gowmtwo.ndress.cyou Open in urlscan Pro
103.169.126.214  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gowmtwo.ndress.cyou/	13 KB 5 KB	985ms 321ms	Document text/html	103.169.126.214 EDCL-AS-AP Eons D...
General Check archive.org Show headers Download Go to Full URL https://gowmtwo.ndress.cyou/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.169.126.214 Ha Kwai Chung, Hong Kong, ASN138997 (EDCL-AS-AP Eons Data Communications Limited, HK), Reverse DNS Software nginx / Resource Hash 64923fbb95b9df8e46787d8ac61f8ad8607c6e5bb45c529616d6227ca2e68fb5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-type text/html date Tue, 18 Jun 2024 07:53:54 GMT etag W/"66713a5a-3217" last-modified Tue, 18 Jun 2024 07:42:18 GMT server nginx strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	bootstrap.min.css gowmtwo.ndress.cyou/	159 KB 29 KB	325ms 324ms	Stylesheet text/css	103.169.126.214 EDCL-AS-AP Eons D...
General Check archive.org Show headers Download Go to Full URL https://gowmtwo.ndress.cyou/bootstrap.min.css Requested by Host: gowmtwo.ndress.cyou URL: https://gowmtwo.ndress.cyou/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.169.126.214 Ha Kwai Chung, Hong Kong, ASN138997 (EDCL-AS-AP Eons Data Communications Limited, HK), Reverse DNS Software nginx / Resource Hash cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://gowmtwo.ndress.cyou/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 07:53:55 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Mon, 17 Jun 2024 14:07:21 GMT server nginx etag W/"66704319-27ba0" vary Accept-Encoding content-type text/css cache-control max-age=43200 expires Tue, 18 Jun 2024 19:53:55 GMT
GET H2	200	jquery-3.6.0.min.js Show response gowmtwo.ndress.cyou/	87 KB 34 KB	644ms 644ms	Script application/javascript	103.169.126.214 EDCL-AS-AP Eons D...
General Check archive.org Show headers Download Go to Full URL https://gowmtwo.ndress.cyou/jquery-3.6.0.min.js Requested by Host: gowmtwo.ndress.cyou URL: https://gowmtwo.ndress.cyou/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.169.126.214 Ha Kwai Chung, Hong Kong, ASN138997 (EDCL-AS-AP Eons Data Communications Limited, HK), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://gowmtwo.ndress.cyou/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 07:53:55 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Mon, 17 Jun 2024 14:07:21 GMT server nginx etag W/"66704319-15d9d" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 18 Jun 2024 19:53:55 GMT
GET H2	200	all.min.js Show response gowmtwo.ndress.cyou/	1 MB 479 KB	338ms 338ms	Script application/javascript	103.169.126.214 EDCL-AS-AP Eons D...
General Check archive.org Show headers Download Go to Full URL https://gowmtwo.ndress.cyou/all.min.js Requested by Host: gowmtwo.ndress.cyou URL: https://gowmtwo.ndress.cyou/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.169.126.214 Ha Kwai Chung, Hong Kong, ASN138997 (EDCL-AS-AP Eons Data Communications Limited, HK), Reverse DNS Software nginx / Resource Hash 812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://gowmtwo.ndress.cyou/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 07:53:56 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Mon, 17 Jun 2024 14:07:21 GMT server nginx etag W/"66704319-1242a2" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 expires Tue, 18 Jun 2024 19:53:56 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	259 KB 90 KB	103ms 53ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-11466449091 Requested by Host: gowmtwo.ndress.cyou URL: https://gowmtwo.ndress.cyou/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5ad2192d204b5bd0234ede77519034f17ea89ea496bab9aaefbc1edb5e9228e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://gowmtwo.ndress.cyou/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 07:53:56 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 91978 x-xss-protection 0 last-modified Tue, 18 Jun 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 18 Jun 2024 07:53:56 GMT
GET H2	200	telegram-b73495b2.png gowmtwo.ndress.cyou/	3 KB 3 KB	963ms 963ms	Image image/png	103.169.126.214 EDCL-AS-AP Eons D...
General Check archive.org Show headers Download Go to Show image Full URL https://gowmtwo.ndress.cyou/telegram-b73495b2.png Requested by Host: gowmtwo.ndress.cyou URL: https://gowmtwo.ndress.cyou/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.169.126.214 Ha Kwai Chung, Hong Kong, ASN138997 (EDCL-AS-AP Eons Data Communications Limited, HK), Reverse DNS Software nginx / Resource Hash 2fa184856ce8bc32176631a6c66a57f0f1cf7102ebd7da57c190e663cb79c783 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://gowmtwo.ndress.cyou/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 07:53:55 GMT strict-transport-security max-age=31536000 last-modified Mon, 17 Jun 2024 14:07:21 GMT server nginx etag "66704319-b33" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2867 expires Thu, 18 Jul 2024 07:53:55 GMT
GET H/1.1	200 OK	21888217.js Show response js.users.51.la/	5 KB 5 KB	262ms 203ms	Script application/javascript	163.181.92.239 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/21888217.js Requested by Host: gowmtwo.ndress.cyou URL: https://gowmtwo.ndress.cyou/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 163.181.92.239 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash fc208c53efb1d0eb97c22bd9a55937974dcfaac0d9d1df0cb4beae0f8e8f6063 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://gowmtwo.ndress.cyou/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 18 Jun 2024 07:53:56 GMT Via cache2.l2de2[167,166,200-0,M], cache4.l2de2[168,0], ens-cache3.de5[179,179,200-0,M], ens-cache6.de5[180,0] X-Swift-CacheTime 0 X-Cache MISS TCP_MISS dirn:-2:-2 Connection keep-alive X-Swift-SaveTime Tue, 18 Jun 2024 07:53:56 GMT Content-Length 4898 Server Tengine Ali-Swift-Global-Savetime 1718697236 Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store Access-Control-Allow-Credentials true Timing-Allow-Origin * Access-Control-Allow-Headers Content-Type EagleId a3b55c9a17186972361095129e
GET H/1.1	200 OK	go1 ia.51.la/	0 185 B	456ms 379ms	Image text/plain	154.85.69.2 LDPL-AS-AP LEGEND...
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=21888217&rt=1718697236299&rl=1600*1200&lang=de-DE&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1718697236299&tt=AI%25E6%258D%25A2%25E8%2584%25B8%25E6%258D%25A2%25E8%25A1%25A3%25E7%25BD%2591&kw=&cu=https%253A%252F%252Fgowmtwo.ndress.cyou%252F&pu= Requested by Host: gowmtwo.ndress.cyou URL: https://gowmtwo.ndress.cyou/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.85.69.2 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://gowmtwo.ndress.cyou/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 18 Jun 2024 07:53:56 GMT Connection keep-alive Content-Length 0 X-Ser BC199_lt-obgp-fujian-xiamen-33-cache-1, BC6_DE-Frankfurt-Frankfurt-11-cache-1
GET H2	200	aidemo.gif gowmtwo.ndress.cyou/	3 MB 3 MB	322ms 321ms	Image image/gif	103.169.126.214 EDCL-AS-AP Eons D...
General Check archive.org Show headers Download Go to Show image Full URL https://gowmtwo.ndress.cyou/aidemo.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.169.126.214 Ha Kwai Chung, Hong Kong, ASN138997 (EDCL-AS-AP Eons Data Communications Limited, HK), Reverse DNS Software nginx / Resource Hash 7c91613e633b1598202c1a1d535d1cdb1b73cf0a26edb807ab74fa1c1aed5bcd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://gowmtwo.ndress.cyou/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 07:53:57 GMT strict-transport-security max-age=31536000 last-modified Mon, 17 Jun 2024 14:07:21 GMT server nginx etag "66704319-314a19" content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 3230233 expires Thu, 18 Jul 2024 07:53:57 GMT
GET H2	200	200200.png gowmtwo.ndress.cyou/	60 KB 60 KB	645ms 645ms	Image image/png	103.169.126.214 EDCL-AS-AP Eons D...
General Check archive.org Show headers Download Go to Show image Full URL https://gowmtwo.ndress.cyou/200200.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.169.126.214 Ha Kwai Chung, Hong Kong, ASN138997 (EDCL-AS-AP Eons Data Communications Limited, HK), Reverse DNS Software nginx / Resource Hash 1e4ebe36762509dcd76b076a7fad6ff926a20b8a0f5fe7246bb2bf38f7d17e2a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://gowmtwo.ndress.cyou/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 07:53:57 GMT strict-transport-security max-age=31536000 last-modified Mon, 17 Jun 2024 14:07:21 GMT server nginx etag "66704319-ee1f" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 60959 expires Thu, 18 Jul 2024 07:53:57 GMT
GET H2	404	favicon.ico gowmtwo.ndress.cyou/	548 B 612 B	965ms 965ms	Other text/html	103.169.126.214 EDCL-AS-AP Eons D...
General Check archive.org Show headers Download Go to Full URL https://gowmtwo.ndress.cyou/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.169.126.214 Ha Kwai Chung, Hong Kong, ASN138997 (EDCL-AS-AP Eons Data Communications Limited, HK), Reverse DNS Software nginx / Resource Hash d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://gowmtwo.ndress.cyou/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 07:53:57 GMT server nginx content-length 548 content-type text/html

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| gtag object| dataLayer function| copyBotAddress function| notifyCopySuccess function| notifyCopyFailure boolean| isCheck function| updateDisplayBasedOnTime object| google_tag_manager object| google_tag_data object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ndress.cyou/	1970-01-20 23:34:33	Name: _gcl_au Value: 1.1.292871109.1718697236
			gowmtwo.ndress.cyou/	1969-12-31 23:59:59	Name: __tins__21888217 Value: %7B%22sid%22%3A%201718697236299%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201718699036299%7D
			gowmtwo.ndress.cyou/	1969-12-31 23:59:59	Name: __51cke__ Value:
			gowmtwo.ndress.cyou/	1969-12-31 23:59:59	Name: __51laig__ Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gowmtwo.ndress.cyou/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gowmtwo.ndress.cyou
ia.51.la
js.users.51.la
www.googletagmanager.com
103.169.126.214
154.85.69.2
163.181.92.239
2a00:1450:4001:827::2008
1e4ebe36762509dcd76b076a7fad6ff926a20b8a0f5fe7246bb2bf38f7d17e2a
2fa184856ce8bc32176631a6c66a57f0f1cf7102ebd7da57c190e663cb79c783
5ad2192d204b5bd0234ede77519034f17ea89ea496bab9aaefbc1edb5e9228e7
64923fbb95b9df8e46787d8ac61f8ad8607c6e5bb45c529616d6227ca2e68fb5
7c91613e633b1598202c1a1d535d1cdb1b73cf0a26edb807ab74fa1c1aed5bcd
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc208c53efb1d0eb97c22bd9a55937974dcfaac0d9d1df0cb4beae0f8e8f6063
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e