urlscan.io logo urlscan.io
SecurityTrails logo

1lib.ink Open in urlscan Pro
2606:4700:3033::6815:4dc7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zlib.ren/
Effective URL: https://1lib.ink/
Submission: On April 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3033::6815:4dc7, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1lib.ink.
TLS certificate: Issued by GTS CA 1P5 on March 9th 2023. Valid for: 3 months.
This is the only time 1lib.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 2600:9000:249... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 47.253.50.2 45102 (ALIBABA-C...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 43.138.140.244 45090 (TENCENT-N...)
1 103.143.19.103 134760 (CHINANET-...)
1 2a00:1450:400... 15169 (GOOGLE)
2 103.235.46.191 55967 (BAIDU Bei...)
1 2600:9000:225... 16509 (AMAZON-02)
16 10
2    2606:4700:3035::6815:5156 (United States)

ASN13335 (CLOUDFLARENET, US)
zlib.ren
5    2606:4700:3033::6815:4dc7 (United States)

ASN13335 (CLOUDFLARENET, US)
1lib.ink
2    2600:9000:2491:6e00:1d:80d9:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)
lib.baomitu.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    47.253.50.2 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
sdk.51.la
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    43.138.140.244 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
www.ooopn.com
1    103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)
collect-v6.51.la
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    2600:9000:2251:b600:1:b394:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
p16.qhimg.com
Apex Domain
Subdomains		 Transfer
5 1lib.ink
1lib.ink
15 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8281
12 KB
2 51.la
sdk.51.la — Cisco Umbrella Rank: 54552
collect-v6.51.la — Cisco Umbrella Rank: 49718
13 KB
2 baomitu.com
lib.baomitu.com — Cisco Umbrella Rank: 179504
159 KB
2 zlib.ren
zlib.ren
1 KB
1 qhimg.com
p16.qhimg.com
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
5 KB
1 ooopn.com
www.ooopn.com
319 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 895
6 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
47 KB
16 10
Domain Requested by
5 1lib.ink 1lib.ink
static.cloudflareinsights.com
2 hm.baidu.com 1lib.ink
2 lib.baomitu.com 1lib.ink
2 zlib.ren 2 redirects
1 p16.qhimg.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 collect-v6.51.la sdk.51.la
1 www.ooopn.com lib.baomitu.com
1 static.cloudflareinsights.com 1lib.ink
1 sdk.51.la 1lib.ink
1 pagead2.googlesyndication.com 1lib.ink
16 11

This site contains links to these domains. Also see Links.

Domain
p16.qhimg.com
Subject Issuer Validity Valid
*.1lib.ink
GTS CA 1P5		 2023-03-09 -
2023-06-07		 3 months crt.sh
*.baomitu.com
WoTrus DV Server CA [Run by the Issuer]		 2022-04-26 -
2023-04-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2022-04-19 -
2023-05-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
www.ooopn.com
Encryption Everywhere DV TLS CA - G1		 2022-12-09 -
2023-12-08		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
*.qhimg.com
WoTrus DV Server CA [Run by the Issuer]		 2022-10-31 -
2023-10-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://1lib.ink/
Frame ID: 4BE9A5E2EA0A7EA286DED7A25BDA7251
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: A6734C29010474364A0D1942F08F1EF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ONE LIB - 知识就是力量

Page URL History Show full URLs

  1. http://zlib.ren/ HTTP 301
    https://zlib.ren/ HTTP 301
    https://1lib.ink/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • limonte-sweetalert2/([\d.]+)/sweetalert2(?:\.all)(?:\.min)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

10
IPs

4
Countries

258 kB
Transfer

870 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zlib.ren/ HTTP 301
    https://zlib.ren/ HTTP 301
    https://1lib.ink/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1lib.ink/
Redirect Chain
  • http://zlib.ren/
  • https://zlib.ren/
  • https://1lib.ink/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1lib.ink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a678cea49661417e4ad77bd24c5d5fbfa7ded620527ac0dd874dcbed4a4895a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b8e038b9e72bb73-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 16 Apr 2023 17:05:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJVkOYmcJGLdHhKywF5poJ01KJvBa1n9KMNakvahE%2FPitDdJmCY9Q1JwMQJ0yAIuqKHoMd3JUqxk4k1Lat4uAv4p%2B7atzV3sFcysLU%2FpeBgL7Mtygp%2BSfI6%2Fi8R9flim8T1hEOjzEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache
HIT

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b8e03888e6fbc04-FRA
content-type
text/html
date
Sun, 16 Apr 2023 17:05:33 GMT
location
https://1lib.ink/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39gPHZMJuEG599NenScDgvp8hlWsfuhXLOdV3%2FrczeGResEAEABx0%2FDNDmDeSPALew1HpY5E6u8IqTyoOA78rVXZhdUuUuqhB3K5VZSepTx6XfldkGJ2RxNTZwoKsfShwam4R%2F7rTg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
s.v1.css
1lib.ink/s/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1lib.ink/s/css/s.v1.css
Requested by
Host: 1lib.ink
URL: https://1lib.ink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c0b5e9b0a33746406c9b6831b5c7f75a2b1e236cd8d84299f61d99b2a06796d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 17:05:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 06 Feb 2023 14:06:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63e10981-1404"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWSj7PzFF0BoEHdJWNcz1ACLc4ARNMtwYD5EckbaCWinRcfGc65Qfpf1mUAgB4gkbBXi2oNqIMo5o44A6SmHgNDlAMQG%2BRCiB%2B6B%2B9Ig4w0gR08EL0TM6lXB3Di6z8OfLYDzgZprpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7b8e038c3f9fbb73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 17 Apr 2023 05:05:34 GMT
email-decode.min.js
1lib.ink/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1lib.ink/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: 1lib.ink
URL: https://1lib.ink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 17:05:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Apr 2023 15:48:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"642ee9e0-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUya2G4NmJeONiGlbqrrxLTv6ciXxmCQ2gYsm0MSanah%2BWMoGgzyCGbZP8D3I4%2FDVyKtjws2Y6unMfsGYudVF74bipgUh1GV8Tlg3L7if%2Ba%2FNksojVgDNg21RHAaCIj2YjC53P%2BbIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7b8e038c3fa3bb73-FRA
expires
Tue, 18 Apr 2023 17:05:34 GMT
jquery.min.js
lib.baomitu.com/jquery/3.6.0/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.baomitu.com/jquery/3.6.0/jquery.min.js
Requested by
Host: 1lib.ink
URL: https://1lib.ink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6e00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Wed, 11 May 2022 14:37:56 GMT
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
kcs-via
HIT from w-fc01.lato;MISS from w-sc02.lato
x-qstatic-hit
1
x-amz-cf-pop
FRA56-P7
age
29384858
x-cache
Hit from cloudfront
content-length
89501
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"ef2db2e5d4f563b9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
x-amz-cf-id
LUsMRgz44H6yE1RZpHh76FDL-hKiO0WwzdYkjqPeHDn_aHMTqN3H1w==
expires
Sat, 08 May 2032 14:37:56 GMT
sweetalert2.all.min.js
lib.baomitu.com/limonte-sweetalert2/10.16.6/ 		71 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib.baomitu.com/limonte-sweetalert2/10.16.6/sweetalert2.all.min.js
Requested by
Host: 1lib.ink
URL: https://1lib.ink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:6e00:1d:80d9:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
042037da753e9b278b09dff0f7a73e163b628c355988442eb983893122c5ed49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 06:30:01 GMT
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
kcs-via
MISS from w-fc03.lato;HIT from w-sc02.lato
x-qstatic-hit
1
x-amz-cf-pop
FRA56-P7
age
19737333
x-cache
Hit from cloudfront
content-length
72594
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"6871a9335c872a91"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
x-amz-cf-id
Cg8BB5DJr2RDakWhr1EiiqHgjjaEqShEhiKpOTsH2K5UU8v7xzBE9A==
expires
Sat, 28 Aug 2032 06:30:01 GMT
a.v6.js
1lib.ink/s/js/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1lib.ink/s/js/a.v6.js
Requested by
Host: 1lib.ink
URL: https://1lib.ink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b0d6d54fc3ab47589b4ef971c73f9918af69d2c4ced6b1399d0d380eabff90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 17:05:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Feb 2023 15:17:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1945
etag
W/"63f38f1a-5739"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXXM0T6M2lO35SZCooc8ZylyTN5prQoVY7XXawzzgCFNT0hLflDn8kRHbYzmYPMa97ZGR8hz6dpGK7vDduwkiZHu4jmzgkwQdURm4t3cxukEuPwrBpF0LG3L5MjG9%2FeXP803C4UNcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7b8e038c3fa6bb73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 17 Apr 2023 04:33:09 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 1lib.ink
URL: https://1lib.ink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d79c642a3f1322c0866c242877febfb017ef71cff59c6d2e0fa03c676f202814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 17:05:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47877
x-xss-protection
0
server
cafe
etag
2697507321447707698
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 16 Apr 2023 17:05:34 GMT
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: 1lib.ink
URL: https://1lib.ink/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.253.50.2 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 17:05:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 04:34:55 GMT
Server
openresty
ETag
W/"63bceaef-861a"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=1296000
Access-Control-Allow-Credentials
true
Connection
keep-alive
v2b4487d741ca48dcbadcaf954e159fc61680799950996
static.cloudflareinsights.com/beacon.min.js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996
Requested by
Host: 1lib.ink
URL: https://1lib.ink/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4860695983e79ae4c596701d7203945837da206d3fdba56684661a5cd60b16c2

Request headers

Referer
https://1lib.ink/
Origin
https://1lib.ink
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 17:05:34 GMT
content-encoding
gzip
last-modified
Thu, 06 Apr 2023 16:52:30 GMT
server
cloudflare
etag
W/2023.4.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7b8e038ccb329c01-FRA
api.php
www.ooopn.com/tool/api/image/360mn/ 		54 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ooopn.com/tool/api/image/360mn/api.php
Requested by
Host: lib.baomitu.com
URL: https://lib.baomitu.com/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.138.140.244 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
053638af74652d52da1ad9fdf881c3d0b8d2239fd370b330f8f7488069f55fb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Referer
https://1lib.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 17:05:39 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
collect
collect-v6.51.la/v6/ 		0
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://1lib.ink
Date
Sun, 16 Apr 2023 17:05:38 GMT
Access-Control-Allow-Credentials
true
Server
CloudWAF
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame A673 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1lib.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
40625
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Apr 2023 05:48:30 GMT
etag
2378337311435320485
expires
Sun, 30 Apr 2023 05:48:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?75bb4b514e49965ad1ac3f816bfd838d
Requested by
Host: 1lib.ink
URL: https://1lib.ink/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
206fc32d279c6b2ece475af45b086d3aed69fb650de05bdeb04e8d1d4c1e4fc8
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 17:05:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
687c53d66378e68fad7bce035ec6424f
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11256
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1992143626&si=75bb4b514e49965ad1ac3f816bfd838d&v=1.3.0&lv=1&sn=36636&r=0&ww=1600&u=https%3A%2F%2F1lib.ink%2F&tt=ONE%20LIB%20-%20%E7%9F%A5%E8%AF%86%E5%B0%B1%E6%98%AF%E5%8A%9B%E9%87%8F
Requested by
Host: 1lib.ink
URL: https://1lib.ink/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 16 Apr 2023 17:05:36 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
rum
1lib.ink/cdn-cgi/ 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1lib.ink/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4dc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://1lib.ink/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
content-type
application/json

Response headers

date
Sun, 16 Apr 2023 17:05:36 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://1lib.ink
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7b8e039c2e07bb65-FRA
t01d35cd93efc96b5cb.jpg
p16.qhimg.com/bdr/__85/ 		454 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p16.qhimg.com/bdr/__85/t01d35cd93efc96b5cb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:b600:1:b394:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1lib.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

expires
Sat, 15 Jul 2023 17:05:40 GMT
date
Sun, 16 Apr 2023 17:05:40 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
xzp
ovevmmoaovvmliklisrmlml
last-modified
Wed, 07 Dec 2022 01:45:43 GMT
kcs-via
MISS from w-fc03.lato;MISS from w-sc02.lyct
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
917644
x-amz-cf-id
BEG4FQICK7BgL8--_5sQ-lP-qtV6e0lR4QiHEhpj38g5CvY0ZyNEFQ==
xcs
HIT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal number| page object| doc object| sto string| bgurl undefined| ttt undefined| eee object| LA number| laWaitTime object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| _hmt string| google_user_agent_client_hint object| __cfBeacon boolean| _bdhm_loaded_75bb4b514e49965ad1ac3f816bfd838d object| mini_tangram_log_hpc63u

8 Cookies

Domain/Path Name / Value
1lib.ink/ Name: X_CACHE_KEY
Value: e429ce2309be12d25e914735a308e0df
1lib.ink/ Name: __vtins__JtGd4Y0RoqqQenWm
Value: %7B%22sid%22%3A%20%22995f1a30-4f49-5303-b90a-f7839bbebb10%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201681666534998%2C%20%22ct%22%3A%201681664734998%7D
1lib.ink/ Name: __51uvsct__JtGd4Y0RoqqQenWm
Value: 1
1lib.ink/ Name: __51vcke__JtGd4Y0RoqqQenWm
Value: 6ad854d8-5f5f-5881-8589-fc0652639be0
1lib.ink/ Name: __51vuft__JtGd4Y0RoqqQenWm
Value: 1681664735002
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: F1510072E7B5B0A8
.1lib.ink/ Name: Hm_lvt_75bb4b514e49965ad1ac3f816bfd838d
Value: 1681664736
.1lib.ink/ Name: Hm_lpvt_75bb4b514e49965ad1ac3f816bfd838d
Value: 1681664736

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1lib.ink
collect-v6.51.la
googleads.g.doubleclick.net
hm.baidu.com
lib.baomitu.com
p16.qhimg.com
pagead2.googlesyndication.com
sdk.51.la
static.cloudflareinsights.com
www.ooopn.com
zlib.ren
103.143.19.103
103.235.46.191
2600:9000:2251:b600:1:b394:6780:93a1
2600:9000:2491:6e00:1d:80d9:9400:93a1
2606:4700:3033::6815:4dc7
2606:4700:3035::6815:5156
2606:4700::6810:3965
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
43.138.140.244
47.253.50.2
042037da753e9b278b09dff0f7a73e163b628c355988442eb983893122c5ed49
053638af74652d52da1ad9fdf881c3d0b8d2239fd370b330f8f7488069f55fb0
206fc32d279c6b2ece475af45b086d3aed69fb650de05bdeb04e8d1d4c1e4fc8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4860695983e79ae4c596701d7203945837da206d3fdba56684661a5cd60b16c2
8c0b5e9b0a33746406c9b6831b5c7f75a2b1e236cd8d84299f61d99b2a06796d
a678cea49661417e4ad77bd24c5d5fbfa7ded620527ac0dd874dcbed4a4895a2
b4b0d6d54fc3ab47589b4ef971c73f9918af69d2c4ced6b1399d0d380eabff90
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d79c642a3f1322c0866c242877febfb017ef71cff59c6d2e0fa03c676f202814
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e