Report - trk.vlchk.com/redirect?target=BASE64aHR0cHM6Ly9tZWRpYS5vbi5iZXRyaXZlcnMuY2EvQy5hc2h4P2J0YWc9YV8xODgwOWJfMzc1OWNfJmFmZmlkPTI5NTMmc2l0ZWlkPTE4ODA5JmFkaWQ9Mzc1OSZjPXdqZHVtdnZhcHQ5b25maGEza3Q0NTVmZSZBY2lkPXdqZHVtdnZhcHQ5b25maGEza3Q0NTVmZQ&ts=1749769406642&hash=eRUv9OGudmlUzg9Zzm4fW-mG2HEqHjMSc2QJm

Report Overview

Visitedpublic

2025-06-12 23:04:35

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
on.betrivers.ca	unknown	2020-08-04	2022-06-02	2025-06-07	3.2 kB	40 kB	104.18.41.160
trk.vlchk.com	unknown	2025-04-28	2025-05-17	2025-06-05	774 B	1.1 kB	54.240.174.68
media.on.betrivers.ca	unknown	2020-08-04	2021-11-18	2025-06-07	1.2 kB	11 kB	20.93.81.72

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	trk.vlchk.com/redirect?target=BASE64aHR0cHM6Ly9tZWRpYS5vbi5iZXRyaXZlcnMuY2EvQy5hc2h4P2J0YWc9YV8xODgwOWJfMzc1OWNfJmFmZmlkPTI5NTMmc2l0ZWlkPTE4ODA5JmFkaWQ9Mzc1OSZjPXdqZHVtdnZhcHQ5b25maGEza3Q0NTVmZSZBY2lkPXdqZHVtdnZhcHQ5b25maGEza3Q0NTVmZQ&ts=1749769406642&hash=eRUv9OGudmlUzg9Zzm4fW-mG2HEqHjMSc2QJm_6b9zA&rm=DJ	ScriptElement	211 B	2025-06-12	2025-06-12
URL trk.vlchk.com/redirect?target=BASE64aHR0cHM6Ly9tZWRpYS5vbi5iZXRyaXZlcnMuY2EvQy5hc2h4P2J0YWc9YV8xODgwOWJfMzc1OWNfJmFmZmlkPTI5NTMmc2l0ZWlkPTE4ODA5JmFkaWQ9Mzc1OSZjPXdqZHVtdnZhcHQ5b25maGEza3Q0NTVmZSZBY2lkPXdqZHVtdnZhcHQ5b25maGEza3Q0NTVmZQ&ts=1749769406642&hash=eRUv9OGudmlUzg9Zzm4fW-mG2HEqHjMSc2QJm_6b9zA&rm=DJ IP / ASN 54.240.174.68 #16509 AMAZON-02 Introduced by ScriptElement Embedded true Resource Information First Seen 2025-06-12 Last Seen 2025-06-12 Times Seen 1 Size 211 B (211 bytes) MD5 db9d5b45fa0da0a0ac274784d0a7d6bd SHA1 52e38f897380d95c93e11a55e21f50be25e5f7ad SHA256 a7b32ac54ec4d67bf6570b5c3aad611c7c063de0eb647637f171fb8d37984154 Format Code Loading...

	on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe	ScriptElement	210 B	2023-03-07	2025-08-11
URL on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe IP / ASN 104.18.41.160 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Information First Seen 2023-03-07 Last Seen 2025-08-11 Times Seen 174936 Size 210 B (210 bytes) MD5 ab1ac4cf0f484cc9f859c0a7983353e0 SHA1 2da142b1135bd10cdbed4a7353e4483acc30ebe9 SHA256 50e878a18b2b5be7071dc7c10297381bcfcb55f17c27760ee857af9e31133324 Format Code Loading...

	on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe	ScriptElement	375 B	2023-03-07	2025-08-11
URL on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe IP / ASN 104.18.41.160 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Information First Seen 2023-03-07 Last Seen 2025-08-11 Times Seen 181392 Size 375 B (375 bytes) MD5 56df91490fa1984fa82b297dcb23c22d SHA1 2050f127b73f50d21eb9b0a2a3f2aea7d4372ba9 SHA256 275407540ae2d5516300e4027ce994e1c97f958d464e137d0fff116d7acf0f24 Format Code Loading...

	on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe	ScriptElement	38 B	2023-03-07	2025-08-11
URL on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe IP / ASN 104.18.41.160 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Information First Seen 2023-03-07 Last Seen 2025-08-11 Times Seen 128473 Size 38 B (38 bytes) MD5 eb2ee6e4b3d4e81bacdb2474d9b3c2f5 SHA1 6588855b25c975b224e0fd1b50ca1b3f36cd46ed SHA256 3dd83a652b2e60d8dfc699cd2006f70007b826a92b49e61e9194bf422481ac05 Format Code Loading...

HTTP Transactions (8)

URL IP Response Size

GET on.betrivers.ca/cdn-cgi/images/browser-bar.png?1376755637

104.18.41.160

200 OK

715 B

URL GET HTTPS

on.betrivers.ca/cdn-cgi/images/browser-bar.png?1376755637

IP / ASN

104.18.41.160

#13335 CLOUDFLARENET

Requested byhttps://on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe

Resource Information

File typePNG image data, 960 x 53, 8-bit colormap, non-interlaced

First Seen0001-01-01

Last Seen2025-08-11

Times Seen73135

Size715 B (715 bytes)

MD5226dcb8f6144bdaafdfbd8f2f354be64

SHA13785cc5b3bf52f8e398177b0ff1020b24aa86b8c

SHA2568c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Certificate Information

IssuerGoogle Trust Services

Subjectbetrivers.ca

Fingerprint09:B8:A7:A4:9E:A8:14:CE:A4:FA:FD:C4:19:F7:E0:DF:4A:14:8F:48

ValidityFri, 06 Jun 2025 06:13:21 GMT - Thu, 04 Sep 2025 07:13:18 GMT

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: on.betrivers.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://on.betrivers.ca/cdn-cgi/styles/cf.errors.css
Cookie: __cf_bm=LlQJ8iJPeGKcBSRfn0nBbKXGaoZbSHOTPKfX_coFruU-1749769454-1.0.1.1-xeXxU.tUExOmJQgKgSUx.wmFjbsUrCQwTuezUDtaVZCLEvZbOmjb7qF.4Z2_7N_QB3AX1zLvLA.5vpLazXJH3WJguK15d1jipn.s0oLODwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 23:04:14 GMT
content-type: image/png
content-length: 715
last-modified: Tue, 10 Jun 2025 15:47:54 GMT
etag: "684853aa-2cb"
server: cloudflare
cf-ray: 94ecfc7209221c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 13 Jun 2025 01:04:14 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET on.betrivers.ca/cdn-cgi/images/cf-no-screenshot-error.png

104.18.41.160

200 OK

3.2 kB

URL GET HTTPS

on.betrivers.ca/cdn-cgi/images/cf-no-screenshot-error.png

IP / ASN

104.18.41.160

#13335 CLOUDFLARENET

Requested byhttps://on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe

Resource Information

File typePNG image data, 178 x 175, 8-bit colormap, non-interlaced

First Seen0001-01-01

Last Seen2025-08-11

Times Seen73143

Size3.2 kB (3213 bytes)

MD50d768cbc261841d3affc933b9ac3130e

SHA1aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7

SHA2561c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0

Certificate Information

IssuerGoogle Trust Services

Subjectbetrivers.ca

Fingerprint09:B8:A7:A4:9E:A8:14:CE:A4:FA:FD:C4:19:F7:E0:DF:4A:14:8F:48

ValidityFri, 06 Jun 2025 06:13:21 GMT - Thu, 04 Sep 2025 07:13:18 GMT

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Sinkholed / Blocked

HTTP Headers

GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: on.betrivers.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://on.betrivers.ca/cdn-cgi/styles/cf.errors.css
Cookie: __cf_bm=LlQJ8iJPeGKcBSRfn0nBbKXGaoZbSHOTPKfX_coFruU-1749769454-1.0.1.1-xeXxU.tUExOmJQgKgSUx.wmFjbsUrCQwTuezUDtaVZCLEvZbOmjb7qF.4Z2_7N_QB3AX1zLvLA.5vpLazXJH3WJguK15d1jipn.s0oLODwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 23:04:14 GMT
content-type: image/png
content-length: 3213
last-modified: Tue, 10 Jun 2025 15:47:54 GMT
etag: "684853aa-c8d"
server: cloudflare
cf-ray: 94ecfc7219251c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 13 Jun 2025 01:04:14 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET on.betrivers.ca/favicon.ico

