URL: http://galcys.asia/
Submission: On June 09 via api from US — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 173.82.163.133, located in United States and belongs to MULTA-ASN1, US. The main domain is galcys.asia.
This is the only time galcys.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 173.82.163.133 35916 (MULTA-ASN1)
2 23.212.205.27 16625 (AKAMAI-AS)
3 2408:8726:100... 4837 (CHINA169-...)
1 193.108.153.26 ()
10 5
Apex Domain
Subdomains
Transfer
3 gtimg.cn
vm.gtimg.cn — Cisco Umbrella Rank: 61341
254 KB
2 qq.com
v.qq.com — Cisco Umbrella Rank: 8951
beacon.cdn.qq.com Failed
h.trace.qq.com Failed
11 KB
1 qpic.cn
puui.qpic.cn
301 KB
1 galcys.asia
galcys.asia
80 KB
10 4
Domain Requested by
3 vm.gtimg.cn v.qq.com
vm.gtimg.cn
2 v.qq.com galcys.asia
vm.gtimg.cn
1 puui.qpic.cn v.qq.com
1 galcys.asia
0 h.trace.qq.com Failed v.qq.com
0 beacon.cdn.qq.com Failed vm.gtimg.cn
10 6

This site contains no links.

Subject Issuer Validity Valid
file.mc.qq.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-17 -
2024-02-17
a year crt.sh

This page contains 3 frames:

Primary Page: http://galcys.asia/
Frame ID: 3BE1448A096700D272F60197F2888A4F
Requests: 1 HTTP requests in this frame

Frame: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Frame ID: 9AAB3A16E327AC7FBB1772763D0852EB
Requests: 8 HTTP requests in this frame

Frame: https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Frame ID: F43C9FCB77711409245C82AEF9DD2434
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

一个11岁孩子的演讲,惊呆所有人!

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

10
Requests

10 %
HTTPS

25 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

646 kB
Transfer

1473 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
galcys.asia/
239 KB
80 KB
Document
General
Full URL
http://galcys.asia/
Protocol
HTTP/1.1
Server
173.82.163.133 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
outbound-mail03.vgs.untd.com
Software
nginx /
Resource Hash
3f8491f564413d1fa29bf7b3044380d798fa291a50998f549277d6381257e951

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 09 Jun 2023 03:26:49 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS from kangle web server
player.html
v.qq.com/txp/iframe/ Frame 9AAB
1 KB
785 B
Document
General
Full URL
http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Requested by
Host: galcys.asia
URL: http://galcys.asia/
Protocol
HTTP/1.1
Server
23.212.205.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-205-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8

Request headers

Referer
http://galcys.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Length
523
Content-Type
text/html
Date
Fri, 09 Jun 2023 03:26:51 GMT
Expires
Fri, 09 Jun 2023 03:27:51 GMT
Vary
Accept-Encoding
loader.js
vm.gtimg.cn/thumbplayer/iframe/ Frame 9AAB
4 KB
2 KB
Script
General
Full URL
http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Requested by
Host: v.qq.com
URL: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Protocol
HTTP/1.1
Server
2408:8726:1001:182::47 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWSs /
Resource Hash
f45cbc3d32870fbf67cca566f834aeb20693bd74b2e9760a6605da84e389dc81

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 11:11:41 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTc4NTE1MjcxMzU3Njg
Connection
keep-alive
Content-Length
1795
X-COS-META-MD5
33538515cab22cf3f30d4ae75673b3c3
X-Client-Ip
2001:ac8:20:3b00:1011:be7c:680:ed72
x-cos-hash-crc64ecma
12624769162131417914
Last-Modified
Thu, 08 Jun 2023 11:03:02 GMT
Server
NWSs
Etag
"61ea932351b63fa6e93af5c4e48fbdae27678d1f"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
221.204.43.213
X-NWS-LOG-UUID
14380035743366065616
Accept-Ranges
bytes
Ip
0.0.0.0
superplayer.js
vm.gtimg.cn/thumbplayer/superplayer/ Frame 9AAB
892 KB
249 KB
Script
General
Full URL
http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Protocol
HTTP/1.1
Server
2408:8726:1001:182::47 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWSs /
Resource Hash
87e4418b725e07c1e434143551c3ed3d43f47b0f2e603fb985877ba4451b7cd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 11:03:55 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTc4NTE1MjcwMzk1NDg
Connection
keep-alive
Content-Length
253781
X-COS-META-MD5
3dc995dee4d2a77c5c91ac338f0222a2
X-Client-Ip
2001:ac8:20:3b00:1011:be7c:680:ed72
x-cos-hash-crc64ecma
18262494654539606635
Last-Modified
Thu, 08 Jun 2023 11:03:02 GMT
Server
NWSs
Etag
"d467f28d7794f4af4c9f9752b82ff249c9ea3309"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
221.204.43.213
X-NWS-LOG-UUID
7032580179822350988
Accept-Ranges
bytes
Ip
0.0.0.0
iframe.js
vm.gtimg.cn/thumbplayer/iframe/ Frame 9AAB
7 KB
3 KB
Script
General
Full URL
http://vm.gtimg.cn/thumbplayer/iframe/iframe.js
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Protocol
HTTP/1.1
Server
2408:8726:1001:182::47 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWSs /
Resource Hash
1af9d1841df519537c831a73520ae4441618edf6bca0be904846031e2c9e608e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Thu, 08 Jun 2023 11:03:12 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTc4NTE1MjcxNDI0ODc
Connection
keep-alive
Content-Length
2757
X-COS-META-MD5
c8967929c4d556b725dd0df59b113d34
X-Client-Ip
2001:ac8:20:3b00:1011:be7c:680:ed72
x-cos-hash-crc64ecma
4787114371931589343
Last-Modified
Thu, 08 Jun 2023 11:03:02 GMT
Server
NWSs
Etag
"4abd89bca0644f7ccdc1d9fc4d2c505310c8a970"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
221.204.43.213
X-NWS-LOG-UUID
9725363633485532772
Accept-Ranges
bytes
Ip
0.0.0.0
thumbplayer-offline-log.html
v.qq.com/ Frame F43C
30 KB
10 KB
Document
General
Full URL
https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.205.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-205-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
http://v.qq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=37
content-encoding
gzip
content-length
9962
content-type
text/html
date
Fri, 09 Jun 2023 03:26:54 GMT
expires
Fri, 09 Jun 2023 03:27:31 GMT
vary
Accept-Encoding
object
v.qq.com/cache/wuji/ Frame 9AAB
0
0

