Domain Due Diligence
Report for Monkrus.ws
Why we think so?
Short verdict: ❌ Likely scam / high-risk. monkrus.ws is a high-traffic Russian-language warez blog (about 550k monthly visits) that hosts links to pirated software and related downloads. Multiple security scanners and community reports flag the site or specific subdomains (e.g., w16.monkrus.ws) as distributing malware; Gridinsoft gives w16 a 2/100 trust score and several forum posts report antivirus blocks. The site exposes no public business contact emails and uses Reg.ru nameservers with Cloudflare in front. Overall: avoid downloads from this domain, do not provide personal or payment information, and treat any offered software as potentially malicious.
Risk Insights
Warez site => high malware risk
- Site openly serves pirated software and cracked installers.
- Security vendors flag specific subdomains as malware distributors (e.g., w16.monkrus.ws).
- Avoid downloads and entering credentials on this domain.
Contradictory Signals
Safe Browsing returned clean for the main domain while other scanners flagged subdomains; different engines may index or classify subdomains differently.
Signal A: Google Safe Browsing: no active matches
Signal B: Multiple vendor scans and community reports flag malware
Category Scores
Red Flags & Warnings
- Security scans and community reports identify the site or subdomains as distributing malware (e.g., trojans hidden in cracked installers).
- Primary site topic is warez/pirated software — category with inherently high malware and legal risk.
- No verified business contact details or clear ownership information published on site.
- Conflicting ratings from automated reputation engines (some show ambiguous/low trust scores), indicating unreliable trust signals.
🔎 Detailed Checks & Analysis
Domain content & intent (site category)
Score: 10/100
Domain content & intent (site category)
"The site description and page content explicitly advertise an "обновляемый список продуктов (сборок) от m0nkrus’a" — a list of pirated builds; this content type is high risk for malware."
Reason: Site is a warez/pirated-software blog that links to cracked installers and builds.
Reputation / malware reports
Score: 50/100
Reputation / malware reports
"Gridinsoft and several security review pages give very low trust scores (e.g., w16.monkrus.ws = 2/100) and forum posts report antivirus detections for downloads linked from the domain."
Reason: Multiple independent security scanners and community reports mark domain/subdomains as distributing malware.
Traffic & popularity
Score: 70/100
Traffic & popularity
"SimilarWeb and SimilarTech report monthly visits in the mid-hundreds of thousands and top keywords (monkrus, m0nkrus) driving search traffic; high audience size increases downstream risk if malware is hosted."
Reason: High monthly visits (~553k) and visible search keywords indicate substantial traffic and reach.
Contact transparency
Score: 20/100
Contact transparency
"Automated scraping returned an empty email/phone list; lack of verifiable contact information lowers trust and makes redress difficult."
Reason: No business emails or phone numbers were found on the site; only a Facebook profile was detected.
Technical infrastructure (DNS, CDN, SSL)
Score: 60/100
Technical infrastructure (DNS, CDN, SSL)
"Cloudflare provides edge protections and HTTPS encryption, but these do not imply site legitimacy; infrastructure is common for many sites including risky ones."
Reason: Uses Cloudflare CDN and has IPv4/IPv6 DNS records via Reg.ru nameservers; HTTPS present.
Blacklist checks (Safe Browsing, crypto scam lists)
Score: 35/100
Blacklist checks (Safe Browsing, crypto scam lists)
"No matches were found in Google Safe Browsing or the crypto scam list, but third-party security engines still flagged specific subdomains — negative results here do not override other vendor warnings."
Reason: Google Safe Browsing and crypto-scam checks returned no active matches for the main domain at time of check.
Legal / trademark conflicts
Score: 40/100
Legal / trademark conflicts
"Absence of USPTO hits does not prove legitimacy; it only indicates no registered US trademark was found for the query."
Reason: No USPTO trademarks found for the domain, suggesting no registered brand ownership in the U.S.
Public reports of monetary loss or fraud complaints
Score: 25/100
Public reports of monetary loss or fraud complaints
"Search results show warnings and risk assessments rather than documented legal claims or chargeback/complaint records; absence of documented theft doesn't mean low risk given malware distribution."
Reason: No verifiable, detailed reports of direct monetary loss were found, but multiple reports warn of malware and scam patterns (e.g., fake prize scams).
Your Next Steps
-
1
Do not download or run files from monkrus.ws or its subdomains; treat offered installers as potentially malicious.
-
2
If you already downloaded something from the site, isolate the device, run updated antivirus scans (multiple engines), and consider reimaging if malware is confirmed.
-
3
Report suspicious pages/downloads to your antivirus vendor and to Google Safe Browsing if you encounter malicious content.
-
4
Avoid entering any personal or payment information; if you did, monitor accounts and change passwords, and enable 2FA where available.
-
5
If you need legitimate software, obtain it from the official vendor (Adobe, Microsoft, etc.) or authorized resellers.
Evidence & Citations
-
SimilarTech site profile for monkrus.ws (tech stack, description, monthly visits)
Shows site description (Russian-language warez blog), monthly visits (~553k), leading country (Russia) and tech stack including Cloudflare and Reg.ru DNS.
-
SimilarWeb snapshot and traffic analytics for monkrus.ws
Traffic metrics (visits ~553k, bounce ~44%, pages/visit ~2.85) and top countries (RU, CN, US) supporting high exposure.
-
Perplexity / security scoping summary (aggregated malware/reputation reports)
Aggregates multiple security reviews noting malware distribution risks (w16.monkrus.ws flagged), mixed automated trust scores, and forum reports.
-
Gridinsoft / online virus scanner (example: w16.monkrus.ws)
Security vendor page that explicitly warns w16.monkrus.ws distributes malicious or unwanted files and assigns a very low trust score.
-
Website contacts scrape for monkrus.ws (no emails found)
Automated scrape found no public contact emails or phone numbers on the site; only a Facebook page was detected.
-
WHOIS / DNS records for monkrus.ws (nameservers and IP)
DNS shows Reg.ru nameservers (ns1/ns2.reg.ru) and both IPv4 and IPv6 addresses; no WHOIS ownership blob returned in evidence extract.
-
Google Safe Browsing check
At fetch time there were no matched threats from Google Safe Browsing for the main domain, but this does not contradict other vendor flags on subdomains.
-
USPTO trademark search for 'monkrus.ws'
No trademark records found for the queried term, consistent with lack of formal brand registration.
-
News coverage about unlicensed Adobe/GenP/Photoshop tooling (context)
Article about risks with unlicensed Adobe apps and GenP-type installers — contextually related to warez sites that distribute cracked software.
🕵🏻 Keep investigating
Run another instant due diligence scan on any website URL. Verify before you trust!
Spot fake SaaS login pages before handing over credentialsPhishing crews spin up carbon-copy login portals for CRM and finance tools, siphoning credentials before users realize t...
Read playbook → Analyze giveaway landing page phishingGiveaway pages entice with consoles or flights, then harvest card data and selfies “for verification.” ScamAI checks reg...
Read playbook →Community feedback
Not rated yet
0 reviews published
Leave a review
Reviews
No public reviews yet. Be the first to share your experience.