| media.on.betrivers.ca/C.ashx?btag=a_18825b_3759c_&affid=2953&siteid=18825&adid=3759&c=wtlnm7hqtubcr7r030hk9960&Acid=wtlnm7hqtubcr7r030hk9960&AutoR=1 | 20.93.81.72 | | 186 B |
URL media.on.betrivers.ca/C.ashx?btag=a_18825b_3759c_&affid=2953&siteid=18825&adid=3759&c=wtlnm7hqtubcr7r030hk9960&Acid=wtlnm7hqtubcr7r030hk9960&AutoR=1 IP20.93.81.72:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeHTML document, ASCII text, with CRLF line terminators Hash3501ca98a6d674f5967723b04f175929 d29b06f8b569da004ce01510f0249cffe09384c3 d846738ded473aebe579c6ff88b97268183007ff849cf0fa0a209df6b59b967c
GET /C.ashx?btag=a_18825b_3759c_&affid=2953&siteid=18825&adid=3759&c=wtlnm7hqtubcr7r030hk9960&Acid=wtlnm7hqtubcr7r030hk9960&AutoR=1 HTTP/1.1
Host: media.on.betrivers.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 25 Apr 2024 07:24:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 186
Connection: keep-alive
Cache-Control: private
Location: https://on.betrivers.ca/?btag=a_18825b_3759c_wtlnm7hqtubcr7r030hk9960
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=3&1&19&&&&0&1&&71423513-6429-4e09-9bcb-6261b6331f8a&&a_18825b_3759&; expires=Wed, 24-Jul-2024 07:24:16 GMT; path=/; SameSite=None; Secure
A_3759=a=3759&r=0&fv=0&lv=0&vc=0&fc=20240425&lc=20240425072416&cc=1; expires=Wed, 24-Jul-2024 07:24:16 GMT; path=/; SameSite=None; Secure
PM_51=id=6b5515ce-809a-4be6-8835-277ce08515d2&c=wtlnm7hqtubcr7r030hk9960&s=18825&ad=3759&md=0&pm=51&d=20240425072416&ip=1532635802&r=0&ref=&RedirectParams=btag%3Da_18825b_3759c_wtlnm7hqtubcr7r030hk9960&cip=OTEuOTAuNDIuMTU0; expires=Wed, 24-Jul-2024 07:24:16 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block
|
|
| on.betrivers.ca/cdn-cgi/images/browser-bar.png?1376755637 | 172.64.152.203 | | 715 B |
URL on.betrivers.ca/cdn-cgi/images/browser-bar.png?1376755637 IP172.64.152.203:0
File typePNG image data, 960 x 53, 8-bit colormap, non-interlaced Hash226dcb8f6144bdaafdfbd8f2f354be64 3785cc5b3bf52f8e398177b0ff1020b24aa86b8c 8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Sinkholed / Blocked |
GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: on.betrivers.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://on.betrivers.ca/cdn-cgi/styles/cf.errors.css
Cookie: __cf_bm=WgLNITywyZV4EYzJsGtDZ.RjJgapGToBRtv70YBXW1I-1714029856-1.0.1.1-tc7LYSHdpwQ_tu.J79W2zr6GybNqqPD2PJyIJ7iD02s85C.XrEFpVh2GGPdmzLDi6NA4MnnixwwSE0RNpmsp4g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 07:24:16 GMT
content-type: image/png
content-length: 715
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: "6622d9ef-2cb"
server: cloudflare
cf-ray: 879c97acee15568d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 25 Apr 2024 09:24:16 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| on.betrivers.ca/cdn-cgi/images/cf-no-screenshot-error.png | 172.64.152.203 | 200 OK | 3.2 kB |
URL GET HTTP/2on.betrivers.ca/cdn-cgi/images/cf-no-screenshot-error.png IP172.64.152.203:443
Requested byhttps://on.betrivers.ca/?btag=a_18825b_3759c_wtlnm7hqtubcr7r030hk9960 CertificateIssuerCloudflare, Inc. Subjectbetrivers.ca FingerprintB0:20:DB:49:54:32:D6:45:E5:47:AB:D1:99:54:25:69:0A:9C:0A:F8 ValidityFri, 15 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File typePNG image data, 178 x 175, 8-bit colormap, non-interlaced Hash0d768cbc261841d3affc933b9ac3130e aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7 1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Sinkholed / Blocked |
GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: on.betrivers.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://on.betrivers.ca/cdn-cgi/styles/cf.errors.css
Cookie: __cf_bm=WgLNITywyZV4EYzJsGtDZ.RjJgapGToBRtv70YBXW1I-1714029856-1.0.1.1-tc7LYSHdpwQ_tu.J79W2zr6GybNqqPD2PJyIJ7iD02s85C.XrEFpVh2GGPdmzLDi6NA4MnnixwwSE0RNpmsp4g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 25 Apr 2024 07:24:16 GMT
content-type: image/png
content-length: 3213
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: "6622d9ef-c8d"
server: cloudflare
cf-ray: 879c97acee17568d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 25 Apr 2024 09:24:16 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| on.betrivers.ca/favicon.ico | 172.64.152.203 | 403 Forbidden | 4.5 kB |
URL GET HTTP/2on.betrivers.ca/favicon.ico IP172.64.152.203:443
Requested byhttps://on.betrivers.ca/?btag=a_18825b_3759c_wtlnm7hqtubcr7r030hk9960 CertificateIssuerCloudflare, Inc. Subjectbetrivers.ca FingerprintB0:20:DB:49:54:32:D6:45:E5:47:AB:D1:99:54:25:69:0A:9C:0A:F8 ValidityFri, 15 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (4749), with no line terminators Hashf4cbe4747ecb759d66291a474061d422 6ac0cbfd1e1c4c68375f7fc2c5fce9eeb4fb362e 4bd01d24f8e313bbd34b7351522a6d3ad9d6983c62110af629ebfc98be823097
GET /favicon.ico HTTP/1.1
Host: on.betrivers.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://on.betrivers.ca/?btag=a_18825b_3759c_wtlnm7hqtubcr7r030hk9960
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=WgLNITywyZV4EYzJsGtDZ.RjJgapGToBRtv70YBXW1I-1714029856-1.0.1.1-tc7LYSHdpwQ_tu.J79W2zr6GybNqqPD2PJyIJ7iD02s85C.XrEFpVh2GGPdmzLDi6NA4MnnixwwSE0RNpmsp4g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 25 Apr 2024 07:24:16 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Thu, 25 Apr 2024 07:24:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000; includeSubDomains
server: cloudflare
cf-ray: 879c97ad0e3b568d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| on.betrivers.ca/?btag=a_18825b_3759c_wtlnm7hqtubcr7r030hk9960 | 172.64.152.203 | 403 Forbidden | 4.5 kB |
URL User Request GET HTTP/2on.betrivers.ca/?btag=a_18825b_3759c_wtlnm7hqtubcr7r030hk9960 IP172.64.152.203:443
CertificateIssuerCloudflare, Inc. Subjectbetrivers.ca FingerprintB0:20:DB:49:54:32:D6:45:E5:47:AB:D1:99:54:25:69:0A:9C:0A:F8 ValidityFri, 15 Sep 2023 00:00:00 GMT - Sat, 14 Sep 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (4749), with no line terminators Hash44e666e0745df479108f978b7d91b8cc c7a0f7d47152a2adeb95c95aa76910c703461490 728157e933d19cda3f5e91032d8c2afa3265364b53069a3d23bbea90dafa3384
GET /?btag=a_18825b_3759c_wtlnm7hqtubcr7r030hk9960 HTTP/1.1
Host: on.betrivers.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Thu, 25 Apr 2024 07:24:16 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Thu, 25 Apr 2024 07:24:31 GMT
set-cookie: __cf_bm=WgLNITywyZV4EYzJsGtDZ.RjJgapGToBRtv70YBXW1I-1714029856-1.0.1.1-tc7LYSHdpwQ_tu.J79W2zr6GybNqqPD2PJyIJ7iD02s85C.XrEFpVh2GGPdmzLDi6NA4MnnixwwSE0RNpmsp4g; path=/; expires=Thu, 25-Apr-24 07:54:16 GMT; domain=.betrivers.ca; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15780000; includeSubDomains
server: cloudflare
cf-ray: 879c97aacc02568d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|