beacon_web.min.js
beacon.cdn.qq.com/sdk/4.5.16/ Frame 9AAB
0
0

k01591bfgpf_hz.jpg
puui.qpic.cn/vpic_cover/k01591bfgpf/ Frame 9AAB
301 KB
301 KB
Image
General
Full URL
http://puui.qpic.cn/vpic_cover/k01591bfgpf/k01591bfgpf_hz.jpg
Requested by
Host: v.qq.com
URL: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Protocol
HTTP/1.1
Server
193.108.153.26 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7796cf7802d70fd845b001c362249af731e34e93e00ec746383aeb7f4312b64

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

X-DataSrc
7
Date
Fri, 09 Jun 2023 03:26:54 GMT
X-ReqId
MTY4NjA3NjI2MV8wX0Q1NTFGODg5MDM2NDRBNUJCOTlDMTc4MEI3NTg4RDI0
Size
307908
X-RtFlag
1
Connection
keep-alive
Server-Timing
ak_p; desc="1686281214168_389467674_393964101_388_518_12_0_-";dur=1
Content-Length
307908
X-Info
real data
Last-Modified
Sun, 10 Apr 2022 02:18:01 GMT
ETag
"4693d66f874e5b62bb1fc5239c308b1823f22dac"
Vary
Accept
Content-Type
image/png
X-Delay
30624 us
Access-Control-Allow-Origin
*
Cache-Control
max-age=2387044
Timing-Allow-Origin
*
kv
h.trace.qq.com/ Frame 9AAB
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
v.qq.com
URL
http://v.qq.com/cache/wuji/object?appid=tenvideo_offline_log&schemaid=whiteListV2&schemakey=97c0ff59f25543e282072b75e4c287f7&otype=jsonp&filter=platform%3D%5B%2270201%22%5D%26enable%3Dtrue&callback=offline_log1
Domain
beacon.cdn.qq.com
URL
http://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js
Domain
h.trace.qq.com
URL
https://h.trace.qq.com/kv?attaid=01600067755&token=1774713244&topUrl=http%3A%2F%2Fgalcys.asia%2F&iframeUrl=http%3A%2F%2Fv.qq.com%2Ftxp%2Fiframe%2Fplayer.html%3Forigin%3Dhttps%3A%2F%2Fmp.weixin.qq.com%26chid%3D17%26vid%3Dk01591bfgpf%26autoplay%3Dfalse%26full%3Dtrue%26show1080p%3Dfalse%26isDebugIframe%3Dfalse&oldPlayer=0&topDomain=galcys.asia&_dc=0.31494783314125274

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

2 Cookies

Domain/Path Name / Value
galcys.asia/ Name: XSRF-TOKEN
Value: eyJpdiI6IkNhZEZnbHV0VTMzRnJvbmNDYzg1RGc9PSIsInZhbHVlIjoia0QxU2hiRm1UQzJOK2tWSkY5MUJCSjZvamRrTDhrM0FqdmJVaTVtYmd0Ui92WkRiNjdyS2QrTXFvdUQwOUhrQlhaTzZZZjZZR0ZIRU9uWXVYSUJYZ0pINDAySi9YUmRiT21LMEdubWF6dWRWdXE2Qk45bytWRG0yU3cyaDdieHUiLCJtYWMiOiI2N2FiZTc3ZjAxNTE1NjQzYTMzYzgwODM0NmUxYjgwZmNjNDJiMzEwMjhkZDI0YjgxN2UyZmQ3ZDY0NWI0ZDc0In0%3D
galcys.asia/ Name: laravel_session
Value: eyJpdiI6IjdBeXkxbzJwTVhsa3ZnRUJ1bWpRNFE9PSIsInZhbHVlIjoibXAvMGE1TEdQeEE2ZUw0TVgyZGtqak4rRjV1ZGNHOGdJS2l1NVJyVzdJaHNCQjBPdjNOZkd1cXd5MEFna3Z0WWxOYTJCVE55cjA2YWJ1Q2xzYU5DTTFaYlEvL3pRbit0SkZNNmMyYlpFZE5UdWtHclhNQUNmV1lIc3MrTTBzNy8iLCJtYWMiOiJiNjJjZTNmYTJkMWQ4Mjk3YjAyNDA3N2ZiMDJmOTJkNzdhMTJmMTA4NjQ2NTIzMmY0YzNlZDUwMjIzN2M1NWI5In0%3D

2 Console Messages

Source Level URL
Text
other warning URL: http://galcys.asia/(Line 27)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error URL: http://vm.gtimg.cn/thumbplayer/iframe/iframe.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://mp.weixin.qq.com') does not match the recipient window's origin ('http://galcys.asia').