB9I%2FR4CvrPcR96uwfNoTTnyKIez2R2oeaakRhZ4%2FhBVFdcQ3AQpM5PKjORDTqDoyoPnYXojPj2iFaRm7gh073%2FxaMf6KMwldiQYUK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70376c2738609136-FRA
mrbet-logo.svg
www.mb-cdn-promo.net/landings/web/mb_access_denied/img/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mb-cdn-promo.net/landings/web/mb_access_denied/img/mrbet-logo.svg
Requested by
Host: www.mb-cdn-promo.net
URL: https://www.mb-cdn-promo.net/landings/web/mb_access_denied/css/style.css?v={{cdn_version}}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b915a763d9f5b8490e8b31330fc12972d34b4db047fd20a55b02c2cc526414e8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.mb-cdn-promo.net/landings/web/mb_access_denied/css/style.css?v={{cdn_version}}
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 10:40:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 28 Aug 2019 07:54:19 GMT
server
cloudflare
etag
W/"5d66332b-1a6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiqT2aX347E6PU%2BKaaqISMzhQitkc8csV4d7vYMXWa4gRcYQxQT2KChGtyrmfSHx5DgYsL68v45utiuW%2FMtN9OMDvGRXGOgB%2BayQ%2Fom55oWSt%2F1umNaccys7g18AM8E0z4g1DtWU"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
70376c27791f9136-FRA
Lato-Black.woff
www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Black/ 		126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Black/Lato-Black.woff?v={{cdn_version}}
Requested by
Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c62a09b73696310100d8e22694daa8d8dc78bf3f9b0d939b167a6dc13ed2cef

Request headers

Referer
https://promo.mr.bet/
Origin
https://promo.mr.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 10:40:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1711
content-length
128815
last-modified
Mon, 23 Dec 2019 08:51:18 GMT
server
cloudflare
etag
"5e008006-1f72f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hmnLO7y2r9QoQE73rmj3fjQC%2BL8ulNe4eGw3g4zSszjM2bfuavUh47DO63bfDotpfz5PU6bJZ%2Bh4l7kaw8TjgjQKP6HMMVJGWbxgXm04n3RDcRq%2BHy%2FdhcfQM79NB1RK2AORbmY"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70376c27be9e910a-FRA
SourceSansPro.woff
www.mb-cdn-promo.net/landings/common/_default/fonts/SourceSansPro/Regular/ 		113 KB
114 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mb-cdn-promo.net/landings/common/_default/fonts/SourceSansPro/Regular/SourceSansPro.woff
Requested by
Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa64619f9c614379cac25c92b9aa350b9e002d221f68bf7b18b4baa3058f56cb

Request headers

Referer
https://promo.mr.bet/
Origin
https://promo.mr.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 10:40:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6888
content-length
116072
last-modified
Thu, 03 Feb 2022 10:14:29 GMT
server
cloudflare
etag
"61fbab05-1c568"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Be2ggGnNv7Vhg3n2Bj29Uu3esXbPVk%2Bv336oF%2BqpephtEMucLnIsm4s6g%2BHIqJtRw5bMhxVGZIN5jaxG2fzTYA7hPRDCmRDwYdgMhoAIU%2B1cQM2DMiXRXAlRIX1SNc9GOB38rNPP"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70376c27bea1910a-FRA
Lato-Black.woff2
www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Black/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Black/Lato-Black.woff2?v={{cdn_version}}
Requested by
Host: promo.mr.bet
URL: https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c997abb38ede2240d957b57a3216882e8416b1f757f26b92128a8875e00e73

Request headers

Referer
https://promo.mr.bet/
Origin
https://promo.mr.bet
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 10:40:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1711
content-length
43456
last-modified
Wed, 18 Dec 2019 10:59:43 GMT
server
cloudflare
etag
"5dfa069f-a9c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwgVKfW8i9LT3dlPQ8ZV42P3881wSxMbX4UNeB2%2FhoYTvLH8MAiFmlsGwr0bOwaOciu7h%2BHSAFbg5qTS9kDOcmXXEWCJWEEkc%2FXSZDBvwC9NKSmQ4MTIgTk6OOHg5sjz2lStTS%2BX"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70376c28681e910a-FRA

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| ua boolean| isAndroid boolean| isInstagram boolean| isTelegram boolean| isFacebook

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Message:
Failed to decode downloaded font: https://www.mb-cdn-promo.net/landings/common/_default/fonts/Lato/Black/Lato-Black.woff?v={{cdn_version}}
other warning URL: https://promo.mr.bet/?lp=mb_wo8_adult&trackCode=aff_b347f1_156_demaycl21
Message:
OTS parsing error: incorrect file size in WOFF header

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN