home

rd.jiguangie.com

chongqingquwankejiyouxiangongsi

Domain Information

The domain rd.jiguangie.com registered by chongqingquwankejiyouxiangongsi was initially registered in May of 2013 through ENAME TECHNOLOGY CO., LTD.. The hosted servers are located in Beijing, Beijing within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
ENAME TECHNOLOGY CO., LTD.

Server location:
Beijing, China (CN)

Create date:
Monday, May 6, 2013

Expires date:
Friday, May 6, 2016

Updated date:
Monday, April 20, 2015

ASN:
AS4808 CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation,CN

Root domain:
jiguangie.com

Whois:
3 jiguangie.com records

Google Safe Browsing:
malware,unwanted

Scan engine
Details
Detections

IKARUS anti.virus
Backdoor.Win32.Agobot, Trojan.SuspectCRC, Trojan-Downloader, PUA.Kuping
72.73%

Reason Heuristics
PUP.SHANGRAOWANGJUTIANXIATECHNOLOGYCOLTD.Installer (M), PUP.SHANGRAOWANGJUTIANXIATECHNOLOGYCOLTD (M), PUP.SHANGRAO (M)
45.45%

McAfee
PUP-KPToolBar, Artemis!EFF3C4DC7AD5
18.18%

Qihoo 360 Security
Trojan.Generic
9.09%

MicroWorld eScan
Trojan.GenericKD.2848251
9.09%

nProtect
Trojan.GenericKD.2848251
9.09%

VIPRE Antivirus
Trojan.Win32.Generic
9.09%

NANO AntiVirus
Trojan.Win32.Wsgame.dyktlh
9.09%

F-Prot
W32/Agent.EW.gen
9.09%

avast!
Win32:Evo-gen [Susp]
9.09%

G Data
Trojan.GenericKD.2848251
9.09%

Bitdefender
Trojan.GenericKD.2848251
9.09%

Lavasoft Ad-Aware
Trojan.GenericKD.2848251
9.09%

Emsisoft Anti-Malware
Trojan.GenericKD.2848251
9.09%

Comodo Security
TrojWare.Win32.TrojanDropper.Agent.HNMS
9.09%

The domain rd.jiguangie.com has been seen to resolve to the following 4 IP addresses.

219.232.255.182
May 19, 2016

101.251.196.13
November 18, 2015

210.73.212.148
June 26, 2014

210.73.212.147
June 26, 2014

File downloads found at URLs served by rd.jiguangie.com.

0 / 68
http://rd.jiguangie.com/rd.php?siteid=577  (qvodsetup5_104.exe)

1 / 68      (PUP)
http://rd.jiguangie.com/rd.php?siteid=463  (高清观看_a_41705.exe)

2 / 68      (PUP)
http://rd.jiguangie.com/rd.php?siteid=416  (setup_a_41376.exe)

3 / 68      (inconclusive)
http://rd.jiguangie.com/rd.php?siteid=204  (txt_a_41521.exe)

1 / 68      (PUP)
http://rd.jiguangie.com/rd.php?siteid=510  (高清观看_a_41693.exe)

1 / 68      (PUP)
http://rd.jiguangie.com/rd.php?siteid=510  (高清观看_a_41693.exe)

19 / 68    (Malware)
http://rd.jiguangie.com/rd.php?siteid=761  (setup_1_51832_019.exe)

2 / 68
http://rd.jiguangie.com/rd.php?siteid=14  (txt_a_41420.exe)

1 / 68
http://rd.jiguangie.com/rd.php?siteid=136  (vmmc_70219.exe)

2 / 68      (PUP)
http://rd.jiguangie.com/rd.php?siteid=510  (高清观看_a_41693.exe)

1 / 68
http://rd.jiguangie.com/rd.php?siteid=144  (setup_a_34871.exe)

2 / 68
http://rd.jiguangie.com/rd.php?siteid=510  (txt_a_41420.exe)

2 / 68
http://rd.jiguangie.com/rd.php?siteid=258  (nyhx_a_41562.exe)

2 / 68
http://rd.jiguangie.com/rd.php?siteid=403  (txt_a_41420.exe)

0 / 68
http://rd.jiguangie.com/rd.php?siteid=578  (qvodsetup5_102.exe)

1 / 68
http://rd.jiguangie.com/rd.php?siteid=203  (setup_a_34871.exe)

2 / 68      (PUP)
http://rd.jiguangie.com/rd.php?siteid=510  (setup_a_41376.exe)

2 / 68      (PUP)
http://rd.jiguangie.com/rd.php?siteid=14  (setup_a_41376.exe)

URL:
http://rd.jiguangie.com/

Web server:
nginx

kuping.cc

way52.com

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.