The domain www.agentofex.com is registered by proxy through ENOM, INC. and was originally registered in December of 2013. Currently this domain has been known to host various forms of malware. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Registrant:
WHOISGUARD, INC.
Server location:
Arizona, United States (US)
Create date:
Friday, December 27, 2013
Expires date:
Sunday, December 27, 2015
Updated date:
Wednesday, April 1, 2015
ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US
Scanner detections:
Malware distribution (100% detected)
Scan engine
Details
Detections
MicroWorld eScan
Trojan.GenericKD.1492435, Gen:Variant.Zusy.77106
100.00%
Quick Heal
TrojanDropper.Bepush.B.cw3, TrojanDropper.Bepush.r3
100.00%
McAfee
Generic.rx, Artemis!7B6EE6D31023
100.00%
Malwarebytes
Trojan.Downloader.MSIL, Trojan.Agent.MSIL
100.00%
Zillya! Antivirus
Trojan.Blocker.Win32.13348, Trojan.Blocker.Win32.27133
100.00%
K7 AntiVirus
Riskware , Trojan
100.00%
Arcabit
Trojan.Generic.D16C5D3, Trojan.Zusy.D12D32
100.00%
Agnitum Outpost
Trojan.Blocker, Trojan.Bepush
100.00%
ESET NOD32
MSIL/Bepush, MSIL/Bepush (variant)
100.00%
Trend Micro House Call
TROJ_SPNR.35BH14
100.00%
avast!
Win32:Ransom-ARZ [Trj], Win32:Agent-ASJZ [Trj]
100.00%
Kaspersky
Trojan-Ransom.Win32.Blocker, HEUR:Trojan.Win32.Generic
100.00%
Bitdefender
Trojan.GenericKD.1492435, Gen:Variant.Zusy.77106
100.00%
NANO AntiVirus
Trojan.Win32.Blocker.dtplmx, Trojan.Win32.Blocker.ctpstx
100.00%
ViRobot
Trojan.Win32.A.Blocker.123904.Q[h], Trojan.Win32.S.Agent.196096.BA[h]
100.00%
The domain www.agentofex.com has been seen to resolve to the following 4 IP addresses.
File downloads found at URLs served by www.agentofex.com.
URL:
http://www.agentofex.com/
Google Analytics:
UA-35908464
Description:
“En sık ziyaret ettiğiniz web sayfalarının tümü birarada.”
SSL certificate subject:
CN=sni45370.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated
SSL certificate issuer:
CN=COMODO ECC Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
Web server:
cloudflare-nginx (PHP/5.5.30)
Related Domains