galcys.asia Open in urlscan Pro
173.82.163.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://galcys.asia/
Submission: On June 12 via api (June 12th 2023, 3:27:06 am UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 173.82.163.48, located in United States and belongs to MULTA-ASN1, US. The main domain is galcys.asia.

This is the only time galcys.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	173.82.163.48 173.82.163.48	35916 (MULTA-ASN1) (MULTA-ASN1)
1	203.205.137.236 203.205.137.236	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
3	2408:8726:100... 2408:8726:1001:182::47	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
8	4

1 173.82.163.48 (United States)

ASN35916 (MULTA-ASN1, US)
PTR: host2.introducedstyle.space

galcys.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.205.137.236 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

v.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2408:8726:1001:182::47 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

vm.gtimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gtimg.cn vm.gtimg.cn — Cisco Umbrella Rank: 61341	255 KB
1	qq.com v.qq.com — Cisco Umbrella Rank: 8951 beacon.cdn.qq.com Failed	1 KB
1	galcys.asia galcys.asia	80 KB
8	3

	Domain	Requested by
3	vm.gtimg.cn	v.qq.com vm.gtimg.cn
1	v.qq.com	galcys.asia vm.gtimg.cn
1	galcys.asia
0	beacon.cdn.qq.com Failed	vm.gtimg.cn
8	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 3 frames:

Primary Page: http://galcys.asia/
Frame ID: 46800403B0ACD2A39D476B1DE56EBB40
Requests: 1 HTTP requests in this frame

Frame: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Frame ID: D7D2E1C0D97E98061DCDBA8E91655653
Requests: 6 HTTP requests in this frame

Frame: https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Frame ID: 89F954742CE1C13F051AD24D69FD7028
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

一个11岁孩子的演讲，惊呆所有人！

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

8
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

336 kB
Transfer

1144 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response galcys.asia/	239 KB 80 KB	2908ms 206ms	Document text/html	173.82.163.48 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL http://galcys.asia/ Protocol HTTP/1.1 Server 173.82.163.48 , United States, ASN35916 (MULTA-ASN1, US), Reverse DNS host2.introducedstyle.space Software nginx / Resource Hash `3f8491f564413d1fa29bf7b3044380d798fa291a50998f549277d6381257e951` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control no-cache, private Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 12 Jun 2023 03:26:59 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS from kangle web server
GET H/1.1	200 OK	player.html Show response v.qq.com/txp/iframe/ Frame D7D2	1 KB 1 KB	2766ms 309ms	Document text/html	203.205.137.236 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false Requested by Host: galcys.asia URL: http://galcys.asia/ Protocol HTTP/1.1 Server 203.205.137.236 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software nws_static_mid / Resource Hash `7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8` Request headers Referer http://galcys.asia/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Access-Control-Expose-Headers X-Client-Ip X-Server-Ip X-Upstream-Ip Date Cache-Control max-age=60 Connection keep-alive Content-Encoding gzip Content-Length 523 Content-Type text/html Date Mon, 12 Jun 2023 03:27:02 GMT Expires Mon, 12 Jun 2023 03:28:02 GMT Last-Modified Mon, 12 Jun 2023 03:20:00 GMT Server nws_static_mid X-Cache-Lookup Hit From Disktank Gz Hit From Inner Cluster Hit From Upstream X-Client-Ip 217.64.151.9 X-NWS-LOG-UUID 6017239436269261812 5b2e8d0495ca80418d555a6d87cb702d X-NWS-UUID-VERIFY 38129a6c36d63651c727a2403ec632b4 X-Server-Ip 203.205.137.236 X-UA-Compatible IE=Edge X-Upstream-Ip 203.205.248.90:80 X-Verify-Code b653dc1fde723d071d1532cd0649fed9
GET H/1.1	200 OK	loader.js Show response vm.gtimg.cn/thumbplayer/iframe/ Frame D7D2	4 KB 2 KB	1606ms 128ms	Script application/javascript	2408:8726:1001:182::47 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://vm.gtimg.cn/thumbplayer/iframe/loader.js Requested by Host: v.qq.com URL: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false Protocol HTTP/1.1 Server 2408:8726:1001:182::47 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software NWSs / Resource Hash `ec726137dc5061c98983768576ec537338b7103d2b4bf0c6dcb495cc2b633753` Request headers accept-language de-DE,de;q=0.9 Referer http://v.qq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Fri, 09 Jun 2023 06:42:07 GMT Content-Encoding gzip x-cos-object-type normal X-Cache-Lookup Cache Hit x-cos-storage-class STANDARD_IA x-cos-version-id MTg0NDUwNTc3ODA4Njk1Nzk5NTE Connection keep-alive Content-Length 1794 X-COS-META-MD5 a306622f052ac9838a5e49e521d59e07 X-Client-Ip 2001:ac8:20:3c00:1011:2277:9b9c:9149 x-cos-hash-crc64ecma 16699070750856204093 Last-Modified Fri, 09 Jun 2023 06:40:39 GMT Server NWSs Etag "c3f433e14716432967a7d5edf91c3d488b6683ca" Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Client-Ip,X-Server-Ip,X-Upstream-Ip X-Server-IP 221.204.43.213 X-NWS-LOG-UUID 17786839384957124772 Accept-Ranges bytes Ip 0.0.0.0
GET H/1.1	200 OK	superplayer.js vm.gtimg.cn/thumbplayer/superplayer/ Frame D7D2	893 KB 249 KB	149ms 149ms	Script application/javascript	2408:8726:1001:182::47 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js Requested by Host: vm.gtimg.cn URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js Protocol HTTP/1.1 Server 2408:8726:1001:182::47 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software NWSs / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://v.qq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Fri, 09 Jun 2023 06:41:44 GMT Content-Encoding gzip x-cos-object-type normal X-Cache-Lookup Cache Hit x-cos-storage-class STANDARD_IA x-cos-version-id MTg0NDUwNTc3ODA4Njk1MjM4ODk Connection keep-alive Content-Length 254023 X-COS-META-MD5 a5dc673ee2e2846d3cfa3deff71fd2f6 X-Client-Ip 2001:ac8:20:3c00:1011:2277:9b9c:9149 x-cos-hash-crc64ecma 8356136107017409084 Last-Modified Fri, 09 Jun 2023 06:40:40 GMT Server NWSs Etag "5c93261f45e9db34048418c724d92685e4b5fd5d" Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Client-Ip,X-Server-Ip,X-Upstream-Ip X-Server-IP 221.204.43.213 X-NWS-LOG-UUID 14977709503305339501 Accept-Ranges bytes Ip 0.0.0.0
GET H/1.1	200 OK	iframe.js vm.gtimg.cn/thumbplayer/iframe/ Frame D7D2	7 KB 3 KB	149ms 128ms	Script application/javascript	2408:8726:1001:182::47 CHINA169-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://vm.gtimg.cn/thumbplayer/iframe/iframe.js Requested by Host: vm.gtimg.cn URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js Protocol HTTP/1.1 Server 2408:8726:1001:182::47 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN), Reverse DNS Software NWSs / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://v.qq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Fri, 09 Jun 2023 06:47:09 GMT Content-Encoding gzip x-cos-object-type normal X-Cache-Lookup Cache Hit x-cos-storage-class STANDARD_IA x-cos-version-id MTg0NDUwNTc3ODA4Njk1Nzg3NTk Connection keep-alive Content-Length 2757 X-COS-META-MD5 73a2dce8c489f2450ef63d9bd57ccc38 X-Client-Ip 2001:ac8:20:3c00:1011:2277:9b9c:9149 x-cos-hash-crc64ecma 13129315008320578300 Last-Modified Fri, 09 Jun 2023 06:40:39 GMT Server NWSs Etag "00a4ca706419b23b047ea740ec2ff3ac07a86475" Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Client-Ip,X-Server-Ip,X-Upstream-Ip X-Server-IP 221.204.43.213 X-NWS-LOG-UUID 1910831577027077571 Accept-Ranges bytes Ip 0.0.0.0
GET		thumbplayer-offline-log.html v.qq.com/ Frame 89F9	0 0

GET		object v.qq.com/cache/wuji/ Frame D7D2	0 0

GET		beacon_web.min.js beacon.cdn.qq.com/sdk/4.5.16/ Frame D7D2	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: v.qq.com
URL: https://v.qq.com/thumbplayer-offline-log.html?max_age=3600

Domain: v.qq.com
URL: http://v.qq.com/cache/wuji/object?appid=tenvideo_offline_log&schemaid=whiteListV2&schemakey=97c0ff59f25543e282072b75e4c287f7&otype=jsonp&filter=platform%3D%5B%2270201%22%5D%26enable%3Dtrue&callback=offline_log1

Domain: beacon.cdn.qq.com
URL: http://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			galcys.asia/	1970-01-20 12:29:07	Name: XSRF-TOKEN Value: eyJpdiI6IjR5b1RoSFZrQ1lkK1dKL2NMcW5BSkE9PSIsInZhbHVlIjoicVYrWkp5QmdFNnJwVGxWWWpuTlljUTY4Z3ZUK3dZbURkSitmSVVyMklWa240a1JyeXdLQWhyZTJmVlJEM3ZIcGtYaFUvOHlXeHVIK1E1Q0dMd1dWcjdQeHErM0Fmc01PaDJSNFlmNCs0c2hHZGZVUW1HRC9udGJ3ckJYbE9CZnQiLCJtYWMiOiIzNjI3MDU3NzIzMTk0YmI2Yjk2MTE2NjJhYTlkN2E3ZjIyMWU1YWFkYWNiZTRmNzc3OTQ5ODM5MGI1YjhlMGUzIn0%3D
			galcys.asia/	1970-01-20 12:29:07	Name: laravel_session Value: eyJpdiI6IkFTWGJXQms4aDdGQ0crVFhqYkp1UGc9PSIsInZhbHVlIjoiWnVvZG9vRzlMeWZHUklGRTdjK1o3UXgxUVo1WmZIajRCN3NtWWpkN0w4bmFJQzZjcjBUcGlaZmdMUUo3MW9Cb1pPbklBUXY4ZUh6eDBoSmVnc3IyK1Fqb1ZNd2I5V2JWeGhYaVNHRk1RaW9CcTBiWXI3Q2hZaGRnTlpaM0NUVzkiLCJtYWMiOiJmZjdmNWQxM2JjZDJjOWJmZGY5ZDZjMWY5YmZmN2VjMWM1YjQxMTdkYjllOTVkYzNlMTE2MjdlOTk4YTMyZTM5In0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://galcys.asia/(Line 27) Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.cdn.qq.com
galcys.asia
v.qq.com
vm.gtimg.cn
beacon.cdn.qq.com
v.qq.com
173.82.163.48
203.205.137.236
2408:8726:1001:182::47
3f8491f564413d1fa29bf7b3044380d798fa291a50998f549277d6381257e951
7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8
ec726137dc5061c98983768576ec537338b7103d2b4bf0c6dcb495cc2b633753

galcys.asia Open in urlscan Pro 173.82.163.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

336 kBTransfer

1144 kBSize

2 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

galcys.asia Open in urlscan Pro
173.82.163.48 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

336 kB
Transfer

1144 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions