erugmakers.com
Open in
urlscan Pro
154.93.194.198
Malicious Activity!
Public Scan
Effective URL: https://erugmakers.com/index.html
Submission: On August 10 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R11 on July 11th 2024. Valid for: 3 months.
This is the only time erugmakers.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: imToken (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 19 | 154.93.194.198 154.93.194.198 | 134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service) | |
1 | 154.85.69.3 154.85.69.3 | 139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.) | |
1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 8.212.139.121 8.212.139.121 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
1 | 172.67.191.68 172.67.191.68 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 6 |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
imto1ken.oss-ap-southeast-6.aliyuncs.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
erugmakers.com
1 redirects
erugmakers.com |
165 KB |
1 |
im-dl.shop
dl.im-dl.shop |
|
1 |
aliyuncs.com
imto1ken.oss-ap-southeast-6.aliyuncs.com |
1 KB |
1 |
kmting.com
kmting.com |
598 B |
1 |
51.la
sdk.51.la — Cisco Umbrella Rank: 46121 |
13 KB |
28 | 5 |
Domain | Requested by | |
---|---|---|
19 | erugmakers.com |
1 redirects
erugmakers.com
|
1 | dl.im-dl.shop |
imto1ken.oss-ap-southeast-6.aliyuncs.com
|
1 | imto1ken.oss-ap-southeast-6.aliyuncs.com |
kmting.com
|
1 | kmting.com |
erugmakers.com
|
1 | sdk.51.la |
erugmakers.com
|
28 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cdcxhr.com |
cd-cl.com |
zjmingbang.com |
jinrpme.com |
tyanfu.com |
tubevisor.com |
baotaihk.com |
luohao.org |
yibenmodel.com |
huashuoguanwang.com |
0351house.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.erugmakers.com R11 |
2024-07-11 - 2024-10-09 |
3 months | crt.sh |
*.51.la Sectigo RSA Domain Validation Secure Server CA |
2024-05-14 - 2025-05-14 |
a year | crt.sh |
kmting.com WE1 |
2024-07-02 - 2024-09-30 |
3 months | crt.sh |
ap-southeast-6.oss.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-11-27 - 2024-12-28 |
a year | crt.sh |
im-dl.shop WE1 |
2024-08-09 - 2024-11-07 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://erugmakers.com/index.html
Frame ID: E16FFEC0B309CAD290DC089380B7720D
Requests: 27 HTTP requests in this frame
Frame:
https://dl.im-dl.shop/
Frame ID: 9450E7017ADEC9A48753E70A99AEEFB7
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
imToken_imToken下载_imtoken钱包电脑版下载Page URL History Show full URLs
-
https://erugmakers.com/
HTTP 301
https://erugmakers.com/index.html Page URL
Detected technologies
DedeCMS (CMS) ExpandDetected patterns
- dedeajax
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: im钱包
Search URL Search Domain Scan URL
Title: 冷钱包
Search URL Search Domain Scan URL
Title: im官网
Search URL Search Domain Scan URL
Title: im下载
Search URL Search Domain Scan URL
Title: imtoken官网地址
Search URL Search Domain Scan URL
Title: imtoken下载地址
Search URL Search Domain Scan URL
Title: imtoken冷钱包
Search URL Search Domain Scan URL
Title: imtoken官方下载
Search URL Search Domain Scan URL
Title: imToken下载
Search URL Search Domain Scan URL
Title: imToken钱包官网
Search URL Search Domain Scan URL
Title: imToken钱包
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://erugmakers.com/
HTTP 301
https://erugmakers.com/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
erugmakers.com/ Redirect Chain
|
84 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.8.1.min.js
erugmakers.com/templets/default/js/ |
105 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.css
erugmakers.com/templets/default/style/ |
14 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
erugmakers.com/templets/default/style/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
list.css
erugmakers.com/templets/default/style/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dedeajax2.js
erugmakers.com/include/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dj.js
erugmakers.com/ |
418 B 631 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yq.js
erugmakers.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cjx.js
erugmakers.com/Plugins/apps/CaiJiXia/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
erugmakers.com/templets/default/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thea4.js
erugmakers.com/templets/default/js/ |
18 B 230 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thea1.js
erugmakers.com/templets/default/js/ |
18 B 230 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultpic.gif
erugmakers.com/images/ |
22 KB 22 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1-1P11622460EU.jpg
erugmakers.com/uploads/allimg/180116/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js-sdk-pro.min.js
sdk.51.la/ |
34 KB 13 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
erugmakers.com/templets/default/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
win.js
kmting.com/ |
98 B 598 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
win.js
imto1ken.oss-ap-southeast-6.aliyuncs.com/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
dl.im-dl.shop/ Frame 9450 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
yq.js
erugmakers.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cjx.js
erugmakers.com/Plugins/apps/CaiJiXia/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
thea4.js
erugmakers.com/templets/default/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
thea1.js
erugmakers.com/templets/default/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defaultpic.gif
erugmakers.com/images/ |
22 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
js-sdk-pro.min.js
sdk.51.la/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
index.js
erugmakers.com/templets/default/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.png
erugmakers.com/templets/default/images/ |
44 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
erugmakers.com/ |
4 KB 4 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- erugmakers.com
- URL
- https://erugmakers.com/yq.js
- Domain
- erugmakers.com
- URL
- https://erugmakers.com/Plugins/apps/CaiJiXia/cjx.js
- Domain
- erugmakers.com
- URL
- https://erugmakers.com/templets/default/js/thea4.js
- Domain
- erugmakers.com
- URL
- https://erugmakers.com/templets/default/js/thea1.js
- Domain
- sdk.51.la
- URL
- https://sdk.51.la/js-sdk-pro.min.js
- Domain
- erugmakers.com
- URL
- https://erugmakers.com/templets/default/js/index.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: imToken (Crypto)26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| delCookie function| getCookie function| SetCookie function| _LOAD_SCRIPT_ object| _G_SCRIPT_lIST_ function| _LOAD_SCRIPT_DELAY_ function| _RUNNING_LOAD_SCRIPT_ function| ___getPageSize function| $ function| jQuery function| posterTvGrid string| DedeErrDisplay string| DedeWaitDisplay function| $DE function| DedeAjax function| InitXDom function| GetCookie function| CheckLogin string| l_a_n_g_age string| sen_type string| c_d1 string| c_d2 object| _hmt string| ZYS2$DTh2 string| l4$mtVUaU41 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.im-dl.shop/ | Name: cf_clearance Value: M11UMWAj1acbWx52DN5kXdA5UCWV1tA3SgyOstkum3g-1723265067-1.0.1.1-chzv_EKyyTcHaW0HWyMwN85EEF2Oh_radw5P.qqBYtqY20XQoetJlWW5VawyypN2sYa7mo.93xcVVexygDD8tg |
15 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dl.im-dl.shop
erugmakers.com
imto1ken.oss-ap-southeast-6.aliyuncs.com
kmting.com
sdk.51.la
erugmakers.com
sdk.51.la
154.85.69.3
154.93.194.198
172.67.191.68
188.114.97.3
8.212.139.121
0a025f1d6d50203eb4efa6be8fe3cb56eaa2a01e73f241d55c19a1b2d35eec56
2dbdd9f87b515af124ce313210e19ec45c4aec3a55da035c0d810dea9ec2b6c1
373ff920837bb98b6eb767be9b09b2ae098a6b57d785409d18ab00e815f4b4f4
5de760bb4cb68536a0bad4f5956624119dd77cdbed380aadcdc1030efec84512
61da6d9876c7a886beb7ff1e61416331846e1522d1574c2eb56abf5b4833ecf9
63f31f7a1ee6c7ad52f8383c27b78a6e76ec5ba14ecf83b34efb5bdb10f76ee4
751058b7c0745bd7d12e92a485529d4d5773260d99446c77b6f6fdc94b0ed620
75db7796523ed5b0031b9bc28a6d84930249816fda8a52e6c0fcd068842d2b47
a7f2b522c172e0509ba1ccea974b2916ca3e6b4a694826a77de27c7d026236a7
adbea86f340cd71472f2fe970788e628164a0992752d5a4842c48d48b8d24824
b16c6169d7d1a768c6c49f2ef79205fb7d74a47501f99a1f1a0be16e6629d679
bdffa0de37a6bf633e80f90f7aa7d25b8f89f98c46626531a1d296803de521d1
c5295e9bc5d73b08ca570e9b9aed94742d70ea16833fe3a9f11ae266225ed7a8
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
d4f585dcdfa072e635fb2afc32181a2cf67d3914a4b595937fa81eee436b4ea4
d8392af3d2747ad3f3baf95cd2b35af4fdac13d67c57f868b7937e99aca64336
db58e548a6d72a6c785919ee6ed882cccf015b1461ecd1dd5721a3fd5550af21
fa7aacc49aabc7b37f4076ac7d27de84e9d32bf500c3f8990e82b9e55d94243b