erugmakers.com Open in urlscan Pro
154.93.194.198 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://erugmakers.com/
Effective URL:
https://erugmakers.com/index.html
Submission: On August 10 via api (August 10th 2024, 4:44:29 am UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 5 domains to perform 28 HTTP transactions. The main IP is 154.93.194.198, located in Hong Kong and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is erugmakers.com.
TLS certificate: Issued by R11 on July 11th 2024. Valid for: 3 months.

This is the only time erugmakers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: imToken (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
1 19	154.93.194.198 154.93.194.198	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
1	154.85.69.3 154.85.69.3	139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	8.212.139.121 8.212.139.121	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	172.67.191.68 172.67.191.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	6

19 154.93.194.198 (Hong Kong) 1 redirects

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

erugmakers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.85.69.3 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

kmting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.212.139.121 (Manila, Philippines)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

imto1ken.oss-ap-southeast-6.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.191.68 (United States)

ASN13335 (CLOUDFLARENET, US)

dl.im-dl.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	erugmakers.com 1 redirects erugmakers.com	165 KB
1	im-dl.shop dl.im-dl.shop
1	aliyuncs.com imto1ken.oss-ap-southeast-6.aliyuncs.com	1 KB
1	kmting.com kmting.com	598 B
1	51.la sdk.51.la — Cisco Umbrella Rank: 46121	13 KB
28	5

	Domain	Requested by
19	erugmakers.com	1 redirects erugmakers.com
1	dl.im-dl.shop	imto1ken.oss-ap-southeast-6.aliyuncs.com
1	imto1ken.oss-ap-southeast-6.aliyuncs.com	kmting.com
1	kmting.com	erugmakers.com
1	sdk.51.la	erugmakers.com
28	5

This site contains links to these domains. Also see Links.

Domain
www.cdcxhr.com
cd-cl.com
zjmingbang.com
jinrpme.com
tyanfu.com
tubevisor.com
baotaihk.com
luohao.org
yibenmodel.com
huashuoguanwang.com
0351house.net

Subject Issuer	Validity	Valid
www.erugmakers.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
*.51.la Sectigo RSA Domain Validation Secure Server CA	`2024-05-14` - `2025-05-14`	a year	crt.sh
kmting.com WE1	`2024-07-02` - `2024-09-30`	3 months	crt.sh
ap-southeast-6.oss.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-11-27` - `2024-12-28`	a year	crt.sh
im-dl.shop WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://erugmakers.com/index.html
Frame ID: E16FFEC0B309CAD290DC089380B7720D
Requests: 27 HTTP requests in this frame

Frame: https://dl.im-dl.shop/
Frame ID: 9450E7017ADEC9A48753E70A99AEEFB7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

imToken_imToken下载_imtoken钱包电脑版下载

Page URL History Show full URLs

https://erugmakers.com/ HTTP 301
https://erugmakers.com/index.html Page URL

Detected technologies

DedeCMS (CMS) Expand

Overall confidence: 100%
Detected patterns

dedeajax

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

79 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

5
Countries

180 kB
Transfer

397 kB
Size

1
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://www.cdcxhr.com/
Title: im钱包

Search URL Search Domain Scan URL

URL: http://cd-cl.com/
Title: 冷钱包

Search URL Search Domain Scan URL

URL: http://zjmingbang.com/
Title: im官网

Search URL Search Domain Scan URL

URL: http://jinrpme.com/
Title: im下载

Search URL Search Domain Scan URL

URL: http://tyanfu.com/
Title: imtoken官网地址

Search URL Search Domain Scan URL

URL: http://tubevisor.com/
Title: imtoken下载地址

Search URL Search Domain Scan URL

URL: http://baotaihk.com/
Title: imtoken冷钱包

Search URL Search Domain Scan URL

URL: http://luohao.org/
Title: imtoken官方下载

Search URL Search Domain Scan URL

URL: http://yibenmodel.com/
Title: imToken下载

Search URL Search Domain Scan URL

URL: http://huashuoguanwang.com/
Title: imToken钱包官网

Search URL Search Domain Scan URL

URL: http://0351house.net/
Title: imToken钱包

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://erugmakers.com/ HTTP 301
https://erugmakers.com/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
erugmakers.com/
Redirect Chain

https://erugmakers.com/
https://erugmakers.com/index.html

84 KB
10 KB

258ms
256ms

Document
text/html

154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

db58e548a6d72a6c785919ee6ed882cccf015b1461ecd1dd5721a3fd5550af21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 10 Aug 2024 04:44:23 GMT
etag: W/"66b3c12b-151fd"
last-modified: Wed, 07 Aug 2024 18:47:07 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Sat, 10 Aug 2024 04:44:23 GMT
location: index.html
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 jquery-1.8.1.min.js Show response
erugmakers.com/templets/default/js/ 105 KB
41 KB 514ms
512ms Script
application/javascript 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/templets/default/js/jquery-1.8.1.min.js

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

2dbdd9f87b515af124ce313210e19ec45c4aec3a55da035c0d810dea9ec2b6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 09 Jan 2018 15:03:32 GMT
server: nginx
etag: W/"5a54d9c4-1a59d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 10 Aug 2024 16:44:23 GMT

GET
H2 200 common.css
erugmakers.com/templets/default/style/ 14 KB
5 KB 261ms
259ms Stylesheet
text/css 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/templets/default/style/common.css

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

a7f2b522c172e0509ba1ccea974b2916ca3e6b4a694826a77de27c7d026236a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Apr 2019 01:40:40 GMT
server: nginx
etag: W/"5cb92718-3758"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 10 Aug 2024 16:44:23 GMT

GET
H2 200 index.css
erugmakers.com/templets/default/style/ 15 KB
4 KB 261ms
259ms Stylesheet
text/css 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/templets/default/style/index.css

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

fa7aacc49aabc7b37f4076ac7d27de84e9d32bf500c3f8990e82b9e55d94243b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 18 Jan 2018 13:53:06 GMT
server: nginx
etag: W/"5a60a6c2-3b2b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 10 Aug 2024 16:44:23 GMT

GET
H2 200 list.css
erugmakers.com/templets/default/style/ 6 KB
2 KB 261ms
259ms Stylesheet
text/css 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/templets/default/style/list.css

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

63f31f7a1ee6c7ad52f8383c27b78a6e76ec5ba14ecf83b34efb5bdb10f76ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 03 Apr 2018 00:12:34 GMT
server: nginx
etag: W/"5ac2c6f2-188c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Sat, 10 Aug 2024 16:44:23 GMT

GET
H2 200 dedeajax2.js Show response
erugmakers.com/include/ 8 KB
3 KB 522ms
520ms Script
application/javascript 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/include/dedeajax2.js

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

d8392af3d2747ad3f3baf95cd2b35af4fdac13d67c57f868b7937e99aca64336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 22 Oct 2023 07:19:58 GMT
server: nginx
etag: W/"6534cd1e-2023"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 10 Aug 2024 16:44:23 GMT

GET
H2 200 dj.js Show response
erugmakers.com/ 418 B
631 B 522ms
521ms Script
application/javascript 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/dj.js

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

0a025f1d6d50203eb4efa6be8fe3cb56eaa2a01e73f241d55c19a1b2d35eec56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:23 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 20 Jan 2024 11:27:42 GMT
server: nginx
etag: "65abae2e-1a2"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 418
expires: Sat, 10 Aug 2024 16:44:23 GMT

GET
H2 404 yq.js
erugmakers.com/ 0
0 523ms
522ms Script
text/html 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://erugmakers.com/yq.js
Requested by: Host: erugmakers.com
URL: https://erugmakers.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:23 GMT
content-encoding: gzip
server: nginx
etag: W/"6684f3ce-7cc"
vary: Accept-Encoding
content-type: text/html

GET
H2 200 cjx.js Show response
erugmakers.com/Plugins/apps/CaiJiXia/ 2 KB
2 KB 523ms
522ms Script
application/javascript 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/Plugins/apps/CaiJiXia/cjx.js

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

c5295e9bc5d73b08ca570e9b9aed94742d70ea16833fe3a9f11ae266225ed7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:23 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 15 Sep 2023 06:11:46 GMT
server: nginx
etag: W/"6503f5a2-9b8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 10 Aug 2024 16:44:23 GMT

GET
H2 200 logo.png
erugmakers.com/templets/default/images/ 8 KB
8 KB 523ms
522ms Image
image/png 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erugmakers.com/templets/default/images/logo.png

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

bdffa0de37a6bf633e80f90f7aa7d25b8f89f98c46626531a1d296803de521d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:23 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Jan 2018 15:03:32 GMT
server: nginx
etag: "5a54d9c4-1f7b"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8059
expires: Mon, 09 Sep 2024 04:44:23 GMT

GET
H2 200 thea4.js Show response
erugmakers.com/templets/default/js/ 18 B
230 B 527ms
527ms Script
application/javascript 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/templets/default/js/thea4.js

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

b16c6169d7d1a768c6c49f2ef79205fb7d74a47501f99a1f1a0be16e6629d679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:23 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Jan 2018 15:03:32 GMT
server: nginx
etag: "5a54d9c4-12"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 18
expires: Sat, 10 Aug 2024 16:44:23 GMT

GET
H2 200 thea1.js Show response
erugmakers.com/templets/default/js/ 18 B
230 B 257ms
256ms Script
application/javascript 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/templets/default/js/thea1.js

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

b16c6169d7d1a768c6c49f2ef79205fb7d74a47501f99a1f1a0be16e6629d679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:24 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Jan 2018 15:03:32 GMT
server: nginx
etag: "5a54d9c4-12"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 18
expires: Sat, 10 Aug 2024 16:44:24 GMT

GET
H2 200 defaultpic.gif
erugmakers.com/images/ 22 KB
22 KB 258ms
258ms Image
image/gif 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erugmakers.com/images/defaultpic.gif

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

adbea86f340cd71472f2fe970788e628164a0992752d5a4842c48d48b8d24824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:24 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 15 Sep 2023 12:50:00 GMT
server: nginx
etag: "650452f8-5690"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22160
expires: Mon, 09 Sep 2024 04:44:24 GMT

GET
H2 200 1-1P11622460EU.jpg
erugmakers.com/uploads/allimg/180116/ 17 KB
17 KB 259ms
257ms Image
image/jpeg 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erugmakers.com/uploads/allimg/180116/1-1P11622460EU.jpg

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

751058b7c0745bd7d12e92a485529d4d5773260d99446c77b6f6fdc94b0ed620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:24 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 02 Apr 2018 00:16:38 GMT
server: nginx
etag: "5ac17666-4347"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17223
expires: Mon, 09 Sep 2024 04:44:24 GMT

GET
H/1.1 200
OK js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 993ms
298ms Script
text/plain 154.85.69.3
LDPL-AS-AP LEGEND...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: erugmakers.com
URL: https://erugmakers.com/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.85.69.3 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software: openresty /
Resource Hash: c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

Referer: https://erugmakers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sat, 10 Aug 2024 04:44:25 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Ser: BC198_lt-obgp-fujian-xiamen-33-cache-1, BC8_DE-Frankfurt-Frankfurt-11-cache-1

GET
H2 200 index.js Show response
erugmakers.com/templets/default/js/ 8 KB
2 KB 258ms
257ms Script
application/javascript 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/templets/default/js/index.js

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

d4f585dcdfa072e635fb2afc32181a2cf67d3914a4b595937fa81eee436b4ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:24 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 07 Jan 2018 11:58:24 GMT
server: nginx
etag: W/"5a520b60-20eb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Sat, 10 Aug 2024 16:44:24 GMT

GET
H3 200 win.js Show response
kmting.com/ 98 B
598 B 78ms
17ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kmting.com/win.js

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

373ff920837bb98b6eb767be9b09b2ae098a6b57d785409d18ab00e815f4b4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 10 Aug 2024 04:44:24 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28699
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 09 Aug 2024 08:46:02 GMT
server: cloudflare
etag: W/"66b5d74a-62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMXfhyNgYejwBurL1P3GZyVeTWJUN5nsZBUG6jGnCFmPz7CbDZafHD7VMP3p%2B%2FO6B%2FhfAeY2WmwLL37LEYtoTpcmtez%2BUK9N7oqeAxUXMghn5RkZZ8hwndxUs2Io"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8b0d549bdd383a8a-FRA
expires: Sat, 10 Aug 2024 08:46:05 GMT

GET
H/1.1 200
OK win.js Show response
imto1ken.oss-ap-southeast-6.aliyuncs.com/ 3 KB
1 KB 983ms
317ms Script
application/javascript 8.212.139.121
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js
Requested by: Host: kmting.com
URL: https://kmting.com/win.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.212.139.121 Manila, Philippines, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 75db7796523ed5b0031b9bc28a6d84930249816fda8a52e6c0fcd068842d2b47

Request headers

Referer: https://erugmakers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sat, 10 Aug 2024 04:44:25 GMT
Content-Encoding: gzip
x-oss-request-id: 66B6F029F6BF733930A15AC0
Content-MD5: nkfOCqhYHQOT9TTs1xeHGA==
Transfer-Encoding: chunked
Content-Disposition: attachment
Connection: keep-alive
x-oss-object-type: Normal
Last-Modified: Fri, 09 Aug 2024 16:06:49 GMT
Server: AliyunOSS
Vary: Accept-Encoding
Content-Type: application/javascript
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 2318945258715581409
x-oss-server-time: 1

GET
H3 200 /
dl.im-dl.shop/ Frame 9450 0
0 1146ms
1055ms Document
text/html 172.67.191.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dl.im-dl.shop/

Requested by

Host: imto1ken.oss-ap-southeast-6.aliyuncs.com
URL: https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.68 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b0d54a33a541bcf-FRA
content-encoding: br
content-type: text/html
date: Sat, 10 Aug 2024 04:44:26 GMT
last-modified: Wed, 03 Apr 2024 05:45:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DFUmnicZVZ%2B2DsskX%2F3IA%2BP1O5vO%2FdxMpqrOvakVqZGDekbeqk%2BSrEfKnG%2F44He2tE%2Fu7TQAFFaiMCZPnrARjLYI5cRzngVykvW3wa9D0%2FtLDqHKT4EyF87Bj%2BwjN9aV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET yq.js
erugmakers.com/ 0
0

GET cjx.js
erugmakers.com/Plugins/apps/CaiJiXia/ 0
0

GET thea4.js
erugmakers.com/templets/default/js/ 0
0

GET thea1.js
erugmakers.com/templets/default/js/ 0
0

GET
H2 200 defaultpic.gif
erugmakers.com/images/ 22 KB
0 20ms
20ms Image
image/gif 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://erugmakers.com/images/defaultpic.gif
Requested by: Host: erugmakers.com
URL: https://erugmakers.com/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: adbea86f340cd71472f2fe970788e628164a0992752d5a4842c48d48b8d24824

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:24 GMT
last-modified: Fri, 15 Sep 2023 12:50:00 GMT
server: nginx
etag: "650452f8-5690"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22160
expires: Mon, 09 Sep 2024 04:44:24 GMT

GET js-sdk-pro.min.js
sdk.51.la/ 0
0

GET index.js
erugmakers.com/templets/default/js/ 0
0

GET
H2 200 sprite.png
erugmakers.com/templets/default/images/ 44 KB
44 KB 277ms
257ms Image
image/png 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erugmakers.com/templets/default/images/sprite.png

Requested by

Host: erugmakers.com
URL: https://erugmakers.com/templets/default/style/index.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

61da6d9876c7a886beb7ff1e61416331846e1522d1574c2eb56abf5b4833ecf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/templets/default/style/index.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:25 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 07 Jan 2018 12:29:12 GMT
server: nginx
etag: "5a521298-b024"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 45092
expires: Mon, 09 Sep 2024 04:44:25 GMT

GET
H2 200 favicon.ico
erugmakers.com/ 4 KB
4 KB 257ms
257ms Other
image/x-icon 154.93.194.198
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://erugmakers.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.93.194.198 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

5de760bb4cb68536a0bad4f5956624119dd77cdbed380aadcdc1030efec84512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://erugmakers.com/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 04:44:28 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 20 Jan 2024 11:27:43 GMT
server: nginx
etag: "65abae2f-10be"
content-type: image/x-icon
accept-ranges: bytes
content-length: 4286

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: erugmakers.com
URL: https://erugmakers.com/yq.js

Domain: erugmakers.com
URL: https://erugmakers.com/Plugins/apps/CaiJiXia/cjx.js

Domain: erugmakers.com
URL: https://erugmakers.com/templets/default/js/thea4.js

Domain: erugmakers.com
URL: https://erugmakers.com/templets/default/js/thea1.js

Domain: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js

Domain: erugmakers.com
URL: https://erugmakers.com/templets/default/js/index.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: imToken (Crypto)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.im-dl.shop/	1970-01-21 07:26:41	Name: cf_clearance Value: M11UMWAj1acbWx52DN5kXdA5UCWV1tA3SgyOstkum3g-1723265067-1.0.1.1-chzv_EKyyTcHaW0HWyMwN85EEF2Oh_radw5P.qqBYtqY20XQoetJlWW5VawyypN2sYa7mo.93xcVVexygDD8tg

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://erugmakers.com/yq.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://kmting.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://kmting.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://kmting.com/win.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://kmting.com/win.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://imto1ken.oss-ap-southeast-6.aliyuncs.com/win.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://erugmakers.com/index.html Message: Refused to load the script 'https://erugmakers.com/yq.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://erugmakers.com/index.html Message: Refused to load the script 'https://erugmakers.com/Plugins/apps/CaiJiXia/cjx.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://erugmakers.com/index.html Message: Refused to load the script 'https://erugmakers.com/templets/default/js/thea4.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://erugmakers.com/index.html Message: Refused to load the script 'https://erugmakers.com/templets/default/js/thea1.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://erugmakers.com/index.html(Line 1459) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-hS8t5neEvPK68LrKS++WyFJLK1yZqWn9fLb/cSVJbgk='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://erugmakers.com/index.html Message: Refused to load the script 'https://sdk.51.la/js-sdk-pro.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://erugmakers.com/index.html(Line 1491) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-QMcm1/1Bgujo2tL+7qFW1bo6BKXlD/6oOHojAcs4Ih4='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://erugmakers.com/index.html(Line 1493) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-5FBLq0M3CKxVRYNYfiJbCUkPlVwrs5C2JhFnt4UPWrs='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://erugmakers.com/index.html(Line 1527) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-SwX0c3VMyZ6C7fa2WSMvGNQ+NVJRtxSC8DMH0+14fh0='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://erugmakers.com/index.html Message: Refused to load the script 'https://erugmakers.com/templets/default/js/index.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dl.im-dl.shop
erugmakers.com
imto1ken.oss-ap-southeast-6.aliyuncs.com
kmting.com
sdk.51.la
erugmakers.com
sdk.51.la
154.85.69.3
154.93.194.198
172.67.191.68
188.114.97.3
8.212.139.121
0a025f1d6d50203eb4efa6be8fe3cb56eaa2a01e73f241d55c19a1b2d35eec56
2dbdd9f87b515af124ce313210e19ec45c4aec3a55da035c0d810dea9ec2b6c1
373ff920837bb98b6eb767be9b09b2ae098a6b57d785409d18ab00e815f4b4f4
5de760bb4cb68536a0bad4f5956624119dd77cdbed380aadcdc1030efec84512
61da6d9876c7a886beb7ff1e61416331846e1522d1574c2eb56abf5b4833ecf9
63f31f7a1ee6c7ad52f8383c27b78a6e76ec5ba14ecf83b34efb5bdb10f76ee4
751058b7c0745bd7d12e92a485529d4d5773260d99446c77b6f6fdc94b0ed620
75db7796523ed5b0031b9bc28a6d84930249816fda8a52e6c0fcd068842d2b47
a7f2b522c172e0509ba1ccea974b2916ca3e6b4a694826a77de27c7d026236a7
adbea86f340cd71472f2fe970788e628164a0992752d5a4842c48d48b8d24824
b16c6169d7d1a768c6c49f2ef79205fb7d74a47501f99a1f1a0be16e6629d679
bdffa0de37a6bf633e80f90f7aa7d25b8f89f98c46626531a1d296803de521d1
c5295e9bc5d73b08ca570e9b9aed94742d70ea16833fe3a9f11ae266225ed7a8
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
d4f585dcdfa072e635fb2afc32181a2cf67d3914a4b595937fa81eee436b4ea4
d8392af3d2747ad3f3baf95cd2b35af4fdac13d67c57f868b7937e99aca64336
db58e548a6d72a6c785919ee6ed882cccf015b1461ecd1dd5721a3fd5550af21
fa7aacc49aabc7b37f4076ac7d27de84e9d32bf500c3f8990e82b9e55d94243b

erugmakers.com Open in urlscan Pro 154.93.194.198 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

79 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

6 IPs

5 Countries

180 kBTransfer

397 kBSize

1 Cookies

11 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

26 JavaScript Global Variables

1 Cookies

15 Console Messages

Security Headers

Indicators

erugmakers.com Open in urlscan Pro
154.93.194.198 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

79 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

5
Countries

180 kB
Transfer

397 kB
Size

1
Cookies

28 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!