tajbooksstore.com
Open in
urlscan Pro
185.224.138.31
Malicious Activity!
Public Scan
Effective URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm
Submission: On April 06 via manual from AU
Summary
This is the only time tajbooksstore.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Australian Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 166.62.28.128 166.62.28.128 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 19 | 185.224.138.31 185.224.138.31 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
18 | 1 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-166-62-28-128.ip.secureserver.net
www.jjbexports.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
tajbooksstore.com
1 redirects
tajbooksstore.com |
324 KB |
1 |
jjbexports.com
1 redirects
www.jjbexports.com |
241 B |
18 | 2 |
Domain | Requested by | |
---|---|---|
19 | tajbooksstore.com |
1 redirects
tajbooksstore.com
|
1 | www.jjbexports.com | 1 redirects |
18 | 2 |
Subject Issuer | Validity | Valid |
---|
This page contains 2 frames:
Primary Page:
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm
Frame ID: CFD9CBBBCA20128AFACE0CBE816FA8E4
Requests: 11 HTTP requests in this frame
Frame:
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html
Frame ID: 38D8C8181D9AF67E1E3F67F9D3CFB3A0
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.jjbexports.com/wp-content/plugins/revslider/languages/LoadGov.php
HTTP 302
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/ HTTP 302
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/inde... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
LiteSpeed (Web Servers) Expand
Detected patterns
- headers server /^LiteSpeed$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Skip to Ask a question
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.jjbexports.com/wp-content/plugins/revslider/languages/LoadGov.php
HTTP 302
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/ HTTP 302
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.htm
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dtagent_ICA23STVjrx_7000100291007.js.download
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ |
117 KB 45 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mgv2-application.css
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ |
114 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
austgovt-inline-white.svg
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ |
113 KB 34 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mygov-logo.svg
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dismiss-x.svg
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ |
839 B 815 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
austgovt-inline.svg
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ |
113 KB 34 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.html
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8 |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
link-arrow.svg
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/icons/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
va_arrowup.svg
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/icons/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
botchat.css
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8 |
20 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
botchat-fullwindow.css
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8 |
297 B 630 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
botchat-dhs.css
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8 |
25 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bot.css
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8 |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
botchat.js.download
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8 |
495 KB 143 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sha256.js.download
tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8 |
10 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dynaTraceMonitor
tajbooksstore.com/LoginServices/main/ |
36 KB 9 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
dynaTraceMonitor
tajbooksstore.com/LoginServices/main/ |
36 KB 9 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Australian Government (Government)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| dT_ object| dynaTrace4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
tajbooksstore.com/ | Name: dtPC Value: 84972111_5h2 |
|
tajbooksstore.com/ | Name: dtLatC Value: 4578 |
|
tajbooksstore.com/ | Name: dtSa Value: - |
|
tajbooksstore.com/ | Name: dtCookie Value: S66KHL8O39LKLEPUN8HN64B4QJE4DODS |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
tajbooksstore.com
www.jjbexports.com
166.62.28.128
185.224.138.31
0d3e9721ffc3bd9d8ca6308452cfe9d2eaf51b5f37b74093c4e05996bfa11611
13d9a59399891dc5420e0c4faa65feb6fe0a5422a9ca388d3e7706ed56f679bf
1870ce18de5358bfc0d09edfc4eae4968d43461c57a22b10a3aacc792479e33d
351f51b382b9e3dbfd45d70ce61df4328963f32246e4523e21cfb2aba7d9bea0
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721
71053084d83400ad51ce9543663414c4f451ce653f51b9dce05dea752e4eacfa
8b8bd40554a405f3fe0982cd9f5d3d759810de50384c86ebf8fdd802814a4100
91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb
a3e9863b69280adb1c01eb12d33cb2fbaeecd5423e15400caad5ff4a5e4aeac9
b82cc4ec8d618d0c49dc1080017a09bf3ff0dcfeeaa979b6af85652dc3cd5d15
bd56692303457b8824c9592aa41dfef0e39459d36cf3ecff447c3dd39e827fde
cef1c40d2ce418dc00014807478f24ee21988a1cf32be3e991012c17039ae528
d1395afed2e6f21280082d85665ab63ff1d8521fca5d50ab755dd1891f69ff1f
e24c13b1ad998bdf3a2b66508f87db27891825d181a06704b1fdd1a86336e680
f123bda4af8b57bf1a683920703c7841ba38aa4a98c02ef01b92d2b1d2696132