urlscan.io logo urlscan.io
SecurityTrails logo

galcys.asia Open in urlscan Pro
173.82.163.133  Public Scan

Go To Rescan Add Verdict Report
URL: http://galcys.asia/
Submission: On May 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 173.82.163.133, located in United States and belongs to MULTA-ASN1, US. The main domain is galcys.asia.
This is the only time galcys.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 173.82.163.133 35916 (MULTA-ASN1)
2 23.45.239.252 16625 (AKAMAI-AS)
3 2408:8763:0:2... 4837 (CHINA169-...)
10 4
Apex Domain
Subdomains		 Transfer
3 gtimg.cn
vm.gtimg.cn — Cisco Umbrella Rank: 73507
231 KB
2 qq.com
v.qq.com — Cisco Umbrella Rank: 10879
beacon.cdn.qq.com Failed
h.trace.qq.com Failed
11 KB
1 galcys.asia
galcys.asia
80 KB
0 qpic.cn Failed
puui.qpic.cn Failed
10 4
Domain Requested by
3 vm.gtimg.cn v.qq.com
vm.gtimg.cn
2 v.qq.com galcys.asia
vm.gtimg.cn
1 galcys.asia
0 h.trace.qq.com Failed v.qq.com
0 puui.qpic.cn Failed v.qq.com
0 beacon.cdn.qq.com Failed vm.gtimg.cn
10 6

This site contains no links.

Subject Issuer Validity Valid
file.mc.qq.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-17 -
2024-02-17		 a year crt.sh

This page contains 3 frames:

Primary Page: http://galcys.asia/
Frame ID: 4AA812CB97CDD9EAD75A69424D9EAE5A
Requests: 1 HTTP requests in this frame

Frame: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Frame ID: 009DE792CCC8CFC464603BA9B7D8E23E
Requests: 8 HTTP requests in this frame

Frame: https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Frame ID: F5EDF39E847914CD8ED9CB0158975090
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

一个11岁孩子的演讲,惊呆所有人!

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

10
Requests

10 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

4
IPs

3
Countries

321 kB
Transfer

1133 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
galcys.asia/ 		239 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://galcys.asia/
Protocol
HTTP/1.1
Server
173.82.163.133 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
outbound-mail03.vgs.untd.com
Software
nginx /
Resource Hash
3f8491f564413d1fa29bf7b3044380d798fa291a50998f549277d6381257e951

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 May 2023 03:27:08 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS from kangle web server
player.html
v.qq.com/txp/iframe/ Frame 009D 		1 KB
785 B 		Document
General
Check archive.org
Download Go to
Full URL
http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Requested by
Host: galcys.asia
URL: http://galcys.asia/
Protocol
HTTP/1.1
Server
23.45.239.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-239-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8

Request headers

Referer
http://galcys.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=57
Connection
keep-alive
Content-Encoding
gzip
Content-Length
523
Content-Type
text/html
Date
Mon, 29 May 2023 03:27:09 GMT
Expires
Mon, 29 May 2023 03:28:06 GMT
Vary
Accept-Encoding
loader.js
vm.gtimg.cn/thumbplayer/iframe/ Frame 009D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Requested by
Host: v.qq.com
URL: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Protocol
HTTP/1.1
Server
2408:8763:0:221:3a::9 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWSs /
Resource Hash
115cdb279ebcac8a697e6088cb715ecc6be1c74374425ef3343522a1ad3e4268

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 09:24:50 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTg5ODExNDA2MDM3NTY
Connection
keep-alive
Content-Length
1793
X-COS-META-MD5
816b94280871f430b763df0b810778e1
X-Client-Ip
2001:ac8:20:3a00:1012:89e0:241:331c
x-cos-hash-crc64ecma
10421796560334600905
Last-Modified
Fri, 26 May 2023 09:16:08 GMT
Server
NWSs
Etag
"8e1468be997883e00bd81ef64bb6c8387e4b4dc9"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
113.207.69.90
X-NWS-LOG-UUID
5911864201098017721
Accept-Ranges
bytes
Ip
0.0.0.0
superplayer.js
vm.gtimg.cn/thumbplayer/superplayer/ Frame 009D 		852 KB
225 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Protocol
HTTP/1.1
Server
2408:8763:0:221:3a::9 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWSs /
Resource Hash
08306d539a33d7ef659c80843e2ab0ef995aeef58857e399f79c32ffe03678d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 09:20:06 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTg5ODExNDEzNjg5MjQ
Connection
keep-alive
Content-Length
229455
X-COS-META-MD5
bea2a54221cac29aed0d80b2f228f720
X-Client-Ip
2001:ac8:20:3a00:1012:89e0:241:331c
x-cos-hash-crc64ecma
17810751184095365176
Last-Modified
Fri, 26 May 2023 09:16:08 GMT
Server
NWSs
Etag
"a769f4565011c25cfe30131cfa38e9b7ab9d61a0"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
113.207.69.90
X-NWS-LOG-UUID
701985860911630290
Accept-Ranges
bytes
Ip
0.0.0.0
iframe.js
vm.gtimg.cn/thumbplayer/iframe/ Frame 009D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vm.gtimg.cn/thumbplayer/iframe/iframe.js
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Protocol
HTTP/1.1
Server
2408:8763:0:221:3a::9 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software
NWSs /
Resource Hash
a519969c13128726a00dc1a69ed2a22e150a2faca2903437cec43abb9e1ba39e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Fri, 26 May 2023 09:21:08 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTg5ODExNDA1OTk3OTI
Connection
keep-alive
Content-Length
2757
X-COS-META-MD5
d99abfc3819911836a616b499186d4d6
X-Client-Ip
2001:ac8:20:3a00:1012:89e0:241:331c
x-cos-hash-crc64ecma
1026459037240515741
Last-Modified
Fri, 26 May 2023 09:16:08 GMT
Server
NWSs
Etag
"9073a14ee2a15054388017f267f4a3be6030d5b6"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
113.207.69.90
X-NWS-LOG-UUID
11942798190444507710
Accept-Ranges
bytes
Ip
0.0.0.0
thumbplayer-offline-log.html
v.qq.com/ Frame F5ED 		30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.239.252 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-239-252.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77c1abf8df498bcd9e3dabbc1e8c816b49938b953d95cc6c8aaf71e1da37f08f

Request headers

Referer
http://v.qq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=18
content-encoding
gzip
content-length
9962
content-type
text/html
date
Mon, 29 May 2023 03:27:13 GMT
expires
Mon, 29 May 2023 03:27:31 GMT
vary
Accept-Encoding
object
v.qq.com/cache/wuji/ Frame 009D 		0
0
beacon_web.min.js
beacon.cdn.qq.com/sdk/4.5.16/ Frame 009D 		0
0
k01591bfgpf_hz.jpg
puui.qpic.cn/vpic_cover/k01591bfgpf/ Frame 009D 		0
0
kv
h.trace.qq.com/ Frame 009D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
v.qq.com
URL
http://v.qq.com/cache/wuji/object?appid=tenvideo_offline_log&schemaid=whileList&schemakey=d5dccc35902346b2bdcbcef774fefe99&include=encryptValue%2Ctype%2CerrorCode%2Crate&filter=projectId%3D%2270201%22&otype=jsonp&callback=offline_log1
Domain
beacon.cdn.qq.com
URL
http://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js
Domain
puui.qpic.cn
URL
http://puui.qpic.cn/vpic_cover/k01591bfgpf/k01591bfgpf_hz.jpg
Domain
h.trace.qq.com
URL
https://h.trace.qq.com/kv?attaid=01600067755&token=1774713244&topUrl=http%3A%2F%2Fgalcys.asia%2F&iframeUrl=http%3A%2F%2Fv.qq.com%2Ftxp%2Fiframe%2Fplayer.html%3Forigin%3Dhttps%3A%2F%2Fmp.weixin.qq.com%26chid%3D17%26vid%3Dk01591bfgpf%26autoplay%3Dfalse%26full%3Dtrue%26show1080p%3Dfalse%26isDebugIframe%3Dfalse&oldPlayer=0&topDomain=galcys.asia&_dc=0.2748706666298175

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

2 Cookies

Domain/Path Name / Value
galcys.asia/ Name: XSRF-TOKEN
Value: eyJpdiI6IkxTTUY2VndlQmlpd3Iwa0RhbEIyRUE9PSIsInZhbHVlIjoiRklvM0dxWHhDWVlES1VNZ0FyS2VrSllGNlZPZERCM0piSmNMbnJuUitZZjZFakJhNFpLTld5b1lqN0JaL0QwRWRTSW9Ma05MTiszTVpyNThZdVYrTXRNdWp6NE84M0ZEVlpTaTV6RGRlUlBwYWhYa1V6ekhMWitIeVIrWXIzREwiLCJtYWMiOiI3YWE3NmIyMWViYWZhMTJjMWJkY2IyZjEzYWUyY2JkMTRkYmUxNGI5YzQ0YTdjNDBkZDJkMzRlYjkyMjA5OTgyIn0%3D
galcys.asia/ Name: laravel_session
Value: eyJpdiI6Ikk5cGNnOCs1KzNwdFU3ejhqdDVqK1E9PSIsInZhbHVlIjoiRG56N2xpSUtSL3VxRUVkNXFhaC9qY1pYNGVPODE3Y1VJaTFCbkFSU2ZZVXUvSEZ6cTNLdTlXMTk4N2RBN3RpYk04dUQ3RWtHUzZ4VHUxSnpIb3ZwQ0o4SmZPK3pNNzdMdHNlcGhUbFcrR012MExQaTdIeXdReUs0ZytLcmo0bjkiLCJtYWMiOiIyM2M0MDE1ZGY1NjM1ZWNkY2U3YzNmMjQ5ODUxOTM3MzRjMmMxNDYzOTJhNTUzMDgzNmE0NGYzMTJlYjE3ZGNkIn0%3D

2 Console Messages

Source Level URL
Text
other warning URL: http://galcys.asia/(Line 27)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error URL: http://vm.gtimg.cn/thumbplayer/iframe/iframe.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://mp.weixin.qq.com') does not match the recipient window's origin ('http://galcys.asia').