home

down.cmaxgrc.com

YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service)

Domain Information

The domain down.cmaxgrc.com registered by YinSi BaoHu Yi KaiQi (Hidden by Whois Privacy Protection Service) was initially registered in March of 2016 through HICHINA ZHICHENG TECHNOLOGY LTD.. The hosted servers are located in Ashburn, Virginia within the United States which resides on the NTT America, Inc. network.
Registrar:
HICHINA ZHICHENG TECHNOLOGY LTD.

Server location:
Virginia, United States (US)

Create date:
Tuesday, March 8, 2016

Expires date:
Wednesday, March 8, 2017

Updated date:
Tuesday, March 8, 2016

ASN:
AS2914 NTT-COMMUNICATIONS-2914 - NTT America, Inc.,US

Root domain:
cmaxgrc.com

Whois:
1 cmaxgrc.com record

The domain down.cmaxgrc.com has been seen to resolve to the following 2 IP addresses.

165.254.60.146
firewall.systemarts.com
July 4, 2016

205.177.113.34
205-177-113-34.static.pccwglobal.net
June 27, 2016

File downloads found at URLs served by down.cmaxgrc.com.

0 / 68
http://down.cmaxgrc.com/kuabotv_365791.exe  (6d6fade7e2308e6e296541521a75c1ac)

3 / 68      (Malware)
http://down.cmaxgrc.com/jyjh_9005.exe  (jyjh_6043.exe)

0 / 68
http://down.cmaxgrc.com/jyjh_9005.exe  (jyjh_6043.exe)

2 / 68
http://down.cmaxgrc.com/jyjh_6043.exe  (468e2931613c27835c6974467ddb5ed5)

0 / 68
http://down.cmaxgrc.com/jyjh_6043.exe  (faea496c34cdc5a401badcdebbd4a87e)

The following 8 files have been seen to comunicate with down.cmaxgrc.com in live environments.

TCP » 165.254.60.146:80
jingling.exe

TCP » 165.254.60.146:80
ContentFinder.exe (ContentFinder by ContentFinder Software)

TCP » 165.254.60.146:443
jingling.exe

TCP » 165.254.60.146:443
jingling.exe

TCP » 165.254.60.146:80
jingling.exe

TCP » 165.254.60.146:80
jingling.exe

TCP » 165.254.60.146:80
-¸-+¦ª-¸-+¦µ.exe (liuliangbao by www.liuliangbao.cn)

TCP » 165.254.60.146:443
UCBrowser.exe (UC Browser by UCWeb)

TCP » 165.254.60.146:443
rlvknlg.exe (Relevant-Knowledge by TMRG)

URL:
http://down.cmaxgrc.com/

Web server:
marco/0.14.0

3c-automation.com.cn

5ewin.com

finereport.com

jxsjixie.com

ksbao.com

pcsoftdown.com

upaiyun.com

yunzhuan.com

2144.cn

ad-safe.com

bingyan.asia

doswf.com

hx7987.com

meituan.net

nvjay.com

yupoo.com

zs0597.com

zuimc.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.