ero-safehub.com
210.157.79.147 Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://ero-safehub.com/ 10mo old
Submission: On March 12 via api (March 12th 2026, 9:10:59 am UTC) from US — Scanned from JP

Summary HTTP 60 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 10 domains to perform 60 HTTP transactions. The main IP is 210.157.79.147, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is ero-safehub.com. 10mo old
TLS certificate: Issued by R12 on January 29th 2026. Valid for: 3mo.

This is the only time ero-safehub.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DMM.com (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
1 14	210.157.79.147 210.157.79.147	131965 (XSERVER X...) (XSERVER Xserver Inc.)
2	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2404:6800:400... 2404:6800:4001:813::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	202.226.37.225 202.226.37.225	131965 (XSERVER X...) (XSERVER Xserver Inc.)
2	2404:6800:400... 2404:6800:4004:801::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	3.165.11.46 3.165.11.46	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	157.112.86.142 157.112.86.142	23620 (DMM DMM.c...) (DMM DMM.com LLC)
6	3.165.11.79 3.165.11.79	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2606:4700::68... 2606:4700::6810:afe2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	104.16.174.226 104.16.174.226	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	3.165.24.51 3.165.24.51	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
11	3.175.224.225 3.175.224.225	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	172.217.25.67 172.217.25.67	15169 (GOOGLE) (GOOGLE - Google LLC)
4	140.174.2.195 140.174.2.195	30212 (HYPERMEDI...) (HYPERMEDIA-SYSTEMS - Hypermedia Systems)
1	18.172.52.9 18.172.52.9	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
60	17

14 210.157.79.147 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv6806.wpx.ne.jp

ero-safehub.com 10mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700:3036::6815:1b98 (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

use.fontawesome.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2404:6800:4001:813::200a (Australia)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 202.226.37.225 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: webmail.xserver.jp

webfonts.xserver.jp 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2404:6800:4004:801::200a (Australia)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com 56yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 3.165.11.46 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-3-165-11-46.nrt12.r.cloudfront.net

widget-view.dmm.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
widget-view.dmm.co.jp 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 157.112.86.142 (Japan)

ASN23620 (DMM DMM.com LLC, JP)
PTR: 157-112-86-142.dmm.jp

widget-api.dmm.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
widget-api.dmm.co.jp 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 3.165.11.79 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-3-165-11-79.nrt12.r.cloudfront.net

widget-view.dmm.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2606:4700::6810:afe2 (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.16.174.226 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 3.165.24.51 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-3-165-24-51.nrt12.r.cloudfront.net

pics.dmm.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
p.dmm.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.18.10.207 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

stackpath.bootstrapcdn.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

11 3.175.224.225 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-3-175-224-225.nrt12.r.cloudfront.net

pics.dmm.co.jp 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
p.dmm.co.jp 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.217.25.67 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: nrt13s50-in-f3.1e100.net

fonts.gstatic.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 140.174.2.195 (United States)

ASN30212 (HYPERMEDIA-SYSTEMS - Hypermedia Systems, Inc., US)

pixelarchivenow.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 18.172.52.9 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-18-172-52-9.nrt20.r.cloudfront.net

imp.dmm.co.jp 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
14	dmm.co.jp pics.dmm.co.jp — Cisco Umbrella Rank: 80722 9yr old widget-view.dmm.co.jp 7yr old widget-api.dmm.co.jp 7yr old p.dmm.co.jp — Cisco Umbrella Rank: 559692 9yr old imp.dmm.co.jp 7yr old	2 MB
14	dmm.com widget-view.dmm.com 7yr old widget-api.dmm.com 7yr old pics.dmm.com — Cisco Umbrella Rank: 358973 9yr old p.dmm.com 9yr old	417 KB
14	ero-safehub.com 1 redirects ero-safehub.com 10mo old	97 KB
4	pixelarchivenow.com pixelarchivenow.com 2yr old	217 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 398 13yr old	84 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 726 9yr old fonts.googleapis.com — Cisco Umbrella Rank: 81 56yr old	32 KB
2	gstatic.com fonts.gstatic.com 9yr old	433 KB
2	xserver.jp webfonts.xserver.jp — Cisco Umbrella Rank: 679858 8yr old	48 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1652 10yr old	33 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4562 8yr old	7 KB
60	10

