galcys.asia Open in urlscan Pro
173.82.163.48 Public Scan

URL:
http://galcys.asia/
Submission: On May 01 via api (May 1st 2023, 3:27:07 am UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 173.82.163.48, located in United States and belongs to MULTA-ASN1, US. The main domain is galcys.asia.

This is the only time galcys.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	173.82.163.48 173.82.163.48	35916 (MULTA-ASN1) (MULTA-ASN1)
2	203.205.137.236 203.205.137.236	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
3	203.205.137.72 203.205.137.72	() ()
10	4

1 173.82.163.48 (United States)

ASN35916 (MULTA-ASN1, US)
PTR: host2.introducedstyle.space

galcys.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.205.137.236 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

v.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 203.205.137.72 (None, )

ASN- ()

vm.gtimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gtimg.cn vm.gtimg.cn	219 KB
2	qq.com v.qq.com — Cisco Umbrella Rank: 6476 beacon.cdn.qq.com Failed h.trace.qq.com Failed	2 KB
1	galcys.asia galcys.asia	80 KB
0	qpic.cn Failed puui.qpic.cn Failed
10	4

	Domain	Requested by
3	vm.gtimg.cn	v.qq.com vm.gtimg.cn
2	v.qq.com	galcys.asia vm.gtimg.cn
1	galcys.asia
0	h.trace.qq.com Failed	v.qq.com
0	puui.qpic.cn Failed	v.qq.com
0	beacon.cdn.qq.com Failed	vm.gtimg.cn
10	6

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 3 frames:

Primary Page: http://galcys.asia/
Frame ID: A7EA0C8F6217759E7CD5E05107563385
Requests: 1 HTTP requests in this frame

Frame: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Frame ID: D23819A69B94E72010DB389686F5E73C
Requests: 8 HTTP requests in this frame

Frame: https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Frame ID: C1A242CA53F37811D7CED490F0DD2E08
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

一个11岁孩子的演讲，惊呆所有人！

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

300 kB
Transfer

1071 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response galcys.asia/	239 KB 80 KB	2667ms 401ms	Document text/html	173.82.163.48 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL http://galcys.asia/ Protocol HTTP/1.1 Server 173.82.163.48 , United States, ASN35916 (MULTA-ASN1, US), Reverse DNS host2.introducedstyle.space Software nginx / Resource Hash `3f8491f564413d1fa29bf7b3044380d798fa291a50998f549277d6381257e951` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control no-cache, private Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 01 May 2023 03:27:01 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS from kangle web server
GET H/1.1	200 OK	player.html Show response v.qq.com/txp/iframe/ Frame D238	1 KB 1 KB	2063ms 309ms	Document text/html	203.205.137.236 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false Requested by Host: galcys.asia URL: http://galcys.asia/ Protocol HTTP/1.1 Server 203.205.137.236 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_UGC_HY / Resource Hash `7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8` Request headers Referer http://galcys.asia/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Access-Control-Expose-Headers X-Client-Ip X-Server-Ip X-Upstream-Ip Date Cache-Control max-age=60 Connection keep-alive Content-Encoding gzip Content-Length 523 Content-Type text/html Date Mon, 01 May 2023 03:27:02 GMT Expires Mon, 01 May 2023 03:28:02 GMT Last-Modified Mon, 01 May 2023 03:20:00 GMT Server NWS_UGC_HY X-Cache-Lookup Hit From Upstream Hit From Disktank3 Gz X-Client-Ip 217.138.194.163 X-NWS-LOG-UUID 15492281528728262699 5b2e8d0495ca80418d555a6d87cb702d X-Server-Ip 203.205.137.236 X-UA-Compatible IE=Edge
GET H/1.1	200 OK	loader.js Show response vm.gtimg.cn/thumbplayer/iframe/ Frame D238	4 KB 3 KB	1669ms 250ms	Script application/javascript	203.205.137.72
General Check archive.org Show headers Download Go to Full URL http://vm.gtimg.cn/thumbplayer/iframe/loader.js Requested by Host: v.qq.com URL: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false Protocol HTTP/1.1 Server 203.205.137.72 -, , ASN (), Reverse DNS Software NWSs / Resource Hash `67ac7387204cc7f6b0229d5165a18c9dae0772eab23c5e3b53540c3fc1e204b6` Request headers accept-language de-DE,de;q=0.9 Referer http://v.qq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Wed, 26 Apr 2023 03:02:35 GMT Content-Encoding gzip x-cos-object-type normal X-Cache-Lookup Cache Hit X-Real-Ip 217.138.194.163 x-cos-storage-class STANDARD_IA x-cos-version-id MTg0NDUwNjE1OTU2ODg3NDgxMjY Connection keep-alive Content-Length 1794 X-COS-META-MD5 9eb64396e3eca6da0cb4c3153bd104f9 X-Client-Ip 217.138.194.163 x-cos-hash-crc64ecma 9774447312156034907 Last-Modified Wed, 26 Apr 2023 03:00:20 GMT Server NWSs Etag "9a6849ca4f0eda575d92a4865c848756ecbb05e4" Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Client-Ip, X-Server-Ip, X-Upstream-Ip X-Server-Ip 203.205.137.72_eth0 X-NWS-LOG-UUID 9332194995413453776 Accept-Ranges bytes Ip 0.0.0.0 X-Upstream-Ip $upstream_server
GET H/1.1	200 OK	superplayer.js Show response vm.gtimg.cn/thumbplayer/superplayer/ Frame D238	820 KB 212 KB	250ms 250ms	Script application/javascript	203.205.137.72
General Check archive.org Show headers Download Go to Full URL http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js Requested by Host: vm.gtimg.cn URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js Protocol HTTP/1.1 Server 203.205.137.72 -, , ASN (), Reverse DNS Software NWSs / Resource Hash `29d3da81cc99357bc14a380681be3a5c521aec751fc4cea98d4989af9f492c37` Request headers accept-language de-DE,de;q=0.9 Referer http://v.qq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Wed, 26 Apr 2023 03:02:50 GMT Content-Encoding gzip x-cos-object-type normal X-Cache-Lookup Cache Hit X-Real-Ip 217.138.194.163 x-cos-storage-class STANDARD_IA x-cos-version-id MTg0NDUwNjE1OTU2ODg2ODYwMjY Connection keep-alive Content-Length 216659 X-COS-META-MD5 c567261ed88f14ffff3e8c5be6945015 X-Client-Ip 217.138.194.163 x-cos-hash-crc64ecma 15346385933520469319 Last-Modified Wed, 26 Apr 2023 03:00:20 GMT Server NWSs Etag "9f3f51f81a3196760b7afbd073074fc27c67dfbe" Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Client-Ip, X-Server-Ip, X-Upstream-Ip X-Server-Ip 203.205.137.72_eth0 X-NWS-LOG-UUID 6754619274684462536 Accept-Ranges bytes Ip 0.0.0.0 X-Upstream-Ip $upstream_server
GET H/1.1	200 OK	iframe.js Show response vm.gtimg.cn/thumbplayer/iframe/ Frame D238	7 KB 4 KB	253ms 253ms	Script application/javascript	203.205.137.72
General Check archive.org Show headers Download Go to Full URL http://vm.gtimg.cn/thumbplayer/iframe/iframe.js Requested by Host: vm.gtimg.cn URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js Protocol HTTP/1.1 Server 203.205.137.72 -, , ASN (), Reverse DNS Software NWSs / Resource Hash `35e57926fbeb0f32db69d8030ebd5feebfacfedfbe8d6aca0d63746c0c1968e1` Request headers accept-language de-DE,de;q=0.9 Referer http://v.qq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Wed, 26 Apr 2023 03:02:48 GMT Content-Encoding gzip x-cos-object-type normal X-Cache-Lookup Cache Hit X-Real-Ip 217.138.194.163 x-cos-storage-class STANDARD_IA x-cos-version-id MTg0NDUwNjE1OTU2ODg3NDgzMDg Connection keep-alive Content-Length 2757 X-COS-META-MD5 b832d3ae3de606fb8497d5373016175f X-Client-Ip 217.138.194.163 x-cos-hash-crc64ecma 5223033028909203782 Last-Modified Wed, 26 Apr 2023 03:00:20 GMT Server NWSs Etag "1c62d1f957f19c2ef3651a4b9a78ea1155764e97" Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Client-Ip, X-Server-Ip, X-Upstream-Ip X-Server-Ip 203.205.137.72_eth0 X-NWS-LOG-UUID 16657860664270887740 Accept-Ranges bytes Ip 0.0.0.0 X-Upstream-Ip $upstream_server
GET		thumbplayer-offline-log.html v.qq.com/ Frame C1A2	0 0

GET H/1.1	200 OK	object Show response v.qq.com/cache/wuji/ Frame D238	49 B 724 B	248ms 248ms	Script application/json	203.205.137.236 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL http://v.qq.com/cache/wuji/object?appid=tenvideo_offline_log&schemaid=whileList&schemakey=d5dccc35902346b2bdcbcef774fefe99&include=encryptValue%2Ctype%2CerrorCode%2Crate&filter=projectId%3D%2270201%22&otype=jsonp&callback=offline_log1 Requested by Host: vm.gtimg.cn URL: http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js Protocol HTTP/1.1 Server 203.205.137.236 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_UGC_HY / Resource Hash `d20d84b7545fbde8ca7e28980fb446300a4c22d0e762a0061b66af0b0790140e` Request headers accept-language de-DE,de;q=0.9 Referer http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Expires Mon, 01 May 2023 03:28:06 GMT Date Mon, 01 May 2023 03:27:06 GMT X-Cache-Lookup Hit From Disktank3 Last-Modified Mon, 01 May 2023 03:26:00 GMT Server NWS_UGC_HY Vary Origin, Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Expose-Headers X-Client-Ip, X-Server-Ip, X-Upstream-Ip, Date Cache-Control max-age=60 X-Server-Ip 203.205.137.236 X-NWS-LOG-UUID 3556689970622966046 5b2e8d0495ca80418d555a6d87cb702d Connection keep-alive Content-Length 49 X-Client-Ip 217.138.194.163 X-UA-Compatible IE=Edge
GET		beacon_web.min.js beacon.cdn.qq.com/sdk/4.5.16/ Frame D238	0 0

