urlscan.io logo urlscan.io
SecurityTrails logo

galcys.asia Open in urlscan Pro
173.82.163.48  Public Scan

Go To Rescan Add Verdict Report
URL: http://galcys.asia/
Submission: On June 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 173.82.163.48, located in United States and belongs to MULTA-ASN1, US. The main domain is galcys.asia.
This is the only time galcys.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 173.82.163.48 35916 (MULTA-ASN1)
3 23.201.243.171 16625 (AKAMAI-AS)
3 2408:8748:c11... ()
10 4
Apex Domain
Subdomains		 Transfer
3 gtimg.cn
vm.gtimg.cn
233 KB
3 qq.com
v.qq.com — Cisco Umbrella Rank: 9184
beacon.cdn.qq.com Failed
h.trace.qq.com Failed
11 KB
1 galcys.asia
galcys.asia
80 KB
0 qpic.cn Failed
puui.qpic.cn Failed
10 4
Domain Requested by
3 vm.gtimg.cn v.qq.com
vm.gtimg.cn
3 v.qq.com galcys.asia
vm.gtimg.cn
1 galcys.asia
0 h.trace.qq.com Failed v.qq.com
0 puui.qpic.cn Failed v.qq.com
0 beacon.cdn.qq.com Failed vm.gtimg.cn
10 6

This site contains no links.

Subject Issuer Validity Valid
file.mc.qq.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-17 -
2024-02-17		 a year crt.sh

This page contains 3 frames:

Primary Page: http://galcys.asia/
Frame ID: 067F099AB67E9BFD2B0280264D80A883
Requests: 1 HTTP requests in this frame

Frame: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Frame ID: 5CFACC99AF1D9368CADD95C40A71B03C
Requests: 8 HTTP requests in this frame

Frame: https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Frame ID: 4F360E4104183431D35E4275429F0539
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

一个11岁孩子的演讲,惊呆所有人!

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

10
Requests

10 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

323 kB
Transfer

1131 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
galcys.asia/ 		239 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://galcys.asia/
Protocol
HTTP/1.1
Server
173.82.163.48 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
host2.introducedstyle.space
Software
nginx /
Resource Hash
3f8491f564413d1fa29bf7b3044380d798fa291a50998f549277d6381257e951

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 04 Jun 2023 03:27:27 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS from kangle web server
player.html
v.qq.com/txp/iframe/ Frame 5CFA 		1 KB
785 B 		Document
General
Check archive.org
Download Go to
Full URL
http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Requested by
Host: galcys.asia
URL: http://galcys.asia/
Protocol
HTTP/1.1
Server
23.201.243.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-243-171.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8

Request headers

Referer
http://galcys.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=55
Connection
keep-alive
Content-Encoding
gzip
Content-Length
523
Content-Type
text/html
Date
Sun, 04 Jun 2023 03:27:28 GMT
Expires
Sun, 04 Jun 2023 03:28:23 GMT
Vary
Accept-Encoding
loader.js
vm.gtimg.cn/thumbplayer/iframe/ Frame 5CFA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Requested by
Host: v.qq.com
URL: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Protocol
HTTP/1.1
Server
2408:8748:c110:333:37::4 -, , ASN (),
Reverse DNS
Software
NWSs /
Resource Hash
dc699a6b2a8023528a6ca87af88e5a27f67179e56c9ade7e3f3b2288164f24d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Fri, 02 Jun 2023 08:29:38 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTgzNzkyNTU4MjI1Mjk
Connection
keep-alive
Content-Length
1794
X-COS-META-MD5
ab099ba38d3704a5fd7c11bcd7897ce1
X-Client-Ip
2a03:1b20:6:f011::7e
x-cos-hash-crc64ecma
957628568654753742
Last-Modified
Fri, 02 Jun 2023 08:27:33 GMT
Server
NWSs
Etag
"32bbdd3eb5e53a820759deaf013d9c9c88f6b6bc"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
36.249.92.119
X-NWS-LOG-UUID
3328541295168740494
Accept-Ranges
bytes
Ip
0.0.0.0
superplayer.js
vm.gtimg.cn/thumbplayer/superplayer/ Frame 5CFA 		850 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Protocol
HTTP/1.1
Server
2408:8748:c110:333:37::4 -, , ASN (),
Reverse DNS
Software
NWSs /
Resource Hash
f603f8ddfe023a0fb212c00f96d49dc94088d110b96fd4991aa1e1080acdf8de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Fri, 02 Jun 2023 08:28:21 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTgzNzkyNTY3NDc1Njk
Connection
keep-alive
Content-Length
231393
X-COS-META-MD5
948bb58c23965cb9136acb27e75aa3e8
X-Client-Ip
2a03:1b20:6:f011::7e
x-cos-hash-crc64ecma
667363191311501570
Last-Modified
Fri, 02 Jun 2023 08:27:32 GMT
Server
NWSs
Etag
"87df84fba0a1673df3a5470479eafdc1e4061c71"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
36.249.92.119
X-NWS-LOG-UUID
10651801791412903913
Accept-Ranges
bytes
Ip
0.0.0.0
iframe.js
vm.gtimg.cn/thumbplayer/iframe/ Frame 5CFA 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vm.gtimg.cn/thumbplayer/iframe/iframe.js
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Protocol
HTTP/1.1
Server
2408:8748:c110:333:37::4 -, , ASN (),
Reverse DNS
Software
NWSs /
Resource Hash
83dc049f4fd14fa72f50cc834ab8be2d56ad93bdbf242cee5a40607c608c9cd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Fri, 02 Jun 2023 08:29:59 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTgzNzkyNTU4MTcyNDk
Connection
keep-alive
Content-Length
2757
X-COS-META-MD5
eb784529182b4c0d19db8f189994fb7e
X-Client-Ip
2a03:1b20:6:f011::7e
x-cos-hash-crc64ecma
6651037642501401270
Last-Modified
Fri, 02 Jun 2023 08:27:33 GMT
Server
NWSs
Etag
"741ebff57abbf97d1edb8a47eb66d9ce6c276b23"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
36.249.92.119
X-NWS-LOG-UUID
3968615321621399812
Accept-Ranges
bytes
Ip
0.0.0.0
thumbplayer-offline-log.html
v.qq.com/ Frame 4F36 		30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.201.243.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-243-171.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77c1abf8df498bcd9e3dabbc1e8c816b49938b953d95cc6c8aaf71e1da37f08f

