Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=rtjco.ir
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.rtjco.ir/ | 200 OK Content-Length: 61076 Content-Type: text/html | malicious |
Page code contains blacklisted domain: royantajhiz.ir ...[1724 bytes skipped]... a/system/js/caption.js" type="text/javascript"></script> <script src="/media/system/js/mootools-more.js" type="text/javascript"></script> <script src="/modules/mod_sp_image_rotator/assets/script/_class.noobSlide.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="teight="118" alt=""> </div> <div class="joomir-row6"> <table border="0" width="900" cellspacing="0"> <tr> <td width="49" height="10"></td> <td width="370" height="10"> <font color="#FFFFFF" face="Tahoma" style="font-size: 8pt; font-weight: 700"> Head ...[2202 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0"> | ||
http://www.rtjco.ir/media/system/js/mootools-core.js | 200 OK Content-Length: 96362 Content-Type: application/javascript | clean |
http://www.rtjco.ir/media/system/js/core.js | 200 OK Content-Length: 4784 Content-Type: application/javascript | clean |
http://www.rtjco.ir/media/system/js/caption.js | 200 OK Content-Length: 729 Content-Type: application/javascript | clean |
http://www.rtjco.ir/media/system/js/mootools-more.js | 200 OK Content-Length: 238331 Content-Type: application/javascript | clean |
http://www.rtjco.ir/modules/mod_sp_image_rotator/assets/script/_class.noobSlide.js | 200 OK Content-Length: 5355 Content-Type: application/javascript | clean |
http://www.rtjco.ir/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js | 200 OK Content-Length: 136091 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if(typeof YAHOO=="undefined"||!YAHOO){var YAHOO={};}YAHOO.namespace=function(){var A=arguments,E=null,C,B,D;for(C=0;C<A.length;C=C+1){D=(""+A[C]).split(".");E=YAHOO;for(B=(D[0]=="YAHOO")?1:0;B<D.length;B=B+1){E[D[B]]=E[D[B]]||{};E=E[D[B]];}}return E;};YAHOO.log=function(D,A,C){var B=YAHOO.widget.Logger;if(B&&B.log){return B.log(D,A,C);}else{return false;}};YAHOO.register=function(A,E,D){var I=YAHOO.env.modules,B,H,G,F,C;if(!I[A]){I[A]={versions:[],builds:[]};}B=I[A];H=D.version;G=D Antivirus reports:
| ||
http://royantajhiz.ir/modules/mod_date2/ty2udate.js | 200 OK Content-Length: 373 Content-Type: application/javascript | clean |
http://www.rtjco.ir/index.php/about-us.html | 200 OK Content-Length: 60429 Content-Type: text/html | malicious |
Page code contains blacklisted domain: royantajhiz.ir ...[1206 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2678 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0"> | ||
http://www.rtjco.ir/index.php/products/shell-tube-heat-exchangers.html | 200 OK Content-Length: 58219 Content-Type: text/html | malicious |
Page code contains blacklisted domain: royantajhiz.ir ...[1142 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2740 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0"> | ||
http://www.rtjco.ir/index.php/products/air-coolers.html | 200 OK Content-Length: 58109 Content-Type: text/html | malicious |
Page code contains blacklisted domain: royantajhiz.ir ...[1072 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2814 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0"> | ||
http://www.rtjco.ir/index.php/products/pressure-vessels.html | 200 OK Content-Length: 58347 Content-Type: text/html | malicious |
Page code contains blacklisted domain: royantajhiz.ir ...[1092 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2790 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0"> | ||
http://www.rtjco.ir/index.php/products/spare-parts.html | 200 OK Content-Length: 69483 Content-Type: text/html | malicious |
Page code contains blacklisted domain: royantajhiz.ir ...[1537 bytes skipped]... /script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/media/system/js/mootools-more.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); window.addEvent('domready', function() { $$('.hasTip').eeight="118" alt=""> </div> <div class="joomir-row6"> <table border="0" width="900" cellspacing="0"> <tr> <td width="49" height="10"></td&g ...[2374 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0"> | ||
http://www.rtjco.ir/index.php/supply.html | 200 OK Content-Length: 59787 Content-Type: text/html | malicious |
Page code contains blacklisted domain: royantajhiz.ir ...[1202 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2682 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0"> | ||
http://www.rtjco.ir/index.php/supply/heat-exchanger-tubes.html | 200 OK Content-Length: 58673 Content-Type: text/html | malicious |
Page code contains blacklisted domain: royantajhiz.ir ...[1237 bytes skipped]... ;/style> <script src="/media/system/js/mootools-core.js" type="text/javascript"></script> <script src="/media/system/js/core.js" type="text/javascript"></script> <script src="/media/system/js/caption.js" type="text/javascript"></script> <script src="/modules/mod_ariyuimenu/mod_ariyuimenu/js/yui.combo.js" type="text/javascript"></script> <script src="http://royantajhiz.ir/modules/mod_date2/ty2udate.js" type="text/javascript"></script> <script type="text/javascript"> window.addEvent('load', function() { new JCaption('img.caption'); }); try { document.execCommand("BackgroundImageCache", false, true); } catch(e) {}; YAHOO.util.Event.onContentReady("ariyui88_menu", function () { var oMenu = new YAHOO.widget.MenuBar("ariyui88_menu", {"lazyLoad":true,"autosubmenudisplay":true,"position":"static","hidedelay":750}); o ...[2647 bytes skipped]... Malicious iFrame found. size: 0x0 src: http://erreco.com/traffic3.php This URL is marked by Google as suspicious <iframe src="http://erreco.com/traffic3.php" width="0" height="0" frameborder="0"> |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: rtjco.ir
Result:
GET / HTTP/1.1
Host: rtjco.ir
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: rtjco.ir
Referer: http://www.google.com/search?q=rtjco.ir
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: rtjco.ir
Referer: http://www.google.com/search?q=rtjco.ir
Result:
The result is similar to the first query. There are no suspicious redirects found.