dl.yontoo.com
Yontoo LLC (via a Proxy Registrant)
Domain Information
dl.yontoo.com is operated by Sambreel's (now QuestPoint) subsidiary Yontoo. The domain dl.yontoo.com is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2007. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Broomfield, Colorado within the United States which resides on the Level 3 Communications, Inc. network. The domain is associated with the publisher Yontoo LLC who is located in Carlsbad, California in the United States.
Registrar:
GODADDY.COM, LLC
Server location:
Colorado, United States (US)
Create date:
Friday, March 30, 2007
Expires date:
Wednesday, March 30, 2016
Updated date:
Monday, April 27, 2015
ASN:
AS54761 ARIN-SAMBREEL-SVCS - Sambreel Services, LLC
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Yontoo.R, PUP.Installer.Yontoo.L, PUP.Installer.Yontoo.R, Win32.Generic
100.00%
Trend Micro House Call
ADW_YONTOO, TROJ_GEN.RCBH1ET13, TROJ_GEN.F47V1220
93.33%
VIPRE Antivirus
Yontoo
93.33%
Boost by Reason
Trojan.Adw.Yontoo.R, Optional.Yontoo.L
93.33%
McAfee
Artemis!2530E5D03504, Artemis!B1A9C17E5529
86.67%
Comodo Security
ApplicUnwnt.Win32.AdWare.Yontoo.~, UnclassifiedMalware
86.67%
Dr.Web
Adware.Siggen.24249, Adware.Plugin.11, Adware.Yontoo.3
86.67%
Avira AntiVirus
ADWARE/Yontoo.Gen
86.67%
Trend Micro
ADW_YONTOO, BKDR_BIFROSE.BMC
86.67%
Rising Antivirus
Trojan.InstallRex!562A, PE:Trojan.InstallRex!1.9CB0
86.67%
IKARUS anti.virus
AdWare.Yontoo
86.67%
Bkav FE
HW32.Laneul, W32.Clod764.Trojan
86.67%
Baidu Antivirus
AdWare.Win32.Yontoo, Adware.Win32.Agent
86.67%
Agnitum Outpost
Adware.Yontoo
86.67%
The domain dl.yontoo.com has been seen to resolve to the following 2 IP addresses.
File downloads found at URLs served by dl.yontoo.com.
The following 576 files have been seen to comunicate with dl.yontoo.com in live environments.
URL:
http://dl.yontoo.com/
SSL certificate subject:
CN=*.yontoo.com, OU=Domain Control Validated
SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."
Web server:
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)
Related Domains