urlscan.io logo urlscan.io
SecurityTrails logo

galcys.asia Open in urlscan Pro
173.82.163.133  Public Scan

Go To Rescan Add Verdict Report
URL: http://galcys.asia/
Submission: On June 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 173.82.163.133, located in United States and belongs to MULTA-ASN1, US. The main domain is galcys.asia.
This is the only time galcys.asia was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 173.82.163.133 35916 (MULTA-ASN1)
3 203.205.137.236 132203 (TENCENT-N...)
3 2408:8763:0:2... ()
1 2.16.202.84 ()
10 5
Apex Domain
Subdomains		 Transfer
3 gtimg.cn
vm.gtimg.cn
255 KB
3 qq.com
v.qq.com — Cisco Umbrella Rank: 8946
beacon.cdn.qq.com Failed
h.trace.qq.com Failed
12 KB
1 qpic.cn
puui.qpic.cn
1 galcys.asia
galcys.asia
80 KB
10 4
Domain Requested by
3 vm.gtimg.cn v.qq.com
vm.gtimg.cn
3 v.qq.com galcys.asia
vm.gtimg.cn
1 puui.qpic.cn v.qq.com
1 galcys.asia
0 h.trace.qq.com Failed v.qq.com
0 beacon.cdn.qq.com Failed v.qq.com
10 6

This site contains no links.

Subject Issuer Validity Valid
*.v.qq.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-12-26 -
2024-01-27		 a year crt.sh

This page contains 3 frames:

Primary Page: http://galcys.asia/
Frame ID: 13EC91A374132F806009B4EA5AEA2D45
Requests: 1 HTTP requests in this frame

Frame: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Frame ID: 947E0E1B6EB39560838CCA1AD1E2C05E
Requests: 8 HTTP requests in this frame

Frame: https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Frame ID: 1BBA528B0C2FE5D84C5A6C8B525F4B26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

一个11岁孩子的演讲,惊呆所有人!

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

10
Requests

10 %
HTTPS

25 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

347 kB
Transfer

1188 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js HTTP 301
  • https://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
galcys.asia/ 		239 KB
80 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://galcys.asia/
Protocol
HTTP/1.1
Server
173.82.163.133 , United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
outbound-mail03.vgs.untd.com
Software
nginx /
Resource Hash
3f8491f564413d1fa29bf7b3044380d798fa291a50998f549277d6381257e951

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Jun 2023 03:26:45 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS from kangle web server
player.html
v.qq.com/txp/iframe/ Frame 947E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Requested by
Host: galcys.asia
URL: http://galcys.asia/
Protocol
HTTP/1.1
Server
203.205.137.236 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
7f037a870a60af20e52d6ea5a36fcb63cb28b471926e792a2756d3c4547881c8

Request headers

Referer
http://galcys.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Expose-Headers
X-Client-Ip X-Server-Ip X-Upstream-Ip Date
Cache-Control
max-age=60
Connection
keep-alive
Content-Encoding
gzip
Content-Length
523
Content-Type
text/html
Date
Tue, 20 Jun 2023 03:26:47 GMT
Expires
Tue, 20 Jun 2023 03:27:47 GMT
Last-Modified
Tue, 20 Jun 2023 03:20:00 GMT
Server
NWS_UGC_HY
X-Cache-Lookup
Hit From Disktank3 Gz
X-Client-Ip
80.255.7.107
X-NWS-LOG-UUID
10129815747052503007 5b2e8d0495ca80418d555a6d87cb702d
X-Server-Ip
203.205.137.236
X-UA-Compatible
IE=Edge
loader.js
vm.gtimg.cn/thumbplayer/iframe/ Frame 947E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Requested by
Host: v.qq.com
URL: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Protocol
HTTP/1.1
Server
2408:8763:0:221:3a::9 -, , ASN (),
Reverse DNS
Software
NWSs /
Resource Hash
1fa0380c467f946d8207fe86ebe39b5768e2e521f29aa569c78a85886b59e396

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 09:42:11 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTcxNjU3MDM3MDcyMjc
Connection
keep-alive
Content-Length
1794
X-COS-META-MD5
2617539ea292bb4d028d131ed8975f27
X-Client-Ip
2a01:4a0:1338:92::7
x-cos-hash-crc64ecma
12632823457375823232
Last-Modified
Fri, 16 Jun 2023 09:33:25 GMT
Server
NWSs
Etag
"d31ea4c92500540ce609c38469963b76efe057bd"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
113.207.69.90
X-NWS-LOG-UUID
3626231310940868031
Accept-Ranges
bytes
Ip
0.0.0.0
superplayer.js
vm.gtimg.cn/thumbplayer/superplayer/ Frame 947E 		894 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Protocol
HTTP/1.1
Server
2408:8763:0:221:3a::9 -, , ASN (),
Reverse DNS
Software
NWSs /
Resource Hash
5da64ebba3406cc493fc318b8164f37130756250f84b9fafd74d4f6bdf20c3b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 09:38:15 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTcxNjU3MDM2NDc5MjY
Connection
keep-alive
Content-Length
254176
X-COS-META-MD5
d76f2e0f4f980f43bef95b77022bc880
X-Client-Ip
2a01:4a0:1338:92::7
x-cos-hash-crc64ecma
5949965932348927735
Last-Modified
Fri, 16 Jun 2023 09:33:25 GMT
Server
NWSs
Etag
"5407ea6f6f2923ec2d6cbc846beb8c0f9c91b6b7"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
113.207.69.90
X-NWS-LOG-UUID
6417341464315640245
Accept-Ranges
bytes
Ip
0.0.0.0
iframe.js
vm.gtimg.cn/thumbplayer/iframe/ Frame 947E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vm.gtimg.cn/thumbplayer/iframe/iframe.js
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/iframe/loader.js
Protocol
HTTP/1.1
Server
2408:8763:0:221:3a::9 -, , ASN (),
Reverse DNS
Software
NWSs /
Resource Hash
1d6c6eaa487aff8741fe48c2e67f14c4d698ee5ed8d09ec58e4c3975d74d8df6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Fri, 16 Jun 2023 09:39:45 GMT
Content-Encoding
gzip
x-cos-object-type
normal
X-Cache-Lookup
Cache Hit
x-cos-storage-class
STANDARD_IA
x-cos-version-id
MTg0NDUwNTcxNjU3MDM3MDQxNjY
Connection
keep-alive
Content-Length
2758
X-COS-META-MD5
7733fd3d329972461b298c9b459a6162
X-Client-Ip
2a01:4a0:1338:92::7
x-cos-hash-crc64ecma
13372952708805593674
Last-Modified
Fri, 16 Jun 2023 09:33:25 GMT
Server
NWSs
Etag
"9bd397d5c8876e486436da46ea19f8ac9da7a274"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Client-Ip,X-Server-Ip,X-Upstream-Ip
X-Server-IP
113.207.69.90
X-NWS-LOG-UUID
13722260528089884011
Accept-Ranges
bytes
Ip
0.0.0.0
thumbplayer-offline-log.html
v.qq.com/ Frame 1BBA 		30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v.qq.com/thumbplayer-offline-log.html?max_age=3600
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.236 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
77c1abf8df498bcd9e3dabbc1e8c816b49938b953d95cc6c8aaf71e1da37f08f

Request headers

Referer
http://v.qq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-expose-headers
X-Client-Ip X-Server-Ip X-Upstream-Ip Date
cache-control
max-age=3600
content-encoding
gzip
content-length
9922
content-type
text/html
date
Tue, 20 Jun 2023 03:26:52 GMT
expires
Tue, 20 Jun 2023 04:26:51 GMT
last-modified
Tue, 20 Jun 2023 03:10:00 GMT
server
NWS_UGC_HY
x-cache-lookup
Hit From Disktank3 Gz
x-client-ip
80.255.7.107
x-nws-log-uuid
1810b804-48eb-4492-b434-10acc3780ec5
x-server-ip
203.205.137.236
x-ua-compatible
IE=Edge
object
v.qq.com/cache/wuji/ Frame 947E 		49 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
http://v.qq.com/cache/wuji/object?appid=tenvideo_offline_log&schemaid=whiteListV2&schemakey=97c0ff59f25543e282072b75e4c287f7&otype=jsonp&filter=platform%3D%5B%2270201%22%5D%26enable%3Dtrue&callback=offline_log1
Requested by
Host: vm.gtimg.cn
URL: http://vm.gtimg.cn/thumbplayer/superplayer/superplayer.js
Protocol
HTTP/1.1
Server
203.205.137.236 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
d20d84b7545fbde8ca7e28980fb446300a4c22d0e762a0061b66af0b0790140e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Tue, 20 Jun 2023 03:26:50 GMT
X-Cache-Lookup
Hit From Disktank3
Connection
keep-alive
Content-Length
49
X-Client-Ip
80.255.7.107
X-UA-Compatible
IE=Edge
Last-Modified
Tue, 20 Jun 2023 03:26:00 GMT
Server
NWS_UGC_HY
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://h5.gdt.qq.com
Access-Control-Expose-Headers
X-Client-Ip, X-Server-Ip, X-Upstream-Ip, Date
Cache-Control
max-age=60
X-Server-Ip
203.205.137.236
X-NWS-LOG-UUID
3628389133320523443 5b2e8d0495ca80418d555a6d87cb702d
Expires
Tue, 20 Jun 2023 03:27:50 GMT
beacon_web.min.js
beacon.cdn.qq.com/sdk/4.5.16/ Frame 947E
Redirect Chain
  • http://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js
  • https://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js
0
0
k01591bfgpf_hz.jpg
puui.qpic.cn/vpic_cover/k01591bfgpf/ Frame 947E 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://puui.qpic.cn/vpic_cover/k01591bfgpf/k01591bfgpf_hz.jpg
Requested by
Host: v.qq.com
URL: http://v.qq.com/txp/iframe/player.html?origin=https://mp.weixin.qq.com&chid=17&vid=k01591bfgpf&autoplay=false&full=true&show1080p=false&isDebugIframe=false
Protocol
HTTP/1.1
Server
2.16.202.84 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://v.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

X-DataSrc
7
Date
Tue, 20 Jun 2023 03:26:52 GMT
X-ReqId
MTY4NzIzMTYxMl8wX0YyQ0E5NjQxMzE0RDQ5NkM4M0ZBRThEQTU1NTZGMDAx
Size
307908
X-RtFlag
1
Connection
keep-alive
Content-Length
307908
X-Info
real data
Last-Modified
Sun, 10 Apr 2022 02:18:01 GMT
ETag
"4693d66f874e5b62bb1fc5239c308b1823f22dac"
Vary
Accept
Content-Type
image/png
X-Delay
52485 us
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Timing-Allow-Origin
*
kv
h.trace.qq.com/ Frame 947E 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
beacon.cdn.qq.com
URL
https://beacon.cdn.qq.com/sdk/4.5.16/beacon_web.min.js
Domain
h.trace.qq.com
URL
https://h.trace.qq.com/kv?attaid=01600067755&token=1774713244&topUrl=http%3A%2F%2Fgalcys.asia%2F&iframeUrl=http%3A%2F%2Fv.qq.com%2Ftxp%2Fiframe%2Fplayer.html%3Forigin%3Dhttps%3A%2F%2Fmp.weixin.qq.com%26chid%3D17%26vid%3Dk01591bfgpf%26autoplay%3Dfalse%26full%3Dtrue%26show1080p%3Dfalse%26isDebugIframe%3Dfalse&oldPlayer=0&topDomain=galcys.asia&_dc=0.9875634745779889

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

2 Cookies

Domain/Path Name / Value
galcys.asia/ Name: XSRF-TOKEN
Value: eyJpdiI6IjNwOE9wRXVYVUM1enZ2eC84KzJ6TGc9PSIsInZhbHVlIjoiQWZpYjN3RlFSMFh2VVFIRFFnTXZPRGsvVytTNmdpRkd3T21Sa1Fvd1ZOajdpdVltUzFMcHhkbkdnTHpENXN2bGd4dnlLQ0ZHaDZTT21DNEdCRnNOZTY2b3E4K1ZsVEJ1ckQxYUR3UE4vK0Q3N3RQcGIySGUwdDYzL1hWSVhwNngiLCJtYWMiOiJjNWM3Yzg2MTNjMmNkOWRhYjNmMWZkMWQ4YTY4MTUyYTY4OGJlMzljMjAzNGViMTRjY2QwMWUwNzNkOWUxOGI0In0%3D
galcys.asia/ Name: laravel_session
Value: eyJpdiI6IjBsQjBPektaTzFKVy9NM0tOQTlQbnc9PSIsInZhbHVlIjoiSkZWNW03TW84RkVPdDlOeDZGUGJqWEg5R0VBc1hET0FJKzZCWjcwSGFrK1V3c3hUcm1rVkY5UkROZzViQkUxKzE1RzNHbW93MUFKREk0cHdzeFQ1UDAvdjlFV3h2ZHZPd0ZJZS95YVBYTHlMSm5IYytVcVI1NkhEZ2c3aUh0REwiLCJtYWMiOiI3MjYxNDU3NmUyMzUwMjlmNTg3MWI3YmE2MTE2M2U0OWMzMjc5MjVlNzgyMjhkYWExOTkzNGFhM2M5ODAwZjlmIn0%3D

2 Console Messages

Source Level URL
Text
other warning URL: http://galcys.asia/(Line 27)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
security error URL: http://vm.gtimg.cn/thumbplayer/iframe/iframe.js(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://mp.weixin.qq.com') does not match the recipient window's origin ('http://galcys.asia').