#Fields: id timestamp timestamp_end time-taken c-ip cs-username c-port r-ip r-port cs-uri cs-bytes sc-bytes cs-bodylength sc-bodylength cs-headerlength sc-headerlength cs(User-Agent) rs(Content-Type) cs-method sc-status cs(Referer) N/A N/A N/A x-risk-score rs(Location) s-action label 1 1518536636.8205655 1518536637.5434458 723 192.168.1.120 - 49165 5.79.67.111 80 http://get.ytddownloader.com/kits/ytdd/YTDSetup-1956525952.exe 198 10249003 0 10248600 151 389 'NSIS_Inetc (Mozilla)' application/octet-stream GET 200 - - - - - - - CTU.336.1.Malicious 2 1518536637.8826811 1518536638.4662921 584 192.168.1.120 - 49166 5.79.67.111 80 http://get.ytddownloader.com/kits/ytdd/YTDSetup-1955524512.exe 198 10249003 0 10248600 151 389 'NSIS_Inetc (Mozilla)' application/octet-stream GET 200 - - - - - - - CTU.336.1.Malicious 3 1518537468.679973 1518537468.7316067 52 192.168.1.120 - 49167 95.211.187.107 80 http://www.youtubedownloadersite.com/images/pixel.gif?action=install&point=start&version=5.9.4&cid=4c324cfd25c9f8f276b682acab85a973&isn=7F26529199DE48FE8FE441861CCA5DD0&kt=ytdd<=0 273 195 0 0 115 181 'NSISDL/1.2 (Mozilla)' text/html; charset=utf-8 GET 200 - - - - - - - CTU.336.1.Malicious 4 1518537468.8509388 1518537468.9008574 50 192.168.1.120 - 49168 95.211.187.107 80 http://www.youtubedownloadersite.com/getcountry.html 144 193 0 2 115 177 'NSISDL/1.2 (Mozilla)' text/html; charset=utf-8 GET 200 - - - - - - - CTU.336.1.Malicious 5 1518537469.049646 1518537472.3923519 3343 192.168.1.120 - 49169 174.37.208.213 80 http://update.freecloudnetwork.com/kits/ebres/eb.zip?cnid=107072&kt=ytdd&v=1 209 665616 0 665344 154 258 'None' application/zip GET 200 - - - - - - - CTU.336.1.Malicious 6 1518537486.5363162 1518537486.5879304 52 192.168.1.120 - 49170 95.211.187.107 80 http://www.youtubedownloadersite.com/images/pixel.gif?action=install&point=start&version=5.9.4&cid=4c324cfd25c9f8f276b682acab85a973&isn=7F26529199DE48FE8FE441861CCA5DD0&kt=ytdd<=0 273 195 0 0 115 181 'NSISDL/1.2 (Mozilla)' text/html; charset=utf-8 GET 200 - - - - - - - CTU.336.1.Malicious 7 1518537525.0015616 1518537525.214966 213 192.168.1.120 - 49171 174.37.208.213 80 http://www.freecloudnetwork.com/kits/EasyBundlingDLL/107072/so.xml?kt=ytdd&wv=6.1&gci=0&rsv=4&dbrw=IE 396 275 0 75 313 186 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/xml; charset=utf-8 GET 200 - - - - - - - CTU.336.1.Malicious 8 1518537525.2831016 1518537525.4819577 199 192.168.1.120 - 49172 174.37.208.213 80 http://www.freecloudnetwork.com/images/pixel.gif?ct=ebd2.15&ies=1&eo=&cnid=107072&kt=ytdd&isn=12111DD7D84F418B905545C2A4123F53&mv=0 264 1480 0 1093 151 373 'None' image/gif GET 200 - - - - - - - CTU.336.1.Malicious 9 1518538778.881195 1518538778.978538 97 192.168.1.120 - 49173 5.79.67.111 80 http://www.ytddownloader.com/images/pixel.gif?src=stub&version=5.9.2.1&kt=ytdd&event=run&exit=2 231 523 0 178 151 316 'NSIS_Inetc (Mozilla)' text/html GET 301 - - - - - https://www.ytddownloader.com/images/pixel.gif?src=stub&version=5.9.2.1&kt=ytdd&event=run&exit=2 - CTU.336.1.Malicious 10 1518538779.5365438 1518538779.6726909 136 192.168.1.120 - 49174 5.79.67.111 443 https://www.ytddownloader.com/images/pixel.gif?src=stub&version=5.9.2.1&kt=ytdd&event=run&exit=2 231 252 0 0 151 238 'NSIS_Inetc (Mozilla)' text/html GET 200 - - - - - - - CTU.336.1.Malicious 11 1518539620.523223 1518539620.5766213 53 192.168.1.120 - 49175 95.211.187.107 80 http://www.youtubedownloadersite.com/images/pixel.gif?action=install&point=finish&oldver=&version=5.9.4&cid=4c324cfd25c9f8f276b682acab85a973&isn=7F26529199DE48FE8FE441861CCA5DD0&kt=ytdd&br=1<=0 