Our automated security review marked co.com as suspicious. Several warning signs were detected; it may still turn out legitimate, but you should verify it through independent channels before trusting it with money or credentials.

Is co.com safe to use?

co.com currently scores 48/100 on our trust scale. We found enough warning signals to recommend caution. Verify the site through independent channels before entering credentials or money.

Does co.com have a valid SSL certificate?

Yes. co.com presents a valid TLSv1.3 certificate issued by Let's Encrypt · R13, expiring in 72 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.

How old is the co.com domain?

co.com is 28.8 years old, registered on 8/16/1997 through Moniker Online Services LLC. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.

Has co.com been flagged by antivirus engines?

1 out of 91 antivirus engines in our malware network flagged co.com as malicious or suspicious (1 outright malicious). Even one detection is a meaningful signal.

Is co.com on any phishing or malware blacklists?

No. co.com is not currently listed on the major browser blocklist feeds that modern browsers use.

Where is co.com hosted?

co.com resolves to an IP operated by International Business Machines Corporation in US (usage type: Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.

How often is the co.com report updated?

We cache results for 24 hours. Signed-in MalwareTips members can trigger a manual rescan at any time using the "Rescan" button on the report page, which re-runs every check from scratch and refreshes this page.

SUSPICIOUS

Warning signs detected

Official .co.com domain registry with a parked homepage; one antivirus flag but legitimate operator with 28-year history and active US business registration. Several risk indicators suggest caution. This site might be legitimate — but treat it as unverified until you can independently confirm.

Security Review

Is co.com legit or a scam?

Name: Is co.com legit or a scam?
Item: co.com
Rating: 3
Author: MalwareTips

Our verdict:Suspicious· 48/100

SafeSuspiciousDangerous

Official .co.com domain registry with a parked homepage; one antivirus flag but legitimate operator with 28-year history and active US business registration.

Top reasons

One antivirus engine flagged the page as malicious, though this appears to be a false positive given the domain's legitimacy.Homepage is a bare placeholder with no functional content, contact information, or business details visible.Third-party registrants have abused .co.com subdomains in documented phishing campaigns, creating potential confusion.

co.comScanned 2h ago

Post Facebook

Trust score

SUSPICIOUS

Heuristics 27·MT 62

Category tags

domain registryparked/placeholder72% MT confidence

Technical red flags (1)

1 of 91 engines flagged

Positive signals (4)

Not on major blacklists Domain is 29 years old Encrypted connection Clean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence

0/91

Engines flagged this URL

Domain Age

29 years old

Registered Aug 16, 1997

MT Intelligence

Suspicious

Moderate likelihood · 72% confidence

MT Intelligence

Advanced threat intelligence

MT Security Analyst

Moderate scam likelihoodengineMT · Guardiantrust62/100

MT AgentLive web researchVisual inspection

Confidence

co.com is the authoritative registry for the .co.com top-level domain, operated by Co.com LLC in Cincinnati, Ohio since approximately 1997. The homepage displays only a placeholder notice directing users to registry.co.com, which is typical for a registry operator's main domain. One antivirus engine (ThreatHive) flagged the page as malicious, but this appears to be a false positive given the domain's age (10,522 days), valid SSL certificate, clean hosting IP reputation, and confirmed active business registration. Independent review aggregators rate the registry as fair and valid with low scam probability. The evidence package documents that specific subdomains under .co.com (such as blokchain.co.com and go-trust.co.com) have been abused in phishing campaigns, but this reflects misuse by third-party registrants, not the registry operator itself. The registry maintains an abuse-reporting mechanism and is not itself a scam vector.

Full dossier

Analysis complete

Page Content

The homepage is a minimal placeholder displaying only a domain registry notice for co.com with a link to registry.co.com. No functional site content, navigation, contact information, or user-facing features are present. This is consistent with a registry operator's main domain, which typically directs traffic to the actual registry management portal.

Infrastructure

Hosting IP 169.60.151.232 has zero abuse reports and an abuse score of 0/100. SSL certificate is valid (Let's Encrypt R13) with 72 days remaining. No redirects, homoglyphs, or internationalized domain names detected. The domain resolves cleanly with no cross-domain redirect chains.

Domain History

co.com was registered approximately 10,522 days ago (roughly 1997), making it one of the earliest commercial domains. The .co.com registry extension itself launched around 2014 as an alternative for short, memorable names. Co.com LLC is an active, registered business entity headquartered at 9891 Montgomery Road, Suite 225, Cincinnati, Ohio 45242, USA.

Web Reputation

One antivirus engine (ThreatHive) flagged the page as malicious; this is likely a false positive given the domain's age, business registration, and clean hosting reputation. Independent review aggregators assign a trust score of 80.9/100 and describe the registry as fair, valid, and known with low scam probability. Browser blocklists are clean. The evidence package documents that third-party registrants have abused .co.com subdomains in phishing campaigns (e.g., blokchain.co.com impersonating Blockchain.com), but the registry operator itself maintains an abuse-reporting mechanism and is not the source of these attacks.

Risk Factors

One antivirus engine flagged the page as malicious, though this appears to be a false positive given the domain's legitimacy.
Homepage is a bare placeholder with no functional content, contact information, or business details visible.
Third-party registrants have abused .co.com subdomains in documented phishing campaigns, creating potential confusion.
No contact email, phone, or postal address on the homepage itself (users are directed to registry.co.com for support).

Positive Signals

Domain age of 10,522 days (since ~1997) with consistent, uninterrupted operation.
Valid SSL certificate issued by Let's Encrypt with no expiry concerns.
Hosting IP has zero abuse reports and a clean reputation score.
Confirmed active business registration (Co.com LLC, Cincinnati, Ohio) with verifiable address.
Independent review aggregators assign a trust score of 80.9/100 and rate the registry as fair and valid.

AI Recommendation

co.com is a legitimate domain registry and safe to visit for registry services. If you are looking to register a .co.com domain or report abuse, use the official registry portal at registry.co.com. Do not confuse the registry operator with individual .co.com subdomains that may be used maliciously by third parties.

Next-gen fraud intelligence

Evidence-backedCross-checked

Website Preview

LIVE RENDER

co.com

1Page appears parked or non-functional — displays a domain registry notice for co.com with a link to registry.co.com and no functional site content

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

/ 100

Moderate visual risk

Visual red flags detected in the screenshot

The page shows a bare domain registry placeholder for the co.com TLD operator, with no site content, navigation, or user-facing functionality present.

Visual risk40/100

What our vision model saw

1 signal

Page appears parked or non-functional — displays a domain registry notice for co.com with a link to registry.co.com and no functional site content

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for co.com, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age

28 yrs

Registered Aug 1997

Business registration

Active · USA

Site traces back to an actively registered business.

Clone check

Not a clone

No well-known site's layout or branding detected here.

Typosquat check

No look-alike match

The domain doesn't resemble any well-known brand's spelling.

Web mentions

2 scam reports · 1 positive

Key findings

7 headline facts from open-web research

co.com is the official registry website for the .co.com domain extension, launched around 2014 as an alternative for short, memorable names ending in .com when the equivalent .com is unavailable.
Operated by Co.com LLC based in Cincinnati, Ohio, USA (address: 9891 Montgomery Road #225, Cincinnati, OH 45242).
Domain age approximately 28 years (main co.com created 1997); the .co.com registry celebrated 10,000 registrations at its 1-year anniversary in 2015.
Scam Detector gives the registry site a trust score of 80.9/100, describing it as Fair, Valid, Known with low risk of phishing/spam.
The registry maintains an abuse reporting page (registry.co.com/report-abuse) that handles reports of phishing, malware, fraud, and impersonation on registered .co.com domains.
Specific .co.com subdomains (e.g. blokchain.co.com, go-trust.co.com) have been used in documented phishing campaigns impersonating services like Blockchain.com.
No widespread complaints or scam reports against the registry operator Co.com LLC itself; individual third-level domains under .co.com can be registered by anyone and used maliciously.

Scam reports (2)

Direct quotes from public scam databases, forums, and news.

Financial Markets Authorityopen
"Blokchain.co.com – Phishing scam impersonating Blockchain.com"
GitHub hagezi/dns-blocklistsopen
"add 12 phishing domains (go-trust.co.com ..."

Positive reviews (1)

Quotes indicating the site is legitimate.

Scam-Detector.comopen
"The Scam Detector’s algorithm gives this business the following rank: 80.9/100. ... Fair. Valid. Known. ... low scam probability."

Business registration

Status: active · USA

Co.com LLC, headquartered at 9891 Montgomery Road, #225, Cincinnati, Ohio 45242. Operates the .co.com domain registry since ~2014.

Research summary

Narrative write-up from our AI analyst, grounded on the facts above

Our research found that co.com is the legitimate, established registry operator for the .co.com domain extension, launched around 2014 and operated by Co.com LLC (Cincinnati, Ohio) since approximately 1997. The registry is rated as fair and valid by independent review aggregators with a trust score of 80.9/100 and low scam probability. However, the evidence package documents two instances of phishing abuse: subdomains blokchain.co.com and go-trust.co.com were used to impersonate Blockchain.com and other services. These are third-party registrant abuses, not attacks by the registry operator itself. The registry maintains an abuse-reporting mechanism (registry.co.com/report-abuse) to handle such cases. No widespread complaints or scam reports target the registry operator; the documented issues reflect misuse of the .co.com namespace by malicious third parties.

Antivirus Engines

Detection matrix · live

1 engine flagged this URL

We cross-check every URL against our antivirus network of 91 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

1Malicious0Suspicious58Harmless91Engines

of 91

ThreatHive

Malicious· malicious

1 antivirus engine flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check

Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Sandbox Render

Page rendered in a safe sandbox

Requests made0

Unique IPs0

Countries0

Detected brandsNone

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found

No clear contact details on the page

Emails on site's domainNone

Phone numbersNone

Postal addressNot listed

Linked social profiles0

Signal Summary

Several contact red flags

No contact email found anywhere on the page.
No phone number listed on the page.
No postal address visible on the page.

Domain & Encryption

Domain History

Age29 years old

RegistrarMoniker Online Services LLC

RegisteredAug 16, 1997

ExpiresAug 15, 2029

Owner privacyVisible

Encryption Certificate

StatusValid

ProtocolTLSv1.3

IssuerLet's Encrypt · R13

ExpiresAug 19, 2026 (72d)

Self-signedNo

Hosting & Technology

HostingInternational Business Machines Corporation

Server locationUS

Web serverApache

Server Reputation

Hosting

CountryUnknown

NetworkUnknown

IP addressUnknown

Abuse Intelligence

Confidence score0%

Reports on file0

ISPInternational Business Machines Corporation

Usage typeData Center/Web Hosting/Transit

Proceed with caution

Our automated review flagged enough risk that you should treat this site as unverified.

Treat co.com as unverified
Do not enter credentials or send money until you have independently verified the business.
Verify the business through independent channels
Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.
Never use irreversible payment methods
Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.
Share your experience
If you have additional context, drop a comment below or post on the MalwareTips forum.
Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing

Not listedCheck ↗

VirusTotal

ListedCheck ↗

AbuseIPDB

Not listedCheck ↗

Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered from the scan data on this page. These are auto-generated — not hand-written — so they always match the underlying report.

Our automated security review marked co.com as suspicious. Several warning signs were detected; it may still turn out legitimate, but you should verify it through independent channels before trusting it with money or credentials.

Final Verdict

Trust / 100

Final Verdict·co.com

SUSPICIOUS

co.com is the legitimate registry operator for the .co.com domain extension, but the homepage itself is a bare placeholder with minimal content and one antivirus engine flagging it as malicious—likely a false positive given the registry's established 28-year history and active business registration.

AV engines

MT passes

Net signals

Scan another URL

Security review completemalwaretips.com/url-scan

Recently scanned

Other Suspicious reports

Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…

Loading comments…

This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.