Domain > yaho.com

More information on this domain is in AlienVault OTX

Files that talk to yaho.com

MD5	A/V
0f5f90b03b49b276d148f7e6be7c30f1	[HW32.CDB.27e0] [Packed.Win32.Katusha.1!O] [Trojan.Win32.Hlux.cxxldj] [Trojan.FakeAV] [Kryptik.CCFN] [Win32/Kelihos.OWUMMQC] [Backdoor.Win32.Hlux.dqeh] [Backdoor.Hlux!9TTR+wn2IWc] [Backdoor.Win32.Hlux.DUHE] [BackDoor.Slym.12819] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Win32/Kryptik.CAXO] [Win32.Backdoor.Hlux.Hpn] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GNC] [Backdoor.Win32.Hlux.ArxZ]
2ff91f4e0068fc52bdb39d02fc662591	[HW32.CDB.080a] [Heur.Win32.Veebee.1!O] [Trojan.VB.r3] [W32/Worm-AAEH.pd!2FF91F4E0068] [Trojan.Win32.VBKrypt.cwzxet] [WS.Reputation.1] [Trojan.Win32.VBKrypt.uqhh] [Trojan.Injector!IlLZsuIElYQ] [TrojWare.Win32.VB.ICOX] [Win32.HLLW.BackDates.309] [Mal/SillyFDC-AH] [Trojan/Win32.VBKrypt] [Worm:Win32/Vobfus.YQ] [Trojan/Win32.Vobfus] [W32/Trojan.HHET-7467] [TScope.Trojan.VB] [Trojan.Win32.VBKrypt.avIT] [PE:Malware.XPACK-HIE/Heur!1.9C48] [Worm.Win32.Vobfus] [W32/Injector.VOX!tr]
e6d960bf587f5cb1497520fe716f1fb4	[Malware.Packer.FFS] [BackDoor.SlymENT.2075] [Heuristic.LooksLike.Win32.Suspicious.E] [Backdoor:Win32/Kelihos.F] [PE:Malware.XPACK/RDM!5.1]
8889d486a91b3448e8b429ef99a536d0	[HW32.CDB.1cb9] [Trojan.Win32.Kryptik.cwzoai] [Kryptik.CCFN] [Backdoor.Win32.Hlux.dnla] [Backdoor.Hlux!yM05ScK42o0] [Trojan.Packed.26544] [Mal/FakeAV-UF] [Backdoor:Win32/Kelihos] [Heur.Trojan.Hlux] [Win32/Kryptik.CASL] [Backdoor.Win32.Kelihos] [W32/Hlux.DNLA!tr.bdr] [Crypt_s.GMK] [Trojan.Win32.Kryptik.CASL] [Win32/Trojan.337]
699e08acdfcaee959d993e4d06bfb610	[HW32.CDB.A965] [Backdoor.Hlux.r3] [Trojan.Win32.Hlux.cxcjld] [Kryptik.CCFN] [Backdoor.Hlux!C9Vjtd8HQw0] [TrojWare.Win32.Kryptik.BZOO] [Trojan.DownLoad3.28912] [Mal/Kelihos-A] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos] [W32/Trojan.YDRM-4099] [Trojan/Win32.Tepfer] [Heur.Trojan.Hlux] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GHF] [Trojan.Win32.Kryptik.BZIX]
981a83b3f0d4a74b0b38becda7c8cb9c	[Artemis!981A83B3F0D4] [Trojan.Win32.Crypt.cxd] [W32/Yakes.FHJN!tr] [Win32/Cryptor]
4cca20614b980e5237e738d8f322f151	[HW32.Laneul.jcwu] [Trojan.Ransom.ED]
038a21f4f89d526f853bba2a18b81708	[Worm.Win32.Ngrbot.afvw] [Win32.HLLW.Autoruner2.1926] [TR/Crypt.Xpack.77749]

Whois

Property	Value
Email	domainadmin@yahoo-inc.com
NameServer	NS2.YAHOO.COM
Created	1997-02-26 00:00:00
Changed	2015-01-26 00:00:00
Expires	2016-02-27 00:00:00
Registrar	MARKMONITOR INC.

