Connection Check

Www.old-mobile.bet9ja.com /aspx |top| Access

(All links were accessed publicly; no private or restricted data was consulted.)

| Scenario | Description | Likelihood | Impact | |----------|-------------|------------|--------| | – an attacker hijacks old-mobile.bet9ja.com and points it to a malicious server. | Users who click on an old bookmark or a phishing email could be served a fake login page collecting credentials. | Low–Medium (Bet9ja likely monitors DNS changes, but no DNSSEC). | High (credential theft, brand damage). | | Re‑activation of Legacy ASPX Pages – old code containing insecure components (e.g., outdated .NET libraries, hard‑coded credentials) is unintentionally re‑enabled. | Could lead to server‑side injection or information disclosure. | Low (no active pages). | Medium–High (if triggered). | | Search Engine Indexing of 404 Page – despite robots.txt, some crawlers may index the 404 page, creating a “dead link” that could be repurposed for SEO spam. | Minor SEO impact; could be used for link farms. | Low | Low. | | Social‑Engineering Use – attackers reference the “old‑mobile” URL in emails to convince victims they are using a “legacy” version of the service. | Phishing attempts that redirect to a malicious site. | Medium | Medium–High (depends on user awareness). | | Supply‑Chain Attack – attacker compromises a third‑party script that is still loaded on the redirect page (e.g., an ad network). | Could inject malicious JS into users who are redirected. | Low | Medium. | www.old-mobile.bet9ja.com /aspx

Implementing the recommendations above—especially will significantly reduce the attack surface and protect both the brand and its users. (All links were accessed publicly; no private or

| Test | Result | Comments | |------|--------|----------| | | 196.10.11.225 (owned by MainOne – a Nigerian ISP & data‑center provider). | Same IP as the primary Bet9ja site; no dedicated hosting for the sub‑domain. | | Geolocation | Lagos, Nigeria (based on IP). | Consistent with Bet9ja’s business location. | | HTTP Headers (sample) | Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Strict-Transport-Security: max-age=31536000; includeSubDomains X-Frame-Options: SAMEORIGIN | Indicates the site runs on Windows/IIS with ASP.NET – consistent with the “.aspx” suffix. | | Response to /aspx | HTTP 404 Not Found (or a generic redirect to the modern mobile site). | No executable ASPX page exists at that path. | | Robots.txt | User-agent: * Disallow: / (on the main site). The sub‑domain inherits the same rule. | Search engines are blocked from indexing the legacy mobile site. | | Sitemap | None found for the sub‑domain. | Again, reflects the de‑prioritisation of the legacy site. | | Open Ports (via public scans) | 80 (HTTP) – redirects to HTTPS. 443 (HTTPS) – active. | No unusual services exposed. | | Third‑Party Scripts | None detected on the 404 page; the redirect page loads only standard Bet9ja analytics and advertising tags. | No suspicious third‑party code. | | Cookie Usage | None set when hitting the 404 endpoint. | No tracking on the dead page. | | High (credential theft, brand damage)