tajbooksstore.com Open in urlscan Pro
185.224.138.31 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.jjbexports.com/wp-content/plugins/revslider/languages/LoadGov.php
Effective URL:
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm
Submission: On April 06 via manual (April 6th 2021, 4:56:28 am UTC) from AU

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 185.224.138.31, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is tajbooksstore.com.

This is the only time tajbooksstore.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	166.62.28.128 166.62.28.128	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 19	185.224.138.31 185.224.138.31	47583 (AS-HOSTINGER) (AS-HOSTINGER)
18	1

1 166.62.28.128 (Singapore, Singapore) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-166-62-28-128.ip.secureserver.net

www.jjbexports.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 185.224.138.31 (Germany) 1 redirects

ASN47583 (AS-HOSTINGER, CY)

tajbooksstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	tajbooksstore.com 1 redirects tajbooksstore.com	324 KB
1	jjbexports.com 1 redirects www.jjbexports.com	241 B
18	2

	Domain	Requested by
19	tajbooksstore.com	1 redirects tajbooksstore.com
1	www.jjbexports.com	1 redirects
18	2

This site contains links to these domains. Also see Links.

Domain
my.gov.au

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm
Frame ID: CFD9CBBBCA20128AFACE0CBE816FA8E4
Requests: 11 HTTP requests in this frame

Frame: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html
Frame ID: 38D8C8181D9AF67E1E3F67F9D3CFB3A0
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.jjbexports.com/wp-content/plugins/revslider/languages/LoadGov.php HTTP 302
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/ HTTP 302
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/inde... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

18
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

324 kB
Transfer

1107 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://my.gov.au/LoginServices/main/login?execution=e1s1
Title: Skip to Ask a question

