Malware Scanner report for rtjco.ir

Malicious/Suspicious/Total urls checked: 9/0/15

9 pages have malicious code. See details below

Blacklists: Found

The website is marked by Google as suspicious.

The website "rtjco.ir" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.

Malicious Redirects: OK

Malicious/Hidden/Total iFrames: 8/0/8

8 malicious iframes found. See details below

Deface / Content modification: OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

Malware Removal
Blacklists Removal
Reason Eliminating
1 Month Hack Insurance

More details

Website Hack Insurance

Files & DB Monitoring
Daily Backups
Malware & Hack Detection
Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=rtjco.ir

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

Request	Server response	Status
http://www.rtjco.ir/	200 OK Content-Length: 61076 Content-Type: text/html	malicious
Page code contains blacklisted domain: royantajhiz.ir ...[1724 bytes skipped]... a/system/js/caption.js" type="text/javascript"></script> <script src="/media/system/js/mootools-more.js" type="text/javascript"></script> <script src="/modules/mod_sp_image_rotator/assets/script/_class.noobSlide.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="teight="118" alt=""> </div> <div class="joomir-row6"> <table border="0" width="900" cellspacing="0"> <tr> <td width="49" height="10"></td> <td width="370" height="10"> <font color="#FFFFFF" face="Tahoma" style="font-size: 8pt; font-weight: 700"> Head ...[2202 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0">
http://www.rtjco.ir/media/system/js/mootools-core.js	200 OK Content-Length: 96362 Content-Type: application/javascript	clean
http://www.rtjco.ir/media/system/js/core.js	200 OK Content-Length: 4784 Content-Type: application/javascript	clean
http://www.rtjco.ir/media/system/js/caption.js	200 OK Content-Length: 729 Content-Type: application/javascript	clean
http://www.rtjco.ir/media/system/js/mootools-more.js	200 OK Content-Length: 238331 Content-Type: application/javascript	clean
http://www.rtjco.ir/modules/mod_sp_image_rotator/assets/script/_class.noobSlide.js	200 OK Content-Length: 5355 Content-Type: application/javascript	clean
http://www.rtjco.ir/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js	200 OK Content-Length: 136091 Content-Type: application/javascript	malicious
Malicious code - confirmed by antiviruses (see below) if(typeof YAHOO=="undefined"\|\|!YAHOO){var YAHOO={};}YAHOO.namespace=function(){var A=arguments,E=null,C,B,D;for(C=0;C<A.length;C=C+1){D=(""+A[C]).split(".");E=YAHOO;for(B=(D[0]=="YAHOO")?1:0;B<D.length;B=B+1){E[D[B]]=E[D[B]]\|\|{};E=E[D[B]];}}return E;};YAHOO.log=function(D,A,C){var B=YAHOO.widget.Logger;if(B&&B.log){return B.log(D,A,C);}else{return false;}};YAHOO.register=function(A,E,D){var I=YAHOO.env.modules,B,H,G,F,C;if(!I[A]){I[A]={versions:[],builds:[]};}B=I[A];H=D.version;G=D ... 3104 bytes are skipped ....widget.MenuItem,{init:function(B,A){if(!this.SUBMENU_TYPE){this.SUBMENU_TYPE=YAHOO.widget.Menu;}YAHOO.widget.MenuBarItem.superclass.init.call(this,B);var C=this.cfg;if(A){C.applyConfig(A,true);}C.fireQueue();},CSS_CLASS_NAME:"yuimenubaritem",CSS_LABEL_CLASS_NAME:"yuimenubaritemlabel",toString:function(){var A="MenuBarItem";if(this.cfg&&this.cfg.getProperty("text")){A+=(": "+this.cfg.getProperty("text"));}return A;}});YAHOO.register("menu",YAHOO.widget.Menu,{version:"2.8.1",build:"19"}); Antivirus reports: Ikarus Trojan.Script Comodo TrojWare.JS.Agent.TC
http://royantajhiz.ir/modules/mod_date2/ty2udate.js	200 OK Content-Length: 373 Content-Type: application/javascript	clean
http://www.rtjco.ir/index.php/about-us.html	200 OK Content-Length: 60429 Content-Type: text/html	malicious
Page code contains blacklisted domain: royantajhiz.ir ...[1206 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2678 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0">
http://www.rtjco.ir/index.php/products/shell-tube-heat-exchangers.html	200 OK Content-Length: 58219 Content-Type: text/html	malicious
Page code contains blacklisted domain: royantajhiz.ir ...[1142 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2740 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0">
http://www.rtjco.ir/index.php/products/air-coolers.html	200 OK Content-Length: 58109 Content-Type: text/html	malicious
Page code contains blacklisted domain: royantajhiz.ir ...[1072 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2814 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0">
http://www.rtjco.ir/index.php/products/pressure-vessels.html	200 OK Content-Length: 58347 Content-Type: text/html	malicious
Page code contains blacklisted domain: royantajhiz.ir ...[1092 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2790 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0">
http://www.rtjco.ir/index.php/products/spare-parts.html	200 OK Content-Length: 69483 Content-Type: text/html	malicious
Page code contains blacklisted domain: royantajhiz.ir ...[1537 bytes skipped]... /script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/media/system/js/mootools-more.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); window.addEvent('domready', function() { $$('.hasTip').eeight="118" alt=""> </div> <div class="joomir-row6"> <table border="0" width="900" cellspacing="0"> <tr> <td width="49" height="10"></td&g ...[2374 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0">
http://www.rtjco.ir/index.php/supply.html	200 OK Content-Length: 59787 Content-Type: text/html	malicious
Page code contains blacklisted domain: royantajhiz.ir ...[1202 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2682 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0">
http://www.rtjco.ir/index.php/supply/heat-exchanger-tubes.html	200 OK Content-Length: 58673 Content-Type: text/html	malicious
Page code contains blacklisted domain: royantajhiz.ir ...[1237 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2647 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0">

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: rtjco.ir

Result:

Second query (visit from search engine):
GET / HTTP/1.1
Host: rtjco.ir
Referer: http://www.google.com/search?q=rtjco.ir

Result:
The result is similar to the first query. There are no suspicious redirects found.

Recently found suspicious websites

Malware Scanner report for rtjco.ir

Malware & Hack Repair

Website Hack Insurance

Safe Browsing / Blacklists

Scanned pages/files

Malicious Redirects

Recently found suspicious websites

Company

Services

eVuln Labs

eVuln Tools