distribution-virtual.com Open in urlscan Pro
172.67.141.51 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://distribution-virtual.com/
Effective URL:
https://distribution-virtual.com/
Submission Tags: suspect
Submission: On December 20 via api (December 20th 2024, 1:23:53 pm UTC) from BR — Scanned from PL

Summary HTTP 27 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 172.67.141.51, located in United States and belongs to CLOUDFLARENET, US. The main domain is distribution-virtual.com.
TLS certificate: Issued by WE1 on December 19th 2024. Valid for: 3 months.

This is the only time distribution-virtual.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
2 20	172.67.141.51 172.67.141.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	136.175.126.220 136.175.126.220	62902 (AS-ASPHERE) (AS-ASPHERE)
2	104.26.14.157 104.26.14.157	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.186.31 104.18.186.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	6

20 172.67.141.51 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

distribution-virtual.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.175.126.220 (United States)

ASN62902 (AS-ASPHERE, US)

rpc.ankr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.14.157 (None, )

ASN13335 (CLOUDFLARENET, US)

binance.llamarpc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	distribution-virtual.com 2 redirects distribution-virtual.com	2 MB
2	llamarpc.com binance.llamarpc.com — Cisco Umbrella Rank: 780237	751 B
2	ankr.com rpc.ankr.com — Cisco Umbrella Rank: 98814	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	143 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	47 KB
27	5

	Domain	Requested by
20	distribution-virtual.com	2 redirects distribution-virtual.com
2	binance.llamarpc.com	distribution-virtual.com
2	rpc.ankr.com	distribution-virtual.com
2	cdnjs.cloudflare.com	distribution-virtual.com
1	cdn.jsdelivr.net	distribution-virtual.com
27	5

This site contains links to these domains. Also see Links.

Domain
gov.virtuals.io

Subject Issuer	Validity	Valid
distribution-virtual.com WE1	`2024-12-19` - `2025-03-19`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
enterprise.onerpc.com WR1	`2024-12-05` - `2025-03-05`	3 months	crt.sh
llamarpc.com WE1	`2024-12-16` - `2025-03-16`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://distribution-virtual.com/
Frame ID: C6ACD5B5948E1F1AB64471B52B61C7CD
Requests: 21 HTTP requests in this frame

Frame: https://distribution-virtual.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: ADF8A4B7977A02AA175162CC406A5A29
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VIRTUALS Protocol

Page URL History Show full URLs

http://distribution-virtual.com/ HTTP 307
https://distribution-virtual.com/ Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

27
Requests

85 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

2158 kB
Transfer

6285 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://gov.virtuals.io/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://distribution-virtual.com/ HTTP 307
https://distribution-virtual.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://distribution-virtual.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://distribution-virtual.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

Request Chain 15

https://distribution-virtual.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://distribution-virtual.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
distribution-virtual.com/
Redirect Chain

http://distribution-virtual.com/
https://distribution-virtual.com/

68 KB
11 KB

413ms
366ms

Document
text/html

172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b20b0c55d485b8cd6491969f6351c99844b315c35c9d1ac22214ef8f3052025f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f4ff2f01eb2c060-WAW
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Fri, 20 Dec 2024 13:23:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=igfj17PCmBSJrfJQNAnewZ5orh8g%2BBGzIP3hOq8vwOWMkdiHJBhZJmd3M83%2B2b%2F2CIwEM%2FqTGK00KbYP4qsc4rtDZLJkRdrr1YtQA%2BfFR2SuQ7TxcEe8kUfGMGzHJMCU9aYfuW8WoeF8kds%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=27695&min_rtt=27092&rtt_var=4746&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4176&recv_bytes=4450&delivery_rate=552&cwnd=12000&unsent_bytes=0&cid=8e3e53b167a15937&ts=373&x=1" cfExtPri cfHdrFlush;dur=0
x-powered-by: Express

Redirect headers

Location: https://distribution-virtual.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 main.f0ce58de.css
distribution-virtual.com/ 45 KB
9 KB 518ms
518ms Stylesheet
text/css 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/main.f0ce58de.css
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1ecda766b50285b1a73584d0e923f6c0b5315297c4d3a88c7541eed21f900ad1

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXVB5t4S3SowMBwSwzkam6d6LHbUDvtxdJG%2FVLE0RYyTlDo0yVvy6BS5Dznhb5D725uc75sVp4SF4n1xMeKeMYi6IyM4MFvLlddPzGsrfduXCtDBPhajxtqFY0fjhd8BwK7IJJKnw1hkQlc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2f289edc060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28221&min_rtt=27010&rtt_var=1823&sent=30&recv=23&lost=0&retrans=0&sent_bytes=20540&recv_bytes=6407&delivery_rate=145336&cwnd=12000&unsent_bytes=0&cid=8e3e53b167a15937&ts=912&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:48 GMT
content-type: text/css
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:48 GMT
priority: u=0,i=?0

GET
H3 200 kh5ynoMH_400x400.jpg
distribution-virtual.com/ 7 KB
7 KB 371ms
371ms Image
image/jpeg 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distribution-virtual.com/kh5ynoMH_400x400.jpg
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 50d1c4bb055f47ab061846226df5911fb37d5dd6bb7fb3d02874d6bbc38123e7

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMexWDvEU%2F1mgQjB2mcUM%2B80bTHYpNBK75X0n3mFfA%2FaDYMkZh%2FfR74srJxe7mAueWEC3KjxCiE2gcHh%2FakS4AO3U0DjMXz%2FiHyOUQXLQV1K9jQ5EO5eMgZFaMQ8lbnhKrLPiFmGKrvQ5EU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2f46cf8c060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28124&min_rtt=27010&rtt_var=1562&sent=31&recv=24&lost=0&retrans=0&sent_bytes=21242&recv_bytes=6451&delivery_rate=13385&cwnd=12000&unsent_bytes=0&cid=8e3e53b167a15937&ts=1066&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:48 GMT
content-type: image/jpeg
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:48 GMT
priority: u=3,i

GET
H3 200 new-logo.d933c1dfc243c199ac524d2d4e2b2a3a.svg
distribution-virtual.com/ 28 KB
12 KB 524ms
524ms Image
image/svg+xml 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distribution-virtual.com/new-logo.d933c1dfc243c199ac524d2d4e2b2a3a.svg
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 15328dbfec1f5d068a39f7459eb5ce66a118d1b4afe7eddb75e75652f5790780

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zBfbPxt3h2CPumA15lqc1NQq5RIeNySkc%2B8fZGlRQpUUWyobu%2FPQuFpLBterQ51%2BaYmgc0s790RSgYNhIXh96Unlqr1kL8R0lms%2Fjy5rkAQG0Yj%2FVq6743TmV0Vc%2FHvBfZ57rchLh3tclo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2f46cfbc060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28021&min_rtt=26955&rtt_var=1492&sent=50&recv=35&lost=0&retrans=0&sent_bytes=40074&recv_bytes=7438&delivery_rate=421528&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=1215&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:49 GMT
content-type: image/svg+xml
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:48 GMT
priority: u=3,i

GET
H3 200 new-mobile-logo.1301703cff6fc72572cbdb63148039d9.svg
distribution-virtual.com/ 2 KB
2 KB 400ms
399ms Image
image/svg+xml 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://distribution-virtual.com/new-mobile-logo.1301703cff6fc72572cbdb63148039d9.svg
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bb684e3e83efb5b324e78543f0ca5d4201eaa33275aa0563c2e9afdb4207fc33

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04DRm5JNah3SA%2BLlynYVLdWNd9zMmER%2BKVZpKlfQsQysYtxOtAJGSb5AEKNEyymuhvwDaEGdfmH6VNUbYPCyYeZYJ22%2FwDQu2VOZWIzyptUeSyTxWbC6EGHYdurPSpJMEwyU9AXGDRX2k6U%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2f46cfec060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28124&min_rtt=27010&rtt_var=1562&sent=42&recv=24&lost=0&retrans=0&sent_bytes=33242&recv_bytes=6451&delivery_rate=13385&cwnd=12000&unsent_bytes=0&cid=8e3e53b167a15937&ts=1079&x=1", cfExtPri, cfHdrFlush;dur=14
date: Fri, 20 Dec 2024 13:23:48 GMT
content-type: image/svg+xml
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:48 GMT
priority: u=3,i

GET
H3 200 rocket-loader.min.js Show response
distribution-virtual.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 32ms
32ms Script
application/javascript 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distribution-virtual.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: distribution-virtual.com
URL: https://distribution-virtual.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"675fc4cd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AASAnVqai%2F9eXwRQGDSOryj9vVvcWmbMbPPQDn24fKqEJ38XzUy5bvphPvLigJ2%2FB%2F1q%2B9hC28ni%2FsQwPSqYqiQ0hV7aABHCNYK8wjVVEP%2F835K4RDYWk8hL4GnNEtQjCO8ze6i9T5xCM5Y%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f4ff2f46cffc060-WAW
expires: Sun, 22 Dec 2024 13:23:48 GMT
date: Fri, 20 Dec 2024 13:23:48 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 06:12:29 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 css2.css
distribution-virtual.com/ 4 KB
1 KB 376ms
375ms Stylesheet
text/css 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/css2.css
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/main.f0ce58de.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 44293338a338569d6843701dc6f0b5a78801c5840d916b3d195be40d89981d69

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/main.f0ce58de.css

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4I7wJE7TIlnKp59LW%2BUEZBr2RP72FML0kePOAvonOcDUVZu4VmcwcApIwF1jMVfxjFN4zZgiG2s%2BFZ4uEGs9L98okIW4RSiF7AG%2Fn4hzcxwCiQ%2F88Hs2Zl5uXaMaA3NICnI7m3MC6pSDG0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2f6e91ac060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30097&min_rtt=26955&rtt_var=2425&sent=61&recv=41&lost=0&retrans=0&sent_bytes=52646&recv_bytes=7697&delivery_rate=103195&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=1469&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:49 GMT
content-type: text/css
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:49 GMT
priority: u=0,i=?0

GET
H3 200 css2-1.css
distribution-virtual.com/ 48 KB
14 KB 518ms
517ms Stylesheet
text/css 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/css2-1.css
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/main.f0ce58de.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 109c36b177381248ea79d94e99b3400513dc6d78f33d3bcc60f7e29b946fd20b

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/main.f0ce58de.css

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPlSYVRRm4d8T3C7%2B2C2qECrHwEXT%2Bh2ns1EHevHR%2F%2BFlXbero%2B6q5%2B5k1aYsrloEayRBAe8jLRGcAlVi7Djt1u0SBXJU%2B0jz1AkQ6KDcFy4PFFAeaS2rxHekyDNb5%2FElG94Onofx7eu4aU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2f6e91dc060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29729&min_rtt=26955&rtt_var=2555&sent=63&recv=42&lost=0&retrans=0&sent_bytes=53979&recv_bytes=7740&delivery_rate=49093&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=1612&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:49 GMT
content-type: text/css
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:49 GMT
priority: u=0,i=?0

GET
H3 200 K2FxfZ5fmddNPpUxaJnzJw.woff2
distribution-virtual.com/ 12 KB
12 KB 379ms
378ms Font
font/woff2 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/K2FxfZ5fmddNPpUxaJnzJw.woff2
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/css2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 650d0fd4e3a89424511dea8c39422ef81546adc55c21c8269472486fd0ae8c6c

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://distribution-virtual.com
Referer: https://distribution-virtual.com/css2.css

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Q4JIStXOcKKpLM5BGx4kfQxoRGNkEx0L8qgj4Sj3aUzXX6emPho2s1FLvxuCjjkGFxvwNIMzRfQUx7GUU7YwRdm%2BpmtruXF1aEQCj5j8PmsORTe2HYaB1uqhpz%2BXZN9c2hlrKoU2x2XLIk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2fb3817c060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31475&min_rtt=26955&rtt_var=5180&sent=90&recv=74&lost=0&retrans=0&sent_bytes=75435&recv_bytes=27032&delivery_rate=16752&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=2161&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:49 GMT
content-type: font/woff2
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:49 GMT
priority: u=0,i=?0

GET
H3 200 K2F-fZ5fmddNNi4UfQ.woff2
distribution-virtual.com/ 12 KB
13 KB 389ms
388ms Font
font/woff2 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/K2F-fZ5fmddNNi4UfQ.woff2
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/css2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 71b275cf770fc22290fc17ff30ac170908e40c03a682218600f5fef533af02a0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://distribution-virtual.com
Referer: https://distribution-virtual.com/css2.css

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85vDxbBo7F%2Fo%2BHL%2BLQ%2FqykpqIzOYewPXwh05BJBuJavM26egetndhbNyozYjdGeieFAmyuc7cQXdbMG5OjkhlgyvjhzFgoV7AydtNFM5sFzlHlFqeYSD%2B%2BAIpoi%2FWQ58GlCtpwdt%2FgLjKrc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2fb381cc060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31475&min_rtt=26955&rtt_var=5180&sent=104&recv=74&lost=0&retrans=0&sent_bytes=90385&recv_bytes=27032&delivery_rate=16752&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=2169&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:49 GMT
content-type: font/woff2
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:49 GMT
priority: u=0,i=?0

GET
H3 200 custom-loading-script-riddance.js Show response
distribution-virtual.com/ 4 KB
2 KB 381ms
381ms Script
application/javascript 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/custom-loading-script-riddance.js
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cb552ae5513453213a801e2814f2ef08220ad7e3525de1caee7c44bd2e1c3238

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"ee8-18a950d4730"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sv%2F7FoEY5Z6RDFk4p4q5lxvh2T77uKsL11Tkx%2BvWTcdOUC0vcE%2BL1f%2FSrb85mKZmA2GsnK2z2jziIX8mk5q56i887ZXOVvToCGXO%2FQ1Ft9EFOA72bWzaWW%2BmbOBwU8FVNkSc%2FCkioJpnLtM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31475&min_rtt=26955&rtt_var=5180&sent=101&recv=74&lost=0&retrans=0&sent_bytes=88337&recv_bytes=27032&delivery_rate=16752&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=2166&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 14 Sep 2023 18:56:30 GMT
priority: u=1,i=?0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f4ff2fb381ec060-WAW
x-powered-by: Express
server: cloudflare

GET
H3 200 de111052-8f34-45f8-be8e-911bb4652a36.js Show response
distribution-virtual.com/ 5 MB
2 MB 544ms
544ms Script
application/javascript 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/de111052-8f34-45f8-be8e-911bb4652a36.js
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f320e5e97cf1b0601b8abf84b8214db872463119bc0a12417f3af98234ed2e60

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YvIJODM4%2BiyJyazew6KRUris3f7NKjR2xF%2Fm%2FScTYzSa%2FulKyD29Q78s5OyCPtPW8RCXQ7gb3oK17dx1vSFW59SP7He9W4PGtRi1uagBBz24UgNJVdnXbJYOlTLHGVXL19yT%2FOXyBooZh7Y%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2fb3821c060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31569&min_rtt=26955&rtt_var=5094&sent=117&recv=84&lost=0&retrans=0&sent_bytes=103665&recv_bytes=28101&delivery_rate=501274&cwnd=31200&unsent_bytes=0&cid=8e3e53b167a15937&ts=2329&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:50 GMT
content-type: application/javascript
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:49 GMT
priority: u=1,i=?0

GET
H3

200

main.js Show response
distribution-virtual.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame ADF8
Redirect Chain

https://distribution-virtual.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://distribution-virtual.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

9 KB
5 KB

41ms
40ms

Script
application/javascript

172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distribution-virtual.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

Requested by

Host: distribution-virtual.com
URL: https://distribution-virtual.com/

Protocol

Server

172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3770b6241d79edfc410fd669c249e4d03496946c72deb475455a249c3c9feb6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njZkYgeovDimF6xJt9jae%2Bmum72cs9xzT1FRVG5aoxyOhL8cu1rp7R701u0crVo%2BkWxQHIYQVJo9qKhu2f1VlnDpb1X%2FW0%2BbRWgB2dbmRzIQdk4xhZVvTscbmZJYy5CR1BiXdh4Jzu0YvsM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f4ff2fb6882c060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29084&min_rtt=26955&rtt_var=2659&sent=79&recv=55&lost=0&retrans=0&sent_bytes=69135&recv_bytes=9779&delivery_rate=20431&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=1862&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0w58GcxXE4Ahuoze5dRKmysbSkymasYnYNlLRFaRunmmnFGtLwalk%2BEGewbRkXoTS4uRf5dZX83nTvG8%2FDVBUtfmf%2FyRjs0qY0VP0sme423MppVxt2r%2F0m%2FoMyE1mVPKVNJLCA%2Bi5YZxYs0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2fb3823c060-WAW
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=28340&min_rtt=26955&rtt_var=1561&sent=77&recv=54&lost=0&retrans=0&sent_bytes=68376&recv_bytes=9510&delivery_rate=500090&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=1821&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:49 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 8f4ff2f01eb2c060 Show response
distribution-virtual.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame ADF8 0
1 KB 47ms
40ms XHR
text/plain 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/cdn-cgi/challenge-platform/h/b/jsd/r/8f4ff2f01eb2c060
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6tDN9eKVUHz02H6l8eUH1tXe5EK%2F7PPhnWRkYvj%2FkcwwBD7xBnFk8j2F9HqKCHTovg24BJrQ7h2TjRWnHpwAVm2sp20H4JaXW6%2Boa7qKD9ttc03S3iIvmyVEeAVlKIWkrwPz7Qn9IJ8sq2s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2fbf950c060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=31986&min_rtt=26955&rtt_var=5542&sent=89&recv=73&lost=0&retrans=0&sent_bytes=74260&recv_bytes=26987&delivery_rate=133476&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=1952&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Fri, 20 Dec 2024 13:23:49 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 favicon.ico
distribution-virtual.com/ 7 KB
3 KB 371ms
371ms Other
image/x-icon 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: af6eda290b4496cc2625f622473b1486f679e6a5b5bd21ed9fee176fb8fc54ef

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aLfx2is8tM8LBRNyYAe2GEjyUMspUNao8dED7155Dd67GUj0bfCLEJOZqV2ntJmZ3QMly2H09lrOFJexZv9ZDYS5e0hhhAsTkYWT2dUI%2FmuNKvYElKjePip9ZFlB4zHBPFsFNbfofZhNlJo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2fdbbbcc060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30999&min_rtt=26955&rtt_var=4961&sent=118&recv=85&lost=0&retrans=0&sent_bytes=104376&recv_bytes=28146&delivery_rate=5032&cwnd=31200&unsent_bytes=0&cid=8e3e53b167a15937&ts=2561&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:50 GMT
content-type: image/x-icon
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:50 GMT
priority: u=1,i

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/ 59 KB
20 KB 77ms
41ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js

Requested by

Host: distribution-virtual.com
URL: https://distribution-virtual.com/de111052-8f34-45f8-be8e-911bb4652a36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "65384d58-4ca5"
age: 138807
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rr%2BKNi9zxI1Td9R9Ev%2Bbu99U%2Fh91vNeJ34CMZeW3kEfLcpZ4qUqbk3sOGgX9APfv8dHco3glBmHuo%2B5hAHhcsRHfYgGxAIHEXk%2BpLrvkMMcN9AyYzH%2FCU8IlwtfHug%2F0GgivQIrC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 13:23:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 13:23:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 24 Oct 2023 23:03:52 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f4ff307f9dd0230-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19621
server: cloudflare

GET
H3

200

main.js Show response
distribution-virtual.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame ADF8
Redirect Chain

https://distribution-virtual.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://distribution-virtual.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

9 KB
0

0ms
0ms

Script
application/javascript

172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://distribution-virtual.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?

Protocol

Server

172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3770b6241d79edfc410fd669c249e4d03496946c72deb475455a249c3c9feb6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njZkYgeovDimF6xJt9jae%2Bmum72cs9xzT1FRVG5aoxyOhL8cu1rp7R701u0crVo%2BkWxQHIYQVJo9qKhu2f1VlnDpb1X%2FW0%2BbRWgB2dbmRzIQdk4xhZVvTscbmZJYy5CR1BiXdh4Jzu0YvsM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8f4ff2fb6882c060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29084&min_rtt=26955&rtt_var=2659&sent=79&recv=55&lost=0&retrans=0&sent_bytes=69135&recv_bytes=9779&delivery_rate=20431&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=1862&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:49 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0w58GcxXE4Ahuoze5dRKmysbSkymasYnYNlLRFaRunmmnFGtLwalk%2BEGewbRkXoTS4uRf5dZX83nTvG8%2FDVBUtfmf%2FyRjs0qY0VP0sme423MppVxt2r%2F0m%2FoMyE1mVPKVNJLCA%2Bi5YZxYs0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff2fb3823c060-WAW
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=28340&min_rtt=26955&rtt_var=1561&sent=77&recv=54&lost=0&retrans=0&sent_bytes=68376&recv_bytes=9510&delivery_rate=500090&cwnd=19200&unsent_bytes=0&cid=8e3e53b167a15937&ts=1821&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:49 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 8f4ff2f01eb2c060 Show response
distribution-virtual.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame ADF8 0
1 KB 46ms
40ms XHR
text/plain 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/cdn-cgi/challenge-platform/h/b/jsd/r/8f4ff2f01eb2c060
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUpqeR%2BiWw8lMrej%2FmBCktp%2FjpU5DX1lfuF161Mvw2NFsj2TtkLlVlueSSce7Oguz%2BFRcQ2cFFQoP5zTlyjixaf%2Ftjq%2BoYZCen%2BMSlf0CKowWleDrGd7E5PM60UOWXMlKdzl21kGX5fp8u8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff3086b6dc060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27427&min_rtt=26951&rtt_var=274&sent=1763&recv=272&lost=0&retrans=0&sent_bytes=2049166&recv_bytes=53346&delivery_rate=11092102&cwnd=508800&unsent_bytes=0&cid=8e3e53b167a15937&ts=3944&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 0
date: Fri, 20 Dec 2024 13:23:51 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
priority: u=1,i

GET
H3 200 ethers.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ 719 KB
124 KB 40ms
40ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js

Requested by

Host: distribution-virtual.com
URL: https://distribution-virtual.com/de111052-8f34-45f8-be8e-911bb4652a36.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "62ad87d5-1eb91"
age: 134659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYhSuxUezmUqL8lFF5Wfp5AOYkewQwtfwYy4j8koDx3q%2FdFoXACGhMR40gF4TTyfuFq8jbZKZQtZpGCtALcl3WiaPrO8pcBtzW8pZ3RZEJqwvKptVibdCgwrlgOp5RtVLanEJfMQ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 13:23:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 20 Dec 2024 13:23:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 18 Jun 2022 08:07:49 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f4ff3087b9f0230-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 125841
server: cloudflare

OPTIONS
H2 204 bsc
rpc.ankr.com/ Frame 0
0 271ms
118ms Preflight 136.175.126.220
AS-ASPHERE

General

Check archive.org

Show headers Download Go to

Full URL

https://rpc.ankr.com/bsc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.175.126.220 , United States, ASN62902 (AS-ASPHERE, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://distribution-virtual.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,solana-client
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Fri, 20 Dec 2024 13:23:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains

OPTIONS
H3 204 /
binance.llamarpc.com/ Frame 0
0 295ms
236ms Preflight 104.26.14.157
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://binance.llamarpc.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.14.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://distribution-virtual.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f4ff309ca3e62c6-HAM
date: Fri, 20 Dec 2024 13:23:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BFourKC%2F2InBrUSVC76SUF0aEncLl5be3QAlL0QOsJoF2NZLDzDx%2FRoouR6hXmosJiTYlBTRYaZMBgpZAOARpwV9YkLNSxHpbTXjqBcEHGgnbtsdSCQ7bOZtskaKVwQ1wnzfLJK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=46272&min_rtt=46078&rtt_var=7529&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4305&recv_bytes=4402&delivery_rate=389&cwnd=12000&unsent_bytes=0&cid=21e3c38b88f343d1&ts=240&x=1" cfExtPri cfHdrFlush;dur=0
vary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 bsc Show response
rpc.ankr.com/ 5 KB
3 KB 56ms
54ms Fetch
application/json 136.175.126.220
AS-ASPHERE

General

Check archive.org

Show headers Download Go to

Full URL

https://rpc.ankr.com/bsc

Requested by

Host: distribution-virtual.com
URL: https://distribution-virtual.com/de111052-8f34-45f8-be8e-911bb4652a36.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.175.126.220 , United States, ASN62902 (AS-ASPHERE, US),

Reverse DNS

Software

Resource Hash

ab1c7a546b14a46cfa909ea843f926fd4590dccbfbf474548233a219986f7dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json
Referer: https://distribution-virtual.com/

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-max-age: 1728000
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
date: Fri, 20 Dec 2024 13:23:52 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,solana-client

POST
H3 200 / Show response
binance.llamarpc.com/ 1 KB
751 B 206ms
205ms Fetch
application/json 104.26.14.157
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://binance.llamarpc.com/
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/de111052-8f34-45f8-be8e-911bb4652a36.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.14.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9b0f17a0de2b0e94b440ac0daf5ccaf8ecfd91ee4937c7caf3bfb3b4d6f634f

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type: application/json
Referer: https://distribution-virtual.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3%2FN1msNVwjxj7kjQkeLmX7quVt5gI%2F5X%2FZOJU1uAw3sHHwKV5eZ6SyXV91zuMWJZJVHyWyqnOD9URyt7lWgUHs38BfowaHRoKLwL4j7BgLpAZ365or8en3p3PLAfkBRHITuMnhA"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff30b4b0162c6-HAM
access-control-allow-origin: *
x-cache: false
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Dec 2024 13:23:52 GMT
content-type: application/json
server: cloudflare
priority: u=1,i
server-timing: cfL4;desc="?proto=QUIC&rtt=46252&min_rtt=46078&rtt_var=5688&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5091&recv_bytes=4884&delivery_rate=15767&cwnd=12000&unsent_bytes=0&cid=21e3c38b88f343d1&ts=445&x=1", cfExtPri, cfHdrFlush;dur=0

GET
H2 200 merkletree.js Show response
cdn.jsdelivr.net/npm/merkletreejs@latest/ 215 KB
47 KB 128ms
42ms Script
application/javascript 104.18.186.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js

Requested by

Host: distribution-virtual.com
URL: https://distribution-virtual.com/de111052-8f34-45f8-be8e-911bb4652a36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c277622a66901d9b5b7fa8765ce15798265c5e30d832e08c0d69157e28de7460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"35cec-voDmHbahh9asSkpxmh+JmyyWCMA"
age: 15997
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hgn2CzEGqpBZrPYUOb5K%2FxSY3jcxvCoA4gbSYPOVn%2BENs%2FanHHApOCXJetxPlJn5zYjaWol6%2B4ki7cqVZX4qdhIPXw7A8eV5mg7YjxSdrmY6gYoqLmMRph67xCGrWnpsgBw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Fri, 20 Dec 2024 13:23:52 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-etou8220103-FRA, cache-lga21977-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8f4ff30c3c3bc3bb-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47359
server: cloudflare
x-jsd-version: 0.4.0

GET wallet-connect-v4.js
distribution-virtual.com/scripts/ 0
0

GET
H3 200 popup-6.css
distribution-virtual.com/styles/ 51 KB
12 KB 529ms
529ms Stylesheet
text/css 172.67.141.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://distribution-virtual.com/styles/popup-6.css
Requested by: Host: distribution-virtual.com
URL: https://distribution-virtual.com/de111052-8f34-45f8-be8e-911bb4652a36.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.141.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://distribution-virtual.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uSVHwQdL8ijBPVO0JPQ2B9%2BTXzjJ%2FPCnTZoStxOe3v8F%2FMwHNp6WfYcZSLP0WdCNLP9F19ZFMm7LM%2Bx%2F7RT%2BtgqOM18Hm%2FgwVW4M2t19t5MT2rUFWed7jBzKOSc7yRi1c0Uyp9JZSJG8x4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f4ff30ba851c060-WAW
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27389&min_rtt=26951&rtt_var=282&sent=1766&recv=275&lost=0&retrans=0&sent_bytes=2051089&recv_bytes=54669&delivery_rate=23490&cwnd=508800&unsent_bytes=0&cid=8e3e53b167a15937&ts=4951&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 20 Dec 2024 13:23:52 GMT
content-type: text/css
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 20 Dec 2024 13:23:52 GMT
priority: u=0,i=?0

GET wallet-connect-v4.js
distribution-virtual.com/scripts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: distribution-virtual.com
URL: https://distribution-virtual.com/scripts/wallet-connect-v4.js?v=3

Domain: distribution-virtual.com
URL: https://distribution-virtual.com/scripts/wallet-connect-v4.js?v=3

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.distribution-virtual.com/	1970-01-21 10:37:17	Name: cf_clearance Value: 78yrUkQo6fJAC_i4lL9UyRcgbwql.jnkPvwWZf0BVU8-1734701031-1.2.1.1-GYtH17hHQ1nfREZTLbOFWVoeyW6STskyaJXjiHRBXQCdbvujqyN.f6wcb1h2gMi2gshMpCqscljXQShn8CqWP_hZH1ApF54iMAGpVqjQo7HX0Lv8tlFefkHc8w6F6mH3Q_BWq_91xI7tkV0yKEFHZXYa1xSfJhNl8DQCd8ok.BetT0r69mTl3kPqZvIMrTvpau.ADObyriacHezAOYgfia43j.Xcwte5xZOlCVrFU747eYPli6i3Uc5OI0vHhiM4LBNlEa.x_8hEfdxKyLEq4omLhINojDE9_AgRDUIPE8U8ZjoCbzUnCQk7DczOoZpzLyfzJgVBc2EebxXuAgHK6A
			distribution-virtual.com/	1970-01-21 11:27:41	Name: gacfxdn1x7 Value: ZHN1S2iw70JCXc3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

binance.llamarpc.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
distribution-virtual.com
rpc.ankr.com
distribution-virtual.com
104.17.24.14
104.18.186.31
104.26.14.157
136.175.126.220
172.67.141.51
109c36b177381248ea79d94e99b3400513dc6d78f33d3bcc60f7e29b946fd20b
15328dbfec1f5d068a39f7459eb5ce66a118d1b4afe7eddb75e75652f5790780
1ecda766b50285b1a73584d0e923f6c0b5315297c4d3a88c7541eed21f900ad1
3770b6241d79edfc410fd669c249e4d03496946c72deb475455a249c3c9feb6f
44293338a338569d6843701dc6f0b5a78801c5840d916b3d195be40d89981d69
50d1c4bb055f47ab061846226df5911fb37d5dd6bb7fb3d02874d6bbc38123e7
650d0fd4e3a89424511dea8c39422ef81546adc55c21c8269472486fd0ae8c6c
71b275cf770fc22290fc17ff30ac170908e40c03a682218600f5fef533af02a0
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
ab1c7a546b14a46cfa909ea843f926fd4590dccbfbf474548233a219986f7dc1
af6eda290b4496cc2625f622473b1486f679e6a5b5bd21ed9fee176fb8fc54ef
b20b0c55d485b8cd6491969f6351c99844b315c35c9d1ac22214ef8f3052025f
bb684e3e83efb5b324e78543f0ca5d4201eaa33275aa0563c2e9afdb4207fc33
c277622a66901d9b5b7fa8765ce15798265c5e30d832e08c0d69157e28de7460
cb552ae5513453213a801e2814f2ef08220ad7e3525de1caee7c44bd2e1c3238
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b0f17a0de2b0e94b440ac0daf5ccaf8ecfd91ee4937c7caf3bfb3b4d6f634f
f320e5e97cf1b0601b8abf84b8214db872463119bc0a12417f3af98234ed2e60
f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf

distribution-virtual.com Open in urlscan Pro 172.67.141.51 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

85 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

2158 kBTransfer

6285 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

distribution-virtual.com Open in urlscan Pro
172.67.141.51 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

85 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

2158 kB
Transfer

6285 kB
Size

2
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!