The domain youtubedownloader.com registered by HOW Inc. was initially registered in July of 2006 through REALTIME REGISTER BV. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Phoenix, Arizona within the United States which resides on the CloudFlare, Inc. network. The domain uses the CloudFlare CDN, a distributed domain name server service which utilizes a number of reverse proxy IP Addresses (see below).
REALTIME REGISTER BV
Arizona, United States (US)
Tuesday, July 25, 2006
Wednesday, July 25, 2018
Wednesday, September 25, 2013
AS13335 CLOUDFLARENET - CloudFlare, Inc.,US
Detections (82% detected)
PUP.ISfreemium.a, PUP.How.FYTDownloader.Bundler.Installer.Meta (M), PUP.Tightrope, PUP.Installer.BonjoySoftware.X, Threat.Installer.BonjoySoftware, PUP.BonjoySoftware.Installer (M), Threat.Win.Reputation.IMP, PUP.Vitzo (M), PUP.BonjoySo.Installer (M), PUP.Vitzo.Installer (M)
Win32/InstallCore.CF (variant), Win32/OpenCandy, Win32/OpenCandy (variant), Win32/OpenCandy.A potentially unsafe (variant)
Adware.InstallCore.124, Adware.Somoto.1, Adware.OpenCandy.72, Adware.OpenCandy.139, Adware.Zugo.71, Adware.OpenCandy.144
InstallCore, DownloadAdmin, Opencandy
ADWARE/InstallCore.Gen7, APPL/Somoto.Gen2, ADWARE/Adware.Gen, W32/Virut.Gen, PUA/OpenCandy.Gen
Trojan.Win32.OpenCandy, Trojan.Win32.Toolbar, Adware.Win32.OpenCandy
Win32.Troj.Generic.a.(kcloud), Win32.Troj.Generic.(kcloud), Win32.Virut.nd.53248
Artemis!B9F049D7247C, Artemis!61CC5EB8581F, Artemis!E8C3BC80F1D0, Artemis!33269FCBED24, Artemis!9AD99FED4AEB
Trend Micro House Call
TROJ_GEN.F47V0725, Suspicious_GEN.F47V0108, Suspicious_GEN.F47V0305, TROJ_GEN.R0C1H07DH15
McAfee Web Gateway
PE:Malware.XPACK-LNR/Heur!1.5594, Trojan.Win32.Generic.14C08A42, PE:Win32.Virut.cl!1523074
K7 Gateway Antivirus
Win32.Application.DownloadAdmin, Win32.Virtob.Gen.12, Win32.Trojan.Agent.95WKEY
The domain youtubedownloader.com has been seen to resolve to the following 4 IP addresses.
File downloads found at URLs served by youtubedownloader.com.
The following file have been seen to comunicate with youtubedownloader.com in live environments.
“Free YouTube Downloader & Converter for MP3 music and HD MP4 video”
“Free YouTube Downloader offers the fastest and easiest way to download video or music from YouTube! With support for Full HD and 4k video at 60fps”
SSL certificate subject:
CN=ssl276652.cloudflaressl.com, OU=PositiveSSL Multi-Domain, OU=Domain Control Validated
SSL certificate issuer:
CN=COMODO RSA Domain Validation Secure Server CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB
cloudflare-nginx (W3 Total Cache/0.9.4.1)
Statistics above are for the previous month of March 2017.