x.co

Go Daddy Operating Company, LLC

Domain Information

The domain x.co registered by Go Daddy Operating Company, LLC was initially registered in April of 2010 through GODADDY.COM, INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Scottsdale, Arizona within the United States which resides on the GoDaddy.com, LLC network.
Remove Malware from x.co - Powered by Reason Core Security
Registrar:
GODADDY.COM, INC.

Server location:
Arizona, United States (US)

Create date:
Friday, April 23, 2010

Expires date:
Saturday, April 22, 2017

Updated date:
Wednesday, November 20, 2013

ASN:
AS26496 AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC,US

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Avira AntiVirus
TR/Dropper.A.27868, DR/AutoIt.Gen, ADWARE/Adware.Gen2, APPL/Amonetize.htzw, Adware/Amonetize.tzv, ADWARE/Adware.Gen4, Adware/Fiseria.hv
100.00%

Malwarebytes
Spyware.ZeuS.AI, Trojan.Dropper.SFXAI, PUP.Optional.Amonetize, PUP.Optional.Firseria
100.00%

ESET NOD32
Win32/Injector.Autoit.AMY, Win32/Amonetize.AW (variant), Win32/Amonetize.BK (variant), Win32/Amonetize.BM (variant), Win32/Amonetize.BN (variant)
100.00%

AVG
Autoit_c, Generic, Generic_r, Downloader.Generic14, BundleApp
92.86%

Baidu Antivirus
Trojan.Win32.Inject, Adware.Win32.Amonetize, Adware.Win32.FirseriaInstaller
92.86%

AhnLab V3 Security
Trojan/Win32.AutoIt, PUP/Win32.Amonetiz, PUP/Win32.Amonetize, PUP/Win32.Firseria
92.86%

Reason Heuristics
PUP.Installer.KOMPANIYAR.?, PUP.Installer.Wilmaonline.?, PUP.Installer.Wilmaonline.EE, PUP.Installer.Wilmaonline.p, PUP.Installer.Wilmaonline.R
92.86%

Kaspersky
Trojan.Win32.Inject, not-a-virus:HEUR:AdWare.Win32.Amonetize, not-a-virus:AdWare.Win32.Amonetize, Virus.Win32.Virut, not-a-virus:AdWare.NSIS.Agent
85.71%

Sophos
Mal/Generic-S, Mal/MalitRar-B, Amonetize, Generic PUA PF, Generic PUA OL, Generic PUA KE, Generic PUA MO, Generic PUA AO
85.71%

G Data
Trojan.Agent.BDIY, Win32.Application.Amonetize, Gen:Variant.Application.Bundler.Amonetize.12, Win32.Virtob.Gen.12, Gen:Variant.Application.Bundler.Amonetize.11
85.71%

McAfee
Artemis!334A79332CD5, Artemis!A8A8E445C438, Artemis!3DA32A72F2B6, Artemis!9513D0DD420F, Artemis!64A1F1E3030A, W32/Virut.n.gen
78.57%

McAfee Web Gateway
Artemis!334A79332CD5, Artemis!A8A8E445C438, Artemis!3DA32A72F2B6, Artemis!64A1F1E3030A, W32/Virut.n.gen, BehavesLike.Win32.CryptDoma.fc
78.57%

Qihoo 360 Security
HEUR/Malware.QVM06.Gen, Win32/Virus.Adware.932, Win32/Application.c7d, Virus.Win32.Virut.O, Win32/Virus.Adware.e09, HEUR/QVM10.1.Malware.Gen
78.57%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.Amonetize.c.(kcloud)
78.57%

Dr.Web
Trojan.DownLoader9.40808, infected with Trojan.MulDrop5.8889, Adware.Downware.8012, Adware.Downware.8331, Win32.Virut.56
71.43%

The domain x.co has been seen to resolve to the following IP address.

ip-97-74-42-81.ip.secureserver.net
June 9, 2014

File downloads found at URLs served by x.co.

32 / 68    (Adware)
http://x.co/tvfree2014  (freetvstream.exe)

31 / 68    (Adware)
http://x.co/tvfree2014  (freetvstream.exe)

29 / 68    (Adware)
http://x.co/5DAm9  (font__7226_il2403.exe)

20 / 68    (Adware)
http://x.co/592Iq  (windows 7 loader__7629_il324.exe)

52 / 68    (Adware)
http://x.co/5ElT2  (vuze plus activation code gene downloader__3687_i1323485018_il1935718.exe)

15 / 68    (Adware)
http://x.co/57nnj  (windows loader 2.2.2__8173_il407.exe)

29 / 68    (Adware)
http://x.co/5Ad27  (3dsmax2014ckv214__5542_i1288877181_il10669.exe)

17 / 68    (PUP)
http://x.co/58z4r  (herdprotect__2309_il21601.exe)

21 / 68    (Adware)
http://x.co/5B6EZ  (windows loader 2.3.0__8173_il471.exe)

23 / 68    (Adware)
http://x.co/5Hsau  (hackshield.kapatma.(bloklama).100.cozum__7214_il332.exe)

27 / 68    (Adware)
http://x.co/5Acd9  (the walking dead the complet downloader__3687_i1106098502_il1266346.exe)

7 / 68      (Adware)
http://x.co/57wWo  (download wat fix for windows 7 downloader__3687_i1128841215_il577376.exe)

16 / 68    (Malware)
http://x.co/4kSUv  (crypted rat.exe)

15 / 68    (PUP)
http://x.co/4kC86  (driver.exe)

URL:
http://x.co/

Title:
“URL Shortener | X.co URL Redirection Service by Go Daddy”

Description:
“Use the shortest URL possible with X.co URL Shortening service! Access statistics and customize your links with a free account.”

SSL certificate subject:
CN=x.co, O="GoDaddy.com, LLC", L=Scottsdale, S=Arizona, C=US, SERIALNUMBER=R-1724733-6, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Arizona, OID.1.3.6.1.4.1.311.60.2.1.3=US

SSL certificate issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, O="GoDaddy.com, Inc."

Web server:
Microsoft-IIS/7.0 (ASP.NET) (Version: 4.0.30319)

Facebook:
Likes:  250
Shares:  316
Comments:  45

Twitter:
Shares:  164

Quantcast US:
Rank:  292,556

Statistics above are for the previous month of November 2016.

Remove Malware from x.co - Powered by Reason Core Security