287 195 0 0 115 181 'NSISDL/1.2 (Mozilla)' text/html; charset=utf-8 GET 200 - - - - - - - CTU.336.1.Malicious 12 1518539624.162802 1518539624.2097127 47 192.168.1.120 - 49176 5.79.67.111 80 http://www.ytddownloader.com/images/pixel.gif?src=stub&version=5.9.2.1&kt=ytdd&event=run&exit=0 231 523 0 178 151 316 'NSIS_Inetc (Mozilla)' text/html GET 301 - - - - - https://www.ytddownloader.com/images/pixel.gif?src=stub&version=5.9.2.1&kt=ytdd&event=run&exit=0 - CTU.336.1.Malicious 13 1518539625.2074683 1518539625.3313627 124 192.168.1.120 - 49177 5.79.67.111 443 https://www.ytddownloader.com/images/pixel.gif?src=stub&version=5.9.2.1&kt=ytdd&event=run&exit=0 231 252 0 0 151 238 'NSIS_Inetc (Mozilla)' text/html GET 200 - - - - - - - CTU.336.1.Malicious 14 1518539627.598393 1518539627.7197318 121 192.168.1.120 - 49178 95.211.187.107 80 http://www.youtubedownloadersite.com/api/rcsvc.php?kt=ytdd 572 1099 320 800 216 285 'Primeport' text/html; charset=utf-8 POST 200 - - - - - - - CTU.336.1.Malicious 14 1518539628.7283998 1518539628.7606897 32 192.168.1.120 - 49178 95.211.187.107 80 http://www.youtubedownloadersite.com/ads/vday/win.php?inst=20180213&kt=ytdd&isn=7F26529199DE48FE8FE441861CCA5DD0<=30827&ver=5.9.4 295 4232 0 3851 187 367 'Primeport' text/html; charset=utf-8 GET 200 - - - - - - - CTU.336.1.Malicious 14 1518539629.734866 1518539629.7877321 53 192.168.1.120 - 49178 95.211.187.107 80 http://www.youtubedownloadersite.com/ads/spacer.gif 378 1604 0 1095 350 495 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/gif GET 200 - - - - - - - CTU.336.1.Malicious 15 1518539629.8535585 1518539629.8657956 12 192.168.1.120 - 49182 216.58.201.78 80 http://www.google-analytics.com/ga.js 364 46818 0 46275 345 529 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/javascript GET 200 - - - - - - - CTU.336.1.Malicious 16 1518539629.7410636 1518539630.0333395 292 192.168.1.120 - 49179 95.211.187.107 80 http://www.youtubedownloadersite.com/ads/vday/vday-win-bg.gif 388 7889 0 7379 350 496 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/gif GET 200 - - - - - - - CTU.336.1.Malicious 14 1518539629.9976249 1518539630.0366368 39 192.168.1.120 - 49178 95.211.187.107 80 http://www.youtubedownloadersite.com/images/pixel.gif?ev=strtapp&evd=&av=5.9.4&kt=ytdd<=786b&pv=0 224 267 0 0 148 253 'Primeport' text/html; charset=utf-8 GET 200 - - - - - - - CTU.336.1.Malicious 17 1518539630.0745792 1518539630.1265018 52 192.168.1.120 - 49183 95.211.187.107 80 http://www.youtubedownloadersite.com/ads/vday/renew.png 382 1979 0 1470 350 495 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/png GET 200 - - - - - - - CTU.336.1.Malicious 18 1518539629.744629 1518539630.811183 1067 192.168.1.120 - 49180 95.211.187.107 80 http://www.youtubedownloadersite.com/ads/vday/x.gif 378 1614 0 1105 350 495 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/gif GET 200 - - - - - - - CTU.336.1.Malicious 19 1518539629.7550528 1518539631.0586307 1304 192.168.1.120 - 49181 95.211.187.107 80 http://www.youtubedownloadersite.com/ads/vday/vday-win-btn-new.png 393 2775 0 2266 350 495 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/png GET 200 - - - - - - - CTU.336.1.Malicious 20 1518539630.1068678 1518539631.1809363 1074 192.168.1.120 - 49184 5.79.67.111 80 http://www.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 487 592 0 178 342 385 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/html GET 301 - - - - - http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - CTU.336.1.Malicious 16 1518539631.0640619 1518539631.1834817 119 192.168.1.120 - 49179 95.211.187.107 80 http://www.youtubedownloadersite.com/api/rcsvc.php?kt=ytdd 820 1595 568 1296 216 285 'Primeport' text/html; charset=utf-8 POST 200 - - - - - - - CTU.336.1.Malicious 17 1518539631.4494565 1518539631.4902472 41 192.168.1.120 - 49183 95.211.187.107 80 http://www.youtubedownloadersite.com/nag/vday/offer_vday.php?av=5.9.4&inst=20180213&kt=ytdd<=30831&ver=5.9.4 437 4573 0 4192 350 367 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/html; charset=utf-8 GET 200 - - - - - - - CTU.336.1.Malicious 21 1518539631.4505794 1518539631.5170324 66 192.168.1.120 - 49185 5.79.67.111 80 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 492 5326 0 5042 347 270 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/html GET 200 - - - - - - - CTU.336.1.Malicious 18 1518539631.6963952 1518539631.7308044 34 192.168.1.120 - 49180 95.211.187.107 80 http://www.youtubedownloadersite.com/js/util.js 503 8350 0 7802 479 534 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' application/x-javascript; charset=utf-8 GET 200 http://www.youtubedownloadersite.com/nag/vday/offer_vday.php?av=5.9.4&inst=20180213&kt=ytdd<=30831&ver=5.9.4 - - - - - - CTU.336.1.Malicious 22 1518539631.842003 1518539631.907834 66 192.168.1.120 - 49189 5.79.67.111 80 http://download.ytddownloader.com/styles.css 555 30721 0 30204 531 503 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/css GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 23 1518539631.7953649 1518539632.0289056 234 192.168.1.120 - 49186 172.217.23.202 80 http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js 519 57877 0 57254 469 609 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/javascript; charset=UTF-8 GET 200 http://www.youtubedownloadersite.com/nag/vday/offer_vday.php?av=5.9.4&inst=20180213&kt=ytdd<=30831&ver=5.9.4 - - - - - - CTU.336.1.Malicious 21 1518539631.7951417 1518539632.0694132 274 192.168.1.120 - 49185 5.79.67.111 80 http://download.ytddownloader.com/styles.css 555 30721 0 30204 531 503 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/css GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 24 1518539632.7243483 1518539632.7377577 13 192.168.1.120 - 49190 172.217.23.202 80 http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js 574 93252 0 92629 524 609 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/javascript; charset=UTF-8 GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 25 1518539631.810079 1518539632.896007 1086 192.168.1.120 - 49187 5.79.67.111 80 http://download.ytddownloader.com/js/main.js 555 3212 0 2679 531 519 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' application/x-javascript GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 22 1518539632.7789783 1518539632.943641 165 192.168.1.120 - 49189 5.79.67.111 80 http://download.ytddownloader.com/images/sprite.png 562 227901 0 227388 531 499 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/png GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 16 1518539633.3304331 1518539633.3890464 59 192.168.1.120 - 49179 95.211.187.107 80 http://www.youtubedownloadersite.com/nag/vday/vday-btn.png 514 2970 0 2461 479 495 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/png GET 200 http://www.youtubedownloadersite.com/nag/vday/offer_vday.php?av=5.9.4&inst=20180213&kt=ytdd<=30831&ver=5.9.4 - - - - - - CTU.336.1.Malicious 19 1518539633.3297765 1518539634.4125068 1083 192.168.1.120 - 49181 95.211.187.107 80 http://www.youtubedownloadersite.com/nag/vday/vday-bg-win.gif 517 19884 0 19373 479 497 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/gif GET 200 