Report - down.youtubedownloader.guru/svr2/Music_Downloader

Report Overview

Submitted URL
down.youtubedownloader.guru/svr2/Music_Downloader_Guru.exe
IP
66.165.241.118
ASN
#29802 HVC-AS
Submitted
2023-06-03 16:27:23
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
1

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
down.youtubedownloader.guru	unknown	2014-03-31	2016-08-15	2023-05-29	430 B	755 B	66.165.241.118
nocache2.youtubemusicdownloader.us	unknown	2010-11-22	2017-01-27	2023-05-29	542 B	753 B	66.165.241.118
download2.youtubemusicdownloader.us	unknown	2010-11-22	2022-07-14	2023-05-29	435 B	4.9 MB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-03 16:27:06	high	188.114.96.1	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP
2023-06-03 16:27:06	low	188.114.96.1	Client IP	ET INFO EXE - Served Attached HTTP

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
download2.youtubemusicdownloader.us/php/download.php?src=online
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET

File type
PE32 executable (GUI) Intel 80386, for MS Windows\012- data
Size
4.9 MB (4894143 bytes)
Hash
033061658a53da3b7fedc98ddc8aeacd
0f6a1edfec893f97ac9f123182eabe8f1d671db4
44a75ce26f5c2317cd56be5569f70f87b475e3eb8cec413b634db18d6eedfe55

Detections

Analyzer	Verdict	Alert
VirusTotal	5/71	VirusTotal -

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

down.youtubedownloader.guru/svr2/Music_Downloader_Guru.exe

66.165.241.118

302 Found

370 B

URL User Request GET HTTP/1.1
down.youtubedownloader.guru/svr2/Music_Downloader_Guru.exe
IP
66.165.241.118:80
ASN
#29802 HVC-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
370 B (370 bytes)
Hash
a4d22102ef7b826d779d3024c8ffdfd5
b397c5664abd2a3f158f52fcd75701ceb19aac58
9c82e2e1dcd2a25f4c4f7812f70416e422c0c1024068767f36ad69cb6e1b8dd3

HTTP Headers

GET /svr2/Music_Downloader_Guru.exe HTTP/1.1
Host: down.youtubedownloader.guru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sat, 03 Jun 2023 16:27:05 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: http://nocache2.youtubemusicdownloader.us/download/pro/Youtube_Music_Downloader_Pro_Setup.exe
Cache-Control: max-age=7200
Expires: Sat, 03 Jun 2023 18:27:05 GMT
Content-Length: 370
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

nocache2.youtubemusicdownloader.us/download/pro/Youtube_Music_Downloader_Pro_Setup.exe

66.165.241.118

301 Moved Permanently

379 B

URL User Request GET HTTP/1.1
nocache2.youtubemusicdownloader.us/download/pro/Youtube_Music_Downloader_Pro_Setup.exe
IP
66.165.241.118:443
ASN
#29802 HVC-AS

Certificate
IssuerZeroSSL
Subjectyoutubemusicdownloader.us
Fingerprint03:86:B5:DB:FE:70:D0:17:44:88:F0:03:15:EB:78:C4:95:80:07:3C
ValidityFri, 07 Apr 2023 00:00:00 GMT - Thu, 06 Jul 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
379 B (379 bytes)
Hash
47b94c7a7b7340dfa5effe26528f89a9
d97427c56b249bffbeea010258d2bab0a5c48d79
828b19c3ed41e05313f3ec3a1d25eb7e58732fec3324d646f4e04ef42a92e367

HTTP Headers

GET /download/pro/Youtube_Music_Downloader_Pro_Setup.exe HTTP/1.1
Host: nocache2.youtubemusicdownloader.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Jun 2023 16:27:06 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: http://download2.youtubemusicdownloader.us/php/download.php?src=online
Cache-Control: max-age=1800
Expires: Sat, 03 Jun 2023 16:57:06 GMT
Content-Length: 379
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

download2.youtubemusicdownloader.us/php/download.php?src=online

188.114.96.1

200 OK

4.9 MB

URL User Request GET HTTP/1.1
download2.youtubemusicdownloader.us/php/download.php?src=online
IP
188.114.96.1:80
ASN
#13335 CLOUDFLARENET

File type
PE32 executable (GUI) Intel 80386, for MS Windows\012- data
Size
4.9 MB (4894143 bytes)
Hash
033061658a53da3b7fedc98ddc8aeacd
0f6a1edfec893f97ac9f123182eabe8f1d671db4
44a75ce26f5c2317cd56be5569f70f87b475e3eb8cec413b634db18d6eedfe55

Detections

Analyzer	Verdict	Alert
VirusTotal	5/71	VirusTotal -

NIDS	Severity	Alert
suricata	high	ET POLICY PE EXE or DLL Windows file download HTTP
suricata	low	ET INFO EXE - Served Attached HTTP

HTTP Headers

GET /php/download.php?src=online HTTP/1.1
Host: download2.youtubemusicdownloader.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Jun 2023 16:27:06 GMT
Content-Type: octet-stream
Content-Length: 4894143
Connection: keep-alive
Content-Description: File Transfer
Content-Disposition: attachment; filename="Youtube_Music_Downloader_Setup.exe"
Content-Transfer-Encoding: binary
Expires: 0
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Vary: User-Agent,Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rdSv7LAOtXMl0lXyYGCne71RXm6gz3jotQ2b8qJuwQggK7c3cdj2JAOkYK6V%2BnoYLtC6zxCWAXSrYU0OQWVW4%2F4OH1Oqw8DSvF%2BSe3sZZGNFvbjc4JehQa8fGlFo5dbAVX0RphLzjrtHci2IQW94A9dvjT2skg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7d194d3558b60b65-OSL
alt-svc: h2=":443"; ma=60

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (0)

HTTP Transactions (3)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers