galcys.asia - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 173.82.163.133, located in United States and belongs to MULTA-ASN1, US. The main domain is galcys.asia.

This is the only time galcys.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	173.82.163.133 173.82.163.133	35916 (MULTA-ASN1) (MULTA-ASN1)
1	23.201.243.171 23.201.243.171	16625 (AKAMAI-AS) (AKAMAI-AS)
2	203.205.137.58 203.205.137.58	() ()
5	4

1 173.82.163.133 (United States)

ASN35916 (MULTA-ASN1, US)
PTR: outbound-mail03.vgs.untd.com

galcys.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.243.171 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-243-171.deploy.static.akamaitechnologies.com

v.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.205.137.58 (None, )

ASN- ()

vm.gtimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	gtimg.cn vm.gtimg.cn	224 KB
1	qq.com v.qq.com — Cisco Umbrella Rank: 9050	785 B
1	galcys.asia galcys.asia	80 KB
5	3

	Domain	Requested by
2	vm.gtimg.cn	v.qq.com vm.gtimg.cn
1	v.qq.com	galcys.asia
1	galcys.asia
5	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://galcys.asia/
Frame ID: 910CE3B5E63FA9A5307EBAC942AD8A5F
Requests: 1 HTTP requests in this frame

Frame: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Frame ID: 842FBDF0AC2A300CE5641EDE9D2B083C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

一个11岁孩子的演讲，惊呆所有人！

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

5
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

304 kB
Transfer

1085 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response galcys.asia/	239 KB 80 KB	1619ms 362ms	Document text/html	173.82.163.133 MULTA-ASN1
General Check archive.org Show headers Download Go to Full URL http://galcys.asia/ Protocol HTTP/1.1 Server 173.82.163.133 , United States, ASN35916 (MULTA-ASN1, US), Reverse DNS outbound-mail03.vgs.untd.com Software nginx / Resource Hash `3f8491f564413d1fa29bf7b3044380d798fa291a50998f549277d6381257e951` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control no-cache, private Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 16 May 2023 03:27:25 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Cache MISS from kangle web server
GET H/1.1	200 OK	player.html Show response v.qq.com/txp/iframe/ Frame 842F	1 KB 785 B	1024ms 542ms	Document text/html	23.201.243.171 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false Requested by Host: galcys.asia URL: http://galcys.asia/ Protocol HTTP/1.1 Server 23.201.243.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-201-243-171.deploy.static.akamaitechnologies.com Software / Resource Hash `7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8` Request headers Referer http://galcys.asia/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control max-age=57 Connection keep-alive Content-Encoding gzip Content-Length 523 Content-Type text/html Date Tue, 16 May 2023 03:27:27 GMT Expires Tue, 16 May 2023 03:28:24 GMT Vary Accept-Encoding
GET H/1.1	200 OK	loader.js Show response vm.gtimg.cn/thumbplayer/iframe/ Frame 842F	4 KB 3 KB	3252ms 196ms	Script application/javascript	203.205.137.58
General Check archive.org Show headers Download Go to Full URL http://vm.gtimg.cn/thumbplayer/iframe/loader.js Requested by Host: v.qq.com URL: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false Protocol HTTP/1.1 Server 203.205.137.58 -, , ASN (), Reverse DNS Software NWSs / Resource Hash `e72838575816ac688c213588601688cc07d73499f1a4161194167c22c5f10174` Request headers accept-language de-DE,de;q=0.9 Referer http://v.qq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Date Fri, 12 May 2023 11:58:13 GMT Content-Encoding gzip x-cos-object-type normal X-Cache-Lookup Cache Hit X-Real-Ip 80.255.10.203 x-cos-storage-class STANDARD_IA x-cos-version-id MTg0NDUwNjAxODEzMzI5NzE2MDI Connection keep-alive Content-Length 1795 X-COS-META-MD5 19e1f9882be2a590100bf680bc41b368 X-Client-Ip 80.255.10.203 x-cos-hash-crc64ecma 5603078859770164198 Last-Modified Fri, 12 May 2023 11:52:56 GMT Server NWSs Etag "49de6b2b8cdabaf65928b78bc366849e9ff2c627" Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Client-Ip, X-Server-Ip, X-Upstream-Ip X-Server-Ip 203.205.137.58_eth0 X-NWS-LOG-UUID 17797683849211425689 Accept-Ranges bytes Ip 0.0.0.0 X-Upstream-Ip $upstream_server
GET H/1.1	200 OK	superplayer.js vm.gtimg.cn/thumbplayer/superplayer/ Frame 842F	841 KB 221 KB	197ms 197ms	Script application/javascript	203.205.137.58
General Check archive.org Show headers Download Go to Full URL http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js Requested by Host: vm.gtimg.cn URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js Protocol HTTP/1.1 Server 203.205.137.58 -, , ASN (), Reverse DNS Software NWSs / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://v.qq.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Date Fri, 12 May 2023 11:59:13 GMT Content-Encoding gzip x-cos-object-type normal X-Cache-Lookup Cache Hit X-Real-Ip 80.255.10.203 x-cos-storage-class STANDARD_IA x-cos-version-id MTg0NDUwNjAxODEzMzI5MjM5OTg Connection keep-alive Content-Length 225621 X-COS-META-MD5 11248ef69c4bc98fde18fa7192677727 X-Client-Ip 80.255.10.203 x-cos-hash-crc64ecma 1864237433589960414 Last-Modified Fri, 12 May 2023 11:52:56 GMT Server NWSs Etag "bc80f559408a117fe8c62aa5ce694d6d92719270" Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Client-Ip, X-Server-Ip, X-Upstream-Ip X-Server-Ip 203.205.137.58_eth0 X-NWS-LOG-UUID 17067729164643565691 Accept-Ranges bytes Ip 0.0.0.0 X-Upstream-Ip $upstream_server
GET		iframe.js vm.gtimg.cn/thumbplayer/iframe/ Frame 842F	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/iframe/iframe.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			galcys.asia/	1970-01-20 11:50:14	Name: XSRF-TOKEN Value: eyJpdiI6IjR5MEwyNE5ZMHhSdjc1aHlpK2VyQlE9PSIsInZhbHVlIjoiUlNEaVBsVlNIZ3RhSnRqdWlXOHVmYmtxWHlIcnEya1pwcFlXbVF0b09wYVZkTUw2QTRpcE4yV0F4aTdUTE5RNFFLRzNqR3RreEtRd2ZjbzVENTJQbTZqYWhsZGRnbmVDdVJHY1lMR21MR0J5a0JLcWNlcFl2T2VQTkNCVTVkREUiLCJtYWMiOiI1ZTE4ZDkwODE0ZmNiZTA0NmI3MmY0OWJkNjdkYWRiODQ1MTBhNjg3OGFhM2E0MjlkNDM2Y2I2Njk5MjY0NjQxIn0%3D
			galcys.asia/	1970-01-20 11:50:14	Name: laravel_session Value: eyJpdiI6InowZDdxckRjWnFQRTVxdm1aRk5oK3c9PSIsInZhbHVlIjoicG5LeUovMnRZWDFmZ2tGMFZzbmdiaDlvam9tb3g2cWovZEFvRjVmUDB6VU05eGJGZWxTRHBMUkNqRWhrZWhjV1Z2bXB3VGRlc3Vjckp6QjRBbDlXVnFQQU5NWWNFcFBINUhyZUpTdGEwdmgvSC81Wi9jaHhSU3Q1QWhnU1pqSlQiLCJtYWMiOiJlZGVjZTI0ZWY5NDE2NGM1YTIyODNiNzYyZTI4ZmU1MGM2ZWMzNzRhYjI0MTU5NjFiODdlOWJiOGY1Yzc2NTAzIn0%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://galcys.asia/(Line 27) Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

galcys.asia
v.qq.com
vm.gtimg.cn
vm.gtimg.cn
173.82.163.133
203.205.137.58
23.201.243.171
3f8491f564413d1fa29bf7b3044380d798fa291a50998f549277d6381257e951
7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8
e72838575816ac688c213588601688cc07d73499f1a4161194167c22c5f10174

galcys.asia Open in urlscan Pro 173.82.163.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

5 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

304 kBTransfer

1085 kBSize

2 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

galcys.asia Open in urlscan Pro
173.82.163.133 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

304 kB
Transfer

1085 kB
Size

2
Cookies

5 HTTP transactions
0 data transactions