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.jjbexports.com/wp-content/plugins/revslider/languages/LoadGov.php HTTP 302
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/ HTTP 302
http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.htm Show response tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/ Redirect Chain https://www.jjbexports.com/wp-content/plugins/revslider/languages/LoadGov.php http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/ http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm	12 KB 4 KB	31ms 30ms	Document text/html	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `d1395afed2e6f21280082d85665ab63ff1d8521fca5d50ab755dd1891f69ff1f` Request headers Host tajbooksstore.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Connection Keep-Alive Content-Type text/html Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Etag "2f55-606b7e69-f2c402b6d08539ff;gz" Accept-Ranges bytes Content-Encoding gzip Vary Accept-Encoding Content-Length 3612 Date Tue, 06 Apr 2021 04:56:12 GMT Server LiteSpeed Redirect headers Connection Keep-Alive X-Powered-By PHP/7.4.11 Location data/swixPanel/index.htm Content-Type text/html; charset=UTF-8 Content-Length 0 Date Tue, 06 Apr 2021 04:56:11 GMT Server LiteSpeed Cache-Control no-cache, no-store, must-revalidate, max-age=0
GET H/1.1	200 OK	dtagent_ICA23STVjrx_7000100291007.js.download Show response tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/	117 KB 45 KB	31ms 30ms	Script text/plain	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/dtagent_ICA23STVjrx_7000100291007.js.download Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `cef1c40d2ce418dc00014807478f24ee21988a1cf32be3e991012c17039ae528` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "1d366-606b7e69-159e44e76794804;gz" Vary Accept-Encoding Content-Type text/plain Connection Keep-Alive Accept-Ranges bytes Content-Length 45922
GET H/1.1	200 OK	mgv2-application.css tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/	114 KB 20 KB	60ms 42ms	Stylesheet text/css	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/mgv2-application.css Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `bd56692303457b8824c9592aa41dfef0e39459d36cf3ecff447c3dd39e827fde` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "1c8a9-606b7e69-6e5514cafea47fcc;gz" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 19853 Expires Tue, 13 Apr 2021 04:56:12 GMT
GET H/1.1	200 OK	austgovt-inline-white.svg tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/	113 KB 34 KB	59ms 59ms	Image image/svg+xml	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/austgovt-inline-white.svg Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "1c460-606b7e69-dfc041c868476ab;gz" Vary Accept-Encoding Content-Type image/svg+xml Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 34462 Expires Tue, 13 Apr 2021 04:56:12 GMT
GET H/1.1	200 OK	mygov-logo.svg tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/	2 KB 2 KB	60ms 42ms	Image image/svg+xml	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/mygov-logo.svg Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "8a1-606b7e69-23ec030bad53a2ae;gz" Vary Accept-Encoding Content-Type image/svg+xml Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 1178 Expires Tue, 13 Apr 2021 04:56:12 GMT
GET H/1.1	200 OK	dismiss-x.svg tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/	839 B 815 B	60ms 42ms	Image image/svg+xml	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/dismiss-x.svg Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `a3e9863b69280adb1c01eb12d33cb2fbaeecd5423e15400caad5ff4a5e4aeac9` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "347-606b7e69-598c5cccd18aa850;gz" Vary Accept-Encoding Content-Type image/svg+xml Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 430 Expires Tue, 13 Apr 2021 04:56:12 GMT
GET H/1.1	200 OK	austgovt-inline.svg tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/	113 KB 34 KB	60ms 43ms	Image image/svg+xml	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/austgovt-inline.svg Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `f123bda4af8b57bf1a683920703c7841ba38aa4a98c02ef01b92d2b1d2696132` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "1c45e-606b7e69-3a4f4f6b320f608;gz" Vary Accept-Encoding Content-Type image/svg+xml Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 34467 Expires Tue, 13 Apr 2021 04:56:12 GMT
GET H/1.1	200 OK	saved_resource.html Show response tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8	5 KB 2 KB	36ms 30ms	Document text/html	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `71053084d83400ad51ce9543663414c4f451ce653f51b9dce05dea752e4eacfa` Request headers Host tajbooksstore.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Accept-Encoding gzip, deflate Accept-Language en-US Cookie dtCookie=S66KHL8O39LKLEPUN8HN64B4QJE4DODS; dtPC=84972111_5h1; dtSa=-; dtLatC=4578 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm Response headers Connection Keep-Alive Content-Type text/html Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Etag "1307-606b7e69-c5e7e392c6adbad3;gz" Accept-Ranges bytes Content-Encoding gzip Vary Accept-Encoding Content-Length 1593 Date Tue, 06 Apr 2021 04:56:12 GMT Server LiteSpeed
GET H/1.1	404 Not Found	link-arrow.svg tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/icons/	2 KB 2 KB	45ms 42ms	Image text/html	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/icons/link-arrow.svg Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/mgv2-application.css Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/mgv2-application.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Tue, 25 Jun 2019 07:06:59 GMT Server LiteSpeed Etag "999-5d11c813-724741b733afdf2b;gz" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Content-Length 1159
GET H/1.1	404 Not Found	va_arrowup.svg tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/icons/	2 KB 2 KB	52ms 31ms	Image text/html	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/icons/va_arrowup.svg Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/mgv2-application.css Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/mgv2-application.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Tue, 25 Jun 2019 07:06:59 GMT Server LiteSpeed Etag "999-5d11c813-724741b733afdf2b;gz" Vary Accept-Encoding Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Content-Length 1159
GET H/1.1	200 OK	botchat.css tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8	20 KB 7 KB	31ms 30ms	Stylesheet text/css	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/botchat.css Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `e24c13b1ad998bdf3a2b66508f87db27891825d181a06704b1fdd1a86336e680` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "5143-606b7e69-fcb9047d6a0d39d3;gz" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 7104 Expires Tue, 13 Apr 2021 04:56:12 GMT
GET H/1.1	200 OK	botchat-fullwindow.css tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8	297 B 630 B	31ms 30ms	Stylesheet text/css	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/botchat-fullwindow.css Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `1870ce18de5358bfc0d09edfc4eae4968d43461c57a22b10a3aacc792479e33d` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "129-606b7e69-3465a7fb2a873236;;;" Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 297 Expires Tue, 13 Apr 2021 04:56:12 GMT
GET H/1.1	200 OK	botchat-dhs.css tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8	25 KB 2 KB	31ms 30ms	Stylesheet text/css	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/botchat-dhs.css Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `0d3e9721ffc3bd9d8ca6308452cfe9d2eaf51b5f37b74093c4e05996bfa11611` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "623e-606b7e69-800cd0b30020991a;gz" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 2138 Expires Tue, 13 Apr 2021 04:56:12 GMT
GET H/1.1	200 OK	bot.css tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8	3 KB 1 KB	31ms 30ms	Stylesheet text/css	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/bot.css Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `8b8bd40554a405f3fe0982cd9f5d3d759810de50384c86ebf8fdd802814a4100` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "db0-606b7e69-8e195230bd3512b9;gz" Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 945 Expires Tue, 13 Apr 2021 04:56:12 GMT
GET H/1.1	200 OK	botchat.js.download Show response tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8	495 KB 143 KB	31ms 30ms	Script text/plain	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/botchat.js.download Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `351f51b382b9e3dbfd45d70ce61df4328963f32246e4523e21cfb2aba7d9bea0` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "7bb63-606b7e69-ddb6a4f93fc5bb04;gz" Vary Accept-Encoding Content-Type text/plain Connection Keep-Alive Accept-Ranges bytes Content-Length 146329
GET H/1.1	200 OK	sha256.js.download Show response tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/ Frame 38D8	10 KB 4 KB	31ms 30ms	Script text/plain	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/sha256.js.download Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash `13d9a59399891dc5420e0c4faa65feb6fe0a5422a9ca388d3e7706ed56f679bf` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/saved_resource.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 06 Apr 2021 04:56:12 GMT Content-Encoding gzip Last-Modified Mon, 05 Apr 2021 21:17:29 GMT Server LiteSpeed Etag "26db-606b7e69-ffc9251633c7928e;gz" Vary Accept-Encoding Content-Type text/plain Connection Keep-Alive Accept-Ranges bytes Content-Length 4022
POST H/1.1	404 Not Found	dynaTraceMonitor Show response tajbooksstore.com/LoginServices/main/	36 KB 9 KB	471ms 471ms	XHR text/html	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/LoginServices/main/dynaTraceMonitor?type=js&flavor=post&referer=http%3A%2F%2Ftajbooksstore.com%2Fwp-content%2Fthemes%2Fi-craft%2Fcss%2Finc%2F-%2FAustralianGovernment%2Fdata%2FswixPanel%2Findex.htm&app=MyGov&format=lzw Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/dtagent_ICA23STVjrx_7000100291007.js.download Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/7.4.11 Resource Hash `b82cc4ec8d618d0c49dc1080017a09bf3ff0dcfeeaa979b6af85652dc3cd5d15` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/octet-stream Response headers Date Tue, 06 Apr 2021 04:56:14 GMT Content-Encoding gzip Server LiteSpeed X-Powered-By PHP/7.4.11 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 X-LiteSpeed-Cache-Control no-cache Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection Keep-Alive Link <http://tajbooksstore.com/index.php/wp-json/>; rel="https://api.w.org/" Expires Wed, 11 Jan 1984 05:00:00 GMT
POST H/1.1	404 Not Found	dynaTraceMonitor Show response tajbooksstore.com/LoginServices/main/	36 KB 9 KB	276ms 275ms	XHR text/html	185.224.138.31 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL http://tajbooksstore.com/LoginServices/main/dynaTraceMonitor?type=js&flavor=post&referer=http%3A%2F%2Ftajbooksstore.com%2Fwp-content%2Fthemes%2Fi-craft%2Fcss%2Finc%2F-%2FAustralianGovernment%2Fdata%2FswixPanel%2Findex.htm&app=MyGov&format=lzw Requested by Host: tajbooksstore.com URL: http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/instrument_files/dtagent_ICA23STVjrx_7000100291007.js.download Protocol HTTP/1.1 Server 185.224.138.31 , Germany, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / PHP/7.4.11 Resource Hash `b82cc4ec8d618d0c49dc1080017a09bf3ff0dcfeeaa979b6af85652dc3cd5d15` Request headers Referer http://tajbooksstore.com/wp-content/themes/i-craft/css/inc/-/AustralianGovernment/data/swixPanel/index.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/octet-stream Response headers Date Tue, 06 Apr 2021 04:56:16 GMT Content-Encoding gzip Server LiteSpeed X-Powered-By PHP/7.4.11 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 X-LiteSpeed-Cache-Control no-cache Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <http://tajbooksstore.com/index.php/wp-json/>; rel="https://api.w.org/" Content-Length 9244 Expires Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tajbooksstore.com/	1969-12-31 23:59:59	Name: dtPC Value: 84972111_5h2
tajbooksstore.com/	1969-12-31 23:59:59	Name: dtLatC Value: 4578
tajbooksstore.com/	1969-12-31 23:59:59	Name: dtSa Value: -
tajbooksstore.com/	1969-12-31 23:59:59	Name: dtCookie Value: S66KHL8O39LKLEPUN8HN64B4QJE4DODS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tajbooksstore.com
www.jjbexports.com
166.62.28.128
185.224.138.31
0d3e9721ffc3bd9d8ca6308452cfe9d2eaf51b5f37b74093c4e05996bfa11611
13d9a59399891dc5420e0c4faa65feb6fe0a5422a9ca388d3e7706ed56f679bf
1870ce18de5358bfc0d09edfc4eae4968d43461c57a22b10a3aacc792479e33d
351f51b382b9e3dbfd45d70ce61df4328963f32246e4523e21cfb2aba7d9bea0
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721
71053084d83400ad51ce9543663414c4f451ce653f51b9dce05dea752e4eacfa
8b8bd40554a405f3fe0982cd9f5d3d759810de50384c86ebf8fdd802814a4100
91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb
a3e9863b69280adb1c01eb12d33cb2fbaeecd5423e15400caad5ff4a5e4aeac9
b82cc4ec8d618d0c49dc1080017a09bf3ff0dcfeeaa979b6af85652dc3cd5d15
bd56692303457b8824c9592aa41dfef0e39459d36cf3ecff447c3dd39e827fde
cef1c40d2ce418dc00014807478f24ee21988a1cf32be3e991012c17039ae528
d1395afed2e6f21280082d85665ab63ff1d8521fca5d50ab755dd1891f69ff1f
e24c13b1ad998bdf3a2b66508f87db27891825d181a06704b1fdd1a86336e680
f123bda4af8b57bf1a683920703c7841ba38aa4a98c02ef01b92d2b1d2696132

tajbooksstore.com Open in urlscan Pro 185.224.138.31 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

324 kBTransfer

1107 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

4 Cookies

Indicators

tajbooksstore.com Open in urlscan Pro
185.224.138.31 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

324 kB
Transfer

1107 kB
Size

4
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!