http://www.youtubedownloadersite.com/nag/vday/offer_vday.php?av=5.9.4&inst=20180213&kt=ytdd<=30831&ver=5.9.4 - - - - - - CTU.336.1.Malicious 26 1518539635.624905 1518539635.6813405 56 192.168.1.120 - 49191 5.79.67.111 80 http://download.ytddownloader.com/js/main.js 555 3212 0 2679 531 519 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' application/x-javascript GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 27 1518539636.43214 1518539636.468875 37 192.168.1.120 - 49192 216.58.201.78 80 http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=200120918&utmhn=download.ytddownloader.com&utmcs=utf-8&utmsr=819x583&utmvp=763x340&utmsc=32-bit&utmul=en-us&utmje=1&utmfl=10.0%20r22&utmdt=YTD%20Video%20Converter&utmhid=1544129766&utmr=-&utmp=%2Fthankyou.html%3Fisn%3D7F26529199DE48FE8FE441861CCA5DD0%26lang%3D1033%26cid%3D4c324cfd25c9f8f276b682acab85a973%26oldVer%3D%26newVer%3D5.9.4%26kt%3Dytdd%26pv%3D0&utmht=1518539636421&utmac=UA-25210420-2&utmcc=__utma%3D205907846.741798549.1518539636.1518539636.1518539636.1%3B%2B__utmz%3D205907846.1518539636.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1444835398&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ 1202 455 0 35 529 406 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/gif GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 28 1518539636.5806794 1518539636.6498134 69 192.168.1.120 - 49194 31.13.91.6 80 http://connect.facebook.net/en_US/all.js 551 212728 0 211815 525 899 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' application/x-javascript; charset=utf-8 GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 29 1518539636.7334507 1518539636.9211261 188 192.168.1.120 - 49193 23.4.248.121 443 https://s7.addthis.com/js/250/addthis_widget.js 557 359860 0 359279 519 567 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' application/javascript GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 30 1518539642.1621206 1518539642.438818 277 192.168.1.120 - 49195 31.13.91.6 80 http://staticxx.facebook.com/connect/xd_arbiter/r/lY4eZXm_YWu.js?version=42 728 44064 0 42924 668 1126 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/html; charset=utf-8 GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 31 1518539642.6561577 1518539642.9798405 324 192.168.1.120 - 49197 31.13.91.6 443 https://staticxx.facebook.com/connect/xd_arbiter/r/lY4eZXm_YWu.js?version=42 728 44064 0 42924 668 1126 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' text/html; charset=utf-8 GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 32 1518539642.404134 1518539643.032797 629 192.168.1.120 - 49196 31.13.91.36 443 https://www.facebook.com/impression.php/f3f02d77cbee128/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D 615 949 0 43 521 892 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/gif GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious 26 1518539654.456314 1518539654.526402 70 192.168.1.120 - 49191 5.79.67.111 80 http://download.ytddownloader.com/favicon.ico 570 23000 0 22486 545 500 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' image/x-icon GET 200 - - - - - - - CTU.336.1.Malicious 33 1518539654.7671719 1518539655.2634966 496 192.168.1.120 - 49198 212.124.124.178 443 https://www.1-1ads.com/js/show_ads_supp.js?pubId=5465 563 30258 0 29962 519 282 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0)' application/javascript;charset=utf-8 GET 200 http://download.ytddownloader.com/thankyou.html?isn=7F26529199DE48FE8FE441861CCA5DD0&lang=1033&cid=4c324cfd25c9f8f276b682acab85a973&oldVer=&newVer=5.9.4&kt=ytdd&pv=0 - - - - - - CTU.336.1.Malicious