	Domain	Requested by
14	ero-safehub.com	1 redirects ero-safehub.com
10	pics.dmm.co.jp	ero-safehub.com
7	widget-view.dmm.com	ero-safehub.com widget-view.dmm.com
4	pixelarchivenow.com	ero-safehub.com
4	cdn.jsdelivr.net	ero-safehub.com
3	pics.dmm.com	widget-view.dmm.com ero-safehub.com
2	fonts.gstatic.com	fonts.googleapis.com
2	p.dmm.com	widget-view.dmm.com
2	widget-api.dmm.com	widget-view.dmm.com
2	fonts.googleapis.com	ero-safehub.com
2	webfonts.xserver.jp	ero-safehub.com webfonts.xserver.jp
2	use.fontawesome.com	ero-safehub.com
1	imp.dmm.co.jp	ero-safehub.com
1	p.dmm.co.jp	ero-safehub.com
1	widget-api.dmm.co.jp	widget-view.dmm.co.jp
1	widget-view.dmm.co.jp	ero-safehub.com
1	stackpath.bootstrapcdn.com	ero-safehub.com
1	ajax.googleapis.com	ero-safehub.com
60	18

This site contains links to these domains. Also see Links.

Domain
al.fanza.co.jp
clear-tv.com
affiliate.dmm.com
thk.kanzae.net
al.dmm.com

Subject Issuer	Validity	Valid
www.ero-safehub.com R12	`2026-01-29` - `2026-04-29`	3mo	crt.sh
use.fontawesome.com WE1	`2026-02-23` - `2026-05-24`	3mo	crt.sh
upload.video.google.com WR2	`2026-02-02` - `2026-04-27`	3mo	crt.sh
*.xserver.jp CloudSecure RSA Domain Validation Secure Server CA 2	`2025-04-05` - `2026-05-06`	1yr	crt.sh
widget-view.dmm.com Amazon RSA 2048 M02	`2025-07-24` - `2026-08-21`	1yr	crt.sh
*.dmm.com GlobalSign RSA OV SSL CA 2018	`2026-02-20` - `2027-03-24`	1yr	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2025-04-25` - `2026-05-04`	1yr	crt.sh
p.dmm.com GlobalSign RSA OV SSL CA 2018	`2025-05-19` - `2026-06-20`	1yr	crt.sh
bootstrapcdn.com WE1	`2026-03-05` - `2026-06-03`	3mo	crt.sh
*.gstatic.com WR2	`2026-02-02` - `2026-04-27`	3mo	crt.sh
*.dmm.co.jp GlobalSign RSA OV SSL CA 2018	`2026-02-20` - `2027-03-24`	1yr	crt.sh
pixelarchivenow.com R12	`2026-02-26` - `2026-05-27`	3mo	crt.sh
imp.dmm.co.jp Amazon RSA 2048 M04	`2025-09-28` - `2026-10-26`	1yr	crt.sh

This page contains 3 frames:

Primary Page: https://ero-safehub.com/
Frame ID: 9ADA4A0EBCE8053B88B53FA03E5C3CDB
Requests: 50 HTTP requests in this frame

Frame: https://widget-view.dmm.com/item_list/?adid=503aa803d69f64e977e64ab32cb59cdd&affiliate_id=erosafehub-002&site=DMM.com&service=lod&floor=akb48&reserve=all&sort=rank&size=300_250&content=image&effect=fix&auto_play=0&show_price=1&show_border=1&target_blank=1&image_size=small&algo=ranking&show_rank=1
Frame ID: 3FDA728DF6ADF506B3401E42636E1B6C
Requests: 5 HTTP requests in this frame

Frame: https://widget-view.dmm.com/item_list/?adid=503aa803d69f64e977e64ab32cb59cdd&affiliate_id=erosafehub-002&site=DMM.com&service=lod&floor=akb48&reserve=all&sort=rank&size=300_250&content=image&effect=fix&auto_play=0&show_price=1&show_border=1&target_blank=1&image_size=small&algo=ranking&show_rank=1
Frame ID: 4F49726C33944A1A97E4DFB583CB04C8
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Warning

This screenshot might contain NSFW content. Hover to show image.

Page Title

エログッドセレクト