urlscan.io logo urlscan.io
SecurityTrails logo

security.ximalaya.com Open in urlscan Pro
101.91.80.170  Public Scan

Go To Rescan Add Verdict Report
URL: https://security.ximalaya.com/
Submission: On April 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 101.91.80.170, located in China and belongs to CHINANET-SH-AP China Telecom (Group), CN. The main domain is security.ximalaya.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on May 24th 2019. Valid for: a year.
This is the only time security.ximalaya.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 101.91.80.170 4812 (CHINANET-...)
14 1
Apex Domain
Subdomains		 Transfer
9 ximalaya.com
security.ximalaya.com
220 KB
5 tencent.com
x.security.tencent.com
600 KB
14 2
Domain Requested by
9 security.ximalaya.com security.ximalaya.com
5 x.security.tencent.com security.ximalaya.com
14 2

This site contains links to these domains. Also see Links.

Domain
x.security.tencent.com
security.tencent.com
Subject Issuer Validity Valid
security.ximalaya.com
GeoTrust RSA CA 2018		 2019-05-24 -
2020-05-23		 a year crt.sh
*.security.tencent.com
Secure Site CA G2		 2019-11-05 -
2021-01-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://security.ximalaya.com/
Frame ID: 6204C78E53D61BE584CF9218F0F47D7C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

820 kB
Transfer

1028 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
security.ximalaya.com/ 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
6282a49611fa62ac9cc1e04042cadc9241329cd4e6e89b168cbddc12abbb4dcb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
security.ximalaya.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx
Date
Fri, 03 Apr 2020 06:59:25 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
PHPSESSID=nap3495j77588moamjcdgcejt6; expires=Fri, 03-Apr-2020 14:59:25 GMT; Max-Age=28800; path=/; HttpOnly csrf_token_cookie=6ebf2b4d969ad8f0f7ec377dd4c948a8; expires=Fri, 03-Apr-2020 08:59:25 GMT; Max-Age=7200; path=/; httponly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Strict-Transport-Security
max-age=63072000; preload
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
Content-Encoding
gzip
main.css
security.ximalaya.com/static/v1.0/css/ 		232 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://security.ximalaya.com/static/v1.0/css/main.css?t=20160310
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
51a574e031c726815f711528668e3fca018a7048de17641e828571efb980e9d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Fri, 03 Apr 2020 06:59:26 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
Last-Modified
Tue, 11 Oct 2016 02:02:17 GMT
Server
nginx
x-frame-options
SAMEORIGIN
ETag
W/"57fc4829-39f33"
Strict-Transport-Security
max-age=63072000; preload
Content-Type
text/css
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
security.ximalaya.com/static/plugins/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.ximalaya.com/static/plugins/jquery.js
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 03 Apr 2020 06:59:25 GMT
x-content-type-options
nosniff
Last-Modified
Wed, 11 Feb 2015 06:53:54 GMT
Server
nginx
ETag
"54dafc82-17278"
x-frame-options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Strict-Transport-Security
max-age=63072000; preload
Accept-Ranges
bytes
Content-Length
94840
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
c599bb24a8236f764f7a2d52f87369ef.jpg
x.security.tencent.com/upload_files/201910/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.security.tencent.com/upload_files/201910/c599bb24a8236f764f7a2d52f87369ef.jpg
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
9ae81adfa90a0dea6a4649276f8c1409580222c12635949cb2d3b7e95662a2dd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 03 Apr 2020 06:59:26 GMT
Strict-Transport-Security
max-age=63072000; preload
x-content-type-options
nosniff
Last-Modified
Sat, 12 Oct 2019 07:56:21 GMT
Server
nginx
ETag
"5da18725-11c7e"
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72830
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
11f4298fb886db68b0e4469954de5c6a.jpg
x.security.tencent.com/upload_files/201905/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.security.tencent.com/upload_files/201905/11f4298fb886db68b0e4469954de5c6a.jpg
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
c81d37dee0f16642942e8dbf802da455ae9129d33350d931a5679f0086565814
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 03 Apr 2020 06:59:26 GMT
Strict-Transport-Security
max-age=63072000; preload
x-content-type-options
nosniff
Last-Modified
Wed, 22 May 2019 11:40:47 GMT
Server
nginx
ETag
"5ce5353f-e754"
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59220
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
17ab7c0ace70d9d35c270bec8144864f.jpg
x.security.tencent.com/upload_files/201905/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.security.tencent.com/upload_files/201905/17ab7c0ace70d9d35c270bec8144864f.jpg
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
c81d37dee0f16642942e8dbf802da455ae9129d33350d931a5679f0086565814
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 03 Apr 2020 06:59:27 GMT
Strict-Transport-Security
max-age=63072000; preload
x-content-type-options
nosniff
Last-Modified
Wed, 22 May 2019 11:42:02 GMT
Server
nginx
ETag
"5ce5358a-e754"
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59220
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sea.js
security.ximalaya.com/static/plugins/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.ximalaya.com/static/plugins/sea.js?t=20151230
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
4ea2d6e509ad10bf7f78c9690d44ca02492f7bcb68c3d47eda66707a9f3bc455
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 03 Apr 2020 06:59:26 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 12 Jan 2015 08:46:06 GMT
Server
nginx
ETag
"54b389ce-1b0a"
x-frame-options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Strict-Transport-Security
max-age=63072000; preload
Accept-Ranges
bytes
Content-Length
6922
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
config.js
security.ximalaya.com/static/v1.0/js/ 		569 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.ximalaya.com/static/v1.0/js/config.js?t=20191212
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
ac6f24d69e8ff029b5932bf1db5b80e21331dec28da9a9219f09e71a2ffdb4dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 03 Apr 2020 06:59:26 GMT
x-content-type-options
nosniff
Last-Modified
Thu, 12 Dec 2019 12:54:02 GMT
Server
nginx
ETag
"5df2386a-239"
x-frame-options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Strict-Transport-Security
max-age=63072000; preload
Accept-Ranges
bytes
Content-Length
569
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
b66cead7db69a83b9a88fe051079952c.png
x.security.tencent.com/upload_files/201905/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.security.tencent.com/upload_files/201905/b66cead7db69a83b9a88fe051079952c.png
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
582e13659e5cd9218c79e48b7b11b6646f43c68ea0826dd59e6e7593051baaa5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 03 Apr 2020 06:59:27 GMT
Strict-Transport-Security
max-age=63072000; preload
x-content-type-options
nosniff
Last-Modified
Wed, 22 May 2019 09:04:14 GMT
Server
nginx
ETag
"5ce5108e-76cc"
x-frame-options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30412
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
79676c2e89e59307afb6f3cad856f1ee.jpg
x.security.tencent.com/upload_files/201905/ 		381 KB
382 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.security.tencent.com/upload_files/201905/79676c2e89e59307afb6f3cad856f1ee.jpg
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
3f3f83b85056f5f2ec5ed743ec0b4096c9c451c55c25a6291f33446b3a7c780c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 03 Apr 2020 06:59:27 GMT
Strict-Transport-Security
max-age=63072000; preload
x-content-type-options
nosniff
Last-Modified
Thu, 23 May 2019 03:11:13 GMT
Server
nginx
ETag
"5ce60f51-5f43e"
x-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
390206
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
hover-normal@1x.png
security.ximalaya.com/static/v1.0/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.ximalaya.com/static/v1.0/images/hover-normal@1x.png
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
338b9e743ac1b5bd7f01e5cbd84b46fd86bde490c04f88503986b39e52d03c4c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/static/v1.0/css/main.css?t=20160310
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 03 Apr 2020 06:59:26 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 29 Feb 2016 02:45:44 GMT
Server
nginx
ETag
"56d3b0d8-ed1"
x-frame-options
SAMEORIGIN
Connection
keep-alive
Content-Type
image/png
Cache-Control
max-age=315360000
Strict-Transport-Security
max-age=63072000; preload
Accept-Ranges
bytes
Content-Length
3793
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
font@1x.png
security.ximalaya.com/static/v1.0/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.ximalaya.com/static/v1.0/images/font@1x.png
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
aea0ab3b6643f84022da90bd8666795d62ffe135d3d808f76b7a0e4078e52209
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/static/v1.0/css/main.css?t=20160310
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 03 Apr 2020 06:59:26 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 29 Feb 2016 02:45:38 GMT
Server
nginx
ETag
"56d3b0d2-5d7c"
x-frame-options
SAMEORIGIN
Connection
keep-alive
Content-Type
image/png
Cache-Control
max-age=315360000
Strict-Transport-Security
max-age=63072000; preload
Accept-Ranges
bytes
Content-Length
23932
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
icon@1x.png
security.ximalaya.com/static/v1.0/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.ximalaya.com/static/v1.0/images/icon@1x.png
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
0bfcd5bfb0a52f4f5e4096194eb99a3197c940d18c54f4cdf9b3dcadfe5f1fae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/static/v1.0/css/main.css?t=20160310
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 03 Apr 2020 06:59:27 GMT
x-content-type-options
nosniff
Last-Modified
Mon, 07 Mar 2016 01:31:54 GMT
Server
nginx
ETag
"56dcda0a-558e"
x-frame-options
SAMEORIGIN
Connection
keep-alive
Content-Type
image/png
Cache-Control
max-age=315360000
Strict-Transport-Security
max-age=63072000; preload
Accept-Ranges
bytes
Content-Length
21902
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT
utils.js
security.ximalaya.com/static/v1.0/js/modules/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.ximalaya.com/static/v1.0/js/modules/utils.js?t=20161130
Requested by
Host: security.ximalaya.com
URL: https://security.ximalaya.com/static/plugins/sea.js?t=20151230
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.91.80.170 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
68e67e6c0112170918c692c5ce075995d0dca3388cd6dea6600bee4b3d95a726
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.ximalaya.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 03 Apr 2020 06:59:27 GMT
x-content-type-options
nosniff
Last-Modified
Wed, 30 Nov 2016 07:08:41 GMT
Server
nginx
ETag
"583e7af9-7939"
x-frame-options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Strict-Transport-Security
max-age=63072000; preload
Accept-Ranges
bytes
Content-Length
31033
x-xss-protection
1; mode=block
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| seajs function| define object| t_config object| jQuery17205871259281877201 function| shareto

2 Cookies

Domain/Path Name / Value
security.ximalaya.com/ Name: csrf_token_cookie
Value: 6ebf2b4d969ad8f0f7ec377dd4c948a8
security.ximalaya.com/ Name: PHPSESSID
Value: nap3495j77588moamjcdgcejt6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block