Yontoo LLC (via a Proxy Registrant)
dl.yontoo.com is operated by Sambreel's (now QuestPoint) subsidiary Yontoo. The domain dl.yontoo.com is registered by proxy through GODADDY.COM, LLC and was originally registered in March of 2007. This domain has been known to host and distribute potentially unwanted software. The hosted servers are located in Broomfield, Colorado within the United States which resides on the Level 3 Communications, Inc. network. The domain is associated with the publisher Yontoo LLC who is located in Carlsbad, California in the United States.
Colorado, United States (US)
Friday, March 30, 2007
Wednesday, March 30, 2016
Monday, April 27, 2015
AS54761 ARIN-SAMBREEL-SVCS - Sambreel Services, LLC
Detections (100% detected)
Trend Micro House Call
ADW_YONTOO, TROJ_GEN.RCBH1ET13, TROJ_GEN.F47V1220
PUP.Yontoo.R, PUP.Installer.Yontoo.L, PUP.Installer.Yontoo.R
McAfee Web Gateway
Boost by Reason
The domain dl.yontoo.com has been seen to resolve to the following 2 IP addresses.
File downloads found at URLs served by dl.yontoo.com.
The following 574 files have been seen to comunicate with dl.yontoo.com in live environments.
SSL certificate subject:
CN=*.yontoo.com, OU=Domain Control Validated
SSL certificate issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."
Microsoft-IIS/7.5 (ASP.NET) (Version: 4.0.30319)