Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=bestsandiegoeviction.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://bestsandiegoeviction.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: bestsandiegoeviction.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 15 Sep 2014 18:07:31 GMT
Location: http://www.bestsandiegoeviction.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 244
Content-Type: text/html; charset=iso-8859-1
...244 bytes of data.
GET / HTTP/1.1
Host: bestsandiegoeviction.com
Result:
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Mon, 15 Sep 2014 18:07:31 GMT
Location: http://www.bestsandiegoeviction.com/
Server: Apache
Vary: Accept-Encoding
Content-Length: 244
Content-Type: text/html; charset=iso-8859-1
...244 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: bestsandiegoeviction.com
Referer: http://www.google.com/search?q=bestsandiegoeviction.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: bestsandiegoeviction.com
Referer: http://www.google.com/search?q=bestsandiegoeviction.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://bestsandiegoeviction.com/ | HTTP/1.1 301 Moved Permanently Connection: close Date: Mon, 15 Sep 2014 18:07:31 GMT Location: http://www.bestsandiegoeviction.com/ Server: Apache Vary: Accept-Encoding Content-Length: 244 Content-Type: text/html; charset=iso-8859-1 | clean |
http://www.bestsandiegoeviction.com/ | 200 OK Content-Length: 17719 Content-Type: text/html | clean |
https://d2ieqaiwehnqqp.cloudfront.net/tfb4f8f6991cc0c42c079cbfa84b2eaa6.js?itvr=2.0.4&ver=2.0.4 | 200 OK Content-Length: 11502 Content-Type: text/javascript | clean |
http://www.bestsandiegoeviction.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 | 200 OK Content-Length: 96402 Content-Type: application/javascript | clean |
http://www.bestsandiegoeviction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7200 Content-Type: application/javascript | clean |
http://www.bestsandiegoeviction.com/wp-content/plugins/popup-domination.hold/lightbox.js?ver=1.0 | 200 OK Content-Length: 5813 Content-Type: application/javascript | clean |
https://thompsonlaw.infusionsoft.com/app/form/iframe/661066f2c4143a5f2a45d21a01a91d1a | 200 OK Content-Length: 3894 Content-Type: text/plain | clean |
http://thompsonlaw.infusionsoft.com/test404page.js | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://thompsonlaw.infusionsoft.com/test404page.js Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
https://thompsonlaw.infusionsoft.com/test404page.js | HTTP/1.1 302 Found Date: Mon, 15 Sep 2014 17:36:36 GMT Location: https://signin.infusionsoft.com?service=https%3A%2F%2Fthompsonlaw.infusionsoft.com%2Fj_spring_cas_security_check Server: Apache-Coyote/1.1 Content-Length: 0 Content-Type: text/javascript;charset=UTF-8 Expires: Tue, 16 Sep 2014 05:36:37 GMT Set-Cookie: JSESSIONID=163C596B134BEEDF46BDF4E480568E88; Path=/; Secure; HttpOnly Set-Cookie: app-lb=3590520842.20480.0000; path=/ X-Cnection: close | clean |
https://signin.infusionsoft.com?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/ | HTTP/1.1 302 Found Date: Mon, 15 Sep 2014 17:36:37 GMT Location: https://signin.infusionsoft.com/login?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/ Content-Length: 0 Content-Type: text/html;charset=UTF-8 Set-Cookie: app-lb=185073674.20480.0000; path=/ Set-Cookie: TS1b1025=33f65cc607b6496ab6b88acc6a7959873d0e4702ff4464f9541723a5431c4549cae1bce6; Path=/; Secure; HTTPOnly Set-Cookie: TS1b1025_28=a2c43d6d0f596d210503ee9278b0c5763d0e4702ff4464f9000000000000000000541723a51abe255ac711e56b; Path=/; Secure; HTTPOnly X-Cnection: close X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN | clean |
https://signin.infusionsoft.com/login?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/ | 200 OK Content-Length: 16843 Content-Type: text/html | clean |
https://signin.infusionsoft.com/js/jquery-1.11.0/jquery-1.11.0.min.js;jsessionid=CBEBE99F5B2CCABB75945C0DD770A545 | 200 OK Content-Length: 96381 Content-Type: text/javascript | clean |
http://thompsonlaw.infusionsoft.com/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=CBEBE99F5B2CCABB75945C0DD770A545 | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://thompsonlaw.infusionsoft.com/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=CBEBE99F5B2CCABB75945C0DD770A545 Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
https://thompsonlaw.infusionsoft.com/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=cbebe99f5b2ccabb75945c0dd770a545 | HTTP/1.1 302 Found Date: Mon, 15 Sep 2014 17:36:42 GMT Location: https://signin.infusionsoft.com?service=https%3A%2F%2Fthompsonlaw.infusionsoft.com%2Fj_spring_cas_security_check Server: Apache-Coyote/1.1 Content-Length: 0 Expires: Tue, 16 Sep 2014 05:36:43 GMT Set-Cookie: JSESSIONID=6FFEE283EA591DF356A7EB295E7A52A5; Path=/; Secure; HttpOnly Set-Cookie: app-lb=3590520842.20480.0000; path=/ X-Cnection: close | clean |
http://signin.infusionsoft.com?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/test404page.js | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://signin.infusionsoft.com/?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/test404page.js Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
https://signin.infusionsoft.com/?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/test404page.js | HTTP/1.1 302 Found Date: Mon, 15 Sep 2014 17:36:44 GMT Location: https://signin.infusionsoft.com/login?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/test404page.js Content-Length: 0 Content-Type: text/html;charset=UTF-8 Set-Cookie: app-lb=168296458.20480.0000; path=/ Set-Cookie: TS1b1025=47e56de34ed641e7743557d3f7023aac178e59a5ece6f390541723ac431c454977a70f4c; Path=/; Secure; HTTPOnly Set-Cookie: TS1b1025_28=93001af1bdedb8c24282b7c5b3c3014d178e59a5ece6f390000000000000000000541723ac5e3fabf0eb8f9f8a; Path=/; Secure; HTTPOnly X-Cnection: close X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN | clean |
https://signin.infusionsoft.com/login?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/test404page.js | 200 OK Content-Length: 16857 Content-Type: text/html | clean |
https://signin.infusionsoft.com/js/jquery-1.11.0/jquery-1.11.0.min.js;jsessionid=789849AC5B7E9703BECF9521A738D194 | 200 OK Content-Length: 96381 Content-Type: text/javascript | clean |
http://signin.infusionsoft.com?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=789849AC5B7E9703BECF9521A738D194 | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://signin.infusionsoft.com/?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=789849AC5B7E9703BECF9521A738D194 Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
https://signin.infusionsoft.com/?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=789849ac5b7e9703becf9521a738d194 | HTTP/1.1 302 Found Date: Mon, 15 Sep 2014 17:36:49 GMT Location: https://signin.infusionsoft.com/login?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=789849ac5b7e9703becf9521a738d194 Content-Length: 0 Content-Type: text/html;charset=UTF-8 Set-Cookie: app-lb=319291402.20480.0000; path=/ Set-Cookie: TS1b1025=6c3e2c85242f345ae4425b2c4710b66a4d1e08edbdb4c92a541723b0431c4549669001e6; Path=/; Secure; HTTPOnly Set-Cookie: TS1b1025_28=e07bf2214883994a258f017389ee1df64d1e08edbdb4c92a000000000000000000541723b04d1e08edbdb4c92a; Path=/; Secure; HTTPOnly X-Cnection: close X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN | clean |
https://signin.infusionsoft.com/login?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=789849ac5b7e9703becf9521a738d194 | 200 OK Content-Length: 16926 Content-Type: text/html | clean |
https://signin.infusionsoft.com/js/jquery-1.11.0/jquery-1.11.0.min.js;jsessionid=7556487754FE0084EE6EF1AD88F8F70A | 200 OK Content-Length: 96381 Content-Type: text/javascript | clean |
http://signin.infusionsoft.com?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=7556487754FE0084EE6EF1AD88F8F70A | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://signin.infusionsoft.com/?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=7556487754FE0084EE6EF1AD88F8F70A Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
https://signin.infusionsoft.com/?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=7556487754fe0084ee6ef1ad88f8f70a | HTTP/1.1 302 Found Date: Mon, 15 Sep 2014 17:36:52 GMT Location: https://signin.infusionsoft.com/login?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=7556487754fe0084ee6ef1ad88f8f70a Content-Length: 0 Content-Type: text/html;charset=UTF-8 Set-Cookie: app-lb=185073674.20480.0000; path=/ Set-Cookie: TS1b1025=607fbfcb88968ff9d476e595eb715d5d77316a51d352c8ed541723b4431c4549cae1bce6; Path=/; Secure; HTTPOnly Set-Cookie: TS1b1025_28=edff3ab15639bf00454649a4e128e98d77316a51d352c8ed000000000000000000541723b477316a51d352c8ed; Path=/; Secure; HTTPOnly X-Cnection: close X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN | clean |
https://signin.infusionsoft.com/login?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=7556487754fe0084ee6ef1ad88f8f70a | 200 OK Content-Length: 16927 Content-Type: text/html | clean |
https://signin.infusionsoft.com/js/jquery-1.11.0/jquery-1.11.0.min.js;jsessionid=BF39AA36B420C835C9928B3DA219943D | 200 OK Content-Length: 96381 Content-Type: text/javascript | clean |
http://signin.infusionsoft.com?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=BF39AA36B420C835C9928B3DA219943D | HTTP/1.1 302 Found Connection: Keep-Alive Location: https://signin.infusionsoft.com/?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=BF39AA36B420C835C9928B3DA219943D Server: Apache-Coyote/1.1 Content-Length: 0 | clean |
https://signin.infusionsoft.com/?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=bf39aa36b420c835c9928b3da219943d | HTTP/1.1 302 Found Date: Mon, 15 Sep 2014 17:36:56 GMT Location: https://signin.infusionsoft.com/login?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=bf39aa36b420c835c9928b3da219943d Content-Length: 0 Content-Type: text/html;charset=UTF-8 Set-Cookie: app-lb=336068618.20480.0000; path=/ Set-Cookie: TS1b1025=37d2f187c9319033b90d0407c11544b14c556e2e5f8c7bbb541723b8431c454980507999; Path=/; Secure; HTTPOnly Set-Cookie: TS1b1025_28=af2b4acb1a1b8ac4a770ae4b5b6ff27d4c556e2e5f8c7bbb000000000000000000541723b84c556e2e5f8c7bbb; Path=/; Secure; HTTPOnly X-Cnection: close X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN | clean |
https://signin.infusionsoft.com/login?service=https%3a%2f%2fthompsonlaw.infusionsoft.com%2fj_spring_cas_security_check/bootstrap-3.2.0-dist/js/bootstrap.min.js;jsessionid=bf39aa36b420c835c9928b3da219943d | 200 OK Content-Length: 16927 Content-Type: text/html | clean |