wx.gtimg.com Open in urlscan Pro
150.109.206.115 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://api.mch.weixin.qq.com/pay/downloadbill
Effective URL:
https://wx.gtimg.com/core/404.html
Submission: On November 14 via manual (November 14th 2019, 4:56:15 pm UTC) from PL

Summary HTTP 15 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 15 HTTP transactions. The main IP is 150.109.206.115, located in Japan and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is wx.gtimg.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on December 28th 2018. Valid for: a year.

This is the only time wx.gtimg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	240e:e1:a900:... 240e:e1:a900:50::4a	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom (Group))
1	150.109.206.115 150.109.206.115	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
13	150.109.207.111 150.109.207.111	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	203.205.254.103 203.205.254.103	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
15	4

1 240e:e1:a900:50::4a (China) 1 redirects

ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)

api.mch.weixin.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.109.206.115 (Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

wx.gtimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 150.109.207.111 (Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

qzonestyle.gtimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgcache.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.205.254.103 (Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

h5.qzone.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	qq.com 1 redirects api.mch.weixin.qq.com h5.qzone.qq.com imgcache.qq.com	145 KB
7	gtimg.cn qzonestyle.gtimg.cn	40 KB
1	gtimg.com wx.gtimg.com	539 B
15	3

	Domain	Requested by
7	qzonestyle.gtimg.cn	wx.gtimg.com qzonestyle.gtimg.cn
6	imgcache.qq.com	wx.gtimg.com
1	h5.qzone.qq.com	qzonestyle.gtimg.cn
1	wx.gtimg.com
1	api.mch.weixin.qq.com	1 redirects
15	5

This site contains links to these domains. Also see Links.

Domain
www.qq.com
bbs.baobeihuijia.com
e.t.qq.com

Subject Issuer	Validity	Valid
payapp.weixin.qq.com GeoTrust RSA CA 2018	`2018-12-28` - `2020-02-26`	a year	crt.sh
*.weixin.qq.com GlobalSign Organization Validation CA - SHA256 - G2	`2019-03-29` - `2020-03-29`	a year	crt.sh
*.qzone.qq.com Secure Site CA G2	`2019-08-14` - `2020-08-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wx.gtimg.com/core/404.html
Frame ID: 20EA2DBA178095AB2ECA5C4D335D5C8F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://api.mch.weixin.qq.com/pay/downloadbill HTTP 302
https://wx.gtimg.com/core/404.html Page URL

Page Statistics

15
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

185 kB
Transfer

201 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.qq.com/
Title: 返回腾讯网

Search URL Search Domain Scan URL

URL: http://bbs.baobeihuijia.com/thread-360875-1-1.html
Title: 查看详情

Search URL Search Domain Scan URL

URL: http://e.t.qq.com/Tencent-Volunteers

Search URL Search Domain Scan URL

URL: http://bbs.baobeihuijia.com/forum.php

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://api.mch.weixin.qq.com/pay/downloadbill HTTP 302
https://wx.gtimg.com/core/404.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 404.html Show response wx.gtimg.com/core/ Redirect Chain http://api.mch.weixin.qq.com/pay/downloadbill https://wx.gtimg.com/core/404.html	328 B 539 B	1941ms 250ms	Document text/html	150.109.206.115 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.206.115 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `0d9a54aeeba3f0339953af33821cb308575e10cd75743c8c55906bbcffbd84b2` Request headers :method GET :authority wx.gtimg.com :scheme https :path /core/404.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 server NWSs date Thu, 14 Nov 2019 16:55:46 GMT content-type text/html content-length 281 cache-control max-age=600 expires Thu, 14 Nov 2019 17:05:45 GMT last-modified Thu, 14 Nov 2019 16:50:00 GMT content-encoding gzip x-nws-log-uuid fad7bf51-1373-495e-bb45-3a97d3eac9f2 access-control-allow-origin * x-cache-lookup Hit From Disktank3 Gz Redirect headers Server nginx Date Thu, 14 Nov 2019 16:55:44 GMT Content-Type text/html Content-Length 154 Connection keep-alive Keep-Alive timeout=8 Location https://wx.gtimg.com/core/404.html
GET H2	200	search_children.js Show response qzonestyle.gtimg.cn/qzone/hybrid/app/404/	15 KB 7 KB	984ms 246ms	Script application/x-javascript	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/search_children.js Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `dfa41948d99ceba61c766345d54bcb09c0def25f392d38df21d479fca0d7fa02` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 2 date Thu, 14 Nov 2019 16:55:47 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz access-control-expose-headers x-client-proto-ver, X-Server-Ip, X-Upstream-IP status 200 server_ip 150.109.207.111 alt-svc quic=":443"; ma=86400; v="39,38,37,36,35" content-length 6738 x-client-ip 127.0.0.1 x-reqgue 0 last-modified Fri, 11 Jan 2019 13:02:59 GMT server NWSs vary Origin, Accept content-type application/x-javascript x-server-ip 150.109.207.111 cache-control max-age=600 x-nws-log-uuid bd8683d8-1454-4779-8571-15481c7cacfb x-upstream-ip 0.0.0.0:0 expires Thu, 14 Nov 2019 17:05:47 GMT
GET H2	200	fcg_zone_info Show response h5.qzone.qq.com/proxy/domain/boss.qzone.qq.com/fcg-bin/	165 B 361 B	1232ms 232ms	Script application/x-javascript	203.205.254.103 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://h5.qzone.qq.com/proxy/domain/boss.qzone.qq.com/fcg-bin/fcg_zone_info Requested by Host: qzonestyle.gtimg.cn URL: https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/search_children.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.254.103 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software QZHTTP-2.38.33 / TSW/Node.js Resource Hash `ebe8b10090591c1978e368bc0f528a265c368eef8b7789f8de17248fca9995ac` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 Nov 2019 16:55:48 GMT content-encoding gzip server QZHTTP-2.38.33 x-powered-by TSW/Node.js vary Origin, Accept content-type application/x-javascript; charset=utf-8 status 200 mod-map proxy_domain:photo.v7/module/proxy/sync.js cache-control no-cache content-length 140
GET H2	200	404style_min.css qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/	12 KB 5 KB	247ms 246ms	Stylesheet text/css	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/404style_min.css Requested by Host: qzonestyle.gtimg.cn URL: https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/search_children.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `969ed790e594e9af45be831b747eb40302d998e955914d3a7950045413701daa` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 2 date Thu, 14 Nov 2019 16:55:47 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz access-control-expose-headers x-client-proto-ver, X-Server-Ip, X-Upstream-IP status 200 server_ip 150.109.207.111 alt-svc quic=":443"; ma=86400; v="39,38,37,36,35" content-length 4822 x-client-ip 127.0.0.1 x-reqgue 0 last-modified Mon, 08 Oct 2018 10:41:56 GMT server NWSs vary Origin, Accept content-type text/css x-server-ip 150.109.207.111 cache-control max-age=3600 x-nws-log-uuid 7c9cdb21-103b-4859-81f3-e53b9d41bfc0 x-upstream-ip 0.0.0.0:0 expires Thu, 14 Nov 2019 17:55:47 GMT
GET H2	200	data.js Show response qzonestyle.gtimg.cn/qzone/v6/portal/gy/404/	7 KB 3 KB	245ms 244ms	Script application/x-javascript	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://qzonestyle.gtimg.cn/qzone/v6/portal/gy/404/data.js Requested by Host: qzonestyle.gtimg.cn URL: https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/search_children.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `3e113816ec35c2135dd04cdd4b0f943110baca70fdfed358116fc331ca946979` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 2 date Thu, 14 Nov 2019 16:55:48 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz access-control-expose-headers x-client-proto-ver, X-Server-Ip, X-Upstream-IP status 200 server_ip 150.109.207.111 alt-svc quic=":443"; ma=86400; v="39,38,37,36,35" content-length 2420 x-client-ip 127.0.0.1 x-reqgue 0 last-modified Wed, 02 Jan 2019 12:37:06 GMT server NWSs vary Origin, Accept content-type application/x-javascript x-server-ip 150.109.207.111 cache-control max-age=600 x-nws-log-uuid 5f853a72-e45f-438a-b34b-6574d9bb08e8 x-upstream-ip 0.0.0.0:0 expires Thu, 14 Nov 2019 17:05:48 GMT
GET H2	200	upfile_1125429_1485048575.jpg imgcache.qq.com/qzone/v6/portal/gy/upload/	8 KB 8 KB	1163ms 485ms	Image image/webp	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://imgcache.qq.com/qzone/v6/portal/gy/upload/upfile_1125429_1485048575.jpg Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `5ddb334bffcdd0ebd25a7ae0de54cea08cd5e997a9d36739355bdb908ebadfc2` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 1 date Thu, 14 Nov 2019 16:55:49 GMT x-cache-lookup Hit From Disktank3 status 200 server_ip 150.109.207.111 content-length 7998 x-reqgue 0 last-modified Thu, 10 Oct 2019 14:24:18 GMT server NWSs vary Accept content-type image/webp access-control-allow-origin https://wx.gtimg.com cache-control max-age=259200 x-nws-log-uuid fc38a6b0-d3e4-4ab2-8c70-8e467832e24f timing-allow-origin https://wx.gtimg.com expires Sun, 17 Nov 2019 16:55:49 GMT
GET H2	200	logo_tencentvolunteers.png qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/image/	3 KB 4 KB	359ms 355ms	Image image/webp	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/image/logo_tencentvolunteers.png Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `4bf2f7770bb2481ed42d6e115a691110edd296a2d3b03422dd429d73db931b94` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 1 date Thu, 14 Nov 2019 16:55:49 GMT x-cache-lookup Hit From Upstream, Hit From Disktank3 access-control-expose-headers x-client-proto-ver, X-Server-Ip, X-Upstream-IP status 200 server_ip 150.109.207.111 alt-svc quic=":443"; ma=86400; v="39,38,37,36,35" content-length 3120 x-client-ip 127.0.0.1 x-reqgue 0 last-modified Thu, 10 Oct 2019 14:25:55 GMT server NWSs vary Origin, Accept content-type image/webp x-server-ip 150.109.207.111 cache-control max-age=259200 x-nws-log-uuid 2e293df0-8afa-414f-a4d2-e32f9122f3fe x-upstream-ip 0.0.0.0:0 expires Sun, 17 Nov 2019 16:55:49 GMT
GET H2	200	logo_baobeihuijia.png qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/image/	3 KB 4 KB	249ms 245ms	Image image/webp	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/image/logo_baobeihuijia.png Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `b3e2e808447fb5a1c2b38b216cab597816f616328f5cfd89eed7e1bb18006874` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 1 date Thu, 14 Nov 2019 16:55:49 GMT x-cache-lookup Hit From Disktank3 access-control-expose-headers x-client-proto-ver, X-Server-Ip, X-Upstream-IP status 200 server_ip 150.109.207.111 alt-svc quic=":443"; ma=86400; v="39,38,37,36,35" content-length 3552 x-client-ip 127.0.0.1 x-reqgue 0 last-modified Thu, 10 Oct 2019 14:26:19 GMT server NWSs vary Origin, Accept content-type image/webp x-server-ip 150.109.207.111 cache-control max-age=259200 x-nws-log-uuid a70965e5-b289-4f27-8016-c14b4e4c5488 x-upstream-ip 0.0.0.0:0 expires Sun, 17 Nov 2019 16:55:48 GMT
GET H2	200	upfile_3277957_1488449002.jpg imgcache.qq.com/qzone/v6/portal/gy/upload/	13 KB 14 KB	934ms 256ms	Image image/webp	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://imgcache.qq.com/qzone/v6/portal/gy/upload/upfile_3277957_1488449002.jpg Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `6673682938eeacc5b5a6521be51392ec2119dfa60fcdf90907b662ac5874d71c` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 1 date Thu, 14 Nov 2019 16:55:49 GMT x-cache-lookup Hit From Disktank3 status 200 server_ip 150.109.207.111 content-length 13570 x-reqgue 0 last-modified Wed, 04 Apr 2018 21:18:42 GMT server NWSs vary Accept content-type image/webp access-control-allow-origin https://wx.gtimg.com cache-control max-age=259200 x-nws-log-uuid 255aacc5-e87e-480c-90e8-28500287c5bd timing-allow-origin https://wx.gtimg.com expires Sun, 17 Nov 2019 16:55:49 GMT
GET H2	200	upfile_9413196_1491530820.jpg imgcache.qq.com/qzone/v6/portal/gy/upload/	27 KB 28 KB	925ms 247ms	Image image/webp	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://imgcache.qq.com/qzone/v6/portal/gy/upload/upfile_9413196_1491530820.jpg Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `6dc20af918960ba6dea17a6e4f632f8d9eee4671ab20f2532c8b34fa29f94036` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 1 date Thu, 14 Nov 2019 16:55:49 GMT x-cache-lookup Hit From Disktank3 status 200 server_ip 150.109.207.111 content-length 28102 x-reqgue 0 last-modified Thu, 10 Oct 2019 14:23:53 GMT server NWSs vary Accept content-type image/webp access-control-allow-origin https://wx.gtimg.com cache-control max-age=259200 x-nws-log-uuid aa4d18dc-09b9-462a-8451-54e25d0b0207 timing-allow-origin https://wx.gtimg.com expires Sun, 17 Nov 2019 16:55:49 GMT
GET H2	200	upfile_6217237_1495967222.jpg imgcache.qq.com/qzone/v6/portal/gy/upload/	18 KB 19 KB	933ms 256ms	Image image/webp	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://imgcache.qq.com/qzone/v6/portal/gy/upload/upfile_6217237_1495967222.jpg Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `81f9599fcdf1653bd858f68605b5ced6ae7f60bd5ea6c096bba0ffa8550b419a` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 1 date Thu, 14 Nov 2019 16:55:49 GMT x-cache-lookup Hit From Disktank3 status 200 server_ip 150.109.207.111 content-length 18698 x-reqgue 0 last-modified Thu, 10 Oct 2019 14:28:32 GMT server NWSs vary Accept content-type image/webp access-control-allow-origin https://wx.gtimg.com cache-control max-age=259200 x-nws-log-uuid 5832e081-cc60-4e2f-ac01-bded8e9985cf timing-allow-origin https://wx.gtimg.com expires Sun, 17 Nov 2019 16:55:49 GMT
GET H2	200	upfile_6569804_1488448536.jpg imgcache.qq.com/qzone/v6/portal/gy/upload/	8 KB 8 KB	933ms 256ms	Image image/webp	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://imgcache.qq.com/qzone/v6/portal/gy/upload/upfile_6569804_1488448536.jpg Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `5c1e73f013e0a6b3fedd1702132256b0fa0eef0e310477bf7284e371e3faf64c` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 1 date Thu, 14 Nov 2019 16:55:49 GMT x-cache-lookup Hit From Disktank3 status 200 server_ip 150.109.207.111 content-length 7984 x-reqgue 0 last-modified Thu, 10 Oct 2019 14:24:14 GMT server NWSs vary Accept content-type image/webp access-control-allow-origin https://wx.gtimg.com cache-control max-age=259200 x-nws-log-uuid 79e22253-86dd-4a4e-9a4b-848f80dab865 timing-allow-origin https://wx.gtimg.com expires Sun, 17 Nov 2019 16:55:49 GMT
GET H2	200	upfile_2188376_1491889764.jpg imgcache.qq.com/qzone/v6/portal/gy/upload/	68 KB 68 KB	932ms 255ms	Image image/webp	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://imgcache.qq.com/qzone/v6/portal/gy/upload/upfile_2188376_1491889764.jpg Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `e4814c4d17885fdd5dfe253da3906b5efb132a1cede68c0da198be466bab5d9c` Request headers Sec-Fetch-Mode no-cors Referer https://wx.gtimg.com/core/404.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 1 date Thu, 14 Nov 2019 16:55:49 GMT x-cache-lookup Hit From Disktank3 status 200 server_ip 150.109.207.111 content-length 69384 x-reqgue 0 last-modified Wed, 02 Jan 2019 15:02:31 GMT server NWSs vary Accept content-type image/webp access-control-allow-origin https://wx.gtimg.com cache-control max-age=259200 x-nws-log-uuid 4a51c2d1-e7da-45a6-8f44-8c9fc90c552a timing-allow-origin https://wx.gtimg.com expires Sun, 17 Nov 2019 16:55:49 GMT
GET H2	200	bg_page.png qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/image/	9 KB 10 KB	252ms 250ms	Image image/webp	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/image/bg_page.png Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `88aa626a12c7181db9913db9278ada08cf6e4c0dfc10aca44832f162c0e48b83` Request headers Sec-Fetch-Mode no-cors Referer https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/404style_min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 1 date Thu, 14 Nov 2019 16:55:49 GMT x-cache-lookup Hit From Disktank3 access-control-expose-headers x-client-proto-ver, X-Server-Ip, X-Upstream-IP status 200 server_ip 150.109.207.111 alt-svc quic=":443"; ma=86400; v="39,38,37,36,35" content-length 9514 x-client-ip 127.0.0.1 x-reqgue 0 last-modified Thu, 10 Oct 2019 14:25:55 GMT server NWSs vary Origin, Accept content-type image/webp x-server-ip 150.109.207.111 cache-control max-age=259200 x-nws-log-uuid 582e6f46-344e-42e6-995a-23334f1a0a28 x-upstream-ip 0.0.0.0:0 expires Sun, 17 Nov 2019 16:55:48 GMT
GET H2	200	txt_title.png qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/image/	7 KB 7 KB	249ms 248ms	Image image/webp	150.109.207.111 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/image/txt_title.png Requested by Host: wx.gtimg.com URL: https://wx.gtimg.com/core/404.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 150.109.207.111 , Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `aa493002d753959be58a9a194a95e30e644807d927e1edfe33f2164aa2d1a140` Request headers Sec-Fetch-Mode no-cors Referer https://qzonestyle.gtimg.cn/qzone/hybrid/app/404/style/404style_min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-datasrc 1 date Thu, 14 Nov 2019 16:55:49 GMT x-cache-lookup Hit From Disktank3 access-control-expose-headers x-client-proto-ver, X-Server-Ip, X-Upstream-IP status 200 server_ip 150.109.207.111 alt-svc quic=":443"; ma=86400; v="39,38,37,36,35" content-length 6766 x-client-ip 127.0.0.1 x-reqgue 0 last-modified Thu, 10 Oct 2019 14:28:45 GMT server NWSs vary Origin, Accept content-type image/webp x-server-ip 150.109.207.111 cache-control max-age=259200 x-nws-log-uuid b0adb5ce-5540-441a-bd17-61054ab7ee91 x-upstream-ip 0.0.0.0:0 expires Sun, 17 Nov 2019 16:55:48 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6698c243f014777a8ac58264a8f2f899dc8d71c0e3aa32103ef5149c40cc86e4` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mch.weixin.qq.com
h5.qzone.qq.com
imgcache.qq.com
qzonestyle.gtimg.cn
wx.gtimg.com
150.109.206.115
150.109.207.111
203.205.254.103
240e:e1:a900:50::4a
0d9a54aeeba3f0339953af33821cb308575e10cd75743c8c55906bbcffbd84b2
3e113816ec35c2135dd04cdd4b0f943110baca70fdfed358116fc331ca946979
4bf2f7770bb2481ed42d6e115a691110edd296a2d3b03422dd429d73db931b94
5c1e73f013e0a6b3fedd1702132256b0fa0eef0e310477bf7284e371e3faf64c
5ddb334bffcdd0ebd25a7ae0de54cea08cd5e997a9d36739355bdb908ebadfc2
6673682938eeacc5b5a6521be51392ec2119dfa60fcdf90907b662ac5874d71c
6698c243f014777a8ac58264a8f2f899dc8d71c0e3aa32103ef5149c40cc86e4
6dc20af918960ba6dea17a6e4f632f8d9eee4671ab20f2532c8b34fa29f94036
81f9599fcdf1653bd858f68605b5ced6ae7f60bd5ea6c096bba0ffa8550b419a
88aa626a12c7181db9913db9278ada08cf6e4c0dfc10aca44832f162c0e48b83
969ed790e594e9af45be831b747eb40302d998e955914d3a7950045413701daa
aa493002d753959be58a9a194a95e30e644807d927e1edfe33f2164aa2d1a140
b3e2e808447fb5a1c2b38b216cab597816f616328f5cfd89eed7e1bb18006874
dfa41948d99ceba61c766345d54bcb09c0def25f392d38df21d479fca0d7fa02
e4814c4d17885fdd5dfe253da3906b5efb132a1cede68c0da198be466bab5d9c
ebe8b10090591c1978e368bc0f528a265c368eef8b7789f8de17248fca9995ac

wx.gtimg.com Open in urlscan Pro 150.109.206.115 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

25 %IPv6

3 Domains

5 Subdomains

4 IPs

3 Countries

185 kBTransfer

201 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Indicators

wx.gtimg.com Open in urlscan Pro
150.109.206.115 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

185 kB
Transfer

201 kB
Size

0
Cookies

15 HTTP transactions
1 data transactions