Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bundesligafanatic.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bundesligafanatic.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bundesligafanatic.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 09 Sep 2014 19:50:23 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/1wF3F>; rel=shortlink
X-Pingback: http://bundesligafanatic.com/xmlrpc.php
GET / HTTP/1.1
Host: bundesligafanatic.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Tue, 09 Sep 2014 19:50:23 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Link: <http://wp.me/1wF3F>; rel=shortlink
X-Pingback: http://bundesligafanatic.com/xmlrpc.php
Second query (visit from search engine):
GET / HTTP/1.1
Host: bundesligafanatic.com
Referer: http://www.google.com/search?q=bundesligafanatic.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bundesligafanatic.com
Referer: http://www.google.com/search?q=bundesligafanatic.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://www.bundesligafanatic.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 09 Sep 2014 19:50:22 GMT Location: http://bundesligafanatic.com/ Server: Apache Content-Length: 0 Content-Type: text/html; charset=UTF-8 X-Pingback: http://bundesligafanatic.com/xmlrpc.php | clean |
http://bundesligafanatic.com/ | 200 OK Content-Length: 102109 Content-Type: text/html | clean |
http://static.eplayer.performgroup.com/flash/js/swfobject.js | 200 OK Content-Length: 10221 Content-Type: application/x-javascript | clean |
http://static.eplayer.performgroup.com/flash/js/performgroup.js | 200 OK Content-Length: 54482 Content-Type: application/x-javascript | clean |
http://tools.whatsthescore.com/load.min.js?124 | 200 OK Content-Length: 146051 Content-Type: application/x-javascript | clean |
http://ads2.williamhill.com/ad.aspx?pid=181583555&lpid=1487411586&bid=661916716 | 200 OK Content-Length: 403 Content-Type: text/html | clean |
http://ads2.williamhill.com/redirect.aspx?bid=661916716&pid=181583555&zid=0&pbg=0&cid=0&ctcid=0&mid=0&sid=0&lpid=1487411586 | HTTP/1.1 301 Moved Permanently Cache-Control: private Connection: close Date: Tue, 09 Sep 2014 19:50:27 GMT Location: http://tracking.netrefer.com/Tracking.svc/RecordTrackBack/EC337F85-E442-42D6-8FD7-512C2CE4DF06/1820467959?redirecturl=http://static.williamhill.com/football-betting Server: Microsoft-IIS/8.5 Content-Length: 0 Content-Type: text/html P3P: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies" Set-Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a181583555%2c%22BID%22%3a661916716%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1410292227588)%5c%2f%22%2c%22CookieTag%22%3a%226619167161815835556221185187C2014992050%22%7d%5d; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ Set-Cookie: banner_click=michaelgabriel,NA,NA,NA,admap:1603743C2251EE9B99B488194BA95C52BB8870F%3Bsource:[var1]%3Bzone:661916716%3Bchannel:181583555; domain=.williamhill.com; expires=Fri, 12-Sep-2014 19:50:27 GMT; path=/ Set-Cookie: clickinfo=pid=181583555&bid=661916716; domain=.williamhill.com; expires=Fri, 12-Sep-2014 19:50:27 GMT; path=/ Set-Cookie: vars_info=; domain=.williamhill.com; expires=Fri, 12-Sep-2014 19:50:27 GMT; path=/ Set-Cookie: source_NR=NR; domain=.williamhill.com; expires=Fri, 12-Sep-2014 19:50:27 GMT; path=/ X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
http://tracking.netrefer.com/tracking.svc/recordtrackback/ec337f85-e442-42d6-8fd7-512c2ce4df06/1820467959?redirecturl=http://static.williamhill.com/football-betting | HTTP/1.1 301 Moved Permanently Connection: close Date: Tue, 09 Sep 2014 19:50:27 GMT Location: http://static.williamhill.com/football-betting Server: Microsoft-IIS/8.5 Content-Length: 16 Content-Type: application/json; charset=utf-8 Set-Cookie: NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%222204708811%22%7d%5d; expires=Fri, 31-Dec-9999 23:59:59 GMT; Path=/ X-Powered-By: ASP.NET | clean |
http://static.williamhill.com/football-betting | HTTP/1.1 301 Moved Permanently Cache-Control: max-age=86400 Connection: close Date: Tue, 09 Sep 2014 19:50:28 GMT Location: http://static.williamhill.com/football-betting/ Server: nginx Content-Length: 178 Content-Type: text/html Expires: Wed, 10 Sep 2014 19:50:28 GMT Set-Cookie: X-Mapping-fjhppofk=39AAF1F779E9242435B38B43384E1955; path=/ | clean |
http://static.williamhill.com/football-betting/ | 200 OK Content-Length: 10053 Content-Type: text/html | clean |
http://cachestatic.williamhill.com/retention.js | 200 OK Content-Length: 419 Content-Type: application/x-javascript | clean |
http://cachestatic.williamhill.com/jquery.min.js | 200 OK Content-Length: 93870 Content-Type: application/x-javascript | clean |
http://cachestatic.williamhill.com/functions.js | 200 OK Content-Length: 15188 Content-Type: application/x-javascript | clean |
http://cachestatic.williamhill.com/greenbar/greenbar.js | 200 OK Content-Length: 16337 Content-Type: application/x-javascript | clean |
http://cachestatic.williamhill.com/greenbar/greenbar_settings.js | 200 OK Content-Length: 2169 Content-Type: application/x-javascript | clean |
http://static.williamhill.com/promo_scheduler/scheduler_settings.js | 200 OK Content-Length: 5768 Content-Type: application/x-javascript | clean |
http://cachestatic.williamhill.com/promo_scheduler/scheduler_func.js | 200 OK Content-Length: 1874 Content-Type: application/x-javascript | clean |
http://cachestatic.williamhill.com/promo_scheduler/swfobject.js | 200 OK Content-Length: 25560 Content-Type: application/x-javascript | clean |
http://cachestatic.williamhill.com/ua-parser.min.js | 200 OK Content-Length: 10063 Content-Type: application/x-javascript | clean |