Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=theroastedroot.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://theroastedroot.com/ | 200 OK Content-Length: 106990 Content-Type: text/html | clean |
http://theroastedroot.com/wp-includes/js/l10n.js?ver=20101110 | 200 OK Content-Length: 308 Content-Type: application/javascript | clean |
http://theroastedroot.com/wp-content/themes/u-design/scripts/jquery-1.4.4.min.js?ver=3.2.1 | 200 OK Content-Length: 78600 Content-Type: application/javascript | clean |
http://theroastedroot.com/wp-content/themes/u-design/sliders/piecemaker/js/swfobject.js?ver=1.5 | 200 OK Content-Length: 6880 Content-Type: application/javascript | clean |
http://theroastedroot.com/wp-content/themes/u-design/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.2 | 200 OK Content-Length: 23508 Content-Type: application/javascript | clean |
http://theroastedroot.com/wp-content/themes/u-design/scripts/jquery-validate/jquery.validate.min.js?ver=1.6 | 200 OK Content-Length: 25307 Content-Type: application/javascript | clean |
http://theroastedroot.com/wp-content/themes/u-design/scripts/masked-input-plugin/jquery.maskedinput.min.js?ver=1.2.2 | 200 OK Content-Length: 3545 Content-Type: application/javascript | clean |
http://theroastedroot.com/wp-content/themes/u-design/scripts/superfish-1.4.8/js/superfish.combined.js?ver=1.0.0 | 200 OK Content-Length: 5387 Content-Type: application/javascript | clean |
http://theroastedroot.com/wp-content/themes/u-design/scripts/script.js?ver=1.0 | 200 OK Content-Length: 7494 Content-Type: application/javascript | clean |
http://theroastedroot.com/wp-content/plugins/g-lock-double-opt-in-manager/js/glock2.min.js | 200 OK Content-Length: 69612 Content-Type: application/javascript | clean |
http://theroastedroot.com/wp-content/plugins/g-lock-double-opt-in-manager/js/gsom_s.min.js | 200 OK Content-Length: 4054 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) function gsom_isEmail(a){return a.match(/\b([_a-z0-9-]+(\.[_a-z0-9-]+)*)@([_a-z0-9-]+(\.[_a-z0-9-]+)*)(\.([a-z]{2,10}))\b/gi)}function gsmoStripSymbols(a){return a.replace(/[\s]+/g,"_").replace(/[^A-Za-z0-9\_]+/g,"").substring(0,20)}function gsomBuildForm(e){e=e||{};var b=e.arr||[],d=e.place||"gsom-fields-list",a=e.makeDivs||false,c=a?"div":"li";if(glock.isDef(b)){for(var f=0;f<b.length;f++){MakeFormFieldListItem({ul:d,label:b[f].label,type:b[f].type,value:b[f].value,name:b[f].name,checked:b[ Antivirus reports:
| ||
http://theroastedroot.com/wp-content/themes/u-design/scripts/prettyPhoto/custom_params.js?ver=3.1.2 | 200 OK Content-Length: 7987 Content-Type: application/javascript | clean |
http://s.gravatar.com/js/gprofiles.js?w&ver=3.2.1 | 200 OK Content-Length: 21442 Content-Type: application/x-javascript | clean |
http://theroastedroot.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.2.1 | 200 OK Content-Length: 930 Content-Type: application/javascript | clean |
http://theroastedroot.com/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=0.1 | 200 OK Content-Length: 8877 Content-Type: application/javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: theroastedroot.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Tue, 20 Jan 2015 15:49:35 GMT
Server: nginx/1.6.2
Vary: Accept-Encoding,Cookie
Content-Type: text/html; charset=UTF-8
WP-Super-Cache: Served supercache file from PHP
GET / HTTP/1.1
Host: theroastedroot.com
Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Tue, 20 Jan 2015 15:49:35 GMT
Server: nginx/1.6.2
Vary: Accept-Encoding,Cookie
Content-Type: text/html; charset=UTF-8
WP-Super-Cache: Served supercache file from PHP
Second query (visit from search engine):
GET / HTTP/1.1
Host: theroastedroot.com
Referer: http://www.google.com/search?q=theroastedroot.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: theroastedroot.com
Referer: http://www.google.com/search?q=theroastedroot.com
Result:
The result is similar to the first query. There are no suspicious redirects found.