home

xzone-reactor.com

Domains By Proxy, LLC  (Proxy Registrant)

Domain Information

The domain xzone-reactor.com is registered by proxy through GODADDY.COM, LLC and was originally registered in December of 2009. Currently this domain has been known to host various forms of malware. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
Registrar:
GODADDY.COM, LLC

Server location:
Arizona, United States (US)

Create date:
Sunday, December 27, 2009

Expires date:
Tuesday, December 27, 2016

Updated date:
Sunday, January 3, 2016

ASN:
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US

Whois:
2 xzone-reactor.com records

Google Safe Browsing:
unwanted

Scanner detections:
Malware distribution  (57% detected)

Scan engine
Details
Detections

McAfee
Artemis!00EF29AFB364, Artemis!6B4EE4F386EC, Artemis!4B031D31F321, Artemis!6F1035148301, Artemis!FAA39492BBCE, Artemis!ED6339557335, Artemis!50D68B17F293
100.00%

Bkav FE
W32.HfsAutoA, W32.Clodd1f.Trojan, HW32.CDB, HW32.Packed
85.71%

Trend Micro House Call
TROJ_GEN.R0CBC0OLV13, TROJ_GEN.F47V0301, TROJ_GEN.F47V0425, TROJ_GEN.R047C0OK214, TROJ_GEN.R08OC0EEE15
71.43%

AhnLab V3 Security
Trojan/Win32.Agent
71.43%

IKARUS anti.virus
Win32.SuspectCrc, Trojan.Win32.Menti, Trojan.SuspectCRC, Virus.Win32.DelfInject , Trojan.Agent
71.43%

VIPRE Antivirus
Trojan.Win32.Generic
57.14%

AVG
Dropper.Generic9, Luhe.Fiha.B, Skodna.GameHack
57.14%

MicroWorld eScan
Gen:Variant.Kazy.263991, Trojan.Generic.11968977, Gen:Variant.Kazy.491401
42.86%

Norman
Suspicious_Gen5.AKDKK, Suspicious_Gen4.CVPSL, Suspicious_Gen2.VZBZD
42.86%

Bitdefender
Gen:Variant.Kazy.68497, Trojan.Generic.11968977, Gen:Variant.Kazy.491401
42.86%

Lavasoft Ad-Aware
Gen:Variant.Kazy.68497, Trojan.Generic.11968977, Gen:Variant.Kazy.491401
42.86%

Emsisoft Anti-Malware
Gen:Variant.Kazy.68497, Trojan.Generic.11968977, Gen:Variant.Kazy.491401
42.86%

F-Secure
Gen:Variant.Kazy.263991, Trojan.Generic.11968977, Gen:Variant.Kazy.491401
42.86%

G Data
Gen:Variant.Kazy.68497, Trojan.Generic.11968977, Gen:Variant.Kazy.491401
42.86%

Comodo Security
UnclassifiedMalware
42.86%

The domain xzone-reactor.com has been seen to resolve to the following 11 IP addresses.

104.20.68.113
March 3, 2016

104.20.69.113
March 3, 2016

190.93.252.199
July 1, 2015

190.93.253.199
July 1, 2015

141.101.123.75
May 23, 2014

190.93.242.74
May 23, 2014

141.101.113.75
May 23, 2014

141.101.112.75
May 23, 2014

190.93.243.74
May 23, 2014

190.93.252.64
March 15, 2014

190.93.253.64
March 15, 2014

File downloads found at URLs served by xzone-reactor.com.

8 / 68      (inconclusive)
http://xzone-reactor.com/cdn-cgi/l/chk_jschl?jschl_vc=9199e255207d8bd915b26dc4e666dc3e&pass=1454833826.92-3/.../tG&jschl_answer=16601  (xzone_reactor_application_setup.exe)

25 / 68    (PUP)
http://xzone-reactor.com/.../rename_me.exe  (woxharbjpgk.exe)

13 / 68    (Malware)
http://xzone-reactor.com/.../rename_me.exe  (faa39492bbce1470d6c5472613bfddc1)

4 / 68      (inconclusive)
http://xzone-reactor.com/.../rename_me.exe  (wsr0lwavdkk.exe)

11 / 68    (Malware)
http://xzone-reactor.com/.../XZONE_REACTOR_Application_Setup.exe  (4b031d31f3215cdfc2f1c3117c6880e1)

5 / 68      (inconclusive)
http://xzone-reactor.com/.../rename_me.exe  (wch6hp0cooe.exe)

20 / 68    (Malware)
http://xzone-reactor.com/.../rename_me.exe  (waxdy+zl4kn.exe)

URL:
http://xzone-reactor.com/

SSL certificate subject:
CN=ssl320236.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated

SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Web server:
cloudflare-nginx

Facebook:
Likes:  474
Shares:  2,195
Comments:  517

Statistics above are for the previous month of March 2024.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.