Report - y2down.cc/en/

Report Overview

Visited public
2025-06-22 00:43:13
Tags
Submit Tags
URL
y2down.cc/en/
Finishing URL
y2down.cc/enXE/
IP / ASN
104.21.85.43
#13335 CLOUDFLARENET
Title
Y2DOWN - YouTube 1080p 1440p 4K 8K Video Downloader

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
y2down.cc	unknown	2022-05-30	2022-06-02	2025-06-19	3.1 kB	795 kB	172.67.202.71
push-sdk.com	unknown	2022-10-25	2022-12-23	2025-06-17	867 B	56 kB	157.90.33.72
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-06-18	430 B	376 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	From	Size	First Seen	Last Seen
	y2down.cc/enXE/	ScriptElement	72 B	2023-03-08	2025-07-05
Pretty URL y2down.cc/enXE/ IP 172.67.202.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:44 Last Seen2025-07-05 22:07 Times Seen88 Hash 689497df33660bf527f52b4af9a4cb36 ec5ae0d0344ccc1ec204eb86038f29108bc30863 31f125a33ea064ae852aaa46d5730ff2e693124de0788f7ad9d873d22954be50 Loading...

	y2down.cc/enXE/	ScriptElement	233 B	2025-06-07	2025-07-05
Pretty URL y2down.cc/enXE/ IP 172.67.202.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:52 Last Seen2025-07-05 22:07 Times Seen9 Hash 17da44c84465d6410d6eb06699e066c9 df60c2cd80ee8c7a67b2e749b9fd98d5da723886 74b02326aa5607ec2918d345371cf230f87b00dfaad9072124509a4d06d2533a Loading...

	y2down.cc/enXE/	ScriptElement	1.7 kB	2025-06-07	2025-07-05
Pretty URL y2down.cc/enXE/ IP 172.67.202.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:52 Last Seen2025-07-05 22:07 Times Seen10 Hash 810eb91a3a9bd64c0557b91938588266 3e210228100986fedeafd2766c4eb0ab199de9db 0241b120087139804a2132fe16251e4655640d9ce33b7667b6faed5b109dd915 Loading...

	y2down.cc/enXE/	ScriptElement	54 B	2023-08-03	2025-07-05
Pretty URL y2down.cc/enXE/ IP 172.67.202.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-03 14:32 Last Seen2025-07-05 22:07 Times Seen21 Hash 0467c625542d5e6b28f5347a9112727d 8cf65bcdce70b9a2ff195c8be22d7bf31e5c728c 65754546e94929d657f4162d89513b98f3ea20fa4dea4811a6f1de261837eda3 Loading...

	push-sdk.com/f/sdk.js?z=1081333	ScriptElement	55 kB	2025-04-01	2025-07-06
Pretty URL push-sdk.com/f/sdk.js?z=1081333 IP 157.90.33.72 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-01 19:54 Last Seen2025-07-06 00:15 Times Seen260 Hash f4d87b22393ed5eef57d01d86c6a88f6 5e1aaee78cd735c23cc423fc863decca30aee219 91cf9b34af48f3b62d706127b1140c89d8bb3a5455120acd2cfcfc41ab4ad5ee Loading...

	www.googletagmanager.com/gtag/js?id=G-7EK4N0Y4LJ	ScriptElement	375 kB	2025-06-22	2025-06-22
Pretty URL www.googletagmanager.com/gtag/js?id=G-7EK4N0Y4LJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-22 00:43 Last Seen2025-06-22 00:43 Times Seen1 Hash c19ebd05c1292c6a4bdbee45aa4febd7 1d4031ab3c9c185ca3aaf2e74d81f667f158387b 5f9eeb0f4d5f9e386f5c6a5c4329f3164c056e0695c8698fd2f1b8c08ed43809 Loading...