104.18.41.160

403 Forbidden

4.5 kB

URL GET HTTPS

on.betrivers.ca/favicon.ico

IP / ASN

104.18.41.160

#13335 CLOUDFLARENET

Requested byhttps://on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe

Resource Information

File typeHTML document, ASCII text, with very long lines (394)

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size4.5 kB (4514 bytes)

MD5008307659d7e0dd0804d993dd0cf716d

SHA1be929b4697f102f3c885914184d236ca6545b41f

SHA2560b2923686ad04e4929b903ddd5f17b8cd8bd224a516e5f3bb9bdaeca292e6ed2

Certificate Information

IssuerGoogle Trust Services

Subjectbetrivers.ca

Fingerprint09:B8:A7:A4:9E:A8:14:CE:A4:FA:FD:C4:19:F7:E0:DF:4A:14:8F:48

ValidityFri, 06 Jun 2025 06:13:21 GMT - Thu, 04 Sep 2025 07:13:18 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: on.betrivers.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=LlQJ8iJPeGKcBSRfn0nBbKXGaoZbSHOTPKfX_coFruU-1749769454-1.0.1.1-xeXxU.tUExOmJQgKgSUx.wmFjbsUrCQwTuezUDtaVZCLEvZbOmjb7qF.4Z2_7N_QB3AX1zLvLA.5vpLazXJH3WJguK15d1jipn.s0oLODwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Thu, 12 Jun 2025 23:04:14 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000; includeSubDomains
server: cloudflare
cf-ray: 94ecfc7249481c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET trk.vlchk.com/redirect?target=BASE64aHR0cHM6Ly9tZWRpYS5vbi5iZXRyaXZlcnMuY2EvQy5hc2h4P2J0YWc9YV8xODgwOWJfMzc1OWNfJmFmZmlkPTI5NTMmc2l0ZWlkPTE4ODA5JmFkaWQ9Mzc1OSZjPXdqZHVtdnZhcHQ5b25maGEza3Q0NTVmZSZBY2lkPXdqZHVtdnZhcHQ5b25maGEza3Q0NTVmZQ&ts=1749769406642&hash=eRUv9OGudmlUzg9Zzm4fW-mG2HEqHjMSc2QJm_6b9zA&rm=DJ

54.240.174.68

200 OK

634 B

URL User Request GET HTTPS

IP / ASN

54.240.174.68

#16509 AMAZON-02

Requested byN/A

Resource Information

File typeHTML document, ASCII text, with very long lines (634), with no line terminators

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size634 B (634 bytes)

MD5602607bc7ce9c73cae06dfeb4f437bd4

SHA135bd6b3981651567ddb8f39ff84b1cf5a6d66766

SHA256bcdc3fc5c796bb8ca00770b32b9d7705d65ed71a5a1f57f718244871e8cf4bae

Certificate Information

IssuerAmazon

Subjecttrk.vlchk.com

Fingerprint7E:BC:9B:02:FC:69:34:CA:23:1A:36:90:4D:0F:C8:DF:F8:CB:65:C0

ValidityMon, 05 May 2025 00:00:00 GMT - Wed, 03 Jun 2026 23:59:59 GMT

HTTP Headers

GET /redirect?target=BASE64aHR0cHM6Ly9tZWRpYS5vbi5iZXRyaXZlcnMuY2EvQy5hc2h4P2J0YWc9YV8xODgwOWJfMzc1OWNfJmFmZmlkPTI5NTMmc2l0ZWlkPTE4ODA5JmFkaWQ9Mzc1OSZjPXdqZHVtdnZhcHQ5b25maGEza3Q0NTVmZSZBY2lkPXdqZHVtdnZhcHQ5b25maGEza3Q0NTVmZQ&ts=1749769406642&hash=eRUv9OGudmlUzg9Zzm4fW-mG2HEqHjMSc2QJm_6b9zA&rm=DJ HTTP/1.1
Host: trk.vlchk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html;charset=ISO-8859-1
date: Thu, 12 Jun 2025 23:04:13 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KkgOHJxw-DROo8auo-gabUouJHztalSn2M9oNuoXGFp1yJ1g1qubTQ==
X-Firefox-Spdy: h2

GET media.on.betrivers.ca/C.ashx?btag=a_18809b_3759c_&affid=2953&siteid=18809&adid=3759&c=wjdumvvapt9onfha3kt455fe&Acid=wjdumvvapt9onfha3kt455fe

20.93.81.72

302 Found

4.5 kB

URL User Request GET HTTPS

media.on.betrivers.ca/C.ashx?btag=a_18809b_3759c_&affid=2953&siteid=18809&adid=3759&c=wjdumvvapt9onfha3kt455fe&Acid=wjdumvvapt9onfha3kt455fe

IP / ASN

20.93.81.72

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byN/A

Resource Information

File typeN/A

First Seen0001-01-01

Last Seen2025-08-11

Times Seen5764590

Size4.5 kB (4514 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Information

IssuerDigiCert Inc

Subjectmedia.on.betrivers.ca

Fingerprint2C:CB:D0:47:C1:97:AC:47:9F:3F:55:35:D0:73:30:F4:39:B7:1E:CE

ValidityFri, 25 Oct 2024 00:00:00 GMT - Fri, 21 Nov 2025 23:59:59 GMT

HTTP Headers

GET /C.ashx?btag=a_18809b_3759c_&affid=2953&siteid=18809&adid=3759&c=wjdumvvapt9onfha3kt455fe&Acid=wjdumvvapt9onfha3kt455fe HTTP/1.1
Host: media.on.betrivers.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Thu, 12 Jun 2025 23:04:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 291
Connection: keep-alive
Cache-Control: private
Location: //media.on.betrivers.ca/C.ashx?btag=a_18809b_3759c_&affid=2953&siteid=18809&adid=3759&c=wjdumvvapt9onfha3kt455fe&Acid=wjdumvvapt9onfha3kt455fe&AutoR=1
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block

GET media.on.betrivers.ca/C.ashx?btag=a_18809b_3759c_&affid=2953&siteid=18809&adid=3759&c=wjdumvvapt9onfha3kt455fe&Acid=wjdumvvapt9onfha3kt455fe&AutoR=1

20.93.81.72

302 Found

4.5 kB

URL User Request GET HTTPS

media.on.betrivers.ca/C.ashx?btag=a_18809b_3759c_&affid=2953&siteid=18809&adid=3759&c=wjdumvvapt9onfha3kt455fe&Acid=wjdumvvapt9onfha3kt455fe&AutoR=1

IP / ASN

20.93.81.72

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byN/A

Resource Information

File typeN/A

First Seen0001-01-01

Last Seen2025-08-11

Times Seen5764590

Size4.5 kB (4514 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Information

IssuerDigiCert Inc

Subjectmedia.on.betrivers.ca

Fingerprint2C:CB:D0:47:C1:97:AC:47:9F:3F:55:35:D0:73:30:F4:39:B7:1E:CE

ValidityFri, 25 Oct 2024 00:00:00 GMT - Fri, 21 Nov 2025 23:59:59 GMT

HTTP Headers

GET /C.ashx?btag=a_18809b_3759c_&affid=2953&siteid=18809&adid=3759&c=wjdumvvapt9onfha3kt455fe&Acid=wjdumvvapt9onfha3kt455fe&AutoR=1 HTTP/1.1
Host: media.on.betrivers.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CEK=a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Thu, 12 Jun 2025 23:04:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 186
Connection: keep-alive
Cache-Control: private
Location: https://on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.3
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=3&1&148&&&&0&1&&1229b579-2dfb-4b52-9d57-9c98e446aa7a&&a_18809b_3759&; expires=Wed, 10-Sep-2025 23:04:13 GMT; path=/; SameSite=None; Secure
A_3759=a=3759&r=0&fv=0&lv=0&vc=0&fc=20250612&lc=20250612110413&cc=1; expires=Wed, 10-Sep-2025 23:04:13 GMT; path=/; SameSite=None; Secure
PM_51=id=2ab12961-3256-46a2-87d6-437899bf5c09&c=wjdumvvapt9onfha3kt455fe&s=18809&ad=3759&md=0&pm=51&d=20250612230413&ip=1532635802&r=0&ref=&RedirectParams=btag%3Da_18809b_3759c_wjdumvvapt9onfha3kt455fe&cip=OTEuOTAuNDIuMTU0&ex=; expires=Wed, 10-Sep-2025 23:04:13 GMT; path=/; SameSite=None; Secure
CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; SameSite=None; Secure
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block