DNS Resolutions

Date	IP Address
2013-12-19	68.180.206.184 (ClassC)
2014-03-07	74.6.50.24 (ClassC)
2014-05-24	212.82.102.24 (ClassC)
2014-05-30	74.6.50.24 (ClassC)
2014-07-13	77.238.184.24 (ClassC)
2015-05-24	-
2019-12-11	98.136.103.24 (ClassC)
2023-07-18	124.108.115.100 (ClassC)
2023-08-15	98.136.103.23 (ClassC)
2023-10-30	106.10.248.150 (ClassC)
2024-01-14	44.228.206.170 (ClassC)
2024-02-16	34.225.127.72 (ClassC)
2024-03-01	13.251.69.97 (ClassC)
2024-03-11	18.136.37.69 (ClassC)
2024-03-15	54.161.105.65 (ClassC)
2025-07-05	76.223.84.192 (ClassC)
2025-08-08	13.248.158.7 (ClassC)

HTTP/1.1 301 Moved PermanentlyDate: Tue, 18 Jul 2023 23:21:45 GMTConnection: keep-aliveVia: http/1.1 src4.ops.sg3.yahoo.com (ApacheTrafficServer)Server: ATSCache-Control: no-storeContent-Type: text/ht

!DOCTYPE html>html langen-us>  head>    meta http-equivcontent-type contenttext/html; charsetUTF-8>    meta charsetutf-8>    title>Yahoo/title>    meta nameviewport contentwidthdevice-width,initial-scale1,minimal-ui>    meta http-equivX-UA-Compatible contentIEedge,chrome1>    style>      html {          height: 100%;      }      body {          background: #fafafc url(https://s.yimg.com/nn/img/sad-panda-201402200631.png) 50% 50%;          background-size: cover;          height: 100%;          text-align: center;          font: 300 18px helvetica neue, helvetica, verdana, tahoma, arial, sans-serif;          margin: 0;      }      table {          height: 100%;          width: 100%;          table-layout: fixed;          border-collapse: collapse;          border-spacing: 0;          border: none;      }      h1 {          font-size: 42px;          font-weight: 400;          color: #400090;      }      p {          color: #1A1A1A;      }      #message-1 {          font-weight: bold;          margin: 0;      }      #message-2 {          display: inline-block;          *display: inline;          zoom: 1;          max-width: 17em;          _width: 17em;      }      /style>      script>            /script>  /head>  body>  !-- status code : 301 -->  !-- Could not process this request -->  !-- host machine: src4.ops.sg3.yahoo.com -->  !-- timestamp: 1689722505.554 -->  !-- url: http://yaho.com/-->  script typetext/javascript>    function buildUrl(url, parameters){      var qs  ;      for(var key in parameters) {        var value  parameterskey;        qs.push(encodeURIComponent(key) +  + encodeURIComponent(value));      }      url  url + ? + qs.join(&);      return url;    }    function generateBRBMarkup(site) {      params.source  brb;      generateBeaconMarkup(params);      var englishHeader  Will be right back...;      var englishMessage1  Thank you for your patience.;      var englishMessage2  Our engineers are working quickly to resolve the issue.;      var defaultLogoStyle  ;      var siteDataMap  {        default

Subdomains

Date	Domain	IP
add.yaho.com	2025-03-10	76.223.84.192
finance.yaho.com	2015-04-01	188.125.73.108
in.mobile.yaho.com	2014-05-03	74.6.50.24
advocatehealth.yaho.com	2025-01-27	13.248.158.7
hk.yaho.com	2015-04-02	188.125.73.108
autodiscover.yaho.com	2023-07-12	98.136.103.23
answer.yaho.com	2015-01-14	74.6.50.150
att.yaho.com	2024-02-28	34.213.101.254
tw.yaho.com	2014-05-06	74.6.50.24
www.yaho.com	2014-10-14	188.125.73.108
mx.yaho.com	2014-09-26	74.6.50.150

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > yaho.com

Is this malicious?

Files that talk to yaho.com

Whois

DNS Resolutions

Port 80

Subdomains