	y2down.cc/enXE/	ScriptElement	11 kB	2025-06-07	2025-07-05
Pretty URL y2down.cc/enXE/ IP 172.67.202.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:52 Last Seen2025-07-05 22:07 Times Seen10 Hash 2e97e817f21776e5186beddfaa6c79bc a958bf456a29a5fa490afdc06b23b12afcea4f33 233c22ba5515846a5a2372eee9cdf041de46f70b8d43c38ca9c9e5b3427ab74c Loading...

	y2down.cc/enXE/	ScriptElement	2.3 kB	2025-02-13	2025-07-05
Pretty URL y2down.cc/enXE/ IP 172.67.202.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-13 12:08 Last Seen2025-07-05 22:07 Times Seen14 Hash 16fa5ebef49b057d73cdbe9625b15c17 cf8b800b57fe5cc2139943fff1cccdf6890917db 1cb9c58c9da28c2cc86f1d0e4c3d4306fba9c577694ac1c7d2f5b451b37a17df Loading...

	y2down.cc/enXE/	ScriptElement	51 kB	2024-05-14	2025-07-05
Pretty URL y2down.cc/enXE/ IP 172.67.202.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-14 03:07 Last Seen2025-07-05 22:07 Times Seen17 Hash 37baccc54b95b95eb890f949d8a74240 d17ebe3ed3a9775c0a23b8ef9b00368e91331b20 ac7fa52e7a9e47e08855b1e98063fe93264a2a979c2de2536d555099d7aa1624 Loading...

	y2down.cc/enXE/	ScriptElement	2.6 kB	2024-05-14	2025-07-05
Pretty URL y2down.cc/enXE/ IP 172.67.202.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-14 03:07 Last Seen2025-07-05 22:07 Times Seen17 Hash c5b7f146e2ea7c111eccc229207e18d7 c4767be8b46eb7b5e2306fe4bfd77c5fdd0c6503 84400efa5c608c12cbe2cf528596f954bf9e3b93c2a3f8dc80a56c2f1e6cdaa5 Loading...

	y2down.cc/enXE/	ScriptElement	1.5 kB	2024-05-14	2025-07-05
Pretty URL y2down.cc/enXE/ IP 172.67.202.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-14 03:07 Last Seen2025-07-05 22:07 Times Seen17 Hash a7118476c5da3898e02b6de9b3eefbd4 d9a82b023feced6b5d25848a3bdd77cda7ab0264 b4af0bdfa424f793136c2eaebb507cc35d803d8284dc415564ae814e429ded66 Loading...

	y2down.cc/enXE/	ScriptElement	54 kB	2025-06-07	2025-07-05
Pretty URL y2down.cc/enXE/ IP 172.67.202.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:52 Last Seen2025-07-05 22:07 Times Seen10 Hash f7178264912147ab13178d4114e3648a 81b101ddd6dcf074a56d60fc53beca2189385cf0 902ba9f66ac5355677b2df8f590e7fdadab06d7407aca916427e60672d32b0db Loading...

HTTP Transactions (10)

	URL	IP	Response	Size
	GET y2down.cc/assets/firefox.svg	172.67.202.71	200 OK	34 kB
URL GET y2down.cc/assets/firefox.svg IP 172.67.202.71:443 ASN #13335 CLOUDFLARENET Requested by https://y2down.cc/enXE/ Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type SVG Scalable Vector Graphics image Size 34 kB (33785 bytes) Hash c214d7548e9dfe83e9093eb04407262e 7078117a4bf243ba663ae44e576032cc79826b4e 10d54aa020a7363073ef8c137808861137dc6e6fffd3d0f8c95f0a6d15e716e2 HTTP Headers `GET /assets/firefox.svg HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/enXE/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Sun, 22 Jun 2025 00:42:41 GMT content-type: image/svg+xml nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c3lgUbl4lJidyA4GjyZIfeHUjws6VgjpjiCF3CZ9ByzlVlGjOBn%2BvxtCBbPIQd7esl72qO0fH49XJjdpSxvFKWoW8LzViqgHrE9BghIv0yMIEe4y%2Fbetgwq1xsg%3D"}],"group":"cf-nel","max_age":604800} last-modified: Wed, 10 Apr 2024 21:22:34 GMT vary: Accept-Encoding etag: "6617031a-83f9" content-encoding: gzip age: 8182 cache-control: max-age=3600 cf-cache-status: HIT cf-ray: 9537b508aae5568e-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=763&min_rtt=0&rtt_var=346&sent=182&recv=144&lost=0&retrans=0&sent_bytes=105643&recv_bytes=8796&delivery_rate=15373577&ss_exit_cwnd=14895&ss_exit_reason=2&cwnd=16706&unsent_bytes=0&cid=b5d173e59660ffd1&ts=768&inflight_dur=54&x=44"

	POST push-sdk.com/event?z=1081333	157.90.33.72	200 OK	0 B
URL POST push-sdk.com/event?z=1081333 IP 157.90.33.72:443 ASN #24940 Hetzner Online GmbH Requested by https://y2down.cc/enXE/ Certificate IssuerLet's Encrypt Subjectpush-sdk.com Fingerprint2E:9A:67:76:0E:42:81:D5:30:A2:76:47:85:CA:6C:D7:FD:FF:38:9C ValidityThu, 05 Jun 2025 03:47:05 GMT - Wed, 03 Sep 2025 03:47:04 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /event?z=1081333 HTTP/1.1 Host: push-sdk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 83 Origin: https://y2down.cc DNT: 1 Connection: keep-alive Referer: https://y2down.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: Angie date: Sun, 22 Jun 2025 00:42:41 GMT content-length: 0 access-control-allow-origin: https://y2down.cc access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token access-control-expose-headers: Authorization cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store pragma: no-cache expires: Tue, 11 Jan 1994 00:00:00 GMT accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64 X-Firefox-Spdy: h2

	GET y2down.cc/images/banner-3.jpg	172.67.202.71	200 OK	91 kB
URL GET y2down.cc/images/banner-3.jpg IP 172.67.202.71:443 ASN #13335 CLOUDFLARENET Requested by https://y2down.cc/enXE/ Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 728x90, components 3 Size 91 kB (91223 bytes) Hash 029a9f2187bc07ed9e1b9a3823613937 dc2225c262ad27a2a7f6a5973a96d860c3a0ba9d 9c0969647cf8bf7f4c2f934baffc46497c2da405822ce29fc014e201560d3447 HTTP Headers `GET /images/banner-3.jpg HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/enXE/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Sun, 22 Jun 2025 00:42:41 GMT content-type: image/jpeg content-length: 91223 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BF33PITqaPXok3wovRmDKrtJ%2BQkDyNOOuBqIIHQfkQFv72UAhD%2Bpl6bo0Wm9p75ZHB%2BrLW8Xszrwf6bNeA9yAs4HbUk5uZTZxBj%2BI8mh3I88Ywm64IIo0Oco9A0%3D"}],"group":"cf-nel","max_age":604800} last-modified: Mon, 02 Sep 2024 14:52:33 GMT etag: "66d5d131-16457" accept-ranges: bytes age: 8366 cache-control: max-age=3600 cf-cache-status: HIT cf-ray: 9537b5081ae0568e-OSL server: cloudflare vary: Accept-Encoding nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=2887&min_rtt=579&rtt_var=2728&sent=96&recv=123&lost=0&retrans=0&sent_bytes=8280&recv_bytes=7170&delivery_rate=567633&ss_exit_cwnd=14895&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=b5d173e59660ffd1&ts=681&inflight_dur=30&x=44"