GET		k01591bfgpf_hz.jpg puui.qpic.cn/vpic_cover/k01591bfgpf/ Frame D238	0 0

GET		kv h.trace.qq.com/ Frame D238	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: v.qq.com
URL: https://v.qq.com/thumbplayer-offline-log.html?max_age=3600

Domain: beacon.cdn.qq.com
URL: http://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js

Domain: puui.qpic.cn
URL: http://puui.qpic.cn/vpic_cover/k01591bfgpf/k01591bfgpf_hz.jpg

Domain: h.trace.qq.com
URL: https://h.trace.qq.com/kv?attaid=01600067755&token=1774713244&topUrl=http%3A%2F%2Fgalcys.asia%2F&iframeUrl=http%3A%2F%2Fv.qq.com%2Ftxp%2Fiframe%2Fplayer.html%3Forigin%3Dhttps%3A%2F%2Fmp.weixin.qq.com%26chid%3D17%26vid%3Dk01591bfgpf%26autoplay%3Dfalse%26full%3Dtrue%26show1080p%3Dfalse%26isDebugIframe%3Dfalse&oldPlayer=0&topDomain=galcys.asia&_dc=0.39658435602459696

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			galcys.asia/	1970-01-20 11:28:38	Name: XSRF-TOKEN Value: eyJpdiI6IkhKSDRIQlZRRXJXaVkvMmtEUGVKN1E9PSIsInZhbHVlIjoiSWVwQVFaRlFEUUg5ZmRDRkxqVG9HcVB6VUlieloyR1FQNUdOd3VEb3FzT0VEOEdaODJaSjRTYWZUa0pTQnB5clV1Mm9PN0JsR0Fsc05OZ3E4YTR3a3ZSSUw4aW12Vk9ZRlg0dTdNMVc5ekxCblkrelJFT0VUclhHTzBBU3JzYlQiLCJtYWMiOiIxMTY2NWNmY2VlY2U5MjI1Y2Q5Yzc0Zjg4MjkzNTAwMDA3OWY0ZjQzYmJlNGU4NGRmZTYxNzcwNzA0OTkxYWQzIn0%3D
			galcys.asia/	1970-01-20 11:28:38	Name: laravel_session Value: eyJpdiI6InNpb2ZPQ24wektsZnJJQmNSTU4xN3c9PSIsInZhbHVlIjoic3lwT3BwRFR4Y0owWFFCLytjVFd4anY2UzVlbC9HaG9zdTRFaTJnNmRmRDI3ZVc2aFlvM0VLT0lOcXJTRXNaZWJGWCtyV05KOHFacHRBSTNvc2pVQU5iTXdNcEc3RngwNUhCM3BTQjRlVG9kOGsrSXVEanRQc21xSW1yR09FdVIiLCJtYWMiOiJiOTQ5Nzg3NmY4Y2IyZmEzMTM4YzBiZjE2OWU3M2Q0ZWMzNWFiYjU5NWQ4NDAyNDVmYmI2MjIzY2M0MmUyMjQxIn0%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://galcys.asia/(Line 27) Message: Allow attribute will take precedence over 'allowfullscreen'.
security	error	URL: http://vm.gtimg.cn/thumbplayer/iframe/iframe.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://mp.weixin.qq.com') does not match the recipient window's origin ('http://galcys.asia').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.cdn.qq.com
galcys.asia
h.trace.qq.com
puui.qpic.cn
v.qq.com
vm.gtimg.cn
beacon.cdn.qq.com
h.trace.qq.com
puui.qpic.cn
v.qq.com
173.82.163.48
203.205.137.236
203.205.137.72
29d3da81cc99357bc14a380681be3a5c521aec751fc4cea98d4989af9f492c37
35e57926fbeb0f32db69d8030ebd5feebfacfedfbe8d6aca0d63746c0c1968e1
3f8491f564413d1fa29bf7b3044380d798fa291a50998f549277d6381257e951
67ac7387204cc7f6b0229d5165a18c9dae0772eab23c5e3b53540c3fc1e204b6
7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8
d20d84b7545fbde8ca7e28980fb446300a4c22d0e762a0061b66af0b0790140e

galcys.asia Open in urlscan Pro 173.82.163.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

4 IPs

2 Countries

300 kBTransfer

1071 kBSize

2 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

galcys.asia Open in urlscan Pro
173.82.163.48 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

2
Countries

300 kB
Transfer

1071 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions