ad.yieldmanager.com

Yahoo! Inc.

Domain Information

The domain ad.yieldmanager.com registered by Yahoo! Inc. was initially registered in August of 2001 through MARKMONITOR INC.. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Omaha, Nebraska within the United States which resides on the Yahoo! Inc. network.
Registrar:
MARKMONITOR INC.

Server location:
Nebraska, United States (US)

Create date:
Wednesday, August 8, 2001

Expires date:
Monday, August 8, 2016

Updated date:
Tuesday, July 7, 2015

ASN:
AS36646 YAHOO-NE1 - Yahoo,US

Root domain:

Scanner detections:
Detections  (97% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.TUGUUSL.X, PUP.Awimba.W, PUP.Awimba.X, PUP.Awimba.R, PUP.Optional.VisualSoftwareSystems.N, PUP.DencoLimited.g, PUP.Tuguu.Bundler (M), PUP.Adknowledge.OptimumInstaller.Installer (M), PUP.GadgetBox.saminves.Installer (M), PUP.Adknowledge.OptimumI.Bundler (M), PUP.Jottix.Jottixin.Installer (M), PUP.Linkular.Company.Installer (M), PUP.Adknowledge (M)
100.00%

Dr.Web
Adware.W3i.29, Adware.W3i.31, Adware.Downware.1108
41.67%

VIPRE Antivirus
DomaIQ, InstallIQ Installer, Optimum Installer
41.67%

Malwarebytes
PUP.FakeFlash.Domaiq, Adware.DomaIQ, PUP.DomaIQ, PUP.FakeFlash.DomaIQ, PUP.Optional.Ibryte
38.89%

avast!
NSIS:DomaIQ-C [PUP], MSIL:DomaIQ-F [PUP], Win32:DomaIQ-I [PUP], Win32:PUP-gen [PUP], Win32:DomaIQ-AI [PUP], Win32:DomaIQ-M [PUP]
38.89%

Sophos
Generic PUA CF, DomainIQ pay-per install, DomaIQ pay-per install (PUA), iBryte Optimum Installer
38.89%

Comodo Security
Application.Win32.DomaIQ.~qk, Application.Win32.Downloader.Agent.WA, UnclassifiedMalware, Application.Win32.DomaIQ.~A, ApplicUnwnt
38.89%

Avira AntiVirus
APPL/DomaIQ.Gen, APPL/DomaIQ.454000, APPL/DomaIQ.Gen7, PUA/DomaIQ.Gen7, Adware/Agent.909545
38.89%

IKARUS anti.virus
AdWare.DomaIQ, AdWare.Win32.InstallIQ, Trojan.Win32.Ceatrg, Trojan-Dropper, Trojan-Ransom.Win32.Blocker, PUA.DomaIQ, Win32.SuspectCrc
36.11%

K7 AntiVirus
Trojan , Riskware, Unwanted-Program , Adware
33.33%

ESET NOD32
Win32/DomaIQ, Win32/InstallIQ (variant), Win32/DomaIQ.L potentially unwanted
33.33%

Fortinet FortiGate
Riskware/DomaIQ.C!tr, W32/DomaIQ.D, W32/Crypt.AALD!tr, W32/DomaIQ.C, Adware/Fam.NB, Riskware/IBryte
33.33%

Norman
Suspicious_Gen4.ERZRG, Agent.AQDDL, Obfuscated.gen!r, Agent.ASWDM
30.56%

McAfee
Artemis!5F12D9812BF9, Artemis!AEB9ABCF4236, Artemis!AD7075C10AB8, RDN/Generic PUP.x!bp3, Artemis!BB5F1E5DD088, Artemis!8081A62A8030, Artemis!B69414244124, Artemis!84C10F29EE93
30.56%

AVG
Skodna.Bundle, MalSign.Skodna, DomaIQ, Agent.L, Adware Generic5
27.78%

The domain ad.yieldmanager.com has been seen to resolve to the following 6 IP addresses.

mpr2.ngd.vip.ne1.yahoo.com
February 4, 2016

mpr1.ngd.vip.ne1.yahoo.com
February 4, 2016

mpr2.ngd.vip.ne1.yahoo.com
September 3, 2014

mpr1.ngd.vip.ne1.yahoo.com
September 3, 2014

mpr1.ngd.vip.bf1.yahoo.com
February 5, 2014

mpr2.ngd.vip.bf1.yahoo.com
February 5, 2014

File downloads found at URLs served by ad.yieldmanager.com.

 
Latest 30 of 148 download URLs

The following 181 files have been seen to comunicate with ad.yieldmanager.com in live environments.

 
Latest 20 of 334 files

URL:
http://ad.yieldmanager.com/

SSL certificate subject:
CN=ad.yieldmanager.com, OU=Information Technology, O=Yahoo Inc., L=Sunnyvale, S=California, C=US

SSL certificate issuer:
CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Web server:
ATS

Facebook:
Likes:  13
Shares:  90
Comments:  25

Statistics are for the previous month.