	GET push-sdk.com/f/sdk.js?z=1081333	157.90.33.72	200 OK	55 kB
URL GET push-sdk.com/f/sdk.js?z=1081333 IP 157.90.33.72:443 ASN #24940 Hetzner Online GmbH Requested by https://y2down.cc/enXE/ Certificate IssuerLet's Encrypt Subjectpush-sdk.com Fingerprint2E:9A:67:76:0E:42:81:D5:30:A2:76:47:85:CA:6C:D7:FD:FF:38:9C ValidityThu, 05 Jun 2025 03:47:05 GMT - Wed, 03 Sep 2025 03:47:04 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (54745), with no line terminators Size 55 kB (54787 bytes) Hash f4d87b22393ed5eef57d01d86c6a88f6 5e1aaee78cd735c23cc423fc863decca30aee219 91cf9b34af48f3b62d706127b1140c89d8bb3a5455120acd2cfcfc41ab4ad5ee HTTP Headers `GET /f/sdk.js?z=1081333 HTTP/1.1 Host: push-sdk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: Angie date: Sun, 22 Jun 2025 00:42:41 GMT content-type: application/javascript; charset=utf-8 content-length: 15242 content-encoding: gzip cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate vary: Accept-Encoding X-Firefox-Spdy: h2`

	GET y2down.cc/cdn-cgi/trace	172.67.202.71	200 OK	266 B
URL GET y2down.cc/cdn-cgi/trace IP 172.67.202.71:443 ASN #13335 CLOUDFLARENET Requested by https://y2down.cc/enXE/ Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type ASCII text Size 266 B (266 bytes) Hash e87b1874636de0520a80636d043dd395 a11f82bc00374f53e3cf537a3f74be4bc80882cc 2030939bbe6793cd443024832a94ad611485b5b2566ab995bbc61f2b9b104817 HTTP Headers `GET /cdn-cgi/trace HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://y2down.cc/enXE/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/3 200 OK date: Sun, 22 Jun 2025 00:42:41 GMT content-type: text/plain cache-control: no-cache content-encoding: gzip access-control-allow-origin: * server: cloudflare cf-ray: 9537b5089ae4568e-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Thu, 01 Jan 1970 00:00:01 GMT`

	GET y2down.cc/ads.js	172.67.202.71	404 Not Found	6.6 kB
URL GET y2down.cc/ads.js IP 172.67.202.71:443 ASN #13335 CLOUDFLARENET Requested by https://y2down.cc/enXE/ Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type HTML document, ASCII text, with very long lines (5391) Size 6.6 kB (6603 bytes) Hash 543ac81966d87ac815e08eb0e436d719 e35bb4e32ccf08c11a3935084b50660feb835350 8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968 HTTP Headers `GET /ads.js HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/enXE/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 404 Not Found date: Sun, 22 Jun 2025 00:42:41 GMT content-type: text/html; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2zMWxNd2lFdcvD%2Bx6MtAZo%2FCR9Xl6iCj64%2B2HvjXVza5Sp%2BVeVT9nN1rkDXvFs2%2FiyQKt79cyNY6N5Utfe4D%2FK5Lyh%2Fgrwtzvl7PApjXRKVuLXDhbrZhHgPiD1M%3D"}],"group":"cf-nel","max_age":604800} vary: Accept-Encoding cache-control: public, max-age=3600 age: 8365 cf-cache-status: HIT content-encoding: br cf-ray: 9537b5086ae2568e-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=709&min_rtt=0&rtt_var=317&sent=176&recv=141&lost=0&retrans=0&sent_bytes=102507&recv_bytes=8218&delivery_rate=15373577&ss_exit_cwnd=14895&ss_exit_reason=2&cwnd=16706&unsent_bytes=0&cid=b5d173e59660ffd1&ts=726&inflight_dur=51&x=44"

