Report - y2down.cc

Report Overview

Visited public
2025-06-07 16:51:59
Tags
URL
y2down.cc
Finishing URL
y2down.cc/ennP/
IP / ASN
172.67.202.71
#13335 CLOUDFLARENET
Title
Y2DOWN - YouTube 1080p 1440p 4K 8K Video Downloader

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
push-sdk.com	unknown	2022-10-25	2022-12-23	2025-06-03	867 B	56 kB	178.63.248.57
y2down.cc	unknown	2022-05-30	2022-06-02	2025-06-07	3.6 kB	1.1 MB	104.21.85.43
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-06-04	430 B	368 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	From	Size	First Seen	Last Seen
	y2down.cc/ennP/	ScriptElement	72 B	2023-03-08	2025-06-11
Pretty URL y2down.cc/ennP/ IP 104.21.85.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 20:44 Last Seen2025-06-11 22:51 Times Seen80 Hash 689497df33660bf527f52b4af9a4cb36 ec5ae0d0344ccc1ec204eb86038f29108bc30863 31f125a33ea064ae852aaa46d5730ff2e693124de0788f7ad9d873d22954be50 Loading...

	y2down.cc/ennP/	ScriptElement	233 B	2025-06-07	2025-06-07
Pretty URL y2down.cc/ennP/ IP 104.21.85.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:52 Last Seen2025-06-07 16:52 Times Seen1 Hash 17da44c84465d6410d6eb06699e066c9 df60c2cd80ee8c7a67b2e749b9fd98d5da723886 74b02326aa5607ec2918d345371cf230f87b00dfaad9072124509a4d06d2533a Loading...

	y2down.cc/ennP/	ScriptElement	1.7 kB	2025-06-07	2025-06-11
Pretty URL y2down.cc/ennP/ IP 104.21.85.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:52 Last Seen2025-06-11 22:51 Times Seen2 Hash 810eb91a3a9bd64c0557b91938588266 3e210228100986fedeafd2766c4eb0ab199de9db 0241b120087139804a2132fe16251e4655640d9ce33b7667b6faed5b109dd915 Loading...

	y2down.cc/ennP/	ScriptElement	54 B	2023-08-03	2025-06-11
Pretty URL y2down.cc/ennP/ IP 104.21.85.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-03 14:32 Last Seen2025-06-11 22:51 Times Seen13 Hash 0467c625542d5e6b28f5347a9112727d 8cf65bcdce70b9a2ff195c8be22d7bf31e5c728c 65754546e94929d657f4162d89513b98f3ea20fa4dea4811a6f1de261837eda3 Loading...

	www.googletagmanager.com/gtag/js?id=G-7EK4N0Y4LJ	ScriptElement	367 kB	2025-06-07	2025-06-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-7EK4N0Y4LJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-06-07 16:52 Last Seen2025-06-07 16:52 Times Seen1 Hash 797dab2c17ec97d2d0cf11bea0d99e1f d3c4e90a5c207d53ea7af903de4d2bfa81ca742a 7888d0fac79f6fd7772ad8b988376447480f77c8d98c52c0cf85cbf87d7193ee Loading...

	y2down.cc/ennP/	ScriptElement	11 kB	2025-06-07	2025-06-11
Pretty URL y2down.cc/ennP/ IP 104.21.85.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:52 Last Seen2025-06-11 22:51 Times Seen2 Hash 2e97e817f21776e5186beddfaa6c79bc a958bf456a29a5fa490afdc06b23b12afcea4f33 233c22ba5515846a5a2372eee9cdf041de46f70b8d43c38ca9c9e5b3427ab74c Loading...

	y2down.cc/ennP/	ScriptElement	2.3 kB	2025-02-13	2025-06-11
Pretty URL y2down.cc/ennP/ IP 104.21.85.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-13 12:08 Last Seen2025-06-11 22:51 Times Seen6 Hash 16fa5ebef49b057d73cdbe9625b15c17 cf8b800b57fe5cc2139943fff1cccdf6890917db 1cb9c58c9da28c2cc86f1d0e4c3d4306fba9c577694ac1c7d2f5b451b37a17df Loading...

	y2down.cc/ennP/	ScriptElement	51 kB	2024-05-14	2025-06-11
Pretty URL y2down.cc/ennP/ IP 104.21.85.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-14 03:07 Last Seen2025-06-11 22:51 Times Seen9 Hash 37baccc54b95b95eb890f949d8a74240 d17ebe3ed3a9775c0a23b8ef9b00368e91331b20 ac7fa52e7a9e47e08855b1e98063fe93264a2a979c2de2536d555099d7aa1624 Loading...

	y2down.cc/ennP/	ScriptElement	2.6 kB	2024-05-14	2025-06-11
Pretty URL y2down.cc/ennP/ IP 104.21.85.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-14 03:07 Last Seen2025-06-11 22:51 Times Seen9 Hash c5b7f146e2ea7c111eccc229207e18d7 c4767be8b46eb7b5e2306fe4bfd77c5fdd0c6503 84400efa5c608c12cbe2cf528596f954bf9e3b93c2a3f8dc80a56c2f1e6cdaa5 Loading...

	y2down.cc/ennP/	ScriptElement	1.5 kB	2024-05-14	2025-06-11
Pretty URL y2down.cc/ennP/ IP 104.21.85.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-14 03:07 Last Seen2025-06-11 22:51 Times Seen9 Hash a7118476c5da3898e02b6de9b3eefbd4 d9a82b023feced6b5d25848a3bdd77cda7ab0264 b4af0bdfa424f793136c2eaebb507cc35d803d8284dc415564ae814e429ded66 Loading...

	push-sdk.com/f/sdk.js?z=1081333	ScriptElement	55 kB	2025-04-01	2025-06-18
Pretty URL push-sdk.com/f/sdk.js?z=1081333 IP 178.63.248.57 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-01 19:54 Last Seen2025-06-18 18:33 Times Seen157 Hash f4d87b22393ed5eef57d01d86c6a88f6 5e1aaee78cd735c23cc423fc863decca30aee219 91cf9b34af48f3b62d706127b1140c89d8bb3a5455120acd2cfcfc41ab4ad5ee Loading...

	y2down.cc/ennP/	ScriptElement	54 kB	2025-06-07	2025-06-11
Pretty URL y2down.cc/ennP/ IP 104.21.85.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-07 16:52 Last Seen2025-06-11 22:51 Times Seen2 Hash f7178264912147ab13178d4114e3648a 81b101ddd6dcf074a56d60fc53beca2189385cf0 902ba9f66ac5355677b2df8f590e7fdadab06d7407aca916427e60672d32b0db Loading...

HTTP Transactions (11)

	URL	IP	Response	Size
	y2down.cc/images/banner-3.jpg	104.21.85.43	200 OK	91 kB
URL GET y2down.cc/images/banner-3.jpg IP 104.21.85.43:443 ASN #13335 CLOUDFLARENET Requested by https://y2down.cc/ennP/ Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 728x90, components 3 Size 91 kB (91223 bytes) Hash 029a9f2187bc07ed9e1b9a3823613937 dc2225c262ad27a2a7f6a5973a96d860c3a0ba9d 9c0969647cf8bf7f4c2f934baffc46497c2da405822ce29fc014e201560d3447 HTTP Headers `GET /images/banner-3.jpg HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/ennP/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Sat, 07 Jun 2025 16:51:39 GMT content-type: image/jpeg content-length: 91223 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQxd1yLSI4zuvp05Y6foId2VPYjnS0p4%2BJl72cwD0GSa03MnqsTO0v04uZUlfEO%2Fk43QgGvnZybU4NIzkOzNjFdXf9u5qjphNpU7W6ktSbkKs8PyG%2FGPh5VvnDc%3D"}],"group":"cf-nel","max_age":604800} last-modified: Mon, 02 Sep 2024 14:52:33 GMT etag: "66d5d131-16457" accept-ranges: bytes cache-control: max-age=3600 cf-cache-status: MISS cf-ray: 94c1a7caafec56ca-OSL server: cloudflare vary: Accept-Encoding nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=6342&min_rtt=1277&rtt_var=5875&sent=84&recv=32&lost=0&retrans=0&sent_bytes=73067&recv_bytes=3306&delivery_rate=13744714&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=244a5e27ef39de43&ts=1090&inflight_dur=46&x=80"

	y2down.cc/ennP/	104.21.85.43	200 OK	328 kB
URL User Request GET y2down.cc/ennP/ IP 104.21.85.43:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type HTML document, ASCII text, with very long lines (1854) Size 328 kB (328220 bytes) Hash 58330b32db62a92fe66c4609c5e84e52 575adff76561dccc7febc761ce6475a4190470a4 b5722e2af64c38ed6383cf820d2a208e83ef4c2cf7f56aae721dcb86a4ae16bd HTTP Headers `GET /ennP/ HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Sat, 07 Jun 2025 16:51:38 GMT content-type: text/html; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZeHBrvznchtGLaLXx%2Bl2zDmamANs4GhBhpb7poAsogobOtIXvt2sWizo8%2BPzDd%2FKMeUY15gv%2FIAo5FIxcQQWZ0rSb%2B5dW%2Bp%2BTO%2FjEH7R9Nt0pKtcCtZbIu8Lg%2Bg%3D"}],"group":"cf-nel","max_age":604800} vary: Accept-Encoding cache-control: public, max-age=3600 cf-cache-status: MISS last-modified: Sat, 07 Jun 2025 16:51:38 GMT content-encoding: br cf-ray: 94c1a7c5ffc856ca-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=7573&min_rtt=4469&rtt_var=5563&sent=21&recv=24&lost=0&retrans=0&sent_bytes=4216&recv_bytes=2041&delivery_rate=460625&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=12000&unsent_bytes=0&cid=244a5e27ef39de43&ts=518&inflight_dur=29&x=80"

	www.googletagmanager.com/gtag/js?id=G-7EK4N0Y4LJ	142.250.74.168	200 OK	367 kB
URL GET www.googletagmanager.com/gtag/js?id=G-7EK4N0Y4LJ IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://y2down.cc/ennP/ Certificate IssuerGoogle Trust Services Subject.google-analytics.com Fingerprint10:76:57:2F:C3:21:F2:5F:71:E4:85:A5:DB:F7:65:3F:51:03:55:07 ValidityMon, 12 May 2025 08:42:57 GMT - Mon, 04 Aug 2025 08:42:56 GMT File type JavaScript source, ASCII text, with very long lines (5359) Size 367 kB (367042 bytes) Hash 797dab2c17ec97d2d0cf11bea0d99e1f d3c4e90a5c207d53ea7af903de4d2bfa81ca742a 7888d0fac79f6fd7772ad8b988376447480f77c8d98c52c0cf85cbf87d7193ee HTTP Headers `GET /gtag/js?id=G-7EK4N0Y4LJ HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sat, 07 Jun 2025 16:51:39 GMT expires: Sat, 07 Jun 2025 16:51:39 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0 cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0 report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],} server: Google Tag Manager content-length: 125075 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	y2down.cc/ads.js	104.21.85.43	404 Not Found	6.6 kB
URL GET y2down.cc/ads.js IP 104.21.85.43:443 ASN #13335 CLOUDFLARENET Requested by https://y2down.cc/ennP/ Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type HTML document, ASCII text, with very long lines (5391) Size 6.6 kB (6603 bytes) Hash 543ac81966d87ac815e08eb0e436d719 e35bb4e32ccf08c11a3935084b50660feb835350 8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968 HTTP Headers `GET /ads.js HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/ennP/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 404 Not Found date: Sat, 07 Jun 2025 16:51:39 GMT content-type: text/html; charset=UTF-8 nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZ%2B7pFAdte2Tr2RyAu%2FRWNlNtjW25c8QEfdrr6VSQ4XDUzNI5cf01R8U4CAateaqcK5is4hG2v2rn%2BkIAgqfrQoU72MQLw%2BTm4XQzq%2Fxbum5bI1miA3lG1eSNEo%3D"}],"group":"cf-nel","max_age":604800} vary: Accept-Encoding cache-control: public, max-age=3600 cf-cache-status: MISS content-encoding: br cf-ray: 94c1a7cb1ff456ca-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=10810&min_rtt=1277&rtt_var=11381&sent=165&recv=37&lost=0&retrans=0&sent_bytes=167920&recv_bytes=3536&delivery_rate=13744714&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=96000&unsent_bytes=0&cid=244a5e27ef39de43&ts=1229&inflight_dur=195&x=80"

	push-sdk.com/f/sdk.js?z=1081333	178.63.248.57	200 OK	55 kB
URL GET push-sdk.com/f/sdk.js?z=1081333 IP 178.63.248.57:443 ASN #24940 Hetzner Online GmbH Requested by https://y2down.cc/ennP/ Certificate IssuerLet's Encrypt Subjectpush-sdk.com Fingerprint43:6C:A5:4F:73:7D:B7:09:5D:88:3F:9F:29:2F:F4:C3:F2:29:12:E3 ValiditySun, 06 Apr 2025 03:46:49 GMT - Sat, 05 Jul 2025 03:46:48 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (54745), with no line terminators Size 55 kB (54787 bytes) Hash f4d87b22393ed5eef57d01d86c6a88f6 5e1aaee78cd735c23cc423fc863decca30aee219 91cf9b34af48f3b62d706127b1140c89d8bb3a5455120acd2cfcfc41ab4ad5ee HTTP Headers `GET /f/sdk.js?z=1081333 HTTP/1.1 Host: push-sdk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: Angie date: Sat, 07 Jun 2025 16:51:39 GMT content-type: application/javascript; charset=utf-8 content-length: 15242 content-encoding: gzip cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate vary: Accept-Encoding X-Firefox-Spdy: h2`

	y2down.cc/cdn-cgi/trace	104.21.85.43	200 OK	266 B
URL GET y2down.cc/cdn-cgi/trace IP 104.21.85.43:443 ASN #13335 CLOUDFLARENET Requested by https://y2down.cc/ennP/ Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type ASCII text Size 266 B (266 bytes) Hash 60d7839f217c1807272ffdb2dd462e75 3c930536f6180e5f6f14499b1caf60d5a1816e97 27e1bb6342fee929ca38b6e55f4f431c9609e811c550812ada4bedb3a52b3c93 HTTP Headers `GET /cdn-cgi/trace HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://y2down.cc/ennP/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/3 200 OK date: Sat, 07 Jun 2025 16:51:39 GMT content-type: text/plain cache-control: no-cache content-encoding: gzip access-control-allow-origin: * server: cloudflare cf-ray: 94c1a7cb3ff756ca-OSL x-frame-options: DENY x-content-type-options: nosniff expires: Thu, 01 Jan 1970 00:00:01 GMT`

	y2down.cc/assets/firefox.svg	104.21.85.43	200 OK	34 kB
URL GET y2down.cc/assets/firefox.svg IP 104.21.85.43:443 ASN #13335 CLOUDFLARENET Requested by https://y2down.cc/ennP/ Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type SVG Scalable Vector Graphics image Size 34 kB (33785 bytes) Hash c214d7548e9dfe83e9093eb04407262e 7078117a4bf243ba663ae44e576032cc79826b4e 10d54aa020a7363073ef8c137808861137dc6e6fffd3d0f8c95f0a6d15e716e2 HTTP Headers `GET /assets/firefox.svg HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/ennP/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Sat, 07 Jun 2025 16:51:39 GMT content-type: image/svg+xml nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VG3wpiOnuoE175x4nYUJvPUaFHZXydbnpoQ7Uj9GcgU%2Bmv5vdu2WAZCt6YgaP3XU0zOI%2F0ZhfN0U6V6JgwXGMQg92e3kHy7DqXs3YP9MTRPNDroMbLo%2F%2FezexJc%3D"}],"group":"cf-nel","max_age":604800} last-modified: Wed, 10 Apr 2024 21:22:34 GMT vary: Accept-Encoding etag: W/"6617031a-83f9" content-encoding: gzip cache-control: max-age=3600 cf-cache-status: MISS cf-ray: 94c1a7cb6ff856ca-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=13235&min_rtt=1277&rtt_var=12641&sent=148&recv=35&lost=0&retrans=0&sent_bytes=149275&recv_bytes=3442&delivery_rate=13744714&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=48000&unsent_bytes=0&cid=244a5e27ef39de43&ts=1214&inflight_dur=149&x=80"

	y2down.cc/favicon.svg	104.21.85.43	200 OK	1.5 kB
URL GET y2down.cc/favicon.svg IP 104.21.85.43:443 ASN #13335 CLOUDFLARENET Requested by https://y2down.cc/ennP/ Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type SVG Scalable Vector Graphics image Size 1.5 kB (1524 bytes) Hash 1821c958bbe5e0a6a4563025af907760 26ced4c88143889bf6b5b246b28e4203f3dd6087 17e50649ce0babbf448e8a728d4475192b60b4d096a7d9414df727128435519e HTTP Headers `GET /favicon.svg HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://y2down.cc/ennP/ Cookie: countryCookie=NO Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Sat, 07 Jun 2025 16:51:40 GMT content-type: image/svg+xml nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EmLjHQjqwVKKsewEc5YRaxojwCSBPgCDgLcBPmuTQSDe4uaGuMgOxLrCKR6bwQuknLx86qYVg2ynWl9kzaUI4cVxBixR0M3tjp3Fknaf7AWfh0c0Y482kStisCg%3D"}],"group":"cf-nel","max_age":604800} last-modified: Wed, 10 Apr 2024 21:22:34 GMT vary: Accept-Encoding etag: W/"6617031a-5f4" content-encoding: gzip cache-control: max-age=3600 cf-cache-status: MISS cf-ray: 94c1a7ce080456ca-OSL server: cloudflare alt-svc: h3=":443"; ma=86400 server-timing: cfL4;desc="?proto=QUIC&rtt=9054&min_rtt=1277&rtt_var=9539&sent=180&recv=40&lost=0&retrans=0&sent_bytes=181585&recv_bytes=3920&delivery_rate=13744714&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=96000&unsent_bytes=0&cid=244a5e27ef39de43&ts=1650&inflight_dur=203&x=80"

	y2down.cc/	104.21.85.43	301 Moved Permanently	328 kB
URL User Request GET y2down.cc/ IP 104.21.85.43:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type Size 328 kB (328220 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Sat, 07 Jun 2025 16:51:38 GMT content-type: text/html; charset=utf-8 location: https://y2down.cc/en/ server: cloudflare cache-control: public, max-age=3600 cf-cache-status: MISS nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} vary: accept-encoding report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=uSV9SbzzTbUON%2F8y4DZeyb3GOGUNvke5qCJNnnqz9X1joIoeglFVk65W58oP%2FdGIFQwOCaFK9h7lxZTm7qUDtjsEbdcrOW8%3D"}]} cf-ray: 94c1a7c3a9c97127-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	y2down.cc/en/	104.21.85.43	301 Moved Permanently	328 kB
URL User Request GET y2down.cc/en/ IP 104.21.85.43:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services Subjecty2down.cc Fingerprint52:30:BF:12:E3:4D:98:67:BF:8F:19:A8:98:2F:6A:A4:2C:81:C4:8C ValidityThu, 05 Jun 2025 16:28:48 GMT - Wed, 03 Sep 2025 17:26:39 GMT File type Size 328 kB (328220 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /en/ HTTP/1.1 Host: y2down.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 301 Moved Permanently date: Sat, 07 Jun 2025 16:51:38 GMT content-type: text/html; charset=utf-8 location: https://y2down.cc/ennP/ server: cloudflare cache-control: public, max-age=3600 cf-cache-status: MISS nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} vary: accept-encoding report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=b6okUT8%2BM7i8vR5mObpz%2BP0eLrCS0OnewF8mcMEkhkCF2J%2BZpbnB2PucPkTswg%2B748ajmetARSS%2Bab5WKGlkNGMSK7x7%2BIM%3D"}]} cf-ray: 94c1a7c4db6e7127-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	push-sdk.com/event?z=1081333	178.63.248.57	200 OK	0 B
URL POST push-sdk.com/event?z=1081333 IP 178.63.248.57:443 ASN #24940 Hetzner Online GmbH Requested by https://y2down.cc/ennP/ Certificate IssuerLet's Encrypt Subjectpush-sdk.com Fingerprint43:6C:A5:4F:73:7D:B7:09:5D:88:3F:9F:29:2F:F4:C3:F2:29:12:E3 ValiditySun, 06 Apr 2025 03:46:49 GMT - Sat, 05 Jul 2025 03:46:48 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /event?z=1081333 HTTP/1.1 Host: push-sdk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 83 Origin: https://y2down.cc DNT: 1 Connection: keep-alive Referer: https://y2down.cc/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: Angie date: Sat, 07 Jun 2025 16:51:39 GMT content-length: 0 access-control-allow-origin: https://y2down.cc access-control-allow-credentials: true access-control-allow-methods: GET, POST, OPTIONS access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token access-control-expose-headers: Authorization cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store pragma: no-cache expires: Tue, 11 Jan 1994 00:00:00 GMT accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML