Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=ultimatecasinoapp.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ultimatecasinoapp.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: ultimatecasinoapp.com
Result:
HTTP/1.1 302 Found
Cache-Control: max-age=900
Connection: close
Date: Wed, 07 Jan 2015 05:41:45 GMT
Age: 1
Location: http://www.casinophonebill.com/offer-discontinued
Server: Microsoft-IIS/7.5
Content-Length: 166
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...166 bytes of data.
GET / HTTP/1.1
Host: ultimatecasinoapp.com
Result:
HTTP/1.1 302 Found
Cache-Control: max-age=900
Connection: close
Date: Wed, 07 Jan 2015 05:41:45 GMT
Age: 1
Location: http://www.casinophonebill.com/offer-discontinued
Server: Microsoft-IIS/7.5
Content-Length: 166
Content-Type: text/html; charset=utf-8
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
...166 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: ultimatecasinoapp.com
Referer: http://www.google.com/search?q=ultimatecasinoapp.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: ultimatecasinoapp.com
Referer: http://www.google.com/search?q=ultimatecasinoapp.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
| Request | Server response | Status |
http://ultimatecasinoapp.com/ | HTTP/1.1 302 Found Cache-Control: max-age=900 Connection: close Date: Wed, 07 Jan 2015 05:41:45 GMT Age: 1 Location: http://www.casinophonebill.com/offer-discontinued Server: Microsoft-IIS/7.5 Content-Length: 166 Content-Type: text/html; charset=utf-8 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET | clean |
http://www.casinophonebill.com/offer-discontinued | 200 OK Content-Length: 123203 Content-Type: text/html | clean |
http://www.casinophonebill.com//www.casinophonebill.com/wp-content/cache/wpfc-minified/d41d8cd98f00b204e9800998ecf8427e/1420400202index.js/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 07 Jan 2015 05:41:47 GMT Pragma: no-cache Location: http://www.casinophonebill.com Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_3163315912=54acc71c25031; expires=Wed, 07-Jan-2015 06:11:48 GMT; path=/; httponly X-Pingback: http://www.casinophonebill.com/xmlrpc.php X-Powered-By: PHP/5.4.35 | clean |
http://www.casinophonebill.com/ | 200 OK Content-Length: 161853 Content-Type: text/html | clean |
http://www.casinophonebill.com/wp-content/cache/wpfc-minified/8e048cf2d928096c74ac62716c78069c/1420400202index.js | 200 OK Content-Length: 250 Content-Type: application/javascript | clean |
http://adserver.globaligaming.com/ad.php?do=js&zids=68990-59073-59576-66157-66173&wd=-1&ht=-1&target=_blank | 200 OK Content-Length: 7878 Content-Type: application/x-javascript | clean |
http://app.getresponse.com/view_webform.js?wid=5632605&u=K9U6 | 200 OK Content-Length: 26661 Content-Type: application/x-javascript | clean |
http://adserver.globaligaming.com/ad.php?do=js&zid=65789&wd=-1&ht=-1&target=_blank&noerror=1 | 200 OK Content-Length: 1236 Content-Type: application/x-javascript | clean |
http://www.casinophonebill.com//www.casinophonebill.com/wp-content/cache/wpfc-minified/d41d8cd98f00b204e9800998ecf8427e/1420400202index.js/PUT_WEBFORM_URL_HERE/ | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 07 Jan 2015 05:41:52 GMT Pragma: no-cache Location: http://www.casinophonebill.com Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_3163315912=54acc72050161; expires=Wed, 07-Jan-2015 06:11:52 GMT; path=/; httponly X-Pingback: http://www.casinophonebill.com/xmlrpc.php X-Powered-By: PHP/5.4.35 | clean |
http://www.casinophonebill.com/test404page.js | HTTP/1.1 302 Moved Temporarily Cache-Control: no-cache, must-revalidate, max-age=0 Connection: close Date: Wed, 07 Jan 2015 05:41:52 GMT Pragma: no-cache Location: http://www.casinophonebill.com Server: Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9 Vary: Accept-Encoding Content-Length: 0 Content-Type: text/html; charset=UTF-8 Expires: Wed, 11 Jan 1984 05:00:00 GMT Set-Cookie: wfvt_3163315912=54acc720cb2ed; expires=Wed, 07-Jan-2015 06:11:52 GMT; path=/; httponly X-Pingback: http://www.casinophonebill.com/xmlrpc.php X-Powered-By: PHP/5.4.35 | clean |
http://platform.twitter.com/widgets.js | 200 OK Content-Length: 110239 Content-Type: application/javascript | clean |
http://app.getresponse.com/view_webform.js?wid=5632605&u=K9U6&css=1 | 200 OK Content-Length: 12470 Content-Type: application/x-javascript | clean |
http://adserver.globaligaming.com/ad.php?do=js&zid=59073&wd=-1&ht=-1&target=_blank&noerror=1 | 200 OK Content-Length: 1066 Content-Type: application/x-javascript | clean |
http://www.casinophonebill.com/wp-content/themes/flytonictheme/js/selectnav.js | 200 OK Content-Length: 4077 Content-Type: application/javascript | clean |