appmedia.gtimg.com - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 203.205.136.77, located in Shenzhen, China and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is appmedia.gtimg.com.
TLS certificate: Issued by DigiCert Secure Site CN CA G3 on November 27th 2020. Valid for: a year.

This is the only time appmedia.gtimg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	111.230.207.246 111.230.207.246	45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	203.205.136.77 203.205.136.77	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	203.205.136.169 203.205.136.169	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
4	3

1 111.230.207.246 (China) 1 redirects

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

2000144183.zhan.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.205.136.77 (Shenzhen, China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

appmedia.gtimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.205.136.169 (Shenzhen, China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

appmedia.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	qq.com 1 redirects 2000144183.zhan.qq.com zhan.qq.com Failed appmedia.qq.com	16 KB
1	gtimg.com appmedia.gtimg.com	2 KB
4	2

	Domain	Requested by
2	appmedia.qq.com	appmedia.gtimg.com
1	appmedia.gtimg.com
1	2000144183.zhan.qq.com	1 redirects
0	zhan.qq.com Failed	appmedia.gtimg.com
4	4

This site contains no links.

Subject Issuer	Validity	Valid
active-appmedia.gdt.qq.com DigiCert Secure Site CN CA G3	`2020-11-27` - `2021-12-01`	a year	crt.sh
zhan.qq.com Secure Site CA G2	`2020-06-22` - `2021-09-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://appmedia.gtimg.com/media/fl/html/syserror/syserror.html
Frame ID: A8580872603B1FD4AB54123209EC4117
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://2000144183.zhan.qq.com/ HTTP 302
https://appmedia.gtimg.com/media/fl/html/syserror/syserror.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

1
Countries

17 kB
Transfer

18 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://2000144183.zhan.qq.com/ HTTP 302
https://appmedia.gtimg.com/media/fl/html/syserror/syserror.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request syserror.html Show response appmedia.gtimg.com/media/fl/html/syserror/ Redirect Chain http://2000144183.zhan.qq.com/ https://appmedia.gtimg.com/media/fl/html/syserror/syserror.html	4 KB 2 KB	2077ms 199ms	Document text/html	203.205.136.77 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://appmedia.gtimg.com/media/fl/html/syserror/syserror.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.136.77 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `ec16b28ec5486baf6d0fbd8b3b5a0c245b700910c566d8b142a52ca24565a397` Request headers :method GET :authority appmedia.gtimg.com :scheme https :path /media/fl/html/syserror/syserror.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36 Response headers server NWSs date Thu, 22 Apr 2021 18:36:57 GMT content-type text/html content-length 1707 cache-control max-age=600 expires Thu, 22 Apr 2021 18:46:56 GMT last-modified Sat, 19 Jan 2019 12:19:27 GMT content-encoding gzip x-nws-log-uuid 659a571f-8f56-42b5-9487-d4c0740af854 vary Origin x-cache-lookup Hit From Disktank3 Gz accept-ranges bytes Redirect headers Date Thu, 22 Apr 2021 18:36:55 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Location https://appmedia.gtimg.com/media/fl/html/syserror/syserror.html Content-Security-Policy-Report-Only default-src https: 'self' 'unsafe-inline' 'unsafe-eval' .qq.com .flzhan.com .gtimg.com .share.baidu.com .gtimg.cn .qlogo.cn img.hb.aicdn.com pub.idqqimg.com nsclick.baidu.com ajax.googleapis.com .qpic.cn code.jquery.com cdn.bootcss.com creativecommons.org www.w3.org purl.org tnm2.oa.com statics.dnspod.cn doksoft.com js.plus; font-src data: 'self' .qq.com .flzhan.com .gtimg.com .share.baidu.com .gtimg.cn .qlogo.cn img.hb.aicdn.com pub.idqqimg.com nsclick.baidu.com ajax.googleapis.com .qpic.cn code.jquery.com cdn.bootcss.com creativecommons.org www.w3.org purl.org tnm2.oa.com statics.dnspod.cn doksoft.com js.plus; img-src https: data: 'self' .qq.com .flzhan.com .gtimg.com .share.baidu.com .gtimg.cn .qlogo.cn img.hb.aicdn.com pub.idqqimg.com nsclick.baidu.com ajax.googleapis.com .qpic.cn code.jquery.com cdn.bootcss.com creativecommons.org www.w3.org purl.org tnm2.oa.com statics.dnspod.cn doksoft.com js.plus; media-src ; report-uri http://acts.zhan.qq.com/report/jsError;
GET		jquery-1.8.3.min.js zhan.qq.com/js/	0 0

GET H2	200	notfound-bg.png appmedia.qq.com/media/fl/html/syserror/image/	14 KB 14 KB	1899ms 338ms	Image image/png	203.205.136.169 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://appmedia.qq.com/media/fl/html/syserror/image/notfound-bg.png Requested by Host: appmedia.gtimg.com URL: https://appmedia.gtimg.com/media/fl/html/syserror/syserror.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.136.169 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `9e651a6cdb77aaf92f9cb61573384842d632d41c7bf37c99c53322190d3a3d37` Request headers Referer https://appmedia.gtimg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36 Response headers date Thu, 22 Apr 2021 18:36:59 GMT x-cache-lookup Hit From Upstream, Hit From Disktank3 last-modified Sat, 19 Jan 2019 12:19:27 GMT server NWSs vary Origin content-type image/png cache-control max-age=600 x-nws-log-uuid efdbd762-5078-4093-9c6a-0e0f4d51a6af content-length 14062 expires Thu, 22 Apr 2021 18:46:59 GMT
GET H2	200	refresh_bg.png appmedia.qq.com/media/fl/html/syserror/image/	884 B 1 KB	1779ms 218ms	Image image/png	203.205.136.169 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://appmedia.qq.com/media/fl/html/syserror/image/refresh_bg.png Requested by Host: appmedia.gtimg.com URL: https://appmedia.gtimg.com/media/fl/html/syserror/syserror.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 203.205.136.169 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWSs / Resource Hash `afc2fb5e944cf3e94ffec759876f99620641f450a5d169fc4cb205cad60ace33` Request headers Referer https://appmedia.gtimg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36 Response headers date Thu, 22 Apr 2021 18:36:59 GMT x-cache-lookup Hit From Upstream, Hit From Disktank3 last-modified Sat, 19 Jan 2019 12:19:27 GMT server NWSs vary Origin content-type image/png cache-control max-age=600 x-nws-log-uuid 61d75bd0-d12c-402d-aa82-3ce997151ea3 content-length 884 expires Thu, 22 Apr 2021 18:46:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: zhan.qq.com
URL: http://zhan.qq.com/js/jquery-1.8.3.min.js?v=3.5.0816.1103

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2000144183.zhan.qq.com
appmedia.gtimg.com
appmedia.qq.com
zhan.qq.com
zhan.qq.com
111.230.207.246
203.205.136.169
203.205.136.77
9e651a6cdb77aaf92f9cb61573384842d632d41c7bf37c99c53322190d3a3d37
afc2fb5e944cf3e94ffec759876f99620641f450a5d169fc4cb205cad60ace33
ec16b28ec5486baf6d0fbd8b3b5a0c245b700910c566d8b142a52ca24565a397

appmedia.gtimg.com Open in urlscan Pro 203.205.136.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

75 %HTTPS

0 %IPv6

2 Domains

4 Subdomains

3 IPs

1 Countries

17 kBTransfer

18 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Indicators

appmedia.gtimg.com Open in urlscan Pro
203.205.136.77 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

1
Countries

17 kB
Transfer

18 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions