The domain x.co registered by Go Daddy Operating Company, LLC was initially registered in April of 2010 through GODADDY.COM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Registrant:
Go Daddy Operating Company, LLC
Registrar:
GODADDY.COM, INC.
Server location:
Arizona, United States (US)
Create date:
Friday, April 23, 2010
Expires date:
Saturday, April 22, 2017
Updated date:
Wednesday, November 20, 2013
ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US
Scanner detections:
Detections (95% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Installer.Firseria.M, PUP.Installer.KOMPANIYAR.?, PUP.Installer.Wilmaonline.?, PUP.Installer.Wilmaonline.EE, PUP.Installer.Wilmaonline.p, PUP.Solimba.Firseria.Bundler (M)
90.00%
Avira AntiVirus
TR/Dropper.A.27868, DR/AutoIt.Gen, APPL/Bundler.Firseria.3, ADWARE/Adware.Gen2, APPL/Amonetize.htzw, Adware/Amonetize.tzv
80.00%
Malwarebytes
Spyware.ZeuS.AI, Trojan.Dropper.SFXAI, PUP.Optional.Firseria, PUP.Optional.Amonetize
75.00%
ESET NOD32
Win32/Injector.Autoit.AMY, Win32/Amonetize.AW (variant), Win32/Amonetize.BK (variant), Win32/Amonetize.BM (variant), Win32/Amonetize.BN (variant)
70.00%
AVG
Autoit_c, Solimba, Generic, Generic_r, Downloader.Generic14, BundleApp
70.00%
AhnLab V3 Security
Trojan/Win32.AutoIt, PUP/Win32.Firseria, PUP/Win32.Amonetiz, PUP/Win32.Amonetize
70.00%
Sophos
Mal/Generic-S, Mal/MalitRar-B, Solimba Installer, Amonetize, Generic PUA PF, Generic PUA OL, Generic PUA KE, Generic PUA MO
65.00%
Baidu Antivirus
Trojan.Win32.Inject, Adware.Win32.Amonetize, Adware.Win32.FirseriaInstaller
65.00%
G Data
Trojan.Agent.BDIY, Gen:Variant.Application.Bundler.Firseria, Win32.Application.Amonetize, Gen:Variant.Application.Bundler.Amonetize.12
65.00%
Kaspersky
Trojan.Win32.Inject, not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:AdWare.Win32.Amonetize, Virus.Win32.Virut, not-a-virus:AdWare.NSIS.Agent
60.00%
McAfee
Artemis!334A79332CD5, Artemis!A8A8E445C438, Artemis!3DA32A72F2B6, Artemis!9513D0DD420F, Artemis!64A1F1E3030A, W32/Virut.n.gen
55.00%
Dr.Web
Trojan.DownLoader9.40808, infected with Trojan.MulDrop5.8889, Adware.Downware.4802, Adware.Downware.8012, Adware.Downware.8331
55.00%
Qihoo 360 Security
HEUR/Malware.QVM06.Gen, Win32/Virus.Adware.932, Win32/Application.c7d, Virus.Win32.Virut.O, Win32/Virus.Adware.e09, HEUR/QVM10.1.Malware.Gen
55.00%
MicroWorld eScan
Trojan.Agent.BDIY, Gen:Variant.Application.Bundler.Firseria.4, Gen:Variant.Application.Bundler.Amonetize.10, Gen:Variant.Application.Bundler.Amonetize.12, Gen:Variant.Application.Bundler.Amonetize.11, Gen:Variant.Adware.Zusy.98064, Gen:Variant.Application.Bundler.Firseria.3
50.00%
Bitdefender
Trojan.Agent.BDIY, Gen:Variant.Application.Bundler.Firseria.4, Gen:Variant.Application.Bundler.Amonetize.10, Gen:Variant.Application.Bundler.Amonetize.12
50.00%
The domain x.co has been seen to resolve to the following 2 IP addresses.
ip-184-168-131-241.ip.secureserver.net
April 11, 2016
ip-97-74-42-81.ip.secureserver.net
June 9, 2014
File downloads found at URLs served by x.co.
43 / 68 (Adware)
http://x.co/5ElT2 (vuze plus activation code gene downloader__3687_i1323485018_il1935718.exe)
24 / 68 (Adware)
http://x.co/5Acd9 (the walking dead the complet downloader__3687_i1106098502_il1266346.exe)
7 / 68 (Adware)
http://x.co/57wWo (download wat fix for windows 7 downloader__3687_i1128841215_il577376.exe)
The following 3 files have been seen to comunicate with x.co in live environments.
Description:
“Use the shortest URL possible with X.co URL Shortening service! Access statistics and customize your links with a free account.”
SSL certificate subject:
CN=x.co, OU=Domain Control Validated
SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."
Web server:
Apache/2.2.15 (CentOS)
Facebook:
Likes: 12
Shares: 114
Comments: 2
Statistics above are for the previous month of November 2024.
Related Domains