ntz1.mr-viper.biz.id Open in urlscan Pro
2606:4700:3031::ac43:92aa Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ntz1.mr-viper.biz.id/
Submission: On December 28 via api (December 28th 2023, 9:01:46 am UTC) from US — Scanned from US

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3031::ac43:92aa, located in United States and belongs to CLOUDFLARENET, US. The main domain is ntz1.mr-viper.biz.id.
TLS certificate: Issued by E1 on December 28th 2023. Valid for: 3 months.

This is the only time ntz1.mr-viper.biz.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 12	2606:4700:303... 2606:4700:3031::ac43:92aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:1980:2::1f 2606:1980:2::1f	54994 (ML-1432-5...) (ML-1432-54994)
3	240e:947:6001... 240e:947:6001::10d	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
22	4

12 2606:4700:3031::ac43:92aa (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

ntz1.mr-viper.biz.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:1980:2::1f (United States)

ASN54994 (ML-1432-54994, CA)

www.mfa.gov.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 240e:947:6001::10d (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

www.gov.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	mr-viper.biz.id 5 redirects ntz1.mr-viper.biz.id	84 KB
3	www.gov.cn www.gov.cn — Cisco Umbrella Rank: 140231
2	mfa.gov.cn www.mfa.gov.cn — Cisco Umbrella Rank: 656413
0	xuexi.cn Failed www.xuexi.cn Failed
0	mofcom.gov.cn Failed www.mofcom.gov.cn — Cisco Umbrella Rank: 584724 Failed
22	5

	Domain	Requested by
12	ntz1.mr-viper.biz.id	5 redirects ntz1.mr-viper.biz.id
3	www.gov.cn	ntz1.mr-viper.biz.id
2	www.mfa.gov.cn	ntz1.mr-viper.biz.id
0	www.xuexi.cn Failed	ntz1.mr-viper.biz.id
0	www.mofcom.gov.cn Failed	ntz1.mr-viper.biz.id
22	5

This site contains no links.

Subject Issuer	Validity	Valid
mr-viper.biz.id E1	`2023-12-28` - `2024-03-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ntz1.mr-viper.biz.id/
Frame ID: 629E9E3A6A70D5C1EB38568C549AC9C4
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

违法和不良信息举报中心

Page Statistics

22
Requests

32 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

80 kB
Transfer

94 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ntz1.mr-viper.biz.id/style/main.css HTTP 0
http://www.mofcom.gov.cn/style/main.css

Request Chain 1

https://ntz1.mr-viper.biz.id/js/jquery-1.11.0.min.js HTTP 302
https://www.mfa.gov.cn/web/system/index_17321.shtml

Request Chain 2

https://ntz1.mr-viper.biz.id/js/jquery_cookie_min.js HTTP 302
https://www.xuexi.cn/notFound.html

Request Chain 4

https://ntz1.mr-viper.biz.id/style/b01.png HTTP 302
https://www.mfa.gov.cn/web/system/index_17321.shtml

Request Chain 6

https://ntz1.mr-viper.biz.id/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png HTTP 302
https://www.mofcom.gov.cn/style/b03.png

Request Chain 7

https://ntz1.mr-viper.biz.id/style/b04.png HTTP 302
https://www.gov.cn/gonggong/ymbcz/404.html

Request Chain 11

https://ntz1.mr-viper.biz.id/style/b08.png HTTP 302
https://www.gov.cn/gonggong/ymbcz/404.html

Request Chain 12

https://ntz1.mr-viper.biz.id/app/2/31.jpg HTTP 302
https://www.xuexi.cn/notFound.html

Request Chain 13

https://ntz1.mr-viper.biz.id/js/common.js HTTP 302
https://www.xuexi.cn/notFound.html

Request Chain 15

https://ntz1.mr-viper.biz.id/libs/jquery-nice-select-1.1.0/js/jquery.nice-select.js HTTP 302
https://www.gov.cn/gonggong/ymbcz/404.html

Request Chain 17

https://ntz1.mr-viper.biz.id/style/qr_app.png HTTP 302
https://www.xuexi.cn/notFound.html

Request Chain 19

https://ntz1.mr-viper.biz.id/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png HTTP 302
https://www.mofcom.gov.cn/style/qr_wx.png

Request Chain 20

https://ntz1.mr-viper.biz.id/js/jquery-1.11.0.min.js HTTP 0
http://www.mofcom.gov.cn/js/jquery-1.11.0.min.js

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ntz1.mr-viper.biz.id/ 23 KB
8 KB 2212ms
1207ms Document
text/html 2606:4700:3031::ac43:92aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ntz1.mr-viper.biz.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:92aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdf44fcd5030e41d30f25cf47365247d3c3a8e646c596c3e6d81095f9a1f1c20

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83c89ddd6d8e18f2-EWR
content-encoding: br
content-type: text/html
date: Thu, 28 Dec 2023 09:01:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hulTxO4RbdzcbJiAK7bGTr2JaV7%2FEjlM9A4gXa51Qef2S3LpCbaTGrCBemtXI4RXc%2B2oB6aq7LkFLh5YZhM3zgl1rSVzOzDM7QsDZUjo3yCnj2u40Bz9uIHeR7HRR4QXRGrMP2hocAvdRmcSY%2FzbGK8u6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache-lookup: Cache Miss Hit From Inner Cluster Cache Miss
x-nws-log-uuid: 15643920793399450184

GET

main.css
www.mofcom.gov.cn/style/
Redirect Chain

https://ntz1.mr-viper.biz.id/style/main.css
http://www.mofcom.gov.cn/style/main.css

0
0

GET
H/1.1

200
OK

index_17321.shtml Show response
www.mfa.gov.cn/web/system/
Redirect Chain

https://ntz1.mr-viper.biz.id/js/jquery-1.11.0.min.js
https://www.mfa.gov.cn/web/system/index_17321.shtml

0
0

927ms
629ms

Script
text/html

2606:1980:2::1f
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mfa.gov.cn/web/system/index_17321.shtml
Requested by: Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/
Protocol: HTTP/1.1
Server: 2606:1980:2::1f , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Thu, 28 Dec 2023 09:01:07 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: ALLOW-FROM http://www.mfa.gov.cn http://www.fmprc.gov.cn https://www.mfa.gov.cn https://www.fmprc.gov.cn http://mfa.gjzwfw.gov.cn https://mfa.gjzwfw.gov.cn
x-via: 1.1 nxian55:8 (Cdn Cache Server V2.0), 1.1 PS-000-01I0p46:4 (Cdn Cache Server V2.0), 1.1 VM-LAX-01nfY12:6 (Cdn Cache Server V2.0)
location: https://www.mfa.gov.cn/web/system/index_17321.shtml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0WLQMRxBOXXiwFn%2BNazc6GlnPS8gWaIOxppsOWA9KRBaUvvIoMcA9JrDcNySwRL6wZl6yS0V4T9F61UzBbHuMZnc7Uxd6r0%2F5ptDSrGLJ6uffUVmuB479E5%2BE53jkJibsAqukgBHNjYniw3UgRWsGhytw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
x-ws-request-id: 658d3952_VM-LAX-01nfY12_2734-20371
cf-ray: 83c89de509e718f2-EWR
alt-svc: h3=":443"; ma=86400

GET

notFound.html
www.xuexi.cn/
Redirect Chain

https://ntz1.mr-viper.biz.id/js/jquery_cookie_min.js
https://www.xuexi.cn/notFound.html

0
0

GET my.js
ntz1.mr-viper.biz.id/js/ 0
0

GET
H/1.1

200
OK

index_17321.shtml
www.mfa.gov.cn/web/system/
Redirect Chain

https://ntz1.mr-viper.biz.id/style/b01.png
https://www.mfa.gov.cn/web/system/index_17321.shtml

0
0

787ms
449ms

Image
text/html

2606:1980:2::1f
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mfa.gov.cn/web/system/index_17321.shtml
Requested by: Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/
Protocol: HTTP/1.1
Server: 2606:1980:2::1f , United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Thu, 28 Dec 2023 09:01:07 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: ALLOW-FROM http://www.mfa.gov.cn http://www.fmprc.gov.cn https://www.mfa.gov.cn https://www.fmprc.gov.cn http://mfa.gjzwfw.gov.cn https://mfa.gjzwfw.gov.cn
x-via: 1.1 chzh172:1 (Cdn Cache Server V2.0), 1.1 CS-NTG-01X7p250:3 (Cdn Cache Server V2.0), 1.1 VM-LAX-01Hfb48:6 (Cdn Cache Server V2.0)
location: https://www.mfa.gov.cn/web/system/index_17321.shtml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BeG9NlIWObNKl1u9EcRN9UqKiq4A%2FCPTe6OZr8VwtJwUo2u1Ot7R%2Bszxu%2BjvBJQ5dKT%2B0hY%2F5cFeuR3r8p7nCMYvLuHrbmbfFtKqgIqTgAMNCqxcKLxbSCn3f0nAn%2BQoCc%2FQusIOy49jl2LetqteXRzpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
x-ws-request-id: 658d3952_VM-LAX-01Hfb48_3885-3070
cf-ray: 83c89de53eaa1841-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 b02.png
ntz1.mr-viper.biz.id/style/ 36 KB
37 KB 1079ms
1078ms Image
image/png 2606:4700:3031::ac43:92aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntz1.mr-viper.biz.id/style/b02.png
Requested by: Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:92aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85311d96f7bf98f2378ab8c24cca7b4f693f1452af8729022b3350e611fd8e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 09:01:07 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-lookup: Cache Hit
alt-svc: h3=":443"; ma=86400
content-length: 37246
last-modified: Thu, 28 Dec 2023 08:09:08 GMT
server: cloudflare
etag: "658d2d24-917e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhmOq7bWzjQddDpeX5jatE%2FnU1ZsKoSNX0MfMntenm1oCgeZ2fitqNqz5ZUe8yv%2FTHNGiX3vORaos5LVkzfnk%2FX8fl0rGkSiKKWHA5xAIdelaP9btyzmsRrW9mZiJrZ9YkZ%2Fi5F%2FNBHQueixNfsuE4rITw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
x-nws-log-uuid: 6215405847346196110
accept-ranges: bytes
cf-ray: 83c89de53eac1841-EWR

GET

b03.png
www.mofcom.gov.cn/style/
Redirect Chain

https://ntz1.mr-viper.biz.id/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png
https://www.mofcom.gov.cn/style/b03.png

0
0

GET
H/1.1

200
OK

404.html
www.gov.cn/gonggong/ymbcz/
Redirect Chain

https://ntz1.mr-viper.biz.id/style/b04.png
https://www.gov.cn/gonggong/ymbcz/404.html

0
0

1680ms
238ms

Image
text/html

240e:947:6001::10d
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gov.cn/gonggong/ymbcz/404.html
Requested by: Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/
Protocol: HTTP/1.1
Server: 240e:947:6001::10d , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Thu, 28 Dec 2023 09:01:08 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from BC29_US-Michigan-chieago-1-cache-2(baishan)
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
location: https://www.gov.cn/gonggong/ymbcz/404.html
access-control-allow-origin: *
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouFQCxOCiwlQIbvxPOjzLvtremMh2IPOtqoyrzKm4V91PrU%2BxakPESMC14lHIoeWvcf7hyIVP4vu3lt8KgLcP08JdHE%2B4mrs12GN8kQ8DZgP7OuPZO1qURsmt6fx6oYzkn3tMXxy8HzH9q%2BmEqHEk5UYhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83c89ded0a121841-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-ser: BC6_dx-lt-yd-zhejiang-jinhua-5-cache-1, BC199_lt-obgp-fujian-xiamen-33-cache-1, BC29_US-Michigan-chieago-1-cache-2

GET
H3 200 b05.png
ntz1.mr-viper.biz.id/style/ 30 KB
30 KB 1011ms
1010ms Image
image/png 2606:4700:3031::ac43:92aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntz1.mr-viper.biz.id/style/b05.png
Requested by: Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:92aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4055540da9b0b96c52db21a29a5e9f2712248b1a869dc0b2118e927d44d3b90e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 09:01:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-lookup: Cache Hit
alt-svc: h3=":443"; ma=86400
content-length: 30609
last-modified: Thu, 28 Dec 2023 08:33:07 GMT
server: cloudflare
etag: "658d32c3-7791"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajjOG6z%2BBYHoAETWfCUKZ5l34NTorkOEaiZuJcJiiCdaB3N47%2Bg5ud6jfSYPPLM1w9lTZRkejC%2FGYGAwG3y%2BMxQOwCiYgQR4je9sc7U334wt1I1PkP%2BsTGsKJs%2BSbVZ7XTsgBgMVT6qbEE%2F9V%2F8OUt%2BRxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
x-nws-log-uuid: 6971858134246487098
accept-ranges: bytes
cf-ray: 83c89dee1a821841-EWR

GET
H3 404 b09.png
ntz1.mr-viper.biz.id/style/ 211 B
211 B 990ms
987ms Image
text/html 2606:4700:3031::ac43:92aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ntz1.mr-viper.biz.id/style/b09.png

Requested by

Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b03e8c83c637df90bc7799c279acdcdee65f8b0803812a3cb63192627384f81a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 09:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SM8j%2FEQB3MElsCJuh6Z8mDMGCma6daO1rhKLZ1Rprga6iJfWWVO33mHPV2W%2B2VafhgQGMptTzYZo6DwPAbVcwe%2B7CU4TwDP6AjhY%2BdVIZFAgcaj5btMuxMCa8NyNAfT6kl2DKJ%2Bxd0u5nb2IZLsYZCMZ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-ray: 83c89dee4a911841-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 522 b07.png
ntz1.mr-viper.biz.id/style/ 1 KB
1 KB 15287ms
15284ms Image
text/html 2606:4700:3031::ac43:92aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ntz1.mr-viper.biz.id/style/b07.png

Requested by

Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48a38f613d0399db59e61358aeef0ddecce9a4501ca8605cf2264bc879912099

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 09:01:23 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYr4jF%2BlfYFixjzpYRRqhpOX263pPYwHiYvpzAva8f7pfFURRYVZtdI0KkdsYzipd0SZqZFFeKDdT1glnJuTSOc9vNIlH4dX4IFbqdeVP%2FyqIi6m4RQrKExLzLQUHdVFG%2FS48yNUtRre5EDt2ONz2vOTZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 83c89dee4a921841-EWR
alt-svc: h3=":443"; ma=86400
content-length: 7105
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

404.html
www.gov.cn/gonggong/ymbcz/
Redirect Chain

https://ntz1.mr-viper.biz.id/style/b08.png
https://www.gov.cn/gonggong/ymbcz/404.html

0
0

1485ms
240ms

Image
text/html

240e:947:6001::10d
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gov.cn/gonggong/ymbcz/404.html
Requested by: Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/
Protocol: HTTP/1.1
Server: 240e:947:6001::10d , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Thu, 28 Dec 2023 09:01:08 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from BC37_US-Michigan-chieago-1-cache-2(baishan)
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
location: https://www.gov.cn/gonggong/ymbcz/404.html
access-control-allow-origin: *
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQ7B9ykaR0xxnPlqUxeOccU2DS89Kn%2Fi3tufTD%2BvghmqiL8Isr5oZY7CAIPWGLNOSEeFwMABuvw01T5B%2FO%2FNmrqINUTVidnhhUTMk0gL%2FwPPDTAwi63kzGdta8rWGBB2LAo3t0osgB0PzJUIXtGcTd1HTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83c89dee4a931841-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-ser: BC195_dx-lt-yd-jiangsu-huaian-8-cache-2, BC197_lt-obgp-fujian-xiamen-33-cache-1, BC37_US-Michigan-chieago-1-cache-2

GET

notFound.html
www.xuexi.cn/
Redirect Chain

https://ntz1.mr-viper.biz.id/app/2/31.jpg
https://www.xuexi.cn/notFound.html

0
0

GET

notFound.html
www.xuexi.cn/
Redirect Chain

https://ntz1.mr-viper.biz.id/js/common.js
https://www.xuexi.cn/notFound.html

0
0

GET jquery-1.12.4.js
ntz1.mr-viper.biz.id/js/ 0
0

GET
H/1.1

200
OK

404.html Show response
www.gov.cn/gonggong/ymbcz/
Redirect Chain

https://ntz1.mr-viper.biz.id/libs/jquery-nice-select-1.1.0/js/jquery.nice-select.js
https://www.gov.cn/gonggong/ymbcz/404.html

0
0

1495ms
249ms

Script
text/html

240e:947:6001::10d
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gov.cn/gonggong/ymbcz/404.html
Requested by: Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/
Protocol: HTTP/1.1
Server: 240e:947:6001::10d , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Thu, 28 Dec 2023 09:01:08 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS from BC4_US-Georgia-atlanta-1-cache-3(baishan)
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
location: https://www.gov.cn/gonggong/ymbcz/404.html
access-control-allow-origin: *
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQfaAE1vFN1mYaGy1VQV2j2vboPkB1I6WzGN6GDDbzwJWjZEE6vuh%2FmdqzFuLkwbIUqDRYFJSqquGSazhEoxssxAjGo24OzURYcQXmB3tazMlD3LEEWrv25c20BBELINQzBfqOgIpNG3OHN15wX0uTiEfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83c89dee4a901841-EWR
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-ser: BC89_dx-lt-yd-zhejiang-wenzhou-11-cache-6, BC162_lt-obgp-fujian-xiamen-33-cache-1, BC32_US-Georgia-atlanta-1-cache-4, BC4_US-Georgia-atlanta-1-cache-3

GET
H3 200 qr_call.png
ntz1.mr-viper.biz.id/style/ 3 KB
4 KB 1012ms
1010ms Image
image/png 2606:4700:3031::ac43:92aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntz1.mr-viper.biz.id/style/qr_call.png
Requested by: Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:92aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7132523bc795c0462d133d8ed480499c69ec70f4f1fcfff6f69dc8a7671170d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 09:01:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-lookup: Cache Hit
alt-svc: h3=":443"; ma=86400
content-length: 3190
last-modified: Thu, 28 Dec 2023 08:32:08 GMT
server: cloudflare
etag: "658d3288-c76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UM04Wtgw3dDTh5vyt%2BkrMGlP8iRshvxy9mx%2BprPbARRYUBO33TrKSlJryU%2Fhrj99tusuty%2B7aBCv7gm6hy69m%2B3gvg2g3cbiWZmhsm3KcNeBtpTzE5YR2g6rUc%2Bl4XvcN7AFFskd%2BSHXtBkvHjbOX0cEpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
x-nws-log-uuid: 10910804575054065051
accept-ranges: bytes
cf-ray: 83c89dee4a951841-EWR

GET

notFound.html
www.xuexi.cn/
Redirect Chain

https://ntz1.mr-viper.biz.id/style/qr_app.png
https://www.xuexi.cn/notFound.html

0
0

GET
H3 404 qr_wb.png
ntz1.mr-viper.biz.id/style/ 213 B
213 B 901ms
898ms Image
text/html 2606:4700:3031::ac43:92aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ntz1.mr-viper.biz.id/style/qr_wb.png

Requested by

Host: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:92aa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11fcd9e17551025c7fac5f5448d4e16ea8beaa9ea75ab3f0fb2efc4e8602ce43

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ntz1.mr-viper.biz.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 09:01:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L5ku6MlLTUuwS%2F4toiRCDETb6HlHzHmYG5d%2FCTL1LbmAU5dSxc3%2Frqc%2FOgnTn8XpMlW6yYeCsXAZjAs5wRQd%2BqIACS%2Bd%2Bet0b942rt3s9xDMbI9%2FsCg1x%2BR9xgrTtaKPZswevnACV64A7keFzbnQVZZQgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-ray: 83c89dee4a971841-EWR
alt-svc: h3=":443"; ma=86400

GET

qr_wx.png
www.mofcom.gov.cn/style/
Redirect Chain

https://ntz1.mr-viper.biz.id/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png
https://www.mofcom.gov.cn/style/qr_wx.png

0
0

GET

jquery-1.11.0.min.js
www.mofcom.gov.cn/js/
Redirect Chain

https://ntz1.mr-viper.biz.id/js/jquery-1.11.0.min.js
http://www.mofcom.gov.cn/js/jquery-1.11.0.min.js

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.mofcom.gov.cn
URL: http://www.mofcom.gov.cn/style/main.css

Domain: www.xuexi.cn
URL: https://www.xuexi.cn/notFound.html

Domain: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/js/my.js

Domain: www.mofcom.gov.cn
URL: https://www.mofcom.gov.cn/style/b03.png

Domain: www.xuexi.cn
URL: https://www.xuexi.cn/notFound.html

Domain: www.xuexi.cn
URL: https://www.xuexi.cn/notFound.html

Domain: ntz1.mr-viper.biz.id
URL: https://ntz1.mr-viper.biz.id/js/jquery-1.12.4.js

Domain: www.xuexi.cn
URL: https://www.xuexi.cn/notFound.html

Domain: www.mofcom.gov.cn
URL: https://www.mofcom.gov.cn/style/qr_wx.png

Domain: www.mofcom.gov.cn
URL: http://www.mofcom.gov.cn/js/jquery-1.11.0.min.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ntz1.mr-viper.biz.id/	1970-01-20 17:59:06	Name: HMF_CI Value: e034949ac1033894950100bb4c00f20c56cae84ff7e4fa79003829979017d4649c8e5d72c21776187fce0e98744de92bfd1524cb30e6208519958a33c0a8a45d65
			ntz1.mr-viper.biz.id/	1969-12-31 23:59:59	Name: SERVERID Value: 28f9a83a96e7479c8504459d89a38f53\|1703754068\|1703754068

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ntz1.mr-viper.biz.id/ Message: Mixed Content: The page at 'https://ntz1.mr-viper.biz.id/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.mofcom.gov.cn/style/main.css'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.mofcom.gov.cn/style/b03.png Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security	error	URL: https://ntz1.mr-viper.biz.id/ Message: Mixed Content: The page at 'https://ntz1.mr-viper.biz.id/' was loaded over HTTPS, but requested an insecure script 'http://www.mofcom.gov.cn/js/jquery-1.11.0.min.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.mofcom.gov.cn/style/qr_wx.png Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://ntz1.mr-viper.biz.id/style/qr_wb.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ntz1.mr-viper.biz.id/style/b09.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ntz1.mr-viper.biz.id/style/b07.png Message: Failed to load resource: the server responded with a status of 522 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ntz1.mr-viper.biz.id
www.gov.cn
www.mfa.gov.cn
www.mofcom.gov.cn
www.xuexi.cn
ntz1.mr-viper.biz.id
www.mofcom.gov.cn
www.xuexi.cn
240e:947:6001::10d
2606:1980:2::1f
2606:4700:3031::ac43:92aa
11fcd9e17551025c7fac5f5448d4e16ea8beaa9ea75ab3f0fb2efc4e8602ce43
4055540da9b0b96c52db21a29a5e9f2712248b1a869dc0b2118e927d44d3b90e
48a38f613d0399db59e61358aeef0ddecce9a4501ca8605cf2264bc879912099
7132523bc795c0462d133d8ed480499c69ec70f4f1fcfff6f69dc8a7671170d6
b03e8c83c637df90bc7799c279acdcdee65f8b0803812a3cb63192627384f81a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f85311d96f7bf98f2378ab8c24cca7b4f693f1452af8729022b3350e611fd8e9
fdf44fcd5030e41d30f25cf47365247d3c3a8e646c596c3e6d81095f9a1f1c20

ntz1.mr-viper.biz.id Open in urlscan Pro 2606:4700:3031::ac43:92aa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

22 Requests

32 %HTTPS

100 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

80 kBTransfer

94 kBSize

2 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

7 Console Messages

Indicators

ntz1.mr-viper.biz.id Open in urlscan Pro
2606:4700:3031::ac43:92aa Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

32 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

80 kB
Transfer

94 kB
Size

2
Cookies

22 HTTP transactions
0 data transactions