	GET y2down.cc/favicon.svg	172.67.202.71	200 OK	1.5 kB
URL GET y2down.cc/favicon.svg IP 172.67.202.71:443 ASN #13335 CLOUDFLARENET Requested by https://y2down.cc/enXE/ Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type SVG Scalable Vector Graphics image Size 1.5 kB (1524 bytes) Hash 1821c958bbe5e0a6a4563025af907760 26ced4c88143889bf6b5b246b28e4203f3dd6087 17e50649ce0babbf448e8a728d4475192b60b4d096a7d9414df727128435519e HTTP Headers `GET /favicon.svg HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/enXE/ Cookie: countryCookie=NO Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Sun, 22 Jun 2025 00:42:41 GMT content-type: image/svg+xml nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=prExc2rw5bV0AKs8VRlbstflPLl90sRCrtA%2FER4XIqtIYf%2FyNMWmkFD9mEunH6qU8chx7kR951w2o%2BmJmRGgbxo5IPB8CYmRAyIMhAXMyzvU9pTP8PGG607WDv4%3D"}],"group":"cf-nel","max_age":604800} last-modified: Wed, 10 Apr 2024 21:22:34 GMT vary: Accept-Encoding etag: "6617031a-5f4" content-encoding: gzip age: 7610 cache-control: max-age=3600 cf-cache-status: HIT cf-ray: 9537b509eae8568e-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=748&min_rtt=0&rtt_var=289&sent=193&recv=146&lost=0&retrans=0&sent_bytes=117221&recv_bytes=9129&delivery_rate=15373577&ss_exit_cwnd=14895&ss_exit_reason=2&cwnd=16706&unsent_bytes=0&cid=b5d173e59660ffd1&ts=966&inflight_dur=71&x=44"

	GET y2down.cc/en/	172.67.202.71	301 Moved Permanently	328 kB
URL User Request GET y2down.cc/en/ IP 172.67.202.71:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type Size 328 kB (328258 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /en/ HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Sun, 22 Jun 2025 00:42:40 GMT content-type: text/html; charset=utf-8 location: https://y2down.cc/enXE/ server: cloudflare cache-control: public, max-age=3600 cf-cache-status: EXPIRED nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} vary: accept-encoding report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2FhNTC1L3MeIAUftudmM4muEkaD3lEUAVp9R7YIPlcKhwilet5%2BpBOKi2%2Bkkpqp5M5E25XDslXwQGDGf7edye5mRUpMDkT4%3D"}]} cf-ray: 9537b502ec9a56b9-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	GET y2down.cc/enXE/	172.67.202.71	200 OK	328 kB
URL User Request GET y2down.cc/enXE/ IP 172.67.202.71:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type HTML document, ASCII text, with very long lines (1854) Size 328 kB (328258 bytes) Hash 29ce035a5e1f738fb07619675886c3f2 a09bda0a3f0ef9a3a80762eb61e0c30e0f1155a5 3901e2c49b1e3d72667afda05f9ec9550efb65234b6fdd7c72732a1b25815c8f HTTP Headers `GET /enXE/ HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 22 Jun 2025 00:42:40 GMT content-type: text/html; charset=UTF-8 server: cloudflare vary: Accept-Encoding cache-control: public, max-age=3600 report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=05qEspQ6ZXec%2FCUb3eUZVDkovQIW8C78UI%2Bu2I6yEZeFogUpNdkFqkWs6Sc7nk1LINPmTG9Ib2lJTYRjwNPN8751EBuCPnA%3D"}]} cf-cache-status: EXPIRED last-modified: Sun, 22 Jun 2025 00:42:40 GMT nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding: br cf-ray: 9537b503ed2756b9-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	GET www.googletagmanager.com/gtag/js?id=G-7EK4N0Y4LJ	142.250.74.168	200 OK	375 kB
URL GET www.googletagmanager.com/gtag/js?id=G-7EK4N0Y4LJ IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://y2down.cc/enXE/ Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint79:AA:03:D4:F6:6B:0F:61:E5:C5:AB:19:F4:A5:5D:DC:97:80:AF:DA ValidityMon, 02 Jun 2025 08:35:30 GMT - Mon, 25 Aug 2025 08:35:29 GMT File type JavaScript source, ASCII text, with very long lines (5913) Size 375 kB (375295 bytes) Hash c19ebd05c1292c6a4bdbee45aa4febd7 1d4031ab3c9c185ca3aaf2e74d81f667f158387b 5f9eeb0f4d5f9e386f5c6a5c4329f3164c056e0695c8698fd2f1b8c08ed43809 HTTP Headers `GET /gtag/js?id=G-7EK4N0Y4LJ HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 22 Jun 2025 00:42:41 GMT expires: Sun, 22 Jun 2025 00:42:41 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0 cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0 report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],} server: Google Tag Manager content-length: 127726 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML