Report - gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk

Report Overview

Visited public
2025-03-21 11:35:43
Tags
URL
gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk
Finishing URL
gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk
IP / ASN
104.21.81.252
#13335 CLOUDFLARENET
Title
This website has been temporarily rate limited | gh.ddlc.top | Cloudflare

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gh.ddlc.top	unknown	2020-12-02	2021-02-13	2025-03-21	1.9 kB	44 kB	172.67.150.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-03-21 11:35:21	medium	Client IP	172.67.150.35	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-21	medium	ddlc.top	Sinkholed
2025-03-21	medium	ddlc.top	Sinkholed
2025-03-21	medium	ddlc.top	Sinkholed
2025-03-21	medium	ddlc.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk	ScriptElement	210 B	2023-03-07	2025-06-10
Pretty URL gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk IP 172.67.150.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-10 05:00 Times Seen105091 Hash ab1ac4cf0f484cc9f859c0a7983353e0 2da142b1135bd10cdbed4a7353e4483acc30ebe9 50e878a18b2b5be7071dc7c10297381bcfcb55f17c27760ee857af9e31133324 Loading...

	gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk	ScriptElement	375 B	2023-03-07	2025-06-10
Pretty URL gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk IP 172.67.150.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-10 05:00 Times Seen107895 Hash 56df91490fa1984fa82b297dcb23c22d 2050f127b73f50d21eb9b0a2a3f2aea7d4372ba9 275407540ae2d5516300e4027ce994e1c97f958d464e137d0fff116d7acf0f24 Loading...

	gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk	ScriptElement	38 B	2023-03-07	2025-06-10
Pretty URL gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk IP 172.67.150.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-10 03:41 Times Seen105399 Hash eb2ee6e4b3d4e81bacdb2474d9b3c2f5 6588855b25c975b224e0fd1b50ca1b3f36cd46ed 3dd83a652b2e60d8dfc699cd2006f70007b826a92b49e61e9194bf422481ac05 Loading...

HTTP Transactions (4)

URL IP Response Size

gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk

172.67.150.35

429 Too Many Requests

5.5 kB

URL User Request GET
gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk
IP
172.67.150.35:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5814), with no line terminators
Size
5.5 kB (5529 bytes)
Hash
328c7d1b0ae8398c1299ff52ed658a77
e348d18c009e9590f6cd348e247bd4dbd63a78f2
528fde03488fe186e1447c7dee114d88ebee6400ea388baf6999333a610b6194

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk HTTP/1.1
Host: gh.ddlc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 429 Too Many Requests
Date: Fri, 21 Mar 2025 11:35:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JK2prEqMrIDNpVdDy09Ke73K9A6cruIJWLvuaB6VTeXHekSKS8pREIKhssmUfqtO7M%2BAZuFmCqFO1fTUQtwmiDh0rPbdoNJadawPim8jFXveAykDtCsG1raqOJ57Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 923d2538ff0fe6d0-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23414&min_rtt=23414&rtt_var=11707&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=487&delivery_rate=0&cwnd=77&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

gh.ddlc.top/cdn-cgi/styles/cf.errors.css

172.67.150.35

200 OK

24 kB

URL GET
gh.ddlc.top/cdn-cgi/styles/cf.errors.css
IP
172.67.150.35:80
ASN
#13335 CLOUDFLARENET

Requested by
http://gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk

File type
ASCII text, with very long lines (24050)
Size
24 kB (24051 bytes)
Hash
5e8c69a459a691b5d1b9be442332c87d
f24dd1ad7c9080575d92a9a9a2c42620725ef836
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: gh.ddlc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 21 Mar 2025 11:35:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 14 Mar 2025 21:23:45 GMT
ETag: W/"67d49e61-5df3"
Server: cloudflare
CF-RAY: 923d253a1955e6d0-AMS
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 21 Mar 2025 13:35:21 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip

gh.ddlc.top/favicon.ico

172.67.150.35

429 Too Many Requests

5.5 kB

URL GET
gh.ddlc.top/favicon.ico
IP
172.67.150.35:80
ASN
#13335 CLOUDFLARENET

Requested by
http://gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5814), with no line terminators
Size
5.5 kB (5529 bytes)
Hash
a1cc1dd1ce6ace88de92f0329e364d26
79953aab9a1a613fb70a1dceb22e77dff82967bd
526dbe923be65c3b688c2449a1276ea41ddbca61419cf0f2e7c899c93f505c4a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: gh.ddlc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 429 Too Many Requests
Date: Fri, 21 Mar 2025 11:35:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MnNBayq%2Fhv%2B7g2qewLdCRYtQXtI4oSd01EVBDpY8vMK5m1rvIYD4UT7L1Yb%2F6pThsoNEHwgRpzNSQG%2BGlM8JdsnjSGnh6tb7yjIht05rOZV0dsz%2F1djagqulamQy4g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 923d253aba6ee6d0-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=23456&min_rtt=23267&rtt_var=553&sent=12&recv=16&lost=0&retrans=0&sent_bytes=11506&recv_bytes=1373&delivery_rate=349322&cwnd=85&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk

104.21.81.252

429 Too Many Requests

5.5 kB

URL User Request GET
gh.ddlc.top/https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk
IP
104.21.81.252:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgh.ddlc.top
FingerprintCF:F3:B7:43:D9:7C:B4:82:5B:0C:85:0B:C3:00:DF:8F:1D:B5:C3:EF
ValidityWed, 19 Mar 2025 19:58:03 GMT - Tue, 17 Jun 2025 20:58:01 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5814), with no line terminators
Size
5.5 kB (5529 bytes)
Hash
8052ca94aa79e7f02af2999e0c1d50a8
b01247e0d70c490f6b19e8f7863c458338110d9c
b759d4ffd87d5b79891c23159a639c67b86d574ad8ad90c046267bc498e6541d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /https:/github.com/deniscerri/ytdlnis/releases/download/v1.7.9/YTDLnis-1.7.9-x86-release.apk HTTP/1.1
Host: gh.ddlc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 429 Too Many Requests
date: Fri, 21 Mar 2025 11:35:21 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JYscp0EMd4jl3uIsAf6JraecYZEgKgtTEfenboci7xypWDmR8A%2FtrpV0t85POIxXLYsEtl2FqkgA2uOKMpJLmKbijDeCMiBvGKLevA7lTzIKPLIPFcyzrcgTJ4QQ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 923d2537dfb2a86c-RIX
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=15547&min_rtt=15520&rtt_var=3317&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3257&recv_bytes=1280&delivery_rate=278194&cwnd=252&unsent_bytes=0&cid=1750991f8ee85103&ts=49&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (4)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers