Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=email.rootcreativegroup.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://email.rootcreativegroup.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: email.rootcreativegroup.com
Result:
HTTP/1.1 302 Found
Cache-Control: private
Connection: close
Date: Sun, 27 Apr 2014 01:25:54 GMT
Location: /login?ReturnUrl=%2F
Server: csw
Content-Length: 137
Content-Type: text/html; charset=utf-8
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
...137 bytes of data.
GET / HTTP/1.1
Host: email.rootcreativegroup.com
Result:
HTTP/1.1 302 Found
Cache-Control: private
Connection: close
Date: Sun, 27 Apr 2014 01:25:54 GMT
Location: /login?ReturnUrl=%2F
Server: csw
Content-Length: 137
Content-Type: text/html; charset=utf-8
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
...137 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: email.rootcreativegroup.com
Referer: http://www.google.com/search?q=email.rootcreativegroup.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: email.rootcreativegroup.com
Referer: http://www.google.com/search?q=email.rootcreativegroup.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
Scanned pages/files
Request | Server response | Status |
http://email.rootcreativegroup.com/ | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Sun, 27 Apr 2014 01:25:54 GMT Location: /login?ReturnUrl=%2F Server: csw Content-Length: 137 Content-Type: text/html; charset=utf-8 P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE" | clean |
http://email.rootcreativegroup.com/login?returnurl=%2f | 200 OK Content-Length: 9381 Content-Type: text/html | clean |
http://js.createsend1.com/js/jquery-1.7.2.min.js?h=C99A4659hearts | 200 OK Content-Length: 94843 Content-Type: application/x-javascript | clean |
http://js.createsend1.com/js/login.min.js?h=1FE50761hearts | 200 OK Content-Length: 13910 Content-Type: application/x-javascript | clean |
http://email.rootcreativegroup.com/resetPassword/resetMyPassword.aspx | 200 OK Content-Length: 2494 Content-Type: text/html | clean |
http://js.createsend1.com/js/reset.min.js?h=300E0D23hearts | 200 OK Content-Length: 26998 Content-Type: application/x-javascript | clean |
http://email.rootcreativegroup.com/js/plugins/jquery.shake.js | 200 OK Content-Length: 2644 Content-Type: application/x-javascript | clean |
http://email.rootcreativegroup.com/login | 200 OK Content-Length: 10083 Content-Type: text/html | clean |
http://email.rootcreativegroup.com/test404page.js | HTTP/1.1 302 Found Cache-Control: private Connection: close Date: Sun, 27 Apr 2014 01:26:00 GMT Location: /login?ReturnUrl=%2Ftest404page.js Server: csw Content-Length: 151 Content-Type: text/html; charset=utf-8 P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE" | clean |
http://email.rootcreativegroup.com/login?returnurl=%2ftest404page.js | 200 OK Content-Length: 10083 Content-Type: text/html | clean |