GET on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe

104.18.41.160

403 Forbidden

4.5 kB

URL User Request GET HTTPS

on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe

IP / ASN

104.18.41.160

#13335 CLOUDFLARENET

Requested byN/A

Resource Information

File typeHTML document, ASCII text, with very long lines (394)

First Seen2025-06-12

Last Seen2025-06-12

Times Seen1

Size4.5 kB (4514 bytes)

MD5c5e4859be21ee87a5ffa7f3b974468df

SHA1fc8734b3710147b9c97e74932f717e86f08cf5e6

SHA2568f4e25811fdf5dcaa331ff93fa04082c63276eabf42ce8ff6c3ddf6929f24340

Certificate Information

IssuerGoogle Trust Services

Subjectbetrivers.ca

Fingerprint09:B8:A7:A4:9E:A8:14:CE:A4:FA:FD:C4:19:F7:E0:DF:4A:14:8F:48

ValidityFri, 06 Jun 2025 06:13:21 GMT - Thu, 04 Sep 2025 07:13:18 GMT

HTTP Headers

GET /?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe HTTP/1.1
Host: on.betrivers.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Thu, 12 Jun 2025 23:04:14 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cf_bm=LlQJ8iJPeGKcBSRfn0nBbKXGaoZbSHOTPKfX_coFruU-1749769454-1.0.1.1-xeXxU.tUExOmJQgKgSUx.wmFjbsUrCQwTuezUDtaVZCLEvZbOmjb7qF.4Z2_7N_QB3AX1zLvLA.5vpLazXJH3WJguK15d1jipn.s0oLODwE; path=/; expires=Thu, 12-Jun-25 23:34:14 GMT; domain=.betrivers.ca; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15780000; includeSubDomains
server: cloudflare
cf-ray: 94ecfc6fcff81c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET on.betrivers.ca/cdn-cgi/styles/cf.errors.css

104.18.41.160

200 OK

24 kB

URL GET HTTPS

on.betrivers.ca/cdn-cgi/styles/cf.errors.css

IP / ASN

104.18.41.160

#13335 CLOUDFLARENET

Requested byhttps://on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe

Resource Information

File typeASCII text, with very long lines (24050)

First Seen0001-01-01

Last Seen2025-08-11

Times Seen243472

Size24 kB (24051 bytes)

MD55e8c69a459a691b5d1b9be442332c87d

SHA1f24dd1ad7c9080575d92a9a9a2c42620725ef836

SHA25684e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Certificate Information

IssuerGoogle Trust Services

Subjectbetrivers.ca

Fingerprint09:B8:A7:A4:9E:A8:14:CE:A4:FA:FD:C4:19:F7:E0:DF:4A:14:8F:48

ValidityFri, 06 Jun 2025 06:13:21 GMT - Thu, 04 Sep 2025 07:13:18 GMT

HTTP Headers

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: on.betrivers.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://on.betrivers.ca/?btag=a_18809b_3759c_wjdumvvapt9onfha3kt455fe
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=LlQJ8iJPeGKcBSRfn0nBbKXGaoZbSHOTPKfX_coFruU-1749769454-1.0.1.1-xeXxU.tUExOmJQgKgSUx.wmFjbsUrCQwTuezUDtaVZCLEvZbOmjb7qF.4Z2_7N_QB3AX1zLvLA.5vpLazXJH3WJguK15d1jipn.s0oLODwE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 12 Jun 2025 23:04:14 GMT
content-type: text/css
last-modified: Tue, 10 Jun 2025 15:47:54 GMT
etag: W/"684853aa-5df3"
server: cloudflare
cf-ray: 94ecfc71c8f11c12-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 13 Jun 2025 01:04:14 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2