{"report_id":"7ede8ef5-a1af-4b4d-8d32-575bcfb3c9f2","version":6,"status":"done","tags":[],"date":"2026-04-30T10:33:06Z","url":{"schema":"http","addr":"bet-grw.ca","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"104.21.91.115","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bet-grw.ca/","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"title":"Betgrw Casino ™ — Official Site in CA","dom":{"size":55635,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (51661)","md5":"d4335f5da7ab08f989c132a139608f25","sha1":"49151fa917ca4c66325639a9baa75131617093a2","sha256":"decab0948a64b1725e74ed5d3c1a67e69f6d5fe4ba367b5c6e0ad285acc01e9a","sha512":"696ef340e9548fa3ef0f429d3a6fac33c938a798974ebedc3e47515e28cd8880bb36da2ff7d2e59586d21700f031cbc02b8f11c4cf7cf22726d8ed704741a695","ssdeep":"768:0R444/I44Z2PliT9o7ANOF2ueTYhSMRMpSfrHFHYI2xBI:s444/I44zFiPD0M+8fB4nO","tlshash":"2b43d87582c8fa7e108783b4ab369b55b3efa095e926070182fec79c6e96cd4dd170c4","dom_hash":"domhash996c8acfd953ffb52df3617740d424ca","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bet-grw.ca","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"104.21.91.115","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-04T10:33:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bet-grw.ca","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-19","domain_rank":0,"first_seen":"2026-04-30T10:33:06.984291Z","last_seen":"2026-04-30T10:33:06.984291Z","alert_count":42,"request_count":14,"received_data":351932,"sent_data":8491,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/js/index.js","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1754c59fb9d67633d85daedb4fff23e6","sha1":"747da7967d5a46a4d3e17f219b272ac0c74bef65","sha256":"6804668a66e706fc7c1c21127a4d44a8b1bb0635586f4bd899f71299f0837c79","sha512":"6f1f0aaf37630e1668828ff6d193222a6168608f3d2035e4cddfc84f6d67552dce84f27436d150c1af21480771a49720ae560cf514f77bfa0b9a4ff8714aced4","ssdeep":"96:Wm9dIAI1Hw9ejYf4xcgrCbGCUivqDb8uC+bvsqpaQZHWsZBuK/Hv:WmHIAI1Q0jy4xcrqCUEqPRC+bLakrlHv","tlshash":"b1c1f0187fe022e1725b0bbff997a5d5ca1888963a9d4d4bd00cfedd6892917d0c2933","size":5885,"data":"","first_seen":"2026-04-30T10:33:10.349155Z","last_seen":"2026-04-30T10:38:49.261725Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/css/main.css","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/css/main.css HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:15 GMT\r\npriority: u=2,i=?0\r\netag: W/\"68d42cc3-a6c6\"\r\nexpires: Fri, 30 Apr 2027 10:32:44 GMT\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k6eiF8J%2Bc7Eps8DvVIUdBuEnMf6tDQ3ujRodBXIssg%2FFcoo6HcYgZh33ZDwLXcjXXvhKvBdX72tqP2aFHgq5Paf8gIkglHR%2BdFJ%2Fcu%2BYR%2Be1HV6ATRoCocJZQBVH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e25f6fc3b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42694,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (42694), with no line terminators","md5":"f9e627d4cb3c8b6dfcc82cb44b24f949","sha1":"4d60af3efad9af654e56a9f59c6ee715868f345f","sha256":"6a0084307702c7ae1bb2c6923d4ba2f03c759c65cea9daf5d2e93e7a5c9ba680","sha512":"aeb46fb97a300293e37bd8870ed627a45052d52581f091f837a9c1a704050402acee5cae6b5a603b9c3f32e55c0bc5b0c9164713e3716e01008183df00ba45f9","ssdeep":"384:dMTTw4M91PlgMugcT0cM+SK/8mx6kvmLnt+vBYPCPUSm8gNE29V9x9M9u9S9nRHd:ywhlBcT0cyKk/lLt+vBwmUzNSSkjkSPl","tlshash":"c113747f2710316c9423cb2a67ea468d0278d029d22611ede5737a25cfcf69606736df","first_seen":"2026-04-30T10:33:10.312689Z","last_seen":"2026-04-30T10:38:49.258668Z","times_seen":2,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/img/general-category/logo.webp","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.716Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/img/general-category/logo.webp HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7068\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:13 GMT\r\npriority: u=4,i=?0\r\netag: \"68d42cc1-1b9c\"\r\nexpires: Fri, 30 Apr 2027 10:32:44 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w3lYmNxi2QB5foSy%2FZwbVekxS8T4mxX7DpNpyHnoszsy1rQjVkTcWHlTkvCyfOXmomUPtjkX9mlWgAJcvyr17sQlwZchLZM%2FqMwP65zvx%2BkiJQUFJlL5aV1rnu%2Bd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e25f6fc5b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7068,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5c44e9ac8178b491471a7d3beb5a1970","sha1":"771e8cf990708e3e488d023f70ce63d6497681b8","sha256":"5cdb6765b3a296dcaaec10a517b03f7c18baaab3156ce77d9a89fea98efbbe4f","sha512":"cf82a1a346733c33d780149786e4c6caef915b7f3c339fee296558300a0ee9aeabf9710737c5c925449f116c68e30599537078fcf0bd7159ecf6485433a3b345","ssdeep":"96:IElbw+iXnajd0XselP7WAcyr1HfUW9EUEewKaOUdp4GvXfMKP83qLpyKnTLhno/e:9wTyGsuKAJhX9EUX4C4NPbQKnRnQ+","tlshash":"47e17d72eb89cf8ad605a778349a5386de45900def070336c7a933275a5f91913aa283","first_seen":"2026-04-30T10:33:10.31584Z","last_seen":"2026-04-30T10:38:49.259379Z","times_seen":2,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/img/general-banners/banner_1600_2.webp","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/img/general-banners/banner_1600_2.webp HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 82582\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:14 GMT\r\npriority: u=4,i=?0\r\netag: \"68d42cc2-14296\"\r\nexpires: Fri, 30 Apr 2027 10:32:44 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hmGxeERNWGcGK5gz1JsXccEJnhjPJQaYKgKVKDv7JQVL670Ij%2B4Uo20MNOJ%2F%2BQwwGHAoWjkTOsOxwoucSKL2WuoDMBjYAomQKNc6JhN7eWjfkoznquN%2F%2FJel652u\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e25f6fc9b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82582,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"184f8f323ec825f538a874536d715d18","sha1":"726c639b5caa0a101a84d101d91cf59f673554a7","sha256":"b867865b36ec0a4d32c4882f925691a019743d5dd0c7e99ce0e7eaf20ce7d6e1","sha512":"0e6de267b601c2e57674af95054696ae4f65693aa818b9848ca3d8b4a8b9b9bf13bdfeafcaa18b21dadad8293c89053a243cd7c52d709be0fdab63c643dc4661","ssdeep":"1536:VycLEAjudMpeP+fge6PkJy19MFDROyPBv7JgcDdoUY1pAvCCXjFkZ:VycLLudUe6kqFNOyZmURY1pAqCTyZ","tlshash":"bc83022583d09670e673f53219cb351b966554b0687f63540af3b37f3312a21e9a3e26","first_seen":"2026-04-30T10:33:10.318725Z","last_seen":"2026-04-30T10:38:49.264813Z","times_seen":2,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/img/review/stars-4.svg","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/img/review/stars-4.svg HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:12 GMT\r\npriority: u=4,i=?0\r\netag: W/\"68d42cc0-88b\"\r\nexpires: Fri, 30 Apr 2027 10:32:44 GMT\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FKFQp7JhBKx6Boxc4tWgTjR7Xto5IyBF8hRwDK2C%2BlfOrn4Y8aLLWu8SEIP6%2BGsjh7ugBJZQoCP3fRur5qjTwIq%2BNcCuU5iZDGhDR5m5168ch36IMk8Jqf2yV2uc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e25f6fcfb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2187,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"582db54dcd400136fbc8345077b78609","sha1":"28b4dfa65a97f9a250ab72955b67e4131380b433","sha256":"398c0e28764cf5be5e8ddd1fcb8d14c889fc260e2a7028a3863bdf3b025a5fb4","sha512":"56b30b5e81dad2695c469440149bf3afcbf3f878687ef6ff749ea425cc11e8736976207ac8b884cfd07a6fb7e354592fe1f120171dd54ea3d0d078f5360b9922","ssdeep":"","tlshash":"24418baae1e6906f6d57332dc2a85043dc3650dd1692c23cf98d553be72f09609f326e","first_seen":"2025-08-04T07:32:41.116624Z","last_seen":"2026-06-06T21:13:10.820867Z","times_seen":70,"resource_available":false,"data":null}},"time_used":151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/img/favicons/favicon16.png","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/img/favicons/favicon16.png HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 590\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:13 GMT\r\npriority: u=6,i=?0\r\netag: \"68d42cc1-24e\"\r\nexpires: Fri, 30 Apr 2027 10:32:45 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wlZpXEtPg85BJUkGer3CUyMHj7Dt7JNS1Dl2WEhNSPYUm%2BjOgSE9fgZzFpisYLSVp0FX6DEbEUX38nSCrhgZ1XCzJaKNo72zrYubCkHbXKdoLPEE2S7frleJ8gPB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e260f99ab500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":590,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"92955e6da1598f5bb876f2b41a92ac7d","sha1":"4775c9d03362aa44e2dd6e6c3a8e8bbf9d41769e","sha256":"4be995a377be45f26a8dc6e89e8ce183ac9e697b9c488216f10296e599e7359b","sha512":"66bb3b60bbb5a0e6af7fbc0269a0cb723f73f33e3e6006c0570d57c3524f502e1b65175ad5181b65e6ff9c3c4a9a0e251b9b15ef7d0cf65b93de01d9983985da","ssdeep":"","tlshash":"c5f041e2e2c2d4b49507ffa2084d847acc6635dc968d91598d0fe09866c67ee4238fca","first_seen":"2026-04-30T10:33:10.327705Z","last_seen":"2026-04-30T10:38:49.262402Z","times_seen":2,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/footer-svg.txt","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/footer-svg.txt HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bet-grw.ca/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:45 GMT\r\ncontent-type: text/plain\r\ncontent-length: 3210\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Wed, 24 Sep 2025 17:39:12 GMT\r\netag: \"1ea2-63f8f87dbc445-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FUPF6ayuTsUKZDYZLjiyGdThjilQJs812QSgYw3N844WTCe3Ms5gMJE5%2Fg%2FH2%2BbBx4W7IIxF7TsN51tZy%2FwXBHwq6FDt6rkSrsSYUKbUbklcsURUp6kYENSdlrge\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e26109a1b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7842,"size_decoded":0,"mime_type":"text/plain","magic":"SVG Scalable Vector Graphics image","md5":"0703446073fb5d3a42d907da59741580","sha1":"cac46c2a2cf9ac6f6253cbaa37aee13c55799e83","sha256":"11421ffbd66e3e6f72aaddce7e361fe248e9061e657a5c8b6501cbc315d7134c","sha512":"0d8952c1b2ff57200fafb198a71677317632722ea1c3421e2c1e9990e18749dba7399e8db3951c232e4419d0aadb2f3f7c19ec8fa65aebb3bf639d315f5934c3","ssdeep":"192:hWn85lFkcrQXzMXyIBm3zW8eCUnkZEL3UPrWnkng0fmJnLViY:8ilFkc+VITis3Qg0gnL9","tlshash":"6ef10169c394d3b4dd5ec3bcca31b8b4788f14be90f1e31896b58470b2629d8d19d8da","first_seen":"2025-08-04T07:32:41.122321Z","last_seen":"2026-05-31T21:23:42.575255Z","times_seen":64,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-30T10:32:43.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PHP/7.4.33\r\nset-cookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; path=/\naXBwXzkxLjkwLjQyLjE1NA=none; expires=Thu, 24-Mar-2033 10:32:44 GMT; Max-Age=217728000\naXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; expires=Thu, 24-Mar-2033 10:32:44 GMT; Max-Age=217728000\ncntr_OTEuOTAuNDIuMTU0=NO; expires=Thu, 28-Apr-2095 10:32:44 GMT; Max-Age=2177280000\nYmV0LWd_originn=bookm; expires=Thu, 30-Apr-2026 11:32:44 GMT; Max-Age=3600\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h1UktMW5y%2B%2FbZXkPJIEftBYz8FLssgiJDkZQeFpBU1SeU62d4RFn1nB70iBC3l3h1G96HWNLFK0qYceEx9MFOsR7RJkkCSRrTezII1%2FBUjL%2FbyhSEf97CLhqaTDm\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9f45e25b0b6032fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47676,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (47646), with no line terminators","md5":"dfc6442191d6bff86ae9dbc65ad45c34","sha1":"33f05b68b60f8a4601e68e13f2df7d86d5c964fc","sha256":"bfd70ef53ad5dc03cc71b16f4bddaa4a08ae638d32bb9d254a9ce45696dcacf4","sha512":"db78f14ce68bda167417a5e6c2f83702e2ce70d737ff0bb1fb592539b95481ab1c894fce0230ba934d2757a92a366c07fa8ad422ad8bf6608f5bc205798cd9e4","ssdeep":"768:OR444/I44Z21nRaxN0ANtFhuPTYSSMOMeSfrT:C444/I440WV80tMVBfH","tlshash":"8023b6b141ccfe6e108783a4ab3a9b46f3eae094ed16070186fec79d5edad50dd23184","first_seen":"2026-04-30T10:33:10.335728Z","last_seen":"2026-04-30T10:38:49.263577Z","times_seen":2,"resource_available":true,"data":null}},"time_used":668,"timings":{"blocked":75,"dns":60,"connect":1,"send":0,"wait":518,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/css/color.css","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/css/color.css HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:15 GMT\r\npriority: u=2,i=?0\r\netag: W/\"68d42cc3-267\"\r\nexpires: Fri, 30 Apr 2027 10:32:44 GMT\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6FDAAAnM7MjpQalbqcfNCJKAoQCugWgg7tBVpacU2fC8KJtX6ScqsnjiWn6wVf%2FdLkdSwAD2awKEUtEB51qg9SSCU%2BoUTNjZKCfYiXHlCEJW9y%2BdimAb6iE7jUnz\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e25f6fbfb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":615,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"69a4284533ecdd1286cfb29b1f836f4c","sha1":"6c37da85fe69901f3e28670143103cf97c31961d","sha256":"27ccbca2044c4c98c647d869f0a938e35c030869611558fd325591d0ddeb0e6a","sha512":"54f6e4e002b4fc77d9e9b7fd4787b35fcacc00af41e8ed085d60e46283b10c5e1ed243403e618210b062e80fa9d8f38396c63cb7c336b5b92e81c5ba46f4c959","ssdeep":"","tlshash":"2ef03752e26b1b1a41b782ab37e7490f62b0531b2706fe78b7d522d04f4d0e888c2d42","first_seen":"2026-04-30T10:33:10.338135Z","last_seen":"2026-04-30T10:38:49.26425Z","times_seen":2,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":150,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/img/general-banners/banner_1600.webp","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/img/general-banners/banner_1600.webp HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 81554\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:13 GMT\r\npriority: u=4,i=?0\r\netag: \"68d42cc1-13e92\"\r\nexpires: Fri, 30 Apr 2027 10:32:44 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4DiA4HJ4x%2BX6SJXynducd8Dpz1LzD45h5Axtt%2F7ZVJ6h%2FqgzWajJNL2wrP%2F8LnikbGFHj14Q%2FR3OZ%2Ff4At3n7JcqEjS4ZTD9nfSoZARUxv15n2ZithYkBUWlSFnX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e25f6fc7b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":81554,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3d104b5899906ed71be626d9649f0baf","sha1":"667bdf3c118e7e2ba636318a2899586bb2a69788","sha256":"f7566aacef9b44db102b4189fca4b6871fbc3964f5b77738c880cc72f7736be0","sha512":"5dab215ea75b0e43cfa4444710436e2fc535496cf679754adba46e9ed8710abd99b1ce303f92a8abce14442522b0da3323028755470affb0240fbe4ced367f60","ssdeep":"1536:M2dam8fxEZfCVQT7VTCQOp1bVFwu4F4cpebjna8bF+zBEVyxlkNQL+:LdatfyZf4Q5CQOpKPbpkkzBEVSlgQL+","tlshash":"3e83022177461de4ea0f2fb98483d782c6aac70e7a7d2b130aae3ad15405fd1417d24f","first_seen":"2026-04-30T10:33:10.339056Z","last_seen":"2026-04-30T10:38:49.260171Z","times_seen":2,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/img/general-banners/banner_1600_3.webp","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/img/general-banners/banner_1600_3.webp HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: image/webp\r\ncontent-length: 38978\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:14 GMT\r\npriority: u=4,i=?0\r\netag: \"68d42cc2-9842\"\r\nexpires: Fri, 30 Apr 2027 10:32:44 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1FyevDifNKMSHtxZnl6wUit4rBHh4ygU1G2uOFYPSkKHq1S3BaZsFUIkRceTjyoB13y5XevEEXpPrJeOdTAqtq9BiluW1pyF4DBv6kT9XdARG8RXv1%2FoPbDUQ1wl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e25f6fcbb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38978,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d022328ebec9a5340cef6b420660bf81","sha1":"474dba366a9268d9338d665932a48838cacf464b","sha256":"fdc6cad8698a33a3cfd3a15d73db6e83cc8a6fb081839e8898ba5fb4397c1965","sha512":"1769e722dcb0e8ca7de20f5316f9c29981ceb625b4e2aa864db2795259d9d9f3358bf0655c629febc9f8f25aed4ab10ab47c3a95866adca9687d96f1084202a2","ssdeep":"768:+y1Vqib6v0k5wYUFnb7fb4QprA+JsXYhvy9f2Hnig5Xb8URIy7:FVtef5w3xTch+JGYhvu+HXgry7","tlshash":"5b03f28ff9bac606f6c31df841e2a6d374a7f89f65d1476e448338f19d2c2928523458","first_seen":"2026-04-30T10:33:10.34273Z","last_seen":"2026-04-30T10:38:49.26536Z","times_seen":2,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/img/review/stars-5.svg","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/img/review/stars-5.svg HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:12 GMT\r\npriority: u=4,i=?0\r\netag: W/\"68d42cc0-88b\"\r\nexpires: Fri, 30 Apr 2027 10:32:44 GMT\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0xPD4GhO1vHZrzyOm%2FHy0aoYFb8zi0KAd7BUR2sr8XtFf%2BPpK7olZK4fUKcS0AdRqIqaSFm%2BnkBZ3xOs%2FX8IHUhtjr4xemOBLQQk1ME6X1LspegpbqX3E%2FFiRv4Y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e25f6fcdb500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2187,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ca40f3d9be2961ccb9704226af4b58c2","sha1":"08ac26d7d568c8978b7e8e0e6a1b6b229bb6dad4","sha256":"01b11512b9ea1110b45b50557340c88419d5bc3e239411b9b22041e810a979df","sha512":"eff47f03ac8418aabc0aaf0859b6f45cd80d4cbce43be0dd24463f95c09a6be0626dba5e8a51ca4e2a5f93f14f6339340ccb3a5d0c972d69258abe1d5f32bb2f","ssdeep":"","tlshash":"3b415999e0e6906b6d67336dd1a85043ec3650d91a92833cf98d513be71f09609f326e","first_seen":"2025-08-04T07:32:41.104214Z","last_seen":"2026-06-06T21:13:10.815832Z","times_seen":73,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/js/index.js","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/js/index.js HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:15 GMT\r\npriority: u=3,i=?0\r\netag: W/\"68d42cc3-16fd\"\r\nexpires: Fri, 30 Apr 2027 10:32:44 GMT\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l%2FUeLMSHmwhL6C74%2FEcul5I1bcRaicOT9CsbngiBhEMyOnRrkLu7LaMMm0tXbT2xjj7Xt8LDDGatzv2yBq1z6O3O%2FvkkUPgv2g5u8FRclq3jt%2FC%2FLP%2BYGT5Y71Pu\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e25f7fd7b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5885,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5885), with no line terminators","md5":"1754c59fb9d67633d85daedb4fff23e6","sha1":"747da7967d5a46a4d3e17f219b272ac0c74bef65","sha256":"6804668a66e706fc7c1c21127a4d44a8b1bb0635586f4bd899f71299f0837c79","sha512":"6f1f0aaf37630e1668828ff6d193222a6168608f3d2035e4cddfc84f6d67552dce84f27436d150c1af21480771a49720ae560cf514f77bfa0b9a4ff8714aced4","ssdeep":"96:Wm9dIAI1Hw9ejYf4xcgrCbGCUivqDb8uC+bvsqpaQZHWsZBuK/Hv:WmHIAI1Q0jy4xcrqCUEqPRC+bLakrlHv","tlshash":"b1c1f0187fe022e1725b0bbff997a5d5ca1888963a9d4d4bd00cfedd6892917d0c2933","first_seen":"2026-04-30T10:33:10.349155Z","last_seen":"2026-04-30T10:38:49.261725Z","times_seen":2,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/img/review/stars-3.svg","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/img/review/stars-3.svg HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:44 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:12 GMT\r\npriority: u=4,i=?0\r\netag: W/\"68d42cc0-87a\"\r\nexpires: Fri, 30 Apr 2027 10:32:44 GMT\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J12MvmEYSLK0IYxiqvbJEprInkHykA7HzXaA%2BRwAqtZ34Zp0xzkXfHWzkjqFNx5%2BDf49OJP4d8BmAIfcjrl5bkcV9H57nWURCzYeFDjXZUbHTKl11RqKgIhpfNIG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e25f7fd4b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2170,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b450309b76b892c3bd61ec4a0f0ae783","sha1":"a6da1a37c4861a3822e53d1ecd7ce91e455c2118","sha256":"1c10e407615473c147935e87e5f1feab956e11b0e4f50454ef1cf64a24dcb9af","sha512":"0af81196eb5933a1b469c80041fb4498c3a2f6d2f07ca49489308ca9d4d0d5edec4a10d4f177c0e406351db8597abca93970fb2381dd165e189b7a9cf1063b74","ssdeep":"","tlshash":"51417599e1fa906f6c47332dc1a86047dc3650dd0692c23cf89d513ee70f09609f12ae","first_seen":"2024-11-04T07:00:00.462585Z","last_seen":"2026-06-06T21:13:10.816647Z","times_seen":178,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bet-grw.ca/templates/bet-grw/img/favicons/favicon180.png","fqdn":"bet-grw.ca","domain":"bet-grw.ca","tld":"ca"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bet-grw.ca/","date":"2026-04-30T10:32:44.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bet-grw.ca","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 16 Mar 2026 01:33:50 GMT","end":"Sun, 14 Jun 2026 02:32:29 GMT"},"fingerprint":{"sha1":"08:2A:AF:B1:22:E3:C4:D1:BC:3D:D2:6D:CE:97:0D:7A:96:58:03:EA","sha256":"8B:8A:AC:51:9B:1A:83:33:11:A3:F6:84:C9:41:90:DA:C9:AB:D3:09:A6:60:A2:CA:6A:25:0B:2D:36:D5:F5:9B"}}},"request":{"raw":"GET /templates/bet-grw/img/favicons/favicon180.png HTTP/1.1\r\nHost: bet-grw.ca\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bet-grw.ca/\r\nCookie: PHPSESSID=fbe73ffaf1f27809c30ec863dd39373a; aXBwXzkxLjkwLjQyLjE1NA=none; aXBwXzIxMy4xNDIuMTQ3LjEwMQ=none; cntr_OTEuOTAuNDIuMTU0=NO; YmV0LWd_originn=bookm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 30 Apr 2026 10:32:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 19284\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 17:39:13 GMT\r\npriority: u=6,i=?0\r\netag: \"68d42cc1-4b54\"\r\nexpires: Fri, 30 Apr 2027 10:32:45 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tYHAdaPxdDRE4SN6aBRRMmni0VRilEtNyznIlgW%2BrJ6xyDXrkOFSuCn%2B9UI5HmEQGySk07cCv3C03yRM473dx22NHV1%2Fxu2sc11VsZAmByiMmeU1UP%2FSgpi8mNEU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f45e260f999b500-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19284,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"03baa6fcffad422f69388baf397c2767","sha1":"431f7592649451d0cf346ab9e44ebb5c3697709f","sha256":"dc90825d5a3a5ec68793cf77d5919351cb9ac60c2cf0fa8e454c8aec461396ce","sha512":"4e4002aacd0aa6a0b726e4567d025bd7dae9320d22d10fa05889777605b3bed93d5dbf4b43e4c44ffe10cceab10ec9ba968d9cf550ca5117e94d8c627dca70e7","ssdeep":"384:GgNQ4LGRKKPbO3qm8EbzaxS3bR4o9w8CJtJJRCn6/Yhhm3ftuAf6UycY5ob:ZXLGRKKPi6WYGR/H2q6wbmEAl","tlshash":"a582e0e85529e02cb3bf209edb2c4d0b3fa443fd97d8ea95a43e08045d1a3c08898b4c","first_seen":"2026-04-30T10:33:10.353375Z","last_seen":"2026-04-30T10:38:49.26744Z","times_seen":2,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":172,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-30","alert":"Sinkholed","trigger":"bet-grw.ca","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}