Request headers

Referer
http://v.qq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=50
content-encoding
gzip
content-length
9962
content-type
text/html
date
Sun, 04 Jun 2023 03:27:32 GMT
expires
Sun, 04 Jun 2023 03:28:22 GMT
vary
Accept-Encoding
object
v.qq.com/cache/wuji/ Frame 5CFA 		49 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
http://v.qq.com/cache/wuji/object?appid=tenvideo_offline_log&schemaid=whiteListV2&schemakey=97c0ff59f25543e282072b75e4c287f7&otype=jsonp&filter=platform%3D%5B%2270201%22%5D%26enable%3Dtrue&callback=offline_log1
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Protocol
HTTP/1.1
Server
23.201.243.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-243-171.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d20d84b7545fbde8ca7e28980fb446300a4c22d0e762a0061b66af0b0790140e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
application/json; charset=utf-8
Date
Sun, 04 Jun 2023 03:27:32 GMT
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
49
Vary
Accept-Encoding
Expires
Sun, 04 Jun 2023 03:27:32 GMT
beacon_web.min.js
beacon.cdn.qq.com/sdk/4.5.16/ Frame 5CFA 		0
0
k01591bfgpf_hz.jpg
puui.qpic.cn/vpic_cover/k01591bfgpf/ Frame 5CFA 		0
0
kv
h.trace.qq.com/ Frame 5CFA 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
beacon.cdn.qq.com
URL
http://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js
Domain
puui.qpic.cn
URL
http://puui.qpic.cn/vpic_cover/k01591bfgpf/k01591bfgpf_hz.jpg
Domain
h.trace.qq.com
URL
https://h.trace.qq.com/kv?attaid=01600067755&token=1774713244&topUrl=http%3A%2F%2Fgalcys.asia%2F&iframeUrl=http%3A%2F%2Fv.qq.com%2Ftxp%2Fiframe%2Fplayer.html%3Forigin%3Dhttps%3A%2F%2Fmp.weixin.qq.com%26chid%3D17%26vid%3Dk01591bfgpf%26autoplay%3Dfalse%26full%3Dtrue%26show1080p%3Dfalse%26isDebugIframe%3Dfalse&oldPlayer=0&topDomain=galcys.asia&_dc=0.9478067358255235

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

2 Cookies

Domain/Path Name / Value
galcys.asia/ Name: XSRF-TOKEN
Value: eyJpdiI6ImxSRDNIaW9nRjBQaTlWSmlqK282MVE9PSIsInZhbHVlIjoiSHI4R1ZEL1NSdDdVeEFBaE4rcXVrUUlsd0hLSEVYZFFNV2JTa0dMRzQ5MlJ4cTVRV3hsUlpVYmFScGtYQnBjTlFrQitnUlk0MG5FcFJwK1BrVElIeG1RMVA1UUFOVmY4SDVXbTdEZVZTTnBZS3RzUWNPR2NSekZzNXdHSDl6Y3YiLCJtYWMiOiJjOTUwOGZjNTVkOTRhZGMxMjcxMzI0NGI1OTI4N2JjZjNmZWMzMDljOWJhODI1Zjk4ZDBiMDc3OTFmNDAyNTAxIn0%3D
galcys.asia/ Name: laravel_session
Value: eyJpdiI6IklYYVhLSzdZcHRFb3phbG9JNzZwblE9PSIsInZhbHVlIjoiT0ZiVzlhaG01ZDVXYzRhUndtTnIyc240cXluVFJXNGcyd0pWZkF0M25ucEd0b0hidW1WWmtubzBWYUNVTEhQaEt2YUN4Zzh2cmdwamRpZWhDSGZxY1pIdlF2algyOTNoTVg4ZXJCc1A0RmxzeUFYb2NTT0F4SXZsdDJESHdpMlYiLCJtYWMiOiJlNjEzMjFhOGYyMTcyN2RhMGFiOTVmOWUzYWIxYjI5OTgwMjViMGMzY2IwYzVkMjM5NjJmZDA3N2MzNTE1ZTIwIn0%3D

2 Console Messages

Source Level URL
Text
other warning URL: http://galcys.asia/(Line 27)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error URL: http://vm.gtimg.cn/thumbplayer/iframe/iframe.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://mp.weixin.qq.com') does not match the recipient window's origin ('http://galcys.asia').